Edit tour

Windows Analysis Report
https://sauravsadangi.com/project

Overview

General Information

Sample URL:https://sauravsadangi.com/project
Analysis ID:1644579
Infos:

Detection

Score:52
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
AI detected suspicious Javascript
Creates files inside the system directory
Deletes files inside the Windows folder
HTML body contains low number of good links
HTML title does not match URL

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • chrome.exe (PID: 6224 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 6452 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1988,i,2533045909785723760,4778184363310150924,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2008 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 7128 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sauravsadangi.com/project" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

Phishing

barindex
Source: https://sauravsadangi.com/bid/sharefile.htmlJoe Sandbox AI: Score: 8 Reasons: The brand 'ShareFile' is associated with the domain 'sharefile.com'., The provided URL 'sauravsadangi.com' does not match the legitimate domain for ShareFile., The URL 'sauravsadangi.com' does not contain any elements that suggest it is related to ShareFile., The presence of an input field asking for a business email on an unrelated domain is suspicious. DOM: 1.1.pages.csv
Source: https://sauravsadangi.com/bid/sharefile.htmlJoe Sandbox AI: Score: 8 Reasons: The brand 'ShareFile' is associated with the domain 'sharefile.com'., The provided URL 'sauravsadangi.com' does not match the legitimate domain for ShareFile., The URL 'sauravsadangi.com' does not contain any recognizable elements related to ShareFile., The presence of an input field asking for a business email on an unrelated domain is suspicious., The URL does not have any direct association with the brand 'ShareFile'. DOM: 1.3.pages.csv
Source: 0.0..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://sauravsadangi.com/project/... This script demonstrates several high-risk behaviors, including disabling right-click and various keyboard shortcuts, preventing the use of debugging tools, and redirecting users to an external domain. The script also includes an attempt to detect and block bots, which could be used to bypass security measures. Overall, the combination of these behaviors suggests a high likelihood of malicious intent, warranting a high-risk score.
Source: https://sauravsadangi.com/bid/sharefile.htmlHTTP Parser: Number of links: 0
Source: https://sauravsadangi.com/bid/sharefile.htmlHTTP Parser: Title: Invitation to Bid - Secure Document Access does not match URL
Source: https://sauravsadangi.com/bid/sharefile.htmlHTTP Parser: Iframe src: https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/static/hcaptcha.html#frame=checkbox&id=0ie3bdsjt2yp&host=sauravsadangi.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=1944dfca-21c2-483c-9d9a-cfdc77ccf870&theme=light&origin=https%3A%2F%2Fsauravsadangi.com
Source: https://sauravsadangi.com/bid/sharefile.htmlHTTP Parser: Iframe src: https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/static/hcaptcha.html#frame=challenge&id=0ie3bdsjt2yp&host=sauravsadangi.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=1944dfca-21c2-483c-9d9a-cfdc77ccf870&theme=light&origin=https%3A%2F%2Fsauravsadangi.com
Source: https://sauravsadangi.com/project/HTTP Parser: No favicon
Source: https://sauravsadangi.com/bid/sharefile.htmlHTTP Parser: No favicon
Source: https://sauravsadangi.com/bid/sharefile.htmlHTTP Parser: No favicon
Source: https://sauravsadangi.com/bid/sharefile.htmlHTTP Parser: No favicon
Source: https://sauravsadangi.com/bid/sharefile.htmlHTTP Parser: No <meta name="author".. found
Source: https://sauravsadangi.com/bid/sharefile.htmlHTTP Parser: No <meta name="copyright".. found
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries
Source: unknownHTTPS traffic detected: 216.10.246.86:443 -> 192.168.2.16:49704 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.10.246.86:443 -> 192.168.2.16:49705 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.249.168.129:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.249.168.129:443 -> 192.168.2.16:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.10.246.86:443 -> 192.168.2.16:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.10.246.86:443 -> 192.168.2.16:49715 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49722 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.80.100:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49725 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49761 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49762 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49764 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49763 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49786 version: TLS 1.2
Source: chrome.exeMemory has grown: Private usage: 8MB later: 46MB
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.3
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.3
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /project HTTP/1.1Host: sauravsadangi.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /project/ HTTP/1.1Host: sauravsadangi.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: sauravsadangi.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sauravsadangi.com/project/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /bid/sharefile.html HTTP/1.1Host: sauravsadangi.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://sauravsadangi.com/project/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /1X65jWGH/shareff.png HTTP/1.1Host: i.postimg.ccConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://sauravsadangi.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /1/api.js HTTP/1.1Host: js.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://sauravsadangi.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /1X65jWGH/shareff.png HTTP/1.1Host: i.postimg.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: sauravsadangi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/static/hcaptcha.html HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://sauravsadangi.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: sauravsadangi.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sauravsadangi.com/bid/sharefile.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: sauravsadangi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /c/5fef759e34a955dd56ceddd805e6a87d3f7d854c8c695bf797d43331bebfee3f/hsw.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/static/hcaptcha.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /checksiteconfig?v=14dbe0f1619b8014e2630bcdde727e7785a80dee&host=sauravsadangi.com&sitekey=1944dfca-21c2-483c-9d9a-cfdc77ccf870&sc=1&swa=1&spst=1 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/challenge/image_label_area_select/challenge.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/static/hcaptcha.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /getcaptcha/1944dfca-21c2-483c-9d9a-cfdc77ccf870 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/10f2d25bb5d479bf92ba08ccf2059c0795b2c9fd93136510e58bc2576cd549e9/922ba244073984aca50483e69b6d5323033594c24dccd211125f927c10c95fe2.jpg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveOrigin: https://newassets.hcaptcha.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/10f2d25bb5d479bf92ba08ccf2059c0795b2c9fd93136510e58bc2576cd549e9/922ba244073984aca50483e69b6d5323033594c24dccd211125f927c10c95fe2.jpg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/1f0add332e427d4f3143144da4d792c362dd80aca82686fee3181a780c4908e5/2951e12cedffe6578f2327e51bb1999625f991caa24ff69a8fe50248d3fbae67.jpg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveOrigin: https://newassets.hcaptcha.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/1f0add332e427d4f3143144da4d792c362dd80aca82686fee3181a780c4908e5/2951e12cedffe6578f2327e51bb1999625f991caa24ff69a8fe50248d3fbae67.jpg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/4e53e9f49e275996c18d486893f7772f34952a641b83b986d6e9faa38bff930d/7003f8c0cf18d75be7e10fba4960e3fba66ca121904586c773998ab2c481170b.jpg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveOrigin: https://newassets.hcaptcha.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /getcaptcha/1944dfca-21c2-483c-9d9a-cfdc77ccf870 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/challenge/image_label_binary/challenge.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/static/hcaptcha.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/4e53e9f49e275996c18d486893f7772f34952a641b83b986d6e9faa38bff930d/7003f8c0cf18d75be7e10fba4960e3fba66ca121904586c773998ab2c481170b.jpg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /getcaptcha/1944dfca-21c2-483c-9d9a-cfdc77ccf870 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/7b9595ab388e2f5f33b5cac1ba985bfd25258881bf0ef8711218fea140254b81/2884c1fafc6e9a4f69aa015e3129a7fdd0a9e758a3aa9aaf1181653fcde0222c.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/b6ee99b405beab79ea07b6c5e31c27282f01c5db9a0f96840a9f410addf72843/5af4315a085aa19183805d33feb1a6653cbca8655320f613c70b4100d345fb1e.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/dd2ca017724e0f30f4faf1861aed0e54ffe85235462a28e01296545811cb0a1c/2c7392eff9bf01af73872d37fc419ae00f9292881b1ed7762a848e6ff8d17e15.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/a9da137e9bfb03e5dec5b234f7ff9ca6359cfd0945e6fd3a9747266172c80782/5d7e89a32f834b449b9dcf64a834d813ede35f337052e00a35b0ecbd25e9f474.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/1ac1a12da80bd680578dc75450f78894c43ab9d727321a5bf75d40c24c93e265/ff1d04640b7e0da17ab3532e6800418f35a722718616d7fe44ac03ac2e620417.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/e379f93d673c995a895878429d85c90872fd36a755d47a8f8909e025d95feb4c/972ff857c1fe6094740f395c2185206d81b3c0a8e10b44865a136d9a706a99b1.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/debf100a48481bdda493d1e53665c72ca745cc41ae26fce4e49cae199d8fa5bb/28e8cc877d7d5033478564dfc6fa619ef52f2458d5a9015801e473ef5991c838.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/790de3dd5687bad17465c89ba11015bdfc6a654ea7159b91977c23b2bd761b10/b2b08acbd31e50c2a203669d28313a9a57759167d424a98e071b4fc52746451a.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/b6ee99b405beab79ea07b6c5e31c27282f01c5db9a0f96840a9f410addf72843/5af4315a085aa19183805d33feb1a6653cbca8655320f613c70b4100d345fb1e.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/7b9595ab388e2f5f33b5cac1ba985bfd25258881bf0ef8711218fea140254b81/2884c1fafc6e9a4f69aa015e3129a7fdd0a9e758a3aa9aaf1181653fcde0222c.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/a65b31d02361aa54f0d1b498cee6158fd8b81c7acd48e444724951f8ce7bdc3d/579ca3fcebc55302e56d68e4473a4a1e32fc8a8c8e8eaae0b092372fe3ab35fb.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/e379f93d673c995a895878429d85c90872fd36a755d47a8f8909e025d95feb4c/972ff857c1fe6094740f395c2185206d81b3c0a8e10b44865a136d9a706a99b1.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/1ac1a12da80bd680578dc75450f78894c43ab9d727321a5bf75d40c24c93e265/ff1d04640b7e0da17ab3532e6800418f35a722718616d7fe44ac03ac2e620417.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/6200ad4f89d5ca41b21581b1f8566e0538ab42b24c7b610f0424754c6a452920/c3d24c9fb87ce023be3198a3acd38388468592c71f72baa82688def520efcbbe.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/908790632f2f6817a46d3f1cf683b144f8bc6fd89871b8a26561df90996181ac/05f7486e62d6aa4030668b3e449348feb33101cd074ce2ed3c06bbd82f8cd7a8.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/a9da137e9bfb03e5dec5b234f7ff9ca6359cfd0945e6fd3a9747266172c80782/5d7e89a32f834b449b9dcf64a834d813ede35f337052e00a35b0ecbd25e9f474.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/dd2ca017724e0f30f4faf1861aed0e54ffe85235462a28e01296545811cb0a1c/2c7392eff9bf01af73872d37fc419ae00f9292881b1ed7762a848e6ff8d17e15.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/9545a390679c35bfe8c69fdec4f29340a0e252d42bb14322605f52eeb44a7471/4b5bf4db9b9930b4cea55b61ee74cd480f3cf5730836084dc21e682c6476d7de.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/c8eb6203d54253f14f48dea7bb04aaade2c6e9d6ff6eeecf0c067c7228ca3310/00755262a72ad093135cd06b62f721f75adeec2de658a068a7be90701eff0412.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/debf100a48481bdda493d1e53665c72ca745cc41ae26fce4e49cae199d8fa5bb/28e8cc877d7d5033478564dfc6fa619ef52f2458d5a9015801e473ef5991c838.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/790de3dd5687bad17465c89ba11015bdfc6a654ea7159b91977c23b2bd761b10/b2b08acbd31e50c2a203669d28313a9a57759167d424a98e071b4fc52746451a.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/1801e4bc258d5bd887fdcd15406cacaffa7b595eb430be6508d9db6557aecafa/f9548149acf7ff470e9b670aef41b94bc28eca52fff022b8c9f8345d24ba680e.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/1241e3b02f5b35aa9afec9995c2175de4c220c048b75cf8019878e55c9889e02/37996208c1d5d66bac616e46870afe53e9eff898b2dfe47aa785f58b1b3f3fb6.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/a65b31d02361aa54f0d1b498cee6158fd8b81c7acd48e444724951f8ce7bdc3d/579ca3fcebc55302e56d68e4473a4a1e32fc8a8c8e8eaae0b092372fe3ab35fb.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/e71f44d014e133145acfd1a69bc8adca43856fca38f27322d95705d3af04a902/cfa065910b4b287b4e734f3190f17020ef9951cf732e7d7bdbf4b3f38d34f204.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/908790632f2f6817a46d3f1cf683b144f8bc6fd89871b8a26561df90996181ac/05f7486e62d6aa4030668b3e449348feb33101cd074ce2ed3c06bbd82f8cd7a8.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/6200ad4f89d5ca41b21581b1f8566e0538ab42b24c7b610f0424754c6a452920/c3d24c9fb87ce023be3198a3acd38388468592c71f72baa82688def520efcbbe.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/1f6347dd61409830f19b1a66bdb025da83bd0da9034cc20b2fb68d1a3f3558d7/77ea66fde3a783209f73d3700727d7d98ffef38cd6853b20a5ef6aaefb3cf323.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/b66f24b5fe116993d70165102793187702cfcd8935ce8ebe8ecb37937ebb0ea8/94ed7ab4b17237b279324b4d115e9c8396e8f0216272ce3df118b907626b2d21.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/c8eb6203d54253f14f48dea7bb04aaade2c6e9d6ff6eeecf0c067c7228ca3310/00755262a72ad093135cd06b62f721f75adeec2de658a068a7be90701eff0412.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/1241e3b02f5b35aa9afec9995c2175de4c220c048b75cf8019878e55c9889e02/37996208c1d5d66bac616e46870afe53e9eff898b2dfe47aa785f58b1b3f3fb6.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/06c2ec0ff34ed1a99c6792951f75d739fa1820306c30e007e8c5f8d87c25a718/76ee6f14709a180b376cd2437f0f9cec4c959b34f02f7f57e624cea63b61e856.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/e71f44d014e133145acfd1a69bc8adca43856fca38f27322d95705d3af04a902/cfa065910b4b287b4e734f3190f17020ef9951cf732e7d7bdbf4b3f38d34f204.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/1801e4bc258d5bd887fdcd15406cacaffa7b595eb430be6508d9db6557aecafa/f9548149acf7ff470e9b670aef41b94bc28eca52fff022b8c9f8345d24ba680e.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/9545a390679c35bfe8c69fdec4f29340a0e252d42bb14322605f52eeb44a7471/4b5bf4db9b9930b4cea55b61ee74cd480f3cf5730836084dc21e682c6476d7de.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/1f6347dd61409830f19b1a66bdb025da83bd0da9034cc20b2fb68d1a3f3558d7/77ea66fde3a783209f73d3700727d7d98ffef38cd6853b20a5ef6aaefb3cf323.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/b66f24b5fe116993d70165102793187702cfcd8935ce8ebe8ecb37937ebb0ea8/94ed7ab4b17237b279324b4d115e9c8396e8f0216272ce3df118b907626b2d21.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /tip/06c2ec0ff34ed1a99c6792951f75d739fa1820306c30e007e8c5f8d87c25a718/76ee6f14709a180b376cd2437f0f9cec4c959b34f02f7f57e624cea63b61e856.jpeg HTTP/1.1Host: imgs3.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /checkcaptcha/1944dfca-21c2-483c-9d9a-cfdc77ccf870/E0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiUHlSZktMWFZVQ2t5Z0Y1UjQvMFIyZHh4N1hZYzliMGo0WVUwZk11clV5dUd6VlNHS1NWTHJKUzZVNlBjWSsvRG9PZGxWb1FZQVBsV25YMWI3eU9TZkVCSnJUMWpOY0k2bnV0d1k2REJHWXN0MHo4bHFwU2w1VnQzaGYvVVUzOVcxbnM1dC96TDl5MDVKRms4SWZnRUtGeVRQa1hxZHlOK1VxRlJONXZzL1RXWk5IdXVnZXNoeEcrbUk5Q3YxdFNUcFdoKy9wQXRRUUZrNnRYTXJIT0NTdzRRYUQzaVR4VEpPS0N1T0hncUZJMElaMXJTbmlyL1YzcFNCN3VDMWJ6S1JVMnlGNHU3N1E2ekhzdndmUT09S1EvT1ZuNlZPUFN0L2R1NSIsImV4cCI6MTc0MjQ4OTI3NCwia3IiOiIyNDE5ZTUwMyJ9.US1awih3y0nrnzXoxSkhZpYC7V94nxI2dENbvcI5FT0 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: sauravsadangi.com
Source: global trafficDNS traffic detected: DNS query: js.hcaptcha.com
Source: global trafficDNS traffic detected: DNS query: i.postimg.cc
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: newassets.hcaptcha.com
Source: global trafficDNS traffic detected: DNS query: api.hcaptcha.com
Source: global trafficDNS traffic detected: DNS query: imgs3.hcaptcha.com
Source: unknownHTTP traffic detected: POST /checksiteconfig?v=14dbe0f1619b8014e2630bcdde727e7785a80dee&host=sauravsadangi.com&sitekey=1944dfca-21c2-483c-9d9a-cfdc77ccf870&sc=1&swa=1&spst=1 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveContent-Length: 0sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/jsonsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: text/plainsec-ch-ua-mobile: ?0Origin: https://newassets.hcaptcha.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownHTTPS traffic detected: 216.10.246.86:443 -> 192.168.2.16:49704 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.10.246.86:443 -> 192.168.2.16:49705 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.249.168.129:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.249.168.129:443 -> 192.168.2.16:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.10.246.86:443 -> 192.168.2.16:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 216.10.246.86:443 -> 192.168.2.16:49715 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49722 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.80.100:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49725 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49761 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49762 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49764 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49763 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.16:49786 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir6224_1717394546
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir6224_1717394546
Source: classification engineClassification label: mal52.phis.win@23/38@27/143
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\Dictionaries
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1988,i,2533045909785723760,4778184363310150924,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2008 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sauravsadangi.com/project"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1988,i,2533045909785723760,4778184363310150924,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2008 /prefetch:3
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Drive-by Compromise
Windows Management Instrumentation1
Browser Extensions
1
Process Injection
12
Masquerading
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Extra Window Memory Injection
1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
File Deletion
Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
Extra Window Memory Injection
NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer
Traffic DuplicationData Destruction

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://sauravsadangi.com/project0%Avira URL Cloudsafe
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
https://sauravsadangi.com/favicon.ico0%Avira URL Cloudsafe
https://api.hcaptcha.com/checksiteconfig?v=14dbe0f1619b8014e2630bcdde727e7785a80dee&host=sauravsadangi.com&sitekey=1944dfca-21c2-483c-9d9a-cfdc77ccf870&sc=1&swa=1&spst=10%Avira URL Cloudsafe
https://i.postimg.cc/1X65jWGH/shareff.png0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/10f2d25bb5d479bf92ba08ccf2059c0795b2c9fd93136510e58bc2576cd549e9/922ba244073984aca50483e69b6d5323033594c24dccd211125f927c10c95fe2.jpg0%Avira URL Cloudsafe
https://api.hcaptcha.com/getcaptcha/1944dfca-21c2-483c-9d9a-cfdc77ccf8700%Avira URL Cloudsafe
https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/challenge/image_label_area_select/challenge.js0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/1f0add332e427d4f3143144da4d792c362dd80aca82686fee3181a780c4908e5/2951e12cedffe6578f2327e51bb1999625f991caa24ff69a8fe50248d3fbae67.jpg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/e71f44d014e133145acfd1a69bc8adca43856fca38f27322d95705d3af04a902/cfa065910b4b287b4e734f3190f17020ef9951cf732e7d7bdbf4b3f38d34f204.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/debf100a48481bdda493d1e53665c72ca745cc41ae26fce4e49cae199d8fa5bb/28e8cc877d7d5033478564dfc6fa619ef52f2458d5a9015801e473ef5991c838.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/7b9595ab388e2f5f33b5cac1ba985bfd25258881bf0ef8711218fea140254b81/2884c1fafc6e9a4f69aa015e3129a7fdd0a9e758a3aa9aaf1181653fcde0222c.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/a65b31d02361aa54f0d1b498cee6158fd8b81c7acd48e444724951f8ce7bdc3d/579ca3fcebc55302e56d68e4473a4a1e32fc8a8c8e8eaae0b092372fe3ab35fb.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/6200ad4f89d5ca41b21581b1f8566e0538ab42b24c7b610f0424754c6a452920/c3d24c9fb87ce023be3198a3acd38388468592c71f72baa82688def520efcbbe.jpeg0%Avira URL Cloudsafe
https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/challenge/image_label_binary/challenge.js0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/e379f93d673c995a895878429d85c90872fd36a755d47a8f8909e025d95feb4c/972ff857c1fe6094740f395c2185206d81b3c0a8e10b44865a136d9a706a99b1.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/b66f24b5fe116993d70165102793187702cfcd8935ce8ebe8ecb37937ebb0ea8/94ed7ab4b17237b279324b4d115e9c8396e8f0216272ce3df118b907626b2d21.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/06c2ec0ff34ed1a99c6792951f75d739fa1820306c30e007e8c5f8d87c25a718/76ee6f14709a180b376cd2437f0f9cec4c959b34f02f7f57e624cea63b61e856.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/b6ee99b405beab79ea07b6c5e31c27282f01c5db9a0f96840a9f410addf72843/5af4315a085aa19183805d33feb1a6653cbca8655320f613c70b4100d345fb1e.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/1241e3b02f5b35aa9afec9995c2175de4c220c048b75cf8019878e55c9889e02/37996208c1d5d66bac616e46870afe53e9eff898b2dfe47aa785f58b1b3f3fb6.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/4e53e9f49e275996c18d486893f7772f34952a641b83b986d6e9faa38bff930d/7003f8c0cf18d75be7e10fba4960e3fba66ca121904586c773998ab2c481170b.jpg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/1ac1a12da80bd680578dc75450f78894c43ab9d727321a5bf75d40c24c93e265/ff1d04640b7e0da17ab3532e6800418f35a722718616d7fe44ac03ac2e620417.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/9545a390679c35bfe8c69fdec4f29340a0e252d42bb14322605f52eeb44a7471/4b5bf4db9b9930b4cea55b61ee74cd480f3cf5730836084dc21e682c6476d7de.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/c8eb6203d54253f14f48dea7bb04aaade2c6e9d6ff6eeecf0c067c7228ca3310/00755262a72ad093135cd06b62f721f75adeec2de658a068a7be90701eff0412.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/908790632f2f6817a46d3f1cf683b144f8bc6fd89871b8a26561df90996181ac/05f7486e62d6aa4030668b3e449348feb33101cd074ce2ed3c06bbd82f8cd7a8.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/a9da137e9bfb03e5dec5b234f7ff9ca6359cfd0945e6fd3a9747266172c80782/5d7e89a32f834b449b9dcf64a834d813ede35f337052e00a35b0ecbd25e9f474.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/1801e4bc258d5bd887fdcd15406cacaffa7b595eb430be6508d9db6557aecafa/f9548149acf7ff470e9b670aef41b94bc28eca52fff022b8c9f8345d24ba680e.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/1f6347dd61409830f19b1a66bdb025da83bd0da9034cc20b2fb68d1a3f3558d7/77ea66fde3a783209f73d3700727d7d98ffef38cd6853b20a5ef6aaefb3cf323.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/dd2ca017724e0f30f4faf1861aed0e54ffe85235462a28e01296545811cb0a1c/2c7392eff9bf01af73872d37fc419ae00f9292881b1ed7762a848e6ff8d17e15.jpeg0%Avira URL Cloudsafe
https://imgs3.hcaptcha.com/tip/790de3dd5687bad17465c89ba11015bdfc6a654ea7159b91977c23b2bd761b10/b2b08acbd31e50c2a203669d28313a9a57759167d424a98e071b4fc52746451a.jpeg0%Avira URL Cloudsafe
https://api.hcaptcha.com/checkcaptcha/1944dfca-21c2-483c-9d9a-cfdc77ccf870/E0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiUHlSZktMWFZVQ2t5Z0Y1UjQvMFIyZHh4N1hZYzliMGo0WVUwZk11clV5dUd6VlNHS1NWTHJKUzZVNlBjWSsvRG9PZGxWb1FZQVBsV25YMWI3eU9TZkVCSnJUMWpOY0k2bnV0d1k2REJHWXN0MHo4bHFwU2w1VnQzaGYvVVUzOVcxbnM1dC96TDl5MDVKRms4SWZnRUtGeVRQa1hxZHlOK1VxRlJONXZzL1RXWk5IdXVnZXNoeEcrbUk5Q3YxdFNUcFdoKy9wQXRRUUZrNnRYTXJIT0NTdzRRYUQzaVR4VEpPS0N1T0hncUZJMElaMXJTbmlyL1YzcFNCN3VDMWJ6S1JVMnlGNHU3N1E2ekhzdndmUT09S1EvT1ZuNlZPUFN0L2R1NSIsImV4cCI6MTc0MjQ4OTI3NCwia3IiOiIyNDE5ZTUwMyJ9.US1awih3y0nrnzXoxSkhZpYC7V94nxI2dENbvcI5FT00%Avira URL Cloudsafe
NameIPActiveMaliciousAntivirus DetectionReputation
js.hcaptcha.com
104.19.229.21
truefalse
    high
    api.hcaptcha.com
    104.19.229.21
    truefalse
      high
      i.postimg.cc
      162.249.168.129
      truefalse
        high
        www.google.com
        142.250.80.100
        truefalse
          high
          sauravsadangi.com
          216.10.246.86
          truetrue
            unknown
            imgs3.hcaptcha.com
            104.19.229.21
            truefalse
              high
              newassets.hcaptcha.com
              104.19.229.21
              truefalse
                high
                NameMaliciousAntivirus DetectionReputation
                https://api.hcaptcha.com/getcaptcha/1944dfca-21c2-483c-9d9a-cfdc77ccf870false
                • Avira URL Cloud: safe
                unknown
                https://sauravsadangi.com/favicon.icofalse
                • Avira URL Cloud: safe
                unknown
                https://imgs3.hcaptcha.com/tip/1f0add332e427d4f3143144da4d792c362dd80aca82686fee3181a780c4908e5/2951e12cedffe6578f2327e51bb1999625f991caa24ff69a8fe50248d3fbae67.jpgfalse
                • Avira URL Cloud: safe
                unknown
                https://imgs3.hcaptcha.com/tip/a65b31d02361aa54f0d1b498cee6158fd8b81c7acd48e444724951f8ce7bdc3d/579ca3fcebc55302e56d68e4473a4a1e32fc8a8c8e8eaae0b092372fe3ab35fb.jpegfalse
                • Avira URL Cloud: safe
                unknown
                https://newassets.hcaptcha.com/c/5fef759e34a955dd56ceddd805e6a87d3f7d854c8c695bf797d43331bebfee3f/hsw.jsfalse
                  high
                  https://sauravsadangi.com/bid/sharefile.htmltrue
                    unknown
                    https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/static/hcaptcha.htmlfalse
                      high
                      https://api.hcaptcha.com/checksiteconfig?v=14dbe0f1619b8014e2630bcdde727e7785a80dee&host=sauravsadangi.com&sitekey=1944dfca-21c2-483c-9d9a-cfdc77ccf870&sc=1&swa=1&spst=1false
                      • Avira URL Cloud: safe
                      unknown
                      https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/challenge/image_label_area_select/challenge.jsfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://imgs3.hcaptcha.com/tip/debf100a48481bdda493d1e53665c72ca745cc41ae26fce4e49cae199d8fa5bb/28e8cc877d7d5033478564dfc6fa619ef52f2458d5a9015801e473ef5991c838.jpegfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://imgs3.hcaptcha.com/tip/e71f44d014e133145acfd1a69bc8adca43856fca38f27322d95705d3af04a902/cfa065910b4b287b4e734f3190f17020ef9951cf732e7d7bdbf4b3f38d34f204.jpegfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://api.hcaptcha.com/checkcaptcha/1944dfca-21c2-483c-9d9a-cfdc77ccf870/E0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiUHlSZktMWFZVQ2t5Z0Y1UjQvMFIyZHh4N1hZYzliMGo0WVUwZk11clV5dUd6VlNHS1NWTHJKUzZVNlBjWSsvRG9PZGxWb1FZQVBsV25YMWI3eU9TZkVCSnJUMWpOY0k2bnV0d1k2REJHWXN0MHo4bHFwU2w1VnQzaGYvVVUzOVcxbnM1dC96TDl5MDVKRms4SWZnRUtGeVRQa1hxZHlOK1VxRlJONXZzL1RXWk5IdXVnZXNoeEcrbUk5Q3YxdFNUcFdoKy9wQXRRUUZrNnRYTXJIT0NTdzRRYUQzaVR4VEpPS0N1T0hncUZJMElaMXJTbmlyL1YzcFNCN3VDMWJ6S1JVMnlGNHU3N1E2ekhzdndmUT09S1EvT1ZuNlZPUFN0L2R1NSIsImV4cCI6MTc0MjQ4OTI3NCwia3IiOiIyNDE5ZTUwMyJ9.US1awih3y0nrnzXoxSkhZpYC7V94nxI2dENbvcI5FT0false
                      • Avira URL Cloud: safe
                      unknown
                      https://imgs3.hcaptcha.com/tip/7b9595ab388e2f5f33b5cac1ba985bfd25258881bf0ef8711218fea140254b81/2884c1fafc6e9a4f69aa015e3129a7fdd0a9e758a3aa9aaf1181653fcde0222c.jpegfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://imgs3.hcaptcha.com/tip/b6ee99b405beab79ea07b6c5e31c27282f01c5db9a0f96840a9f410addf72843/5af4315a085aa19183805d33feb1a6653cbca8655320f613c70b4100d345fb1e.jpegfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://imgs3.hcaptcha.com/tip/06c2ec0ff34ed1a99c6792951f75d739fa1820306c30e007e8c5f8d87c25a718/76ee6f14709a180b376cd2437f0f9cec4c959b34f02f7f57e624cea63b61e856.jpegfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://imgs3.hcaptcha.com/tip/e379f93d673c995a895878429d85c90872fd36a755d47a8f8909e025d95feb4c/972ff857c1fe6094740f395c2185206d81b3c0a8e10b44865a136d9a706a99b1.jpegfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/challenge/image_label_binary/challenge.jsfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://imgs3.hcaptcha.com/tip/6200ad4f89d5ca41b21581b1f8566e0538ab42b24c7b610f0424754c6a452920/c3d24c9fb87ce023be3198a3acd38388468592c71f72baa82688def520efcbbe.jpegfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://imgs3.hcaptcha.com/tip/b66f24b5fe116993d70165102793187702cfcd8935ce8ebe8ecb37937ebb0ea8/94ed7ab4b17237b279324b4d115e9c8396e8f0216272ce3df118b907626b2d21.jpegfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://imgs3.hcaptcha.com/tip/1241e3b02f5b35aa9afec9995c2175de4c220c048b75cf8019878e55c9889e02/37996208c1d5d66bac616e46870afe53e9eff898b2dfe47aa785f58b1b3f3fb6.jpegfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://imgs3.hcaptcha.com/tip/10f2d25bb5d479bf92ba08ccf2059c0795b2c9fd93136510e58bc2576cd549e9/922ba244073984aca50483e69b6d5323033594c24dccd211125f927c10c95fe2.jpgfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://sauravsadangi.com/projecttrue
                        unknown
                        https://imgs3.hcaptcha.com/tip/9545a390679c35bfe8c69fdec4f29340a0e252d42bb14322605f52eeb44a7471/4b5bf4db9b9930b4cea55b61ee74cd480f3cf5730836084dc21e682c6476d7de.jpegfalse
                        • Avira URL Cloud: safe
                        unknown
                        https://i.postimg.cc/1X65jWGH/shareff.pngfalse
                        • Avira URL Cloud: safe
                        unknown
                        https://imgs3.hcaptcha.com/tip/4e53e9f49e275996c18d486893f7772f34952a641b83b986d6e9faa38bff930d/7003f8c0cf18d75be7e10fba4960e3fba66ca121904586c773998ab2c481170b.jpgfalse
                        • Avira URL Cloud: safe
                        unknown
                        https://imgs3.hcaptcha.com/tip/c8eb6203d54253f14f48dea7bb04aaade2c6e9d6ff6eeecf0c067c7228ca3310/00755262a72ad093135cd06b62f721f75adeec2de658a068a7be90701eff0412.jpegfalse
                        • Avira URL Cloud: safe
                        unknown
                        https://js.hcaptcha.com/1/api.jsfalse
                          high
                          https://imgs3.hcaptcha.com/tip/1f6347dd61409830f19b1a66bdb025da83bd0da9034cc20b2fb68d1a3f3558d7/77ea66fde3a783209f73d3700727d7d98ffef38cd6853b20a5ef6aaefb3cf323.jpegfalse
                          • Avira URL Cloud: safe
                          unknown
                          https://imgs3.hcaptcha.com/tip/1ac1a12da80bd680578dc75450f78894c43ab9d727321a5bf75d40c24c93e265/ff1d04640b7e0da17ab3532e6800418f35a722718616d7fe44ac03ac2e620417.jpegfalse
                          • Avira URL Cloud: safe
                          unknown
                          https://imgs3.hcaptcha.com/tip/1801e4bc258d5bd887fdcd15406cacaffa7b595eb430be6508d9db6557aecafa/f9548149acf7ff470e9b670aef41b94bc28eca52fff022b8c9f8345d24ba680e.jpegfalse
                          • Avira URL Cloud: safe
                          unknown
                          https://sauravsadangi.com/project/true
                            unknown
                            https://imgs3.hcaptcha.com/tip/908790632f2f6817a46d3f1cf683b144f8bc6fd89871b8a26561df90996181ac/05f7486e62d6aa4030668b3e449348feb33101cd074ce2ed3c06bbd82f8cd7a8.jpegfalse
                            • Avira URL Cloud: safe
                            unknown
                            https://imgs3.hcaptcha.com/tip/dd2ca017724e0f30f4faf1861aed0e54ffe85235462a28e01296545811cb0a1c/2c7392eff9bf01af73872d37fc419ae00f9292881b1ed7762a848e6ff8d17e15.jpegfalse
                            • Avira URL Cloud: safe
                            unknown
                            https://imgs3.hcaptcha.com/tip/a9da137e9bfb03e5dec5b234f7ff9ca6359cfd0945e6fd3a9747266172c80782/5d7e89a32f834b449b9dcf64a834d813ede35f337052e00a35b0ecbd25e9f474.jpegfalse
                            • Avira URL Cloud: safe
                            unknown
                            https://imgs3.hcaptcha.com/tip/790de3dd5687bad17465c89ba11015bdfc6a654ea7159b91977c23b2bd761b10/b2b08acbd31e50c2a203669d28313a9a57759167d424a98e071b4fc52746451a.jpegfalse
                            • Avira URL Cloud: safe
                            unknown
                            • No. of IPs < 25%
                            • 25% < No. of IPs < 50%
                            • 50% < No. of IPs < 75%
                            • 75% < No. of IPs
                            IPDomainCountryFlagASNASN NameMalicious
                            1.1.1.1
                            unknownAustralia
                            13335CLOUDFLARENETUSfalse
                            142.250.65.174
                            unknownUnited States
                            15169GOOGLEUSfalse
                            142.250.80.100
                            www.google.comUnited States
                            15169GOOGLEUSfalse
                            142.250.65.195
                            unknownUnited States
                            15169GOOGLEUSfalse
                            142.250.80.74
                            unknownUnited States
                            15169GOOGLEUSfalse
                            142.250.80.99
                            unknownUnited States
                            15169GOOGLEUSfalse
                            142.250.81.238
                            unknownUnited States
                            15169GOOGLEUSfalse
                            216.10.246.86
                            sauravsadangi.comIndia
                            394695PUBLIC-DOMAIN-REGISTRYUStrue
                            162.249.168.129
                            i.postimg.ccUnited States
                            26548PUREVOLTAGE-INCUSfalse
                            142.251.41.14
                            unknownUnited States
                            15169GOOGLEUSfalse
                            104.19.229.21
                            js.hcaptcha.comUnited States
                            13335CLOUDFLARENETUSfalse
                            142.250.80.3
                            unknownUnited States
                            15169GOOGLEUSfalse
                            104.19.230.21
                            unknownUnited States
                            13335CLOUDFLARENETUSfalse
                            172.253.115.84
                            unknownUnited States
                            15169GOOGLEUSfalse
                            142.250.80.106
                            unknownUnited States
                            15169GOOGLEUSfalse
                            IP
                            192.168.2.16
                            192.168.2.13
                            Joe Sandbox version:42.0.0 Malachite
                            Analysis ID:1644579
                            Start date and time:2025-03-20 17:44:15 +01:00
                            Joe Sandbox product:CloudBasic
                            Overall analysis duration:
                            Hypervisor based Inspection enabled:false
                            Report type:full
                            Cookbook file name:defaultwindowsinteractivecookbook.jbs
                            Sample URL:https://sauravsadangi.com/project
                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                            Number of analysed new started processes analysed:16
                            Number of new started drivers analysed:0
                            Number of existing processes analysed:0
                            Number of existing drivers analysed:0
                            Number of injected processes analysed:0
                            Technologies:
                            • EGA enabled
                            Analysis Mode:stream
                            Analysis stop reason:Timeout
                            Detection:MAL
                            Classification:mal52.phis.win@23/38@27/143
                            • Exclude process from analysis (whitelisted): SIHClient.exe, svchost.exe
                            • Excluded IPs from analysis (whitelisted): 142.251.41.14, 142.250.80.3, 172.253.115.84, 142.250.81.238, 142.250.80.78, 142.250.80.110, 142.251.40.142, 142.250.80.74, 142.250.80.106, 142.250.176.202, 142.251.40.202, 142.251.40.234, 172.217.165.138, 142.250.65.202, 142.250.65.170, 142.250.64.74, 142.251.40.170, 142.250.81.234, 142.251.32.106, 142.251.35.170, 142.251.40.106, 142.251.40.138, 142.251.41.10, 142.250.65.234, 20.12.23.50, 40.69.42.241
                            • Excluded domains from analysis (whitelisted): fonts.googleapis.com, accounts.google.com, content-autofill.googleapis.com, fonts.gstatic.com, slscr.update.microsoft.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, redirector.gvt1.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
                            • Not all processes where analyzed, report is missing behavior information
                            • Report size getting too big, too many NtOpenFile calls found.
                            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                            • VT rate limit hit for: https://sauravsadangi.com/project
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 144x144, components 3
                            Category:downloaded
                            Size (bytes):5910
                            Entropy (8bit):7.928998726529834
                            Encrypted:false
                            SSDEEP:
                            MD5:6D858657EFECC7ED6E2ADCB602003CA9
                            SHA1:A21BDC7771A159E1FE79AE86E96B9A68BD774968
                            SHA-256:7A27D1E2C1B811DE84F5A76C65BD94558D43EE12D2DA9EC5430958615DEEBB60
                            SHA-512:4D9C3DA60E02BE9B41A674561A2578BFB1C8544311EB03523B3D180D3C3B356C8574C8AE34BCEDA92C8710E6A485C319C0CBE085A69359440B027D37592FBEBC
                            Malicious:false
                            Reputation:unknown
                            URL:https://imgs3.hcaptcha.com/tip/b6ee99b405beab79ea07b6c5e31c27282f01c5db9a0f96840a9f410addf72843/5af4315a085aa19183805d33feb1a6653cbca8655320f613c70b4100d345fb1e.jpeg
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..msVh.S.fc."f....?.9u... ]..z.)...eK.D.r.o8.........L...E..5.+...1KV^.P.d...q..-.....7.2`.....?....&...c..R[>$}...v....j+a5.....*..@'...{..w.r.r..~..v5]g.rba..F.......1N......=...VwC.|..3.[......s#...T..f.(..tw....*...l.w..j...........>....K.r%..q.a..*=';.Eq!..A(..4.!..*.......4.[...8,z.P..".(.b..$t....N7..}..P...U*..O..T?.U..n.....#..Z.H..DN.R2...w....D.n....N
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3
                            Category:dropped
                            Size (bytes):4443
                            Entropy (8bit):7.914190205300284
                            Encrypted:false
                            SSDEEP:
                            MD5:75D2E8C946FD5A911D6FF0C8B954FBEB
                            SHA1:DC0E4BAB12BDBEF9E8D3B6C8C4E4AF690A4F7D36
                            SHA-256:81899C4238DCB844FD533814635D1C8A443A29B8AAF3B9CFD5718967FE0E5068
                            SHA-512:72D9B49E29A8E67ADB4EAFD172834C95F7F62610362B34D162698A26DD9B44DCC4AC317E9BF06E34DDBFC6C599527F418217F0ED683733437D17B8A8927BF5E4
                            Malicious:false
                            Reputation:unknown
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...I..q!?..q.!.1g..E.V..sS...5...y4)$^w$...J-....u...DB...d.:...B..].....).j8S./H....d.. ..,w...+/..^A.s.......`.....6z.....g.'.U.....\.....hf.>.(..Q.q..E...9.#T.>.^Wb...k....c..4..,77.e.G4....Q..^..#......V......A"?l.........9u.j.-....zd.q.lT< .$.N...AZ../..i.FKu.B.5...V...n`..d..k.\.0.....Y.....{z.....}go...Q......f.\m.H.d|.t.|.k......<....|:./u...k....
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x330, components 3
                            Category:downloaded
                            Size (bytes):90364
                            Entropy (8bit):7.9696958523086785
                            Encrypted:false
                            SSDEEP:
                            MD5:4A246A7C32C690EBF78FA708BD0E13EE
                            SHA1:6CDCEA0C08473AB6E177438F3E468D81B934DC33
                            SHA-256:AC07E2BE14C53E976BFFAF95D45EE7BD6BC8612D50E23DABAC2B1E686FAE7D68
                            SHA-512:70D71E3398597E5F1586B517C4B90DEEA2470003423941B0536FBCD24EB00C9070DC0249C2975B75BCB1CB0B038C0B9F94AA27CA43BCA9EBDE9D445D2CF6A177
                            Malicious:false
                            Reputation:unknown
                            URL:https://imgs3.hcaptcha.com/tip/10f2d25bb5d479bf92ba08ccf2059c0795b2c9fd93136510e58bc2576cd549e9/922ba244073984aca50483e69b6d5323033594c24dccd211125f927c10c95fe2.jpg
                            Preview:......JFIF.............C....................................................................C.......................................................................J.................................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..8....Caj.U..s<.m......?.q.9...ty....C.b*.m......=....kd...|=.........O7..U.."0.....;8."C.X.9.\.6.....=...yWl.9..>>....Mt.#..k..Tqu...e.z..NR.Mi.Wd.jx?..3..d..giYd.....u<~..sb.-~B.....F.."[......h....W1....Q].zd....E.....^..RL%J.wC.XCEu5.w.K.&..P..}{`.V.M;.c. &.....G9.H.u...=....U..".$WAP%..............E...2.D.*...>M.?h..a.=.3...\z.r.Q7.iT.E..
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3
                            Category:downloaded
                            Size (bytes):3956
                            Entropy (8bit):7.894227091625903
                            Encrypted:false
                            SSDEEP:
                            MD5:1B659C15819D30181196A8038E5CB9CF
                            SHA1:C4E0AC4DD7B8673ADF566E1AB1A79A7D5671BDEC
                            SHA-256:C6E29CAF770E00F4CF13B4681026440E0D1B854D01A276BD4CC851746941CC8A
                            SHA-512:21AC8120ACC01217CD20BD75F8264C66A04EA36AF91C1B77DBB503D8EF2A0FFA2C7A5B358024945348A5CE5C45E8A4E914C9AD7549A55A2A6E4C93D527E28AB5
                            Malicious:false
                            Reputation:unknown
                            URL:https://imgs3.hcaptcha.com/tip/6200ad4f89d5ca41b21581b1f8566e0538ab42b24c7b610f0424754c6a452920/c3d24c9fb87ce023be3198a3acd38388468592c71f72baa82688def520efcbbe.jpeg
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?....S.*2.C...Y..d...1R.H..tXd.[.NMW..g..>....vHwy{...Fn..M0\...5.^#...i~&.....b...q.7D..{.*..#..w....y.~+[^.."...J9\..J..4rD.F....A..'k....m......^T.X..9>..dh...z{U+....]~g.E.....c8.ZnR3..'.&.!!....2..D.??+...U.^+...U.hk.../..Ao..=..a....:.y7..O@.f.........a.....=..Q....p.98.D.n......"n...rZ.....f.o...R....F?.x.3...D..?.....Os.REp......OaY.K^......t
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 144x144, components 3
                            Category:dropped
                            Size (bytes):5450
                            Entropy (8bit):7.914538821367083
                            Encrypted:false
                            SSDEEP:
                            MD5:78FB2055AE5D55ADA97C2373FABE59B8
                            SHA1:C55D7AFAF88E0026A0883455FBC1BD89F32D5529
                            SHA-256:A5FC5C096F3C2461ED1EABAC727EDD6C960B1F61522B14D63B4E3A505454C627
                            SHA-512:A947A712B8B12171108E5538BD443771D12EC794EEE6E2422BBDA625E5EDB2F2B80D8C8B6D06F231610930C199B6052AAC4771367E98820D342C8F68D174F388
                            Malicious:false
                            Reputation:unknown
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..O...r...D+..f.-..f.sH.&b9j.O.`kR.{3....yI..3..B..;q\4.y.^gk.T.F......._.~N%...fk..K..U5...El..%.....\......u...t..I....qV.7bF],....{*....I.eO%......3...2D.G;QH...0G......DlF...,.....jZ.-.UlB..~..c...n....B....p+.....UbbL.z{V^....x;..Q..a{..Z-......p)..+..<Z..h.{..T....z.g+...`.x.."..4;.......\.?".2...vv6V.{..?...i.Z.3...R........,...*..g.....Q........I.TG.
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3
                            Category:downloaded
                            Size (bytes):3971
                            Entropy (8bit):7.898817759086963
                            Encrypted:false
                            SSDEEP:
                            MD5:A056A9A8D63869037B42B1C8BF2EA16C
                            SHA1:F1AB1F0F23902FCC2D54FDCB89019FF8FC5F9FD7
                            SHA-256:E3BAFA687A9A8E8561B251ED7605131757A1BDE026F2809F0BFDE0EEC92232C6
                            SHA-512:8F62FBE24A8A1AF5BD2CF959F62255A3A3BBF21BE9A18918FB4DD537F4BC1A5527D8319FA7B5F99C10A0D12C9E16159CBFDA3A85ED1B71C1036369D50091DE59
                            Malicious:false
                            Reputation:unknown
                            URL:https://imgs3.hcaptcha.com/tip/debf100a48481bdda493d1e53665c72ca745cc41ae26fce4e49cae199d8fa5bb/28e8cc877d7d5033478564dfc6fa619ef52f2458d5a9015801e473ef5991c838.jpeg
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.........K+...V...S$!.....t=n...{mn.1.=....'.(..[.m....2.A...I...$.Jq.e..8.WOVS.hb..s..R...=..Z.....T..H.d~{..;;.H.2.9..x..@.+..Z.G!..zsHt@...3..JktJ....-.)!Oj.l! d.k...m.*r...........uW+...vf. g.!......e.B.)|..&E;.d.|F..3\..[v.c........u.X..s...D.......QR............jf..E.r.H......#...Nk..E.DE3Z.p.pv._..r.7g.\Mo..yB..&.}s......\O98...kQ......%....Z.a
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with no line terminators
                            Category:dropped
                            Size (bytes):18
                            Entropy (8bit):3.3502090290998976
                            Encrypted:false
                            SSDEEP:
                            MD5:E000ACEF32012A650D8C243D77C7302C
                            SHA1:50624C2BAE8FE1A6DA065AB4BCA1C96822AE1820
                            SHA-256:E3933184560739B70B60E2D0E48A6C7D7E18F76D95362E11F4155267700AC3A7
                            SHA-512:D88E2A944FB1B88903CB2B7E207AE289C01770C3FD30A9A76F2031CAECC048AD474603FE393056F9C6E1A34BC6DD6A626CAD90773871095D11CED1241F49C061
                            Malicious:false
                            Reputation:unknown
                            Preview:Method Not Allowed
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with no line terminators
                            Category:downloaded
                            Size (bytes):16
                            Entropy (8bit):3.875
                            Encrypted:false
                            SSDEEP:
                            MD5:903747EA4323C522742842A52CE710C9
                            SHA1:9F806EA4288867A31A4AD53AC171AA4029DF182B
                            SHA-256:4BD8B60F91849C936AE45615145A7B7BE2CF803322A30BABBAE7267A142CA5BB
                            SHA-512:EEF73DC29A38ED70FFCFC321931BCB5B5A29FAAC356E8F6D84F57C532EEF44AE75021C341CF7DAE26B8211924A1C0E0EC4735F6BFC4AF3970A48EB63BFB7895F
                            Malicious:false
                            Reputation:unknown
                            URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCSlJh_i5eD8KEgUNg6hbPSGGklRDMawTsA==?alt=proto
                            Preview:CgkKBw2DqFs9GgA=
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 144x144, components 3
                            Category:downloaded
                            Size (bytes):5114
                            Entropy (8bit):7.871746407920848
                            Encrypted:false
                            SSDEEP:
                            MD5:41DA3150E818D6255C3092BA4458BAAA
                            SHA1:DDB95AB7206ED77A69B3C894723573F129B3C815
                            SHA-256:6931DC0115EF6B38472D5876CB00DD412914DBB03A3DCA9826CEB984470D14A1
                            SHA-512:FE4122857BC07EBFB50AC78C770B0C3A958A9A660A8A0C58EFC5C09B2BA74AD652BD9E704A80DB06F20F7CA0B5346CDCD3EC2CA5AF6C16D319417A346AD257B7
                            Malicious:false
                            Reputation:unknown
                            URL:https://imgs3.hcaptcha.com/tip/b66f24b5fe116993d70165102793187702cfcd8935ce8ebe8ecb37937ebb0ea8/94ed7ab4b17237b279324b4d115e9c8396e8f0216272ce3df118b907626b2d21.jpeg
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..".9<.p....\...P.f@...ML.<.?..%jZ.^;(.q.l_d...>...^......5X.$....}.......W_..>...X....|.K%.".I.j9.2.....9.\.N6..9x.?.7k..h.[..R.+..2..b.m,.......'5.Ad..q.C.S...).....;..............v.......6v`.....P.k...h.._....\.\..................l.o$pE.!.H#...a.,.H.pA.2A....4.CO.A:......./..N.I..H.j..t.Kkg...pq.&.....#....*.6.'C......;X.....q..~MU....}....t.G.1Ve
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with no line terminators
                            Category:downloaded
                            Size (bytes):40
                            Entropy (8bit):4.308694969562842
                            Encrypted:false
                            SSDEEP:
                            MD5:FD0955B2A6C5FADBDBC8EA233D323284
                            SHA1:1390107898AB592C99017FAE634841986A572290
                            SHA-256:1BC8199B06FC20C155DC0C2248F4363707D5CC9C6032FDDD32D0487B37E48CF5
                            SHA-512:B3B22F9F0DF2867B348ED4202752B67764AF9E59FAA7DEECFCC700C9B2F8E06420CB03FA5BEC49BE2729B02FE87D1AFBC30F3B4585D50AF07FF0913662092F76
                            Malicious:false
                            Reputation:unknown
                            URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhInCUwjZ553NCLGEgUNg6hbPRIFDVNaR8USBQ2_JFKQIfEd-Z-Vd4vj?alt=proto
                            Preview:ChsKBw2DqFs9GgAKBw1TWkfFGgAKBw2/JFKQGgA=
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
                            Category:downloaded
                            Size (bytes):40128
                            Entropy (8bit):7.994526034157349
                            Encrypted:true
                            SSDEEP:
                            MD5:9A01B69183A9604AB3A439E388B30501
                            SHA1:8ED1D59003D0DBE6360481017B44665153665FBE
                            SHA-256:20B535FA80C8189E3B87D1803038389960203A886D502BC2EF1857AFFC2F38D2
                            SHA-512:0E6795255B6EEA00B5403FD7E3B904D52776D49AC63A31C2778361262883697943AEDCB29FEEE85694BA6F19EAA34DDDB9A5BFE7118F4A25B4757E92C331FECA
                            Malicious:false
                            Reputation:unknown
                            URL:https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
                            Preview:wOF2..............$....F..........................p.....t?HVAR...`?STAT.N'...B..~.../~.....`..i..X.0..j.6.$..,. .... ..N[{.q.v...Lw.Q..o..J...6.Z.g.F.n..g\{t....%.!3)....sS.o...$."c.^<.iZc.I]c....0+. ..I..9.H.3..B.&.....'e....5.p.R(.j~\=..Wt.{..1.[u..Fn..<.-g.3..L..o.....E.-Q.........I..-/.4....{.Uj...3.K...g.Z....0...2)%.{......gN.../f.7....o.K....^V...!j...<...gf....\XjI.<p.PJh.4....*,*.S....&.C...R..,@ba..<..z.|.X.&.(.mf.w[..l.35Mp...A.A.=d........fj...}W6..y....[...i.......!........NLND....n'"...N*k)0<n.P.......w.j..>9.vV...Z.`.$$!.".(.`ATV.,..0.]3.<.d(...-s...2.w....P@.&...-.9x7.'....Sg.N=m.=....(..))-bA<.x.......=@4qs..Ss......K...{.=H.......z...NUS....Y..6.K.......n.....F4.B....=w.....+..F3...fB..........y1...,.(...`,..&vIrP.^.fiQY..5....H.a......q...s."..\..':.xK}...fU.z.j.......$L.......f.g&....R...!.Wmew3.1%2W.'"6u..r.q"F.......~i{..9xN.g.X..NMx.H.s@.8..J.t.SP.C`-GU)G/'..6".+......f..n..Aw....r....l.<r...Cke..D....T/."..c..mj..
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with very long lines (55266)
                            Category:downloaded
                            Size (bytes):55302
                            Entropy (8bit):6.013933592533703
                            Encrypted:false
                            SSDEEP:
                            MD5:08CAAA89E75F38BF8E498F4813DA5936
                            SHA1:2EB8E178E35D7689B44B7B406C26B113C7E511BD
                            SHA-256:69AF5FAF463DB1BE80837C4E8F7B2CD7BEB8F8CF85ABEE34ACBF4D5A37D0DF23
                            SHA-512:C12C2248013F077E33B9745E778C3E55602189D1E1D660D04FF59E220EF5744257266FBCDFF05334B81CFC1A5BF01F4D3C2F5B439FDF08FE6CADE33B9D85EB2F
                            Malicious:false
                            Reputation:unknown
                            URL:https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/challenge/image_label_binary/challenge.js
                            Preview:/* https://hcaptcha.com/license */.var image_label_binary=function(t,e,i,s,o,n){"use strict";o=o&&Object.prototype.hasOwnProperty.call(o,"default")?o["default"]:o,n=n&&Object.prototype.hasOwnProperty.call(n,"default")?n["default"]:n;var a=new Image(200,200);function r(){e.Extend.self(this,e.DomComponent,"loading-indicator"),this.$icon=this.createElement(".icon")}a.src="data:image/gif;base64,R0lGODlhyADIAPQZAPb29vX19e3t7fT09Orq6vLy8u7u7vv7++np6ezs7Ovr6+jo6O/v7/r6+vj4+Pf39/Pz8/n5+fDw8PHx8fz8/P39/efn5/7+/v///+bm5gAAAAAAAAAAAAAAAAAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh/wtYTVAgRGF0YVhNUDw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDYuMC1jMDAyIDc5LjE2NDM1MiwgMjAyMC8wMS8zMC0xNTo1MDozOCAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 144x144, components 3
                            Category:dropped
                            Size (bytes):5423
                            Entropy (8bit):7.917800342258408
                            Encrypted:false
                            SSDEEP:
                            MD5:5FA60E151CF5C8F07C701FF0A4E229FB
                            SHA1:9B7EFF0852526515F164A5F75F658A6FAB9ACE0A
                            SHA-256:6E1EDE46C373EC8267F976A3AD535C8DAA1D4237FC37C9F500DE0DC5CCCE8896
                            SHA-512:3FE2CB29A440C5734D55C9CF6DA72F6B9AE8D9058F8B6BF452F13F87387BD0D9F251ADA44A917B20E63B0985A58A5816D4CFE80F865137043EC569868EBD403D
                            Malicious:false
                            Reputation:unknown
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?........R...U.B.?u....%.).9..(......'.rG...{...ud..?y+}.....F..........CQ$[I.....VL......?1F.|.7....we.#.;.R..@..z{.B7F@$..9...r...S..s.....VORU$..8a...=....P.:..(..x.>..d.........."q......Z{.....~`.4.."_.NO..%..7...CP...=.w....@F....0?Q..o"]..$....?.^.6.^G../ou..d .v.9....d...q.G.z}.-....2...1...G...%..OU.....Lr..W.?._.jN#...<...=...uc.&?............!.....
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 110x110, components 3
                            Category:downloaded
                            Size (bytes):3612
                            Entropy (8bit):7.874843024182103
                            Encrypted:false
                            SSDEEP:
                            MD5:440F2EDF29CD8A226B77F855F60B446A
                            SHA1:BD0E5A5D8618561698B1506119F1B0E960B8B6A2
                            SHA-256:2E129D18C30A6405A0FE1F4ACD8AA85E0D8CEC08977B65DB140532A19E20D119
                            SHA-512:88D854CC12A35C6C1322AD4CDD2835AF41754F7B26563F658C7DE1228B6D31CF6E68F9FC0931D81B97EC7C884D5DAFA86035FA3F0C553A239680CDC96BA31EC3
                            Malicious:false
                            Reputation:unknown
                            URL:https://imgs3.hcaptcha.com/tip/06c2ec0ff34ed1a99c6792951f75d739fa1820306c30e007e8c5f8d87c25a718/76ee6f14709a180b376cd2437f0f9cec4c959b34f02f7f57e624cea63b61e856.jpeg
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222......n.n.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?........wU.....Z...m....0..:.<.Q."../.5.?..Q~.D..qU4.k..P.!b3....NN.j..r....:..L"...Sml.KF.y.Oc;...f;\.?.;.lq.W...q...K..e....5..e ``.X_.0..>.7gi....ai.O.i.9..8<S...."r=B..R..P<2..*.gv..XK[..X.6.......q..//>V.A......j..e.OEvs.ksca...G.U.h.sQ.i.Q./..fa.k..2..j.d..;J..5....o.R.v...U+.S.:...:..._.j.x..J05......X..R......'..5F......*......o.>....A.1..4h.O5..c[..X..6.
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x330, components 3
                            Category:dropped
                            Size (bytes):103578
                            Entropy (8bit):7.958212562185115
                            Encrypted:false
                            SSDEEP:
                            MD5:F147CEE68390D849A7D2CE250341070E
                            SHA1:573ADE01CA2358F02C899FABA9C420FC3EF64042
                            SHA-256:949CEAD4CD5B8944168D5629B2E98B7CE5239A0DEDF3FB99C77F8F4DD8EE6B37
                            SHA-512:B3D7A36E8DA9454310746679095FE9E27B1E5C79F1655F73361774954B444CC4F4367C82F96BD228819B55C0DD27144F7D99182E73C58BE0CD5EC3E534052B32
                            Malicious:false
                            Reputation:unknown
                            Preview:......JFIF.............C....................................................................C.......................................................................J.................................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..f...u..M"....3.............U>.^5#.......yS..y._..F..p5..8..HXt.& .........._OS0.".PWq<..,.]..%..p..>...R.s.q.}=.e....on..2..29.....)fU#../..|....#Z.Y.J.d...@.........R......:...Pk.9W..%.8k.j..-.ei^{;.0..T..A./On=}.5."..t...,....'..&._9....$..2y..k.F...N..$...zKog..>..I..%........~-....Z.i..{kp.6...yi'.[...O8..;...P.hW...I.....{..J|.M......_.V....IK
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3
                            Category:downloaded
                            Size (bytes):4079
                            Entropy (8bit):7.905037398353152
                            Encrypted:false
                            SSDEEP:
                            MD5:FC2DE9F0AE29D1F25966679D1EA7A5C6
                            SHA1:66413FAED292F1E52C037211C6FB4E0CBB0AB19C
                            SHA-256:401C3FB5F8DB090959CF7DAA6AF63456D9BE941B45BF7C16846A438572CCF878
                            SHA-512:FAA320BA4015F8951A623209B925D2E5419AB3FBD505A2C788583A9F6901962E8C2C2E08B5D235D2D265FCB0BEA1882BB9C16E12C9C8DD6BB0EA7781B9D8D31F
                            Malicious:false
                            Reputation:unknown
                            URL:https://imgs3.hcaptcha.com/tip/1ac1a12da80bd680578dc75450f78894c43ab9d727321a5bf75d40c24c93e265/ff1d04640b7e0da17ab3532e6800418f35a722718616d7fe44ac03ac2e620417.jpeg
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.....|G.h1...,..3.#L}0..._.z..O..U...,."..2.,.Y3.Wh..0b..*...vRQ.;k....n...B).P.#.......B..p.!..0EC.......pw.\.,MH..`~.(....b...[.?....."...5i."|d..k6(....V.1.....[...-|......"7...P....<.#`.T...J.S.J.....>./.....qM.s....<J.....M2.t#JW.zq<.LGR.d....xf.h.$....#.#..IjO..3e..j.7.v.W5)'.B..FqK..Z..F.|)..>V..}k}..w.._....m..n62...P..T8.q.z.R..lL[.*......3+..<..
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 144x144, components 3
                            Category:dropped
                            Size (bytes):5200
                            Entropy (8bit):7.890699369438766
                            Encrypted:false
                            SSDEEP:
                            MD5:8508CAAC57766FE3037B47C05BD264E5
                            SHA1:6438C5292A4932E9D0FAE536CFBD166E70DD7E5A
                            SHA-256:4DEF4C436BE3DA1A67266C304136E433886CB718A6AA7257DEB20E014082DF6B
                            SHA-512:353A0FBBB2B83AE28B16AE796BBAD09AAF28F9FC234D4BD19A3485B62A9A2B77A4F2B398669C277E374F3DF4106383C7628898E08D2942AACFE38E151637357D
                            Malicious:false
                            Reputation:unknown
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.....k..r6..x.jx....z...7...........8..k5.:R.Y..........*.6..a..o.U.-.@.?......................5....,.....&.2.kN=4.......y..[ ..a@.......[4d..K$pn.E.F.......>.0?.....!..w...r<.J!-#d....)4...[..]M..|!.}..~.....l.eDG..#...?.....I..|5...................+.5.FO...kY....r.q....+...C.s.|.]l....c.%........G&..E.5.q.....jEh6[..R..wfL..I.UUW.9.......|K......O.j.
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 144x144, components 3
                            Category:downloaded
                            Size (bytes):5652
                            Entropy (8bit):7.923879563089951
                            Encrypted:false
                            SSDEEP:
                            MD5:E1EC2AF501EE896519A023A53FF0A2A3
                            SHA1:EE3B5C1167C16C22AFD813EDA20A8A5202EBF723
                            SHA-256:BDEA8E79BC4A21F11579FCC0EFEF7DD645C4AF6737BD09259776297DF6D1D85A
                            SHA-512:3D893BFEB50BE2E22CF249FB56A484BD52708DE4D9C2E2CE249D73E302C521167DF2830857DADD7CDC57905A56F9E5E26AD6981348536710816B6DFDB958845B
                            Malicious:false
                            Reputation:unknown
                            URL:https://imgs3.hcaptcha.com/tip/e71f44d014e133145acfd1a69bc8adca43856fca38f27322d95705d3af04a902/cfa065910b4b287b4e734f3190f17020ef9951cf732e7d7bdbf4b3f38d34f204.jpeg
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?....C\.?..Ju]X........J.*.1U]..l...7*...Fy...W...X.k.....o..g..5..2.g..?..Q.......mPy.m..P..&./.....".K.i..L...c..5.$.i....@.5...h....,.9<.....f......cd*..9...+.....x.m<...?.N..U.M~.V.......yg.u.....%eT=i...<.I!r>f...e...vH..a.u'..b...v.H..v.v.%Rr..z.........^+..5.., ...../.K.>_..'..............)..v$..x#I...)..y.?.1y........=.v.........]..on#...N.,..<T
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:Unicode text, UTF-8 text, with very long lines (41492)
                            Category:downloaded
                            Size (bytes):208098
                            Entropy (8bit):5.592940960724072
                            Encrypted:false
                            SSDEEP:
                            MD5:CA6C05BA10F2ACF1F6123DFF8F1CE8A4
                            SHA1:74746919920EF2C2CFFCA78557ACC185144E9B0F
                            SHA-256:EAC917FF3A4EDBD0D95C72D85F7539A2DC2A8D67C23D5C42904FAB6B76BEDC86
                            SHA-512:0D987898A3B816F6473E992ABA375D5226365BE5C5BC04CF0AFE834BFF2367F26DEBAC707C57654EE87602840BC4B41FFD0363B3F3BEE38AEED1797FA48BBC52
                            Malicious:false
                            Reputation:unknown
                            URL:https://js.hcaptcha.com/1/api.js
                            Preview:/* { "version": "1", "hash": "MEUCICqlA3TEM45lf4vUHPxenfVM2Bhvxe6VzqHYgzfrPioyAiEAjI1zQTwuJrBuhJvxijCoVI2gtrvPj5Tnl1N47rM+lcI=" } */./* https://hcaptcha.com/license */.!function(){"use strict";function e(e){var t=this.constructor;return this.then((function(n){return t.resolve(e()).then((function(){return n}))}),(function(n){return t.resolve(e()).then((function(){return t.reject(n)}))}))}function t(e){return new this((function(t,n){if(!e||"undefined"==typeof e.length)return n(new TypeError(typeof e+" "+e+" is not iterable(cannot read property Symbol(Symbol.iterator))"));var r=Array.prototype.slice.call(e);if(0===r.length)return t([]);var i=r.length;function o(e,n){if(n&&("object"==typeof n||"function"==typeof n)){var a=n.then;if("function"==typeof a)return void a.call(n,(function(t){o(e,t)}),(function(n){r[e]={status:"rejected",reason:n},0==--i&&t(r)}))}r[e]={status:"fulfilled",value:n},0==--i&&t(r)}for(var a=0;a<r.length;a++)o(a,r[a])}))}var n=setTimeout,r="undefined"!=typeof setImmedi
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x330, components 3
                            Category:dropped
                            Size (bytes):97331
                            Entropy (8bit):7.962026351364187
                            Encrypted:false
                            SSDEEP:
                            MD5:49A6194846464D7B93B01D3D8474B1DB
                            SHA1:54945154195802E3C215027023BA4357A3FA1DB0
                            SHA-256:DD1208710418E7F260C45795AE357331441808EE9C949AFA5D778EA398F8DD68
                            SHA-512:99B592875525AB2AB5245560AC1C63F872C482A30A7FC530135BE50EC181F2C81C87A79240F9744840C9A488940D2F19015C3EA87E90FBB58699D7415A1F262E
                            Malicious:false
                            Reputation:unknown
                            Preview:......JFIF.............C....................................................................C.......................................................................J.................................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..`L.1-.........).*.....=....E..U.*...?I..Y.U.....l=.....s..8=.15...3...Z.$.u...`.,QO.-.2.....;g........v."juJ.%...NQ."]R.b.s.....[.kRi.o.q..8.Z..)w.}........5.*...<2...uq.0.M'..t...[~.....c;]...:t...&hd.N.Z....*....$.C.;..m..e/...=B....j.9E.;..4......{.._1<o..Pz.l...k..'....z.T.z}.?N.....is3..s.i......D....0..F.J...wF../#.E...0ZB......).....s..(.j.)..i
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:gzip compressed data, from Unix, original size modulo 2^32 30498
                            Category:dropped
                            Size (bytes):8076
                            Entropy (8bit):7.958382159044041
                            Encrypted:false
                            SSDEEP:
                            MD5:21136DF955B89FE1BB92ACA7F9977045
                            SHA1:9F0A883F6AF3677F4EBB99B7CE0B99ACC620CC04
                            SHA-256:1CC4FD8BD8EC09B326D9F238DE4DC7F3172FA24578ABD1E409B004860F2D6FE1
                            SHA-512:C9B2B527C90B24D409B317D97DB5CFBBF829610CAF792D75383F0463D3320EB430A709B74D12148363154044D7B2723EDE21B2DA8BBCF5EC8102F7D18679B938
                            Malicious:false
                            Reputation:unknown
                            Preview:...........r..7..s.+.9@.LQi.*.t..P.7...).]U=O......$..IF^.y.o.O./..L.^"e..g..ep.}_............f..z..}.i:r.;..Q....j...w.E......>\.6..........]p3.p...x.{...f..5a.F..<....z...qE.....g:>..C..w..f...U\T..Ps.......$..7;...q!.;Q....$Q,..4.).(.%(|x.5...i.h...F..g6?QP.@...%C..c..........:."..(..=....h.wuS........=M0.....{.V....o.}...a.8T..P..r\.v...Q.%p.....o.:...s:,.....W.>.....:.9.}.Y.b......3.}N.k....3.}V.5.Wuy.....].._.....Y].._...>.7.w.5......}....M..k........R.%.3.]?..._.....o..}s..B..=^.9...c!?..~.M=............'..h.....$!.......(.v.w......../..1.....t.Wg.~}.e.r.qB!....M.E..~...~Dn......K...k..Y..?.ejS>E.5&....;.a/...^L._0r..s.....O8Y...oQRO.s..z!...Z;_..t....I..t.,.nz..^...t......w..|..v.....oW|...:.mMwi...{..h.I!..`...B.Z.5:. ...ql&7.P..<....WW......(uE..!..0.k.f....w<..g...2".a....1.......xt....T....W..k.T|...$^~..2/....7..+.*.._..>.z.A...1|.Fu.v....f.G..@...>.../8........4...'....[O.....i........4...?}.Y..=.Q.......(v.;``..a...v
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3
                            Category:dropped
                            Size (bytes):3981
                            Entropy (8bit):7.8911148351410105
                            Encrypted:false
                            SSDEEP:
                            MD5:8049689C0D01AA64426FF8C4F8452645
                            SHA1:5DC36D177F179562B3876927B61EE7CDD50A546A
                            SHA-256:7365F1F140B3A61AF41A1B49C5F4A38C7C0B27128D1A2D467441BA65BABEE46B
                            SHA-512:4E61B0F281EAA9B41A838BD98727AABF4D1A4CCAD507D0511DA87FAAA08F438CAB5C1709F576CB971EC25231F386371042311D611AB241992A4B5C2A864C3B8F
                            Malicious:false
                            Reputation:unknown
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...7.fgu*..P.O.....U0*.......`O.\O .....2.{R.-.RC'.Gz.K.cHh.).e..<....k.....m<j..!.lu.....y.$rI.../.<.....m.hR.n..7Z\.Nc.6WV...G..E-..Fk.u.>....`N.2(..a.(...H4*.Fu!.#.[Wx..E"C*.`.)4.P@....4..@....WG&..}.F.~.9......H+..m)S$..5.Pg....z..5.E..n.....#..[...l...9:.~.[R..(G./.@.#......u...xoR...C.-XB1.....5SH...w.......z}..6.*F.....)...... ..s..#...g....
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3
                            Category:downloaded
                            Size (bytes):4270
                            Entropy (8bit):7.898439012670255
                            Encrypted:false
                            SSDEEP:
                            MD5:557CF0F71304B784691EFEC345EB92A2
                            SHA1:FB91AD7B0D726F2D4603729EC957B14F11961E35
                            SHA-256:CF6553A359AEFF35FF924E0D6A60CF6CF2472C44B48A73530C863549DB483FBC
                            SHA-512:72301352584342C712BCA2D76179125430AEF3D6E08F0AB2F2DC069840B68D602EB83EB992477CC4FCFF5A118F47416AC16D8DE9624AEA3BAA2103D20F6B84CB
                            Malicious:false
                            Reputation:unknown
                            URL:https://imgs3.hcaptcha.com/tip/1801e4bc258d5bd887fdcd15406cacaffa7b595eb430be6508d9db6557aecafa/f9548149acf7ff470e9b670aef41b94bc28eca52fff022b8c9f8345d24ba680e.jpeg
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...0..o..8..2=.z.1......z.U..:........<..,. z._...Z.[f`...z.W...}.M..;!8.G.z\wr.ss......*.mH.r.OG.`.,#+....,e.{.MEUu......2.?X..l..F;gQ.k...;......*.S.Z-....r.....y.Z.{.......J(.......k.D.[X..Ikr...B.E.<..V..#d.....r..V...z.=w\....%..'...K5if..OA|A.......X4.......R.G.Px.N..(.:>.s..^1yg...Iu.........u?..x.}R..P.i...jJ.8.X..Y..|d}x.~.c...../.j..sFf}...CZ.}..:..G
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 144x144, components 3
                            Category:downloaded
                            Size (bytes):5340
                            Entropy (8bit):7.898417836467212
                            Encrypted:false
                            SSDEEP:
                            MD5:0D86150DB27B708BA25EABD35D6BAD4F
                            SHA1:E93CACD41F17A124BBF6C5469D9E4D6352623103
                            SHA-256:5E83D843BC09E631EDEB99AA42A272E1A9AB2CB36B58402B901FA379AEEAAE90
                            SHA-512:F6579DA4523204AC9BA5A49C564560E78C5F1C1A63B52CFC7E16AC6B8161F40E54D7DF3E8C9D36BDE4B672502511784022F367B7EE59B63C72F12CEB2D7E451A
                            Malicious:false
                            Reputation:unknown
                            URL:https://imgs3.hcaptcha.com/tip/790de3dd5687bad17465c89ba11015bdfc6a654ea7159b91977c23b2bd761b10/b2b08acbd31e50c2a203669d28313a9a57759167d424a98e071b4fc52746451a.jpeg
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..UX..B..........O.:..?.4.w...v..c.T.cz.8\.$ucB|.+"H.....'.a......$..]..9..$j.....n.?.aV..B....E.?B)."....4l.D#tb.......1.....?.i.d0e.a...q.MX.IW.......V..G..-...#....m..!..7.8.Q.jVL....v..:...."...I....4n$...T.&.y.{....*S.0.I...\~."..H *...(...R2p.y.W.4]!.B.&..0Q......J.F.m+.....h.C.wt.z........y.qC....'x.1..?.4..;..f...>.{.j..#.........pF.....o..^.H.,&e...
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with very long lines (65501)
                            Category:downloaded
                            Size (bytes):78514
                            Entropy (8bit):5.789092451478665
                            Encrypted:false
                            SSDEEP:
                            MD5:6FF4D76AA69AADDDF89F47B161C12899
                            SHA1:A89B013E0AF6DFC73FDE82DD89EE12185F5F29E1
                            SHA-256:8E5B248540F13C600F0431AD153FF15746EB58419F0B809A7F66C9C868456318
                            SHA-512:9A7C10E69A31E1421D3CF05978B38548ADC228B40C46F0BAB67003CCF2D1C1E875E61BCE317A9A13DA30ADD471A137D04E90DA32BC2EE84928520E09D844C78B
                            Malicious:false
                            Reputation:unknown
                            URL:https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/challenge/image_label_area_select/challenge.js
                            Preview:/* https://hcaptcha.com/license */.var image_label_area_select=function(t,i,e,s,o,n,h,a,r){"use strict";function l(){i.Extend.self(this,i.DomComponent,"example-image"),this.width=0,this.height=0,this._image=null,this._visible=!1,this.$image=this.createElement(".image")}function p(){i.Extend.self(this,i.DomComponent,"bounding-box-example"),this.width=0,this.height=0,this._visible=!1,this.$container=this.createElement(".example-wrapper")}function c(){i.Extend.self(this,i.DomComponent,"challenge-prompt"),this.state={locales:null},this.width=0,this.height=0,this._visible=!1,this.$copy=this.createElement("h2",".prompt-text"),this.$block=this.createElement(".prompt-block")}s=s&&Object.prototype.hasOwnProperty.call(s,"default")?s["default"]:s,n=n&&Object.prototype.hasOwnProperty.call(n,"default")?n["default"]:n,i.Extend.proto(l,i.DomComponent),l.prototype.style=function(t,i){this.css({width:t,height:i,borderRadius:4,right:0,top:0,position:"absolute",overflow:"hidden"}),this.$image.css({opacit
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 144x144, components 3
                            Category:downloaded
                            Size (bytes):5554
                            Entropy (8bit):7.924690891779891
                            Encrypted:false
                            SSDEEP:
                            MD5:D30A43A301B3D273120F34E966DE4665
                            SHA1:F3AA28C1B2F4C56D14EA265922897E231995E062
                            SHA-256:605F294C3FE32FDFA0605AAEFC1C3593A2CF655F3B68E02C08809028314EC532
                            SHA-512:0E6253031007A47231D59DD141E24136D942315BD06A82F14E05F299AE6F1F23329565CA6D18B5025B1C36B5AFF5876FAF86DB0593833DC8BE886C3607EF27E0
                            Malicious:false
                            Reputation:unknown
                            URL:https://imgs3.hcaptcha.com/tip/1f6347dd61409830f19b1a66bdb025da83bd0da9034cc20b2fb68d1a3f3558d7/77ea66fde3a783209f73d3700727d7d98ffef38cd6853b20a5ef6aaefb3cf323.jpeg
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?......|..e../...s..L.j...'..V=.k..$..G..=OE....1..p3.v?J...d......B.$....H.......'.=j.....c..c..-...!...( .#.....).@..;.}......3...........t.....3.p....QN..D./..#...~....B.fR..c3p.+.9..N.kFLh..<.....A.....J..S...$..R>02..G...z.+.n..b....;.......^.K....k"..g*.OS..~.zU.-.....w.I.-.K.}.p6..c...5..."<..,1......Te@9.......e(@...T...i=~..mPhQ..;DL.S;v..1...V...P.
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 144x144, components 3
                            Category:dropped
                            Size (bytes):5512
                            Entropy (8bit):7.880199373125048
                            Encrypted:false
                            SSDEEP:
                            MD5:64DECAD1D1C1A6838302C685CFF7E696
                            SHA1:871826A3D67BE15300C33B070095C2ACE3C921FE
                            SHA-256:11F42C5C83B1247BC2A8F3923DC0F0FA70DBF79B2B0D8E122A6B482B35E35ED8
                            SHA-512:7C932157EAB75CE0D9270B72F059CE655B03C1DFA116831C16EF740466D2D376EEBC72DFA3BB4DAB8B6F5583D52AED137E62111E65FA5C92B0BE0EB6DAB47CD9
                            Malicious:false
                            Reputation:unknown
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...!\../..&..d.I>U^UOos.J...$.@.T.......F..a..).f.+..B.fB....).f.yd..f.....4*..........Q!?$.7u..>..2.....~%..<.......t.q.,:{.x..oQ......jQ..%.....7....... '...'....Y.9..#...J......._...N....vt$.....+..Em.`.2#......_oz....yj..R.w..o.B)........ZE...$J...xoc.C....Z?0o\...?..}..w..*W.......$..S.t...5........oc.M..7..;X..z.....iK..C.....z.SW....(.H....:..\cn....zV
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:HTML document, Unicode text, UTF-8 text, with very long lines (39767)
                            Category:downloaded
                            Size (bytes):415840
                            Entropy (8bit):5.595033636342777
                            Encrypted:false
                            SSDEEP:
                            MD5:334FC2F1F48A82AAEC1D5E8351639ACD
                            SHA1:3DC4AABA202A9AF8F3A4DB9BB4FA92EAE93601AE
                            SHA-256:ED99EB40086D1BEB8AF8D0B89DA6BAEA5332AD7843DAF77EF2DD63341D9F4EF3
                            SHA-512:77DB115064FB7EFA26E49F237B8936EDB8C850956AC549D06A2A4ECFA85602490B21D57874FCB4546104818926A5E34B4978F238CD0BA9B7161CCDEC7CDC66AB
                            Malicious:false
                            Reputation:unknown
                            URL:https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/static/hcaptcha.html
                            Preview:<!DOCTYPE html>.<html lang="en" data-id="hcaptcha-frame-14dbe0f1619b8014e2630bcdde727e7785a80dee">.<head>. <title>hCaptcha</title>. <meta charset="utf-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <meta http-equiv="Content-Security-Policy" content="object-src 'none'; base-uri 'self'; worker-src blob:; script-src 'self' 'unsafe-eval' 'sha256-0m7b6Qc+cU+jCwBIeuVZl8o9AumAMy5E/wN/m6Ps9vs=';">. <style type="text/css">*{-webkit-tap-highlight-color:transparent;-webkit-font-smoothing:antialiased}body,html{margin:0;padding:0;font-family:-apple-system,system-ui,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen,Ubuntu,"Helvetica Neue",Arial,sans-serif;overflow:hidden;height:100%;width:100%;background-color:rgba(255,255,255,0);background-color:transparent}fieldset{margin:0;padding:15px 20px;border:none}button:focus,input:focus,select:focus,textarea:focus{outline:0}:focus{border:none;outline:0}textarea{border:none;overflow:auto;outline:0;-webkit-box-shadow:none;-moz-box-shado
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:HTML document, ASCII text, with CRLF line terminators
                            Category:downloaded
                            Size (bytes):4265
                            Entropy (8bit):4.368889753610814
                            Encrypted:false
                            SSDEEP:
                            MD5:6FA3FFAB1E140301CFD57081A2FC2EC6
                            SHA1:81AC9F01DF8ADCC5196203D8122EF796A62BD2F2
                            SHA-256:E339F2DA4CB880A003C7E9DF2E0D5E74E4FB317ADB413CF8E3701F0ACE3CA5F1
                            SHA-512:98F3709714A6FB0599273189A358FF0A8411ADD91D0491F67CE784F3F8A124E71BA3986C49B4F772C4B7F075247893A72FB59FEEBDC84D54E6603AF2ED63974C
                            Malicious:false
                            Reputation:unknown
                            URL:https://sauravsadangi.com/project/
                            Preview:<!DOCTYPE html>..<html lang="en">..<head>.. <meta charset="UTF-8">.. <meta name="viewport" content="width=device-width, initial-scale=1.0">.. <title>Business Solutions - Secure Bidding Process</title>.. <style>.. body {.. font-family: Arial, sans-serif;.. background-color: #ffffff;.. margin: 0;.. padding: 0;.. display: flex;.. flex-direction: column;.. justify-content: center;.. align-items: center;.. height: 100vh;.. text-align: center;.. }.. .container {.. max-width: 600px;.. padding: 20px;.. background: white;.. border-radius: 8px;.. box-shadow: 0px 0px 10px rgba(0,0,0,0.1);.. }.. h1 {.. font-size: 24px;.. color: #000;.. font-weight: 600;.. }.. p {.. font-size: 16px;.. color: #555;.. line-height:
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with no line terminators
                            Category:dropped
                            Size (bytes):14
                            Entropy (8bit):3.6644977792004623
                            Encrypted:false
                            SSDEEP:
                            MD5:0CEF85A06BA488876294077160628616
                            SHA1:85ED668F4B9369F661F9F5D07AF7FA56F568471D
                            SHA-256:E7196C74A5271AB14B6DB5B0D9F1BD22622CB7FD9F5E426F2A4BB578EC268ABE
                            SHA-512:E7F076037848AA802510F6B271EFB46FB09A305D2F5EB3CB873145174275FD7F06498AE11F09827213CFF86A0E5563F44F6477D41775CBE228A81FDE828A76E9
                            Malicious:false
                            Reputation:unknown
                            Preview:Invalid Method
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with very long lines (65536), with no line terminators
                            Category:downloaded
                            Size (bytes):768408
                            Entropy (8bit):5.627805853114041
                            Encrypted:false
                            SSDEEP:
                            MD5:7BD876C8F9F3642A65F0C04E462EF689
                            SHA1:CFE21DF3DEDE50F3C4377530D52408184C78A2E5
                            SHA-256:7FBAB0D2B0A093E3A77806320E17D421C2585EE527BDED9097C5FE0BA9AC8029
                            SHA-512:421AABF66069CFD62739D83FC6A07502D6CA9E404BCE6F9821B371F6D5154509BC0029291C7E6805305051AC510D71E40B04FAEEE8BBF6D65AB85BBA39BEDDF8
                            Malicious:false
                            Reputation:unknown
                            URL:https://newassets.hcaptcha.com/c/5fef759e34a955dd56ceddd805e6a87d3f7d854c8c695bf797d43331bebfee3f/hsw.js
                            Preview:var hsw=function KXaKYm(){"use strict";var dr=function(de,cG,rg,tZ){return this instanceof dr?(this.remainder=null,"string"==typeof de?Dw.call(this,de,cG):void 0===cG?DJ.call(this,de):void Bw.apply(this,arguments)):new dr(de,cG,rg,tZ)},DJ=function(dr){return this._a00=65535&dr,this._a16=dr>>>16,this._a32=0,this._a48=0,this};var de=true;var cG=[function(dr){for(DJ=Uc,de=[],cG=dr[DJ(353)],rg=0,void 0;rg<cG;rg+=4){var DJ;var de;var cG;var rg;de[DJ(742)](dr[rg]<<24|dr[rg+1]<<16|dr[rg+2]<<8|dr[rg+3])}return de},false==de?false:function(dr,DJ){if(dr)throw TypeError("Decoder error");return DJ||65533},function(dr,DJ,de,cG){return void 0===de?(this._a00=65535&dr,this._a16=dr>>>16,this._a32=65535&DJ,this._a48=DJ>>>16,this):(this._a00=0|dr,this._a16=0|DJ,this._a32=0|de,this._a48=0|cG,this)}];de=false;var rg=function(dr){return null==dr};var tZ=function(){var dr=235;return null!==VJ&&VJ[dw(235)]===yC.ub[dw(235)]||(VJ=jx(Int32Array,yC.ub[dw(dr)])),VJ},pZ=function(dr,DJ,de){yC.Ob(dr,DJ,Dv(de))};var
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:gzip compressed data, from Unix, original size modulo 2^32 4770
                            Category:downloaded
                            Size (bytes):1901
                            Entropy (8bit):7.885073696015219
                            Encrypted:false
                            SSDEEP:
                            MD5:3E11A60D4BCE59ADEE77E68C0149F78F
                            SHA1:CD3B38136951AD2289FEC23F91C34268F7A5D4DB
                            SHA-256:CA4F785832F7973E1D00CCF7B8054F3ECEAE2B10718A6101F872649B7987D639
                            SHA-512:3DE0441B3B3F5AF1988C3BCE088B06A31179C7F65CF144024D7C807CA1AEF8DFD93A4B88A3338B9A3F035030E95250494150ECB50813B68AD69E32E1ADDDEA81
                            Malicious:false
                            Reputation:unknown
                            URL:https://sauravsadangi.com/bid/sharefile.html
                            Preview:...........R.r.7...*...gM.J3.~,.4...S..r..f...@......c.[n{Mj/./.'.G...)RCR..K........y.....g.!......_...v<..F......W?G. 3... ....at.....D.p."...Z..jE.@.DK......&-L..088H..X....h....r.T+...e...9Y...O..........#d..A......<HH....B.D..#C8.6..6..[7r.z.qF..w...t.......A.."..f......"].....A.r.."$....V.N..n.\..D.Y..S..~.~{.T./>.5rj..V......=h.S..!...^..o...8...*..8...q..Q.....e.....Y.p.....oT...6.y.Q..fy{p..N..]..X..t..V..-.E..dE....7........u.&....}..%..pK.e.2..'....?..vw......3.K..z.Pb..e=..h.N..kr..e.xzp..N.a. .W%....M.O7...9::.1..E...hT.~9t...].li..DE.F0.U{.|.....J)o7..F.2.u@..si....Fdo...n..(M.Kvk*...-.sc....,}..).....Y........[...M..+....[.^.&...j.OF..:G...A%Wl.n........l6.w....._Az].pU..,s...u.'.y...E.nI..ek.......$...>.T...{{.z...VV.... ...RJ..M.#.&.n.i..q;...o.-....u.Q..}..6._..#=7Xm..^.vK..>%..K..bdP..RaB3f;1.X.s..C.C".M.)....<....>D.Y..".V.</G...\......a.....mx.......n.X.{..u..n..".J"f|...57bS-.B.N...g...sC....=.[_......&#]^.$...R.s`......
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 144x144, components 3
                            Category:downloaded
                            Size (bytes):6126
                            Entropy (8bit):7.907235736342254
                            Encrypted:false
                            SSDEEP:
                            MD5:FEF3F96F1069590AC3D349EBCAAEA408
                            SHA1:47393E2B83C52ABCCF7A5DF7DF5A9AE108422AA4
                            SHA-256:E7C6424E2B689BA7DB02D589400A932CBA31C92850C49ED83F30FA01178EE83F
                            SHA-512:CD41AC114D6F098EBC8611BABBFD2AA13DAB0979CB293ACE9844287C217F40A044F1D182A66975FDFE655FC08E49A749B22EA99535BDC789AB5A1436C0A41AFD
                            Malicious:false
                            Reputation:unknown
                            URL:https://imgs3.hcaptcha.com/tip/a9da137e9bfb03e5dec5b234f7ff9ca6359cfd0945e6fd3a9747266172c80782/5d7e89a32f834b449b9dcf64a834d813ede35f337052e00a35b0ecbd25e9f474.jpeg
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...[Z.3&....w.MMg..|..w.....}..u}F..w.9U.Os.[.....m..T7.5J7wb...}l...I......j..FS..H......9k..w3r...5F6.1.Y{.w.Ef..l.....'L..&|...........A..X..Xd.2.....}>..0..9e...=.J...l~FB.....T.mP.M...!.........X.?K..........y.....h5Q).6@?..}.b.VK.( ...?....).v..G##..x%..S.}O..F.....u.....5;.e.7n8.....T{B.$EV<.^..{.rW*...U....%..?..}.w@...,...>a.{..ie-..Qw.....O..o....pr:...
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 144x144, components 3
                            Category:downloaded
                            Size (bytes):5222
                            Entropy (8bit):7.9109190000765945
                            Encrypted:false
                            SSDEEP:
                            MD5:573C51A7652B7E439A7C2A087BBE85E8
                            SHA1:3BA9750E03B8672EB2CDBFF7AE2A1FF7C35F2F3B
                            SHA-256:A6E490D608D010C18A0094285FBDD00963B31D2D10BC233DDCBCFA3414BCAF50
                            SHA-512:F36C8765FA8D81D7A5F8CDECDFD3E63E292F31A32072D344EC3EB7CE4421F5F8F105FD99AE8D6E4DE75411A3C8A4158C1AEE88EBD6D2AAD24D8389AAF3F92B23
                            Malicious:false
                            Reputation:unknown
                            URL:https://imgs3.hcaptcha.com/tip/9545a390679c35bfe8c69fdec4f29340a0e252d42bb14322605f52eeb44a7471/4b5bf4db9b9930b4cea55b61ee74cd480f3cf5730836084dc21e682c6476d7de.jpeg
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..'.g.}....rI..YX.eg....1.x.O...:....;.@..\..........C...U.ku.....5&..,G.+J........W....$..........?..F..Y...=.D$.....#.-..0.g...j...f.m.....e.... ..Z...#..E>.........:.;....\....{....k]Z..q..o....2.......a.hP.-...!.F|..dc...x.~%r.....e..........g...ns.b"...'.....\......?......[4=L...i9..m...Z{.\...s.t........yo.S....>Z.H.9.....%.#.....".c..>.....E....
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with very long lines (1572)
                            Category:downloaded
                            Size (bytes):11170
                            Entropy (8bit):5.27601930271989
                            Encrypted:false
                            SSDEEP:
                            MD5:B7A6169D3E32B4CDED47137314AFD3EB
                            SHA1:BA9679F0B7334C2E52A124FE491E6420832C9E37
                            SHA-256:1D563B69D0BFC84B7AB554235CF8C7D2463187FCC7F25E6A2A1B2D2805C3B63D
                            SHA-512:940C477F8610F2DB00A542F59660AD9EC7B6E58B417079647AA127D75818E910A7C33E4F2AF92A7F16D5EA8A03F6E55FACA3F97430C54256A25157ED154E6B80
                            Malicious:false
                            Reputation:unknown
                            URL:https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
                            Preview:/* cyrillic-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3GUBGEe.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3CUBGEe.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-fam
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 144x144, components 3
                            Category:dropped
                            Size (bytes):5882
                            Entropy (8bit):7.9308965941879155
                            Encrypted:false
                            SSDEEP:
                            MD5:9A18338450E2C91F56F3435E07A89CE0
                            SHA1:DB4D13C9ABAA5FE20DCC0E7AA2862DC64981F1FC
                            SHA-256:C7D18249669C2F02CA545DC0695264A78725A7718B3365DBDCDEDB5E435D234B
                            SHA-512:0B7B2FF0E37E084CBA377A03EFE752391D7B2225865CE2E87FFAB8AE0C0678772AD91C8FE05C61B4C790901A23EB6B0A0995B047CF6BCB596FFDF18817D4CFC5
                            Malicious:false
                            Reputation:unknown
                            Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..>*.3V.Rs......<..U.;.K.. .dz......s...9.T.....l....C.F.*.g# ......;.A.u.-..f}.?*..:....0.=L&.....Y......*.Q.q.g....:z".`.R.....e.T.*.q...i..v...?...I.?...~...H.D....N.....T.EanT...~.......D.&8.{...&.*........}.*.5 J.*....G...~.r......c&I?E....hdY%..v.......*:.V....5s."..B.....0.?.+!.......9...+.a.U.........D...<.k..S.=..R....Y3..C.Z./...(...k.G..p}..M..'......
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:JSON data
                            Category:dropped
                            Size (bytes):796
                            Entropy (8bit):5.8233933191523
                            Encrypted:false
                            SSDEEP:
                            MD5:250C6A2AD3AFB0E607FF451BBD6CF06D
                            SHA1:0EED089188ED87B5F528F9720BF23AC961C696AD
                            SHA-256:57EC0435E799A5550DE5309C1B6F5A5343FB0B55BCDE5E1A20EFF3C001ACEB26
                            SHA-512:E63B793BB91315C0B6E10ED35A79AEF152A365488A2449F1506256DC4F9DBEB919286F6E36FB0D1F98177FF74816D59C90FEAF434FC8D287A26A22596353D106
                            Malicious:false
                            Reputation:unknown
                            Preview:{"features":{"custom_theme":true,"enc_get_req":true},"c":{"type":"hsw","req":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmIjowLCJzIjoyLCJ0IjoidyIsImQiOiIwQkoydjBxbUErQ3Y4QzRXVFJ4eWV5UnBoWGNucFlDM1QxUkx2Q29GanIrNExzVnlvMHNzNzVMSEhWWlAyWVNTZGwweDY1M2Q2eDBxYnMwV25kTEsvY0kzbTY1ZHVIdXJJN1gyd3EwQXdvNjhtaTIrMExzQ3hYVUFoUTFDRUhGUExxZWlOdnlMTktXUVhudmtaNlhXSGgrZ2xjclBMZkpRRlkwZldrZHBOSGpraU1MSU41emlBZC92dUZrY2liZ1hiOXVVa3BYZXptQVZlZ3IzbUZjL0JSeDM3Mm8veHZiODMrTVNlNU13bG40NEJlMThIVWxGdVpGRjN4aXVaRHM9SVRTYldiZCtoMHY1SEQ5NCIsImwiOiIvYy81ZmVmNzU5ZTM0YTk1NWRkNTZjZWRkZDgwNWU2YTg3ZDNmN2Q4NTRjOGM2OTViZjc5N2Q0MzMzMWJlYmZlZTNmIiwiaSI6InNoYTI1Ni1mN3F3MHJDZ2srT25lQVl5RGhmVUljSllYdVVudmUyUWw4WCtDNm1zZ0NrPSIsImUiOjE3NDI0OTA4OTcsIm4iOiJoc3ciLCJjIjoxMDAwfQ.VvQXcVomQDAKYH_uioHyJdiKfvdXij8qi1laU8D2Od0"},"pass":true}
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:PNG image data, 318 x 159, 8-bit colormap, non-interlaced
                            Category:downloaded
                            Size (bytes):2538
                            Entropy (8bit):7.861950039112471
                            Encrypted:false
                            SSDEEP:
                            MD5:D572833F4B36F1655981138C129A1846
                            SHA1:DA7A5443748E8D5BBB73AFD218BAF463CC0138DA
                            SHA-256:F1F40FD7832B7FD5399F143534C45CEA6D8678C6A0FC885714B6A08BAB161B30
                            SHA-512:05B619FDBC3D49AF6C0C7A6D4210B3345371110A06F50BFEE609E75BE0C61D981AC3D1619C55C74D69FB0EA99BCA6D10FDE546E4EF48E4A6C806516D1178D72D
                            Malicious:false
                            Reputation:unknown
                            URL:https://i.postimg.cc/1X65jWGH/shareff.png
                            Preview:.PNG........IHDR...>.........W.E....{PLTE.........iii...777...... ......\\\...RRR...........nnn...@@@sssbbb.............***...333%%%III..................DDDNNNtR.:...*IDATx..ic.:..."TDp..V.j....L.&.K...s.<_.,C.f..$..#.. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ~=I?~u..f>...../[....#.W/.Y.s...aD...4|.w..r......i.D..?`r..m.a..?`.A.+..1.).../`..c...ag.........@.4.m.^#_.T..(.)..q....,..9....o.991...x.5..Y%...3...{...]......[\.z<.;.............3y,.}N....S8..M..io.K~.|..........X..0...2i.lZQ...W..C..].X....Gpad.......(..OYH=uy.|.c.'Q....v.E..&..R.f.@.O5.2n..%...U.s.=m.4.R..r.8.U..N.U.>.....}/...*....q9...6!l$.9.1../.o....w.z.....j...|.3.L..E.w.9.G .......v...`"dpF..7q.y.1....#_q...E.m.N*&..d]}...T...K.....}..s6T..P+3..O>....eN..Sj....4v<;..o..[ ..h..........dx.d{...zQ.\.#H.|.4.o..{T...DOv.])C..k .{..<..r%...a=..m...?....J..[0....S..M...![..t.c.7...8.;e>)v3...p..8>..d#;K.F.iM.b57.=!a6..d+..d.9vw.F...7.e..z......B...)S.....%.Y..T.+..r.6
                            No static file info