Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://sites.google.com/view/centregreatlimited/home

Overview

General Information

Sample URL:	https://sites.google.com/view/centregreatlimited/home
Analysis ID:	1391462

Detection

HtmlDropper, HTMLPhisher

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected Html Dropper

Yara detected HtmlPhish10

Yara detected HtmlPhish20

Phishing site detected (based on image similarity)

Phishing site or detected (based on various text indicators)

HTML body contains low number of good links

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Invalid 'sign-in options' or 'sign-up' link found

Stores files to the Windows start menu directory

Classification

×

Process Tree

System is w10x64_ra

chrome.exe (PID: 424 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://sites.google.com/view/centregreatlimited/home MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6176 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1976,i,862959205278740898,9441777982909034761,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

HTML

Source	Rule	Description	Author	Strings
0.0.pages.csv	JoeSecurity_HtmlPhish_20	Yara detected HtmlPhish_20	Joe Security
0.1.pages.csv	JoeSecurity_HtmlPhish_20	Yara detected HtmlPhish_20	Joe Security
0.4.pages.csv	JoeSecurity_HtmlPhish_20	Yara detected HtmlPhish_20	Joe Security
4.9.pages.csv	JoeSecurity_HtmlDropper_3	Yara detected Html Dropper	Joe Security
4.9.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security
0.10.pages.csv	JoeSecurity_HtmlPhish_20	Yara detected HtmlPhish_20	Joe Security
Click to see the 1 entries

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Yara detected HtmlPhish10

Source: Yara match

File source: 4.9.pages.csv, type: HTML

Yara detected HtmlPhish20

Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: 0.1.pages.csv, type: HTML
Source: Yara match	File source: 0.4.pages.csv, type: HTML
Source: Yara match	File source: 0.10.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://bradbachmanhomes.top/21663221c08095a4839b4833d7029a6265cb76f7b1a0bLOG21663221c08095a4839b4833d7029a6265cb76f7b1a0c

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site or detected (based on various text indicators)

Source: Chrome DOM	OCR Text: CENTREGRE... LIMITED Martin Tavener Has Shared a Document Home History PRESS HERE TO VIEW/DOWNLOAD DOCUMENTS Team FAO
Source: Chrome DOM	OCR Text: CENTREGRE... LIMITED Martin Tavener Has Shared a Document Home History PRESS HERE TO VIEW/DOWNLOAD DOCUMENTS PRESS HERE TO VIEWDOWNLOAD txmJMENTS Team FAO

Source: https://bradbachmanhomes.top/21663221c08095a4839b4833d7029a6265cb76f7b1a0bLOG21663221c08095a4839b4833d7029a6265cb76f7b1a0c

HTTP Parser: Number of links: 0

Source: https://bradbachmanhomes.top/

HTTP Parser: Base64 decoded: https://bradbachmanhomes.top/

Source: https://bradbachmanhomes.top/21663221c08095a4839b4833d7029a6265cb76f7b1a0bLOG21663221c08095a4839b4833d7029a6265cb76f7b1a0c

HTTP Parser: Title: bc9f1c48e4320b1a022665eace9d8f8765cb76f7b19e6 does not match URL

Source: https://bradbachmanhomes.top/21663221c08095a4839b4833d7029a6265cb76f7b1a0bLOG21663221c08095a4839b4833d7029a6265cb76f7b1a0c

HTTP Parser: Invalid link: get a new Microsoft account

Source: https://bradbachmanhomes.top/	HTTP Parser: No favicon
Source: https://bradbachmanhomes.top/	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/r96e7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/r96e7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	HTTP Parser: No favicon
Source: https://bradbachmanhomes.top/21663221c08095a4839b4833d7029a6265cb76f7b1a0bLOG21663221c08095a4839b4833d7029a6265cb76f7b1a0c	HTTP Parser: No favicon

Source: https://bradbachmanhomes.top/21663221c08095a4839b4833d7029a6265cb76f7b1a0bLOG21663221c08095a4839b4833d7029a6265cb76f7b1a0c

HTTP Parser: No <meta name="author".. found

Source: https://bradbachmanhomes.top/21663221c08095a4839b4833d7029a6265cb76f7b1a0bLOG21663221c08095a4839b4833d7029a6265cb76f7b1a0c

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.16:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49759 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 13MB later: 51MB

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: unknown

DNS traffic detected: queries for: sites.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.16:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49759 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.troj.win@19/43@38/119

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://sites.google.com/view/centregreatlimited/home
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1976,i,862959205278740898,9441777982909034761,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1976,i,862959205278740898,9441777982909034761,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Data Obfuscation

Yara detected Html Dropper

Source: Yara match

File source: 4.9.pages.csv, type: HTML

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	1 Extra Window Memory Injection	1 Extra Window Memory Injection	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://sites.google.com/view/centregreatlimited/home	0%	Avira URL Cloud	safe
https://sites.google.com/view/centregreatlimited/home	0%	Virustotal		Browse

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
bradbachmanhomes.top	1%	Virustotal		Browse

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
a.nel.cloudflare.com	35.190.80.1	true	false		high
accounts.google.com	172.253.124.84	true	false		high
plus.l.google.com	173.194.219.101	true	false		high
play.google.com	142.251.15.100	true	false		high
sites.google.com	173.194.219.102	true	false		high
challenges.cloudflare.com	104.17.2.184	true	false		high
www.google.com	142.250.9.106	true	false		high
clients.l.google.com	172.217.215.138	true	false		high
nowlifestyle.com	97.79.238.13	true	false		high
bradbachmanhomes.top	104.21.41.21	true	false	1%, Virustotal, Browse	unknown
googlehosted.l.googleusercontent.com	172.253.124.132	true	false		high
lh5.googleusercontent.com	unknown	unknown	false		high
clients2.google.com	unknown	unknown	false		high
lh3.googleusercontent.com	unknown	unknown	false		high
apis.google.com	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://bradbachmanhomes.top/21663221c08095a4839b4833d7029a6265cb76f7b1a0bLOG21663221c08095a4839b4833d7029a6265cb76f7b1a0c	true		unknown
https://bradbachmanhomes.top/	false		unknown
https://www.google.com/url?q=https%3A%2F%2Fnowlifestyle.com%2Fredir.php%3Fk%3D9a4e080456dabe5eebc8863cde7b1b48%26url%3Dhttps%3A%2F%2Fbradbachmanhomes.top&sa=D&sntz=1&usg=AOvVaw1h9MnrP4gRN15q81sOEayu	false		high
https://sites.google.com/view/centregreatlimited/home	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/r96e7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
64.233.176.95	unknown	United States		15169	GOOGLEUS	false
97.79.238.13	nowlifestyle.com	United States		46549	GVOUS	false
64.233.176.94	unknown	United States		15169	GOOGLEUS	false
142.250.9.106	www.google.com	United States		15169	GOOGLEUS	false
142.250.105.139	unknown	United States		15169	GOOGLEUS	false
172.253.124.84	accounts.google.com	United States		15169	GOOGLEUS	false
104.17.3.184	unknown	United States		13335	CLOUDFLARENETUS	false
142.251.15.100	play.google.com	United States		15169	GOOGLEUS	false
64.233.176.132	unknown	United States		15169	GOOGLEUS	false
142.251.15.94	unknown	United States		15169	GOOGLEUS	false
64.233.177.132	unknown	United States		15169	GOOGLEUS	false
172.217.215.94	unknown	United States		15169	GOOGLEUS	false
35.190.80.1	a.nel.cloudflare.com	United States		15169	GOOGLEUS	false
74.125.138.94	unknown	United States		15169	GOOGLEUS	false
172.217.215.132	unknown	United States		15169	GOOGLEUS	false
1.1.1.1	unknown	Australia		13335	CLOUDFLARENETUS	false
172.253.124.132	googlehosted.l.googleusercontent.com	United States		15169	GOOGLEUS	false
74.125.136.95	unknown	United States		15169	GOOGLEUS	false
142.250.105.95	unknown	United States		15169	GOOGLEUS	false
172.217.215.138	clients.l.google.com	United States		15169	GOOGLEUS	false
74.125.136.139	unknown	United States		15169	GOOGLEUS	false
173.194.219.102	sites.google.com	United States		15169	GOOGLEUS	false
173.194.219.101	plus.l.google.com	United States		15169	GOOGLEUS	false
104.21.41.21	bradbachmanhomes.top	United States		13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
104.17.2.184	challenges.cloudflare.com	United States		13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1391462
Start date and time:	2024-02-13 15:03:42 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://sites.google.com/view/centregreatlimited/home
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	11
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal72.phis.troj.win@19/43@38/119

Warnings

Exclude process from analysis (whitelisted): SgrmBroker.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 74.125.138.94, 34.104.35.123, 64.233.176.95, 172.217.215.94, 64.233.176.94, 74.125.136.95, 108.177.122.95, 142.250.105.95, 74.125.138.95, 173.194.219.95, 172.253.124.95, 172.217.215.95, 142.250.9.95, 64.233.185.95, 64.233.177.95, 142.251.15.95, 142.251.15.94
Excluded domains from analysis (whitelisted): fonts.googleapis.com, ssl.gstatic.com, fs.microsoft.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, fonts.gstatic.com, clientservices.googleapis.com, www.gstatic.com
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtOpenFile calls found.

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Feb 13 13:04:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.9837944265081147
Encrypted:	false
SSDEEP:
MD5:	EF6F1C2D33583EE533D9FF3A13D9834A
SHA1:	F3EA5CDC8FB20E136EA520779562C4D0611D2244
SHA-256:	44910FF5A0468E83BDD142CDB63F218DC738E0513ADDC972FDC0A2CBC1721E02
SHA-512:	0CC02891E1CC2128A416284B03875EEFCA99F7A1350B11AF3BF6116ABF289AA816D6E1E46D10358179825287C759436296D4EC162F83ABC4CD78B31000CA3E51
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....&....^..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IMX.p....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VMX.p....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VMX.p....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VMX.p..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VMX.p...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............A.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Feb 13 13:04:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	3.9987279744871533
Encrypted:	false
SSDEEP:
MD5:	FA159850834B84816F58F262238F29EC
SHA1:	6B9E79E11063727BEEFA368EB6506DB5B3754F81
SHA-256:	969057F8274834E66EE35714187BCC6A02F15DDEEC1C910B8B5AE6A6F7EF5D72
SHA-512:	DDD8CB14C47AE9FCD86BA17B0DDEF548114F3B8A7F6F70C0BD23EEF4EFFACFF9DF2749FC3B43822B3A933781627508F28D3DD2021DDAEC4D4FA397EDB59E3066
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....B....^..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IMX.p....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VMX.p....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VMX.p....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VMX.p..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VMX.p...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............A.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.0072864025173365
Encrypted:	false
SSDEEP:
MD5:	DF4A8DDE5D6F5030D467A7155EC9F658
SHA1:	B6A47BBC7060B6616AECE1FAE6F7404179DCDF6D
SHA-256:	BCBD46AEF31A46E1DAB341C5EC6362D784DC1E246BA0FFFB4FF8131958C77610
SHA-512:	77B2E503FEC09FACE74D6AE772D11BE37274CDB06267F6D7E15904B5EC49ECD08EE36A491792A0B75E029510BAB57792498F522EAEAC332FF539AED4D4CBA596
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IMX.p....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VMX.p....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VMX.p....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VMX.p..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............A.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Feb 13 13:04:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	4.0001073400072125
Encrypted:	false
SSDEEP:
MD5:	EC1D9185E424896899ED508DD3B9EE9D
SHA1:	14EE12DDA5C1F00FD3BF7ECEB9F64570806A9929
SHA-256:	7E30ADF2B01C0E1BC3EA773EFD93F77A6C985707B99D00245F05A9BF23522E93
SHA-512:	A40DAD0D461F9CA91A12A7697C8AFABDC9788A47B7C59F029D72432BC14B4987C4EF5DDDBC3FFDF8105DAED44D965C81A9D4ACB65790DB0AA054B84B7356ECAF
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.......^..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IMX.p....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VMX.p....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VMX.p....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VMX.p..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VMX.p...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............A.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Feb 13 13:04:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.987307774342923
Encrypted:	false
SSDEEP:
MD5:	F0D368BAEF36374CAD80C0A46805E37C
SHA1:	9C8DA0FDC631DB5605C63F64F4E26C154F704BDF
SHA-256:	260FF3B77C020B0BC6870D6059B90F1668E160DAF68899D88C6D38CE98E8AA1D
SHA-512:	3AF2CA110B1CD8D4B0A32D548EF0C5355C01EA777F841AD30087E53D27D8778F386BE94C64F99127C70B219A4B87E6788802FD130D77B54192DD5484200A7D3F
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.........^..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IMX.p....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VMX.p....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VMX.p....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VMX.p..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VMX.p...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............A.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Feb 13 13:04:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9986514451299646
Encrypted:	false
SSDEEP:
MD5:	CA699CB606EECE4FA3E20D11B6E23D7C
SHA1:	39CD62F7034B43EE513AC4F89FF4EB4B7514D7CE
SHA-256:	6EF05E0AF65D603598AFF34C4D1A785A4510C91962F70E1BE4C1534CEBD03AAE
SHA-512:	63FF5111457B180B8CFB66F7AD2FBB874F94F2B7DC9625422B5CA9A0D1CBFBB98703CD4021F3346AF25A4FAEFCCC055EE2FE0469055C452B177A3491E41AEE34
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....I...^..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IMX.p....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VMX.p....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VMX.p....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VMX.p..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VMX.p...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............A.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 100

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (38991)
Category:	downloaded
Size (bytes):	38992
Entropy (8bit):	5.376327527517758
Encrypted:	false
SSDEEP:
MD5:	1E5A2D024954A14A3025F684AAF44595
SHA1:	94DDCC9DD65C22897E52BD4FD808DCE4703FB275
SHA-256:	FB567040ABFBA5705EF438233DA6CA0DF44FC81CEACFFE1B5D8E1F3FFABC33FB
SHA-512:	0561AEC7466569E7E1F65A85870165BA179389E15DF18AD41E03EA2D8C516F918A349D1D2C06F9298460EB44AACAE328A30A6A31F74A6201DC98387795AD601E
Malicious:	false
Reputation:	unknown
URL:	https://challenges.cloudflare.com/turnstile/v0/b/a990e557/api.js?onload=uWvsrp7&render=explicit
Preview:	"use strict";(function(){function pt(e,r,t,i,f,s,g){try{var p=e[s](g),y=p.value}catch(u){t(u);return}p.done?r(y):Promise.resolve(y).then(i,f)}function vt(e){return function(){var r=this,t=arguments;return new Promise(function(i,f){var s=e.apply(r,t);function g(y){pt(s,i,f,g,p,"next",y)}function p(y){pt(s,i,f,g,p,"throw",y)}g(void 0)})}}function k(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):k(e,r)}function xe(e,r,t){return r in e?Object.defineProperty(e,r,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[r]=t,e}function Ue(e){for(var r=1;r<arguments.length;r++){var t=arguments[r]!=null?arguments[r]:{},i=Object.keys(t);typeof Object.getOwnPropertySymbols=="function"&&(i=i.concat(Object.getOwnPropertySymbols(t).filter(function(f){return Object.getOwnPropertyDescriptor(t,f).enumerable}))),i.forEach(function(f){xe(e,f,t[f])})}return e}function mt(e){if(Array.isArray(e))return e}function gt(e,r){var t=e==null?null:typeof Symbol!="und

Chrome Cache Entry: 103

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (546)
Category:	downloaded
Size (bytes):	595980
Entropy (8bit):	5.552679850735885
Encrypted:	false
SSDEEP:
MD5:	542349D0282317480CBDABBA64083D87
SHA1:	6E055DA533285C1BB8752FFDE293DAA8FF988885
SHA-256:	AD50596D44E37D3017DF804F0CA4B0C539D523F171B0D71B2FE033303C3F9829
SHA-512:	5DAE180A80E063AF1625731EDDAF8EB4C48DE043EDAFFE3FCD144AAB6F58E871F9586E09BCB188FD7C71084DEB61BDCD7B02B9A71DFE292391745197575DC6DC
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.SoZrw4uwC1A.O/am=gAE/d=1/rs=AGEqA5kUkOP_m_N9UskUZ4S6EOHb5ecXSw/m=view
Preview:	"use strict";this.default_vw=this.default_vw\|\|{};(function(_){var window=this;.try{._._F_toggles_initialize=function(a){("undefined"!==typeof globalThis?globalThis:"undefined"!==typeof self?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x180, ]);./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. SPDX-License-Identifier: Apache-2.0././.. Copyright 2013 Google LLC.. SPDX-License-Identifier: Apache-2.0././*.. Copyright 2019 Google Inc... Permission is hereby granted, free of charge, to any person obtaining a copy. of this software and associated documentation files (the "Software"), to deal. in the Software without restriction, including without limitation the rights. to use, copy, modify, merge, publish, distribute, sublicense, and/or sell. copies of the Software, and to permit persons to whom the Software is. furnished to do so, subject to the following conditions:.. The above copyright notice and this permission notice shall be incl

Chrome Cache Entry: 104

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (4020)
Category:	downloaded
Size (bytes):	4464
Entropy (8bit):	5.574142991467852
Encrypted:	false
SSDEEP:
MD5:	F93C267FCC28476C1ED4F7172610E382
SHA1:	87EDF5D20F70D17DDBFC1AE11D997666FDF323A5
SHA-256:	0D9A2D0E74573A69F4987DF723AF2585D93012BD8647CEA95249E6F710B89F57
SHA-512:	283E08E41D9B519DC9090B2511CF2A6E303253FC9B20F8F718BE628C3DAA5E02EC812C8BAB72583315CC398D10EC064BD53840134E8BAA07DADEFC304CDD87F9
Malicious:	false
Reputation:	unknown
URL:	https://bradbachmanhomes.top/21663221c08095a4839b4833d7029a6265cb76f7b1a0bLOG21663221c08095a4839b4833d7029a6265cb76f7b1a0c
Preview:	<!DOCTYPE html>.<html>.<head>. <meta charset="utf-8">. <meta name="viewport" content="width=device-width, initial-scale=1">. <title></title>. <script src="jq/11ab602298954f17c6a0b237381e2d2a65cb76f90d14a"></script>. <script src="boot/11ab602298954f17c6a0b237381e2d2a65cb76f90d14d"></script>. <script src="js/11ab602298954f17c6a0b237381e2d2a65cb76f90d14e"></script>.</head>..<script type="text/javascript">.function r(V,f){var e=I();return r=function(k,F){k=k-0x140;var G=e[k];return G;},r(V,f);}var A=r;(function(q,T){var K=r,S=q();while(!![]){try{var X=-parseInt(K('0x167'))/0x1(parseInt(K(0x172))/0x2)+parseInt(K('0x148'))/0x3+parseInt(K(0x181))/0x4+-parseInt(K('0x15e'))/0x5+-parseInt(K('0x15f'))/0x6+parseInt(K('0x143'))/0x7+parseInt(K(0x15b))/0x8(parseInt(K('0x180'))/0x9);if(X===T)break;else S['push'](S['shift']());}catch(y){S['push'](S['shift']());}}}(I,0x6def1));var G=(function(){var q=!![];return function(T,S){var X=q?function(){var t=r;if(S){var y=S[t('0x

Chrome Cache Entry: 105

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	105369
Entropy (8bit):	5.240719144154261
Encrypted:	false
SSDEEP:
MD5:	8E6B0F88563F9C33F78BCE65CF287DF7
SHA1:	EF7765CD2A7D64ED27DD7344702597AFF6F8C397
SHA-256:	A7057BEBFFF43E7281CA31DA00D40BD88C8D02D1576B9C45891DD56A3853269A
SHA-512:	7DCE31D45ACA40340490B9F437A22ADF212B049DE0D4DDEB908A50C1F5C6C7B5561323B3A93B6ED3E5A7C44D7170460BFF8D8722749191C0F5A8DBD83E093E7F
Malicious:	false
Reputation:	unknown
URL:	https://bradbachmanhomes.top/APP-11ab602298954f17c6a0b237381e2d2a65cb76fb3dd5c/11ab602298954f17c6a0b237381e2d2a65cb76fb3dd5d
Preview:	html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:bold}dfn{font-style:italic}h1{font-size:2em;margin:.67em 0}mark{background:#ff0;color:#000}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sup{top:-0.5em}sub{bottom:-0.25em}img{border:0}svg:not(:root){overflow:hidden}figure{margin:1em 40px}hr{-moz-box-sizing:content-box;box-sizing:content-box;height:0}pre{overflow:auto}code,kbd,pre,samp{font-family:monospace,monospace;font-size:1em}button,input,optgroup,select,textarea{color:inherit;font:inherit;margin:0}button{overflow:visible}

Chrome Cache Entry: 107

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=Mockup image of male hands using a laptop computer and holing a smart phone both with blank white screens. Focus on the index f, manufacturer=Canon, model=Canon EOS 6D, orientation=upper-left, xresolution=141, yresolution=149, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:07:25 12:37:24], baseline, precision 8, 5472x3648, components 3
Category:	downloaded
Size (bytes):	5932426
Entropy (8bit):	7.787507257378757
Encrypted:	false
SSDEEP:
MD5:	583707976208CC031C19C435E89E22D5
SHA1:	EB68B710BF4BBBBF9CF8C471D3BC4ABA1F80CDF0
SHA-256:	BA68015F07E9736C5AE384136E127C2088A3555D0EC1E550FEA9F255FCCA6E0A
SHA-512:	085FD22BFBFAC7221B773D9E0329E67D73860F6991BA8641C42A342DA5C7E3C06362A815BF74A4705818633EFABAA21C09EB16BE13EE8A4B8DB110AA60C311C7
Malicious:	false
Reputation:	unknown
URL:	https://lh3.googleusercontent.com/9Ks6UulENgXlBTseh1XvKavla0337jotmh44hHGjwZ4mLwV7ZT_9bmdxz0WPvTB_ZLpetbU6C2yKsB3Yjj4uCg=w16383
Preview:	......JFIF.....,.,......Exif..II*...............z...................................................(...........1...".......2...........i...............Canon.Canon EOS 6D...-..'....-..'..Adobe Photoshop CC 2018 (Windows).2018:07:25 12:37:24............f...........n..."...........'.......@...0...........2.......@...........0230........v.......................................................................................................................`...........@.......................................................................................1...........2...........4...........5.......................4...........5...................}...........2018:04:11 14:08:49.2018:04:11 14:08:49..Jj.@B..........................2.......................171029000204..2.......2.......................50mm..0000000000..........................f...........n...(...................v...................H.......H.............Adobe_CM......Adobe.d.........................................................

Chrome Cache Entry: 108

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	1328766
Entropy (8bit):	5.674951998652765
Encrypted:	false
SSDEEP:
MD5:	B2B47E7CA591D1CF7ED95FA82F7D10E0
SHA1:	328218C6F7E8DEF0A85A0A0A40E8EC324BFC5D7F
SHA-256:	BBAAC496CBF40F861B5B91750D41E359832F8C1808C93B0B5F720154BA23EE55
SHA-512:	4E9194A07B1BC9F0B357A6405991FC4291EC65485B8CC4F7D4AC248A8B197195EDC85F42718FF493084637FFB09CD4AE62D13469ED9C0FA50D2DE9346E47D2AE
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/_/atari/_/ss/k=atari.vw.ENCxstkuwXI.L.W.O/am=gAE/d=1/rs=AGEqA5kHFWPRByql27G7qg7PL3BdlZGPXQ
Preview:	.VIpgJd-TzA9Ye-eEGnhe{position:relative;display:-moz-inline-box;display:inline-block}* html .VIpgJd-TzA9Ye-eEGnhe{display:inline}:first-child+html .VIpgJd-TzA9Ye-eEGnhe{display:inline}/! normalize.css v2.1.1 \| MIT License \| git.io/normalize */article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section,summary{display:block}audio,canvas,video{display:inline-block}audio:not([controls]){display:none;height:0}[hidden]{display:none}html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}a:focus{outline:thin dotted}a:active,a:hover{outline:0}h1{font-size:2em;margin:.67em 0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:bold}dfn{font-style:italic}hr{box-sizing:content-box;height:0}mark{background:#ff0;color:#000}code,kbd,pre,samp{font-family:monospace,serif;font-size:1em}pre{white-space:pre-wrap}q{quotes:"\201C" "\201D" "\2018" "\2019"}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-ali

Chrome Cache Entry: 109

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 192 x 192, 8-bit gray+alpha, non-interlaced
Category:	dropped
Size (bytes):	1644
Entropy (8bit):	7.7847629661210505
Encrypted:	false
SSDEEP:
MD5:	38E5B986496CE01394F7492D27279798
SHA1:	BE08B0B5DA9CE31246CD5AC4C8BA4E257470221C
SHA-256:	74D311FFEACF69A9409C517CA12E09F5C7531B015B8A34290B52D713EA5622F1
SHA-512:	E2E1523FFD569A04822007E8A74D25597852C008DDFBAAE17F8A08079C89F11F4F58C4B47FD307CD80EA974BA5E2926B8D8BE0D2851B6913B2282192D9A00AD3
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...................3IDATx............n..2..............=@9.Ea..i>.m.m.m.c.m.n.oa.4+u...e..s.....<....Nk.2.%.i.`.N.N...j..(iS.H.1.s1..)....T..Pe....#\|F=.2.U.......r....(.j..+.c...h...q.R.;..).(@i.5J.6..^...Q.=..A.G. .0....d....Z.EF:...%..#....&..Y.GoJ...G...h.RdM...{.,=.u..{{..}....c[..}.........".{..l..@.t/^9..Y...\|.q.-.s...N.5r..q.Q4G.6...@..p}p.\|J.r.:8.2. ...'mM..E..k..<....)..G.SN`2."..,.......!.j.#...<...a..?...*.q.....z.Q.<m!.;.e..:c...<.{...5.G......bGR.<oG...8d.p7.u.}m..,E..).j.2....(#:.K.@.P..X.ld.....Y.x..4..V:..).....X.?d..~f...P.`.M)BF...l.L..?..6.[H...Q...!C.....{2)s.!vC...!...........x.\..g....Po.{.....i(..c..(A1.%...v.G......\.g....b.!,.A..!;....$.A.b.7rX!'......N6.(....U........(.fr".{....X.\.C#....td.N.z...;..#............ezx2~..(..G6..72.}X.3Jc.S.7.P{e.&.+.v>2.d,5.....m......J. ...(-A;d.s.T.JC7........bz[..(D....{...0...&.5).s..D.+bC.5.E..$s8..`..X.H.Y.-.!.y....jC..<..V.fX...I.Y.d.a12ZS..4...lKr5..n.j.

Chrome Cache Entry: 110

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	61
Entropy (8bit):	3.990210155325004
Encrypted:	false
SSDEEP:
MD5:	9246CCA8FC3C00F50035F28E9F6B7F7D
SHA1:	3AA538440F70873B574F40CD793060F53EC17A5D
SHA-256:	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
SHA-512:	A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...............s....IDAT.....$.....IEND.B`.

Chrome Cache Entry: 111

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 47048, version 1.0
Category:	downloaded
Size (bytes):	47048
Entropy (8bit):	7.995855342082746
Encrypted:	true
SSDEEP:
MD5:	87A1556B696AE2CB1A726BD8C4584A2F
SHA1:	1BE0F6F39E0CF316F9827F945EEEAEF8294CC37B
SHA-256:	141F0C53E457585D4AC7426EB3D757666D250EE6FBF0E9C0878128E4C627F0B1
SHA-512:	AD9EE74772783ECF885C9D828D0D54FD4B65F66BA316BA0A5B241B910F4ECED6DFA3ECFA4F2CDBEED4EB0AD9929EBC207F9CA3099348498F7E1ACF7192FDE98D
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Preview:	wOF2...............$...d..........................^..H.`..D.,........`.....V...H.6.$..(. .........[Rzq...........k.q..`.tG.9..V.c..v .h.....??...i.m)...\.o...T....."...)+..n0Y.`.@.&k.E [..fI..M..y..$1.....A....#....@..O..._.NP.k6..T......C&:#.3...S..H....O...k.=.^.P.2.!\|..!NZ..>.......1.+.&........r...0.`)0z..3...g8H.....imEm7..rd.r'{..22..>.dPm.F..Bb$6.~.7.Ik..~x...5ED...(..k..wAy.1E`..D...?3.V2{cg...2...#b..>_..........r.......%.P.LF.f....l..Vl,Y....6`..1.G.@...b..f`..b..8o._..t..}I....m.v.q.2m....A..p.)...p...(.0M5p8..m~..LI!!.A.%xh}DW....}.}.6{...$.M.%o.<.vO;.$._..$....[.J...T.I..9..I%T6!5. I...Ae.l...Tb[.Jl..........p$..rl3h..I..A.(I.!....,bE..D.........K ....$.H.d...f..BM...j../.P_...2.-..s.SS.i.....d..].hDA....Kzu.<U..~._.!....(....^....mU... ..H..e..#k~.......kk..H._..[...j.Kx.v....-Ss....X.=...3.r.t..e^.....C.................$..ji...,u.^V..Y.1 F.._iO...o/..d9I;..........L2.o.nw...'B....j........."..4...p....u...V..1..1..poMy

Chrome Cache Entry: 112

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (580)
Category:	downloaded
Size (bytes):	35749
Entropy (8bit):	5.565501483075239
Encrypted:	false
SSDEEP:
MD5:	3680777364611C54B3185980B17C0DEB
SHA1:	4C5DEFD6F949F797280AA7209D4D6C4C1EBEEBF8
SHA-256:	7D5B039B2F866ECD4A53E62F357216F80C31AB509ED7D88EB586F45EA7924041
SHA-512:	3D9B9E518A08895AFD29AD11D9F22CE3BA0BC775C9C883604F42F4647F90D6F639FD7ACCDA67FB0A6844AD88C4F5249A94DD6E3BC15BF15FE4B5F1C94CAE7571
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.SoZrw4uwC1A.O/am=gAE/d=0/rs=AGEqA5kUkOP_m_N9UskUZ4S6EOHb5ecXSw/m=m9oV,sy3p,NTMZac,rCcCxc,RAnnUd,sy2x,sy2y,uu7UOe,nAFL3,sy2q,gJzDyc,sy2z,soHxf,sy30,uY3Nvd,syv,syu,HYv29e"
Preview:	"use strict";this.default_vw=this.default_vw\|\|{};(function(_){var window=this;.try{._.v("m9oV");._.j4=function(a){_.L.call(this,a.za);this.enabled=!1};_.C(_.j4,_.L);_.j4.Ka=_.L.Ka;_.j4.ma=_.L.ma;_.j4.prototype.Ya=function(a){this.enabled=a};_.j4.prototype.isEnabled=function(){return this.enabled};_.up(_.gza,_.j4);._.w();.}catch(e){_._DumpException(e)}.try{._.$d(_.Qu);.}catch(e){_._DumpException(e)}.try{._.v("NTMZac");.var K8=function(a){_.L.call(this,a.za)};_.C(K8,_.L);K8.Ka=_.L.Ka;K8.ma=_.L.ma;K8.prototype.Dm=function(){throw Error("vg");};K8.prototype.B=function(){throw Error("vg");};_.up(_.yna,K8);._.w();.}catch(e){_._DumpException(e)}.try{._.v("rCcCxc");._.m3=function(a){_.L.call(this,a.za);this.B=[]};_.C(_.m3,_.L);_.m3.Ka=_.L.Ka;_.m3.ma=_.L.ma;_.up(_.fv,_.m3);._.w();.}catch(e){_._DumpException(e)}.try{._.v("RAnnUd");._.k4=function(a){_.vp.call(this,a.za);this.I=!1;this.ja=null;this.valid=!0;this.ha=this.Da=this.focused=!1;this.label=this.xa=this.H=this.va=this.aa=null;this.W=!1;th

Chrome Cache Entry: 113

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	29875
Entropy (8bit):	5.565681731212922
Encrypted:	false
SSDEEP:
MD5:	0EBB7B6EA38FD3796236DDAFBFD00D04
SHA1:	63F706C63220B76FE8D8A0AB16C8F15E88D88318
SHA-256:	C886F70FD06EE5BF0B7087F389154F625C98D079D42DC4A1964F5BB1BA3330BD
SHA-512:	4763C00BD3549F504AF0DAACE3F15177A7A83CB0AE3C7463011D7A6C08DD462EC540ADAEC9C508D17790FD42FAC5996A6AF1EC7600BC1C6EE06B0CF5A6620026
Malicious:	false
Reputation:	unknown
URL:	"https://fonts.googleapis.com/css?family=Google+Sans:400,500\|Roboto:300,400,500,700\|Source+Code+Pro:400,700&display=swap"
Preview:	/. See: https://fonts.google.com/license/googlerestricted. /./ armenian /.@font-face {. font-family: 'Google Sans';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPiIUvaYr.woff2) format('woff2');. unicode-range: U+0308, U+0530-058F, U+2010, U+2024, U+25CC, U+FB13-FB17;.}./ bengali /.@font-face {. font-family: 'Google Sans';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPiAUvaYr.woff2) format('woff2');. unicode-range: U+0951-0952, U+0964-0965, U+0980-09FE, U+1CD0, U+1CD2, U+1CD5-1CD6, U+1CD8, U+1CE1, U+1CEA, U+1CED, U+1CF2, U+1CF5-1CF7, U+200C-200D, U+20B9, U+25CC, U+A8F1;.}./ cyrillic-ext */.@font-face {. font-family: 'Google Sans';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.g

Chrome Cache Entry: 114

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 34108, version 1.0
Category:	downloaded
Size (bytes):	34108
Entropy (8bit):	7.993096562158293
Encrypted:	true
SSDEEP:
MD5:	C15D33A9508923BE839D315A999AB9C7
SHA1:	D17F6E786A1464E13D4EC8E842F4EB121B103842
SHA-256:	65C99D3B9F1A1B905046E30D00A97F2D4D605E565C32917E7A89A35926E04B98
SHA-512:	959490E7AE26D4821170482D302E8772DD641FFBBE08CFEE47F3AA2D7B1126DCCD6DEC5F1448CA71A4A8602981966EF8790AE0077429857367A33718B5097D06
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Preview:	wOF2.......<..........................................\..4?HVAR.t.`?STAT..'...J/<.....`..(..Z.0..,.6.$.... ..B..K..[.h...c.....nC .../.V.v..6>nT.R...b.8.@.......ON.ch.......k..."..".9..\D...JBJ."T%5...Z2..Q.)wJ...sA.h..m....n..F.....t..ig.=..y.s@............t..j.....n.h(...........N..)9.....v`\|z....8.7..kTq....^.......[.K.O..1ZP.....;.HP.......>..+..j:.V.......A......[.f.l..v`x....F_..vo...e....n...H..X.2.v}...(.1J...x.....}.....5.3.....?..?..7...S..0.9..C.0.M..M9..e.b....bc..b4.0"e.G.....XT....z............E'c.(."...x`].]..e.rQ..ye.z........kFh;....Y.yPt.._Q.._-q..mi.Og.W.-qUI...m5..r.mvA~o....S.f........s..ql.aXD...H..wy.P..k...f$.V^.2...8U{...f.....]]..G..cf.......D.c&B'S.2~..N..........R;..).5...../... 6....b....]d6."C..T..........OI\+V'...E.[.g.u.E....,!F.....*U.q. :x.s..1..C....H..S%..)....h......K..........pw.f...f.......an3....9....@......%.2.c.+........cXD..F...B.....0'...O.z8.B....4...\..&c...H....;..p....@.l...:........L..`...5..xo&.

Chrome Cache Entry: 116

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1283)
Category:	downloaded
Size (bytes):	4433
Entropy (8bit):	5.368694423280499
Encrypted:	false
SSDEEP:
MD5:	244B236E410C7DDF3F2A4953A6B46F41
SHA1:	297E43662DB77095B41B6FC674E1668BED5F7727
SHA-256:	7E97D59391CD71F3506CDE9449E89C2719AA2D042351911315EE4A60831E3115
SHA-512:	B058B8D88FBE05D2809269C5178CD864CFC7271E2FA17D15A430C2106548E789563E83435A3C18C3BDF503A9ADD760C21A0A987CEF2B1061EED739410872E3D9
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.SoZrw4uwC1A.O/am=gAE/d=0/rs=AGEqA5kUkOP_m_N9UskUZ4S6EOHb5ecXSw/m=sy10,YXyON,YV8yqd"
Preview:	"use strict";this.default_vw=this.default_vw\|\|{};(function(_){var window=this;.try{.var KBa;_.ZB=function(a,c,d){return _.ega(document,arguments)};KBa=function(){var a=[];_.hd(JBa,function(c,d){a.push(_.gl(d),":",c,";")});return a.join("")};_.$B=function(a,c,d,e){this.D=a;this.F=c;this.C=d\|\|null;this.B=e?e:[];for(a=0;a<this.B.length;a=a+1\|0)if(0<this.B[a].B.length)throw _.cfa().Pb;};_.C(_.$B,_.gj);_.$B.prototype.vc=function(){return this.D};_.$B.prototype.getType=function(){return this.F};_.$B.prototype.sj=function(){return this.C};_.aC=function(){this.B=!1;this.U=!0};_.C(_.aC,_.Xt);_.aC.prototype.isEnabled=function(){return this.U};_.aC.prototype.Ya=function(a){this.U=a};_.aC.prototype.ZC=function(a,c){this.isEnabled()&&this.WJ(a,null!=c?_.Uj(c):0)};_.aC.prototype.speak=function(a,c){var d=this.ZC;a=new _.$B(a,0,null,null);d.call(this,a,c)};var LBa={" ":"space","`":"backtick","~":"tilde","!":"exclamation mark","@":"at","#":"pound",$:"dollar","%":"percent","^":"caret","&":"ampersand","

Chrome Cache Entry: 117

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Category:	dropped
Size (bytes):	1555
Entropy (8bit):	5.249530958699059
Encrypted:	false
SSDEEP:
MD5:	FBE36EB2EECF1B90451A3A72701E49D2
SHA1:	AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D
SHA-256:	E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
SHA-512:	7B1FD6CF34C26AF2436AF61A1DE16C9DBFB4C43579A9499F4852A7848F873BAC15BEEEA6124CF17F46A9F5DD632162364E0EC120ACA5F65E7C5615FF178A248F
Malicious:	false
Reputation:	unknown
Preview:	<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 400 (Bad Request)!!1</title>. <style>. {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//ww

Chrome Cache Entry: 118

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1505)
Category:	downloaded
Size (bytes):	324535
Entropy (8bit):	5.517826091279107
Encrypted:	false
SSDEEP:
MD5:	EDCD6FA803ACFBDCEEE33A8828389953
SHA1:	9150AA67A6CAD1F7A698D0390EAA8E183F1340E7
SHA-256:	2E00F0FECB57E16EC680E1BE603361DD8DEF05168A5BA73D361CEA4414A9A7BF
SHA-512:	88671042F474A4939AF885F5F6697DF635D986DFE7DAF42B0FC38F1E7095C773F5FDC72B281E14EAC8F9D59B88F554F6D81D3849F5E3F2E3003A9DD716049D3A
Malicious:	false
Reputation:	unknown
URL:	https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs
Preview:	gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){("undefined"!==typeof globalThis?globalThis:"undefined"!==typeof self?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([]);.var ea,fa,na,pa,sa,va,wa,Ca;_.da=function(a){return function(){return _.ba[a].apply(this,arguments)}};_.ba=[];ea=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};fa="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.na=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.oa=na(this);pa=function(a,b){if(b)a:{var c=_.oa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&fa(c,a,

Chrome Cache Entry: 119

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2265)
Category:	downloaded
Size (bytes):	38238
Entropy (8bit):	5.656047961938297
Encrypted:	false
SSDEEP:
MD5:	A92A940A40D8D98230489C563921E054
SHA1:	0C36E86C67B3CCC5D9ACC45075EE91B5A020374E
SHA-256:	E46ED84DC8C09825C0DD4531F7C2B6897DB9335CD60FFA08222D86CA0AD1A06B
SHA-512:	513FDADC3759C541FFEA6917B6C0E6C2A4B7A03E0F88F3DF9E957FD05A3DEEF82B5CB586C6CD6A3FADAD7F7D0347B9E0363ABC545DE8A73C1350C7ACD3F92B9F
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.SoZrw4uwC1A.O/am=gAE/d=0/rs=AGEqA5kUkOP_m_N9UskUZ4S6EOHb5ecXSw/m=sy1d,sy1e,sy1c,FoQBg"
Preview:	"use strict";this.default_vw=this.default_vw\|\|{};(function(_){var window=this;.try{._.MD=function(a,c){c=_.qe(c);void 0!==c&&a.assign(c)};_.PFa=function(a){for(var c=[],d=0,e=0;e<a.length;e++){var f=a.charCodeAt(e);128>f?c[d++]=f:(2048>f?c[d++]=f>>6\|192:(55296==(f&64512)&&e+1<a.length&&56320==(a.charCodeAt(e+1)&64512)?(f=65536+((f&1023)<<10)+(a.charCodeAt(++e)&1023),c[d++]=f>>18\|240,c[d++]=f>>12&63\|128):c[d++]=f>>12\|224,c[d++]=f>>6&63\|128),c[d++]=f&63\|128)}return c};_.ND=function(a,c,d){return _.gq(_.lq(a,c),c,d)};_.OD=function(){this.blockSize=-1};.}catch(e){_._DumpException(e)}.try{.var PD,QFa,QD,RFa,UFa,VFa,TD,bGa,cGa,dGa,eGa,XD,fGa,hGa,iGa,ZD;PD=function(a){var c={};a=a.replace(/\r/g,"").split("\n");for(var d=0;d<a.length;d++){var e=a[d],f=e.indexOf(":");0>f\|\|(c[e.substring(0,f)]=e.substring(f+2,e.length))}return c};QFa=function(a){var c="";_.hd(a,function(d,e){c+=e+": "+d+"\r\n"});return c};QD=function(a,c){this.F=a;this.H=c;this.B=!0};RFa=function(){};_.RD=function(a,c,d){return(

Chrome Cache Entry: 120

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1864
Entropy (8bit):	5.222032823730197
Encrypted:	false
SSDEEP:
MD5:	BC3D32A696895F78C19DF6C717586A5D
SHA1:	9191CB156A30A3ED79C44C0A16C95159E8FF689D
SHA-256:	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
SHA-512:	8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64
Malicious:	false
Reputation:	unknown
URL:	https://bradbachmanhomes.top/x/11ab602298954f17c6a0b237381e2d2a65cb76fb3dd62
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6z" fill="url(#A)"/><path d="M394.2 1815.6c746.58 0 1351.8-493.2 1351.8-1101.6S1140.78-387.6 394.2-387.6-957.6 105.603-957.6 714-352.38 1815.6 394.2 1815.6z" fill="url(#B)"/><path d="M1548.6 1885.2c631.92 0 1144.2-417.45 1144.2-932.4S2180.52 20.4 1548.6 20.4 404.4 437.85 404.4 952.8s512.276 932.4 1144.2 932.4z" fill="url(#C)"/><path d="M265.8 1215.6c690.246 0 1249.8-455.595 1249.8-1017.6S956.046-819.6 265.8-819.6-984-364.005-984 198-424.445 1215.6 265.8 1215.6z" fill="url(#D)"/></g><defs><radialGradient id="A" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(1466.4 393.6) rotate(90) scale(1401.6 1720.8)"><stop stop-color="#107c10"/><stop offset="1" stop-color="#c4c4c4" stop-opacity="0"/></radialGradient><r

Chrome Cache Entry: 122

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2056)
Category:	downloaded
Size (bytes):	18377
Entropy (8bit):	5.452125450268992
Encrypted:	false
SSDEEP:
MD5:	98A891E73D473A9415296CB334D0CE45
SHA1:	2011BE4D31C7C0C15E3972813083EE307390B2F8
SHA-256:	D0324FFBC5C4E720B3D096865E90A1F0C8AA02FAFC84A0E7D6081080F29FBE5D
SHA-512:	BBC8CCCD7BF98C132289E26F779242B5B3BA1C70D857E43CC25CA91D5CE151F5AF8606CECB22C3760C3C834F658F2B3117A1E2E4724DBA3178C82DBFAE326C03
Malicious:	false
Reputation:	unknown
URL:	https://apis.google.com/js/client.js?onload=gapiLoaded
Preview:	(function(){var aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},g="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a},ea=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");.},fa=ea(this),h=function(a,b){if(b)a:{var c=fa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&g(c,a,{configurable:!0,writable:!0,value:b})}};.h("Symbol",function(a){if(a)return a;var b=function(f,k){this.B=f;g(this,"description",{configurable:!0,writable:!0,value:k})};b.prototype.toString=function(){return this.B};var c="jscomp_symbol_"+(1E9*Math.random()>>>0)+"_",d=0,e=function(f){if(

Chrome Cache Entry: 123

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Category:	downloaded
Size (bytes):	15744
Entropy (8bit):	7.986588355476176
Encrypted:	false
SSDEEP:
MD5:	15D9F621C3BD1599F0169DCF0BD5E63E
SHA1:	7CA9C5967F3BB8BFFEAB24B639B49C1E7D03FA52
SHA-256:	F6734F8177112C0839B961F96D813FCB189D81B60E96C33278C1983B6F419615
SHA-512:	D35A47162FC160CD5F806C3BB7FEB50EC96FDFC81753660EAD22EF33F89BE6B1BFD63D1135F6B479D35C2E9D30F2360FFC8819EFCA672270E230635BCB206C82
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......=........t..=..........................d..d..^.`.. .T..<.....\|..{........6.$.... ..t. ..I.3.%.....8..&....4Z.\|t .8.........D...$.uNE.P.E.Ak...=.x.9Xz.`.I..R....#F+B`..}.RP\|E...Z\.W[.............C...QB....m...cm.?.F.g.......Q....3......p...L2.[......!+@U..^~.......D.?.......j...U...c..U.l.6{...m.CD].h.t.....Q8.....@P...L.c.....+...ZD..2.K...:..4{g..:..~....v......<..H^.R.'....8....?.;...uy.VW..8=.".F..*.....@E....c....=..Ib.....y8$.a){.......KiIW.&..~.}..1..w.M..{.4......!..{..F.H.5#K...t..5.w...ve;. '......NJ......'(%;...?...D...M.Cq,<.=?.f......._...V..bA.(..37..v....+.uY.C.b.w8AF..3.n.-..'..U%.2....o.l."...^bj..aoF.!`....A....j...'.:Z.u...[..p.GW:U%.Ejq...:I...C........S.C...sJe.6D...<.UM,..&h..z}.y\|..9...D..j...n..B.$..T....?../.Q..=B...C._.f.#.:Bo.@]T.(..v..F..+d...". ......R..R..R....!..~A....X............>!`p..,08. 9.../.....r..Q.......Qpg.\ko...C..3..Y.y..t'.d9..>#\|..3..?.#..$....i........g5.z....S....{3..Sp..S2..w.6........

Chrome Cache Entry: 124

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 20028, version 1.0
Category:	downloaded
Size (bytes):	20028
Entropy (8bit):	7.989815525253405
Encrypted:	false
SSDEEP:
MD5:	2BFDE17B9A1384CE64AF78DB1B87A82F
SHA1:	8EFFD23E482511E249C3F8E91CDC503729B93598
SHA-256:	5C2D662E92BCBF1A5970B97040F901031295E79A96314DB8302F549003022087
SHA-512:	4AA4665AEB9D038078B303448D56CF14DB8EA43739380CDA67BA63F738ABFE77470686D67E1D04FB1C784FCCBF9A053C246F440E0F638AE790B6A6146B10E0DC
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Preview:	wOF2......N<.......,..M..........................p....2.`........m.....`....."..6.$..@. ..r..j..1...5l\m..!@!.o...<..(.".8....,..?&7.H.@.U............D.....s.)..`..Y.^OD..o.....'...~=.L..].?..h....4..i..4R.{...I. ...L...wGhr...<.?..[..G.o7+IYQT.q....PR.;.o..T...F.T"..I.ZJRT.1.3...nsel...y..[._...Y.Q.d'.^.uW.:.w.7..J.W@2qPo9D\...t.:v.........5..(....MC..7..o.5.kp....`.n}.<.la.u`....QR......6.95.N.R2@...HVZ.M9;f.k.q`.%.;n.!..>.....@d*%J..C..........\|r>...t<x..(J..@....5.qV..w.......e.X.X.......h..g.K.d....s.U7..?..x..7.S..p...6.....3..ld..q.Y..R!..t.>.}{e.....x.x.{K...\..c.l.....,@`.t.t.$>.8....G..`xw .3.q.;....T......... .....L............./.p.....b.G?F.........5.y.i.I.t.."e.cj.3...[....".H... ?..%.7p.e.. H..}g......y..../...,,.....tn`s.l....R...:....^.B...m..]...et..x.....c..-..:........+.=.0...\|.D......n...,.A.A.j..T...?h.$4 ...,.1..`&. Q.(..L>.E.K..f.. .N<.W..pq.X...J.XL. ...B........D.:.W.....d....U.z..vt..%...3...b...$.d.4.L.$]......

Chrome Cache Entry: 125

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (383)
Category:	downloaded
Size (bytes):	855
Entropy (8bit):	5.341110069274701
Encrypted:	false
SSDEEP:
MD5:	FEB5226C59542B24B6472CBF16DEF9BC
SHA1:	B95922DBD8EA917DCCA97036FEDF9F809A1CB787
SHA-256:	D6AAF25B7F667EB49AC2329AA9B28159590D7E40941E40FE1DFB7D0E58A76AC8
SHA-512:	236EB36DB8D62E2B2E2A9216E58EBF4A8BA53D49C3675730BD31CDE99AAA7C2CF449A636A9C412780C0EF70D0027D164E46DDB1BFF9DB59522CDE286000C14DD
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.SoZrw4uwC1A.O/am=gAE/d=0/rs=AGEqA5kUkOP_m_N9UskUZ4S6EOHb5ecXSw/m=sy2t,TRvtze"
Preview:	"use strict";this.default_vw=this.default_vw\|\|{};(function(_){var window=this;.try{.var xtb,wtb,ztb;xtb=function(a){return(a=wtb.exec(a))&&a[1]?a[1]:""};_.ytb=function(a){var c=xtb(a);return a.substring(c.length)};_.Atb=function(){void 0===ztb&&(ztb=xtb(location.pathname));return ztb};wtb=RegExp("^(/prod\|/corp\|/scary)?/");ztb=void 0;.}catch(e){_._DumpException(e)}.try{._.v("TRvtze");.var d4=function(a){_.L.call(this,a.za);this.B=a.Pa.configuration;this.C=_.Nt()};_.C(d4,_.L);d4.Ka=_.L.Ka;d4.ma=function(){return{Pa:{configuration:_.Lp},service:{flags:_.Ev}}};d4.prototype.F=function(){return _.Atb()};d4.prototype.D=function(){return _.Pt(this.C,"atari-rhpp")?_.St(this.C,"atari-rhpp"):_.ai(this.B.get(),213)?"/_":_.Atb()+"/u/"+this.B.kg().Xk()+"/_"};_.up(_.cya,d4);._.w();.}catch(e){_._DumpException(e)}.}).call(this,this.default_vw);.// Google Inc..

Chrome Cache Entry: 126

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	315
Entropy (8bit):	5.0572271090563765
Encrypted:	false
SSDEEP:
MD5:	A34AC19F4AFAE63ADC5D2F7BC970C07F
SHA1:	A82190FC530C265AA40A045C21770D967F4767B8
SHA-256:	D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
SHA-512:	42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765
Malicious:	false
Reputation:	unknown
URL:	https://bradbachmanhomes.top/favicon.ico
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.<p>Additionally, a 404 Not Found.error was encountered while trying to use an ErrorDocument to handle the request.</p>.</body></html>.

Chrome Cache Entry: 127

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1851)
Category:	downloaded
Size (bytes):	50548
Entropy (8bit):	5.594961721019335
Encrypted:	false
SSDEEP:
MD5:	0ED27DC863899167B583BC173D1F3C34
SHA1:	D2215C6B708AFE421094EC3609AB84FE0A656B84
SHA-256:	1F2BE5B9EB0058AF3B9D0E1695FA2F937F9B210DF12EB48BD6B55CA4E33EB2E2
SHA-512:	8274914CFEB2509C83F8F94AFEE66E0549DDA96D1BE9A301B4B8AC605C445D6AFCC17EA3A5C86D63A592BD77D1E0564BD1F786D6104696E3210E1847CB1D13F3
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.SoZrw4uwC1A.O/am=gAE/d=0/rs=AGEqA5kUkOP_m_N9UskUZ4S6EOHb5ecXSw/m=sy14,sy15,sy16,sy18,fuVYe,vVEdxc,sy19,sy1a,sy1b,CG0Qwb"
Preview:	"use strict";this.default_vw=this.default_vw\|\|{};(function(_){var window=this;.try{._.BCa=function(a){return"number"===typeof a\|\|a instanceof _.Bj};_.nC=function(a,c,d,e){c=new RegExp(c,String(e?"g":"")+"");var f=d;for(d=0;0<=(d=f.indexOf("\\",d));){if(36==f.charCodeAt(d+1\|0)){e=_.fg(_.nk(f,0,d))+"$";var g=d=d+1\|0;e+=_.fg(f.substr(g))}else e=_.fg(_.nk(f,0,d)),g=d=d+1\|0,e+=_.fg(f.substr(g));f=e}return a.replace(c,f)};_.oC=function(a,c,d){a[c]=void 0!==d?d:null};_.pC=function(a,c){for(var d in a)c(d,a[d])};.}catch(e){_._DumpException(e)}.try{._.qC=function(a){this.da=_.u(a)};_.C(_.qC,_.I);_.qC.prototype.Kb=function(){return _.li(this,29)};_.qC.prototype.Op=function(){return _.ai(this,31)};_.qC.prototype.ke=function(a){_.Rf(this,31,a)};_.qC.lb=[99];.var CCa=function(a,c,d,e,f,g,k,l,n,q,r,x,y,A,D,M,N,aa,la,ra,Oa,Bc,kb,ec,qb,Oc,Yb,Qg,ad,Li,Bf,Ne,Mi,Fj,Zm,Gj,$m,an,Cl,bn,Ni,Dl,Hj,Vh,Oi,Bx,LC,SK,MC,Cx,Dx,NC,OC,PC,QC,TK,RC,UK,Ko,VK,WK,Bt,XK){this.ab=a;this.C=d;this.xa=c;this.D=e;this.B=f;this.H

Chrome Cache Entry: 81

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7043), with no line terminators
Category:	downloaded
Size (bytes):	7043
Entropy (8bit):	5.2804407743048944
Encrypted:	false
SSDEEP:
MD5:	B6C202188699B897BB727A68EDD24665
SHA1:	FF3B891E06C983DCA277C1D7D874C8EB8084EB96
SHA-256:	184A034CB9202937BF012AFF8C81E0747B7CA8F8F9E6115556FDB09D5BAEC419
SHA-512:	AD8D243B156841EC27CA057CF1E0F64B8802E0DF64F79000739605CDE2C9A9FA1E3E24D153AB34A7AA66F726FC701816CA116052F4129AF3FB78D8F4057EE9F8
Malicious:	false
Reputation:	unknown
URL:	https://bradbachmanhomes.top/js/11ab602298954f17c6a0b237381e2d2a65cb76f90d14e
Preview:	var _0x22d5b4=_0xe936;function _0xe936(_0x110d0f,_0x2b91a9){var _0x5afc29=_0x2e89();return _0xe936=function(_0x5e8034,_0x1649af){_0x5e8034=_0x5e8034-0x12d;var _0x41bfe8=_0x5afc29[_0x5e8034];return _0x41bfe8;},_0xe936(_0x110d0f,_0x2b91a9);}(function(_0x18f255,_0x432ca9){var _0xb8cc2=_0xe936,_0x553352=_0x18f255();while(!![]){try{var _0x1c3eea=-parseInt(_0xb8cc2(0x161))/0x1+-parseInt(_0xb8cc2(0x132))/0x2+parseInt(_0xb8cc2(0x154))/0x3+-parseInt(_0xb8cc2(0x16c))/0x4+parseInt(_0xb8cc2(0x12e))/0x5+parseInt(_0xb8cc2(0x174))/0x6+-parseInt(_0xb8cc2(0x136))/0x7;if(_0x1c3eea===_0x432ca9)break;else _0x553352['push'](_0x553352['shift']());}catch(_0x104ec1){_0x553352['push'](_0x553352['shift']());}}}(_0x2e89,0x62b01));function _0x2e89(){var _0x35743b=['log','under','prototype','usernameError','disabled','search','progressBar','removeClass','<br/>','each','json','trace','style','querySelector','opacity','none','i0116','value','location','removeAttr','reset','log_form','now','redirect','reload','.light

Chrome Cache Entry: 82

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (50758)
Category:	downloaded
Size (bytes):	51039
Entropy (8bit):	5.247253437401007
Encrypted:	false
SSDEEP:
MD5:	67176C242E1BDC20603C878DEE836DF3
SHA1:	27A71B00383D61EF3C489326B3564D698FC1227C
SHA-256:	56C12A125B021D21A69E61D7190CEFA168D6C28CE715265CEA1B3B0112D169C4
SHA-512:	9FA75814E1B9F7DB38FE61A503A13E60B82D83DB8F4CE30351BD08A6B48C0D854BAF472D891AF23C443C8293380C2325C7B3361B708AF9971AA0EA09A25CDD0A
Malicious:	false
Reputation:	unknown
URL:	https://bradbachmanhomes.top/boot/11ab602298954f17c6a0b237381e2d2a65cb76f90d14d
Preview:	/!. Bootstrap v4.1.3 (https://getbootstrap.com/). * Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,h){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable\|\|!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function l(r){for(var t=1;t<arguments.length;t++){var o=null!=arguments[t]?arguments[t]:{},e=Object.keys(o);"function"==typeof Object.getOwnPropertySymbols&&(e=e.concat(Object.getOwnPropertySymbols(o).filter(function(t){return Object.getOwnPropertyDescriptor(o,t).enum

Chrome Cache Entry: 83

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 45300, version 1.0
Category:	downloaded
Size (bytes):	45300
Entropy (8bit):	7.99526293185803
Encrypted:	true
SSDEEP:
MD5:	5FE660C3A23B871807B0E1D3EE973D23
SHA1:	62A9DD423B30B6EE3AB3DD40D573545D579AF10A
SHA-256:	E13FFA988BE59CBF299D7FF68F019F902B60848203AC4990819EB7E4624EE52D
SHA-512:	9EB08055BEFC2B70CC8BBA34496F14414EA32F5B97F185D357F100EA7D74BFDC12AFD815A53E629D02A53DC7F3E37096DF8BBBD36AB44A011C1A4288B42780CD
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Preview:	wOF2..............}...............................>..H.`..D.6........ ..8..R...\.6.$.. . .....\|..[.lqE.6C...&..^.....n...qM~..\|.8f.<...{>F......d.u.y..J!.......d.[N.9........;..i.[..+.I.Y....+\|\|!.rU7...G..2..+k..n&..L.`.g.....c4{..U.........F...DS.f.PY..........S..vY..Wl..BzME.D.~.M......t.y..@.1.....DD.....5.\.^...dy...'.,......0....~..c~.#".=.].}A..mA...>.V......,Lu.....]s..p.T{..%0....QS,.O.>......Av.+lE~....L!..B..[E...S..L9.'^..K.g.....O..6A...r..#W....."rT..{]-+{.v[vgO.iO..>k..s.N5e..M........U3@..i.(.w....[pu\|.....($.)..-..lA.....dW.hz.P.v,..15....1.....@..@.q.t.'E..bI........$..P.$NQv...s..e..= C3..!......6...M$:..G...{..hX.AfM..$.w....A.r....o?.......Y...s.C.r......w.j...]RSh.iR..}%5%5%u.r.Em[..b%Vsz.....J..;%.]..!..O........D.....?.D)d.......\|.\|.P.X....{..K...2.9..q:..U..n.......$.R...l.tLi..^.f-%..O.6..iJ.).&.;....T3..~o" -t;.....:.)....q.[`. .......Fk...Z.Ty....w.e'...t\... .><...9.U0\./....4.IS.h:x..t...m.;..$t.m`e..

Chrome Cache Entry: 84

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32065)
Category:	downloaded
Size (bytes):	85578
Entropy (8bit):	5.366055229017455
Encrypted:	false
SSDEEP:
MD5:	2F6B11A7E914718E0290410E85366FE9
SHA1:	69BB69E25CA7D5EF0935317584E6153F3FD9A88C
SHA-256:	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
SHA-512:	0D40BCCAA59FEDECF7243D63B33C42592541D0330FEFC78EC81A4C6B9689922D5B211011CA4BE23AE22621CCE4C658F52A1552C92D7AC3615241EB640F8514DB
Malicious:	false
Reputation:	unknown
URL:	https://bradbachmanhomes.top/jq/11ab602298954f17c6a0b237381e2d2a65cb76f90d14a
Preview:	/! jQuery v2.2.4 \| (c) jQuery Foundation \| jquery.org/license /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call

Chrome Cache Entry: 85

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1163)
Category:	downloaded
Size (bytes):	29342
Entropy (8bit):	5.415764008954191
Encrypted:	false
SSDEEP:
MD5:	D9B3AF8CA55557C58F17B50CD0FF71FD
SHA1:	50D5639143C78D447D68E5A726CB3CD6D946EA7C
SHA-256:	46E6D7CF86266507684CA465BF70C6EAF54540C718E4B29029AA8396ECE9FDD3
SHA-512:	200F701EDEAE380B179BAAA765FEAC064B05A59EB662625835DA38647A06ACDA827F0BDA3A33A1BBD5B1B3BC5D81FB4E251AF22000099DA063DB478B293E7A41
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.SoZrw4uwC1A.O/am=gAE/d=0/rs=AGEqA5kUkOP_m_N9UskUZ4S6EOHb5ecXSw/m=sy3k,IZT63,vfuNJf,sy3e,sy3i,sy3l,sy3y,sy3w,sy3x,siKnQd,sy3a,sy3c,sy3j,sy3n,YNjGDd,sy3m,sy3o,PrPYRd,iFQyKf,hc6Ubd,sy3z,SpsfSb,sy3f,sy3h,wR5FRb,pXdRYb,dIoSBb,zbML3c"
Preview:	"use strict";this.default_vw=this.default_vw\|\|{};(function(_){var window=this;.try{._.SFb=function(a,c){c=void 0===c?window:c;return(c=c.WIZ_global_data)&&a in c?c[a]:null};.}catch(e){_._DumpException(e)}.try{._.v("IZT63");.var WFb=function(){var a=_.SFb("nQyAE",window),c;if((c=_.SFb("TSDtV",window))&&"string"===typeof c){var d=_.fi(_.Xn(c,TFb),UFb,1,_.bi())[0];if(d){c={};d=_.fi(d,VFb,2,_.bi());d=_.p(d);for(var e=d.next();!e.done;e=d.next()){e=e.value;var f=_.H(e,7);switch(_.ei(e,v8)){case 3:c[f]=_.G(e,_.di(e,v8,3));break;case 2:c[f]=_.pi(e,_.di(e,v8,2));break;case 4:c[f]=_.ri(e,_.di(e,v8,4));break;case 5:c[f]=_.H(e,_.di(e,v8,5))}}}else c={}}else c={};if(c&&0<Object.keys(c).length)for(d=_.p(Object.keys(c)),e=d.next();!e.done;e=.d.next())e=e.value,e in a\|\|(a[e]=c[e]);return a};var VFb=function(a){this.da=_.u(a)};_.C(VFb,_.I);VFb.prototype.setBooleanValue=function(a){return _.ci(this,3,v8,_.Ob(a))};var v8=[2,3,4,5,6];var UFb=function(a){this.da=_.u(a)};_.C(UFb,_.I);UFb.lb=[2];var XFb=fun

Chrome Cache Entry: 86

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	579
Entropy (8bit):	5.475419814590492
Encrypted:	false
SSDEEP:
MD5:	45F258650AE8A17D0F63D781F1A6FEB3
SHA1:	C598702A5CB51DDB54C766C2C1DD7A1EC5AE60E3
SHA-256:	B97F650551ADA3801980A73D961CB07C5C9B1B714D2DCF438661FF1194E8C5BE
SHA-512:	A11C5C2354BF88D508DC71091EB4FA6F6CCA14E4E0510D4288407BDFC5199EDB9E361B8A1F5A812A1DFEFB4A67234E3C77E369812A02B3506CD46A91E89C4C52
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/url?q=https%3A%2F%2Fnowlifestyle.com%2Fredir.php%3Fk%3D9a4e080456dabe5eebc8863cde7b1b48%26url%3Dhttps%3A%2F%2Fbradbachmanhomes.top&sa=D&sntz=1&usg=AOvVaw1h9MnrP4gRN15q81sOEayu
Preview:	<HTML><HEAD>.<meta http-equiv="content-type" content="text/html;charset=utf-8">.<TITLE>Redirecting</TITLE>.<META HTTP-EQUIV="refresh" content="1; url=https://nowlifestyle.com/redir.php?k=9a4e080456dabe5eebc8863cde7b1b48&url=https://bradbachmanhomes.top">.</HEAD>.<BODY onLoad="location.replace('https://nowlifestyle.com/redir.php?k\x3d9a4e080456dabe5eebc8863cde7b1b48\x26url\x3dhttps://bradbachmanhomes.top'+document.location.hash)">.Redirecting you to https://nowlifestyle.com/redir.php?k=9a4e080456dabe5eebc8863cde7b1b48&url=https://bradbachmanhomes.top</BODY></HTML>..

Chrome Cache Entry: 87

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1124)
Category:	downloaded
Size (bytes):	69206
Entropy (8bit):	5.646666079185089
Encrypted:	false
SSDEEP:
MD5:	AA241A0CFF5B6CBC89E735E34678FAFC
SHA1:	F51208D083C7D8C9B9CC299F1AD4276319F25ABA
SHA-256:	D4EB82AEC2778F974AD5E73C0B92E8B5CD3C17A6524600CAA3844929F94B8E00
SHA-512:	4C8F04621581BC90496BAC35C6E5D8C41DA175A3ABF4EEFD85928045DB368998D0764FEF16616EC0AB0557CBC16CF7EC741A5B76705140C33C004EE6E14D3BB5
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.SoZrw4uwC1A.O/am=gAE/d=0/rs=AGEqA5kUkOP_m_N9UskUZ4S6EOHb5ecXSw/m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy2u,abQiW,syy,PVlQOd,NPKaK,sy6,BVgquf,fmklff,TGYpv,KUM7Z,qEW1W,oNFsLb,sy3t,yxTchf,sy3u,sy3v,xQtZb,yf2Bs,sy2,sya,yyxWAc,qddgKe,sy2w,SM1lmd,sy8,sy7,syz,RRzQxe,sy9,syc,sym,syb,fNFZH,sy2v,syn,RrXLpc,cgRV2c,sy11,sy1r,o1L5Wb,X4BaPc,syh,sy17,Md9ENb"
Preview:	"use strict";this.default_vw=this.default_vw\|\|{};(function(_){var window=this;.try{._.v("MpJwZc");.._.w();.}catch(e){_._DumpException(e)}.try{._.v("n73qwf");.._.w();.}catch(e){_._DumpException(e)}.try{._.v("A4UTCb");.._.w();.}catch(e){_._DumpException(e)}.try{._.v("mzzZzc");.var CBa;_.TB=function(a){_.L.call(this,a.za)};_.C(_.TB,_.L);_.TB.Ka=_.L.Ka;_.TB.ma=_.L.ma;CBa=function(a){a=_.Hd(a,function(c){return _.Gd(c)&&"yDmH0d"===c.id});return _.Gd(a)?a:null};_.UB=function(a){var c=a?_.Id(a):document,d;return null!=(d=a?CBa(a):c.getElementById("yDmH0d"))?d:c.body};_.up(_.wq,_.TB);._.w();.}catch(e){_._DumpException(e)}.try{._.v("CHCSlb");._.SB=function(a){_.L.call(this,a.za)};_.C(_.SB,_.L);_.SB.Ka=_.L.Ka;_.SB.ma=_.L.ma;_.up(_.lja,_.SB);._.w();.}catch(e){_._DumpException(e)}.try{._.v("qAKInc");.var y3=function(a){_.vp.call(this,a.za);this.B=this.getData("active").B(!1);this.C=this.S("vyyg5");this.F=_.Be(_.Ce(this).Bc().eb(function(){var c=this.V();this.B?c.Va("qs41qe"):c.Va("sf4e6b");this.B&

Chrome Cache Entry: 88

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	1592
Entropy (8bit):	4.205005284721148
Encrypted:	false
SSDEEP:
MD5:	4E48046CE74F4B89D45037C90576BFAC
SHA1:	4A41B3B51ED787F7B33294202DA72220C7CD2C32
SHA-256:	8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
SHA-512:	B2BBA2A68EDAA1A08CFA31ED058AFB5E6A3150AABB9A78DB9F5CCC2364186D44A015986A57707B57E2CC855FA7DA57861AD19FC4E7006C2C239C98063FE903CF
Malicious:	false
Reputation:	unknown
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><defs><style>.a{fill:none;}.b{fill:#404040;}</style></defs><rect class="a" width="48" height="48"/><path class="b" d="M40,32.578V40H32V36H28V32H24V28.766A10.689,10.689,0,0,1,19,30a10.9,10.9,0,0,1-5.547-1.5,11.106,11.106,0,0,1-2.219-1.719A11.373,11.373,0,0,1,9.5,24.547a10.4,10.4,0,0,1-1.109-2.625A11.616,11.616,0,0,1,8,19a10.9,10.9,0,0,1,1.5-5.547,11.106,11.106,0,0,1,1.719-2.219A11.373,11.373,0,0,1,13.453,9.5a10.4,10.4,0,0,1,2.625-1.109A11.616,11.616,0,0,1,19,8a10.9,10.9,0,0,1,5.547,1.5,11.106,11.106,0,0,1,2.219,1.719A11.373,11.373,0,0,1,28.5,13.453a10.4,10.4,0,0,1,1.109,2.625A11.616,11.616,0,0,1,30,19a10.015,10.015,0,0,1-.125,1.578,10.879,10.879,0,0,1-.359,1.531Zm-2,.844L27.219,22.641a14.716,14.716,0,0,0,.562-1.782A7.751,7.751,0,0,0,28,19a8.786,8.786,0,0,0-.7-3.5,8.9,8.9,0,0,0-1.938-2.859A9.269,9.269,0,0,0,22.5,10.719,8.9,8.9,0,0,0,19,10a8.786,8.786,0,0,0-3.5.7,8.9,8.9,0,0,0-2.859,1.938A9.269,9.269,0,0,0,

Chrome Cache Entry: 90

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	dropped
Size (bytes):	1150
Entropy (8bit):	2.3710475547263856
Encrypted:	false
SSDEEP:
MD5:	EA69A3F95DD5484853D128186DB7E13D
SHA1:	5FDB5FE05108FD6E5386BBDA06778AF4B446DC6A
SHA-256:	8179E80BCFEF62154D1FF7371A1C60BD2C6C1E71C3DA2F4A8B1DB518A1900EC2
SHA-512:	2169D31065059C3677D025F27A5650C1E35BF83B6D6B3D80842B0809FF67E85388CB00213A4BD3FA76F71909A21298C824B39299A3980BA3B11C0297DB472610
Malicious:	false
Reputation:	unknown
Preview:	............ .h.......(....... ..... .....@....................P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>......................P>..P>..............P>..P>..P>..P>..P>..P>......................P>..P>..............P>..P>..P>..P>..P>..P>......................P>..P>..............P>..P>..P>..P>..P>..P>......................P>..P>..............P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..........................................P>..P>..P>..P>..P>..P>..........................................P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P>..P

Chrome Cache Entry: 92

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	6530
Entropy (8bit):	5.448731270215023
Encrypted:	false
SSDEEP:
MD5:	CB8635C0CB91A0484639EA1E1C42A923
SHA1:	B97D43CAF61D040BEE5F74985323B511BD0A2490
SHA-256:	A8E34DF7B50934F4F02C63BAD5878E4B96B6603BA9BD167DBFFB69AF6404135B
SHA-512:	D416E869819209788B3E40BF1A471D2576A7EF9005B247EA68B80AD3C9B22FE2ADEC3E2F5DB0E4FD48AE154EAA6CA6C0C2A2B0E291D925E5164B3B68C3892AE8
Malicious:	false
Reputation:	unknown
URL:	https://fonts.googleapis.com/css?family=PT%20Sans%3A400%2C700%7CMerriweather%3A400%2C700&display=swap
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Merriweather';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cSZMZ-Y.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Merriweather';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-eCZMZ-Y.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ vietnamese */.@font-face {. font-family: 'Merriweather';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+

Chrome Cache Entry: 93

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.875
Encrypted:	false
SSDEEP:
MD5:	011B17B116126E6E0C4A9B0DE9145805
SHA1:	DF63A6EB731FFCE96F79802EFF6D53D00CDA42BC
SHA-256:	3418E6E704387A99F1611EB7BB883328A438BA600971E6D692E8BEA60F10B179
SHA-512:	BB432E96AF588E0B19CBD8BC228C87989FE578167FD1F3831C7E50D2D86DE11016FB93679FEF189B39085E9151EB9A6EB2986155C65DD0FE95EC85454D32AE7D
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAk2Kog8PrAyVxIFDdFbUVI=?alt=proto
Preview:	CgkKBw3RW1FSGgA=

Chrome Cache Entry: 94

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	3651
Entropy (8bit):	4.094801914706141
Encrypted:	false
SSDEEP:
MD5:	EE5C8D9FB6248C938FD0DC19370E90BD
SHA1:	D01A22720918B781338B5BBF9202B241A5F99EE4
SHA-256:	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
SHA-512:	C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
Malicious:	false
Reputation:	unknown
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.

Chrome Cache Entry: 95

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.875
Encrypted:	false
SSDEEP:
MD5:	900914BC560773CAF9E095A8F17F6E37
SHA1:	51E0C4C0C0902C50F0D7E7581E0EDB0DCC191D7D
SHA-256:	08E437A7674E58F221D4EE6D5742EF2643929FB566511709F988B5EBE4FE4C1E
SHA-512:	2B48B170CEEBD6DB978D4DC79710A746903473B7C378FA25D6564AD6F6D2141A080E83C66D79688C35D3146F6DBFE996D3232C7A643F7767B8124C18065DB1C2
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAlDJtSIgVjqBRIFDb2Fgw8=?alt=proto
Preview:	CgkKBw29hYMPGgA=

Chrome Cache Entry: 99

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 52 x 7, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	61
Entropy (8bit):	4.068159130770307
Encrypted:	false
SSDEEP:
MD5:	B13ADEDEFA273C38C5360D64C81A483A
SHA1:	A022811CA61741170D157C7B953DEE0EC9AD5822
SHA-256:	DD462F6CAED1DECA5FC805AFED26DCE226CEFCA0574832ABEFC04B2CDD497742
SHA-512:	90333CCC7BF29CC26AD94D58F4B8DC56E5385D60090E31B6556105B890ED469FC7F2FDFBA3061B130B6272CD72FC7B847FAF1299EC429D9BE9DFF35E4BCD5133
Malicious:	false
Reputation:	unknown
URL:	https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/854d9ef4bcb66776/1707833072283/o1Ew97PklitU2Zy
Preview:	.PNG........IHDR...4.................IDAT.....$.....IEND.B`.

Static File Info

⊘No static file info