Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
https://www.ultraviewer.net/en/

Overview

General Information

Sample URL:https://www.ultraviewer.net/en/
Analysis ID:1373365

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Creates files inside the system directory
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 1368 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.ultraviewer.net/en/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 5428 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1804,i,16945670540944234940,16362104419648313103,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

  • Phishing
  • Compliance
  • Networking
  • System Summary
  • Boot Survival

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://www.ultraviewer.net/en/HTTP Parser: No favicon
Source: https://www.ultraviewer.net/en/HTTP Parser: No favicon
Source: https://www.ultraviewer.net/en/HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49911 version: TLS 1.0
Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49909 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49912 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49911 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknownTCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknownTCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownDNS traffic detected: queries for: www.ultraviewer.net
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49914 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49915
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49914
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49912
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49911
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49899 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49909
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49908
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49907
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49906
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49905
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49904
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49903
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49902
Source: unknownNetwork traffic detected: HTTP traffic on port 49903 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49901
Source: unknownNetwork traffic detected: HTTP traffic on port 49888 -> 443
Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49909 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49912 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_BITS_1368_1866682719
Source: classification engineClassification label: clean1.win@14/226@14/175
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.ultraviewer.net/en/
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1804,i,16945670540944234940,16362104419648313103,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1804,i,16945670540944234940,16362104419648313103,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpactResource DevelopmentReconnaissance
Valid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		11
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network Medium2
Encrypted Channel		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationAbuse Accessibility FeaturesAcquire InfrastructureGather Victim Identity Information
Default AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth1
Non-Application Layer Protocol		SIM Card SwapObtain Device Cloud BackupsNetwork Denial of ServiceDomainsCredentials
Domain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration2
Application Layer Protocol		Data Encrypted for ImpactDNS ServerEmail Addresses

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://www.ultraviewer.net/en/0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
scontent.xx.fbcdn.net
31.13.66.19
truefalse
    		high
    accounts.google.com
    		142.251.163.84
    		truefalse
      		high
      cdn-aws.ultraviewer.net
      		159.223.149.135
      		truefalse
        		high
        www.google.com
        		172.253.62.104
        		truefalse
          		high
          clients.l.google.com
          		172.253.62.102
          		truefalse
            		high
            clients1.google.com
            		unknown
            		unknownfalse
              		high
              clients2.google.com
              		unknown
              		unknownfalse
                		high
                connect.facebook.net
                		unknown
                		unknownfalse
                  		high
                  www.ultraviewer.net
                  		unknown
                  		unknownfalse
                    		high

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://www.ultraviewer.net/en/false
                      		high

                      World Map of Contacted IPs

                      • No. of IPs < 25%
                      • 25% < No. of IPs < 50%
                      • 50% < No. of IPs < 75%
                      • 75% < No. of IPs

                      Public IPs

                      IPDomainCountryFlagASNASN NameMalicious
                      1.1.1.1
                      		unknownAustralia
                      		13335CLOUDFLARENETUSfalse
                      142.251.179.95
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      159.223.149.135
                      		cdn-aws.ultraviewer.netUnited States
                      		46118CELANESE-USfalse
                      142.250.31.113
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      31.13.66.19
                      		scontent.xx.fbcdn.netIreland
                      		32934FACEBOOKUSfalse
                      137.184.91.152
                      		unknownUnited States
                      		11003PANDGUSfalse
                      239.255.255.250
                      		unknownReserved
                      		unknownunknownfalse
                      172.253.115.100
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      142.250.31.94
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      142.251.16.94
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      172.253.62.104
                      		www.google.comUnited States
                      		15169GOOGLEUSfalse
                      172.253.115.97
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      172.253.115.94
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      142.251.163.84
                      		accounts.google.comUnited States
                      		15169GOOGLEUSfalse
                      172.253.62.102
                      		clients.l.google.comUnited States
                      		15169GOOGLEUSfalse
                      172.253.115.95
                      		unknownUnited States
                      		15169GOOGLEUSfalse

                      Private

                      IP
                      192.168.2.16

                      General Information

                      Joe Sandbox version:38.0.0 Ammolite
                      Analysis ID:1373365
                      Start date and time:2024-01-11 22:33:01 +01:00
                      Joe Sandbox product:CloudBasic
                      Overall analysis duration:
                      Hypervisor based Inspection enabled:false
                      Report type:full
                      Cookbook file name:defaultwindowsinteractivecookbook.jbs
                      Sample URL:https://www.ultraviewer.net/en/
                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                      Number of analysed new started processes analysed:7
                      Number of new started drivers analysed:0
                      Number of existing processes analysed:0
                      Number of existing drivers analysed:0
                      Number of injected processes analysed:0
                      Technologies:
                      • EGA enabled
                      Analysis Mode:stream
                      Analysis stop reason:Timeout
                      Detection:CLEAN
                      Classification:clean1.win@14/226@14/175
                      • Exclude process from analysis (whitelisted): SIHClient.exe
                      • Excluded IPs from analysis (whitelisted): 172.253.115.94, 34.104.35.123, 172.253.115.95, 142.250.31.94, 172.253.115.97, 142.250.31.113, 142.250.31.102, 142.250.31.100, 142.250.31.138, 142.250.31.101, 142.250.31.139
                      • Excluded domains from analysis (whitelisted): fonts.googleapis.com, edgedl.me.gvt1.com, fonts.gstatic.com, www.googletagmanager.com, clientservices.googleapis.com, www.google-analytics.com
                      • Not all processes where analyzed, report is missing behavior information
                      • VT rate limit hit for: https://www.ultraviewer.net/en/

                      Created / dropped Files

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 11 20:33:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2673
                      Entropy (8bit):3.9834617062021453
                      Encrypted:false
                      SSDEEP:
                      MD5:FE4CB60BFE6A2E76905437B224AC4A8B
                      SHA1:96A400AE5B07ECA8220F19D6BC1443C2C7B37C38
                      SHA-256:F7DC7FE807BAEB6DC5524F0FF8FE8DA9023BE3C847F95E8AFB36CABDBE57D699
                      SHA-512:05DDDFAF7E98E1D2F91B31AC79B9A2A836DE7CB427022DFAD3050CE0B0EF05D0933FAD4F8C43E158339E84FFD3909B55856B2B0EFD757FE03322ADE215BC6A1E
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,...../...D..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I+X'.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V+X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V+X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V+X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V+X/............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............)......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 11 20:33:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2675
                      Entropy (8bit):3.99902409299203
                      Encrypted:false
                      SSDEEP:
                      MD5:049B1996C7E9C5B379D17F46C43B09B4
                      SHA1:DA2BE20E9AEED341AEB76A7DE4F0319CCAA851A7
                      SHA-256:C37FFD48A706C40DC5F47F805186A288A4640E58DCB6C2230FF538834DB55186
                      SHA-512:490BD340ED38D37FD8CC94C9A0C5538F5A34FE95DFC22D06DADF3344BBAC1B3DD6C6D27695C09F870841F300B34A786B6A7841B2F98CF4969E0A73BA4178B8CD
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,.........D..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I+X'.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V+X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V+X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V+X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V+X/............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............)......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2689
                      Entropy (8bit):4.007696770296936
                      Encrypted:false
                      SSDEEP:
                      MD5:1A332896D70AB1FC8705304D98C8BF66
                      SHA1:0AC0387667466B5037B05105E2C33A060AAA8650
                      SHA-256:DF930DF8E76B913E62A00CB7D8C69BEB78FF9AED8C4AC10F9DC6E7C18804F4A4
                      SHA-512:C87AD5ADFECAF81E38E97D66FB535BD9F789C781B8CA932218C09A96FF9DA243CEB27342D8B65ABBBD26B6340A4E1E2C77A697F4FEE49D02C8E9AF5E01131EC6
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I+X'.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V+X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V+X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V+X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............)......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 11 20:33:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2677
                      Entropy (8bit):3.9973715840869564
                      Encrypted:false
                      SSDEEP:
                      MD5:08FB8AF2A478359D186403948050AEDE
                      SHA1:10928916F1B4B0CAF065D19EBAC9135E2D451525
                      SHA-256:D7389CFC88E07483B21CFD9B1FBF15550D91E23CA62DA7A3224E1D6F05CAB013
                      SHA-512:80554B37C91AAB5FD1871880AE8B4B18C0580BF055F67FA475507E45E519A8E59D1A24E64BB53721F1B8A23B5CAA88685868B1997C84F62227BEDBF6F25ADD69
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,.....w...D..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I+X'.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V+X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V+X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V+X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V+X/............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............)......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 11 20:33:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2677
                      Entropy (8bit):3.986172489092828
                      Encrypted:false
                      SSDEEP:
                      MD5:7E1706FE63F147B47E7DECA80EA10E91
                      SHA1:F2DA24824B8CBB8E354D094E793051BE72EAE814
                      SHA-256:B3FABC027DDD6A54C5E4C470D85E0AB96E4D1F5680268BDA947CE0693A195D3F
                      SHA-512:7A9F60F44E16A694F21ECF287753EC00F419BA5B44F046ECC0837FF3C3DE97D6388165EB62E19B0F6E644A1D57CF179A0416491F51625817FEF6A5E99A8ADFD1
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,.....%...D..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I+X'.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V+X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V+X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V+X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V+X/............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............)......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 11 20:33:29 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2679
                      Entropy (8bit):3.9963018857161403
                      Encrypted:false
                      SSDEEP:
                      MD5:0A24AEA1A19858B2B6E5A96FF3D4C5A4
                      SHA1:C7EC464C1FE8B7CDD3BE10482F33788A674EB7F6
                      SHA-256:1E17F8280040676BA33C05E0BFC536AD523292F3170C95A4DE8998BE1B9A709A
                      SHA-512:924260D071BEB91E7410D47D335CA5D905FD0ADE00A6698417D2B3DEBD805CD7EFE724BD5564BCF2AAC96F6EC2AE27687E892D6232F4E9870EC901B0E43393BB
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,.....O...D..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I+X'.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V+X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V+X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V+X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V+X/............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............)......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      Chrome Cache Entry: 100

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 58 x 58, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):2568
                      Entropy (8bit):7.612534958207389
                      Encrypted:false
                      SSDEEP:
                      MD5:2C823874A90E531F468A21D0188D7CE5
                      SHA1:5480634060E586E86C12B46F69515E67D0D4D2DA
                      SHA-256:09C5950DD911B5D7F2647DE135F453015915404C66C7F9354CCDA1036230EB84
                      SHA-512:3077A00AE66A339A8678FA5B5D972496DA40F0A354A4F5DC5FB035B53138FF318D455AE407414B7EE8C767C545A1A1166989788535E36B2040119CCEF8FBC1D7
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...:...:......J(....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:6EA19CF3DE6311E2997080101E562746" xmpMM:DocumentID="xmp.did:6EA19CF4DE6311E2997080101E562746"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6EA19CF1DE6311E2997080101E562746" stRef:documentID="xmp.did:6EA19CF2DE6311E2997080101E562746"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......~IDATx..{HdU....:::..*;A..ZSP...!..A..A.,A....GTB...cB$.. ....e-hhR...C1.um}m.o.m..q.G.c...6....X.=..3{..s..<.

                      Chrome Cache Entry: 104

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):1391
                      Entropy (8bit):4.985157585580186
                      Encrypted:false
                      SSDEEP:
                      MD5:ECED4D1DE19CCFF762AA0C0C41683FBF
                      SHA1:D26DB2BFBA4C46D50790D401A7EAAAA108514E46
                      SHA-256:E16DE1384321BD8D510BC8B2BC30BFB8C075F64D81541CEC6BDE4212FD455D14
                      SHA-512:D518CF003AA606D34FA19A1BA9D2048C636B9D412059D8E5E72AFF0A830789AFA3AEF35AF1156607497DB9A46965980928201BB7DE897FA91D1AAD2FB827A911
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/topmenu/topmenu_gzip.css
                      Preview: /* Dropdown Button */...dropbtn {.. /*background-color: #686868;*/.. color: white;.. padding: 16px;.. font-size: 16px;.. border: none;.. cursor: pointer;..}..../* Dropdown button on hover & focus */...dropbtn:hover, .dropbtn:focus {.. background-color: #ddd;..}..../* The container <div> - needed to position the dropdown content */...dropdown {.. position: relative;.. display: inline-block;...float: left;...padding: 0px 0px 0px 0px;..}..../* Dropdown Content (Hidden by Default) */...dropdown-content {.. display: none;.. position: absolute;.. background-color: #f1f1f1;.. min-width: 160px;.. z-index: 99999;...box-shadow: 0px 8px 16px 0px rgba(0,0,0,0.2);...margin-top: 4px;...border-top: 1px solid #505050;..}..../* Links inside the dropdown */...dropdown-content a {.. margin: 0;..border: none;..display: block;..padding: 4px 12px 4px 12px;..font-size: 11px;..color: #fff;..background: #454545 url(../images/spacer.gif) no-repeat center bottom;..wi

                      Chrome Cache Entry: 105

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1293
                      Entropy (8bit):6.803670257641756
                      Encrypted:false
                      SSDEEP:
                      MD5:F49EAED4DBA010A6A60C124850E6A5B0
                      SHA1:92AD327ECEB87BD6BEB4E0969C89FAFCFF95D9D3
                      SHA-256:F629FD7E9AE4A6BBBE7239B9F789DA7AACE8BD4EC94A5A1A54A62FDA01E521D3
                      SHA-512:96E053CF144641423DA8A2310E475F359F151A563DE8052D72E3655748904D40C79F582AAB1B8ACAE59D9678DE56FCD624A70F2A5A974C3D6E875FC960A23EC6
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............;.J....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DF4DB930E2CB11E2AC98DF8B3826C87A" xmpMM:DocumentID="xmp.did:DF4DB931E2CB11E2AC98DF8B3826C87A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF4DB92EE2CB11E2AC98DF8B3826C87A" stRef:documentID="xmp.did:DF4DB92FE2CB11E2AC98DF8B3826C87A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>[.V.....IDATx.R.j.P..<...Q..E!".v#..|.....?..~@..+i.Mi5..E..A..G...T.t6.w.93gNF....1......h4.J.r......^.......+.QH.D\.X

                      Chrome Cache Entry: 106

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 315 x 190, 8-bit/color RGB, non-interlaced
                      Category:dropped
                      Size (bytes):9521
                      Entropy (8bit):7.949309168138699
                      Encrypted:false
                      SSDEEP:
                      MD5:1C331B98A5FA6AA42708CE0E28303D72
                      SHA1:FC2AA9B95F5C6077DDFADBC7E5659A8E4B9AE595
                      SHA-256:88D3EDEFB31D2B4AFCFE08E8A89914FA3B18C56C3D0231F821A1B2633D1FE99E
                      SHA-512:DE2456AAE08CBB34D1D4C7F9A32F0B23908461BA731FC66BFDF2C613C9B1BC0B11D2B793024B1DC541D97BBAD2B3B3CB0CA2E91C435D546BBFE9FBE5FBEB6D0C
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...;..........?O....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:EC75A2AFE2E111E295A6F59474B38855" xmpMM:DocumentID="xmp.did:EC75A2B0E2E111E295A6F59474B38855"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:EC75A2ADE2E111E295A6F59474B38855" stRef:documentID="xmp.did:EC75A2AEE2E111E295A6F59474B38855"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..._..!.IDATx..].v.6..[...?..K.3..` ,.[.......M.@..o............zWx2&...[...?..../....M.....e/.J.e..#.t:.......>...k

                      Chrome Cache Entry: 107

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1316
                      Entropy (8bit):6.868966485740872
                      Encrypted:false
                      SSDEEP:
                      MD5:594ADEEE8B12E382C5F4F9FCE674A0AB
                      SHA1:A00D6270DC4298E1CFC25C23D11376ADCC8EF001
                      SHA-256:F26B7A8C11B9B792B5C36320D7CA14892F36B25144DCE4791EF856F261CD623D
                      SHA-512:4E35B55909B3E6C40C673900F4B1BF514EA0F326FE71CBA8B7E8F758353FDBCAB35A23D95B987A929653724BDBDB1683C06241EC3D6535647883AD8C6C941DC3
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/top_si4.png
                      Preview:.PNG........IHDR.............;.J....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DF86F1A1E2CB11E2AC98DF8B3826C87A" xmpMM:DocumentID="xmp.did:DF86F1A2E2CB11E2AC98DF8B3826C87A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF86F19FE2CB11E2AC98DF8B3826C87A" stRef:documentID="xmp.did:DF86F1A0E2CB11E2AC98DF8B3826C87A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>~.. ....IDATx.R.N.@...>LZM...e....0....L..(q..P...M..@L........ x.I.N{.w..$I.%.?J^o........v.Z...`0`A..b..8..q.V(..m

                      Chrome Cache Entry: 108

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):7561
                      Entropy (8bit):7.94765125694092
                      Encrypted:false
                      SSDEEP:
                      MD5:3845A544E2EDC47C4884BA9E8BDC4A59
                      SHA1:D31BA1A40FECC36E2E1E769B3A3A367AA166420F
                      SHA-256:4FD3A0491A2C3DFE7E930E0A916A2B78BF601466E967B6AA5DE5A83222EA6B4F
                      SHA-512:2DAEBC58E6BD4CA42CF0AD0327F8C6BA9602C9E1D140887490EFF4BBC5C7965612C6A75F3C0013FCEB59B5AEDA1A9E3EE70C030437559E8C92F49B47DFB86AD5
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/home/file-share-icon.png
                      Preview:.PNG........IHDR...@...@......iq....PIDATx..[y.\e..o...;.$...B..$!@'....D....<..2.. ...a."".H.&$.,.8r..A\!a9.H.....t..Z..}.U.<..3..:y.....{............k_._....|......>..7...^..;.......x../o.......I.w...........?9...s.r.[.........5.C.......m.?..._.{..3z?.W..v"%.....<.e5.......u.{......{.@...g..}y...{F......+.9q(X....k.+.o.5.........5..{/....+.68....@P)B...J...,.....A .X...`...>k........`...}|.....cz..........w.b.$O...=...g.........=...o.9.KO..s..KC*.E.]..RB............z.@....<...:..k..|~."o.UX.9"..0..F..~.(.KP{...............p...5..dr..J..q6^..~I.G...z+.|5.......j8G.D@@.5i..b.+.........h....]........X.../.r.....5w.g..D./.^.2....u.z5x....@..".....*....m2.:.9M.r..BU.....2..?....]..I........8...h.{...M.8.$..r....|.rS...8.\...~9.a.......X.y...b..0PP..c-..-.@......~L.C....3G^..%j{....2.......J%. .O%3.JA..a.6.O....;......i'..L6..T.</..B.....TI............B\.~..H....rX.Q.B.7...J......6G..F|U.<.7...u$*.....e...^i..=p.....K.d..{......)..D@Lj8.?.

                      Chrome Cache Entry: 109

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 10 x 5, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):943
                      Entropy (8bit):5.836843928845756
                      Encrypted:false
                      SSDEEP:
                      MD5:30BC70DD5FEECA7790C4E5DB9F052763
                      SHA1:4ABF9E2468A65E030C35C2E76F5C4C2FAC78BECA
                      SHA-256:E7DEA787A5F4A8EAB26BBFF86CCC9BE8385E54BC0BE7AEEA1204D978F8157DA0
                      SHA-512:A78762AEBF5EAFB9A315DD02588CC8FAF473AC5AA2169346875E15529A2A537B6939107523BC0F98CA0866A4B86E22F12F30C819290D2482321A9105039D8D0F
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............|d}h....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:FB7021A9E51B11E290B88987BB5E52F5" xmpMM:DocumentID="xmp.did:FB7021AAE51B11E290B88987BB5E52F5"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:FB7021A7E51B11E290B88987BB5E52F5" stRef:documentID="xmp.did:FB7021A8E51B11E290B88987BB5E52F5"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>H..n...%IDATx.bd``Pc .0..<....U.B......... .....\w.......IEND.B`.

                      Chrome Cache Entry: 110

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):3780
                      Entropy (8bit):7.870846299577784
                      Encrypted:false
                      SSDEEP:
                      MD5:AD24C16EE551568039001F6E52D83CBE
                      SHA1:CB198C62F4009A565BC94AD475A85B3252E56852
                      SHA-256:57A2B751D42F5F532C317271C78776D18F48B705102E62907E7708A4BCE99C15
                      SHA-512:3348D746E4DC322FE9700A11289DA819B96C1B01D7CD751D43EDFF11D6F629D37EE3958368D48927EED97BFF134473C0824A442725287E7D44B1EEBE6C602D19
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/home/window-remote-desktop-icon.png
                      Preview:.PNG........IHDR...@...@......iq.....IDATx..{t.....sw...MH...y.$D $...y)...?...i...F+......"....V.ZAD...~&$..j6B...V.J.s7...w...;3..|.E.......~....wf..~.E.....r.@g.@g.k.Xc......k....O.,.H..../.....!...........hg....Ij...!...5c..!.8x........RYY.999........'...EB...|..GQ..m+.+.G.....Q........... ..(Xj.....)v../....sBiy9....N........tBCs.7..b..g".../q..A..".V...e........e..$.C.;.c.... --..(,k...L8..7$......C.C.-.m..8.&J....;.d...pYV..._R..=..c.$@..!PUUe.PRRB...;...z......#],n#M.2......@...iWt3k..>.j?.IFZ. ....-....>.w.. 77...!.9v@.\. .~.P."... ..o;C.#.(l.5.(.u&....Q.N.....0........P..0...@...V..1.X.G."u.A2b............`.<0....M<....]1..in.8r(TWW[....k.*..j.b..G.!n..!TOpl.9@;.....!.n....G.?.r=.i..k.......#N.....HN...T.L.V...=.. 55...V.s@.\j....... ..E.F.>.Z.k....... ....... ....uE..$b.2..\A.!.O...>q09g(.>}.m......1..N?. .6....^..1.Bk..~}.....|.{...?......z.........f.._.h.NQ..p.....l.4.Z......9.....jn.....kKC.m>.&..M.E..O.eH......L..N..k.+..

                      Chrome Cache Entry: 111

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 2 x 90, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1037
                      Entropy (8bit):6.211738798420359
                      Encrypted:false
                      SSDEEP:
                      MD5:0CD6B83F144D4559AF0F3A1E3C8CCFAC
                      SHA1:F66ACBDED998767B8E22126467BAA743C254BF7F
                      SHA-256:AB4B59C566062E671B43B2CC57C690E10EA8E3030F3BE0282C034C547248D69F
                      SHA-512:7A1C9C8FEAF08A2797CD444134E699C211D6434EAD6EC488368A59BF4E93C0FC7ECD86D21BD141A8AC6D072C87C037BA4BD9EAA5E17D57BAFBA4874C46B17DEC
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.......Z......k......tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:9461BAC5E51D11E2AF14C3160922EEEA" xmpMM:DocumentID="xmp.did:9461BAC6E51D11E2AF14C3160922EEEA"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:9461BAC3E51D11E2AF14C3160922EEEA" stRef:documentID="xmp.did:9461BAC4E51D11E2AF14C3160922EEEA"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......IDATx..[.. ............>...vv.M...9gf".:=..k..H..b.....l[.."8_.5U.2Vi.e..T.....L...w...v.[ew........D..a.....

                      Chrome Cache Entry: 112

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (32089)
                      Category:downloaded
                      Size (bytes):92629
                      Entropy (8bit):5.303443527492463
                      Encrypted:false
                      SSDEEP:
                      MD5:397754BA49E9E0CF4E7C190DA78DDA05
                      SHA1:AE49E56999D82802727455F0BA83B63ACD90A22B
                      SHA-256:C12F6098E641AACA96C60215800F18F5671039AECF812217FAB3C0D152F6ADB4
                      SHA-512:8C64754F77507AB2C24A6FC818419B9DD3F0CECCC9065290E41AFDBEE0743F0DA2CB13B2FBB00AFA525C082F1E697CB3FFD76EF9B902CB81D7C41CA1C641DFFB
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/universal/jquery191.min_gzip.js
                      Preview:/*! jQuery v1.9.1 | (c) 2005, 2012 jQuery Foundation, Inc. | jquery.org/license.//@ sourceMappingURL=jquery.min.map.*/(function(e,t){var n,r,i=typeof t,o=e.document,a=e.location,s=e.jQuery,u=e.$,l={},c=[],p="1.9.1",f=c.concat,d=c.push,h=c.slice,g=c.indexOf,m=l.toString,y=l.hasOwnProperty,v=p.trim,b=function(e,t){return new b.fn.init(e,t,r)},x=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,w=/\S+/g,T=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,N=/^(?:(<[\w\W]+>)[^>]*|#([\w-]*))$/,C=/^<(\w+)\s*\/?>(?:<\/\1>|)$/,k=/^[\],:{}\s]*$/,E=/(?:^|:|,)(?:\s*\[)+/g,S=/\\(?:["\\\/bfnrt]|u[\da-fA-F]{4})/g,A=/"[^"\\\r\n]*"|true|false|null|-?(?:\d+\.|)\d+(?:[eE][+-]?\d+|)/g,j=/^-ms-/,D=/-([\da-z])/gi,L=function(e,t){return t.toUpperCase()},H=function(e){(o.addEventListener||"load"===e.type||"complete"===o.readyState)&&(q(),b.ready())},q=function(){o.addEventListener?(o.removeEventListener("DOMContentLoaded",H,!1),e.removeEventListener("load",H,!1)):(o.detachEvent("onreadystatechange",H),e.detachEvent("onload",H)

                      Chrome Cache Entry: 113

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1880
                      Entropy (8bit):7.343599551607813
                      Encrypted:false
                      SSDEEP:
                      MD5:C4ED2835DBC872E66AF68F09CF38E983
                      SHA1:CA3124D25D3D39A20A5BE2CAD9B6376C97B19DD8
                      SHA-256:5D278FD1EF8F5E708CB824FC7F89C4D0E48D4DF596196F21BCFDEDA53A3613F2
                      SHA-512:3642748311ED4EEA08652F5A56AA4E168435AC1765326FC568523D3ED380DDF1FFA69EC3C07657090875F6DF537D66D6CA187CA6FECD95F2760E035575FFD50F
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.../.../.....s'......tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:C469A2F7E2E111E29028B5CC73DB5C73" xmpMM:DocumentID="xmp.did:C469A2F8E2E111E29028B5CC73DB5C73"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:C469A2F5E2E111E29028B5CC73DB5C73" stRef:documentID="xmp.did:C469A2F6E2E111E29028B5CC73DB5C73"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..0B....IDATx..-P.@......jP`P.`....<.xjP`....5Ea........`......L1.\....^n....Kv&.nf.<.......f]D.$..G.T.....3..E@.X.B.

                      Chrome Cache Entry: 116

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1256
                      Entropy (8bit):6.753748897817563
                      Encrypted:false
                      SSDEEP:
                      MD5:851A1DA173CF8FC1018A41D9292D04BC
                      SHA1:1F4E3156CCCE85E55A7CA50185B80FD6EE298E3E
                      SHA-256:13C03D0497EBCFBD7B72A83061E3593C39EE46D646DFAB26F7819222002B22E7
                      SHA-512:3345378C56F2E4843697145F6C5D28EC00F016A7973CD890D28370A150F838A4AE38C55F2DF0C2B5CBD80EFD90BE32B529D585B851E99036C7B1A39023DD4686
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/social-icon4.png
                      Preview:.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:138E3783DE7A11E298348EC6CA2C4608" xmpMM:DocumentID="xmp.did:138E3784DE7A11E298348EC6CA2C4608"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:138E3781DE7A11E298348EC6CA2C4608" stRef:documentID="xmp.did:138E3782DE7A11E298348EC6CA2C4608"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>U......^IDATx..K.1...&...."*.A..."(8...k7.....I.3..[Wup..D.'.D.T:..A..j.7.N..Z..........8.rY...D.>.5.q..T...1...)G..k

                      Chrome Cache Entry: 121

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 40 x 90, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1755
                      Entropy (8bit):7.302042396729564
                      Encrypted:false
                      SSDEEP:
                      MD5:4FD66937DDDE25A3E7C975BBA4E1C223
                      SHA1:C9BE1A9BE02202B557C5DC7DFAC1529CE13434CF
                      SHA-256:C5D8DEDF9AEB4E45B1A7A98988206408DD0B9B7CF505DEBCBCF7A483F7B3C53C
                      SHA-512:47A8867DAC89FCB3C6F1B7B802F2340B2E646666A16647EA7B0BEA0069F5962C27EED385AB3B1E490BEC349ECFFF3818FEDD38102134993AC0C94AC2BBF686D5
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...(...Z.............tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:BD98CEB1E63911E29DD7A38565FB0E7F" xmpMM:DocumentID="xmp.did:BD98CEB2E63911E29DD7A38565FB0E7F"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:BD98CEAFE63911E29DD7A38565FB0E7F" stRef:documentID="xmp.did:BD98CEB0E63911E29DD7A38565FB0E7F"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>t.\....QIDATx....0.....PX..7.........r..J\..7.....B=...f..d..H.).....g<..)x....)...q.b....n.K........j..9.N.T.....

                      Chrome Cache Entry: 122

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1131
                      Entropy (8bit):6.482059871374059
                      Encrypted:false
                      SSDEEP:
                      MD5:CED2772979CA0E1D52A9FC5BE83B1727
                      SHA1:F906C1D5C642F8A6045F3C9F602AE0086CFA5F5B
                      SHA-256:5636669C72371D30CBDB9466E144A78797760C9FBDE2A76746334F69D07E428B
                      SHA-512:D8CA929F94F22DA1F79CFA8694316B939707A72D80EB5AA6F19B218EFC63469FB2A58840497EE57951A473CAA4C1C1E8A535A7A0FB50EB009BE0E50B00DDEFF1
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............Vu\.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DECDB083DE7811E282F694C34A24D0BE" xmpMM:DocumentID="xmp.did:DECDB084DE7811E282F694C34A24D0BE"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DECDB081DE7811E282F694C34A24D0BE" stRef:documentID="xmp.did:DECDB082DE7811E282F694C34A24D0BE"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..y....IDATx..j.P...DR....(}.....C'....P.:...k..}.uq.O..&..]..uwQP\...N 8(9..$..&..<..S.+d9.&.7.w.;.e...,o...KV...P

                      Chrome Cache Entry: 123

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1427
                      Entropy (8bit):7.019217539541492
                      Encrypted:false
                      SSDEEP:
                      MD5:6199A3BC2A57E7CAF9846CBCA6CE8C38
                      SHA1:3B8867AFD7E1FB07D9C48AC9B9776F218A8EBE51
                      SHA-256:C1E2119409CABECECEE42FDEDE926C0AA042317A7F954FFB5A631499D7E4F5A1
                      SHA-512:87361860B5B73B5E6ED1E318A1B70220C000416A51AF0ADA1926E19543DFE82A16F369A3446BD294F793A647F202542E758F4884063243AA0199AB9FA78C6913
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/top_si3.png
                      Preview:.PNG........IHDR.............;.J....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DF86F19DE2CB11E2AC98DF8B3826C87A" xmpMM:DocumentID="xmp.did:DF86F19EE2CB11E2AC98DF8B3826C87A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF4DB936E2CB11E2AC98DF8B3826C87A" stRef:documentID="xmp.did:DF86F19CE2CB11E2AC98DF8B3826C87A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx..=..Q...|$.L&.801.".H..*.J....v6Z...$..J..........%.!.!......|...w$i,v..g.s...{.(..M?}..l6k.\....;.V.c.^

                      Chrome Cache Entry: 126

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with no line terminators
                      Category:downloaded
                      Size (bytes):16
                      Entropy (8bit):3.75
                      Encrypted:false
                      SSDEEP:
                      MD5:5C7914A399A50124D9D7F052FF8D5F8D
                      SHA1:7229ABDEB209E0A5DCD821A5B751054253F6CB03
                      SHA-256:5C6400593EB22D155DEB13D15E8C7825B45953B3541A48019792FF9057AA8FC6
                      SHA-512:A9B86B4058B1BFD7CBE4D4CAAA75500B14A8B6FE0AC456F385D5A81EB96344F70626FB21024EEEBE3A3143BEDFBDCDC372F51B2404096DA40B58E561C56CEC72
                      Malicious:false
                      Reputation:low
                      URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAk8ZeG7vBYF2BIFDRcQTe4=?alt=proto
                      Preview:CgkKBw0XEE3uGgA=

                      Chrome Cache Entry: 127

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3
                      Category:dropped
                      Size (bytes):1854
                      Entropy (8bit):6.917208989691094
                      Encrypted:false
                      SSDEEP:
                      MD5:39FFD175538CC7AEADB44F50C951ECA1
                      SHA1:D2FBE6BBB2695E87A5F52280EEB74A3B0599572F
                      SHA-256:2313512380F0EF924EA55D84E23AF8FDCBF40B6D4DBA4F39C6A310E03DBB1296
                      SHA-512:7F76A04DACF33125E4F1EE3445A56D4DC436847AE1494FFB0D275C8787B0ECBD63A6629E153AD11CC6AFB34AA703A7BA6AA23DD756EF132BF4F02ED69DF628AC
                      Malicious:false
                      Reputation:low
                      Preview:......Exif..II*.................Ducky.......F.....mhttp://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:EA0624A2E2D511E2A2F1DEDFB0E2F987" xmpMM:InstanceID="xmp.iid:EA0624A1E2D511E2A2F1DEDFB0E2F987" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:503341BCBBE2E211A051C70423D089B0" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...............................................................

                      Chrome Cache Entry: 128

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x500, Suserng: [none]x[none], YUV color, decoders should clamp
                      Category:dropped
                      Size (bytes):27948
                      Entropy (8bit):7.9924947425463655
                      Encrypted:true
                      SSDEEP:
                      MD5:BDB1256CB4668C3012EC5369BFECD1BC
                      SHA1:3822E817DEB90B5CFB8F628BC485261636209BCD
                      SHA-256:EE5653DD1175EF96379F665AC90574D0F90E4C9157A28035D3FD17270BEB5CEA
                      SHA-512:40541E50B4BDA7780FFC39614B7D4D223A86C945182D76282F589A4AACA0D1D39D1CACF437790B474391FA9C11C4428BE0E24B69D91B137A59275B74A2FFC5C1
                      Malicious:false
                      Reputation:low
                      Preview:RIFF$m..WEBPVP8 .m..0~...*....>.H.L..#+!.hy`..gn..<...O....RUN..j..Xq.....|k..9.A.-e...{.......{.<....*....{.5..?.z..;.N.....|...............g...~..s.[..~....../.c...?............../.......{....M......?..ut..c.O..&.o......~.z.X[.......W...?.xW..P_.........7.>...{y..._...P.A...G..............A.......o.<......3..........s>... pi.t4.....\..7.?......,O.-..P.G.....Fd.7."L......p.H.;c..x.K....[...f.a.>].(....7........)G...._.t,...e..i.<B.._O9n...N.K#._Nvi.....4..y.LfRT..3W..[W..:."n......u?..#...}:*.jN.$.Vjod5....h'.k.,&.\V...#.^g..h.....2....N....88P...q...8..9......4B^.1.l|.[....bX6..j.....?...&.d>z.1o..D..6.eu..,..).....=k.H!...zv.$.....'./3.....'!.w.....t.\.S.$$..-....;%..j}/.w.....uG.8.L..~..B.h..~...B...].L..*..h...[H~......g...m?@..<.WyX.f+.6..y#O\#..."..P....a+.@.\4......]....2]y.&..D.P.D+muKk......S`..x......p3.....k6..9.:Q.e..G?.....)..V#.x...l.....(.a..<....I.........`M0D......b......c......[...H.w..B...q..b.Ymw......*.sk`g.|..(...

                      Chrome Cache Entry: 130

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):2698
                      Entropy (8bit):7.615394138279834
                      Encrypted:false
                      SSDEEP:
                      MD5:8ED318419502F05FAF6F31A20CF09149
                      SHA1:AB857000BB2E90B1D7DDBBD3A2E697ECEFB1FD58
                      SHA-256:D411A883CF2E510B7DF4878E3D7D6C4156F70BAF3364523241D6E98116B0043B
                      SHA-512:1DDC016B179862B2440DAFCD9B2387C6907820A3CE01C9EFA4EE4A33BB5A716FDD0C87C38537A74959D1BB77D18A240141687B9DD187B8B908837CF9BD7C5ADA
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............;0......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:7CCA40B6E46211E28F5EBCAC7CDA5A39" xmpMM:InstanceID="xmp.iid:7C0B84A0E46211E28F5EBCAC7CDA5A39" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7AA1CB465FE4E2119FF2EE4D58CFE928" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.N.Z....IDATx.Wkl.U.>3.....}o[.-... P,.(.*4.b.!.!../c

                      Chrome Cache Entry: 132

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (6869), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):17331
                      Entropy (8bit):5.4940113122997305
                      Encrypted:false
                      SSDEEP:
                      MD5:A32F049A77974F646743FE2A4055A47E
                      SHA1:CF174DB59A35F9228F0756E9908AAFB4250337B9
                      SHA-256:81005379B1CE39D2B075FC9A52D4E0E2D82BFAC3271D22301BC791260DCC0561
                      SHA-512:8D3D584ACCD918E0E0A0C558CB7B82D6C730009FEF3826CCF39ACFFE5D703873F6CF3B6A37FE2F4C2A1FA560DD0AB5C5E48B9676D686559AC2E13A028EB9F30B
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/revolutionslider/rs-plugin/js/jquery.themepunch.plugins.min_gzip.js
                      Preview:/********************************************...-.THEMEPUNCH TOOLS Ver. 1.0 -... Last Update of Tools 28.03.2013..*********************************************/...../*!.. * jQuery Transit - CSS3 transitions and transformations.. * Copyright(c) 2011 Rico Sta. Cruz <rico@ricostacruz.com>.. * MIT Licensed... *.. * http://ricostacruz.com/jquery.transit.. * http://github.com/rstacruz/jquery.transit.. */..../*!..jQuery WaitForImages....Copyright (c) 2012 Alex Dickson....Permission is hereby granted, free of charge, to any person..obtaining a copy of this software and associated documentation..files (the "Software"), to deal in the Software without..restriction, including without limitation the rights to use,..copy, modify, merge, publish, distribute, sublicense, and/or sell..copies of the Software, and to permit persons to whom the..Software is furnished to do so, subject to the following..conditions:....The above copyright notice and this permission notice shall be..included in all copi

                      Chrome Cache Entry: 137

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):2056
                      Entropy (8bit):5.200833525729719
                      Encrypted:false
                      SSDEEP:
                      MD5:3A1C23DCE4C65F4A87C444D929342924
                      SHA1:AD52EEA34B4F71EBD3CE9DC0D672BD98FFA45A9A
                      SHA-256:ED268325F04E9B8C8070FF13315A3E77D65D3BC88DDCF949F35055690A34913C
                      SHA-512:FA1A53D9CACC831C14D3F52549B58ACD506C7197A0CFFF10ADE2D91756C28EA0776BD7CA36606B91267484C2ACC39A705879E9F5653E68284DC6647C035F5043
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/revolutionslider/css/fullwidth.css
                      Preview:/*-----------------------------------------------------------------------------....REVOLUTION RESPONSIVE BASIC STYLES OF HTML DOCUMENT....Screen Stylesheet....version: .1.0..date: .26/06/12..author:..themepunch..email: .support@themepunch.com..website: .http://www.themepunch.com..-----------------------------------------------------------------------------*/...... /*********************************************************************************************....-.SET THE SCREEN SIZES FOR THE BANNER IF YOU WISH TO MAKE THE BANNER RESOPONSIVE .-.. **********************************************************************************************/.... /*.-.THE BANNER CONTAINER (Padding, Shadow, Border etc. ).-.*/....... .fullwidthbanner-container{....width:100% !important;....position:relative;....padding:0;....margin-top: -20px;....max-height:405px !important;....overflow:hidden;....background: url(../../../images/sliders/revolution/slider-bg.jpg) no-repeat center top;....borde

                      Chrome Cache Entry: 138

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (13165)
                      Category:downloaded
                      Size (bytes):304370
                      Entropy (8bit):5.503431950786741
                      Encrypted:false
                      SSDEEP:
                      MD5:4344E7C89ECC4BD66828F3657F003839
                      SHA1:7098F1F4A49CC8A42F29DAE759E6670163EA66F0
                      SHA-256:625286758A22D7384A8232B5BEC5D4E000D15F399E7009F4E8E739B77274EED5
                      SHA-512:CA4204477167105363317660CDA7999576DF71A0A51A92FE506A55C8A35464A421A472174A1B3308078256C2C931822DC7A9ED4E26B0D97A5C1B0B81D329EA8B
                      Malicious:false
                      Reputation:low
                      URL:https://connect.facebook.net/en_US/sdk.js?hash=4cc4493715d4d76a9f9ea0bd6910d823
                      Preview:/*1705001629,,JIT Construction: v1010774876,en_US*/../**. * Copyright (c) 2017-present, Facebook, Inc. All rights reserved.. *. * You are hereby granted a non-exclusive, worldwide, royalty-free license to use,. * copy, modify, and distribute this software in source code or binary form for use. * in connection with the web services and APIs provided by Facebook.. *. * As with any software that integrates with the Facebook platform, your use of. * this software is subject to the Facebook Platform Policy. * [http://developers.facebook.com/policy/]. This copyright notice shall be. * included in all copies or substantial portions of the software.. *. * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR. * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS. * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR. * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER. * IN AN ACTION OF CO

                      Chrome Cache Entry: 140

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1393
                      Entropy (8bit):6.996993667584285
                      Encrypted:false
                      SSDEEP:
                      MD5:879ED8C6B09181F4010B6C5256D9F237
                      SHA1:42677C5D505F7499BB786E3589A0342560C681A3
                      SHA-256:C2FFA6AA3A16650381B0C094CBC82362D2152CA20147116E103FDFC362AAA5BF
                      SHA-512:9BD5490A22B2934E8236A12EC2D06FA2D5BB3C2078D22CC9630D483D0BD0A8080DFE599D4A2BBA1EC482A32762B427A315DF6D1BA6D31ECCB09867DC438630BF
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/top_si5.png
                      Preview:.PNG........IHDR.............;.J....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DF86F1A5E2CB11E2AC98DF8B3826C87A" xmpMM:DocumentID="xmp.did:DF86F1A6E2CB11E2AC98DF8B3826C87A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF86F1A3E2CB11E2AC98DF8B3826C87A" stRef:documentID="xmp.did:DF86F1A4E2CB11E2AC98DF8B3826C87A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>?.......IDATx..KK.Q....4w....nZj..v...uYK.]....o.w.N..B7..$..JQ..QLR..\fr.\..t.....>r8.{..r&.h4...dq..7.l..,.J..7..f.

                      Chrome Cache Entry: 141

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 120 x 40, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):2340
                      Entropy (8bit):7.550520325371966
                      Encrypted:false
                      SSDEEP:
                      MD5:C11903E874C3AEFE8285A5DDAC70CF31
                      SHA1:93E1B559AECAACD014AE56D48C08BEFA0F8C5A3B
                      SHA-256:49A22943625EAA958CD4F7E0CC4C5495452573ED9D18A4A6B7337760A747AE7F
                      SHA-512:86B6F96E5A526EEBF8E92D6852381FE07AF2E314DC835AD71C978BA3387287AC18E83A2A27BB5FE45B41F67F9DE4C5C9FC1BC06606A03305A99452920CEBE855
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...x...(.....5.>%....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:FD41336BDE8011E28D4EC08B01E5CF1B" xmpMM:DocumentID="xmp.did:FD41336CDE8011E28D4EC08B01E5CF1B"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:FD413369DE8011E28D4EC08B01E5CF1B" stRef:documentID="xmp.did:FD41336ADE8011E28D4EC08B01E5CF1B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx..[Mh$E........3..x..).........^.......$x0...Q.xP...G..E. ....I6..4..4I.$&......g.]..........z_..

                      Chrome Cache Entry: 142

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 35 x 25, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1233
                      Entropy (8bit):7.773231974777998
                      Encrypted:false
                      SSDEEP:
                      MD5:B84E764079D81661FD6D3822539C0A6C
                      SHA1:E80B30FE36606E95CC1F11842FD319ADE3E26E39
                      SHA-256:C4D3832FB20517BBD18BC0A543BBA43C3662ABB1572797ADA20FABB6DB0AE315
                      SHA-512:6889A1EE30F95CF1115E5876293B8C2B48F362E60E21A1F2741ED0B6FF4E49C1147031BB1231EA05A3EFFDC3779CCEA89EB8A8702DF99999CBDC61B3B87D5C07
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/greyscale/easy-to-install.png
                      Preview:.PNG........IHDR...#..........8......tEXtSoftware.Adobe ImageReadyq.e<...sIDATx.WIHdW..58.F.58k.........FE.J..t6....EC\d.d.& ..!..P#.. ..B..KPQ.l.r....C....-...EU.|x.....{...tssC..d2Q..b..&%%....V..j....N...^....uxx..|.L...p.DGG?p8.O+**......sm.*.......W...\sss?...z..LNN.......V....[=.LQTT.mlll...}....................o...|k=""B[...|111....'0..t:.......:......)..."##.c%.H.`...C.../.....c..d............U.X.;jjj4@..o.............w'.V.....=...U.0..........vww5@.Ze..b.......w..SXX..[...... P.....(...R]]...Q.?.v333....=....9....C#..L!.fffhuuUc.3.vvv...!...|.m3.k.....%...S|.".B(.m6.UWW..i..F..8.........':0.......8...k5B...\.-. .........H.).. >>.. j,.}'''.@r>--.!o...3...*.jMA..i...@....n.Soo...VD._!.!...'.X.4Jsafss.zzz..rQVV.....R^...1!.aK.1.B....T..Hq..o..,I.V../d0\7<.FU(..."U.d[JJ.V....o...../..5....f.....]..:@$$$PUU.........5.}r.lq........E..;..FO..%=.........q.i..<@....#w............}.`.~}`K.,,,....7.@..8.s~..........YZZ...jW..7K466vK..M.....@. ...Wk....Ow.

                      Chrome Cache Entry: 145

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):4293
                      Entropy (8bit):4.957796747834386
                      Encrypted:false
                      SSDEEP:
                      MD5:67138AC18F582361A75799BD8D8B0130
                      SHA1:0BBF84DDC096B20E4DC18E0517119D56713F5498
                      SHA-256:7D3EAC9FB94FCC6D78F4B51F40F6CB0E0D677B010F291D2057AB9458F515E327
                      SHA-512:D8059B9CBD79AB067C84CB415043CE4E058BABEE74E28D1446C78151EE394C910A93B25CAB29A78C5C663A76A7A0098E70BC08C274D7247259D34D604DA5F025
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/jcarousel/skin_gzip.css
                      Preview:.jcarousel-skin-tango .jcarousel-container {...padding: 0px;...margin: 14px 0px 0px 0px;..}.....jcarousel-skin-tango .jcarousel-direction-rtl {...direction: rtl;..}.....jcarousel-skin-tango .jcarousel-container-horizontal {.. width: 100%;...text-align: left;...float: left;..}...jcarousel-skin-tango .jcarousel-container-horizontal strong {...font-size: 12px;...color: #333;...display: block;...margin-top: 40px;...font-family: 'Open Sans';...font-weight: 600;...text-align: right;..}...jcarousel-skin-tango .jcarousel-container-horizontal i {...font-family: 'Open Sans';...font-size: 10px;...font-weight: 600;...color: #999;...display: block;...margin-top: -6px;...text-align: right;...font-style: normal;..}...jcarousel-skin-tango .jcarousel-container-horizontal p {...text-align: center;..}.....jcarousel-skin-tango .jcarousel-clip {.. overflow: hidden;..}.....jcarousel-skin-tango .jcarousel-clip-horizontal {.. width: 100%;..}.......jcarousel-skin-tango .jcarousel-item {.. width: 43

                      Chrome Cache Entry: 146

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 35 x 25, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):334
                      Entropy (8bit):7.103902253394033
                      Encrypted:false
                      SSDEEP:
                      MD5:0415E7B35F9BC9C0112C267237A5DAB8
                      SHA1:8331264197C49769E0278ACFB02C6A4A636398F9
                      SHA-256:C28FE26A9B3D14A73390E3183CFB25B63BA48E92D7ED86F815FD306BC15AF84B
                      SHA-512:F974FE3AA004B33AB06C65CF73F67E7756D99CE7A2863095E07EA653FF2213B8A529AEF5D2F17EAB4F9E41EC0DC251867DE5CBFF8D575528AC0CE525A89EBB39
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/greyscale/experience.png
                      Preview:.PNG........IHDR...#..........8......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..W... .,...?.......&.i.x.H"r.e.}...>:..&...'.@k....L...w.^...]$4.^.h(,.'\*Y..@.7=...xV.........~.r...X:..G.....(.(.;..G.\J..xD...L;i9RCv|.._rf4....1.......<.A.3..N..T.i....GwVs..K.../H...2+....I...x...2n......T`.k..{.-........Bb....IEND.B`.

                      Chrome Cache Entry: 147

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 12 x 7, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1009
                      Entropy (8bit):6.114511469801055
                      Encrypted:false
                      SSDEEP:
                      MD5:78F9A53DB1B8A1C624C6B6A09F5EA7E5
                      SHA1:7B02296ABED6BCED7647DF9FB4F7706952A14A1C
                      SHA-256:631CB804A6DC250BF97E9E1E2998D78DD7C8AE278D975C79B99DE06CB3212CEF
                      SHA-512:9B9948CB01D86C8C3B416F4C6779656A3216AAAEFD04895676F4AC2F11BE1CBBE98AD9717FDBD40EE9FDF2D38F1B9E7E5E5E7F977AF14D6E93B2A6EB56E5DF04
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/menu-arrow.png
                      Preview:.PNG........IHDR.............<..$....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:0A47B0C3E46011E28325EF947EF503E5" xmpMM:DocumentID="xmp.did:0A47B0C4E46011E28325EF947EF503E5"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:0A47B0C1E46011E28325EF947EF503E5" stRef:documentID="xmp.did:0A47B0C2E46011E28325EF947EF503E5"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>*..P...gIDATx.btuuub``......A......n@....o@.......4...R ...LH..4-..E0...$..G@\...@.......`...x".$..O.4..&..`.Z...._.....

                      Chrome Cache Entry: 148

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):3323
                      Entropy (8bit):7.710693431615424
                      Encrypted:false
                      SSDEEP:
                      MD5:CA86F5DB84FA0C962DB731D708388D97
                      SHA1:315649FF97383FD3E5FE2B08B090C4109E079590
                      SHA-256:F14C2D894A1BBD27974821F6A0461E9AE759D99425EAEE3132EFC16EA3994E37
                      SHA-512:12C860A49A17F5E21AA6BDEBFCC2F5BB7921FD4BF122EEFC17CECFE9A8904DCC1D112E447AD2DC25F1D67F750068EEAE9859F8D145A8A46FFC23258781CB140C
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............;0......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:7DCBBEB7E46211E28F5EBCAC7CDA5A39" xmpMM:InstanceID="xmp.iid:7DCBBEB6E46211E28F5EBCAC7CDA5A39" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7AA1CB465FE4E2119FF2EE4D58CFE928" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.(.....-IDATx..WYlT....2.>^.7L.A4x..*RH..5Ti.-.DQ"R.

                      Chrome Cache Entry: 151

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 5 x 8, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1076
                      Entropy (8bit):6.086271248906207
                      Encrypted:false
                      SSDEEP:
                      MD5:2895ECB193C7382C42D0099E0B963853
                      SHA1:0BA26A6513F19A9E241048AF0F47F60AD5F192C4
                      SHA-256:BB2C8C0B659FCD7D4879F18B39C19989480E50764D28116EDD817F66BB6BF08F
                      SHA-512:8FB832585628B413972718781929054E6CA9100076DBB606CA8BE844C4BF7DF7ABCDFA9C226818B5B1F4CCDA09C7CC01204025A7B209AD04A24FA7891F6BE008
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............1.5;....tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:7DCBBEB3E46211E28F5EBCAC7CDA5A39" xmpMM:InstanceID="xmp.iid:7DCBBEB2E46211E28F5EBCAC7CDA5A39" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7AA1CB465FE4E2119FF2EE4D58CFE928" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>X.....fIDATx.btuu=............E.x5..!..A%...<Xp.]7..

                      Chrome Cache Entry: 152

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 25 x 19, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1378
                      Entropy (8bit):6.920811491935039
                      Encrypted:false
                      SSDEEP:
                      MD5:27883A5B8AF38DA4097C37D61EE15426
                      SHA1:5848F429B7A0034368DEB7C4906C12C58ADA67C7
                      SHA-256:20B740059FE7F8A5F2A940EF3841AD8A27ED878F10416374545A4964D1F3B285
                      SHA-512:9E6824E1C31C3DD31132948E3727E92D28CE0A62D27317F2191BE62FA1E9F8BD71600F7B86991DA6134A6660A5BCD4228D504668D1C013313099DF52FBFB05DC
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/quotes2.png
                      Preview:.PNG........IHDR.............er......tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:231D25A3E31411E2B9C78CA8BEB6E30C" xmpMM:DocumentID="xmp.did:231D25A4E31411E2B9C78CA8BEB6E30C"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:231D25A1E31411E2B9C78CA8BEB6E30C" stRef:documentID="xmp.did:231D25A2E31411E2B9C78CA8BEB6E30C"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx...+Dq...1Q.$JBfA6.......V,<..........)Y....@6.BV..W..Ch...{.\....{....y.=.w....i.T.NP......1pc..t._.xa

                      Chrome Cache Entry: 153

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 25 x 21, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1380
                      Entropy (8bit):6.889801663963832
                      Encrypted:false
                      SSDEEP:
                      MD5:B69676EB375D512A9412EE08235B47BF
                      SHA1:33A7B6E0C096FA1190AE6C502C36F66AB09D9569
                      SHA-256:01933D471BAFE9EDC7B3F87E97317C0ACA4B3222284DA3174BCF28F6D4E27A59
                      SHA-512:FE7363CA85E2D8D6F771047B9E27616A17C305A7E538B1BFF987AC5A64464E0E768B8E4571C77B2663911885DC59DC43E954C9860A1C9B789B253E46D49B05A9
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR..............+E.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:E829403FE31311E2BD7689B58604BC66" xmpMM:DocumentID="xmp.did:E8294040E31311E2BD7689B58604BC66"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:E829403DE31311E2BD7689B58604BC66" stRef:documentID="xmp.did:E829403EE31311E2BD7689B58604BC66"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.<n.....IDATx..K(EQ...9n.L..&R$...P..1.L.....d$yE.....2RR..I$&.....JW..R.Q....c..>...n.....k.u.H$.)T...*.....C..9..

                      Chrome Cache Entry: 156

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 35 x 25, 8-bit/color RGB, non-interlaced
                      Category:downloaded
                      Size (bytes):1969
                      Entropy (8bit):7.348767453604753
                      Encrypted:false
                      SSDEEP:
                      MD5:9B329720751608C657EDDA315269D9CF
                      SHA1:D92DA25CE9C4F41BCFB45AEB64F5DC4BD1547FBA
                      SHA-256:FC4C5AA9FABAF2D362E1D1ED1DF6AB03A74499BCADFEE0E7AF4FDA22FC22AC99
                      SHA-512:5B6DD6107451AE56CB25113360BC201C14FCCFE205D5110CEB6726C79CADEB9B2C8A61E9AE636C0E92C751B7CD0D988DE7CB6CA9EC5DC50516D2D00CF6710656
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/site-icon27.png
                      Preview:.PNG........IHDR...#.........4Z......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:08F1B215E2EE11E290D786F5D7F73E47" xmpMM:InstanceID="xmp.iid:08F1B214E2EE11E290D786F5D7F73E47" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:503341BCBBE2E211A051C70423D089B0" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...;....IDATx..YKjQ...Wi.........|...W./.K......h .

                      Chrome Cache Entry: 157

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 35 x 25, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1686
                      Entropy (8bit):7.838211845852403
                      Encrypted:false
                      SSDEEP:
                      MD5:0237BDECD6C1665A4F4984936B590BC4
                      SHA1:B09F5844F87170F3BA4BDCD06C57D65ABE71467E
                      SHA-256:248CD4D5EA440511B37899AAF5D7329516F8027CB22F1DCC27D6D39D18C2772B
                      SHA-512:152AAC836CBE4ED64E27C0B9818BC5FBFE7FA7B0049FD69009DBD88AEAEB3464EF4AECC97E53A55CC0218E4988273D74082D1DA8F4A291A824AE000A4918F862
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...#..........8......tEXtSoftware.Adobe ImageReadyq.e<...8IDATx..{h.e...s...sv..7r^...*g.&L.A.dQ......#.(..RQ*T.C..?..0.,0\..'..#&..6.E...n:w;;s}./....s~...~.<...|..}.kzz........JSSSc...Lff.IHH0..............y..z{{G.6._7.....[&//.dgg....5w...".....111a.s..f....1.<...O....$%%.2w..r65.p.....r...~u.....INN~.55u.}6{.............l...'..._.}..eee.z.^. .F.zzz.n.........<z.......}>_....IOO....(..V...1.&.|....z...........eE.e.,X.Gx...J.C.m9.......!.,,.x..................K.z..q....G...l...5....].zu..e../.....c...)....j.8..13.iY..7o...K}.....qs..m.....C..LII.".u....#.......7...1..P.dT......5e..W..X:!Y.&J1bY.F.........3..Z.`.=kJJJLEE.eI.jC....X.I'...O.....*<.......}...*.dP..PG,..D...gB5}..qt. ...UTTd.hmnn..w{{.~...@i.a..uF..p....<Va.&3...q......v.......C.2~..\.r...ttt......q.........o.........c."...XD.&T.#6DbO...]]].0....w........#CP~.....F........h!..n.K..S.".8........m..3...SV..6=Pf.{.0..^..)...hd..}../ ./^4.....jz......X....a[.z

                      Chrome Cache Entry: 159

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):6312
                      Entropy (8bit):7.901884136191714
                      Encrypted:false
                      SSDEEP:
                      MD5:46214108E0DB37FBE0FAD3B1188E1F68
                      SHA1:D473BFE775E869A09C6079739692ED2578FA1700
                      SHA-256:B6E6DB1187B2ACF27AC1CC81E8EEFD091BF34E9FCAF0F04BCE7F0E5DA11CD61C
                      SHA-512:CFC38ED316B18164472A30618076EA149F762E154C5FBB243133F874747E2E8AF28499960322A2362F541BFC4327D62A2AA4662EAE300754BDFD23ADB64CF90B
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...@...@......iq....oIDATx..[..]e...o_{...N.....!..M.(...D....d.QA<.......2..Ga.$...P...-.H d#Kw.[z.~.......}...!`.0...Mw..~.........>~..1...1.....(d.....q..&.........[.1.a|..iF...f.. .o....]C....[........q.....A.6s&6L.J...aYE....f.Q....0uuu..&.o.....Z[.Zd^s?.N....5.g1V.g.x<......e....s.. ...~.y..v9.n..w...D2..X.B.0....?4.......>.[..W...~.....?N.p2.`|.....x.e..K/_..jjiLE........[.Ug.C....d.y)....8.....c.....=E.W.......d.....!...?2..z......}.&.....P.Y..k].9...:.....7p......d*..]p........_..v..S^$.q...e.j..2.<^/]{....e..........;...j...L..:.|.!P_......+.H`...J.....h:...z....3O.%..92....j.&F]aq.|..[a..Y0k.$.....p.a3...}.s..Z....".a.e.....L. %g..........?.^...{.b..'F3.~.....2...[q..4sJ....n...v;.l.r......`.1G...S..L.f@F1 .Jc2.....I..`<....Vlc&<...p...:}.Y.#....../..A...7.i.`.).....;.Np.m.%N........c.[...@.d_.?.@.@1!.....X<........~....w.B....................3fL..@...7.<.r:..P...:.A..............k?...3 ..dJiB<..X<...A:|....x......

                      Chrome Cache Entry: 160

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 35 x 25, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1310
                      Entropy (8bit):7.766384028147226
                      Encrypted:false
                      SSDEEP:
                      MD5:D50D47D9923CAF6F153ECA98B821671A
                      SHA1:BF5DBA0EA05880495C691ACE07E5334E85FF3E03
                      SHA-256:652AC68A5DB02C5283FC329528B4A7D5ECABEC88F4D49AEB5A60631C456F0CBE
                      SHA-512:990004EB4CDDA5EDDF77418C8853BE5EDF0C742191F5BB50E980F1DE60FFF7C98E4ED8D8CB8B17EC672E4759105E4F0AF555FD1FFD7100D8408D78DAA1D24AF9
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...#..........8......tEXtSoftware.Adobe ImageReadyq.e<....IDATx.V[H.U.^....%/X)6). ..1j....D.0..2..".=$.....LB!Rd..............BJ....E.3........+...mX.....k..[k.Jk-g......J).^..A.0~.K.c|..$.......}........J9...........O0W`.\.{...=._b.}.......CL..4.....@N.J9<<....7..W|..:....`?.a...jRRR$55U..........."""tFF..Jz~~>|qq.. .....02.A....&77W<..,,,HHH......p...+...j}}....b........-~6..{.A..III...'....T......dffj^\WW.....sz``@...$&&..w.#..1./.@.,.Y^^...>...#]]]...U"##.........m...T....v.%::...y.I|....NC.#.....^.......t.K{zz4..K5...idGG...-.X.4.....A.."0.|.#.'w@D.R....].....WWW.]...........Z... ..j.S.?..?!?.b..P...T.tpp ......#...B.........`.....dzz.Z;.........^.~...r..i...u1]....Kdff.WLjP&.....2..1l.@>.b.....e......Z..p...Bc.....7fl.7.. .#\v.......$.$*.7..G X..y..=......9..I.R..._.S....-..QDtHP.$9...g>.\..k..I.\dx!yB..67.BX...|.`...a....Fyx...h.7.< c&''}c....\p.. j4S.>n.E.=.p...A~GnrV...1...L.......B.8cBW.j.....#|.u...T(ma39.......

                      Chrome Cache Entry: 161

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1400
                      Entropy (8bit):6.954417504413543
                      Encrypted:false
                      SSDEEP:
                      MD5:6BD8543ABB382E162B5E8B1BC77FD527
                      SHA1:040998E7A237F93D8E38181A4FF11B4B43C009ED
                      SHA-256:B53F352BBA1DC48BEED06680F2F28C4FDA20F452F3E337890D1B455468E1C2AA
                      SHA-512:661AD9C2EE8080E8369F164DB8765534FA8509CBB1AA4B3390790C51805B5A4F54CBF037F8919F9B77FC37B5B84D69897D984556D65F49F41FBDEDE3A8191776
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/top_si2.png
                      Preview:.PNG........IHDR.............;.J....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DF4DB934E2CB11E2AC98DF8B3826C87A" xmpMM:DocumentID="xmp.did:DF4DB935E2CB11E2AC98DF8B3826C87A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF4DB932E2CB11E2AC98DF8B3826C87A" stRef:documentID="xmp.did:DF4DB933E2CB11E2AC98DF8B3826C87A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...F....IDATx.SKK.Q..s.Qqt..LE....].*\...~...E..}..6P....QGgt.....cS.....;.w.#x.....j..\.."......2.f3..t.b.`.PH/.JG.^.c

                      Chrome Cache Entry: 163

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):6630
                      Entropy (8bit):5.108846038361713
                      Encrypted:false
                      SSDEEP:
                      MD5:227B4EFD92735A5DC57DCEFF6361536B
                      SHA1:36EC9A976A74E5E387764C8E5AE56333E733C6B7
                      SHA-256:26B9E00213443AD97A65A6B6A43C34FEA09696540559B306D6246624931E6867
                      SHA-512:2A69727E7183F1E968848049D33B295959E5CDE5620537BDB4B6780988A1A0051973A641B6375495AA4DB73B530595746F404CC6ED12A072E5D6BE2B3EB752C2
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/css/reset_gzip.css
                      Preview:/* http://meyerweb.com/eric/tools/css/reset/ */../* v1.0 | 20080212 */..html, body, div, span, applet, object, iframe,..h1, h2, h3, h4, h5, h6, p, blockquote, pre,..a, abbr, acronym, address, big, cite, code,..del, dfn, em, font, img, ins, kbd, q, s, samp,..small, strike, strong, sub, sup, tt, var,..b, u, i, center,..dl, dt, dd, ol, ul, li,..fieldset, form, label, legend,..table, caption, tbody, tfoot, thead, tr, th, td {..margin: 0;..padding: 0;..border: 0;..outline: 0;..font-size: 100%;..vertical-align: baseline;..background: transparent;..}....body {...padding: 0px;...margin: 0px;...line-height: 1;...background: #fff;..}....body, input, textarea {...font: 13px "Trebuchet MS", Arial, Helvetica, sans-serif;...font-weight: normal;...font-style: normal;...line-height: 22px;...color: #727272;..}..../* Headings */..h1, ..h2,..h3,..h4,..h5,..h6 {...font-family: "Arial";...font-weight: normal;...color: #454545;...text-transform: uppercase;..}..h1 a, ..h2 a, ..h3 a, ..h4 a, ..h5 a, ..h6 a {

                      Chrome Cache Entry: 164

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text
                      Category:downloaded
                      Size (bytes):7215
                      Entropy (8bit):5.160920003483505
                      Encrypted:false
                      SSDEEP:
                      MD5:F337887E5ECBE7DA8651CBD51E6727C3
                      SHA1:ECFC411F7FB645A6D793DA0233C7E39363E14C82
                      SHA-256:0173B867AA0B0F3855728E8062B528DA52E2FF7ED55DF09D170F5999E6C3B45F
                      SHA-512:6E5E17C27B87198D4C7C1D15C8B272EAFB647D7883A0465290F79F974538527B1BA7FA02477C6ACAD6D2E367E729B644AE3D1EC95CF6D8FF5EA75FB8550A9ADD
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/mainmenu/ddsmoothmenu_gzip.js
                      Preview://** Smooth Navigational Menu- By Dynamic Drive DHTML code library: http://www.dynamicdrive.com.//** Script Download/ instructions page: http://www.dynamicdrive.com/dynamicindex1/ddlevelsmenu/.//** Menu created: Nov 12, 2008..//** Dec 12th, 08" (v1.01): Fixed Shadow issue when multiple LIs within the same UL (level) contain sub menus: http://www.dynamicdrive.com/forums/showthread.php?t=39177&highlight=smooth..//** Feb 11th, 09" (v1.02): The currently active main menu item (LI A) now gets a CSS class of ".selected", including sub menu items...//** May 1st, 09" (v1.3):.//** 1) Now supports vertical (side bar) menu mode- set "orientation" to 'v'.//** 2) In IE6, shadows are now always disabled..//** July 27th, 09" (v1.31): Fixed bug so shadows can be disabled if desired..//** Feb 2nd, 10" (v1.4): Adds ability to specify delay before sub menus appear and disappear, respectively. See showhidedelay variable below..var ddsmoothmenu={..//Specify full URL to down and right arrow images (23 is pa

                      Chrome Cache Entry: 165

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):2532
                      Entropy (8bit):7.5695863641020065
                      Encrypted:false
                      SSDEEP:
                      MD5:D0935324B48240317B50FE6EA099B0F9
                      SHA1:77F2002D4CCCFB4475707B17057FF317076EF5F6
                      SHA-256:A8C83968A805D951A8262B1580E16856984E41D253C5BEEC7017835DCBFFF25E
                      SHA-512:C391471FB66A8AB6D0414F09262B0804FC95D1744E63853D698B5FCFFFBF55E872DB5CDD25B15797E82A89B69EB432ADE782F3E1821638E33F154EC66BA46BDC
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/host-includes-icon1.png
                      Preview:.PNG........IHDR.............;0......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:7C0B8499E46211E28F5EBCAC7CDA5A39" xmpMM:InstanceID="xmp.iid:7C0B8498E46211E28F5EBCAC7CDA5A39" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7AA1CB465FE4E2119FF2EE4D58CFE928" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......IDATx..W]lSe...o{..um7.Q.[.Y.6...C....#Q.x'

                      Chrome Cache Entry: 166

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):2415
                      Entropy (8bit):5.090209404343178
                      Encrypted:false
                      SSDEEP:
                      MD5:636B42352A470D61319A2E6E878F24C2
                      SHA1:347B92251E6BCBF6570F9074DD536360366EABAB
                      SHA-256:532B90B24D3ED2696331E46929E9A77D42A1C27D078B7D6667497080FB160160
                      SHA-512:25FCA720133213BDA6EB0D082F21F5DE4CDC53FDA9F548F17D9923CFE1FA757FAD31CB15AAA44615EFBD7828CC0A78571BB935A7CCB5CDF7859079E8C8EEBCEE
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/page/home.js
                      Preview://scroll up.. $(document).ready(function(){...//slider...$('.slider_button1').on('click',function (e) {... e.preventDefault();..... var target = this.hash;... var $target = $(target);..... $('html, body').stop().animate({... 'scrollTop': $target.offset().top... }, 600, 'swing', function () {... window.location.hash = target;... });...});..... ....var tpj=jQuery;....// slide banner....if (tpj.fn.cssOriginal!=undefined)....tpj.fn.css = tpj.fn.cssOriginal;......tpj('.fullwidthbanner').revolution(.....{...........delay:6000,......startwidth:1000,......startheight:425,..............onHoverStop:"on",......// Stop Banner Timet at Hover on Slide on/off........thumbWidth:100,.......// Thumb With and Height and Amount (only if navigation Tyope set to thumb !)......thumbHeight:50,......thumbAmount:0,........hideThumbs:0,......navigationType:"none",....// bullet, thumb, none......navigationArrows:"solo",....// nexttobullets, solo (old name verticalcentered), non

                      Chrome Cache Entry: 168

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):984
                      Entropy (8bit):7.735263361527396
                      Encrypted:false
                      SSDEEP:
                      MD5:A73BD6DF6CA28AAD4FF328911CF8E00C
                      SHA1:7EDFFA3641EA0EE5A302486035D795A1CD5EB5A5
                      SHA-256:32BAC65C869081C40BB243D665269295323CD383E00D0467C40C59D97B1B87A7
                      SHA-512:8C5CA63E4B92F6CAA078F20A44932F86522CC4FAF00FBD1E280F2EADBCAEF8459F72850F0FD0EC4B46D152B917C0A7C248211E26ED4622AAC863E774ADFCF81D
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............;0......tEXtSoftware.Adobe ImageReadyq.e<...zIDATx..iH.A...]K......*.Z.-......JW...n.... ..$....b3..P22.....#..N++Z"........e.v..C.?.y.g.y......D4G1F4S1.....8...-(<.0\;^..<P.nK..... ..f.7H.qcS.....v7..K`!........A...Z.Xp...n_.....0.G`c..$..A{.].&...w$u.F&...$..C5l..A=..E...v..d.[.r@..v.".....o..U....A...T.+R.....{.1.A_W..v./.n........>|..:./.d..Ve.x.-.s).,.N....L...J.<..IJ(,..H......c....^.K....q.u..t..r-..;.2*..!.iX.2..b.........=..|.X.7....G!.....ht..Zz.F..*.;..:....n...nqN9.....J....O.89(%...qm..aW...w..x...p.b...Z......N.....4..K=..*....#.r...dZm.m....s..........DQz....s"...<.....^..V+.D.\P....9|^..0$...l..Ql\.."...z.w.$r..e.yl..%.0.....L.R0../..<tfm.R...V...XO..JJ....8.>./.:..<......P..Z0(...fG+)'n/.H8.....C...`1B..wj.R.Q.25.5..B5.Rt...\..I.:M....)......../q=...........I.]...t...z.@L.w..I...f.u!..by...c..;../...(Wc....G>..g<O..Q.cZ..Jb.......(.r%......L.$..r...w...../....". z[!.....IEND.B`.

                      Chrome Cache Entry: 173

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):939
                      Entropy (8bit):4.811473071614874
                      Encrypted:false
                      SSDEEP:
                      MD5:668F5D40A0E1BA1AB13BBF104CBCFAB0
                      SHA1:5E40F241A3B84DBD159E86AD63789CBDA78431C3
                      SHA-256:56B9B957ED6E124B5059FCCF47C9820B5BEE5A5360C3F8C4399123FD928AB64C
                      SHA-512:511061D2201C463403E37D51B39364F3AC04F90089E303BDDDB0C4FBB2689A79FEA0C64640A980251149E25F5F2F72242EA0A621A30BEFBD08215E5A59BB81D8
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/accordion/custom_gzip.js
                      Preview:./* ---------------------------------------------------------------------- */.../*.Accordion.../* ---------------------------------------------------------------------- */......(function() {......var $container = $('.acc-container'),.....$trigger = $('.acc-trigger');......$container.hide();....$trigger.first().addClass('active').next().show();......var fullWidth = $container.outerWidth(true);....$trigger.css('width', fullWidth);....$container.css('width', fullWidth);........$trigger.on('click', function(e) {.....if( $(this).next().is(':hidden') ) {......$trigger.removeClass('active').next().slideUp(300);......$(this).toggleClass('active').next().slideDown(300);.....}.....e.preventDefault();....});......// Resize....$(window).on('resize', function() {.....fullWidth = $container.outerWidth(true).....$trigger.css('width', $trigger.parent().width() );.....$container.css('width', $container.parent().width() );....});.....})();..

                      Chrome Cache Entry: 174

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 270x270, components 3
                      Category:dropped
                      Size (bytes):5070
                      Entropy (8bit):7.486579518517788
                      Encrypted:false
                      SSDEEP:
                      MD5:A509DAAB56DE29A764762C2A9A3F97E0
                      SHA1:5AD5561AE27F623E2D1A9164F74FFEA162B3E087
                      SHA-256:492745496E88F96A10263A6DEC125E8FCC872184F3C611756CFB6DD56CA66A58
                      SHA-512:8D72A7F773603EEF10147DBAB8554E7D2969340174E38AB036B96451609BD7E2188B6C1EEDE125F27F0ABB5C8CB56F70EF5BCBFDD2222B2543AAB54C09B66980
                      Malicious:false
                      Reputation:low
                      Preview:......Exif..II*.................Ducky.......F.....)http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:581CC345DE6811E28DE2C4216B8D0DC0" xmpMM:DocumentID="xmp.did:581CC346DE6811E28DE2C4216B8D0DC0"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:581CC343DE6811E28DE2C4216B8D0DC0" stRef:documentID="xmp.did:581CC344DE6811E28DE2C4216B8D0DC0"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...................................................................................................................................

                      Chrome Cache Entry: 175

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:HTML document, Unicode text, UTF-8 text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):102
                      Entropy (8bit):4.748358249927075
                      Encrypted:false
                      SSDEEP:
                      MD5:2B222D3E6F15C9B6D6142B008A6E639F
                      SHA1:D12C41C9757EAB80F6A8995974D11AD3A6DCD6E0
                      SHA-256:625607C8CE9F2B0B1EB7232DDE49DD88D14ADF849178067F10B761657B215AE8
                      SHA-512:2F249A390FA5B9AF387F31E9469CD9E9126306E5DECE6186B151FE2D788620FFA0A41F1875B55B8A05391AF572C0EA10C402CB2162C7A35156CB48A60C17C998
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/api/display_login_info.aspx?lang=en
                      Preview:..<a href="https://console.ultraviewer.net/?lang=en" target="_blank"><strong>Log in .</strong></a>..

                      Chrome Cache Entry: 177

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 550 x 300, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):91952
                      Entropy (8bit):7.9928783603906775
                      Encrypted:true
                      SSDEEP:
                      MD5:2015E9C637B41F8123D0CFBD29BD1561
                      SHA1:B34D4332F819C70E28C6CF9E420EEABCBCD95F58
                      SHA-256:C79CFC4C349192F32BCC56FC95724AF748419B42AC8BED2B29DA3DA754806F98
                      SHA-512:DD896F78A59F0B16E5D5AD602F60E754BC02987FE6ED474BD27D00837DAB4CA455D7363AF6723225CAFA30CEA7F34B199196F42EEFE8AF3371DBBBEC53F12995
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/home/remote-control-software.png
                      Preview:.PNG........IHDR...&...,.......x.....tEXtSoftware.Adobe ImageReadyq.e<..f.IDATx..w.\.}&...{zr..`.s`.i..HY..m...t...{...w...{......9>.k..%J"%.")."A.$2..af.L..3..o|U.gz..`..P.>.r.o.[U.n..~....8...O6....@.u..........8........=..P....&..T.....].d.?..L....i.y...O.....B^.]4M.K.F._...i..g.'.^M.........a..7..z........9-0...q/...U.q..(V.....-..d&...'.[@X. ..B..@........0fW.R.I..>]7e..pp.S.D.EA2..#.N....r)..r.o..G.j..D./o.k...P$...C...y\.!...".....e.pH:.lYI...Q.n.[............q.c...;x.+;2.6..Dq...O......f...T\...$&.i...+.$j.Y#......z.-x.A.4?h.?3.K...v>.'...,J..X.5...hY......&}.N...-CY....].wd...+.......(...Pf;..kD.....M.u....T.7c..-.....>..'/.}.F.l.h...4........k[.{...-.....\..t.,RdF..D...C...gjj.===.q#..0;788...^<..CK"'..x..TM.V.A......I....A..5..Kx......[.....-....S.y.A.....H....{....#.z......g,.V.."..`L....Nln...&].2...~.K...g.{..;.?.&...d.ZR...mb&..7.G...[6.n.H7....I...@ .3.&...|..i...pa.x.....Ll..<....L`rr...V..]O~..W......O=....X..|:..A$..H.... .F<...

                      Chrome Cache Entry: 179

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (302), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):1168
                      Entropy (8bit):4.978415345967992
                      Encrypted:false
                      SSDEEP:
                      MD5:BA86141EAA9DF12545F94A14A3139E30
                      SHA1:D6195E6E93F576AA9E9055F0BE8DDAE255593109
                      SHA-256:E1BE0578A0C36063F6FDECBCFB2151F0BC8366610E9C13329F3FFFCC601F1453
                      SHA-512:FDBA49976D1554ADC5C0907AD512064877256E551DC05D3FEBB1B89AAC2D8E7D6B472A6C4AA52ED84B180B4CF2486D5012D5C9D7745DCF09ECC4B4CD1D318E4E
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/accordion/accordion_gzip.css
                      Preview:./*.ACCORDION */.....acc-trigger { cursor: pointer; display: block; margin: 0 0 0 0; width: 100%;.}...acc-trigger:last-of-type, .acc-container:last-of-type { margin-bottom: 20px; }...no-js .acc-trigger:last-of-type { border-bottom: none; }...acc-trigger a { background: url(../../images/accordion-ico.png) no-repeat 20px 13px; display: block; padding: 11px 20px 11px 50px; text-decoration: none; text-shadow: none; font-family: 'Arial'; font-size: 14px; font-weight: 600; color: #727272; border: 1px solid #eee; border-bottom: 1px solid #eee;}...acc-trigger a:hover { background-color: #eee; }...acc-trigger a:hover, .acc-trigger.active a, .acc-trigger.active a:hover { color: #25aae2; border-bottom: 1px solid #fff; }...acc-trigger.active a:hover { background-color: transparent; }...acc-trigger.active { cursor: default; background:#fff;}...acc-trigger.active:last-of-type { border-bottom: none; margin-bottom: 0; }...acc-trigger.active a { background-position: 20px -58px; cursor: default;.}..

                      Chrome Cache Entry: 181

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):3512
                      Entropy (8bit):7.7480698482352945
                      Encrypted:false
                      SSDEEP:
                      MD5:B196B88B4662F58284ABA1253D7632D8
                      SHA1:4FF42EFEE6F337D33C5531A5C862E692AEFA81A8
                      SHA-256:FBDC1C0B8C5AF97B7720C36F92E3AD0C899AFCEE96C1C0D49D9B3374D330FD2C
                      SHA-512:20F9EFC1846D666F3EAA3992383484CF22C9BA55DD7E5D5C7B4A3484280A546DE5785A44695849EFC8B042141B2ED5DE1A4518242BE868C4674492CC10C23CD2
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............;0......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:7CCA40BAE46211E28F5EBCAC7CDA5A39" xmpMM:InstanceID="xmp.iid:7CCA40B9E46211E28F5EBCAC7CDA5A39" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7AA1CB465FE4E2119FF2EE4D58CFE928" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx.|WyP....=.3.0........x.........u....r5

                      Chrome Cache Entry: 182

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1175
                      Entropy (8bit):6.623592656242711
                      Encrypted:false
                      SSDEEP:
                      MD5:B81ADF2DBC894795540510779E4EE5A9
                      SHA1:2569CCF0E3B481E6B9EE7BA6E559CDEF846C206E
                      SHA-256:DDB241AAFBBA62C3709C0A1C670362BF68079B1AA9EB2EBFB2BF741AD6FEB31A
                      SHA-512:7905E34533BAFA53940EB6C5BDDAA8991FDBDF4E4CDEC428B0E9AF4F1AF704D99D188D5023473FCF90692D83A345C733B5A24E0D310B81001B9DE119590433E3
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............Vu\.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:C6C1B8C7DE7811E2B408895C7451B749" xmpMM:DocumentID="xmp.did:C6C1B8C8DE7811E2B408895C7451B749"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:C6C1B8C5DE7811E2B408895C7451B749" stRef:documentID="xmp.did:C6C1B8C6DE7811E2B408895C7451B749"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>U.......IDATx.l.1KBQ.....Xj .!N9......@".\m.Z.....[A.V4..!..C...C 5.A....x..^...y.}..L...U.,....np.'<*...=.....p..{}g.

                      Chrome Cache Entry: 183

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 115 x 77, 8-bit/color RGB, non-interlaced
                      Category:downloaded
                      Size (bytes):16995
                      Entropy (8bit):7.978908836150592
                      Encrypted:false
                      SSDEEP:
                      MD5:13AFD4E014AB196A6C338E9E0C13A226
                      SHA1:773266E89C0A0095953CEBE1A84FDC31B19F8EC2
                      SHA-256:82DC5AA7DCDBF16D428984D5ABCF8C17DFDF046B6802ED7429477BF2265B8ED5
                      SHA-512:AE55CAC682008AB34E3F52344121D4256590F7DDCF83185DA93F6B1CCE25FDAE01DEF84334D57A07C53DBC78B93BC222CBE635DD8E71E1C98D082D8C135F37F4
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/upload/peter.png
                      Preview:.PNG........IHDR...s...M......Q.l....tEXtSoftware.Adobe ImageReadyq.e<...&tEXtCopyright.(c) Goodluz | Dreamstime.com.%s....*iTXtCopyright.....(c) Goodluz | Dreamstime.com......A.IDATx.t.i...y.......wu..==.p..p.lJ.(...eZF.C.m$0.D..?...g._."DP.%r.E....Y..2.p..u...k.u.o.....VU.tuOu-w9.=.......nOT|(..(.,..C.."...X.3M.5..o%.9=.?..C....u..I..$.!3.~/3y....z";.!c...r!............Y..I..j...G.,.+.z.0.zo:.ldR..FJ.Z...J..5K..........KQ.HL:Y.X..1.....J...Gb..(/rU.....R!3.A.._.).B..........Br..i.e..Z].d....?|.. dE>.=.c.$$.S..sdZ.\......O,%......Y...........O..i)Ea..c.iV$Y.aA...&Q......6..3.M..H&Y.....8.4U......../l^N..d.X...y.eY....z.))b.L..2..4.u.TI. \.w+....v\.%.....4..$.+F..Z..(....#.8.*i.Y.#.2..Sm..++$.RUFR...}.wf|....O..O.3..w~...G.3M.k....x..nj.n$i..Tl...I.7Q.j....?.@.uM7.....7..V.Q.y.,I.<?......tIBkh....(......@K.a....z,.....Wn...)...A".4..\cy,qI)'.u."6.!c.($."xs.W*A.....z>_9.i...D2.....7%.:.$Qu].....z%.cE.J...6m..$..V.nEJZ.?sl.v.#.~. .G{...M...u+n...B.qL

                      Chrome Cache Entry: 187

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 35 x 25, 8-bit/color RGB, non-interlaced
                      Category:dropped
                      Size (bytes):1619
                      Entropy (8bit):7.1020718457268215
                      Encrypted:false
                      SSDEEP:
                      MD5:CD86A0116D0E35DDCC39B978730CB494
                      SHA1:B7CE5A5818F4A66672F2CD3E35BBB702BD908172
                      SHA-256:76B50E1A0F5516AEA4343F9CC587AE51AD18776264C0265911DC7FF1ACBBC6B1
                      SHA-512:BD9A521FF9ACD1DE507FA02D22B0750299433B9DA4A0DBBDD3E09F888C6D4937DF78D8B5DC2B922703A220D545CE573862FBB9148D53205C5D72658356F4B560
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...#.........4Z......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:0A2A0620E2EE11E290D786F5D7F73E47" xmpMM:InstanceID="xmp.iid:0A2A061FE2EE11E290D786F5D7F73E47" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:503341BCBBE2E211A051C70423D089B0" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>).....IDATx..."A..G-.../^D...Q.E|.O....I..*....<xp

                      Chrome Cache Entry: 188

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:GIF image data, version 89a, 1 x 1
                      Category:dropped
                      Size (bytes):43
                      Entropy (8bit):3.0314906788435274
                      Encrypted:false
                      SSDEEP:
                      MD5:325472601571F31E1BF00674C368D335
                      SHA1:2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
                      SHA-256:B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
                      SHA-512:717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
                      Malicious:false
                      Reputation:low
                      Preview:GIF89a.............!.......,...........D..;

                      Chrome Cache Entry: 189

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):1522
                      Entropy (8bit):4.873258481997283
                      Encrypted:false
                      SSDEEP:
                      MD5:597C33E93F152B6CD4EA705FF053BB26
                      SHA1:291D765AA1268D0BFF5E9DED4C72E7AF477693B9
                      SHA-256:6F9B2D87B30EF2717353CACBA8082632E6E1376310E18C3F3428933BC9FBBB53
                      SHA-512:2E6B0F11C46E5132AF2BE4534BBA0CD6B9227A96112FA66B313F4D6740568D4E14569D8EB8AAB14C362A46DE7047F0CA1302753EFDC45303B78DE97CD77F8882
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/topmenu/topmenu_gzip.js
                      Preview:.../* When the user clicks on the button,..toggle between hiding and showing the dropdown content */..function myFunction() {.. //document.getElementById("myDropdown").classList.toggle("show");...toggleClass(document.getElementById("myDropdown"), 'show');..}....function hasClass(ele, cls) {.. return ele.getAttribute('class').indexOf(cls) > -1;..}..function removeClass(ele, cls) {.. if (ele.classList) {.. ele.classList.remove(cls);.. } else if (hasClass(ele, cls)) {.. ele.setAttribute('class', ele.getAttribute('class').replace(cls, ' ').replace(' ' , ' '));.. }..}..function addClass(ele, cls) {.. if (ele.classList) {.. ele.classList.add(cls);.. } else if (!hasClass(ele, cls)) {.. ele.setAttribute('class', ele.getAttribute('class') + ' ' + cls);.. }..}..function toggleClass(ele, cls) {..if (hasClass(ele, cls)) {..removeClass(ele, cls);..} else {..addClass(ele, cls);..}..}....// Close the dropdown menu if the user clicks outside of it..

                      Chrome Cache Entry: 190

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 35 x 25, 8-bit/color RGB, non-interlaced
                      Category:dropped
                      Size (bytes):2063
                      Entropy (8bit):7.401213742177446
                      Encrypted:false
                      SSDEEP:
                      MD5:1326EA82D42AB28D0076217901E0222D
                      SHA1:8847D056E73BEB618C6782967C591F4355E9479A
                      SHA-256:A939B691914713AEEBC11192C59BA524488E4326E9CF3E6C5A00836F6B20333B
                      SHA-512:BE628443AA7FA379298D1C525DC58789D65DA92A7A50BEEA5D2BB462BB64BAD032A3A4C4D148072861E0652542E7F3A55840991D179597AB4C01BEF8A625ECF3
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...#.........4Z......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:0B0099C1E2EE11E290D786F5D7F73E47" xmpMM:InstanceID="xmp.iid:0B0099C0E2EE11E290D786F5D7F73E47" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:503341BCBBE2E211A051C70423D089B0" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>O.Q....AIDATx..OUk..p.........%.0...:..*.;*.J.I.3H.h

                      Chrome Cache Entry: 191

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):608
                      Entropy (8bit):3.216928172084248
                      Encrypted:false
                      SSDEEP:
                      MD5:A6F22CFB8CF1AB3A85ABA371DE332F81
                      SHA1:402EA8055924D4E6FD038C2E20CC14B17EF5FAB8
                      SHA-256:ABB2DB2FE2FD3744C2E9E84DC57031DCB25E33CD6BD8510701F3BB68A699E9F0
                      SHA-512:72129C7A5E1791388FA0AB31A6B3FDAAF0A50024EA9C0648BA41719AF2EDDFC860FC1A2F43D864AA671D28EF248F606BB135635D2C2E4E3A54B4E0A507221EB4
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/mainmenu/scripts_gzip.js
                      Preview:/*-----------------------------------------------------------------------------------*/../*.SELECTNAV../*-----------------------------------------------------------------------------------*/....$(document).ready(function() {...selectnav('tiny', {....label: '--- Navigation --- ',....indent: '-'...});..});..../*-----------------------------------------------------------------------------------*/../*.MENU../*-----------------------------------------------------------------------------------*/..ddsmoothmenu.init({...mainmenuid: "menu",...orientation: 'h',...classname: 'menu',...contentsource: "markup"..})

                      Chrome Cache Entry: 198

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 35 x 25, 8-bit/color RGB, non-interlaced
                      Category:dropped
                      Size (bytes):1966
                      Entropy (8bit):7.357055028790166
                      Encrypted:false
                      SSDEEP:
                      MD5:AE87B55AFD85694DE521D941DCFC74C9
                      SHA1:6DA6FB53CB9DF1871882C76948C8A07B01F55D5A
                      SHA-256:5B4816757C6E466A26F48CD8294AEC25E9C01CFEA9F42BEB354C1151FBABA31D
                      SHA-512:0FF28AFA3B20CF93BE1B8D1F0AE72F3786EE808ACD9EF0FFB46506D88BD597E4946391E6909FBF140EB13336D91EF080F264823032B12A975E1891E4DA014B02
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...#.........4Z......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:0B0099C5E2EE11E290D786F5D7F73E47" xmpMM:InstanceID="xmp.iid:0B0099C4E2EE11E290D786F5D7F73E47" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:503341BCBBE2E211A051C70423D089B0" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.{......IDATx..YK+A....q_b..."QAP.$....../.!......

                      Chrome Cache Entry: 204

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):3538
                      Entropy (8bit):7.895435600841743
                      Encrypted:false
                      SSDEEP:
                      MD5:4F3CC6B56A414F24A2385835675E9F18
                      SHA1:9929EC20F8D0D87D4BC6810005A87683E8D1A378
                      SHA-256:8A52BF34158AB2A2C13EFEE50A861A84909214C6BFE7FD5BF5F8164A7FDC16F6
                      SHA-512:A5F94F1D7E93E84EDE09D84E7DAAE55A746ACB3966B48F990E2CF78650410D97D082A44483E1EE129053AA3CCCEDA1689C84A0714FF1EBFFCE68ABE45C72BCB6
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/logo.png
                      Preview:.PNG........IHDR...@...@......iq.....IDATx..ytT.........K..\B..E..FY.%....U.j)B .......#V.`.P.TP...d...Eb[.j..I.AMH...........m3..Ir.I..d&o.....Q.........q7.c1.4."..1.k{.m^J...P.\.C)m.D.K.h..ec.....^p.t.[@..LH......)....q...7..ao..D.(4..nI.>...v|.X./...<....4..3At!U.5(..>.~$c..5.T}.>.pD.I.......Uc..........R..$.....u.8.x...*....B...N.e.B........D...}....P3.b...8~..qM8Q.c.W...oJ._Hs...`..4..".(..../..k...k.@|...z.j+.{.#.3A..G...E..j..4.0....Bb DI..1...q..1.......4.....S.o..j.(..(...........T}M..H...$I...kX...>.......#...0.v.\..&....n....\.:.jt..[..1.....^o.....).0r.a.!....>I.u.(.....Q..T..KP8....ATb...n.......e..9...p.6.?..H....P....R..qAy.$.........$....E...+.W.q ~.osLb....7.=B...;.t....50......g+@.......!.W.....hP|..k..[.#....9&0....^.......(.84..tn..8.xd..>nTK.. H..v?.P=.bv...h.."...9"|&..a...b..+.....7...:!L..u..X....D..D.x........Ff.r\.x..0.b..b....?...BG.y..q..\.i.....+.$..t.qU.[.#.....7!.:H.{.........Q.h`&.+.....':...]..@.S..

                      Chrome Cache Entry: 207

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 7 x 13, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1030
                      Entropy (8bit):6.170982116501406
                      Encrypted:false
                      SSDEEP:
                      MD5:3BC82BD71FC748CF23A983E8E57660EF
                      SHA1:D94F59E6C5908A4ABE50C27A703D0FDD44AAD351
                      SHA-256:C9835A208A1374F1F771422C39248D529D254FAA2700BD31163238861628CF67
                      SHA-512:DADF00FD24046F213BB5733F93B7DE357963ACA6988B7461AB4A9B4629861F93B8D0715EC47637A3649E46D44BD62DCCD62D40FB91E7A7EB8865B0E46EFB3C9C
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............e.t.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:4F178D5BE46311E296EBE2656F7499D3" xmpMM:DocumentID="xmp.did:4F178D5CE46311E296EBE2656F7499D3"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4F178D59E46311E296EBE2656F7499D3" stRef:documentID="xmp.did:4F178D5AE46311E296EBE2656F7499D3"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>"......|IDATx.b....]...H >....X......6I.0..5@..M..4.x%..`...}.. ...@..g....8...;..._.$?.q.._dA.x...Nt.}..h...$HG..oG...t.

                      Chrome Cache Entry: 208

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x500, components 3
                      Category:dropped
                      Size (bytes):89998
                      Entropy (8bit):7.7703144669901265
                      Encrypted:false
                      SSDEEP:
                      MD5:CB5F7B7505CA66395E428A9970213842
                      SHA1:96362C405BCFC06D516C89A33B9751C572092171
                      SHA-256:C2A14AFD5DEE17CC57D760172676BD2EE713DD3FEBDFE7C8238D8EDB553F281C
                      SHA-512:A927A1BF63AD1F495E97240611211AB8A41B74827477FBEA6779F853CF05C6A1F118A4A6C929AE71046869F98DF1606AC21EC0BF95960D4D518B957520C5DACC
                      Malicious:false
                      Reputation:low
                      Preview:......Exif..II*.................Ducky.......F.....)http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:B113E3D1DD8F11E299B5CE635A2CFA4A" xmpMM:DocumentID="xmp.did:B113E3D2DD8F11E299B5CE635A2CFA4A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:B113E3CFDD8F11E299B5CE635A2CFA4A" stRef:documentID="xmp.did:B113E3D0DD8F11E299B5CE635A2CFA4A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...................................................................................................................................

                      Chrome Cache Entry: 209

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1163
                      Entropy (8bit):6.497589605042422
                      Encrypted:false
                      SSDEEP:
                      MD5:872ED6CEF414E3C6DF614A7BE0EA4AC8
                      SHA1:F11ECB3D41596BEF991324C65028A26E56125AFE
                      SHA-256:87E631D2270CC22B151FBB427232C7F34382C59A4554187BDA843D7F7CD3D7CC
                      SHA-512:AC0E33D2B734022E0B8DEA9B48626E32E32DE2BFCEC79F48210752EE3BC5E71C58E61003B93CCB3CB9C58A1E3802D89ABF8896D958567AC06F4A90665B14836F
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............V.W....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:D3FD7C91E00911E2AC9EF0B5E9A55B9C" xmpMM:DocumentID="xmp.did:D3FD7C92E00911E2AC9EF0B5E9A55B9C"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:D3FD7C8FE00911E2AC9EF0B5E9A55B9C" stRef:documentID="xmp.did:D3FD7C90E00911E2AC9EF0B5E9A55B9C"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.>3.....IDATx.b...?....b. v.b3 V.....S@......7.] ...+...O......E6$....'.\..A1.DC..s...E.w.y..dP.......... ...;..@..0...{

                      Chrome Cache Entry: 211

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
                      Category:dropped
                      Size (bytes):929
                      Entropy (8bit):5.797039716721852
                      Encrypted:false
                      SSDEEP:
                      MD5:CA73A5D0BA52C0E7E0F04FF587D249E2
                      SHA1:EAE45C23B81203553AA1F842F121A4D02AA52707
                      SHA-256:1F0372A3DEC4494A341BF343766F249A3EE22C42756606CD98458D1F901E7DCA
                      SHA-512:9C1C3124B6C3C0B33BFB064EC7557C1D5F12E9863B4DC94C546B05D77CDA50BC36FC7CBBB540DE29374B5A54AB7A1881CC38F4A3EC71B882C81408029F05D8DD
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...............s....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:CD26C533DE7B11E2AE0CBE91FC64DAA9" xmpMM:DocumentID="xmp.did:CD26C534DE7B11E2AE0CBE91FC64DAA9"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:CD26C531DE7B11E2AE0CBE91FC64DAA9" stRef:documentID="xmp.did:CD26C532DE7B11E2AE0CBE91FC64DAA9"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.v......IDATx.bTTTd```....R........>&......IEND.B`.

                      Chrome Cache Entry: 212

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 160 x 45, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):4655
                      Entropy (8bit):7.852389508420169
                      Encrypted:false
                      SSDEEP:
                      MD5:32C4F5E837F29EBED047DD5DC206B230
                      SHA1:196BCCB1B565C6AC2AD46B9ACD95D9F55BD03AA6
                      SHA-256:EBE860B774EFA92FA1E39D95D99AA8ED4A4D81502CD228FB642E6D414DAD917A
                      SHA-512:F0914F184523535C3D7D6595821AFF28EDA32F9E56FA9D4142158E95A4293EECDCDFAC7DF8F1C59A8CF67A9A8526A73B1B3596D72F915C123E7B83CCAB04D784
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.......-.....).`+....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:FC777C5DDD9311E29C80CA7181E8D864" xmpMM:DocumentID="xmp.did:FC777C5EDD9311E29C80CA7181E8D864"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:FC777C5BDD9311E29C80CA7181E8D864" stRef:documentID="xmp.did:FC777C5CDD9311E29C80CA7181E8D864"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..D.....IDATx..].]W.^..//....h..H...qjZT..?.....Y...D.:..J.......@jI!d...P,.*4.......?.}9.....}.{....{...k.....~..

                      Chrome Cache Entry: 214

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 19 x 90, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1034
                      Entropy (8bit):6.132147235897752
                      Encrypted:false
                      SSDEEP:
                      MD5:F82715D2DE9891AB0C5E1B5FAF722C09
                      SHA1:B7DB36D46EBCF4588AAD25E26363A467D211E737
                      SHA-256:899AE59966E4EBE8902F5CD90876DF226CEB485D3472E058BC6C0D93835E8910
                      SHA-512:AD940B633A1D2B48764FE5B217195F801934CE64C9A75D76ABBD356D32DDBB71874BA9BEF57F139E01F8902CCF4B88FDFEB994DEC4C9ACD67D15CB0A4D327A85
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/accordion-ico.png
                      Preview:.PNG........IHDR.......Z.....Z.mh....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:050FED55DFA611E2A807FF0A3DEF0726" xmpMM:DocumentID="xmp.did:050FED56DFA611E2A807FF0A3DEF0726"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:050FED53DFA611E2A807FF0A3DEF0726" stRef:documentID="xmp.did:050FED54DFA611E2A807FF0A3DEF0726"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>e......IDATx...1.. ..a0\......L....DB06.DM.76...NDU..)C...........}X}..Z.Y..x...g.fFg``````````````.ciZ6.V.....`.G..

                      Chrome Cache Entry: 215

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (44227), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):44511
                      Entropy (8bit):5.1411490825856765
                      Encrypted:false
                      SSDEEP:
                      MD5:2A6AC298FB4709F2FA5E27E22D1B6DE9
                      SHA1:0EB9DE61DEAB30DEB608AD9A03161FCA4DB385F8
                      SHA-256:780C9A5870BD05C9DE1E8ABB4CCA1814D4C601C5A12F311FDBF9839F0378B430
                      SHA-512:8DABB888B313B7164F9B9D415AAE475BBD99E95E9538982BB941354B06B1ADCAB3258B0B62F39B702161895856AFE071859818AC06F55FFC322CAA5DF191770E
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/css/style-min2_gzip.css
                      Preview:figure figcaption{text-align:center}#logo{float:left;padding:0;margin:0;height:90px}.site_logo{padding:0;margin:31px 0 0 0;float:left}.site_logo h1{padding:0;margin:0;float:left;line-height:27px;font-family:'Open Sans',sans-serif;font-weight:700;text-transform:uppercase;font-size:34px;color:#25aae2}.site_logo h1 i{color:#454545;font-style:normal;font-weight:400}#site_wrapper{width:100%;margin:auto auto auto auto}#page_wrapper_full{width:100%;margin:auto auto auto auto}.container_full{width:100%;margin:auto auto auto auto}.container{width:1000px;margin:auto auto auto auto}.one_fifth,.one_fourth,.one_half,.one_third,.three_fourth,.two_third{position:relative;margin-right:3%;float:left}.one_full{width:100%}.one_half{width:48.5%}.one_third{width:31.33%}.one_fourth{width:22.75%}.one_fifth{width:17.6%}.two_third{width:65.66%}.three_fourth{width:74.25%}.last{margin-right:0!important;clear:right}#access .menu{list-style:none;font-weight:400;position:relative;float:right;font-family:'Open Sans'

                      Chrome Cache Entry: 216

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):3339
                      Entropy (8bit):7.931285889033341
                      Encrypted:false
                      SSDEEP:
                      MD5:D8F5E1C99D59C75128816E331F5106FF
                      SHA1:864452BFC38E3FE55B9C4F0E7624FFC0E24C4846
                      SHA-256:C9B8F512922531CC744F402D004723419EC384BF8EA4FDADF03C4C0A01F729B2
                      SHA-512:5246C03B2A1AD425336E0286FE42286F7DAEC33FD410EA03FA95CC8D840A2127AECF59A6F5775FD37DE01991A4D7D636D00F7E45D8A670BD6A2A2F3187F80F45
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/home/global-icon.png
                      Preview:.PNG........IHDR...@...@......iq.....IDATx..[.tT...i...@BH.%..PA.*..HG@A.."MC....C(.........."|.K..bB.$..>...L...$df.!U.{..2y....w.9...F.{H....L....>.g"..=t,.\}.....3....O.sM....AG7"....H.KM...Hh..D..jz45..& ...5_.......EM.1...xL.c.......2.@..!.w...J./*,D.*.....'^G.F..!.....;C...2.@...pmF..nP.Bjm...7.a..0....S.>.CJ...y@S..&.!O"..id...E.=......../.`.T.n."..W....~}F ...0.h..d.85...k.@....b..=..rt.}...h..)?...ow. =.J....../V"..w.m..w..a.....g.p.,\Z0...W!wv..K...B/.."P..T{.P.u.C...>...-CAF.^$h:c=.].....?L...`.>...f...c......x..|....B.........u.......*q.....1...D...,.......H...X.........1.}MD.U|.B.C.q...C....O.....a..D..O.......@....]....(|.0..W=../#...9....Aj.....!k......6%..u..i..C.~...E.#t.V1.R.9X....M...n^F.5G..S/...(rZ.B.p.h.F..#7..n..^.9.<....g....QF..N...O.9.%..vW?.V.~p...1.g#..q.m...x2b?.&..H.l....!jJ...e86n.....j"....>.t.B.._..;.p}.B..\........w.^7G.#d.."..$..c..z..G.3.X<.......Q....d....m....]v:..o..........!...TiC..............

                      Chrome Cache Entry: 217

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 35 x 25, 8-bit/color RGB, non-interlaced
                      Category:downloaded
                      Size (bytes):1853
                      Entropy (8bit):7.287191849400952
                      Encrypted:false
                      SSDEEP:
                      MD5:5E04DF32271DB274156751C688DA3411
                      SHA1:D564EB3E367E02D2F8DC06067FA07956757977F5
                      SHA-256:3A897796AC049564F0252EE502283026A7970D5847E3D8A5F1A18E28BC29C12E
                      SHA-512:E03094EB04266D1FF46D2EE380D0C9213CF3F6DEE95755220FCA1B22BFF0C723FB65A87752DA1CF6DA37191A8F1DEB67CC16E271C3D5AE14325BF7913E93179B
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/site-icon22.png
                      Preview:.PNG........IHDR...#.........4Z......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:0A2A061CE2EE11E290D786F5D7F73E47" xmpMM:InstanceID="xmp.iid:0A2A061BE2EE11E290D786F5D7F73E47" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:503341BCBBE2E211A051C70423D089B0" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.J.H...oIDATx...KrQ..z.T...^i.*h.B.....-..Z.Z.I..(?*

                      Chrome Cache Entry: 219

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (1632)
                      Category:downloaded
                      Size (bytes):23268
                      Entropy (8bit):5.358541206794557
                      Encrypted:false
                      SSDEEP:
                      MD5:DD07D087F2D8A90710AA028C7B813AB6
                      SHA1:314ECB775E3ADCEB95C436121EC776D645BE06C9
                      SHA-256:195354A23B1FDD59189B86BC6EEC46B02F52EF00833D1C453D537FE7C667787C
                      SHA-512:C1469DC582A66AA8DEE4708E9B7470DA45EA3BAF124F239722D0FDD8F2587B670748123B0B2917DFE2FB1C867AB97E895572F74401A514383E7ABE4268A17C2D
                      Malicious:false
                      Reputation:low
                      URL:"https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap"
                      Preview:/* cyrillic-ext */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek

                      Chrome Cache Entry: 220

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
                      Category:downloaded
                      Size (bytes):48236
                      Entropy (8bit):7.994912604882335
                      Encrypted:true
                      SSDEEP:
                      MD5:015C126A3520C9A8F6A27979D0266E96
                      SHA1:2ACF956561D44434A6D84204670CF849D3215D5F
                      SHA-256:3C4D6A1421C7DDB7E404521FE8C4CD5BE5AF446D7689CD880BE26612EAAD3CFA
                      SHA-512:02A20F2788BB1C3B2C7D3142C664CDEC306B6BA5366E57E33C008EDB3EB78638B98DC03CDF932A9DC440DED7827956F99117E7A3A4D55ACADD29B006032D9C5C
                      Malicious:false
                      Reputation:low
                      URL:https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
                      Preview:wOF2.......l......D...............................O..B..h?HVAR.x.`?STAT.$'...0+...|.../V........+..2.0..6.6.$..`. ..~......[B4q.....t..P.M_.z...1..R.S*...u.#..R....fR.1.N.v.N.P...;.2........!Z......Qs...5f.G.K.an2&....2...*......C.H.t..N!.....nh.<(.vN.....j.._.L.P.t..Ai.%.............._I.i,..o,C.].H.X9.....a.=N....k.....n.L..k.f.u..{...:.}^\[..~5...Z`...........`!...%4..,...K0..&.a/....P....S....m.Z......u...D.j.F...f.0`I.`.`.h#..)(FQ.F!o$........S.).MV8%Rh...r...x...T]$.=......Y...!.3.&U..."....Q....{.l/0..d..4iJ/..}...3....i[Z..NG.WD...>.[U..Q.h..@m.=..S...1C2...d...<..v.?.q.f..n...OUz.....&Z......Z."..N.....n...9.B..C..W....}...W..6Zs.i.+Z........jB.n..x.8M.....q..@I....-.%..,C,..K..#.2...4)/.v_..x.<....t.....%[.4?.=j.V..jj''..W.u..q....I.L.=......E...\.M.7{.>......W........C.`...,9$......\..o........y...4A..m.P.,X..=?.:................wF`..+.P..........M!.4.......l.>M..t.ff5r..^..Z.g...!fA,hIIQ...e.R>B.AH.VuX..>..\.=.ky...1>C....>C.c.;...6D.

                      Chrome Cache Entry: 222

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Unicode text, UTF-8 text, with very long lines (1460)
                      Category:downloaded
                      Size (bytes):1568
                      Entropy (8bit):5.277214456604328
                      Encrypted:false
                      SSDEEP:
                      MD5:ACBAF6DA269779456F80CF69E9195756
                      SHA1:385B3FFE56175C1C388D29EFB78831C57AA6609B
                      SHA-256:2F52DB50D5FE2A2C78CA08850BCB12C93016BF7BA856BE8422995A9F1732E763
                      SHA-512:E5FEEBB09F8A67C56B4001D2511F6916AA884864900EA69F789EE98BBE7635CBF621714DF937D15B5E7BFB5B771306503D88753C986537795677EF6115992E90
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/mainmenu/selectnav_gzip.js
                      Preview:/*!. * SelectNav.js (v. 0.1). * Converts your <ul>/<ol> navigation into a dropdown list for small screens. */window.selectnav=function(){"use strict";var a=function(a,b){function l(a){var b;a||(a=window.event),a.target?b=a.target:a.srcElement&&(b=a.srcElement),b.nodeType===3&&(b=b.parentNode),b.value&&(window.location.href=b.value)}function m(a){var b=a.nodeName.toLowerCase();return b==="ul"||b==="ol"}function n(a){for(var b=1;document.getElementById("selectnav"+b);b++);return a?"selectnav"+b:"selectnav"+(b-1)}function o(a){i++;var b=a.children.length,c="",k="",l=i-1;if(!b)return;if(l){while(l--)k+=g;k+=" "}for(var p=0;p<b;p++){var q=a.children[p].children[0],r=q.innerText||q.textContent,s="";d&&(s=q.className.search(d)!==-1||q.parentElement.className.search(d)!==-1?j:""),e&&!s&&(s=q.href===document.URL?j:""),c+='<option value="'+q.href+'" '+s+">"+k+r+"</option>";if(f){var t=a.children[p].children[1];t&&m(t)&&(c+=o(t))}}return i===1&&h&&(c='<option value="">'+h+"</option>"+c),i===1&&(c

                      Chrome Cache Entry: 223

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1234
                      Entropy (8bit):6.696448744876896
                      Encrypted:false
                      SSDEEP:
                      MD5:8AA5F3B891BF4B114DF1BAA8ACA7A441
                      SHA1:42DDBE46BB195746D9EE72D6638BF84FA1C92481
                      SHA-256:F4C5FD42C0DAA8171A5D8ADE2263478A09474E8B185F101153D9844C77E85EEA
                      SHA-512:07F5955DDFCBD98EF9B672B1927199E710B4CB6E3947F4F052EBF2C1CCE6C20DCFD0DBD9B6420ED5600DF64C4DA9269ECF4EA5E1ACC2D7BBED6C676954DD53FB
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/social-icon6.png
                      Preview:.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:E4AF1BD9DE7A11E296FFB06E23A5AACD" xmpMM:DocumentID="xmp.did:E4AF1BDADE7A11E296FFB06E23A5AACD"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:E4AF1BD7DE7A11E296FFB06E23A5AACD" stRef:documentID="xmp.did:E4AF1BD8DE7A11E296FFB06E23A5AACD"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..j....HIDATx...OD.a...wk....k.^.:M.d;u.H..eY...(...u...)...).2D..e...%kW.;}.<.X...[=|........$<.3...S.......s7f.W.`.K{

                      Chrome Cache Entry: 224

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 76 x 40, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1596
                      Entropy (8bit):7.151444646451189
                      Encrypted:false
                      SSDEEP:
                      MD5:A73D083C9CA27C6CC3312BE0B29E28B1
                      SHA1:AE45D2D4308097CAF99CC8CD12C99F1BCD38CFE3
                      SHA-256:CA09FEF27EC6D871E7A6B03E0EA403AE1482340DEA75D3FB0FE53D44871C21A2
                      SHA-512:6D56CF7D81E473BF11F46604BF58E624CD00613C2721BE57E5313847C4E85F78B5B937986A04D7171D35620655A59664BC4F03322F5D50A7B1364641D5E8226C
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...L...(.....T..g....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:91B83A65DEE211E295E5C638C09D3E8D" xmpMM:DocumentID="xmp.did:91B83A66DEE211E295E5C638C09D3E8D"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:91B83A63DEE211E295E5C638C09D3E8D" stRef:documentID="xmp.did:91B83A64DEE211E295E5C638C09D3E8D"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.h......IDATx..Z.m.0.........L.y...XO~M;.........I'.3A.....N....8...U..... D..#...$x~.\f.9>).J....)aJ.B.S......~...H..k/

                      Chrome Cache Entry: 225

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 260 x 140, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):11121
                      Entropy (8bit):7.972660517942987
                      Encrypted:false
                      SSDEEP:
                      MD5:4851B487C31DA32B55989E722C66F0C4
                      SHA1:BBEDF4ED76174884265B65C5E5B458C5C7E99954
                      SHA-256:783640C01962E7D0D5783D2281DBD3C22C9107403A8E0464D9B853EF04721983
                      SHA-512:6BF2AFA750FDEA28C746250F7A2DBDA8BB8396B2DADD2B7189E0FE4B590D18022AE50F709EFBDB8E9271D3E50DEF0D094C19A0664E73AD3FDD1115DA83C88082
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/website3.png
                      Preview:.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<..+.IDATx..}....u..Y...v%....B.[`..m.#l.....}!~.K.>'....Yx&_..`'1y.........2......X%. ...6..n..t......g..;=.:..f....:..s.,.c...)RDIS].H."....)R..H."....)R..H..FHO{......O}f....W., .qt..K0w!..l@(..Cq3.DM...}..c......Ky..$......Z.0*.......?..y.9oX.]z..y..../?{...\q`./......U...C5.2..L....._z...._.Q....!......tC.$.,@dP...B.|b:..f+..R..3.y...=.... x<.$.,.G.).......6...7.Uq.9.D..Y..a..U..o.|.!.7..DQ...8O ...i.yw...P5..gt(...^|.E..s.=...O.B"...n_z.......#....h1\y.p....AeY8,..e.N.yL<.%`....... ...uOn....C.kI.,....l.v.8..k...../..2......!_(........o^..7.).T.P.>...~.....k.....;W.)....V.....|../.k.me....1?x....z&e.]...n.:}..T.0M.......\ .."(..d.Y.H..}q....u.g.w|...p.B....T......v.[....... ..={.U*.K......G./._..%p..nCu,..x&..G....ud...o.................}.i.av.l.V.D.>.k..c....R..H..k.5F...Y(.....0E..8&.K.ZuN#m.o*...R......+.T..?...R#M.....r.j.0..f.=/.....h{d.D.S..7p?.*8

                      Chrome Cache Entry: 226

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1676
                      Entropy (8bit):7.821386022511317
                      Encrypted:false
                      SSDEEP:
                      MD5:3F1EB31C7D45216BD08BEA45BE496351
                      SHA1:EEA78093AFF84F9B92F560C258335847A16C0F14
                      SHA-256:5D2CAE116D6B7B9E3AD6BD9C0D9F060D33028232DC800F169E9D474C7745FF3E
                      SHA-512:B336D10165F30C40CDDE9691450BD59C8324C32823C0C4ADE8B2067E43D40DD0CE8E7C2A79AA493DECEBBAAD37FF1C30759BFF0ED25043FF901E2FA7F3BEA72B
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/greyscale/user-group-icon.png
                      Preview:.PNG........IHDR.............;0......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..IL.W...{...AEq...ZQ.).....h.EYh..m.6m...T...6$m..m.PuaB..0.F..eCP....8."..*.....{}.....r..9..........3{%.,.Q....DGGw....EFF6ko.....a.7r..>v....c......O......>Y.f..^........\.b...k....Xr.!..#""./Y..u..f....k...W..G......@C..5.....9.bccmll...{'........w...^...Z.*=##.>}jSSSNV..'O.......+.....".].re@.L.!)J7+....c.o.>.....,_.....;@.(.q.y.n.1.......OO.?m;....&&&:P.P...1)Xff..]..1..gK.}f9k...n...Zxx....X||........>=.(..x388.D....l+,,ti.......R."......0Nj.,X`J...q.].|..?...\p4.BS.'..v......oD...m..........v..E.....t..pNNNLYYY........m.E6..|....s..?nUUUC..<(.^s0bE.#......l.X..@RN....x.MDZZZ.y..M.Ler...C..l.b...;}.t......]Z..!.b.`..~?.dG..qQ.......N......s..l.=v3..d......Ku..>..t.=QD.C...{.Z{{{0*....:.v.r.&Z:..z...b.....Rc .......3-'O..a.h..=j.... d.{z..f.....J.kjjj.>8^..p......I5......[......3.D...n.ms$...8d..N..K..}pf...+W.....Z\\.c0.8.,X....8....)..6. .7..

                      Chrome Cache Entry: 228

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 167x150, components 3
                      Category:downloaded
                      Size (bytes):8840
                      Entropy (8bit):7.930078781050075
                      Encrypted:false
                      SSDEEP:
                      MD5:56FC20452D06B35F3C6921A3171BF222
                      SHA1:277025F0FD6AF4A69224C0CA492ED972D9B99E04
                      SHA-256:D32B2C3E1ADBF5578E631E2B997ED29F7B59AE0A55D1602207C8329923394E02
                      SHA-512:DF43CD2B47C82E8DA830D5D46E91B74900472F41F86035B08F655B06C093B066412B9AA2860CAE3B8967160EF997D72C5DFA4ACD8160527D97035CB74EBFF084
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/Late-Boy-Running.jpg
                      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.............................................................................................................................................................................................................................................!.1"..A.Qaq2B#........R3$.br....CS..4%.......................!1.AQ.".aq.....2.....B#.Rb...............?.................Q.O.....i..3.{.[..+T..Q!.F#r.DR.l<.U..O`.roz..J.b...{NR.e.....C.I.S.%F....V.7d....\...=.A.......w..;....X}.~..B....-W.TF..\).j0.M.IK7.fm...9_RO.N..bo..g.E|I.k.k..,*wVe...m...5o..?.A.....M._.E.*.Z.I.egSo...e....6.e}..u.O(.D..v...].....................Z....c....'j.L.z...<...%[..).P...> .W...t...p......`,.b..#.I.C[...BW.`2..N.Y.......f.._....]..r......uH.......&J.u..A.h...;...Goj(fc..5.%y..sx.M....S...e..K.Q$..w8..-p._(..-jc.#._o.J..I......9...U.'s......tX".......u.Y.J.:.Mzx4.@4.@4.@4.@4.@4.@4./....d..w.F.s..b&*..:zJ..f..7'..F...S.U..;.+.."..`..9.U..N.Um...5

                      Chrome Cache Entry: 229

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 2 x 90, 8-bit/color RGB, non-interlaced
                      Category:downloaded
                      Size (bytes):960
                      Entropy (8bit):5.956407553486782
                      Encrypted:false
                      SSDEEP:
                      MD5:074A7A7F90B8A4DBECF62FCC758D9C97
                      SHA1:F8369E86C5A27ED91932D3AA217CA27D4ECFEBD5
                      SHA-256:24AACBD3D9A515B670FDF18E2A0FAEBD26A3B06C5F035B09D5309E425CD12679
                      SHA-512:0FE7FE07D352CA90E63962610AE934F4885645435B7C4F8B7F479DC25FF042069B3E413071CA27D368B49949F28790B151F2AC6EFB3CFF039E10D2214D8CF5E7
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/menu-bg.png
                      Preview:.PNG........IHDR.......Z.............tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:E89E30E7E51C11E29838932712D4CB47" xmpMM:DocumentID="xmp.did:E89E30E8E51C11E29838932712D4CB47"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:E89E30E5E51C11E29838932712D4CB47" stRef:documentID="xmp.did:E89E30E6E51C11E29838932712D4CB47"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......6IDATx.b...L.`@...TM.J.h...Z.=..S...K.T.M.B.."..(. ...I'....i....IEND.B`.

                      Chrome Cache Entry: 232

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 160 x 45, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):6279
                      Entropy (8bit):7.904507418921273
                      Encrypted:false
                      SSDEEP:
                      MD5:D82EE81E8A874DB52A10B96A0A8982A2
                      SHA1:4B58F655D2920D6FA8D7FFE694D11B2B643AE14A
                      SHA-256:F2C565B92D3F5BA043186E417A1A2DE10F6FD22DAD0BBC0AD71A35869947FCD6
                      SHA-512:E4E73AD618B094248E4F9B716DCE21B2C3D22F77608F739F71D3DB55F48BEFF3A48E25CF7D654F06A488FAF95FF88A41F99C9C9E4CF99D19938365C946FC8D9F
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.......-.....).`+....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:08502B8DDD9411E2B41BF2844BE0EA3E" xmpMM:DocumentID="xmp.did:08502B8EDD9411E2B41BF2844BE0EA3E"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:08502B8BDD9411E2B41BF2844BE0EA3E" stRef:documentID="xmp.did:08502B8CDD9411E2B41BF2844BE0EA3E"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>B.H.....IDATx..]M.m.Q...vw^L.......D.t0f...!...@AA.....!db@...2.L...ADqh.i....(....1...........:..w{zO.y..}.^?.j.U.

                      Chrome Cache Entry: 234

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1774
                      Entropy (8bit):7.284770016089314
                      Encrypted:false
                      SSDEEP:
                      MD5:D673A70A94A7D2BEEA8A141487B1C91A
                      SHA1:88E706C86DA9771E7041059079299EDFBCA2DB2A
                      SHA-256:D8216E0CDF56BE6E2FC954F27FCA881EE637A4F7EADDAD4024309675AA97D3F5
                      SHA-512:A72A092751E0EFD9145AB93E3EFFADCF0B71939FBB3CCD9A4E955FBF9D08F534CBDFC993B54A60BFC72602EE455227A97D04A4647537397B73FD6F0D907E760B
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:214D466BDE7A11E2BB2AEEA3CC98268A" xmpMM:DocumentID="xmp.did:214D466CDE7A11E2BB2AEEA3CC98268A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:214D4669DE7A11E2BB2AEEA3CC98268A" stRef:documentID="xmp.did:214D466ADE7A11E2BB2AEEA3CC98268A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>+(0....dIDATx..]HSa....}.....1.)........`..!^t.Eu.E...W.D.........&.X.HI.Bj&!x...9..<..szw0...~..}.y...&..N-.h...c..

                      Chrome Cache Entry: 235

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):25525
                      Entropy (8bit):5.20953005129482
                      Encrypted:false
                      SSDEEP:
                      MD5:70705BBEEB177DC1F7BD3685E03E111D
                      SHA1:F3C6B8F21DC4EF0EF3CC6967CADC84920A62D864
                      SHA-256:96B6D23E97DCDAFE0984E0C258ECA5482AC283A901F3A2E0EEBF709F776D78D2
                      SHA-512:A6777BE3B4AB0FBAA96D8C297B935FE89324D7052D35E8700702F43E8496EAE8DAE454719E4FE12FCC81EB4F862A8BB789180CEBEAE755FF9C2136319948C3BC
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/revolutionslider/rs-plugin/css/settings.css
                      Preview:/*-----------------------------------------------------------------------------.....-.Revolution Slider 1.5.3 -......Screen Stylesheet....version: .2.1..date: .09/18/11..last update: 06.12.2012..author:..themepunch..email: .info@themepunch.com..website: .http://www.themepunch.com..-----------------------------------------------------------------------------*/....../*-----------------------------------------------------------------------------.....-.Revolution Slider 2.0 Captions -......Screen Stylesheet....version: .1.4.5..date: .09/18/11..last update: 06.12.2012..author:..themepunch..email: .info@themepunch.com..website: .http://www.themepunch.com..-----------------------------------------------------------------------------*/......../*************************...-.CAPTIONS.-..**************************/.....tp-hide-revslider,.tp-caption.tp-hidden-caption.{.visibility:hidden !important; display:none !important;}.....tp-caption { z-index:1;}...tp-caption.big_wh

                      Chrome Cache Entry: 237

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 1 x 10, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):125
                      Entropy (8bit):5.449940422825115
                      Encrypted:false
                      SSDEEP:
                      MD5:BA593BD9FC9E07110F3DC74F728B3768
                      SHA1:9620E53C9E0A5B5D55E15B23F556E2089E903FC1
                      SHA-256:A15348B049A18C85702DDE38F379AA78D3809AF8C07ADCF25236C69B03F6F746
                      SHA-512:DAA17291DEACD922E08AA3BA67D1D4BBB1D0859CE0F0FB3DC9F5F330805AD4D66DEE5104DB61DDB63F94906A76EF8240252675791B97764C94BB6C956BFD8D97
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............u.4J....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.b.......... ..."A.?.8..0......\.h....IEND.B`.

                      Chrome Cache Entry: 238

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel
                      Category:downloaded
                      Size (bytes):180848
                      Entropy (8bit):5.601124518326296
                      Encrypted:false
                      SSDEEP:
                      MD5:3955C7672EC8057F07288CDA17E5C6D8
                      SHA1:5DE1048E3836E7A4AA124FE3D932E48CF1EB088E
                      SHA-256:5DC6DBAB0FC0AB92262615AF24D6582709C654D2919E4B40F8EC6888083F364F
                      SHA-512:03FC8EF40F6ABCC8763441B9B713598D6114FEB60B67CC8A44D910C2F02615E4CB6CDA9BA8CD797216B0C44011BB82D9EA5AB3371D3DC8F2E0B447B3EF41B3B6
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/ultraviewer.ico
                      Preview:............ ..J............ .(....J..``.... ......R..HH.... ..T......@@.... .(B...<..00.... ..%..0~.. .... .............. ............... .h........PNG........IHDR.............\r.f....pHYs..........o.d.. .IDATx..}y.$E....K.]...A.f.).@..A\F.Ap.... ......8.6>.....::.........4K...<..lZ.n....@..23.?r..*.n..........Y..sN..`..k.{..`X....^..\F.[..v.c;.X....F..3...l.....F.p.8DT.0.`.......%.me.9..c....<...#..2...F.nW@.1V~...).^...B.$)..c{.lw....q.0.10...P......e..0.b..&....?.."... .I")...i.=.8....z..976...!...-4..-.z.+?}.b)..R..I.C..>..+..C`< 8C.d..f0...1\.@H..=R...e.....M...............j.....!AR.... z.q~.7...a<...C...7.h....2.=c.20.$\.m`....7F..0.Q*.`,Nr!.!|...<A..|.....f.c..,..a0..q.@.j... ).... ....@x...WM..F.N@..y..O.9*.x.p..`.0...7J..0M..ap.&...z.D..>.`........![.........K.....x.....JR<......s....:dj.5.h.Z....=c.nR..I...7......L.i....H....|......J...l..7.....&..I-.4.8c.p..T._.x.....$.]..k87n}..Uc.}..$.....=c.R..$.}..o`.9.M..m..zx"..(..$yY......$..AfT.

                      Chrome Cache Entry: 239

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (1957)
                      Category:downloaded
                      Size (bytes):3093
                      Entropy (8bit):5.586238726999888
                      Encrypted:false
                      SSDEEP:
                      MD5:B0BD3BB7D048E1D4A62DC6810FD20559
                      SHA1:76B30E9DCF16AEE79C5E7599176B91A393A0E5EC
                      SHA-256:47C097BA886258C41E67574DC6BE31B96DBF9BEDC7C2DA9D45A06235BF1B1A93
                      SHA-512:068D343A68273EA8688A09ED5244688C024BB607A655EE29F48BC4A2151DB9A8EA61D6B8511F8FC2313B7AA25DF09AA841E6EADAE3A26CF768C05155F0EAF71C
                      Malicious:false
                      Reputation:low
                      URL:https://connect.facebook.net/en_US/sdk.js
                      Preview:/*1705008213,,JIT Construction: v1010778471,en_US*/../**. * Copyright (c) 2017-present, Facebook, Inc. All rights reserved.. *. * You are hereby granted a non-exclusive, worldwide, royalty-free license to use,. * copy, modify, and distribute this software in source code or binary form for use. * in connection with the web services and APIs provided by Facebook.. *. * As with any software that integrates with the Facebook platform, your use of. * this software is subject to the Facebook Platform Policy. * [http://developers.facebook.com/policy/]. This copyright notice shall be. * included in all copies or substantial portions of the software.. *. * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR. * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS. * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR. * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER. * IN AN ACTION OF CO

                      Chrome Cache Entry: 242

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 35 x 25, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1138
                      Entropy (8bit):7.724678253442209
                      Encrypted:false
                      SSDEEP:
                      MD5:F416B1C2F4E5FC2897A7F797C5BBBF7D
                      SHA1:67929401D9307183C38100BBC1190A4759895396
                      SHA-256:A68955AAC73ECA3006C3C5CE0CA43F35D21EEE61FC3EE7FEC39EEF8F819BABC4
                      SHA-512:07383FC5C7BBC3B452E933A544EA831CE3624F514E908A5F3B37C10E6BB1D770A8A69A21002C8A1D7CB4448EDA2669B0A93EE4EEE943FA61047E7187B7D1F92C
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/greyscale/update-icon.png
                      Preview:.PNG........IHDR...#..........8......tEXtSoftware.Adobe ImageReadyq.e<....IDATx.W]KTA.~.C].Vr.6.\Q.rE.-..."......6....QD..B..].v+^tS.........~....;r.s....s..y.y..}g.%.L.yeddD,..p.[..V.U.......... .....5.w.....K.r....||.........w.......?l6..g...`.b..Vj.N..... .Xc.X.....L.`43.w.........Z]].455).rss...:kC..1..A....c.......F...x.^)//.<;...n...V<.TS..k.999..........1.{zz..a.....3.^#.We..0..2..x.]..D..1.W......A}.F^...fF.d.3y...D..p8,...rxx(`.d.........+....r...5.0..._...>............h.._0G:;;....(.nj.q..n.c./;;;.a4....Sn"..D...AR....|w`...M'I3....v~......!..[....9..[x.lZ.3.8.....%........X....E.Z..Z.....:"Xi. VVV$.....Yggge}}].....'.K....*Og#m&...m*.b.%d.z.vyyY.{.}UD......t...y...*.y.....Y.)((.#..H...&...9fmmM...~......c.6..D2Izi.0Z.....n).F.Y%%%.F(@n.["...5.......9(.9#Y-"...6fW.Bi.z.V..L8.....\2...o.*..`..F)^..@C..B....A.]...7C.1....=... .m<....5.Q.L.L|x..~.v..........m...C....8Y!#...C_...a~.....8.\....]...T.....y.P.....(^S4C.......R@......RE.....lll.

                      Chrome Cache Entry: 244

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1290
                      Entropy (8bit):6.737304427104644
                      Encrypted:false
                      SSDEEP:
                      MD5:D7C111F6E44A17B4DB6470BAA919297C
                      SHA1:8CBBA2488ACC93BEE6CB17EE863A58F6733BCD88
                      SHA-256:CA078DD8CD0E464D81DD8EB932DD4475F5B97A4D6F87DBB4982B92D536312562
                      SHA-512:3900C0DDD13C7B158D82409FE5D0ED3EE5786D6B46073B9972C1C6A4D9A04691C2FF461682A8A8E03E1976AF0B0CB4BCA817B524C4E2A9670858B90FA2DEF1F7
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:17837EEDDE7A11E2BEAC867B22081DE9" xmpMM:DocumentID="xmp.did:17837EEEDE7A11E2BEAC867B22081DE9"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:17837EEBDE7A11E2BEAC867B22081DE9" stRef:documentID="xmp.did:17837EECDE7A11E2BEAC867B22081DE9"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx...+DQ..qc.fDJ.."Q2.v.&.VY(..M..?.....,P66.#"C.FlL!.....4....o.t.sK3.>.{.y..\..gB..UU.U..u ..<...8...}W..}.`

                      Chrome Cache Entry: 246

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 40 x 90, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1734
                      Entropy (8bit):7.255879374354705
                      Encrypted:false
                      SSDEEP:
                      MD5:1580EA8678BAD6D4F2F41279A7CBBB46
                      SHA1:FE6390D36992C7E86B8F176EA314B9C12F7ACD90
                      SHA-256:E1DFF36C732C35EFB287A87339C06F12F4CC84C75CF4BDC73A8A3BA1936D236F
                      SHA-512:B92E689EB04AE7562D2D16D2C3BE92FC368614326ED109C4421F30A96FA3EABF96DB13C4EA82D0E18146092348E7696FD32450F8CBFD1E93589D4C64860E8A9A
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/revolutionslider/rs-plugin/assets/large_left.png
                      Preview:.PNG........IHDR...(...Z.............tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:887E8AD1D94611E2A1D5B966297BDF2A" xmpMM:DocumentID="xmp.did:887E8AD2D94611E2A1D5B966297BDF2A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:887E8ACFD94611E2A1D5B966297BDF2A" stRef:documentID="xmp.did:887E8AD0D94611E2A1D5B966297BDF2A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......<IDATx..M..0....@b...]UB.U.Q...yz...R.....|......... .9n N<...#.....cf<..s.n..Y&..q......!..X..2........~..r..

                      Chrome Cache Entry: 247

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x58, components 3
                      Category:downloaded
                      Size (bytes):7168
                      Entropy (8bit):7.798569891490091
                      Encrypted:false
                      SSDEEP:
                      MD5:19028A00E27E8BF53DFCC8C7A4136111
                      SHA1:184370AA4946CFBD8601A0F54AFDCE65C1C172BB
                      SHA-256:957977E52F07E85720A30F61BED0EF3911B15245F2FD155844C56512F93D3663
                      SHA-512:4B23DC79A27532CC1BEBA1698BA4787F8E675D497F213573050C5A3411E5F1B0FA2B0FB8371266A26E1C4306ED994E9C09E0AFF687EA0BBBFDA8B6F486DF8A09
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/tweets-bg.jpg
                      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................:...............u.................................................................!1AQaq..........2.B."bR....................A1.!Qaq............?....|...j'.A.""..S....-.0".ZJ.sT....$UK..%..b.U..H..t/.. ..)Gy.!....c%.6...V.!:Z...}...A...N.Q. 5/....R......-......*Z...4...)...j+.4@&.... ........S.C...V..(E......4."..%.T0..+.......PkBE..[p#...QTl..~=@V\..2.2....56....=.....}.........j.U~.....Q..(..Em]9a.i..iX"...O...'`...+..[.._.i.`..H-ui.D...vl....UE*.e5@.#.....)t@..5...{.@s5....8..1O@,....K.)e..s..T.S.... ......V....bS...s..^...f.C..HI.. .k.....$MYC2.}.....M7w.0.`.^..!.;...d*...l..J.b.^.....y(R(B.~.j..D...i....U......]...i.2......Y...j....@BH.^s.....@Y..I..&.i..R....J..a?.F.p.....V....B..j..A..(.++...d......"..-*.Z.]v.....e(.H.X..&.(...U&......BT@..`Eq6"%..nX..M....h..,H..

                      Chrome Cache Entry: 249

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1371
                      Entropy (8bit):6.930490999580688
                      Encrypted:false
                      SSDEEP:
                      MD5:47BAFB91BA270A3A3C0077D3F8221335
                      SHA1:6714BF9D2C9DF11C27E1399B9D1C97A182A360E0
                      SHA-256:573EB952FDF4CCDF0257B37FF8B37FA2EA2FB9576F0EBE44506D8D765A03FAE5
                      SHA-512:D64DFB939E53B2FC2CAC8AAD165634E00C05632EE2F3EAC2141CD559F1D5239842ACA62DBC5A2FF91F11F283DDA1C531054184ABBDD0E0259FB509B6E2F3CB01
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/social-icon3.png
                      Preview:.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:0D7957F1DE7A11E2B07EA660CC69486E" xmpMM:DocumentID="xmp.did:0D7957F2DE7A11E2B07EA660CC69486E"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:0D7957EFDE7A11E2B07EA660CC69486E" stRef:documentID="xmp.did:0D7957F0DE7A11E2B07EA660CC69486E"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>x..M....IDATx..OH.a...u...6b.$..........!.$..Ry.X.t....'...tZH..%.S.`..`......B..(.9}_.m.L......}......Y..<..#......

                      Chrome Cache Entry: 251

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (15184), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):15666
                      Entropy (8bit):5.076765590917581
                      Encrypted:false
                      SSDEEP:
                      MD5:21EEEC2778AE3350A46C9C5C60FC8D58
                      SHA1:7E786E2A49757563949D07308BAB30D7C0042F3A
                      SHA-256:F355F61622AEECC97FAAA515265CBC3160E7394C55C0B2D0B156E0031EF91608
                      SHA-512:CAD4A633398E79279711F88A026446C358194CD42EA525E76FF3D28B6031FA823D929A64761F67019236A0626DDEE89D1CA9D8390C32561540EE2C846F67FB1E
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/jcarousel/jquery.jcarousel.min_gzip.js
                      Preview:/*!.. * jCarousel - Riding carousels with jQuery.. * http://sorgalla.com/jcarousel/.. *.. * Copyright (c) 2006 Jan Sorgalla (http://sorgalla.com).. * Dual licensed under the MIT (http://www.opensource.org/licenses/mit-license.php).. * and GPL (http://www.opensource.org/licenses/gpl-license.php) licenses... *.. * Built on top of the jQuery library.. * http://jquery.com.. *.. * Inspired by the "Carousel Component" by Bill Scott.. * http://billwscott.com/carousel/.. */....(function(g){var q={vertical:!1,rtl:!1,start:1,offset:1,size:null,scroll:1,visible:null,animation:"normal",easing:"swing",auto:0,wrap:null,initCallback:null,setupCallback:null,reloadCallback:null,itemLoadCallback:null,itemFirstInCallback:null,itemFirstOutCallback:null,itemLastInCallback:null,itemLastOutCallback:null,itemVisibleInCallback:null,itemVisibleOutCallback:null,animationStepCallback:null,buttonNextHTML:"<div></div>",buttonPrevHTML:"<div></div>",buttonNextEvent:"click",buttonPrevEvent:"click", buttonNextCal

                      Chrome Cache Entry: 256

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):5228
                      Entropy (8bit):7.947666691416988
                      Encrypted:false
                      SSDEEP:
                      MD5:E4CB17C7371E815D8332722653B8A049
                      SHA1:2E178E93BD6DFE38519FB76D36EE3CA1A29AD3C0
                      SHA-256:228880181E4EAAFA8A668EBE13DCD5BC96EEBF6DF5A78C1B0B979C47D13CF4FA
                      SHA-512:B5CF10DFE233AF751CA750C295ABA8305771AF1A96BCE54EB17AAB99A901B8863A3A3D7F38F0CC4841226228B70B0CA89C6CDA96BC57B5377FFE388E7649CDA6
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...@...@......iq....3IDATx..[.xTE..{Kw.=..$D@...\..q\q...S.x.. .2.3.]......"." ...&....%.......$d.$..9u.n..........7....:.T..n..~G*.=dC.:...V.}G......M..H.id.....x..G..l2YU{..F.....L&\./2.e"<<<...PTT.........'.......&..~K./.w$....t..U...~?...?..?.-...6...O...Z-p..a..YX..-....dU.$`..S.x..O.<.f.I.......S@........v..}.Y.~-..3.k.^R\..}.........lL...#+a/.>|.V...F..(.....d)..5.U........P.. .....+...W#.X.)...KO....Ck.e...e+.6....|../6:.i.R..A..OB.....S9aJ..XD.h..]...,8.a.Ho..... ...W......^.:....~=2.w{..R..0..Q...~lm...9..+...[...a6...S.....q(....'.)A.y\H..m.....3..#). &....H....1....i#?.y...@v..W^..[>.]z@N~.......cb..6..d.|.3..!\...y....x.g.b(.....h.1....=.C.....l......N...:^......1.g.]S+......~VSf....T. ..+.' ....X0k....}..i.......%x......w.'J..X....M..LmG._..f...O.4..W..#x..D.h.b.b..E....ukCO...W........,*-...2z..8...[..%x...E..\.W.}r....E.l...T....I..............D.......P.J*..h..R.a!t...Z.....#.!@sr.a..`Z!.y.'8....l@.<..+QL.|/6

                      Chrome Cache Entry: 257

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1267
                      Entropy (8bit):6.780464964517972
                      Encrypted:false
                      SSDEEP:
                      MD5:846C4E47952A51C2F2E3BDA5E66DAB6F
                      SHA1:21152F57720999941878622DE1E20C4AC89F4959
                      SHA-256:4887B88D32955E74539E853E27D41B6102D72EDA1ADE7590A9EFC6E409E390B4
                      SHA-512:F2FAA5A53B51382F055AD8827279DCA7C2E2F13F47536CE853F329555B99FFACCC5E61CB3BA7774D7862451D7CD99BC7D27000154C29698FF5FC0D8B75EB64CE
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:24F64295DE7A11E28AB2831AB0F5F945" xmpMM:DocumentID="xmp.did:24F64296DE7A11E28AB2831AB0F5F945"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:24F64293DE7A11E28AB2831AB0F5F945" stRef:documentID="xmp.did:24F64294DE7A11E28AB2831AB0F5F945"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......iIDATx....+DQ....uaA.&.(...,d.....F...l..2YH..D,f7.+.,(.,$.,0..."E4..g..;.b.......g.w..u....@.......'...4Z.

                      Chrome Cache Entry: 258

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):585
                      Entropy (8bit):4.589799476364919
                      Encrypted:false
                      SSDEEP:
                      MD5:D6D2EF755D24B0096F604FEBB93A7244
                      SHA1:8DA3E40A6526CDB44CC2A8E0C7253FA8634D384C
                      SHA-256:845B3FC645ABB3D96944193FA2AF2E193B6F012A72D612D43BC652FD09DB478D
                      SHA-512:F2882E0571C4BA100E419B8E3A65D7B2F01E39CFE38A1FFBD7428259BA92332444F502EFB0DC0476482B285844A9F30B36E717493A5E69DFD7C29CE1171F44E9
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/page/global.js
                      Preview://scroll up.. $(document).ready(function(){.. .. $(window).scroll(function(){.. if ($(this).scrollTop() > 100) {.. $('.scrollup').fadeIn();.. } else {.. $('.scrollup').fadeOut();.. }.. });.. .. $('.scrollup').click(function(){.. $("html, body").animate({ scrollTop: 0 }, 500);.. return false;.. });........// display loggedin .... $.ajax({url: "/api/display_login_info.aspx?lang=" + cLanguage, success: function(result){....$(".dropdown").html(result);....}});.. .. });

                      Chrome Cache Entry: 262

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (7711)
                      Category:downloaded
                      Size (bytes):259947
                      Entropy (8bit):5.563764289887954
                      Encrypted:false
                      SSDEEP:
                      MD5:EA4287285CC9D00D2F16A09115C9582D
                      SHA1:AE04918277DBD512969F268CB168E25DA38AD416
                      SHA-256:A5CDB3503CD557C8A1D63433B177E8F0FF94441F0EC311EE3DCBCCA350E91001
                      SHA-512:CF4C85A5D79196625FB760BBF332C56929C8839AD73631229DA2F6DF20D2F456B71AD18B5140FE5EACF517031D975B1A0D26F9BA379A45488AA704B88BFC4E50
                      Malicious:false
                      Reputation:low
                      URL:https://www.googletagmanager.com/gtag/js?id=G-8J20SLZ4R2
                      Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0},{"vtp_signal":0,"function":"__c","vtp_value":0}],. "tags":[{"function":"__gct","vtp_trackingId":"G-8J20SLZ4R2","vtp_sessionDuration":0,"tag_id":1},{"function":"__ogt_event_create","vtp_eventName":"bat_dau_thanh_toan","vtp_isCopy":true,"vtp_instanceDestinationId":"G-8J20SLZ4R2","vtp_precompiledRule":["map","new_event_name","bat_dau_thanh_toan","merge_source_event_params",true,"event_name_predicate",["map","values",["list",["map","type","event_name"],["map","type","const","const_value","page_view"]],"type","eq"],"conditions",["list",["map","predicates",["list",["map","values",["list",["map","type","event_param","event_param",["map","param_name","page_location"]],["map","type","const","const_value","buy_serikey"]],"type","cn"]]]]],"tag_id":3},{"function":"__ogt_event_create","vt

                      Chrome Cache Entry: 263

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 28 x 40, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1557
                      Entropy (8bit):7.17035541191537
                      Encrypted:false
                      SSDEEP:
                      MD5:778EE0057450F5AAF88F202189228915
                      SHA1:4D2CE58DF71DFA89601E38ED0FAA84815DF8F23B
                      SHA-256:3D58698358EE37FC535096F352D71F403C034D0BFF9F82DCC5EB234DA19825B0
                      SHA-512:F68F6D508CCD115A00F5D88759BD63036C4E6660283B02CB38A50CC496D13672D44EE2BAA3FC9445DEE4A44A4457CFBA8C8E8DC13ADB4EDC0B870A21660F924C
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.......(......./....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:85A5FD67DE7D11E2A5C9D8692156AFEC" xmpMM:DocumentID="xmp.did:85A5FD68DE7D11E2A5C9D8692156AFEC"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:85A5FD65DE7D11E2A5C9D8692156AFEC" stRef:documentID="xmp.did:85A5FD66DE7D11E2A5C9D8692156AFEC"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...i....IDATx..[..a..gve...,.)..ZZ..Z.C.7..H...F.s.8.L...CKag.l....(..Z...9..=...y...3.._;......}7...#}9*"}<B.P0..

                      Chrome Cache Entry: 264

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2x2, components 3
                      Category:dropped
                      Size (bytes):1123
                      Entropy (8bit):5.794813529688611
                      Encrypted:false
                      SSDEEP:
                      MD5:FB203FAF6105F6A3BFA6FBB5F6C1FE3E
                      SHA1:47D1E23138FFC8D5DA9271066107EB21C088462A
                      SHA-256:DCB2485B7981AFA35FE73AD033D7AC9EA17AE0A98A0E6148CD15371A513BE660
                      SHA-512:85A855E3240C9B29F0011592A5F224CAE84B43D246451700665B837F0962BB400578194368A274237B1DEAC481128C5ECCF53A6AEF254B01C8E64114F47B1541
                      Malicious:false
                      Reputation:low
                      Preview:......Exif..II*.................Ducky.......F.....)http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:C2FBCB33DE6911E2B1BEC4C59FAC90BC" xmpMM:DocumentID="xmp.did:C2FBCB34DE6911E2B1BEC4C59FAC90BC"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:C2FBCB31DE6911E2B1BEC4C59FAC90BC" stRef:documentID="xmp.did:C2FBCB32DE6911E2B1BEC4C59FAC90BC"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...................................................................................................................................

                      Chrome Cache Entry: 265

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (23742), with no line terminators
                      Category:downloaded
                      Size (bytes):23742
                      Entropy (8bit):5.050574160426022
                      Encrypted:false
                      SSDEEP:
                      MD5:453E03A8B59BFF8F8F753052B2BC3538
                      SHA1:C10EBA597ACC708937A038856106C5A01FC7A677
                      SHA-256:1937F331CF7A217A70AD388C02B75B4DF48615DA9A38D1A66F785A1AC33B5E8B
                      SHA-512:4474562976F8A6400C2BF9CF44A747C6B941BD0E6092CC57FCE4AEFC286CE120A8F9C4C89EA7AB17389D660C4379E466443E0D01CE5769BC176DB449A2C5F846
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/css/responsive-leyouts-min_gzip.css
                      Preview:@media only screen and (min-width:768px) and (max-width:999px){#logo{width:215px;margin-left:-30px}.site_logo h1{font-size:20px}.container{width:727px;margin:auto auto auto auto}#access .menu{width:500px}#access .menu ul li a{padding:40px 4px 34px 4px}#access .menu ul li a:hover{padding:40px 4px 34px 4px}#access .menu ul li a.active{padding:40px 4px 34px 4px}.date_wrap{width:18%}.date{padding-left:0}.top_contact_info{float:left;width:100%}.features_section .sections{margin-right:6px}.features_section .sections .right{width:52%;padding:10px 0 0 18px}.whats_new .contarea{width:84%}.features_section_two .sections{margin-right:6px}.ad_one .but{margin-bottom:18px;width:50%;margin-left:18%}.ad_one .carve{width:226px}.ad_two .carve{width:226px}ul.whyus_list{margin:0;width:100%}.slider_button1{font-size:12px;width:120px;height:35px;line-height:37px;margin-left:3px;background:url(../images/sbut-01.png) no-repeat -25px -6px}.slider_button2{font-size:12px;width:120px;height:35px;line-height:37px;

                      Chrome Cache Entry: 267

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:HTML document, Unicode text, UTF-8 text, with very long lines (381), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):35667
                      Entropy (8bit):4.937784253916781
                      Encrypted:false
                      SSDEEP:
                      MD5:E2C74349F2D582098A7E4EB10A4E737E
                      SHA1:D07F3515C604D85B29E5CBB58DF9E9FDF52A08AE
                      SHA-256:A412C8678BB81E0BBAE0BBDDC6BC908A0F512E341F23C21592B632E2BDB2CA0C
                      SHA-512:7A3F512239CDA9FBFC69F1EA04CC29F6D3B1508C5090CE31502D052FFE72A2DFDDA5CD98F10A12A01F6A14EEDAAE57D5027253B8F50741C70632EDFFDB71B690
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/en/
                      Preview:..<!doctype html>.... [if IE 7 ]> <html lang="en-gb" class="isie ie7 oldie no-js"> <![endif]-->.. [if IE 8 ]> <html lang="en-gb" class="isie ie8 oldie no-js"> <![endif]-->.. [if IE 9 ]> <html lang="en-gb" class="isie ie9 no-js"> <![endif]-->.. [if (gt IE 9)|!(IE)]> > <html lang="en-gb" class="no-js"> <![endif]-->......<head>...<style>../* page title */..@media (min-width:320px) { ....page_title {....background: url(/images/sliders/revolution/slider-bg-mobile.jpg) no-repeat center top;...}..}..@media (min-width:600px) {....page_title {....background: url(/images/sliders/revolution/slider-bg.jpg) no-repeat center top;...}..}...page_title {...width: 100%;...min-height: 50px;...padding-top: 20px;...margin: -20px 0px 0px 0px;..}...page_title .leaft_title {...width: 68%;...display: block;...float: left;...text-align: left;...margin: 0px 0 0 0px;..}...page_title .leaft_title h1 { ...font-size: 22px;...line-height: 30px;...color: #fff;...font-weight: 600;...text-tr

                      Chrome Cache Entry: 268

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1268
                      Entropy (8bit):6.743565739389761
                      Encrypted:false
                      SSDEEP:
                      MD5:EDBD216592F8DCD53D3033D413A8BDBA
                      SHA1:AE968F8EAD532265F624C45199E506FD722F19CB
                      SHA-256:3F8FA4AE6970F42FF7A750989F96441A460475CC4534F43ED597D8E96A5FB097
                      SHA-512:FDAC31F7F899EB5791C14D978916AAAFFE09F4625C56D2651E21AE823AD62E23E6A814D7DC0644ADF45CA607CE0DC48C55D90984286193C4017E749BB27AA2C6
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:091FEDC3DE7A11E28426D65CE9EC159A" xmpMM:DocumentID="xmp.did:091FEDC4DE7A11E28426D65CE9EC159A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:091FEDC1DE7A11E28426D65CE9EC159A" stRef:documentID="xmp.did:091FEDC2DE7A11E28426D65CE9EC159A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.v.....jIDATx...+DQ...y.B....fa1I..Y.B..[..Y.!.Y.")..... +.I.....X.fp}....z?g......{....E.U!.oE.)...5tb.5....x.I

                      Chrome Cache Entry: 269

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:GIF image data, version 89a, 24 x 24
                      Category:downloaded
                      Size (bytes):2545
                      Entropy (8bit):7.144078312196678
                      Encrypted:false
                      SSDEEP:
                      MD5:4B3AFB84B2B71EF56DF09997A350BD04
                      SHA1:ACCDAC8A7ABEAB0E21C49539AAD0A973ADDB28EF
                      SHA-256:9034D5D34015E4B05D2C1D1A8DC9F6EC9D59BD96D305EB9E24E24E65C591A645
                      SHA-512:D65078B5D13873ADB363472B5C358F6B42C128B530F8FEBA9776F8E4906CC97F20EE7BF1E823336CDA8049147A9C7FA5E4016F07F96EC154F3774FBDE1A564B6
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/revolutionslider/rs-plugin/assets/loader.gif
                      Preview:GIF89a...........................................vvv......hhh..........................................!..Created with ajaxload.info.!.......!..NETSCAPE2.0.....,........... .$.AeZ...<...Q46.<...A.......H.a....:....ID0.F...a\xG.3...!...O:-....Rj...TJ..*........t...........~."...ds]......)t...-"...i;H>.n.Qg]_*......R.3.....GI?.....v$...j3!.!.......,........... .$.0eZ..y..0..q ..P..W...)";..qX.^..D50......<H3.!.....k-.n..a. .(.i...d.$P@y.w`.J..#.....?..y........o...g.....f....'8..{..'C.p`j.n."...2.{.`x...jy.4...C,.4..o#n.$.....!.!.......,........... .$. eZ...$.2.....q....E. ....p$H@D/.....G.D.j8v#..P((D..... ..N.(3..#.y....(@...gUx*.kK.).....?K...............$..."....*.......K.....W......x..?.G...#.W....n.h.K,.....+.....*!.!.......,........... .$ .eZ..Y.$1..Q(c......O'"............. 1....q.d"..A.....V.x8p..4988.MRC.@....e*.3@.iI.)..'.?I.........@.......,.....#.........5..,.....".E..z...?..@.E...@.....).....*!.!.......,........... .$.(e..$....C.E1..;...('2$..

                      Chrome Cache Entry: 270

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (55901), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):56235
                      Entropy (8bit):5.14692740363503
                      Encrypted:false
                      SSDEEP:
                      MD5:E28129CF4DF03D30010AEF096FC3A3D8
                      SHA1:D44D06B4EAE3DFC289F1FACBA5E2F97626A253FA
                      SHA-256:B3DD18609EFF4243F3A46AC351D68CA5EDF7F0A13065FD11D44F76C642254647
                      SHA-512:25A0348C4CCD964844817423B70BB4730AB0C4E36B07F7329EFE8E8413D5BE5D478BAD06F5AD54CD4C1995607E0A98664F2E2D412EA02126090AF6B078DE9E1F
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/js/revolutionslider/rs-plugin/js/jquery.themepunch.revolution.min_gzip.js
                      Preview:/**************************************************************************.. * jquery.themepunch.revolution.js - jQuery Plugin for kenburn Slider.. * @version: 2.3.9 (03.04.2013).. * @requires jQuery v1.7 or later (tested on 1.9).. * @author ThemePunch..**************************************************************************/....(function(e,t){function n(e){var t=[],n;var r=window.location.href.slice(window.location.href.indexOf(e)+1).split("_");for(var i=0;i<r.length;i++){r[i]=r[i].replace("%3D","=");n=r[i].split("=");t.push(n[0]);t[n[0]]=n[1]}return t}function r(t,n){t.find(".defaultimg").each(function(r){d(e(this),n);n.height=Math.round(n.startheight*(n.width/n.startwidth));t.height(n.height);d(e(this),n);try{t.parent().find(".tp-bannershadow").css({width:n.width})}catch(s){}var o=t.find(">ul >li:eq("+n.act+") .slotholder");var u=t.find(">ul >li:eq("+n.next+") .slotholder");b(t,n);u.find(".defaultimg").css({opacity:0});o.find(".defaultimg").css({opacity:1});w(t,n);var a=t.find(">

                      Chrome Cache Entry: 89

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 2 x 36, 8-bit/color RGB, non-interlaced
                      Category:dropped
                      Size (bytes):1010
                      Entropy (8bit):6.165496799581702
                      Encrypted:false
                      SSDEEP:
                      MD5:0A7A1491892895F2D9006938C90417AA
                      SHA1:ABCCAC0C1E03A6DA8BE1B8EF2A26834BB62BEBF0
                      SHA-256:0DD46DE8783CA7645BCE87BDDC1BCB45F12D66E37288C0A4D9B0736B498B2CBD
                      SHA-512:E4F67EF915416D110D58F0F22155260EB2D5C62D70F7A40410B37439C768EBC0BBC0F0EFAC9EE6D78628480D3EAB507D57D449B7EA5ACC5815A8FE5719CA4713
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.......$.....,!|X....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:73E4F6DBE2E311E2A8E9E53BFAA8ED74" xmpMM:DocumentID="xmp.did:73E4F6DCE2E311E2A8E9E53BFAA8ED74"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:73E4F6D9E2E311E2A8E9E53BFAA8ED74" stRef:documentID="xmp.did:73E4F6DAE2E311E2A8E9E53BFAA8ED74"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>l.....hIDATx.LO... ..._..?............r..]p.Z.`I.g.j.....3.f......;.....1....k.{6x...d....T.,.8.......'....r0./k...

                      Chrome Cache Entry: 92

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):756
                      Entropy (8bit):7.435711057812167
                      Encrypted:false
                      SSDEEP:
                      MD5:8A8739EF40356BFB8F1BD171A896ED93
                      SHA1:620501D4ACA42D9C6D06CAB28C6133FFC8234103
                      SHA-256:4EC3B3767681A2E861D1B4F21841C536F8AA7A87104D1CDE355AECA9AD855E53
                      SHA-512:7CE4FAED1819EF027FCD338766133F1F87D0F17FBC07E06126DAA3EAB5A0C5B25C5099E368C853D3BCD9176F2A4B99EC6C2FD3852C41F318E5DA1FA4D6CBE26B
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...@...@......iq.....IDATx...?o.@......iR;.....R.'.H.{..3#HL.W.;00....].B.C7...H,,..P.)@!...9.[C.?Rr.{....q.~...s.....!.......`..A..@..I...*.......J[................6...o.y.XZZ.0,..I...V7..r...@.tN&.U.,.....C....y.a...D.u.u..s.......K.p....'Kv..DN-'.^.kl.'......<....Je.I..@..K.JVMRW.e.f.e....V_o.1..h......./..wc...W.x...........n5.(. .. .. .. .. ..(.@.g..O...._|,.n?|...o..q..wN..}........g..{..^.Xy......O..2.x"w....?.B|q...u....a..6....;......o....... .E...Y.@..i....Ds..4A.7%.~N.......w_..K.oFh.$.. .. .. .. .. ...2..m..r..3F..T{.8.,C.e.RkxVj.... /....V.(..=(....7.=O.~....o..)...Q..2..l.%5\..3.S.......I.'..."...G.. /j....'.."... ...y..}.....k...RJ....Q...8............K.0j........./..f....f)nq..L....IEND.B`.

                      Chrome Cache Entry: 93

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 100 x 40, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):2559
                      Entropy (8bit):7.601130717493205
                      Encrypted:false
                      SSDEEP:
                      MD5:3198B2B117996E7786410CA4561066BF
                      SHA1:06D7860EFB15F076B22B1599C39DD228B8524748
                      SHA-256:62F98B720B94DC4200FC1BB1B1ACA7156B139845A0BB7B98BAD9E7A407EDB0B4
                      SHA-512:5194317EAEA37C18F3D3D60452FA3E139D5B9B060856575E421062158DD430CEF6E27197410CB0AE668B4459961C478EDF3C0FA9EDE5933A9B0256C25CA68653
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...d...(......x_C....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:A5D49285DEDF11E2999EA1255BC8843A" xmpMM:DocumentID="xmp.did:A5D49286DEDF11E2999EA1255BC8843A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:A5D49283DEDF11E2999EA1255BC8843A" stRef:documentID="xmp.did:A5D49284DEDF11E2999EA1255BC8843A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..5/...uIDATx..[.KcW....etb.c.He.j..-.B.5q..8.......g9..];....... .qQ.]d.........D..vQ...y..9.w.......5.|..sr.....8...

                      Chrome Cache Entry: 94

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 1555x405, Suserng: [none]x[none], YUV color, decoders should clamp
                      Category:downloaded
                      Size (bytes):36782
                      Entropy (8bit):7.994804225231806
                      Encrypted:true
                      SSDEEP:
                      MD5:169659BF0E95FD1802F87EA6D8268A72
                      SHA1:EE97393F826A4729D371963C29469A39E8EB0879
                      SHA-256:2EE2C332AAA5CA317677655DB0E6B806E2B01926A2DB9B773E4163B47317A9ED
                      SHA-512:7D9A8142C30CF1FA24176B7E554864F74929D44D33EE628E41FB7A7FCE7B690446B32DAA7E0BB4F00840DF8AFD78C494A8B46D940AEA966E16D206727CA5FC59
                      Malicious:false
                      Reputation:low
                      URL:https://www.ultraviewer.net/images/audio-sharing-banner-en.webp
                      Preview:RIFF....WEBPVP8 .....s...*....>Q&.F..'.!....glb..|n..^......m.}[$.o........<...[M....oFr<g..8..=>y7...=w?k..........?...|.........._...........[../...............S.S.G...?...? .................p.......:........3....._|O...{z.R....{......<.......]|`...C.>.?.z......~B.........~g|.~_.#...w"...3.....?.?....c........../.O.o.?.|.|.?/.?...+.O..XO............./..>..2.....P....1..X..j.o.^&U...i.. ..7.xz..y6)f..).P....x.....).H....Lgr..8..*.m.M.... ..Q]8...M.$...BdA..K_...w..{....N.n........e.2}.Tx..w....... X.....3...'Y.q..2........A.....Q.ja....:.....?.2..M..M8.]slVO....\......:..iC.z..l>....#.=.......lP5o..k..Q..~.....9...1....0..3..._R.R.}+.h.UE...-.<.&j9R......3m+..m..6.69..'.S..Se.D{. ...U...~......b..-.....Y+..Xr..T{..F./G.++.7.~.b.3-C.U...|.l!.=...l.......h..R.R.............'j...P....?Gq.....($...6.U.:...A,..),.}........\..A.......8..T...v.....9.....4.s....-.!...u.]..g..{..-#..&.K]..i.......V..R/h..U......|o.y.sB...!g..s2..._.1.:.R....&

                      Chrome Cache Entry: 95

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 4 x 7, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):963
                      Entropy (8bit):5.894792571533947
                      Encrypted:false
                      SSDEEP:
                      MD5:257E52093321EECA074868B60B5A66B3
                      SHA1:D2F71FA04C37CE404B529B00069163449CB4C6A7
                      SHA-256:C5E5E2949860422A27B7B73DEBC9BDDC868C468C36583B233748522E39B62BBB
                      SHA-512:B67DD997E006F28F2DA233D205ED2C45CC8F5FB1357A08000DBC59057864AEC7CADBD46B0D618BC7A75AAA188B9A08F44A9179DD391E5850D8864022F340C09C
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR............./e......tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:7C3DBD87DE7311E2AECAA1E097761E6C" xmpMM:DocumentID="xmp.did:7C3DBD88DE7311E2AECAA1E097761E6C"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7C3DBD85DE7311E2AECAA1E097761E6C" stRef:documentID="xmp.did:7C3DBD86DE7311E2AECAA1E097761E6C"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...q...9IDATx.b.9s.. `.a&. .5k...(`JKKcD.d.)C.@..R.,%%...U.8 ..`..L ....p....IEND.B`.

                      Chrome Cache Entry: 96

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1146
                      Entropy (8bit):6.450082511480491
                      Encrypted:false
                      SSDEEP:
                      MD5:4E979F5FD5CC217D7B3AF0B51B8C3ED1
                      SHA1:3575EA36432F993E7AD6CF8FFB835121C0CFD33E
                      SHA-256:A3113F35AC8B83ABB1EB7C1156D0A2123ECF9DBA4BCD045A5881619234B4639F
                      SHA-512:7DAE4AC46350A91007321C1CBA93202339F42873DE551B2054D253F2A83557F63910906A18134B34C5F54DDFA12A8D94D8B9885009FE27323294E98893E4CA3E
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DA32043DDE7911E2B286BD8B2D1EA82E" xmpMM:DocumentID="xmp.did:DA32043EDE7911E2B286BD8B2D1EA82E"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DA32043BDE7911E2B286BD8B2D1EA82E" stRef:documentID="xmp.did:DA32043CDE7911E2B286BD8B2D1EA82E"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...1....IDATx.b...?......X.......7..... ..`V .....1.jlzX............l.......@....c.2../.W@.|G............b@....h......

                      Static File Info

                      No static file info