Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
Critical security alert.eml

Overview

General Information

Sample name:Critical security alert.eml
Analysis ID:1676172
MD5:924a036128c07f534a84d994336f080d
SHA1:f203a5571632b4d8bd04cd2a87aa79803ede915a
SHA256:cdb2453c2ba560b75a953b37265d25bae579c7367feed37817b5656abf08b376
Infos:

Detection

Score:21
Range:0 - 100
Confidence:60%

Signatures

AI detected suspicious elements in Email content
HTML body contains password input but no form action
Queries the volume information (name, serial number etc) of a device
Stores large binary data to the registry

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • OUTLOOK.EXE (PID: 3940 cmdline: "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /eml "C:\Users\user\Desktop\Critical security alert.eml" MD5: 91A5292942864110ED734005B7E005C0)
    • ai.exe (PID: 6204 cmdline: "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "E07296C8-43A2-4A24-BDDF-34B0E31F339F" "DCD95DDD-5DBE-49AD-AFBD-5B301EED69C9" "3940" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx" MD5: EC652BEDD90E089D9406AFED89A8A8BD)
    • chrome.exe (PID: 6660 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://myaccount.google.com/notifications MD5: E81F54E6C1129887AEA47E7D092680BF)
      • chrome.exe (PID: 6864 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2004,i,11585847573445717970,7526823738632548232,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2204 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
      • chrome.exe (PID: 5620 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=2004,i,11585847573445717970,7526823738632548232,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5964 /prefetch:8 MD5: E81F54E6C1129887AEA47E7D092680BF)
      • chrome.exe (PID: 4264 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2004,i,11585847573445717970,7526823738632548232,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5828 /prefetch:8 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 , EventID: 13, EventType: SetValue, Image: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE, ProcessId: 3940, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\OneNote.OutlookAddin\1

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • Phishing
  • Compliance
  • Software Vulnerabilities
  • Networking
  • System Summary
  • Hooking and other Techniques for Hiding and Protection
  • Malware Analysis System Evasion
  • Language, Device and Operating System Detection

Click to jump to signature section

Show All Signature Results

Phishing

barindex
Source: Critical security alert.emlJoe Sandbox AI: Detected potential phishing email: The URLs in the email are obfuscated through Sophos protection/redirect links rather than direct Google URLs. The email creates urgency with 'Critical security alert' and password breach claims to prompt immediate action. While the sender appears to be from Google, the formatting and structure differs from genuine Google security alerts
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: <input type="password" .../> found but no <form action="...
Source: EmailClassification: Credential Stealer
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: Iframe src: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1938205489&timestamp=1745835380285
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: Iframe src: /_/bscframe
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: Iframe src: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1938205489&timestamp=1745835380285
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: Iframe src: /_/bscframe
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: Iframe src: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1938205489&timestamp=1745835380285
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: Iframe src: /_/bscframe
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: Iframe src: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1938205489&timestamp=1745835380285
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: Iframe src: /_/bscframe
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: <input type="password" .../> found
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No favicon
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No favicon
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No favicon
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No favicon
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No favicon
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No <meta name="copyright".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No <meta name="copyright".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No <meta name="copyright".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No <meta name="copyright".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fmyaccount.google.com%2Fintro%2Fsecurity&hl=en-US&ifkv=ASKV5Mj81ON7MSFSQH9r8Y3_OnoEsijwFlM69CDXff0RGs_d1GO5TeMhlJr97XmfKZspcZ-3uApNtw&service=accountsettings&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905589463%3A1745835375449045HTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 142.251.2.84:443 -> 192.168.2.16:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 192.178.49.196:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.176.14:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.176.10:443 -> 192.168.2.16:49774 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.69.4:443 -> 192.168.2.16:49779 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.141.84:443 -> 192.168.2.16:49783 version: TLS 1.2
Source: chrome.exeMemory has grown: Private usage: 11MB later: 38MB
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 192.178.49.193
Source: unknownTCP traffic detected without corresponding DNS query: 192.178.49.193
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /notifications HTTP/1.1Host: myaccount.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /intro/security-notifications--activity HTTP/1.1Host: myaccount.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "134.0.6998.36"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-form-factors: "Desktop"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=P1SHlclC_OeisMzrmEFbzC1-L3ZFEAhxjNNPURNZU9cGzb9RcBillZQqhSeNNbKhd8iTBZICE3Pq0JtHGCH28Erb40vAtPxGmGW8fxXboMfGNzOnqWOhHFiX16SHozJXaYDbMTQguqS9mCMbSyorXMbMB4m9DUn4WOESHQc_uozVOQ-TUdGR0P8H-URocy_Ilm8GYw
Source: global trafficHTTP traffic detected: GET /intro/security HTTP/1.1Host: myaccount.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "134.0.6998.36"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-form-factors: "Desktop"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=P1SHlclC_OeisMzrmEFbzC1-L3ZFEAhxjNNPURNZU9cGzb9RcBillZQqhSeNNbKhd8iTBZICE3Pq0JtHGCH28Erb40vAtPxGmGW8fxXboMfGNzOnqWOhHFiX16SHozJXaYDbMTQguqS9mCMbSyorXMbMB4m9DUn4WOESHQc_uozVOQ-TUdGR0P8H-URocy_Ilm8GYw
Source: global trafficHTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.BY48SQoc80o.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GDP1D38zSeS8hy4T0Ij3IgC1Nkw/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua-platform-version: "10.0.0"Accept: */*X-Client-Data: CLbgygE=Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://myaccount.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=P1SHlclC_OeisMzrmEFbzC1-L3ZFEAhxjNNPURNZU9cGzb9RcBillZQqhSeNNbKhd8iTBZICE3Pq0JtHGCH28Erb40vAtPxGmGW8fxXboMfGNzOnqWOhHFiX16SHozJXaYDbMTQguqS9mCMbSyorXMbMB4m9DUn4WOESHQc_uozVOQ-TUdGR0P8H-URocy_Ilm8GYw
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua-platform-version: "10.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://myaccount.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=m2vvUCrpzCwseHbAmBxz5kB94ei-koCcwOZ2Ds2xjxMFTBikLdsZ3QsPyR-EQYnYXuYSk-NW5m-3rLcgvCxD2RrvVqt8deWA2gJmBPmev1fdrWluH2QmqzW0mRymvikaDxIRpeS6L7K7pH92O1-HzJBOqMiLvXq1SEGmrrGATmlRluczHPe2I-5Jl8AFdK48nWVNBA
Source: global trafficHTTP traffic detected: GET /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/1.1Host: ogads-pa.clients6.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=P1SHlclC_OeisMzrmEFbzC1-L3ZFEAhxjNNPURNZU9cGzb9RcBillZQqhSeNNbKhd8iTBZICE3Pq0JtHGCH28Erb40vAtPxGmGW8fxXboMfGNzOnqWOhHFiX16SHozJXaYDbMTQguqS9mCMbSyorXMbMB4m9DUn4WOESHQc_uozVOQ-TUdGR0P8H-URocy_Ilm8GYw
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=m2vvUCrpzCwseHbAmBxz5kB94ei-koCcwOZ2Ds2xjxMFTBikLdsZ3QsPyR-EQYnYXuYSk-NW5m-3rLcgvCxD2RrvVqt8deWA2gJmBPmev1fdrWluH2QmqzW0mRymvikaDxIRpeS6L7K7pH92O1-HzJBOqMiLvXq1SEGmrrGATmlRluczHPe2I-5Jl8AFdK48nWVNBA
Source: global trafficHTTP traffic detected: GET /_/AccountSettingsUi/browserinfo?f.sid=-8680884608764527288&bl=boq_identityaccountsettingsuiserver_20250422.03_p0&hl=en-US&soc-app=1&soc-platform=1&soc-device=1&_reqid=22563&rt=j HTTP/1.1Host: myaccount.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CLbgygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=m2vvUCrpzCwseHbAmBxz5kB94ei-koCcwOZ2Ds2xjxMFTBikLdsZ3QsPyR-EQYnYXuYSk-NW5m-3rLcgvCxD2RrvVqt8deWA2gJmBPmev1fdrWluH2QmqzW0mRymvikaDxIRpeS6L7K7pH92O1-HzJBOqMiLvXq1SEGmrrGATmlRluczHPe2I-5Jl8AFdK48nWVNBA; OTZ=8058856_72_76_104100_72_446760
Source: global trafficHTTP traffic detected: GET /accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1938205489&timestamp=1745835380285 HTTP/1.1Host: accounts.youtube.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "134.0.6998.36"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-form-factors: "Desktop"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: myaccount.google.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: ogads-pa.clients6.google.com
Source: global trafficDNS traffic detected: DNS query: apis.google.com
Source: global trafficDNS traffic detected: DNS query: play.google.com
Source: global trafficDNS traffic detected: DNS query: accounts.youtube.com
Source: global trafficDNS traffic detected: DNS query: google.com
Source: global trafficDNS traffic detected: DNS query: beacons.gcp.gvt2.com
Source: global trafficDNS traffic detected: DNS query: beacons.gvt2.com
Source: unknownHTTP traffic detected: POST /_/AccountSettingsUi/browserinfo?f.sid=-8680884608764527288&bl=boq_identityaccountsettingsuiserver_20250422.03_p0&hl=en-US&soc-app=1&soc-platform=1&soc-device=1&_reqid=22563&rt=j HTTP/1.1Host: myaccount.google.comConnection: keep-aliveContent-Length: 118sec-ch-ua-full-version-list: "Chromium";v="134.0.6998.36", "Not:A-Brand";v="24.0.0.0", "Google Chrome";v="134.0.6998.36"sec-ch-ua-platform: "Windows"sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0X-Same-Domain: 1sec-ch-ua-wow64: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "134.0.6998.36"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencoded;charset=UTF-8sec-ch-ua-platform-version: "10.0.0"Accept: */*Origin: https://myaccount.google.comX-Client-Data: CLbgygE=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://myaccount.google.com/intro/securityAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=523=m2vvUCrpzCwseHbAmBxz5kB94ei-koCcwOZ2Ds2xjxMFTBikLdsZ3QsPyR-EQYnYXuYSk-NW5m-3rLcgvCxD2RrvVqt8deWA2gJmBPmev1fdrWluH2QmqzW0mRymvikaDxIRpeS6L7K7pH92O1-HzJBOqMiLvXq1SEGmrrGATmlRluczHPe2I-5Jl8AFdK48nWVNBA; OTZ=8058856_72_76_104100_72_446760
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=utf-8Cache-Control: no-cache, no-store, max-age=0, must-revalidatePragma: no-cacheExpires: Mon, 01 Jan 1990 00:00:00 GMTDate: Mon, 28 Apr 2025 10:16:01 GMTAccept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-VersionCross-Origin-Opener-Policy: same-originContent-Security-Policy: require-trusted-types-for 'script'Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*Strict-Transport-Security: max-age=10886400; includeSubdomainsServer: ESFX-XSS-Protection: 0X-Content-Type-Options: nosniffServer-Timing: gfet4t7; dur=34Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Accept-Ranges: noneVary: Accept-EncodingConnection: closeTransfer-Encoding: chunked
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49689
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49689 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownHTTPS traffic detected: 142.251.2.84:443 -> 192.168.2.16:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 192.178.49.196:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.176.14:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.176.10:443 -> 192.168.2.16:49774 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.69.4:443 -> 192.168.2.16:49779 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.250.141.84:443 -> 192.168.2.16:49783 version: TLS 1.2
Source: classification engineClassification label: sus21.winEML@29/43@50/189
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20250428T0615230946-3940.etl
Source: unknownProcess created: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /eml "C:\Users\user\Desktop\Critical security alert.eml"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "E07296C8-43A2-4A24-BDDF-34B0E31F339F" "DCD95DDD-5DBE-49AD-AFBD-5B301EED69C9" "3940" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "E07296C8-43A2-4A24-BDDF-34B0E31F339F" "DCD95DDD-5DBE-49AD-AFBD-5B301EED69C9" "3940" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://myaccount.google.com/notifications
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2004,i,11585847573445717970,7526823738632548232,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2204 /prefetch:3
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://myaccount.google.com/notifications
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2004,i,11585847573445717970,7526823738632548232,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2204 /prefetch:3
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=2004,i,11585847573445717970,7526823738632548232,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5964 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2004,i,11585847573445717970,7526823738632548232,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5828 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=2004,i,11585847573445717970,7526823738632548232,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5964 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2004,i,11585847573445717970,7526823738632548232,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5828 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: apphelp.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: c2r64.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: userenv.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: rsaenh.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: gpapi.dll
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{F959DBBB-3867-41F2-8E5F-3B8BEFAA81B3}\InprocServer32
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEWindow found: window name: SysTabControl32
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935} DeviceTicket
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information queried: ProcessInformation
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeQueries volume information: C:\Program Files (x86)\Microsoft Office\root\Office16\AI\WordCombinedFloatieLreOnline.onnx VolumeInformation
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Drive-by Compromise		Windows Management Instrumentation11
Browser Extensions		1
Process Injection		1
Masquerading		OS Credential Dumping1
Process Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
DLL Side-Loading		1
DLL Side-Loading		1
Modify Registry		LSASS Memory12
System Information Discovery		Remote Desktop ProtocolData from Removable Media3
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Extra Window Memory Injection		1
Process Injection		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
DLL Side-Loading		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture5
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Extra Window Memory Injection		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://myaccount.google.com/intro/security-notifications--activity0%Avira URL Cloudsafe
https://myaccount.google.com/notifications0%Avira URL Cloudsafe
https://myaccount.google.com/_/AccountSettingsUi/browserinfo?f.sid=-8680884608764527288&bl=boq_identityaccountsettingsuiserver_20250422.03_p0&hl=en-US&soc-app=1&soc-platform=1&soc-device=1&_reqid=22563&rt=j0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
ogads-pa.clients6.google.com
142.250.68.234
truefalse
    		high
    google.com
    		192.178.49.206
    		truefalse
      		high
      plus.l.google.com
      		142.250.176.14
      		truefalse
        		high
        play.google.com
        		192.178.49.206
        		truefalse
          		high
          www3.l.google.com
          		192.178.49.174
          		truefalse
            		high
            beacons-handoff.gcp.gvt2.com
            		74.125.138.94
            		truefalse
              		high
              www.google.com
              		192.178.49.196
              		truefalse
                		high
                s-0005.dual-s-msedge.net
                		52.123.129.14
                		truefalse
                  		high
                  myaccount.google.com
                  		142.251.2.84
                  		truefalse
                    		high
                    beacons.gvt2.com
                    		142.251.15.94
                    		truefalse
                      		high
                      accounts.youtube.com
                      		unknown
                      		unknownfalse
                        		high
                        beacons.gcp.gvt2.com
                        		unknown
                        		unknownfalse
                          		high
                          apis.google.com
                          		unknown
                          		unknownfalse
                            		high

                            Contacted URLs

                            NameMaliciousAntivirus DetectionReputation
                            https://myaccount.google.com/intro/securityfalse
                              		unknown
                              https://play.google.com/log?hasfast=true&authuser=0&format=jsonfalse
                                		high
                                https://myaccount.google.com/_/AccountSettingsUi/browserinfo?f.sid=-8680884608764527288&bl=boq_identityaccountsettingsuiserver_20250422.03_p0&hl=en-US&soc-app=1&soc-platform=1&soc-device=1&_reqid=22563&rt=jfalse
                                • Avira URL Cloud: safe
                                		unknown
                                https://ogads-pa.clients6.google.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncDatafalse
                                  		high
                                  https://myaccount.google.com/notificationsfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.BY48SQoc80o.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GDP1D38zSeS8hy4T0Ij3IgC1Nkw/cb=gapi.loaded_0false
                                    		high
                                    https://www.google.com/favicon.icofalse
                                      		high
                                      https://myaccount.google.com/intro/security-notifications--activityfalse
                                      • Avira URL Cloud: safe
                                      		unknown

                                      World Map of Contacted IPs

                                      • No. of IPs < 25%
                                      • 25% < No. of IPs < 50%
                                      • 50% < No. of IPs < 75%
                                      • 75% < No. of IPs

                                      Public IPs

                                      IPDomainCountryFlagASNASN NameMalicious
                                      142.250.69.4
                                      		unknownUnited States
                                      		15169GOOGLEUSfalse
                                      142.250.68.234
                                      		ogads-pa.clients6.google.comUnited States
                                      		15169GOOGLEUSfalse
                                      1.1.1.1
                                      		unknownAustralia
                                      		13335CLOUDFLARENETUSfalse
                                      192.178.49.170
                                      		unknownUnited States
                                      		15169GOOGLEUSfalse
                                      74.125.137.84
                                      		unknownUnited States
                                      		15169GOOGLEUSfalse
                                      192.178.49.195
                                      		unknownUnited States
                                      		15169GOOGLEUSfalse
                                      192.178.49.196
                                      		www.google.comUnited States
                                      		15169GOOGLEUSfalse
                                      192.178.49.174
                                      		www3.l.google.comUnited States
                                      		15169GOOGLEUSfalse
                                      40.79.150.120
                                      		unknownUnited States
                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                      23.55.241.152
                                      		unknownUnited States
                                      		20940AKAMAI-ASN1EUfalse
                                      52.123.129.14
                                      		s-0005.dual-s-msedge.netUnited States
                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                      142.251.2.84
                                      		myaccount.google.comUnited States
                                      		15169GOOGLEUSfalse
                                      192.178.49.206
                                      		google.comUnited States
                                      		15169GOOGLEUSfalse
                                      142.250.176.10
                                      		unknownUnited States
                                      		15169GOOGLEUSfalse
                                      142.250.68.227
                                      		unknownUnited States
                                      		15169GOOGLEUSfalse
                                      142.250.68.238
                                      		unknownUnited States
                                      		15169GOOGLEUSfalse
                                      184.29.183.29
                                      		unknownUnited States
                                      		16625AKAMAI-ASUSfalse
                                      142.250.176.14
                                      		plus.l.google.comUnited States
                                      		15169GOOGLEUSfalse
                                      142.250.101.84
                                      		unknownUnited States
                                      		15169GOOGLEUSfalse
                                      52.109.0.140
                                      		unknownUnited States
                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                      142.250.141.84
                                      		unknownUnited States
                                      		15169GOOGLEUSfalse
                                      142.250.188.227
                                      		unknownUnited States
                                      		15169GOOGLEUSfalse

                                      Private

                                      IP
                                      192.168.2.16

                                      General Information

                                      Joe Sandbox version:42.0.0 Malachite
                                      Analysis ID:1676172
                                      Start date and time:2025-04-28 12:14:33 +02:00
                                      Joe Sandbox product:CloudBasic
                                      Overall analysis duration:
                                      Hypervisor based Inspection enabled:false
                                      Report type:full
                                      Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                      Number of analysed new started processes analysed:19
                                      Number of new started drivers analysed:0
                                      Number of existing processes analysed:0
                                      Number of existing drivers analysed:0
                                      Number of injected processes analysed:0
                                      Technologies:
                                      • EGA enabled
                                      Analysis Mode:stream
                                      Analysis stop reason:Timeout
                                      Sample name:Critical security alert.eml
                                      Detection:SUS
                                      Classification:sus21.winEML@29/43@50/189
                                      Cookbook Comments:
                                      • Found application associated with file extension: .eml
                                      • Exclude process from analysis (whitelisted): sppsvc.exe, SgrmBroker.exe, svchost.exe
                                      • Excluded IPs from analysis (whitelisted): 184.29.183.29
                                      • Excluded domains from analysis (whitelisted): fs.microsoft.com
                                      • Not all processes where analyzed, report is missing behavior information
                                      • Report size getting too big, too many NtOpenFile calls found.
                                      • Report size getting too big, too many NtQueryValueKey calls found.
                                      • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                      • VT rate limit hit for: https://myaccount.google.com/intro/security-notifications--activity
                                      • VT rate limit hit for: https://myaccount.google.com/notifications

                                      Created / dropped Files

                                      C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20250428T0615230946-3940.etl

                                      Download File
                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                      File Type:data
                                      Category:modified
                                      Size (bytes):106496
                                      Entropy (8bit):4.491727665470665
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:9BFE5B0295CB41062A144DA862F82530
                                      SHA1:C5465923443FA8FE0A1043199BAAC1678B2C5160
                                      SHA-256:DDECE31462301AC83CB7C8EFB2877612A686D587CBF387D4D51824B5EA3A82D5
                                      SHA-512:5FE640194FCEAA4CC84E19886C05D9A8017B2684592A62BD92C9BE8B32594D83E8B730EF9A321B60C6DC8E59513BD2B742E79AEFBBDEB0CA66E3F9122DC748BB
                                      Malicious:false
                                      Reputation:unknown
                                      Preview:............................................................................^...(...d.....rt&...................eJ..............Zb..2...................................,...@.t.z.r.e.s...d.l.l.,.-.1.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.1.1.1...........................................................@...1.............rt&...........v.2._.O.U.T.L.O.O.K.:.f.6.4.:.6.3.d.7.a.d.3.1.7.d.a.d.4.b.a.c.9.c.f.e.d.6.8.2.8.f.7.6.4.6.c.d...C.:.\.U.s.e.r.s.\.c.a.l.i.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.O.u.t.l.o.o.k. .L.o.g.g.i.n.g.\.O.U.T.L.O.O.K._.1.6._.0._.1.6.8.2.7._.2.0.1.3.0.-.2.0.2.5.0.4.2.8.T.0.6.1.5.2.3.0.9.4.6.-.3.9.4.0...e.t.l.........P.P.(...d.....rt&...........................................................................................................................................................................................................................................................................................................

                                      C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst

                                      Download File
                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                      File Type:Microsoft Outlook email folder (>=2003)
                                      Category:dropped
                                      Size (bytes):271360
                                      Entropy (8bit):3.1966624275810074
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:5666B8EB9306FFEC730F8DF9AAA5FF51
                                      SHA1:9F8FB57AC527AB8EEC60777C1AC03A8A5695C4F8
                                      SHA-256:2F2746E23A37AE02A5DDD2CA2DE374A574319F7D9EC2556C8F9831A917245829
                                      SHA-512:638ED7C90286D7F19481CC08584117E9499E7DCDA9B04C31F560718E128C73ADACAF4A953B2BD02071CE37EBB0084C10DC89D1EEC448C997E3A7922906DC357F
                                      Malicious:false
                                      Reputation:unknown
                                      Preview:!BDN....SM......\...............<.......`................@...........@...@...................................@...........................................................................$.......D......@+..............;...............8......................................................................................................................................................................................................................................................................................................}Y~U.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                      C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp

                                      Download File
                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                      File Type:data
                                      Category:dropped
                                      Size (bytes):131072
                                      Entropy (8bit):4.150666383008639
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:CE20CB447F79CF081BD2868223EF58C9
                                      SHA1:9B02A6BF526714CE6A7D6671E3D703AF2B5BEE50
                                      SHA-256:7FE7523AAD053FA0F24EE832DF5314C3CCDA748AAD4EF8414F12FC58F0937F31
                                      SHA-512:BF3775F2B450C7FE63A2F43DADC7E7F14D29513753FCAB93FDF95B29FEC638576A36B456D5309A7DB67CFD99A15BB5CDCCD28E3B9486F4C8B478BAB9CFDB1BC4
                                      Malicious:false
                                      Reputation:unknown
                                      Preview:...C...d.......d.....Dt&.....................#.!BDN....SM......\...............<.......`................@...........@...@...................................@...........................................................................$.......D......@+..............;...............8......................................................................................................................................................................................................................................................................................................}Y~U...Dt&........B............#.........................................................................................................................................................................................................................................................................................................................................................................................................

                                      Chrome Cache Entry: 100

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (1393)
                                      Category:downloaded
                                      Size (bytes):117306
                                      Entropy (8bit):5.488283024902719
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:7E9920E2A23BEFCCFF1FD3120CC50107
                                      SHA1:8DD55D7313E303037335919E4846A634A460B0E1
                                      SHA-256:0DBBF37C2F1DB94948802779B01FA871A7439B06B1BD2D1D80D188C355174426
                                      SHA-512:06544237AAA8679516AECFC039A778441EAB1F5D353729F75E86E68A8E123FD6F672821B6971887FF9D8F8E0EDFF9B0C32E16936BDBBE10461BAB7E855BF8908
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.BY48SQoc80o.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GDP1D38zSeS8hy4T0Ij3IgC1Nkw/cb=gapi.loaded_0"
                                      Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([]);.var da,ia,la,pa,ta,va,Da,Ea;da=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};ia=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.la=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.na=la(this);pa=function(a,b){if(b)a:{var c=_.na;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ia(c,a,{configurable:!0,writable:!0,value:b})}};.pa("Symbol",function(a){if(a)return a;va

                                      Chrome Cache Entry: 103

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (1716)
                                      Category:downloaded
                                      Size (bytes):35719
                                      Entropy (8bit):5.458250803848439
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:4F7746E1DB3EA0816A96C0B607B6E8DD
                                      SHA1:177FF4BBC499100B030D27FEE54233C09A02CB1B
                                      SHA-256:A61F0948050B9E0A4E1BD25418F839E993BC79088D3ACAAE6D13892144A3FA2A
                                      SHA-512:8344AFFBFE4E4F025766C1CEDD8A4EEC9F9F22F299F6DB403C5B5BDCC28392BEA4076594E968CCBBD1F13291DECDCE60D4C94D41466AD55870AA97F7CEEF4E92
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountSettingsUi.en_US.xM1Bt1GiAbE.2019.O/ck=boq-identity.AccountSettingsUi.zYW0COA39w0.L.B1.O/am=AwFgMA3Bt-RFU3jztWcWMDDm-We1sEkAEACABABAAAAC/d=1/exm=_b,_tp/excm=_b,_tp,googleaccountsecurityintroview/ed=1/wt=2/ujg=1/rs=AOaEmlFZIhfMwn407iOKar33qrioX_7lgA/ee=AmPS6d:GteXWe;AuZHrd:fwGiMd;BcQPH:zw1Icf;EQhjwf:NqYF2b;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;FWPM0:SRvGBc;JY4Cmf:c0EXfd;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KqtK3d:DDyK2d;LBgRLc:SdcwHb;Me32dd:MEeYgc;N6AcB:R7Kptf;NKS1pd:OGDr1b;NPKaK:SdcwHb;NSEoX:lazG7b;O2Gm6e:Bhm2Dc;Pjplud:EEDORb;QGR0gd:Mlhmy;QsSMmc:e92l7d;SMDL4c:qfTGrb;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;TCgQje:X04Oz;Tr0Eve:I5d0Le;UJ1s6c:Uvtuqd;Uvc8o:VDovNc;W4TvQd:iz2lgd;YIZmRd:A1yn5d;ZwzmBd:IgGold;a56pNe:JEfCwb;cEt90b:ws9Tlc;cYywm:uKGgXe;dIoSBb:SpsfSb;djWc0c:IfLf1;dowIGb:ebZ3mb;eBAeSb:zbML3c;fL0kg:IVI5he;hrWGne:DhGs8;iFQyKf:QIhFr;iO7nBe:KBDKSe;jbpTte:pcKEle;jru2ud:qXJ4j;jvqtV:FtEeY;lOO0Vd:OTA3Ae;nAFL3:s39S4;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:qfTGrb;pXdRYb:MdUzUe;qMU6Fb:qCCzIb;qafBPd:yDVVkb;qddgKe:xQtZb;sHEZfc:HCmn3c;sKC94b:VuAube;vJKE3d:UccXZd;vNjB7d:YTxL4;wPl4gf:eRWIQd;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;z4O7ye:eA0Y5b;zxnPse:duFQFc/m=byfTOb,lsjVmc,LEikZe"
                                      Preview:"use strict";this.default_AccountSettingsUi=this.default_AccountSettingsUi||{};(function(_){var window=this;.try{.var zBa=function(a,b){this.Mk=a;this.Aa=b;if(!c){var c=new _.um("//www.google.com/images/cleardot.gif");_.tua(c)}this.ka=c};_.aa=zBa.prototype;_.aa.Cra=1E4;_.aa.zW=!1;_.aa.aea=0;_.aa.v7=null;_.aa.lna=null;_.aa.setTimeout=function(a){this.Cra=a};_.aa.qJ=function(){return this.ka};_.aa.start=function(){if(this.zW)throw Error("Yb");this.zW=!0;this.aea=0;ABa(this)};_.aa.stop=function(){BBa(this);this.zW=!1};.var ABa=function(a){a.aea++;navigator!==null&&"onLine"in navigator&&!navigator.onLine?_.fl((0,_.Mg)(a.I4,a,!1),0):(a.ha=new Image,a.ha.onload=(0,_.Mg)(a.uQa,a),a.ha.onerror=(0,_.Mg)(a.tQa,a),a.ha.onabort=(0,_.Mg)(a.sQa,a),a.v7=_.fl(a.vQa,a.Cra,a),a.ha.src=String(a.ka))};_.aa=zBa.prototype;_.aa.uQa=function(){this.I4(!0)};_.aa.tQa=function(){this.I4(!1)};_.aa.sQa=function(){this.I4(!1)};_.aa.vQa=function(){this.I4(!1)};._.aa.I4=function(a){BBa(this);a?(this.zW=!1,this.Mk.cal

                                      Chrome Cache Entry: 104

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (528)
                                      Category:downloaded
                                      Size (bytes):5234
                                      Entropy (8bit):5.289498117118912
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:12743B9006386DCD60FF27CAA86FD61C
                                      SHA1:65261E5DC21EA408D123D181F04D4C39A15146A1
                                      SHA-256:E8171C19971DC2761B3BFCE92AC74DB87997E6019B232CB44C941C346963037D
                                      SHA-512:B167EA8507AA68925186965EC5BC92129AA5AF7C7DCB39A031ED6568CF128A0EDDEB3580882AC0D92091F77ED1E28335F72F20A45F822360356537AC0E067BFE
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.4LzSXchkkbI.es5.O/ck=boq-identity.AccountsSignInUi.y0moWsY5nE0.L.B1.O/am=iQEwVDK5RiAQEcUsSGeBkYCQAQAAAAAAAAAAGwAAwBwD/d=1/exm=A7fCU,CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,GwYlN,IZT63,K0PMbc,K1ZKnb,KUM7Z,L9OGUe,LDQI,LEikZe,LvGhrf,MY7mZe,MpJwZc,NLiXbe,NTMZac,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,ZDZcre,ZwDk9d,_b,_tp,aC1iue,b3kMqb,bTi8wc,byfTOb,cYShmd,cciGGe,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,oLggrd,oqkvIf,p3hmRc,pxq3x,qPYxq,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,w9hDv,ws9Tlc,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEsFAsORZkY27eM0dWAEqrXJry4aA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b"
                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.dSa=_.z("wg1P6b",[_.kA,_.Jx,_.Wp]);._.k("wg1P6b");.var oab;oab=_.hi(["aria-"]);._.UE=function(a){_.X.call(this,a.La);this.Ma=this.wa=this.aa=this.viewportElement=this.Pa=null;this.Rc=a.Ha.Xi;this.Ya=a.Ha.focus;this.yd=a.Ha.yd;this.ha=this.ak();a=-1*parseInt(_.tq(this.ak().el(),"marginTop")||"0",10);var b=parseInt(_.tq(this.ak().el(),"marginBottom")||"0",10);this.Xa={top:a,right:0,bottom:b,left:0};a=_.Nf(this.getData("isMenuDynamic"),!1);b=_.Nf(this.getData("isMenuHoisted"),!1);this.Ea=a?1:b?2:0;this.oa=!1;this.Da=1;if(this.Ea!==1){this.aa=this.Ua("U0exHf").children().first();if(!this.aa){var c;.a=(c=this.Ba().wb("jsname"))!=null?c:"";throw Error("Me`"+a);}this.Ik(pab(this,this.aa.el()))}_.hC(this.Ba())&&(c=this.Ba().el(),a=this.Me.bind(this),c.__soy_skip_handler=a)};_.J(_.UE,_.X);_.UE.Ca=function(){return{Ha:{Xi:_.UB,focus:_.JB,yd:_.Du}}};_.UE.prototype.uB=function(a){var b

                                      Chrome Cache Entry: 105

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (6046), with no line terminators
                                      Category:downloaded
                                      Size (bytes):6046
                                      Entropy (8bit):5.352518915704884
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:893B7FC23ECBD41F1CC09A243F42C1FC
                                      SHA1:5681CDE8B2240DFD23F3866998681D27CA271265
                                      SHA-256:F969C891327BBC5944D634AEBF80794A2E3840E3079BEB2B905579D49647F477
                                      SHA-512:F71EC8D7D62C21D9C689B7FE13C0FF9B6F7980A9BF42E582A618EA9CDACD81720DA67D97B69BA188E8FCF6DB1596264AC68AA587177C7F3A2288F59DD21F8FBF
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/og/_/ss/k=og.qtm.otySg2BGXI0.L.W.O/m=q_sf,qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTukY5mQ0GlhPPn5fPc8KmI2ykL4mw"
                                      Preview:.gb_Q{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ka{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_La{fill:#f9ab00}.gb_H .gb_La{fill:#fdd663}.gb_Ma>.gb_La{fill:#d93025}.gb_H .gb_Ma>.gb_La{fill:#f28b82}.gb_Ma>.gb_Na{fill:white}.gb_Na,.gb_H .gb_Ma>.gb_Na{fill:#202124}.gb_Oa{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

                                      Chrome Cache Entry: 106

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:Web Open Font Format (Version 2), CFF, length 233388, version 1.0
                                      Category:downloaded
                                      Size (bytes):233388
                                      Entropy (8bit):7.998933600962302
                                      Encrypted:true
                                      SSDEEP:
                                      MD5:15C96B3A854769BEFDEF92A4ADB1AB0D
                                      SHA1:A1E7A977670C4EBC80279F8669BF8A00989C7FE9
                                      SHA-256:B1C44063E9E3FD49AF401AC0BC76DBB9C5B059018D43D1E29709E72F3A8A2A6F
                                      SHA-512:72C331F4BDB676AC345F864C203BE8C40D5254B0C520F175CB5D007675BFEA6E8DA281B713C1ED64A69B4834F121D18795191F9F3EFFA9F2EA09FAABA819B1D9
                                      Malicious:false
                                      Reputation:unknown
                                      URL:https://fonts.gstatic.com/s/googlematerialicons/v143/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
                                      Preview:wOF2OTTO..............a...............................X.`..`.6.$..d....~. [.....i..Y....P.T;..Yr..v.._...A....&J...C...~......-/.......)C............%?.rsfv}s....$..A(wE.E<...,X.Z[k. %s..jhB.."%..BmP4....u...l@.../,PA}X.8...A.....Z%%.TI..a4N.0Y*..P..l*..}..iEUprRi6Z.h......[o.A..;..+5fBP.m.>..l...hk...t.v...%...cHJ..U.{.}.9b...{..~..(.K.8.3.....'OOXDDCS.............x.].D@.2...bLe9.U*^F...ED{."^.uff....nr....~....g.O!.B.ddo..;..^....i."BRUIUE..D..iY.,"..Y........1..B..).R:z.....~I...t....z..SJ....t`...Q.....]." .Wf..u.Q..].D ........d}D.."D.\P....tZ.;.....{%.".....p.cV...E..4........oN..U....EC]..&}...K..q3......:.k]..?e....../...r.L.2........wf.D@X..c.YD....d.S.6..f{..0...7..f......2|.w..k....U:m....Zw.........._..7..!|.0...B.q..Q..w..QV...)/ (Ap6Q....K............-h..?b..5...^h!z..?.I..`..O>dQ..c.M3~3x....5-oi.1c .'N..g..R.........s.W....(Q.D.F.y.J.....+....g_.>.3.>......@........W.AU%^.y......-=..^..OM.<.7W=...c...SJ..&._i:.A

                                      Chrome Cache Entry: 107

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (744)
                                      Category:downloaded
                                      Size (bytes):2921
                                      Entropy (8bit):5.390465286546005
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:A41CC11AEFD74106574A17FDA6244574
                                      SHA1:A64DF6F8F4268703AC2CE93D9C4130D90A2F812F
                                      SHA-256:93C10D07CBE853FBEF39F7D9C47DA5288D6527F54301108E5E0012F49C226D93
                                      SHA-512:CD54449AF29A492B014FFEEF8EBB53E2156B7765C10C2F47AD84842D32FB8FB316FDDA344C9FE3C68FB49D969F4260A3616D78B898B52955A1BC1166C9C15212
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountSettingsUi.en_US.xM1Bt1GiAbE.2019.O/ck=boq-identity.AccountSettingsUi.zYW0COA39w0.L.B1.O/am=AwFgMA3Bt-RFU3jztWcWMDDm-We1sEkAEACABABAAAAC/d=1/exm=A7fCU,BBI74,BVgquf,CLZHRb,CNbXhe,EFQ78c,EIxsye,H0TzZc,IZT63,JNoxi,K99qY,KUM7Z,L1AAkb,LBaJxb,LEikZe,LGJfp,LJG6X,LvGhrf,MI6k7c,MISB1,MTDJJe,MdUzUe,MpJwZc,Mq9n0c,NwH0H,O1Gjze,O626Fe,O6y8ed,OTA3Ae,OgOVNe,P6sQOc,PrPYRd,PrUyhf,QIhFr,RMhBfe,RqjULd,RyvaUb,SdcwHb,SpsfSb,TJU9Cd,U4Hp0d,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VYS8Le,WpP9Yc,XVMNvd,YTxL4,Z5uLle,ZDZcre,ZwDk9d,_b,_tp,aW3pY,byfTOb,cYShmd,dQsUJc,dhCEp,duFQFc,e5qFLc,gJzDyc,gychg,hH64kd,hKSk3e,hc6Ubd,icmqKf,kjKdXe,lazG7b,lfpdyf,lsjVmc,ltDFwf,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nneuee,oZJtBb,or226e,p3hmRc,pjICDe,pw70Gc,qfTGrb,qiEDtb,qmdT9,rCcCxc,s39S4,soHxf,spK8ic,vjKJJ,w9C4d,w9hDv,ws9Tlc,xQtZb,xUdipf,y5vRwf,zbML3c,zk0ux,zr1jrb,zy0vNb/excm=_b,_tp,googleaccountsecurityintroview/ed=1/wt=2/ujg=1/rs=AOaEmlFZIhfMwn407iOKar33qrioX_7lgA/ee=AmPS6d:GteXWe;AuZHrd:fwGiMd;BcQPH:zw1Icf;EQhjwf:NqYF2b;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;FWPM0:SRvGBc;JY4Cmf:c0EXfd;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KqtK3d:DDyK2d;LBgRLc:SdcwHb;Me32dd:MEeYgc;N6AcB:R7Kptf;NKS1pd:OGDr1b;NPKaK:SdcwHb;NSEoX:lazG7b;O2Gm6e:Bhm2Dc;Pjplud:EEDORb;QGR0gd:Mlhmy;QsSMmc:e92l7d;SMDL4c:qfTGrb;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;TCgQje:X04Oz;Tr0Eve:I5d0Le;UJ1s6c:Uvtuqd;Uvc8o:VDovNc;W4TvQd:iz2lgd;YIZmRd:A1yn5d;ZwzmBd:IgGold;a56pNe:JEfCwb;cEt90b:ws9Tlc;cYywm:uKGgXe;dIoSBb:SpsfSb;djWc0c:IfLf1;dowIGb:ebZ3mb;eBAeSb:zbML3c;fL0kg:IVI5he;hrWGne:DhGs8;iFQyKf:QIhFr;iO7nBe:KBDKSe;jbpTte:pcKEle;jru2ud:qXJ4j;jvqtV:FtEeY;lOO0Vd:OTA3Ae;nAFL3:s39S4;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:qfTGrb;pXdRYb:MdUzUe;qMU6Fb:qCCzIb;qafBPd:yDVVkb;qddgKe:xQtZb;sHEZfc:HCmn3c;sKC94b:VuAube;vJKE3d:UccXZd;vNjB7d:YTxL4;wPl4gf:eRWIQd;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;z4O7ye:eA0Y5b;zxnPse:duFQFc/m=Wt6vjf,hhhU8,FCpbqb,WhJNk"
                                      Preview:"use strict";this.default_AccountSettingsUi=this.default_AccountSettingsUi||{};(function(_){var window=this;.try{._.k("Wt6vjf");.var YGa=class extends _.t{constructor(a){super(a,0,YGa.Nc)}Ta(){return _.qi(this,1,_.qc)}Lb(a){return _.Zi(this,1,a,_.qc)}Wf(){return _.rj(this,1,_.qc)}Yd(){return _.Ri(this,1,_.qc)}};YGa.Nc="f.bo";var ZGa=function(a){a.eda&&(window.clearTimeout(a.eda),a.eda=0)},$Ga=function(a){const b=_.XGa.get(window.location.protocol=="https:"?"SAPISID":"APISID","");a.Paa=a.b8!==""&&b==="";a.Yoa=a.b8!=b;a.b8=b},bHa=function(a){a.I_=!0;const b=aHa(a);let c="rt=r&f_uid="+_.Hk(a.cea);_.gta(b,(0,_.Mg)(a.ka,a),"POST",c)},cHa=function(a){if(a.Nka||a.I_)ZGa(a),a.eda=window.setTimeout((0,_.Mg)(a.ha,a),Math.max(3,a.g8)*1E3)},aHa=function(a){const b=new _.um(a.cAa);a.Afa!=null&&_.zm(b,"authuser",a.Afa);return b},dHa=.function(a){a.Paa||(a.I_=!0,a.g8=Math.min((a.g8||3)*2,60),cHa(a))},eHa=class extends _.dl{ff(){this.Nka=!1;ZGa(this);super.ff()}ha(){$Ga(this);if(this.I_)return bHa(thi

                                      Chrome Cache Entry: 108

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (3195)
                                      Category:downloaded
                                      Size (bytes):20196
                                      Entropy (8bit):5.436930131542854
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:BA4BED69FE9923C6957DA024021F4DEB
                                      SHA1:B878CD0191763E8978CF6AB261F1FF3EED70FEF5
                                      SHA-256:9F27EBB38996C4392DAE3223D80D94F570B122E3F54F67CE0F9A9EB8BFCCE420
                                      SHA-512:EA47A6372DD9EBBAF11213E1B95E28CDF988AAD6631C69D00B00353FE9D3B278D342C76994147A81DBD86CA80F1B995E92350FCC125F94127F91D63EBA750A39
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountSettingsUi.en_US.xM1Bt1GiAbE.2019.O/ck=boq-identity.AccountSettingsUi.zYW0COA39w0.L.B1.O/am=AwFgMA3Bt-RFU3jztWcWMDDm-We1sEkAEACABABAAAAC/d=1/exm=A7fCU,BBI74,BVgquf,CLZHRb,CNbXhe,EFQ78c,EIxsye,H0TzZc,IZT63,JNoxi,K99qY,KUM7Z,L1AAkb,LBaJxb,LEikZe,LGJfp,LJG6X,MI6k7c,MISB1,MTDJJe,MdUzUe,MpJwZc,Mq9n0c,NwH0H,O1Gjze,O626Fe,O6y8ed,OTA3Ae,OgOVNe,PrPYRd,PrUyhf,QIhFr,RMhBfe,RyvaUb,SdcwHb,SpsfSb,TJU9Cd,U4Hp0d,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VYS8Le,WpP9Yc,XVMNvd,YTxL4,Z5uLle,ZDZcre,ZwDk9d,_b,_tp,aW3pY,byfTOb,cYShmd,dQsUJc,dhCEp,duFQFc,e5qFLc,gJzDyc,gychg,hH64kd,hKSk3e,hc6Ubd,icmqKf,kjKdXe,lazG7b,lfpdyf,lsjVmc,ltDFwf,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nneuee,oZJtBb,or226e,pjICDe,pw70Gc,qfTGrb,qiEDtb,qmdT9,rCcCxc,s39S4,soHxf,spK8ic,vjKJJ,w9C4d,w9hDv,ws9Tlc,xQtZb,xUdipf,y5vRwf,zbML3c,zk0ux,zr1jrb,zy0vNb/excm=_b,_tp,googleaccountsecurityintroview/ed=1/wt=2/ujg=1/rs=AOaEmlFZIhfMwn407iOKar33qrioX_7lgA/ee=AmPS6d:GteXWe;AuZHrd:fwGiMd;BcQPH:zw1Icf;EQhjwf:NqYF2b;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;FWPM0:SRvGBc;JY4Cmf:c0EXfd;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KqtK3d:DDyK2d;LBgRLc:SdcwHb;Me32dd:MEeYgc;N6AcB:R7Kptf;NKS1pd:OGDr1b;NPKaK:SdcwHb;NSEoX:lazG7b;O2Gm6e:Bhm2Dc;Pjplud:EEDORb;QGR0gd:Mlhmy;QsSMmc:e92l7d;SMDL4c:qfTGrb;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;TCgQje:X04Oz;Tr0Eve:I5d0Le;UJ1s6c:Uvtuqd;Uvc8o:VDovNc;W4TvQd:iz2lgd;YIZmRd:A1yn5d;ZwzmBd:IgGold;a56pNe:JEfCwb;cEt90b:ws9Tlc;cYywm:uKGgXe;dIoSBb:SpsfSb;djWc0c:IfLf1;dowIGb:ebZ3mb;eBAeSb:zbML3c;fL0kg:IVI5he;hrWGne:DhGs8;iFQyKf:QIhFr;iO7nBe:KBDKSe;jbpTte:pcKEle;jru2ud:qXJ4j;jvqtV:FtEeY;lOO0Vd:OTA3Ae;nAFL3:s39S4;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:qfTGrb;pXdRYb:MdUzUe;qMU6Fb:qCCzIb;qafBPd:yDVVkb;qddgKe:xQtZb;sHEZfc:HCmn3c;sKC94b:VuAube;vJKE3d:UccXZd;vNjB7d:YTxL4;wPl4gf:eRWIQd;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;z4O7ye:eA0Y5b;zxnPse:duFQFc/m=p3hmRc,LvGhrf,RqjULd"
                                      Preview:"use strict";this.default_AccountSettingsUi=this.default_AccountSettingsUi||{};(function(_){var window=this;.try{.var czb,bzb,dzb;czb=function(a,b){a=_.kf(a,!1);return{enabled:a,dV:a?_.Coa(_.ul(b(),_.azb)):bzb()}};._.ezb=function(){const a=czb(_.Af("xwAfE"),()=>_.Af("UUFaWc")),b=czb(_.Af("xnI9P"),()=>_.Af("u4g7r"));let c,d,e,f;return(f=dzb)!=null?f:dzb=Object.freeze({isEnabled:g=>g===-1||_.kf(_.Af("iCzhFc"),!1)?!1:a.enabled||b.enabled,environment:(c=_.ol(_.Af("y2FhP")))!=null?c:void 0,tfa:(d=_.ol(_.Af("MUE6Ne")))!=null?d:void 0,jG:(e=_.ol(_.Af("cfb2h")))!=null?e:void 0,Zy:_.sl(_.Af("yFnxrf"),-1),qta:_.vl(_.Af("fPDxwd")).map(g=>_.sl(g,0)).filter(g=>g>0),Zic:_.kf(_.Af("vJQk6"),!1),hAa:a,Lza:b})};_.azb=class extends _.t{constructor(a){super(a)}};.bzb=_.Pd(_.azb);._.k("p3hmRc");.var aAb=class{constructor(a,b,c,d){this.transport=a;this.appName=b;this.ha=c;this.environment=d;this.ka=Number(Date.now()).toString(36)+Math.random().toString(36).slice(2)}};var bAb;bAb=function(a,b){const c=[].map

                                      Chrome Cache Entry: 109

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (568)
                                      Category:downloaded
                                      Size (bytes):784349
                                      Entropy (8bit):5.786654004085707
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:1B2ADE02B09EEED5BD6BDACB51C37CFA
                                      SHA1:0BBBE11B9AE7AFF2BD0918D71CCE75A36E5B4877
                                      SHA-256:2B206EE3A57A49AF6E30B860A19D6BFD7D784D89187773C1092188DCBD882673
                                      SHA-512:03085A01158EDDD84A094DFC1A651E51BFC609ECCF0F0B2B18C781B97E6FA68C55F02931BF29F066CE8C7453F3831E7200E268FD88608B3B1C434F710DD4943F
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.4LzSXchkkbI.es5.O/am=iQEwVDK5RiAQEcUsSGeBkYCQAQAAAAAAAAAAGwAAwBwD/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlGI1xeljubgapt9t9dgwlVZsH4vCw/m=_b,_tp"
                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x14300189, 0x11ae4c9, 0xc511102, 0x2059d20b, 0x1908091, 0x0, 0x0, 0x6c0, 0x31cc0, ]);./*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT.*/./*. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright Google LLC All Rights Reserved... Use of this source code is governed by an MIT-style license that can be. found in the LICENSE file at https://angular.dev/license.*/./*. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var baa,daa,Oa,Ta,gaa,iaa,kb,paa,waa,zb,Eaa,Jaa,Laa,Oaa,Lb,Mb,Paa,Uaa,ac,dc,ec,Vaa,Waa,fc,Xaa,Yaa,Zaa,jc,dba,tc,kb

                                      Chrome Cache Entry: 110

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:PNG image data, 24 x 24, 4-bit colormap, non-interlaced
                                      Category:downloaded
                                      Size (bytes):244
                                      Entropy (8bit):6.193518410763925
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:2B08480ABC2504E2D70D74F2470F0AE0
                                      SHA1:91BBD09DC736B367BC119D86D54400EEB397C7FD
                                      SHA-256:35195ECF0FBD22AA3523C1FE1157D40AAB455DD9DDA1EDFC16408E24A2AECC35
                                      SHA-512:ACB8D54291CED7F42F9D6FFDB5FAE65D166C8A3F674BADE4817EB8A4A389B9217E71B16F396FDD4205AA9C867AB46E246C089736F0182DB582997560E8CC6D45
                                      Malicious:false
                                      Reputation:unknown
                                      URL:https://www.gstatic.com/identity/boq/accountsettingsmobile/menu_personalinfo_24x24_2b08480abc2504e2d70d74f2470f0ae0.png?mask
                                      Preview:.PNG........IHDR..............Y ....0PLTEGpL`dh_chbei_dh`ci`ci_chqqq`di`ci`ch`di`di`ci`cj.i......tRNS...I....u.....H......cIDATx.....P.E.;B. G.*.&x....N..C..h.\.%.....B.*Y.*<&eG..4B....:.x.\.^.~..u?.....z!...YDxD&.J.Y...7...lNC....IEND.B`.

                                      Chrome Cache Entry: 111

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (4613)
                                      Category:downloaded
                                      Size (bytes):121054
                                      Entropy (8bit):5.471506587244838
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:63FBC547BA4EFFE178FD6AA34E789756
                                      SHA1:2938A721FAE66F2A8C8681B8C0E45C64F076CDC2
                                      SHA-256:E5575C7B23675C16890003331EF32FC22CE13DE108CD843DDE0798305BA96219
                                      SHA-512:4BAB56B2D1BF61777CD32826AD737C365F3467F205215A483261856782C734BA77D38C9722B707469F8F23C4C0A46C13FB7B25B72B3B728CFDF7F78DECDC2574
                                      Malicious:false
                                      Reputation:unknown
                                      URL:https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
                                      Preview:(function(){var m,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ca=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a},da=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");.},u=da(this),v=function(a,b){if(b)a:{var c=u;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ca(c,a,{configurable:!0,writable:!0,value:b})}};.v("Symbol",function(a){if(a)return a;var b=function(f,g){this.$jscomp$symbol$id_=f;ca(this,"description",{configurable:!0,writable:!0,value:g})};b.prototype.toString=function(){return this.$jscomp$symbol$id_};var c="jscomp_symbol_"+(Math.random

                                      Chrome Cache Entry: 112

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:HTML document, Unicode text, UTF-8 text, with very long lines (1136)
                                      Category:dropped
                                      Size (bytes):1555
                                      Entropy (8bit):5.249530958699059
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:FBE36EB2EECF1B90451A3A72701E49D2
                                      SHA1:AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D
                                      SHA-256:E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
                                      SHA-512:7B1FD6CF34C26AF2436AF61A1DE16C9DBFB4C43579A9499F4852A7848F873BAC15BEEEA6124CF17F46A9F5DD632162364E0EC120ACA5F65E7C5615FF178A248F
                                      Malicious:false
                                      Reputation:unknown
                                      Preview:<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 400 (Bad Request)!!1</title>. <style>. *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//ww

                                      Chrome Cache Entry: 113

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:PNG image data, 24 x 24, 8-bit colormap, non-interlaced
                                      Category:dropped
                                      Size (bytes):436
                                      Entropy (8bit):6.861588407399164
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:86A44B176BD1554CE733A29FA24E5B39
                                      SHA1:7706C1D662720C27B9AF9C87B6DA2A180AD5D559
                                      SHA-256:20D23E3C52E26885BD3DB62AD655A0CBB8CFB7C74F7FC9AEB2316B27EB6B959F
                                      SHA-512:B611C79366D8B72441319298C3297A6D7EFA6D1430B4C7878EFC0E2A3FB00BB3AD1A4F34306815259950AF6C333DACB24CF682D31E0AAEE2896DEA4B468EC41C
                                      Malicious:false
                                      Reputation:unknown
                                      Preview:.PNG........IHDR...................xPLTEGpLff.`ci`di_di_dibek_dh_ch...`di_di`diagmjjjeek`dhacj..._gk`pp`ch_dh_dh`ci_fi_dhbvvammiii`dlffmadj`di_dh`..qqq_diadj`di.%.....(tRNS..U...Q.....p*.+.l.C.....Ks...@#Yu.............IDATx......P.E....)[..a3n.^.x......L...S.s....Fq..Q(.>.@Y^..3..\e%Tu......6.....^,........X....P&.."`.7k .......R..8J.b..`#......`.^..3...&_........n..:_.....N..Yf.......5....V..`2.A.....W......g......IEND.B`.

                                      Chrome Cache Entry: 116

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (17169)
                                      Category:downloaded
                                      Size (bytes):927134
                                      Entropy (8bit):5.64884737462422
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:79612D1DBDF41F5BAF91FC3526CE93B7
                                      SHA1:37373965028F0F7A03B7C7F6726FD7673FE18E19
                                      SHA-256:043E2FE632C3783A540987260F1B9D52E9DF781AEA5F02DC99EBBFFC1CF3D901
                                      SHA-512:0A3FD2006A29A44A97B757005849E6DFDD587CA6420C4599BEDA1A91E61D4ECFFF2BFA4BFAAD266DF208AF1CFE192C530BB1ADD5A4A6C5CD63D41EC7DDCC1B37
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountSettingsUi.en_US.xM1Bt1GiAbE.2019.O/ck=boq-identity.AccountSettingsUi.zYW0COA39w0.L.B1.O/am=AwFgMA3Bt-RFU3jztWcWMDDm-We1sEkAEACABABAAAAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,googleaccountsecurityintroview/ed=1/wt=2/ujg=1/rs=AOaEmlFZIhfMwn407iOKar33qrioX_7lgA/ee=AmPS6d:GteXWe;AuZHrd:fwGiMd;BcQPH:zw1Icf;EQhjwf:NqYF2b;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;FWPM0:SRvGBc;JY4Cmf:c0EXfd;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KqtK3d:DDyK2d;LBgRLc:SdcwHb;Me32dd:MEeYgc;N6AcB:R7Kptf;NKS1pd:OGDr1b;NPKaK:SdcwHb;NSEoX:lazG7b;O2Gm6e:Bhm2Dc;Pjplud:EEDORb;QGR0gd:Mlhmy;QsSMmc:e92l7d;SMDL4c:qfTGrb;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;TCgQje:X04Oz;Tr0Eve:I5d0Le;UJ1s6c:Uvtuqd;Uvc8o:VDovNc;W4TvQd:iz2lgd;YIZmRd:A1yn5d;ZwzmBd:IgGold;a56pNe:JEfCwb;cEt90b:ws9Tlc;cYywm:uKGgXe;dIoSBb:SpsfSb;djWc0c:IfLf1;dowIGb:ebZ3mb;eBAeSb:zbML3c;fL0kg:IVI5he;hrWGne:DhGs8;iFQyKf:QIhFr;iO7nBe:KBDKSe;jbpTte:pcKEle;jru2ud:qXJ4j;jvqtV:FtEeY;lOO0Vd:OTA3Ae;nAFL3:s39S4;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:qfTGrb;pXdRYb:MdUzUe;qMU6Fb:qCCzIb;qafBPd:yDVVkb;qddgKe:xQtZb;sHEZfc:HCmn3c;sKC94b:VuAube;vJKE3d:UccXZd;vNjB7d:YTxL4;wPl4gf:eRWIQd;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;z4O7ye:eA0Y5b;zxnPse:duFQFc/m=ws9Tlc,n73qwf,UUJqVe,IZT63,e5qFLc,O1Gjze,xUdipf,ZDZcre,OTA3Ae,ZwDk9d,RyvaUb,mzzZzc,rCcCxc,y5vRwf,mI3LFb,m9oV,vjKJJ,H0TzZc,U4Hp0d,nneuee,TJU9Cd,VYS8Le,hH64kd,O6y8ed,MpJwZc,PrPYRd,NwH0H,V3dDOb,cYShmd,lazG7b,XVMNvd,L1AAkb,KUM7Z,WpP9Yc,s39S4,duFQFc,lwddkf,gychg,w9hDv,RMhBfe,SdcwHb,aW3pY,pw70Gc,EFQ78c,Ulmmrd,A7fCU,mdR7q,xQtZb,gJzDyc,JNoxi,MI6k7c,kjKdXe,BVgquf,QIhFr,lfpdyf,hKSk3e,hc6Ubd,SpsfSb,Z5uLle,BBI74,MdUzUe,zbML3c,zr1jrb,YTxL4,EIxsye,Uas9Hd,zy0vNb,icmqKf,qiEDtb,OgOVNe,LGJfp,qfTGrb,PrUyhf,zk0ux,spK8ic,MTDJJe,qmdT9,dQsUJc,pjICDe"
                                      Preview:"use strict";_F_installCss(".EDId0c{position:relative}.nhh4Ic{position:absolute;left:0;right:0;top:0;z-index:1;pointer-events:none}.nhh4Ic[data-state=snapping],.nhh4Ic[data-state=cancelled]{transition:transform 200ms}.MGUFnf{display:block;width:28px;height:28px;padding:15px;margin:0 auto;transform:scale(0.7);background-color:#fafafa;border:1px solid #e0e0e0;border-radius:50%;box-shadow:0 2px 2px 0 rgba(0,0,0,.2);transition:opacity 400ms}.nhh4Ic[data-state=resting] .MGUFnf,.nhh4Ic[data-state=cooldown] .MGUFnf{transform:scale(0);transition:transform 150ms}.nhh4Ic .LLCa0e{stroke-width:3.6px;transform:translateZ(1px)}.nhh4Ic[data-past-threshold=false] .LLCa0e{opacity:.3}.rOhAxb{fill:#4285f4;stroke:#4285f4}.A6UUqe{display:none;stroke-width:3px;width:28px;height:28px}.tbcVO{width:28px;height:28px}.bQ7oke{position:absolute;width:0;height:0;overflow:hidden}.A6UUqe.qs41qe{animation-name:quantumWizSpinnerRotate;animation-duration:1568.63ms;animation-iteration-count:infinite;animation-timing-func

                                      Chrome Cache Entry: 117

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (1402)
                                      Category:downloaded
                                      Size (bytes):211343
                                      Entropy (8bit):5.673408726573459
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:CDFEB349049BBD51E21F5CCB7F1B7C34
                                      SHA1:8723B2F2B73AD83E3436631DE5D8137BFCDAB2DA
                                      SHA-256:B3BBC5F7E69E7CD9310603F8C6DCAB6408E66A72B3098544997F0E32BE18F222
                                      SHA-512:5E7FA7D94768D5305EA127FC9323FB172D88467D01404EF675B6681963FA0CCEB716C314C6ACC5E4A78E12FD17832FADCEA38A3FFB01CBF24A53135896A24A71
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountSettingsUi.en_US.xM1Bt1GiAbE.2019.O/ck=boq-identity.AccountSettingsUi.zYW0COA39w0.L.B1.O/am=AwFgMA3Bt-RFU3jztWcWMDDm-We1sEkAEACABABAAAAC/d=1/exm=A7fCU,BBI74,BVgquf,EFQ78c,EIxsye,H0TzZc,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,LGJfp,MI6k7c,MTDJJe,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OgOVNe,PrPYRd,PrUyhf,QIhFr,RMhBfe,RyvaUb,SdcwHb,SpsfSb,TJU9Cd,U4Hp0d,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VYS8Le,WpP9Yc,XVMNvd,YTxL4,Z5uLle,ZDZcre,ZwDk9d,_b,_tp,aW3pY,byfTOb,cYShmd,dQsUJc,duFQFc,e5qFLc,gJzDyc,gychg,hH64kd,hKSk3e,hc6Ubd,icmqKf,kjKdXe,lazG7b,lfpdyf,lsjVmc,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nneuee,pjICDe,pw70Gc,qfTGrb,qiEDtb,qmdT9,rCcCxc,s39S4,spK8ic,vjKJJ,w9hDv,ws9Tlc,xQtZb,xUdipf,y5vRwf,zbML3c,zk0ux,zr1jrb,zy0vNb/excm=_b,_tp,googleaccountsecurityintroview/ed=1/wt=2/ujg=1/rs=AOaEmlFZIhfMwn407iOKar33qrioX_7lgA/ee=AmPS6d:GteXWe;AuZHrd:fwGiMd;BcQPH:zw1Icf;EQhjwf:NqYF2b;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;FWPM0:SRvGBc;JY4Cmf:c0EXfd;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KqtK3d:DDyK2d;LBgRLc:SdcwHb;Me32dd:MEeYgc;N6AcB:R7Kptf;NKS1pd:OGDr1b;NPKaK:SdcwHb;NSEoX:lazG7b;O2Gm6e:Bhm2Dc;Pjplud:EEDORb;QGR0gd:Mlhmy;QsSMmc:e92l7d;SMDL4c:qfTGrb;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;TCgQje:X04Oz;Tr0Eve:I5d0Le;UJ1s6c:Uvtuqd;Uvc8o:VDovNc;W4TvQd:iz2lgd;YIZmRd:A1yn5d;ZwzmBd:IgGold;a56pNe:JEfCwb;cEt90b:ws9Tlc;cYywm:uKGgXe;dIoSBb:SpsfSb;djWc0c:IfLf1;dowIGb:ebZ3mb;eBAeSb:zbML3c;fL0kg:IVI5he;hrWGne:DhGs8;iFQyKf:QIhFr;iO7nBe:KBDKSe;jbpTte:pcKEle;jru2ud:qXJ4j;jvqtV:FtEeY;lOO0Vd:OTA3Ae;nAFL3:s39S4;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:qfTGrb;pXdRYb:MdUzUe;qMU6Fb:qCCzIb;qafBPd:yDVVkb;qddgKe:xQtZb;sHEZfc:HCmn3c;sKC94b:VuAube;vJKE3d:UccXZd;vNjB7d:YTxL4;wPl4gf:eRWIQd;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;z4O7ye:eA0Y5b;zxnPse:duFQFc/m=CNbXhe,oZJtBb,O626Fe,LBaJxb,Mq9n0c,K99qY,ltDFwf,dhCEp,soHxf,CLZHRb,MISB1,or226e,w9C4d,LJG6X"
                                      Preview:"use strict";this.default_AccountSettingsUi=this.default_AccountSettingsUi||{};(function(_){var window=this;.try{._.DHb=_.x("CNbXhe",[_.Hl,_.cg]);._.k("CNbXhe");.var xTe=class extends _.uq{static Na(){return{service:{focus:_.dE,view:_.QB}}}constructor(a){super(a.Ja);this.Zf=a.service.focus;this.Mb=a.service.view}ha(){var a=this.Mb.ji();a&&(a=_.Cn(a.Ga(),'[role="main"]'),a.size()!==0&&this.Zf.dw(a))}};_.G(xTe.prototype,"cRmjP",function(){return this.ha});_.I(_.DHb,xTe);._.l();._.k("PqYoKb");._.Zzc=function(a){_.zq(a,"Pr7Yme").then(b=>{b.el().click()})};_.$zc=class extends _.uq{constructor(a){super(a.Ja)}Zb(){return this.ha.Md()}Cc(a){this.ha.Cc(a)}isEnabled(){return!this.Zb()}hc(a){this.Cc(!a)}};_.G(_.$zc.prototype,"yXgmRe",function(){return this.isEnabled});_.G(_.$zc.prototype,"RDPZE",function(){return this.Zb});_.I(void 0,_.$zc);._.l();._.OGb=_.Wm("PqYoKb",[]);._.bD=_.x("oZJtBb",[_.OGb]);._.k("oZJtBb");._.PJ=class extends _.$zc{static Na(){return{controller:{Gja:{jsname:"Pr7Yme",ctor:

                                      Chrome Cache Entry: 119

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
                                      Category:dropped
                                      Size (bytes):403
                                      Entropy (8bit):7.337359479035487
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:317A17C18099BA628FD875D5C1A5C2B3
                                      SHA1:6CFFF6DCF76BC1933BF201314FE5DDA970C275B0
                                      SHA-256:D7EFCC23501E9F695B72B876E8CF82A87C2521EFDD0BC0191AB121EB0E8A6E88
                                      SHA-512:DB33F09D8DA9A12E75D4644F9D0F827459F1E99EEBFC6ABB1BD65B127E0456B570443531EC83264328D3A8FFABBEC2CA15775CE268A280AAC1E648CB4AC6CB68
                                      Malicious:false
                                      Reputation:unknown
                                      Preview:.PNG........IHDR..............w=....ZIDATx.bp/...W~...0._!#0BF..%V...}!....&t.F........|w.. ..........Z..C.j.:M....4.8.O#t.&W.x..8.'8.#..2.....h.J.+..k.Q..j}.....2..t..^...1...n......6..."....z..9.ag.;..*.D.'.l.i?...0.`.`|.D..........F.DD.K....,... .R....y.G..hT)..h6..y....#Nb........\].....(}....Z${B.L...\..5.\.a~.\(8.i....C.N~.-.../...@...m:..:|D..K~...~.....:..|....IEND.B`.

                                      Chrome Cache Entry: 121

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (618)
                                      Category:downloaded
                                      Size (bytes):282879
                                      Entropy (8bit):5.534235305857086
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:578A1F1F789984898C08D53E1AEE6648
                                      SHA1:15E5AB0A34311F646F1FD2C50FD1F962E8FA4831
                                      SHA-256:1C010FAF7748EC995C0563DC531BD63BAD206E972D1B47B77E9CB03AB25681F0
                                      SHA-512:B9BA5A63D32F5F4B5C20F36AE259181D1EE9B7D0C34CAE81FDA6C7CF60BF699B86EF5AE240832D83DE66B9EF1783CA9276677C450AC0719472AAB23022ABF076
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountSettingsUi.en_US.xM1Bt1GiAbE.2019.O/am=AwFgMA3Bt-RFU3jztWcWMDDm-We1sEkAEACABABAAAAC/d=1/excm=_b,_tp,googleaccountsecurityintroview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlEyiI4ZRXuAlOQw_WN0m6_N8AXDgw/m=_b,_tp"
                                      Preview:"use strict";this.default_AccountSettingsUi=this.default_AccountSettingsUi||{};(function(_){var window=this;.try{._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x30600103, 0x12df0434, 0x3785345e, 0x599ed7c, 0x39e63030, 0x26c2d59f, 0x10004, 0x10000120, 0x20000, ]);./*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0.*/./*. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT.*/./*.. Copyright Google LLC All Rights Reserved... Use of this source code is governed by an MIT-style license that can be. found in the LICENSE file at https://angular.dev/license.*/.var baa,haa,laa,naa,paa,Xa,Faa,Oaa,Taa,Vaa,Waa,Xaa,gb,Yaa,fba,kba,oba,qba,uba,vb,vba,Nba,Pba,Zba,aca,dca,hca,jca,kca,lca,nca,oca,tca,uca,Aca,ec,Eca,Gca,Hca,Ica,Cca,Kca,mc,Qca,Rc

                                      Chrome Cache Entry: 122

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (1558)
                                      Category:downloaded
                                      Size (bytes):33644
                                      Entropy (8bit):5.397113369735336
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:59BBAA733215429D2CE69C9A05116FBA
                                      SHA1:2B15731AD4BD9ECFE1117F6C6DA2AB0EB7B22824
                                      SHA-256:E3711583AAD2B600E3C020B4C76440E5B118E1D8F9A3F13A92A0CF16E1B65503
                                      SHA-512:FC86774E58AD3F8E2ADB97FE3DBBCCA3C604C9E4C82D5CC1D0C1BA8F82FF8C74F00A81DC6AA50E3033DEDAF074667123FCE95BD5E16518839ACB2333CD852343
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.4LzSXchkkbI.es5.O/ck=boq-identity.AccountsSignInUi.y0moWsY5nE0.L.B1.O/am=iQEwVDK5RiAQEcUsSGeBkYCQAQAAAAAAAAAAGwAAwBwD/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEsFAsORZkY27eM0dWAEqrXJry4aA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe"
                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{.var tua=function(a,b){this.da=a;this.ha=b;if(!c){var c=new _.ug("//www.google.com/images/cleardot.gif");_.Am(c)}this.oa=c};_.h=tua.prototype;_.h.Bd=null;_.h.f3=1E4;_.h.RD=!1;_.h.nV=0;_.h.yO=null;_.h.OZ=null;_.h.setTimeout=function(a){this.f3=a};_.h.start=function(){if(this.RD)throw Error("uc");this.RD=!0;this.nV=0;uua(this)};_.h.stop=function(){vua(this);this.RD=!1};.var uua=function(a){a.nV++;navigator!==null&&"onLine"in navigator&&!navigator.onLine?_.Vn((0,_.nh)(a.mL,a,!1),0):(a.aa=new Image,a.aa.onload=(0,_.nh)(a.lpa,a),a.aa.onerror=(0,_.nh)(a.kpa,a),a.aa.onabort=(0,_.nh)(a.jpa,a),a.yO=_.Vn(a.mpa,a.f3,a),a.aa.src=String(a.oa))};_.h=tua.prototype;_.h.lpa=function(){this.mL(!0)};_.h.kpa=function(){this.mL(!1)};_.h.jpa=function(){this.mL(!1)};_.h.mpa=function(){this.mL(!1)};._.h.mL=function(a){vua(this);a?(this.RD=!1,this.da.call(this.ha,!0)):this.nV<=0?uua(this):(this.RD=!1,

                                      Chrome Cache Entry: 123

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (685)
                                      Category:downloaded
                                      Size (bytes):3138
                                      Entropy (8bit):5.401169666164676
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:34BA524208D384664E78925BFFB63EF0
                                      SHA1:8708FF129F3038774460CDAEC85C4412E6FAA64F
                                      SHA-256:88A6A2FD86A2BFF77514E6C113BE9672BFC4CB2989D7CF9DE72ADA70F50C15BC
                                      SHA-512:0E6D6081B1F24031363BEA645331F1D74326DAC852A626995E1CA05791C3499E5C1EBE6017A8465B19E1A3391C64046EEB68CAFF7B5B6FA80AD922CC7FC22908
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.4LzSXchkkbI.es5.O/ck=boq-identity.AccountsSignInUi.y0moWsY5nE0.L.B1.O/am=iQEwVDK5RiAQEcUsSGeBkYCQAQAAAAAAAAAAGwAAwBwD/d=1/exm=CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,GwYlN,IZT63,K0PMbc,K1ZKnb,KUM7Z,L9OGUe,LDQI,LEikZe,LvGhrf,MY7mZe,MpJwZc,NLiXbe,NTMZac,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,_b,_tp,aC1iue,b3kMqb,bTi8wc,byfTOb,cYShmd,cciGGe,f8Gu1e,gJzDyc,hc6Ubd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,oLggrd,oqkvIf,p3hmRc,pxq3x,qPYxq,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,ws9Tlc,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEsFAsORZkY27eM0dWAEqrXJry4aA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe"
                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.k("ZwDk9d");.var Nz=function(){_.Ft.call(this)};_.J(Nz,_.vu);Nz.Ca=_.vu.Ca;Nz.prototype.NW=function(a){return _.Gf(this,{Za:{ZX:_.yl}}).then(function(b){var c=window._wjdd,d=window._wjdc;return!c&&d?new _.cj(function(e){window._wjdc=function(f){d(f);e(uNa(f,b,a))}}):uNa(c,b,a)})};var uNa=function(a,b,c){return(a=a&&a[c])?a:b.Za.ZX.NW(c)};.Nz.prototype.aa=function(a,b){var c=_.Lra(b).Vl;if(c.startsWith("$")){var d=_.Rn.get(a);_.Yq[b]&&(d||(d={},_.Rn.set(a,d)),d[c]=_.Yq[b],delete _.Yq[b],_.Zq--);if(d)if(a=d[c])b=_.Lf(a);else throw Error("Xb`"+b);else b=null}else b=null;return b};_.zu(_.lga,Nz);._.l();._.k("SNUn3");._.tNa=new _.uo(_.qh);._.l();._.k("RMhBfe");.var vNa=function(a){var b=_.Xq(a);return b?new _.cj(function(c,d){var e=function(){b=_.Xq(a);var f=_.qga(a,b);f?c(f.getAttribute("jsdata")):window.document.readyState=="complete"?(f=["Unable to find deferred jsdata with i

                                      Chrome Cache Entry: 124

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
                                      Category:downloaded
                                      Size (bytes):15344
                                      Entropy (8bit):7.984625225844861
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:5D4AEB4E5F5EF754E307D7FFAEF688BD
                                      SHA1:06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
                                      SHA-256:3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
                                      SHA-512:7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
                                      Malicious:false
                                      Reputation:unknown
                                      URL:https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
                                      Preview:wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h|.l....A....b6........(......@e.]...*:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#*e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.*UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...*$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf*.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed.*.'..qP....M..j....../.z&.=...q<....-..?.A.%..K..

                                      Chrome Cache Entry: 126

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (745)
                                      Category:downloaded
                                      Size (bytes):1245
                                      Entropy (8bit):5.281316636559983
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:F47C5443654F89DAAAC2903371900C3B
                                      SHA1:B4210FD37862E4C926AD4FC244C0D9D4429F089B
                                      SHA-256:4A956F8A71332F92C1BCBBAD7C4CB336C7D295D339D5015F5F27A126F8297DD2
                                      SHA-512:842A8A33C9A977967421E44F8057BEA3B9BF81D8944BC5F5A597AA449BA9A1989FF87B0B826EC9E937157F3F422AA71A55B537F1CBB4CA338B1F8D2EB3D1CA0D
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountSettingsUi.en_US.xM1Bt1GiAbE.2019.O/ck=boq-identity.AccountSettingsUi.zYW0COA39w0.L.B1.O/am=AwFgMA3Bt-RFU3jztWcWMDDm-We1sEkAEACABABAAAAC/d=1/exm=A7fCU,BBI74,BVgquf,CLZHRb,CNbXhe,EFQ78c,EIxsye,H0TzZc,IZT63,JNoxi,K99qY,KUM7Z,L1AAkb,LBaJxb,LEikZe,LGJfp,LJG6X,LvGhrf,MI6k7c,MISB1,MTDJJe,MdUzUe,MpJwZc,Mq9n0c,NwH0H,O1Gjze,O626Fe,O6y8ed,OTA3Ae,OgOVNe,PrPYRd,PrUyhf,QIhFr,RMhBfe,RqjULd,RyvaUb,SdcwHb,SpsfSb,TJU9Cd,U4Hp0d,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VYS8Le,WpP9Yc,XVMNvd,YTxL4,Z5uLle,ZDZcre,ZwDk9d,_b,_tp,aW3pY,byfTOb,cYShmd,dQsUJc,dhCEp,duFQFc,e5qFLc,gJzDyc,gychg,hH64kd,hKSk3e,hc6Ubd,icmqKf,kjKdXe,lazG7b,lfpdyf,lsjVmc,ltDFwf,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nneuee,oZJtBb,or226e,p3hmRc,pjICDe,pw70Gc,qfTGrb,qiEDtb,qmdT9,rCcCxc,s39S4,soHxf,spK8ic,vjKJJ,w9C4d,w9hDv,ws9Tlc,xQtZb,xUdipf,y5vRwf,zbML3c,zk0ux,zr1jrb,zy0vNb/excm=_b,_tp,googleaccountsecurityintroview/ed=1/wt=2/ujg=1/rs=AOaEmlFZIhfMwn407iOKar33qrioX_7lgA/ee=AmPS6d:GteXWe;AuZHrd:fwGiMd;BcQPH:zw1Icf;EQhjwf:NqYF2b;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;FWPM0:SRvGBc;JY4Cmf:c0EXfd;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KqtK3d:DDyK2d;LBgRLc:SdcwHb;Me32dd:MEeYgc;N6AcB:R7Kptf;NKS1pd:OGDr1b;NPKaK:SdcwHb;NSEoX:lazG7b;O2Gm6e:Bhm2Dc;Pjplud:EEDORb;QGR0gd:Mlhmy;QsSMmc:e92l7d;SMDL4c:qfTGrb;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;TCgQje:X04Oz;Tr0Eve:I5d0Le;UJ1s6c:Uvtuqd;Uvc8o:VDovNc;W4TvQd:iz2lgd;YIZmRd:A1yn5d;ZwzmBd:IgGold;a56pNe:JEfCwb;cEt90b:ws9Tlc;cYywm:uKGgXe;dIoSBb:SpsfSb;djWc0c:IfLf1;dowIGb:ebZ3mb;eBAeSb:zbML3c;fL0kg:IVI5he;hrWGne:DhGs8;iFQyKf:QIhFr;iO7nBe:KBDKSe;jbpTte:pcKEle;jru2ud:qXJ4j;jvqtV:FtEeY;lOO0Vd:OTA3Ae;nAFL3:s39S4;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:qfTGrb;pXdRYb:MdUzUe;qMU6Fb:qCCzIb;qafBPd:yDVVkb;qddgKe:xQtZb;sHEZfc:HCmn3c;sKC94b:VuAube;vJKE3d:UccXZd;vNjB7d:YTxL4;wPl4gf:eRWIQd;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;z4O7ye:eA0Y5b;zxnPse:duFQFc/m=P6sQOc"
                                      Preview:"use strict";this.default_AccountSettingsUi=this.default_AccountSettingsUi||{};(function(_){var window=this;.try{._.k("P6sQOc");.var h3b=function(a){const b={};_.Ja(a.Ea(),e=>{b[e]=!0});const c=a.ka(),d=a.Da();return new g3b(a.Aa(),_.Ro(c.getSeconds())*1E3,a.ha(),_.Ro(d.getSeconds())*1E3,b)},i3b=function(a){return Math.random()*Math.min(a.Ea*Math.pow(a.Da,a.ha),a.Ha)},g3b=class{constructor(a,b,c,d,e){this.ka=a;this.Ea=b;this.Da=c;this.Ha=d;this.Ia=e;this.ha=0;this.Aa=i3b(this)}NN(a){return this.ha>=this.ka?!1:a!=null?!!this.Ia[a]:!0}};var j3b=function(a,b,c,d){return c.then(e=>e,e=>{if(e instanceof _.rf){if(!e.status||!d.NN(e.status.Ug()))throw e;}else if("function"==typeof _.cp&&e instanceof _.cp&&e.ka!==103&&e.ka!==7)throw e;return _.mf(d.Aa).then(()=>{if(!d.NN())throw Error("Kd`"+d.ka);++d.ha;d.Aa=i3b(d);b=_.zk(b,_.lpa,d.ha);return j3b(a,b,a.fetch(b),d)})})};._.Wp(class{constructor(){this.ka=_.ND(_.b3b);this.Aa=_.ND(_.c3b);this.Hi=null;const a=_.ND(_.$2b);this.fetch=a.fetch.bind(a)}

                                      Chrome Cache Entry: 127

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:SVG Scalable Vector Graphics image
                                      Category:dropped
                                      Size (bytes):1660
                                      Entropy (8bit):4.301517070642596
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:554640F465EB3ED903B543DAE0A1BCAC
                                      SHA1:E0E6E2C8939008217EB76A3B3282CA75F3DC401A
                                      SHA-256:99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
                                      SHA-512:462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0
                                      Malicious:false
                                      Reputation:unknown
                                      Preview:<svg xmlns="http://www.w3.org/2000/svg" width="74" height="24" viewBox="0 0 74 24"><path fill="#4285F4" d="M9.24 8.19v2.46h5.88c-.18 1.38-.64 2.39-1.34 3.1-.86.86-2.2 1.8-4.54 1.8-3.62 0-6.45-2.92-6.45-6.54s2.83-6.54 6.45-6.54c1.95 0 3.38.77 4.43 1.76L15.4 2.5C13.94 1.08 11.98 0 9.24 0 4.28 0 .11 4.04.11 9s4.17 9 9.13 9c2.68 0 4.7-.88 6.28-2.52 1.62-1.62 2.13-3.91 2.13-5.75 0-.57-.04-1.1-.13-1.54H9.24z"/><path fill="#EA4335" d="M25 6.19c-3.21 0-5.83 2.44-5.83 5.81 0 3.34 2.62 5.81 5.83 5.81s5.83-2.46 5.83-5.81c0-3.37-2.62-5.81-5.83-5.81zm0 9.33c-1.76 0-3.28-1.45-3.28-3.52 0-2.09 1.52-3.52 3.28-3.52s3.28 1.43 3.28 3.52c0 2.07-1.52 3.52-3.28 3.52z"/><path fill="#4285F4" d="M53.58 7.49h-.09c-.57-.68-1.67-1.3-3.06-1.3C47.53 6.19 45 8.72 45 12c0 3.26 2.53 5.81 5.43 5.81 1.39 0 2.49-.62 3.06-1.32h.09v.81c0 2.22-1.19 3.41-3.1 3.41-1.56 0-2.53-1.12-2.93-2.07l-2.22.92c.64 1.54 2.33 3.43 5.15 3.43 2.99 0 5.52-1.76 5.52-6.05V6.49h-2.42v1zm-2.93 8.03c-1.76 0-3.1-1.5-3.1-3.52 0-2.05 1.34-3.52 3.1-3

                                      Chrome Cache Entry: 128

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:PNG image data, 24 x 24, 4-bit colormap, non-interlaced
                                      Category:downloaded
                                      Size (bytes):226
                                      Entropy (8bit):6.226431892940625
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:1AF4CBE9D198B2F4A2E94E52732D8171
                                      SHA1:0824F71EA89E8D0719267FD0C5A458FAB12CA8BC
                                      SHA-256:9E20476C3D876E61CF8E4D57E926A2CB89B4BD353EDAA4641EFAA306516EFB19
                                      SHA-512:1DD30A12457C7926016B7D8DDBCF838EE805CA05576DAC5103D83A4EDCB8D50DDF016710DFC1B5A2E4355294B2CEBF02A755FF0794073C2523D891F2ECA673F5
                                      Malicious:false
                                      Reputation:unknown
                                      URL:https://www.gstatic.com/identity/boq/accountsettingsmobile/menu_data_and_personalization_24x24_1af4cbe9d198b2f4a2e94e52732d8171.png?mask
                                      Preview:.PNG........IHDR..............Y ....-PLTEGpL...`ej`ci_di_ch`jj`ch_dhadjffpccq...`ci_dh.Y......tRNS..e......Y.....l.w...UIDATx.c.2`Tv....#. '=.......@..f..00El..........y54v...K...44n....E....F3,.[......A.$..g......IEND.B`.

                                      Chrome Cache Entry: 130

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (675)
                                      Category:downloaded
                                      Size (bytes):1283
                                      Entropy (8bit):5.219047058688085
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:9996189B4A2622FA99499CE75E763C11
                                      SHA1:2B1B3FA09E0A9E080E27FBBA851D23900142731A
                                      SHA-256:4AC90612BE546D3EED4D6BDBF427EEC06F19CB79864065D74DB48FCA95419A70
                                      SHA-512:5D5A96C5BF793157A0EAEAD9D3B3A8AF0A5601B622A2C0B5331C0D73172DE96987AA0A40F65EA1F426E0D35F813EC659BB7B12F33741EB522585CED009CB9FD3
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.4LzSXchkkbI.es5.O/ck=boq-identity.AccountsSignInUi.y0moWsY5nE0.L.B1.O/am=iQEwVDK5RiAQEcUsSGeBkYCQAQAAAAAAAAAAGwAAwBwD/d=1/exm=A7fCU,CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,GwYlN,IZT63,K0PMbc,K1ZKnb,KUM7Z,L9OGUe,LDQI,LEikZe,LvGhrf,MY7mZe,MpJwZc,NLiXbe,NTMZac,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,ZDZcre,ZwDk9d,_b,_tp,aC1iue,b3kMqb,bTi8wc,byfTOb,cYShmd,cciGGe,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,oLggrd,oqkvIf,p3hmRc,pxq3x,qPYxq,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,w9hDv,ws9Tlc,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEsFAsORZkY27eM0dWAEqrXJry4aA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=P6sQOc"
                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.k("P6sQOc");.var s3a=function(a,b,c,d,e){this.ha=a;this.wa=b;this.oa=c;this.Da=d;this.Ea=e;this.aa=0;this.da=r3a(this)},t3a=function(a){var b={};_.Na(a.qX(),function(e){b[e]=!0});var c=a.bX(),d=a.iX();return new s3a(a.jU(),_.qs(c.getSeconds())*1E3,a.DW(),_.qs(d.getSeconds())*1E3,b)},r3a=function(a){return Math.random()*Math.min(a.wa*Math.pow(a.oa,a.aa),a.Da)},u3a=function(a,b){return a.aa>=a.ha?!1:b!=null?!!a.Ea[b]:!0};var v3a=function(){this.da=_.cD(_.p3a);this.ha=_.cD(_.q3a);var a=_.cD(_.n3a);this.fetch=a.fetch.bind(a)};v3a.prototype.aa=function(a,b){if(this.ha.getType(a.Ae())!==1)return _.Qo(a);var c=this.da.PZ;return(c=c?t3a(c):null)&&u3a(c)?_.pza(a,w3a(this,a,b,c)):_.Qo(a)};.var w3a=function(a,b,c,d){return c.then(function(e){return e},function(e){if(e instanceof _.Uf){if(!e.status||!u3a(d,e.status.Fc()))throw e;}else if("function"==typeof _.Os&&e instanceof _.Os&&e.da

                                      Chrome Cache Entry: 131

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
                                      Category:dropped
                                      Size (bytes):392
                                      Entropy (8bit):7.255033947093651
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:F99BACF0B3BB6B80C1159263D4323379
                                      SHA1:62BF934DAF62C7D3C7A23620549AC6CFC228B0AD
                                      SHA-256:7E4289DD064E0876DEFA204256FDF7FA22E97AC1C2F16B0BE0088979D8738AC9
                                      SHA-512:E5700D886E214F4200103BDD20A84C81EB96D48EBF99FA06B8DD8E1EC0800BFE082E0088108C4B08A4132CE587D03E39B6B79E965C6802B1F6FF1548B2E5D85B
                                      Malicious:false
                                      Reputation:unknown
                                      Preview:.PNG........IHDR..............w=....OIDATx.bp/.)....<.hT.Da. (...E..^...".9...5.p.pA=E.z...z..*\A..Q.o...t'..a|........s..q.!.k0.Dz.]^ @........f.r..#.p.6.........z.1;.j../....O...z.5.L../.`...._..>r.g..p......"9..zb...'..^....4O...Y.|......BV/p...f.A6.0...D~.\..E@.o...mP...a.Ju...'QX....."..:.0N6...#..)`.j7..8.O...q....`..$h..~..,{.n..:.........F-..y....E.....IEND.B`.

                                      Chrome Cache Entry: 132

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (2482)
                                      Category:downloaded
                                      Size (bytes):178965
                                      Entropy (8bit):5.554046383604023
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:CDFC6EFFEE1548DB2A49ADB7784F13A5
                                      SHA1:BCCB0E5E36752D92B02E418E8180B459D04E2D0D
                                      SHA-256:2AF82D1A3E4C1DAA901A9A9277184811E2BBAACA28CA5A2B12970C7220394E34
                                      SHA-512:04CEA0691301C3A6FE11AF030424A9F71BDACF041794B4477F880B2651AD376F6C3167F4717DB45E0C81D9FB75918EB2DB26AB23E5E8E50CE736A721B0FDEC4D
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.d6sk5lZTUDo.2019.O/rt=j/m=q_dnp,q_sf,q_pc,qmd,qcwid,qapid,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTu94ySbRJkyGx4WTPcUc7l7WgmV5g"
                                      Preview:this.gbar_=this.gbar_||{};(function(_){var window=this;.try{._.Pi=function(a){if(4&a)return 2048&a?2048:4096&a?4096:0};_.Qi=class extends _.N{constructor(a){super(a)}};.}catch(e){_._DumpException(e)}.try{.var Ui,Vi,Xi,Yi,aj;_.Ri=function(){return typeof BigInt==="function"};Ui=function(a){const b=a>>>0;_.Si=b;_.Ti=(a-b)/4294967296>>>0};Vi=function(a,b){b=~b;a?a=~a+1:b+=1;return[a,b]};_.Wi=function(a){if(a<0){Ui(-a);const [b,c]=Vi(_.Si,_.Ti);_.Si=b>>>0;_.Ti=c>>>0}else Ui(a)};Xi=function(a){a=String(a);return"0000000".slice(a.length)+a};.Yi=function(a,b){b>>>=0;a>>>=0;if(b<=2097151)var c=""+(4294967296*b+a);else _.Ri()?c=""+(BigInt(b)<<BigInt(32)|BigInt(a)):(c=(a>>>24|b<<8)&16777215,b=b>>16&65535,a=(a&16777215)+c*6777216+b*6710656,c+=b*8147497,b*=2,a>=1E7&&(c+=a/1E7>>>0,a%=1E7),c>=1E7&&(b+=c/1E7>>>0,c%=1E7),c=b+Xi(c)+Xi(a));return c};_.Zi=function(a,b){if(b&2147483648)if(_.Ri())a=""+(BigInt(b|0)<<BigInt(32)|BigInt(a>>>0));else{const [c,d]=Vi(a,b);a="-"+Yi(c,d)}else a=Yi(a,b);return a};._

                                      Chrome Cache Entry: 80

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:Web Open Font Format (Version 2), TrueType, length 55256, version 1.0
                                      Category:downloaded
                                      Size (bytes):55256
                                      Entropy (8bit):7.9958351357124835
                                      Encrypted:true
                                      SSDEEP:
                                      MD5:1E2D4737305EEA41EE9198E3FD3F59C2
                                      SHA1:ABFF05D701173AB7EAE355BE60AD30CF7F63536B
                                      SHA-256:351BA345250BAF98CE325B4017AC9B96C9498F6644937EF558DC5993AF676F2A
                                      SHA-512:469723131222DEC7EA745B528FE62586DA62D02505B6904A4B97157259DD37C26BF0D7012538EC6AB999C4A82D44F97AD7A1BC526CEA9E8EE1CD30FF218FBCE8
                                      Malicious:false
                                      Reputation:unknown
                                      URL:https://fonts.gstatic.com/s/googlesans/v62/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2
                                      Preview:wOF2...............T...]..........................^.......?HVAR.\?MVAR9.`?STAT.*',..B/\.....H..!....0..v.6.$..V. ..~..:..[..q$.c..6g.slSI"k\...O.:....s.q@....mY.;.$.,.e....&.....my.....=...D..u..3+MS ..S.f...P..2.IL.2d.....V..z...E...).....d.d..wa.Gz..%.Ar....O....rD...UIK.4d.WP...:..(.......7...-.M............~m....5....<vR.../.....Z......x9..O\... .....N...!.6.=.......S...hk..3......m.{....u..e._.Y...0.B3.Y...,."..f~.<....}3///..!.C.. `PD\...-"...."...%..p.7"m-..-_..q,.EK..R......._g.w...]..j..@...7. .%.g>.{6..x..g..,...|./}.}..4H............H.&@($!...*@....b....S..........$."......&u.J...K0.F...hr...A...9}.7.u..|.?...$......i.i....u..$Y.e...}D...0.9b:9..8h....*[eV5.-......../B[..!....).9..../0......DY....!;h.L.,<I.:.-...t.[I..J..I.&..%~....T4U.JaC..>..w......S`.....}&.....".E.Cx......} .....i....P....iN..v.hD4.....B...h...z.-.LT..[...:&.K....T....D.Kz.....*.....J..n.?..{6. ...b.oH.!z..gl7U%.@`......>.J......3..i.W...S.@..#s...r{H/;.s

                                      Chrome Cache Entry: 82

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
                                      Category:dropped
                                      Size (bytes):141
                                      Entropy (8bit):6.047259839000409
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:C051EE9E35C41E8B0EB8235154CD4585
                                      SHA1:35364C984E5BDA380325FE59B65D9B0E120D4108
                                      SHA-256:61F8894919DA71DFB8A93F34702D7EF03EF52D20D02CC85B5B51417D5F93C56D
                                      SHA-512:67F04ED23F2D06AA92668F8C63DA18E1D5BEAD7A67734728710A0B0A7EC5794B7D18482264EA8A4EDA62A3E6060F7C26060F22D2979E2C069A24611209623D42
                                      Malicious:false
                                      Reputation:unknown
                                      Preview:.PNG........IHDR..............w=....TIDATx.cp/.)&^.......).O.3.S.Af....(....r.....$eA.0g.,...Z@..<.G.......[q=.5....z.....5....IEND.B`.

                                      Chrome Cache Entry: 83

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:Web Open Font Format (Version 2), TrueType, length 31568, version 1.0
                                      Category:downloaded
                                      Size (bytes):31568
                                      Entropy (8bit):7.99179193151151
                                      Encrypted:true
                                      SSDEEP:
                                      MD5:EB11BFB369775FF0739DABB3A5F379CC
                                      SHA1:2EEBAEA2F7080C0B256FBFC70AB91473243AF0F8
                                      SHA-256:2E0BDC192134BB3950A1BA4C1148901E39EBD8D2D01F64EF23106E90A9F771B0
                                      SHA-512:59E89752E932AADE54D5B2B940E09F3C8B12A836F1C5EB515E82036A97492F42E12A4FB3DC156CB8D969D6CB4E8FD8F18B358715F972E12D4596AD390430CB21
                                      Malicious:false
                                      Reputation:unknown
                                      URL:https://fonts.gstatic.com/s/productsans/v9/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
                                      Preview:wOF2......{P......H...z...........................X..j.`....l..a.....P.._..8....h.6.$..l. ..8..{...[.3.@..o1.........(..vD.D^r.;..(..7%....?/i.a.t.kKa...fi(T.DE.....P.b..-n.i..=.q-1QR.$...1..3C.....A..v...y:.n....&M.}.p)...r...p.l...5t...I..N.....>G..Of.f...N.H"y.{9....d......u/..f.&=...:..@...A.e3.a2.e.R f.L..E..nN...mO...+.....f..`._..G....O...s].q..).m"k..a...U..........SDRR........^J..g.J......Mcic......u.f".|.:...J8./...zv.....?1.........<...[.-<.I........k<.M.kp]j.?...l.....d..Y ........k.(..M.S....E.(...~..#.........}..91 ...d...k...6....m.XA........p*.X.`.6...u.l...o..._....S._.G.....%SZ...K.~..1.Z.....vu..2...T.+E...Ob...\..D&...KdrR9..T"......Hr.T".. ..e........B0...._.O.\.33w.........-...2....u..K.+.J....R....G.TX....nI....@.."*l.%t..-$z<....1:.F.9.......5...f.4..%Y2.P.@.t.....S..e.1..z...o<....O.*ECp....z.....g. (...*....];...7...r..w....Z8W.$.z$.z.y{...6.........F.....'..y|...R.ss...[.UM.".}.d....d..f.%.l.A..N+\....H..Y..*t

                                      Chrome Cache Entry: 84

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:PNG image data, 24 x 24, 4-bit colormap, non-interlaced
                                      Category:dropped
                                      Size (bytes):223
                                      Entropy (8bit):6.101540500998981
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:7C33D12A53C7BC136451711173FBD301
                                      SHA1:69D476C34605E4C4622C0018B0ABC3BA354D2085
                                      SHA-256:5E765D0C7564568AA37D0A7195782ECA429897DE73B498197BA09F54867CB69F
                                      SHA-512:B089863714930180C3903A8502EB34A49FA67E1FB5D5A66A27C620EAF5154912C647144A8270D0A571FBDFA6543E67EA2E850F6229089727FE5CDBFB1DAF4C25
                                      Malicious:false
                                      Reputation:unknown
                                      Preview:.PNG........IHDR..............Y ....*PLTEGpL.s..s..r..s..s..s..t..j..s."w..q..s..s.a. 3....tRNS.P.....l...H...T.....VIDATx.c....F.p.khh.\"..=.&....P...pF10,.....1&gO(...s.B8.`N(.."..s..s5.........A8.....H ....*....IEND.B`.

                                      Chrome Cache Entry: 87

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (2048)
                                      Category:downloaded
                                      Size (bytes):21586
                                      Entropy (8bit):5.406901641900733
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:A09FB87363FF4C22128BB80CDDD54E00
                                      SHA1:BA81C690086B1372C952324E286E60C60FBA2354
                                      SHA-256:E538352DA023E5A64F9753D98891F5CAEF0714D2C80E169CFDFCA4E567D64152
                                      SHA-512:D01968FACC6268E605A6A054AEA15C893340045EE4B6C0E4617ED0D4019BC9AA450CD84F54748467173E9614EF78C3C2459B44B854B842B5504408C9A5DE0DC3
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.4LzSXchkkbI.es5.O/ck=boq-identity.AccountsSignInUi.y0moWsY5nE0.L.B1.O/am=iQEwVDK5RiAQEcUsSGeBkYCQAQAAAAAAAAAAGwAAwBwD/d=1/exm=CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,GwYlN,IZT63,K0PMbc,K1ZKnb,KUM7Z,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NLiXbe,NTMZac,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,_b,_tp,aC1iue,b3kMqb,bTi8wc,byfTOb,cYShmd,cciGGe,f8Gu1e,gJzDyc,hc6Ubd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,oLggrd,oqkvIf,pxq3x,qPYxq,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,ws9Tlc,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEsFAsORZkY27eM0dWAEqrXJry4aA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=p3hmRc,LvGhrf,RqjULd"
                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{.var BKa;BKa=function(a,b){a=_.Nf(a,!1);return{enabled:a,PC:a?_.dka(_.kp(b(),_.zKa)):AKa()}};._.DKa=function(){var a=BKa(_.mg("xwAfE"),function(){return _.mg("UUFaWc")}),b=BKa(_.mg("xnI9P"),function(){return _.mg("u4g7r")}),c,d,e,f;return(f=CKa)!=null?f:CKa=Object.freeze({isEnabled:function(g){return g===-1||_.Nf(_.mg("iCzhFc"),!1)?!1:a.enabled||b.enabled},environment:(c=_.fp(_.mg("y2FhP")))!=null?c:void 0,kV:(d=_.fp(_.mg("MUE6Ne")))!=null?d:void 0,ou:(e=_.fp(_.mg("cfb2h")))!=null?e:void 0,Hq:_.ip(_.mg("yFnxrf"),-1),f5:_.Vna(_.mg("fPDxwd")).map(function(g){return _.ip(g,0)}).filter(function(g){return g>.0}),vBa:_.Nf(_.mg("vJQk6"),!1),U9:a,F9:b})};_.zKa=function(a){this.Ga=_.u(a)};_.J(_.zKa,_.w);var AKa=function(a){return function(){var b;(b=a[_.Dd])||(b=new a,_.Nc(b.Ga),b=a[_.Dd]=b);return b}}(_.zKa),CKa;._.k("p3hmRc");.var zLa=function(a,b,c,d){this.transport=a;this.aa=b;this

                                      Chrome Cache Entry: 88

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (580)
                                      Category:downloaded
                                      Size (bytes):3480
                                      Entropy (8bit):5.505733164674747
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:ACBD91907F56F703851FE743A2E63550
                                      SHA1:E52B161A82A49AF0AF256C2DB97E0A7F5BF7D58D
                                      SHA-256:FF87916929966A712C26DCBDF85DDFE84531C2B06560EA7EF18D6DA47B903615
                                      SHA-512:E2A5D458AED24E29316B046B07B077E0281FD6465302AD4EFF60BEBD6754237EC3439D350BDC98EF923E77C9071BC05B2D0D4C54AF0162342AD9C3D5AC7A3F56
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.4LzSXchkkbI.es5.O/ck=boq-identity.AccountsSignInUi.y0moWsY5nE0.L.B1.O/am=iQEwVDK5RiAQEcUsSGeBkYCQAQAAAAAAAAAAGwAAwBwD/d=1/exm=A7fCU,CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,GwYlN,IZT63,K0PMbc,K1ZKnb,KUM7Z,L9OGUe,LDQI,LEikZe,LvGhrf,MY7mZe,MpJwZc,NLiXbe,NTMZac,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,ZDZcre,ZwDk9d,_b,_tp,aC1iue,b3kMqb,bTi8wc,byfTOb,cYShmd,cciGGe,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,oLggrd,oqkvIf,p3hmRc,pxq3x,qPYxq,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,w9hDv,wg1P6b,ws9Tlc,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEsFAsORZkY27eM0dWAEqrXJry4aA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk"
                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.k("Wt6vjf");.var Lya=function(){var a=_.zs();return _.Ak(a,1)},nu=function(a){this.Ga=_.u(a,0,nu.messageId)};_.J(nu,_.w);nu.prototype.Fa=function(){return _.rk(this,1,_.Sc)};nu.prototype.Ta=function(a){return _.Kk(this,1,a,_.Sc)};nu.messageId="f.bo";var ou=function(){_.Sn.call(this)};_.J(ou,_.Sn);ou.prototype.Pd=function(){this.tY=!1;Mya(this);_.Sn.prototype.Pd.call(this)};ou.prototype.aa=function(){Nya(this);if(this.IG)return Oya(this),!1;if(!this.A_)return pu(this),!0;this.dispatchEvent("p");if(!this.sU)return pu(this),!0;this.sR?(this.dispatchEvent("r"),pu(this)):Oya(this);return!1};.var Pya=function(a){var b=new _.ug(a.S9);a.qV!=null&&_.xg(b,"authuser",a.qV);return b},Oya=function(a){a.IG=!0;var b=Pya(a),c="rt=r&f_uid="+_.Ol(a.sU);_.Xo(b,(0,_.nh)(a.ha,a),"POST",c)};.ou.prototype.ha=function(a){a=a.target;Nya(this);if(_.$o(a)){this.kP=0;if(this.sR)this.IG=!1,this.dispatc

                                      Chrome Cache Entry: 90

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:Web Open Font Format (Version 2), TrueType, length 52280, version 1.0
                                      Category:downloaded
                                      Size (bytes):52280
                                      Entropy (8bit):7.995413196679271
                                      Encrypted:true
                                      SSDEEP:
                                      MD5:F61F0D4D0F968D5BBA39A84C76277E1A
                                      SHA1:AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2
                                      SHA-256:57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC
                                      SHA-512:6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487
                                      Malicious:false
                                      Reputation:unknown
                                      URL:https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2
                                      Preview:wOF2.......8.....................................^...$..4?HVAR..?MVAR9.`?STAT.*',..J/.......`..(..Z.0..R.6.$.... .....K..[..q..c..T.....>.P.j.`.w..#...%......N.".....$..3.0.6......... .L.rX/r[j.y.|*(.4.%#.....2.v.m..-..%.....;-.Y.{..&..O=#l@...k..7g..ZI...#.Z./+T..r7...M..3).Z%.x....s..sL..[A!.5*1w'/.8V..2Z..%.X.h.o.).]..9..Q`.$.....7..kZ.~O........d..g.n.d.Rw+&....Cz..uy#..fz,(.J....v.%..`..9.....h...?O..:...c%.....6s....xl..#...5..._......1.>.)"U.4 W....?%......6//!$...!.n9C@n...........!""^.....W..Z<.7.x.."UT.T....E.."R>.R..t.....H d..e_.K../.+8.Q.P.ZQ....;...U....]......._.e*......71.?.7.ORv.?...l...G|.P...|:...I.X..2.,.L........d.g.]}W#uW]QnuP-s.;.-Y.....].......C..j_.M0...y.......J..........NY..@A...,....-.F......'..w./j5g.vUS...U..0.&...y7.LP.....%.....Y......Y..D. e.A..G.?.$.......6...eaK.n5.m...N...,...+BCl..L> .E9~.b[.w.x....6<...}.e...%V....O.......*.?...a..#[eE.4..p..$...].....%......o._......N.._~..El....b..A.0.r8.....|..D.d..

                                      Chrome Cache Entry: 92

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (372)
                                      Category:downloaded
                                      Size (bytes):1518
                                      Entropy (8bit):5.260774696622649
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:3299E9F007E884CB016A30FE2C5ADAC5
                                      SHA1:B219687DEB124A015D2D0A5162512A859AE64FDD
                                      SHA-256:07A42B9F5C43928069F769E69C5A8F30B19C0718F1FE5C6DAD8AEC78F607CD22
                                      SHA-512:CB059B135EBDEE1774094B7C54F46E135AE4E36668C12ACD0DD69C92B2893FC8C4AD7564B7C0975EBEB4065A4CBD7911961996FD5EE614E0BBE6C8318CD948FF
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.4LzSXchkkbI.es5.O/ck=boq-identity.AccountsSignInUi.y0moWsY5nE0.L.B1.O/am=iQEwVDK5RiAQEcUsSGeBkYCQAQAAAAAAAAAAGwAAwBwD/d=1/exm=CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,GwYlN,IZT63,K0PMbc,K1ZKnb,KUM7Z,L9OGUe,LDQI,LEikZe,LvGhrf,MY7mZe,MpJwZc,NLiXbe,NTMZac,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,ZwDk9d,_b,_tp,aC1iue,b3kMqb,bTi8wc,byfTOb,cYShmd,cciGGe,f8Gu1e,gJzDyc,hc6Ubd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,oLggrd,oqkvIf,p3hmRc,pxq3x,qPYxq,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,ws9Tlc,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEsFAsORZkY27eM0dWAEqrXJry4aA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZDZcre,w9hDv,A7fCU"
                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.k("lOO0Vd");._.q3a=new _.vo(_.Do);._.l();._.k("ZDZcre");.var G4a=function(){this.Zj=_.cD(_.fD);this.b9=_.cD(_.q3a);this.aa=_.cD(_.dD)};G4a.prototype.execute=function(a){var b=this;a=this.aa.create(a);return _.Db(a,function(c){var d=b.b9.getType(c.Ae())===2?b.Zj.Lb(c):b.Zj.fetch(c);return _.Ll(c,_.gD)?d.then(function(e){return _.Sd(e)}):d},this)};_.Au(G4a,_.dna);._.l();._.k("w9hDv");._.ph(_.Wma);_.Mz=function(a){_.Ft.call(this);this.aa=a.Za.cache};_.J(_.Mz,_.vu);_.Mz.Ca=function(){return{Za:{cache:_.yt}}};_.Mz.prototype.execute=function(a){_.Db(a,function(b){var c;_.Kf(b)&&(c=b.ib.Pb(b.mb));c&&this.aa.QK(c)},this);return{}};_.zu(_.bna,_.Mz);._.l();._.k("K5nYTd");._.u4a=new _.vo(_.Co);._.l();._.k("A7fCU");.var v4a=function(a){_.Ft.call(this);this.aa=a.Ha.Zia};_.J(v4a,_.vu);v4a.Ca=function(){return{Ha:{Zia:_.u4a,metadata:_.q3a},preload:{QK:_.Mz}}};v4a.prototype.execute=functio

                                      Chrome Cache Entry: 93

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (468)
                                      Category:downloaded
                                      Size (bytes):1996
                                      Entropy (8bit):5.303762653589492
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:ACDAEA03195BFB8208CC30887E6BEB82
                                      SHA1:9DA5C346622478CC82216529E2FFABB64FF72C8B
                                      SHA-256:902E8DC476C9BCF282EA3C8799EA61D8848E98C5027A8A06DF2CD3C70B6DA7B5
                                      SHA-512:3C0D51C7CAB0DA1E1F03CA335B00211703C77E34F4B4470F92FC38E42C6D5BF679BA979A2E35AE37B4790DE6FC98834DF22E6585EE573D6116D1536D046A649B
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.4LzSXchkkbI.es5.O/ck=boq-identity.AccountsSignInUi.y0moWsY5nE0.L.B1.O/am=iQEwVDK5RiAQEcUsSGeBkYCQAQAAAAAAAAAAGwAAwBwD/d=1/exm=A7fCU,CMcBD,E87wgc,EFQ78c,EN3i8d,Fndnac,GwYlN,IZT63,K0PMbc,K1ZKnb,KUM7Z,L9OGUe,LDQI,LEikZe,LvGhrf,MY7mZe,MpJwZc,NLiXbe,NTMZac,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,YgOFye,ZDZcre,ZwDk9d,_b,_tp,aC1iue,b3kMqb,bTi8wc,byfTOb,cYShmd,cciGGe,f8Gu1e,gJzDyc,hc6Ubd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,oLggrd,oqkvIf,p3hmRc,pxq3x,qPYxq,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,w9hDv,ws9Tlc,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEsFAsORZkY27eM0dWAEqrXJry4aA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP"
                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.k("iAskyc");._.kW=function(a){_.Ft.call(this);this.window=a.Ha.window.get();this.Ac=a.Ha.Ac};_.J(_.kW,_.vu);_.kW.Ca=function(){return{Ha:{window:_.Cu,Ac:_.DB}}};_.kW.prototype.Op=function(){};_.kW.prototype.addEncryptionRecoveryMethod=function(){};_.lW=function(a){return(a==null?void 0:a.Lq)||function(){}};_.mW=function(a){return(a==null?void 0:a.UR)||function(){}};_.LZb=function(a){return(a==null?void 0:a.Fr)||function(){}};._.MZb=function(a){return new Map(Array.from(a,function(b){var c=_.n(b);b=c.next().value;c=c.next().value;return[b,c.map(function(d){return{epoch:d.epoch,key:new Uint8Array(d.key)}})]}))};_.NZb=function(a){setTimeout(function(){throw a;},0)};_.kW.prototype.dT=function(){return!0};_.nW=function(a,b,c,d){c=c===void 0?"":c;a=a.Ac;var e=a.XM,f=new _.nB;b=_.s_a(f,7,b);e.call(a,305,b,d,void 0,void 0,_.EV(new _.mB,_.DV(c)))};_.zu(_.Np,_.kW);._.l();._.k("ziXSP"

                                      Chrome Cache Entry: 94

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                                      Category:dropped
                                      Size (bytes):5430
                                      Entropy (8bit):3.6534652184263736
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:F3418A443E7D841097C714D69EC4BCB8
                                      SHA1:49263695F6B0CDD72F45CF1B775E660FDC36C606
                                      SHA-256:6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770
                                      SHA-512:82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563
                                      Malicious:false
                                      Reputation:unknown
                                      Preview:............ .h...&... .... .........(....... ..... ............................................0...................................................................................................................................v.].X.:.X.:.r.Y........................................q.X.S.4.S.4.S.4.S.4.S.4.S.4...X....................0........q.W.S.4.X.:.................J...A...g.........................K.H.V.8..........................F..B.....................,.......................................B..............................................B..B..B..B..B...u..........................................B..B..B..B..B...{.................5.......k...........................................................7R..8F.................................................2........Vb..5C..;I..................R^.....................0................Xc..5C..5C..5C..5C..5C..5C..lv..........................................]i..<J..:G..Zf....................................................

                                      Chrome Cache Entry: 95

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (5693)
                                      Category:downloaded
                                      Size (bytes):737807
                                      Entropy (8bit):5.588688881858864
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:3D6F0C7AE00D1EFA4BB4481E35599287
                                      SHA1:4924C03B5A257B621A031E3BCDF91ACEF6310A99
                                      SHA-256:7B56A8FE547D4FF333B7381E93AC9424FD139364C3B9556E935B937A84C092DF
                                      SHA-512:42498B176E9170D12E87F0EEC6FAF888BFF8BA3D6BF4A0BADB9476AE993B966C2B0646DF9E5DFED6DADD37FDC76587C68F0864BD753662B1D77F7254D5A4FA04
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.4LzSXchkkbI.es5.O/ck=boq-identity.AccountsSignInUi.y0moWsY5nE0.L.B1.O/am=iQEwVDK5RiAQEcUsSGeBkYCQAQAAAAAAAAAAGwAAwBwD/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEsFAsORZkY27eM0dWAEqrXJry4aA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,NTMZac,mzzZzc,rCcCxc,cciGGe,m9oV,vjKJJ,y5vRwf,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,L9OGUe,PrPYRd,MpJwZc,cYShmd,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,WpP9Yc,gJzDyc,lwddkf,SpsfSb,aC1iue,tUnxGc,EFQ78c,xQtZb,zbML3c,zr1jrb,vHEMJe,YTxL4,YHI3We,Uas9Hd,zy0vNb,K0PMbc,MY7mZe,qmdT9,GwYlN,NLiXbe,LDQI"
                                      Preview:"use strict";_F_installCss(".r4WGQb{position:relative}.Dl08I>:first-child{margin-top:0}.Dl08I>:last-child{margin-bottom:0}.IzwVE{color:#1f1f1f;color:var(--gm3-sys-color-on-surface,#1f1f1f);font-family:\"Google Sans\",roboto,\"Noto Sans Myanmar UI\",arial,sans-serif;font-size:1.25rem;font-weight:400;letter-spacing:0rem;line-height:1.2}.l5PPKe{color:#1f1f1f;color:var(--gm3-sys-color-on-surface,#1f1f1f);font-size:1rem}.l5PPKe .dMNVAe{margin:0;padding:0}.l5PPKe>:first-child{margin-top:0;padding-top:0}.l5PPKe>:last-child{margin-bottom:0;padding-bottom:0}.Dl08I{margin:0;padding:0;position:relative}.Dl08I>.SmR8:only-child{padding-top:1px}.Dl08I>.SmR8:only-child::before{top:0}.Dl08I>.SmR8:not(first-child){padding-bottom:1px}.Dl08I>.SmR8::after{bottom:0}.Dl08I>.SmR8:only-child::before,.Dl08I>.SmR8::after{border-bottom:1px solid #c4c7c5;border-bottom:1px solid var(--gm3-sys-color-outline-variant,#c4c7c5);content:\"\";height:0;left:0;position:absolute;width:100%}.aZvCDf{margin-top:8px;margin-left

                                      Chrome Cache Entry: 96

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with no line terminators
                                      Category:downloaded
                                      Size (bytes):88
                                      Entropy (8bit):5.05829269879471
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:8BA5CD89BBF3ACD655780F8F637265E8
                                      SHA1:DDDA14858D49BF5741C85D5EAD0B48F3FF7C6032
                                      SHA-256:0C0F8CA7F1960A60255E1FAFE1B9C36BCBA49E187EED22C4CEA1C6754FB00D70
                                      SHA-512:790196BFF2D13447FF6BD7688EABF09D8F4B20430B37BAD9A0A6534170919E77E418E91B6C820A195BB1A215DE4F1C73227C9363C06E5022CE9A71B3A7031E22
                                      Malicious:false
                                      Reputation:unknown
                                      URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhInCYDpAL11Z6_PEgUNGQET-hIFDeghfoYSBQ3TmKgHIcoV_YKlyNpn?alt=proto
                                      Preview:Cj4KBw0ZARP6GgAKKg3oIX6GGgQISxgCKh0IClIZCg9AIS4kI18tKiY/Ky8lLF4QARj/////DwoHDdOYqAcaAA==

                                      Chrome Cache Entry: 97

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with no line terminators
                                      Category:downloaded
                                      Size (bytes):28
                                      Entropy (8bit):3.950212064914748
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:C3F64CB2A8B00CBBC30CE2908208A29D
                                      SHA1:E4AA7CAB67F4CF5FA52371DDC25A75AAFD4D0CCC
                                      SHA-256:391601283994BCD9486160BF8A5637410D280E1BDDD3AEF5428454976E193E81
                                      SHA-512:6CCBC26128FE65D6D313B965DA3D2E201D506442D0036404ABB490BE0FC99B3A0FDB611269B932DBA7F3A621E11F79ED213D2B11D487EE39C54A17D97A823552
                                      Malicious:false
                                      Reputation:unknown
                                      URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIgCT8c_4TtP4dAEgUNkWGVThIFDZFhlU4h2UGtHUlipW4=?alt=proto
                                      Preview:ChIKBw2RYZVOGgAKBw2RYZVOGgA=

                                      Chrome Cache Entry: 98

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:ASCII text, with very long lines (533)
                                      Category:downloaded
                                      Size (bytes):9150
                                      Entropy (8bit):5.415873456315433
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:1BB806968064647EC62CB37D60123F14
                                      SHA1:F379507CBBEC75615328CA2C6A38088F00ACB0D8
                                      SHA-256:33DAC5BF5A51D43413757D23039C0BB6E6D12C076229FB02B2F58198006AF09A
                                      SHA-512:76F7524B7E435CA76A07C04D8BABBB2686A055DEDD6781DF18253C84D37596C157483CC69CE22C9DEEA6C6EB722B4EA3CA275A6AE1170FDA38DB0AE58D44FFDD
                                      Malicious:false
                                      Reputation:unknown
                                      URL:"https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en_US.4LzSXchkkbI.es5.O/ck=boq-identity.AccountsSignInUi.y0moWsY5nE0.L.B1.O/am=iQEwVDK5RiAQEcUsSGeBkYCQAQAAAAAAAAAAGwAAwBwD/d=1/exm=CMcBD,EFQ78c,EN3i8d,Fndnac,GwYlN,IZT63,K0PMbc,K1ZKnb,KUM7Z,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NLiXbe,NTMZac,PrPYRd,Rkm0ef,SCuOPb,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,YHI3We,YTxL4,_b,_tp,aC1iue,b3kMqb,byfTOb,cYShmd,cciGGe,gJzDyc,hc6Ubd,lsjVmc,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,oLggrd,qmdT9,rCcCxc,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,ws9Tlc,xQtZb,xiZRqc,y5vRwf,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEsFAsORZkY27eM0dWAEqrXJry4aA/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,oqkvIf,yRXbo,bTi8wc,ywOR5c,PHUIyb"
                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.zSa=_.z("SD8Jgb",[]);._.UT=function(a,b){if(typeof b==="string")a.uc(b);else if(b instanceof _.Fm&&b.ia&&b.ia===_.B)b=_.Ya(b.Pt()),a.empty().append(b);else if(b instanceof _.Ua)b=_.Ya(b),a.empty().append(b);else if(b instanceof Node)a.empty().append(b);else throw Error("Dg");};_.VT=function(a){var b=_.zq(a,"[jsslot]");if(b.size()>0)return b;b=new _.xq([_.go("span")]);_.Aq(b,"jsslot","");a.empty().append(b);return b};_.IVb=function(a){return a===null||typeof a==="string"&&_.Qb(a)};._.k("SD8Jgb");._.$T=function(a){_.X.call(this,a.La);this.Wa=a.controller.Wa;this.od=a.controllers.od[0]||null;this.header=a.controller.header;this.nav=a.controller.nav;var b;(b=this.Ba().find("button:not([type])").el())==null||b.setAttribute("type","button")};_.J(_.$T,_.X);_.$T.Ca=function(){return{controller:{Wa:{jsname:"n7vHCb",ctor:_.uv},header:{jsname:"tJHJj",ctor:_.uv},nav:{jsname:"DH6Rkf",ct

                                      Chrome Cache Entry: 99

                                      Download File
                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                      File Type:PNG image data, 96 x 96, 8-bit colormap, non-interlaced
                                      Category:downloaded
                                      Size (bytes):1181
                                      Entropy (8bit):7.63600082449039
                                      Encrypted:false
                                      SSDEEP:
                                      MD5:0BD034F24CE382C1F08A28337ADC6FF1
                                      SHA1:BCE7E18C57E7976AF15DC554E9F905C409FCACD1
                                      SHA-256:12322A9C68D0986C755554BB166EEDF5669B46E7791F03489B25655CE4BB5A39
                                      SHA-512:6D22ED1DDD44E4AF97B5769208116B90853859CAAC1108FD6A0681B0BD9DC412CED5E10E7553AA429D7DF0FB88C5C24E8280EC2AB5612AAE7769F8D484E961E0
                                      Malicious:false
                                      Reputation:unknown
                                      URL:https://www.gstatic.com/identity/boq/accountsettingsmobile/signedout_security_icon_96x96_0bd034f24ce382c1f08a28337adc6ff1.png
                                      Preview:.PNG........IHDR...`...`......F......PLTEGpLB..B..B..B..B..B..B..B.....B..B..B..B..B.......B.......B.....................B.........F.................N.................}..f..............J..............o..3\.~....Y...Z..............`..|..q...........Bh.%Q....................................m.............tRNS.. ..0.@..p.`....P`@..p .....0.L....IDATh...z.@..-`...Sv.F...bbK.=.......".2..u/./."$...)@,...I...J...D8.K.b#H"...\>...'K......|.CA..`........b...)....$...FJ./....@d..".....e!"A$X.@.6.....I.Z......7.Cg.]..._......w.V.Zm............ZpZ.t...hFD'.m...S......OAC..A..+.-....!P".....,...8..-.....=...._.xw..[;.Y..w...P./.L!.."..,.^-,Hb.w.z.........o.....-.]7......L..0...X...<..k.P...!.M[P...{..*..g.LF..L.%....G..2>.C.....w......u....F.&t..p.. .Y.....S..jX....@.$..{.D..8A...>.[0..:K(...3..c.?...>........3U.}N......c.#.4K......e..$Nx..w@.@\u:h...8gw.......]..8..Fn.n....[d@..4.......X..I..'...{..'...g.t.......`.~.4...|....tJ.

                                      Static File Info

                                      General

                                      File type:RFC 822 mail, ASCII text, with very long lines (406), with CRLF line terminators
                                      Entropy (8bit):5.977539902740067
                                      TrID:
                                      • E-Mail message (Var. 5) (54515/1) 100.00%
                                      File name:Critical security alert.eml
                                      File size:32'824 bytes
                                      MD5:924a036128c07f534a84d994336f080d
                                      SHA1:f203a5571632b4d8bd04cd2a87aa79803ede915a
                                      SHA256:cdb2453c2ba560b75a953b37265d25bae579c7367feed37817b5656abf08b376
                                      SHA512:184b8f28d2631cfe0f6d02dfad62e2a959a76758fc8b87aa4ab91ee4607ce08ca5fd36be4f8943e405b8ee89fecd4f60f49f89f28b0a82147bdbd1d9fa2db043
                                      SSDEEP:768:7UEzC0R0U6fxwTh3A6impbD9jjB/wGjGgOm7QmchpfAkShEmvgI:7UEzJeDxEgebTVOm8mwfAkShEmvr
                                      TLSH:0EE227C255541017F53A0A982B403D2DA7607A1F9DEB9DC039EE60AB9FAB0370F9778D
                                      File Content Preview:Received: from DU2PR03MB7911.eurprd03.prod.outlook.com (2603:10a6:10:2d6::23).. by AS8PR03MB6982.eurprd03.prod.outlook.com with HTTPS; Fri, 25 Apr 2025.. 16:13:34 +0000..Received: from DU2PR04CA0232.eurprd04.prod.outlook.com (2603:10a6:10:2b1::27).. by DU

                                      Static Mail

                                      General

                                      Subject:Critical security alert
                                      From:Google <no-reply@accounts.google.com>
                                      To:matt.thompson@cardfactory.co.uk
                                      Cc:
                                      BCC:
                                      Date:Fri, 25 Apr 2025 00:25:50 +0000
                                      Communications:
                                      • CAUTION: This email originated from outside of the organisation. If in doubt please use the report message button to Security. [image: Google] Some of your saved passwords were found online matt.thompson@cardfactory.co.uk Some of your saved passwords were found in a data breach from a site or app that you use. Your Google Account is not affected. To secure your accounts, Google Password Manager recommends changing your passwords now. Check passwords <https://eu-west-1.protection.sophos.com?d=google.com&u=aHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tL0FjY291bnRDaG9vc2VyP0VtYWlsPW1hdHQudGhvbXBzb25AY2FyZGZhY3RvcnkuY28udWsmY29udGludWU9aHR0cHM6Ly9wYXNzd29yZHMuZ29vZ2xlLmNvbS9jaGVja3VwL3N0YXJ0P3BjX21zZyUzRDElMjZ1dG1fc291cmNlJTNEcGNfbmJwZCUyNnV0bV9tZWRpdW0lM0RlbWFpbA==&p=m&i=NWFkZGJjYmEwYTEzYjExNzAwMzFhMGZk&t=WFJZY3lTV1NoNGk5cWZ3UDN0UzBWSzJEb2s4c2xpd0E2MHpFSWgwVmZVVT0=&h=94a2aab585484a3e87cfdab5695ddaa5&s=AVNPUEhUT0NFTkNSWVBUSVbx6cs9dVCixt5oSo5QvUOjyDr0cY0aPXHX8p2uqaGghAxDqk-teqV9d_dsVmfQf_Nq7bcUnmYnkppfOEF60qGG> You can also see security activity at https://eu-west-1.protection.sophos.com?d=google.com&u=aHR0cHM6Ly9teWFjY291bnQuZ29vZ2xlLmNvbS9ub3RpZmljYXRpb25z&p=m&i=NWFkZGJjYmEwYTEzYjExNzAwMzFhMGZk&t=V3FLam5yaWRQN1ZlV0VDSm9TMTNqMGJwWEhGcTM0SmNMS3MrWmZhd2p4WT0=&h=94a2aab585484a3e87cfdab5695ddaa5&s=AVNPUEhUT0NFTkNSWVBUSVbx6cs9dVCixt5oSo5QvUOjyDr0cY0aPXHX8p2uqaGghAxDqk-teqV9d_dsVmfQf_Nq7bcUnmYnkppfOEF60qGG You received this email to let you know about important changes to your Google Account and services. 2025 Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
                                      Attachments:
                                        Key Value
                                        Receivedby mail-io1-xd49.google.com with SMTP id ca18e2360f4ac-85c552b10b9so219657739f.1 for <matt.thompson@cardfactory.co.uk>; Fri, 25 Apr 2025 09:13:25 -0700 (PDT)
                                        Authentication-Resultsspf=softfail (sender IP is 198.154.180.199) smtp.mailfrom=gaia.bounces.google.com; dkim=fail (body hash did not verify) header.d=accounts.google.com;dmarc=fail action=oreject header.from=accounts.google.com;compauth=none reason=454
                                        Received-SPFPass (protection.outlook.com: domain of gaia.bounces.google.com designates 2607:f8b0:4864:20::d49 as permitted sender) receiver=protection.outlook.com; client-ip=2607:f8b0:4864:20::d49; helo=mail-io1-xd49.google.com; pr=C
                                        X-Sophos-Product-TypeMailflow
                                        X-Sophos-Email-ID94a2aab585484a3e87cfdab5695ddaa5
                                        Authentication-Results-Originalspf=pass (sender IP is 2607:f8b0:4864:20::d49) smtp.mailfrom=gaia.bounces.google.com; dkim=pass (signature was verified) header.d=accounts.google.com;dmarc=pass action=none header.from=accounts.google.com;compauth=pass reason=100
                                        DKIM-Signaturev=1; a=rsa-sha256; c=relaxed/relaxed; d=accounts.google.com; s=20230601; t=1745597604; x=1746202404; darn=cardfactory.co.uk; h=to:from:subject:message-id:feedback-id:date:mime-version:from:to:cc :subject:date:message-id:reply-to; bh=Ek812IsBJr8PZelz8bEGXJ/UnayjghB/Jwn8ONTc5GI=; b=FK8TR585teR9C3GzxooaL8XFT5YRp5tmZ8HhVtio22BrL5e8p9WlmB9SijyJP1aWZT +MICl59AVbqNEBcB6AsBhCMO5W511gZpg2EzF4h3WONW8oZzoN4f0wkEtIqN1bdeMJ8n XBSmJ126w2qzgUrvPJhl9yH2WnQZ+YsRfaaU2rpAYxum7jqOTJQSWeNv4ro2Ipw1UVla tP2+NjTUj/zo4nfadSZiaYng1+5X0AjyqD2KiSnXuP+ctlcHSY/Z1H1GA7rEoDxPdIsv f7t1hqQ0Qcpl0Q8L7kCI9IOBXh2OfpfJd3meXrWBnvt0Jhqa6ntukhnxt6Ts0a1cjj+g yHzg==
                                        X-Google-DKIM-Signaturev=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745597604; x=1746202404; h=to:from:subject:message-id:feedback-id:date:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Ek812IsBJr8PZelz8bEGXJ/UnayjghB/Jwn8ONTc5GI=; b=v6sYrKLA9E5WeMwyt107973rTRtN7SF2+J8FEmf7oK7FxG6kth01EHrx0xo54AvScj +R/33J1UMOD2JShUJ250UgYmb4bnLKmNlUGcIr1/0IBdpsHdmGNUQL60NKu6ve3DF4BK Z4D6bImvh0ShDjEcNHZ7cOYBF2gfoeYLSZGD3G1TNzOcnl4bvh+Yqum0HfiOTW084Erx CQw3G5ZNn3L9JCfi9rAxN5eoIwe9tKGyLqgstvedQ8fQuFbLnuZ5bGuMWrstuXSJlNAA lre0OPHIaz/B1fDfm8bTjCFNPYFfCbj2nvOZErO4mI0B7pjeBUibgRU/mwvi4oqgWVYN Fj8A==
                                        X-Gm-Message-StateAOJu0YwZV3CBmblNX8d24GuFvH6zlDWu4uPSCQV2ao5HDlx7JNA50rbC 3qz0pHeQ2TA+twj33SZW/9erWA++jDTKqNBpyUMVoLaNEsgM8gW+EU3kPDjSCEej4EHr9JBVGrK GvyADR0XcCG5GWsbtCP/mmzgt80a6Hc2s6AY=
                                        X-Google-Smtp-SourceAGHT+IE1m5bgBePzPZbp0C0IfoyaSZi/NZGoM1fYVoAnDOBfKHx+e6VgKEMUwdJCC/+Nl6Txs1gRZF3UjmffNEIZTWseiA==
                                        X-Receivedby 2002:a05:6602:4813:b0:85e:1879:c708 with SMTP id ca18e2360f4ac-8645cc87aa0mr317637939f.1.1745597604327; Fri, 25 Apr 2025 09:13:24 -0700 (PDT)
                                        DateFri, 25 Apr 2025 00:25:50 +0000
                                        X-Account-Notification-Type335
                                        Feedback-ID335:account-notifier
                                        X-Notificationsdb8c59d4e44a0000
                                        X-Notifications-Bounce-InfoAb2lIHVl2Vd-qCyNJ-2Tr3FRexJRvcBA8cPGa6Z8dM2STAtanHa4JVji8c2CTxp9VBHWo3x2wDdqZuAmBSgtgcwEeTw6eILW0Y_7rrQceds-0x6iYE2LWMHHU_BjMzNVRsRewwQR2IFT-Ogu6jaumnKHmnoBRuOA7ffdj8UudEPlFXHya1xKhS2wOOPfEi9i-We2aWoBBRHddLuVOoI_be9ft05YqBOPNjAwNjA0MDQxNTM1NTk2OTMzMg
                                        Message-ID<_1Awtqkazs3Pym0ZP5PaJg@notifications.google.com>
                                        SubjectCritical security alert
                                        FromGoogle <no-reply@accounts.google.com>
                                        Tomatt.thompson@cardfactory.co.uk
                                        Content-Typemultipart/alternative; boundary="00000000000020723106339c9dcc"
                                        X-EOPAttributedMessage1
                                        X-EOPTenantAttributedMessage7956b84e-0c99-46b5-81c6-28689cfa7221:1
                                        X-MS-TrafficTypeDiagnosticDU6PEPF0000A7E0:EE_|AM7PR03MB6451:EE_|DB5PEPF00014B96:EE_|DU2PR03MB7911:EE_|AS8PR03MB6982:EE_
                                        X-MS-Office365-Filtering-Correlation-Id12ea28ef-b76a-48c4-912f-08dd84141f40
                                        X-Microsoft-Antispam-UntrustedBCL:3; ARA:13230040|5083199021|69100299015|5082899009|4092899012|5062899012|3092899012|13012899012|2092899012|12012899012|3072899012|43022699015|13102899012|7093399015|4076899003|8096899003|7053199007|13003099007;
                                        X-Microsoft-Antispam-Message-Info-Original7nyfJa/mqZBVA1km2Vu6Dd2MiF0RCi7E0IPzLNJ9trR+usjHSWeptnh72o5Dk3dej4GDvUCU4NHmdwMYFWUc8C42CiYBaNCXlf3rXpJz+xUwjt2310u0aoztyc13zQMb2Xua+55Tzhluw6dFxGKeVlbMi22PDq0vk1Pi8ypylwEQ3prbqWYAGFCDnSbp0fqE4dAOVmbtICyAlsg5sfSEr9kDx1cHntSKjBb4vwX4TGcKgMtWgCum1nKC3XXd8DEJ+5LTwA3kqHrBi9AbCsisPv1xl6qakwCh/eZ86AxSjdt16coEOwD9e8/vXCvxBR3d3z39qWeOYFvzqVQqG1Ns01MPNeYq32W87x1KbXxX2TKfXrzAXqT+ii/+CUA9Znp/0CaHZWHUk3/vW54WIA9AGaUouTK9ikoz3BPf6zTTDmdxpMKhHbBBZ+bPed16M64fiLjq7ETGcnf7XtU7ocfVmo39Y5S7fZT+uko3WNPqJNHzzb6zJzbGQKCdBK+LRvj8vRF18QLG4oAbQ3Ze4BYqmWokuadpHM8h+B/XqiCOGERtybpivhyq/fdTCqRgWSU9CNx7g8hZqYN7UdKJOz0EN2iJz1M9eTy33OZhlXa85OU8oU4tVIQBHvxjQ63mTrk6KmX9+BlDd4zmHNEjtlR3NYaRhsClU1emkH8wyjdYjOCS5DwZZ9GWXvM/WBbiatbQ9lxeCaA6P/qfjrPLfj2H/cxqJDuT7Cfc/8JPPTcPi3bEMeoF1uK/+WGUFR25RbpSRN/2wS9E09e5qnYvOJBpd967DykO8L5XP3eGBaUiESojaaoQtjIf/oI8hHyJzDPdg0RsA8Qk4F+Ep4/IbxLzrqnPXQI8BNDprj8PlwLxPMdccQ5fSuZS2TfIiiwVeqIC3TUANFGp/6soBbIPeNhZf6NkedCG/3e97TJKZ769QTWlZhHM05xM2kYyIb6QjZk59s5X9x8rhOGyyW8+kd0KmCHQ+X+pp31omeBRgOSEr1q3TlOXoGok7vQbsJlSM516EnuAVO745AVZpjg27/L094zKZQgM2TKUgjtRx7W6Es6hAvYU83XGdXKwQO2zsKedb0GOesisFVGiKgpT7jOZq1WLC9ojVNdwPPXkiezFTxV3jzwfR61EESIHlPmjU9ldpkMWSQxtmIR9B5QNG37aNWGfe3p7Be1eK0XfDxHSngdyZ3tmmjxdmfugEaeQdfbV70o86/DgVJGSLZUKR3hRucaT4mGyAt/HShYClklS9XOG2Gz6FilDuupJIAnes9IqpyrBu5y3mztPozUfWOiosp4RhNGxfsseDWY7OPdcidnYm+Aj2IyAmnNpHjm2394GLk28ioDBYHUWHBo/dBg1noqBhi1a3h0I5TDIES5ZGUz15iEHaVMCfYTHx1vKgCFNAnvJRvVOMR0FSM5J0q1i6S/+uVqGCTspGYDZQWvf60fprTNKzQ31vpTPJp9lGXrz9/gyxsOiRM96WbTM2Z2WVsAdR+y+6omTp7ynl/jvmNOjyw59S0gV3ub3zmZpr1TeDnmaJmez6xg5xO6x9jT0Soba8svzM+9ulaffQ3Of0Odc5Z4w2N9H4bXogK0QnoVNZvUHILMsk7B/etDLJ60B18mEh5cqUA24OJa96WgV7vBkC8tj0K9NLaaIGLQzxO5+KeasapuIBRxipC1bwfeMbPn6P6yIhsANOWoWZcx1O+/JZQt6PIzAfXQ0g+KP5KC5VazIzsdAo0vSNK4MgU/vydumgcc9v9FZZ2rYnNTBiSipAVg7ChTHPNI0AljVjHS0kryKHEDajFLswrjlSsuNISrRFXv5SzlSV3BgoUrnmQR/80T2wL+L7VgUSm7mjdfYSOZYZjpTAchrdgpTVUJp+CUwq7oyK15caaJFjUywD7MHtVjQ38pNV9UctGDODlB8m7Zwl7ihd3on438VSF8xsneNiZzTD4nwX/AR3PQYQDOp6eV8Yfg2Qc3TxxmzDbKZbUicYBf6mPZPX879ZyMwHZuBWyT4bOjBY7sDVLDFHHQJqKQGiWsxa6SsJNZJfCDiUD28F+YplSz7h+YVB5Nl3b1wnMXLpSGbsyv+7ku6Igk=
                                        X-Forefront-Antispam-Report-UntrustedCIP:2607:f8b0:4864:20::d49; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail-io1-xd49.google.com; PTR:mail-io1-xd49.google.com; CAT:NONE; SFS:(13230040)(5083199021)(69100299015)(5082899009)(4092899012)(5062899012)(3092899012)(13012899012)(2092899012)(12012899012)(3072899012)(43022699015)(13102899012)(7093399015)(4076899003)(8096899003)(7053199007)(13003099007); DIR:INB;
                                        X-MS-Exchange-Transport-CrossTenantHeadersStampedDU2PR03MB7911
                                        Content-Transfer-Encoding8bit
                                        X-Sophos-Email-Scan-Details27140d1e1540510e7e771140550e7d75
                                        X-Sophos-Email[eu-west-1] Antispam-Engine: 6.0.1, AntispamData: 2025.4.25.151228
                                        X-Sophos-SenderHistoryip=104.47.18.108, fs=28135929, fso=168911306, da=239056216, mc=257065, sc=3326, hc=253739, sp=1, re=9, sd=1, hd=29
                                        X-Sophos-DomainHistoryd=google.com, fs=86631203, fso=94559506, da=99799040, mc=70792475, sc=72476, hc=70719999, sp=0, re=80, sd=0, hd=30
                                        X-LASED-SpamProbability0.115373
                                        X-LASED-HitsAUTH_RES_PASS 0.000000, BODYTEXTH_SIZE_10000_LESS 0.000000, BODYTEXTH_SIZE_3000_MORE 0.000000, BODYTEXTP_SIZE_3000_LESS 0.000000, BODY_SIZE_6000_6999 0.000000, BODY_SIZE_7000_LESS 0.000000, DATE_IN_PAST_12_24 0.776000, DKIM_ALIGNS 0.000000, DKIM_SIGNATURE 0.000000, DQ_S_H 0.000000, ECARD_KNOWN_DOMAINS 0.000000, FROM_NAME_ONE_WORD 0.050000, HEX28_LC_NOT_GOOGLE 0.000000, HREF_LABEL_TEXT_NO_URI 0.000000, HREF_LABEL_TEXT_ONLY 0.000000, HTML_70_90 0.100000, IMP_FROM_NOTSELF 0.000000, INBOUND_SOPHOS 0.000000, INBOUND_SOPHOS_TOP_REGIONS 0.000000, KNOWN_MTA_TFX 0.000000, LINK_TO_IMAGE 0.000000, NO_FUR_HEADER 0.000000, SINGLE_HREF_LABEL_PHISH_HI 0.000000, SINGLE_HREF_LABEL_PHISH_MED 0.000000, SINGLE_HREF_URI_IN_BODY 0.000000, SINGLE_HREF_URI_WITH_EMAIL 0.000000, SINGLE_URI_IN_BODY 0.000000, SXL_IP_TFX_WM 0.000000, TEXT_DIR_LTR_ONLY 0.000000, URI_WITH_PATH_ONLY 0.000000, WEBMAIL_SOURCE 0.000000, __ANY_URI 0.000000, __ATTACH_CTE_BASE64 0.000000, __ATTACH_CTE_QUOTED_PRINTABLE 0.000000, __AUTH_RES_CEMA_DMARC_PASS 0.000000, __AUTH_RES_CEMA_SPF_PASS 0.000000, __AUTH_RES_CEMA_SPF_PASS_POL 0.000000, __AUTH_RES_DKIM_PASS 0.000000, __AUTH_RES_DMARC_PASS 0.000000, __AUTH_RES_PASS 0.000000, __BODY_NO_MAILTO 0.000000, __BODY_TEXT_X4 0.000000, __CP_MEDIA_BODY 0.000000, __CP_URI_IN_BODY 0.000000, __CT 0.000000, __CTYPE_HAS_BOUNDARY 0.000000, __CTYPE_MULTIPART 0.000000, __CTYPE_MULTIPART_ALT 0.000000, __DKIM_ALIGNS_1 0.000000, __DKIM_ALIGNS_2 0.000000, __DQ_D_H 0.000000, __DQ_IP_FSO_LARGE 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000, __DQ_NEG_IP 0.000000, __DQ_S_DOMAIN_HD_10_P 0.000000, __DQ_S_DOMAIN_HD_1_P 0.000000, __DQ_S_DOMAIN_HD_20_P 0.000000, __DQ_S_DOMAIN_HD_30 0.000000, __DQ_S_DOMAIN_HD_5_P 0.000000, __DQ_S_DOMAIN_HIST_1 0.000000, __DQ_S_DOMAIN_MC_100_P 0.000000, __DQ_S_DOMAIN_MC_10_P 0.000000, __DQ_S_DOMAIN_MC_1K_P 0.000000, __DQ_S_DOMAIN_MC_1_P 0.000000, __DQ_S_DOMAIN_MC_50_P 0.000000, __DQ_S_DOMAIN_MC_5_P 0.000000, __DQ_S_DOMAIN_RE_99_L 0.000000, __DQ_S_DOMAIN_SC_100_P 0.000000, __DQ_S_DOMAIN_SC_10_P 0.000000, __DQ_S_DOMAIN_SC_1_P 0.000000, __DQ_S_DOMAIN_SC_5_P 0.000000, __DQ_S_DOMAIN_SP_0_P 0.000000, __DQ_S_HIST_1 0.000000, __DQ_S_HIST_2 0.000000, __DQ_S_IP_HD_10_P 0.000000, __DQ_S_IP_MC_100_P 0.000000, __DQ_S_IP_MC_10_P 0.000000, __DQ_S_IP_MC_1K_P 0.000000, __DQ_S_IP_MC_1_P 0.000000, __DQ_S_IP_MC_5_P 0.000000, __DQ_S_IP_RE_49_L 0.000000, __DQ_S_IP_RE_99_L 0.000000, __DQ_S_IP_RE_9_L 0.000000, __DQ_S_IP_SC_100_P 0.000000, __DQ_S_IP_SC_10_P 0.000000, __DQ_S_IP_SC_1_P 0.000000, __DQ_S_IP_SC_5_P 0.000000, __DQ_S_IP_SD_1_P 0.000000, __FRAUD_NEGATE 0.000000, __FROM_NOREPLY 0.000000, __FUR_RDNS_OUTLOOK 0.000000, __HAS_FROM 0.000000, __HAS_HTML 0.000000, __HAS_MSGID 0.000000, __HAS_X_FF_ASR 0.000000, __HAS_X_FF_ASR_CAT 0.000000, __HAS_X_FF_ASR_SFV 0.000000, __HEADER_ORDER_FROM 0.000000, __HEX28_LC_BOUNDARY 0.000000, __HREF_LABEL_PHISH 0.000000, __HREF_LABEL_TEXT 0.000000, __HTML_AHREF_TAG 0.000000, __HTML_BOLD 0.000000, __HTML_DIR_LTR 0.000000, __HTML_TAG_CENTER 0.000000, __HTML_TAG_DIV 0.000000, __HTML_TAG_IMG_X2 0.000000, __HTML_TAG_TABLE 0.000000, __HTTPS_URI 0.000000, __HTTP_IMAGE_TAG 0.000000, __IMG_THEN_TEXT 0.000000, __IMP_FROM_NOTSELF 0.000000, __INBOUND_SOPHOS_EU_WEST_1 0.000000, __INVOICE_MULTILINGUAL 0.000000, __JSON_HAS_MODELS 0.000000, __JSON_HAS_SCHEMA_VERSION 0.000000, __JSON_HAS_SENDER_AUTH 0.000000, __JSON_HAS_TENANT_DOMAINS 0.000000, __JSON_HAS_TENANT_ID 0.000000, __JSON_HAS_TENANT_SCHEMA_VERSION 0.000000, __JSON_HAS_TENANT_VIPS 0.000000, __JSON_HAS_TRACKING_ID 0.000000, __MIME_HTML 0.000000, __MIME_TEXT_H 0.000000, __MIME_TEXT_H1 0.000000, __MIME_TEXT_H2 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_TEXT_P2 0.000000, __MIME_VERSION 0.000000, __MTHREAT_0 0.000000, __MTL_0 0.000000, __MULTIPLE_URI_TEXT 0.000000, __PASSWORD_IN_BODY 0.000000, __PHISH_PHRASE3 0.000000, __PHISH_SPEAR_NEGATE 0.000000, __PHISH_SPEAR_SUBJECT 0.000000, __PHISH_SPEAR_SUBJ_ALERT 0.000000, __PHISH_SPEAR_SUBJ_SUBJECT 0.000000, __PHISH_SUBJ_PHRASE2 0.000000, __PRODUCT_TYPE_MAILFLOW 0.000000, __RCVD_FROM_IPV6_FF 0.000000, __RCVD_GOOGLE_IPV6 0.000000, __RCVD_PASS 0.000000, __RDNS_WEBMAIL 0.000000, __SANE_MSGID 0.000000, __SCAN_DETAILS 0.000000, __SCAN_DETAILS_SANE 0.000000, __SCAN_DETAILS_TL_0 0.000000, __SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_DOMAIN 0.000000, __SCAN_D_NEG_FROM_DOMAIN 0.000000, __SINGLE_URI_MPART_BOTH 0.000000, __STOCK_PHRASE_7 0.000000, __STYLE_RATWARE_NEG 0.000000, __STYLE_TAG 0.000000, __SUBJ_ALPHA_END 0.000000, __TAG_EXISTS_BODY 0.000000, __TAG_EXISTS_HEAD 0.000000, __TAG_EXISTS_HTML 0.000000, __TAG_EXISTS_META 0.000000, __TEXT_DIR_LTR 0.000000, __TO_MALFORMED_2 0.000000, __TO_NO_NAME 0.000000, __URI_EMAIL_IN_QUERY 0.000000, __URI_IN_BODY 0.000000, __URI_IN_BODY_HTTP_X10 0.000000, __URI_MAILTO 0.000000, __URI_NOT_IMG 0.000000, __URI_NS 0.000000, __URI_REDIR 0.000000, __URI_WITH_PATH 0.000000, __X_FF_ASR_SCL_NSP 0.000000, __X_FF_ASR_SFV_NSPM 0.000000, __X_GM_MESSAGE_STATE 0.000000, __X_GOOGLE_DKIM_SIGNATURE 0.000000, __X_GOOGLE_SMTP_SOURCE 0.000000, __YOUTUBE_RCVD 0.000000
                                        X-LASED-ImpersonationFalse
                                        X-LASED-SpamNonSpam
                                        X-Sophos-MH-Mail-Info-KeyNFprZERxMjAybnpUZ0N3LTE3Mi4xOS4wLjE0OQ==
                                        Return-Path3pLQLaAgTAIMuv-ylws5hjjv1u0z.nvvnsl.jvt@gaia.bounces.google.com
                                        X-MS-Exchange-Organization-ExpirationStartTime25 Apr 2025 16:13:31.5015 (UTC)
                                        X-MS-Exchange-Organization-ExpirationStartTimeReasonOriginalSubmit
                                        X-MS-Exchange-Organization-ExpirationInterval1:00:00:00.0000000
                                        X-MS-Exchange-Organization-ExpirationIntervalReasonOriginalSubmit
                                        X-MS-Exchange-Organization-Network-Message-Id12ea28ef-b76a-48c4-912f-08dd84141f40
                                        X-MS-Exchange-Organization-MessageDirectionalityIncoming
                                        X-MS-Exchange-Transport-CrossTenantHeadersStrippedDB5PEPF00014B96.eurprd02.prod.outlook.com
                                        X-MS-PublicTrafficTypeEmail
                                        X-MS-Exchange-Organization-AuthSourceDB5PEPF00014B96.eurprd02.prod.outlook.com
                                        X-MS-Exchange-Organization-AuthAsAnonymous
                                        X-MS-Office365-Filtering-Correlation-Id-Prvs7784b229-fc7e-493f-a905-08dd84141bdf
                                        X-MS-Exchange-Organization-SCL-1
                                        X-Microsoft-AntispamBCL:3;ARA:13230040|69100299015|5082899009|5062899012|4092899012|13102899012|3072899012|3092899012|2092899012|13012899012|43022699015|7093399015|12012899012|35042699022|13003099007|4076899003|8096899003|7053199007;
                                        X-Forefront-Antispam-ReportCIP:198.154.180.199;CTRY:US;LANG:en;SCL:-1;SRV:;IPV:NLI;SFV:SKN;H:mfid-euw1.prod.hydra.sophos.com;PTR:mfid-euw1.prod.hydra.sophos.com;CAT:NONE;SFS:(13230040)(69100299015)(5082899009)(5062899012)(4092899012)(13102899012)(3072899012)(3092899012)(2092899012)(13012899012)(43022699015)(7093399015)(12012899012)(35042699022)(13003099007)(4076899003)(8096899003)(7053199007);DIR:INB;
                                        X-MS-Exchange-CrossTenant-OriginalArrivalTime25 Apr 2025 16:13:31.4569 (UTC)
                                        X-MS-Exchange-CrossTenant-Network-Message-Id12ea28ef-b76a-48c4-912f-08dd84141f40
                                        X-MS-Exchange-CrossTenant-Id7956b84e-0c99-46b5-81c6-28689cfa7221
                                        X-MS-Exchange-CrossTenant-AuthSourceDB5PEPF00014B96.eurprd02.prod.outlook.com
                                        X-MS-Exchange-CrossTenant-AuthAsAnonymous
                                        X-MS-Exchange-CrossTenant-FromEntityHeaderInternet
                                        X-MS-Exchange-Transport-EndToEndLatency00:00:02.7597035
                                        X-MS-Exchange-Processed-By-BccFoldering15.20.8678.021
                                        X-Microsoft-Antispam-Mailbox-Delivery ucf:0;jmr:0;auth:0;dest:I;ENG:(910005)(944506478)(944626604)(920097)(930097)(140003);
                                        X-Microsoft-Antispam-Message-Info 7lqg5j0ko0ndOKzxdUPOv41IsLAWYAPMiE9fFjwEEh2dfP0r2eQOAzXV+n9mZU1DT4fmiZY1+Erycwfdpp2msh5SoUNBKlMl7VBven6FJLczqMdGrBqPqCAAbEoXc1gfMleutXqquAJ+r9P5OuR7iDou5wYpMtC6qsVlzq33GO4dxyd6AdrEqPje0zP8UzGErxSRJ6yEldDhLWFFnRglTrLY1Wx5iASujWQHhOqLIpL2gbwlmHQwU4qTE8aW9NYuwyx97Wr1cxF8ornGyKm1mySr9MF46pv84Y7EoFsaTCiKvdmBY0fdcyQwxnkEx2rM6nnnvw/4Y3KzKwnWxLC4EUvynQCp8JVfiDHHlcMWA47R2QLM2cHwVezK2f+dq5rjU5oeHPbfa4+AfWJlrsxG7xwXYo5RT+88X2CM4BVJCla18nsYYqkICNOl33D2lQ76Lqsd0ybug+XzHL3dvXItJzswXRuOr/kl3J+U/fDsc6ff0/3NJ3B31X1+uupDOh4GaX06TDzyxoNqN0tRUeYdUxmyNae0/Kx91UhZzT5zQi5ML+zny7h3ui1CzZtvLbogy1L+9wDBjWO1q0Z8ndsxiCWH3uf21Bb1t1XMatSUrCTQGOOnFOHwX6NPPHgsw/9xxr5DpKoaGLp/hu58EIlpSnrA8j6P/sK4bDY9zvXRpoQB2WEqaGOxoAze3vVaTPDmDWwW4L1fk6unUHVcGUujkBi+uENqnunyScfeav8Zec0olKroqypxlrElA+I5e+VHEJVDqhujJvTr6L98BOYuJhfRF+edeKzU71LQvDM5m58tNMLdsSrkdExk2im6IFIqhyekpZPQgbe9QaUzR7J/DITIcYqUxBEA5N+wOuW4lVil9wIyq5psCAHfbthR8ZYwOGtdDAJ5b3EmW5/baRR7+NHQeX2GeKX483k3YrMO2daTYTst/+rNz8vvUdM5qPA8f8mKdZ1UkMI4oUbaJZoJVQJsEo2cfM9+iuGXHuWAgwF65brOruH3YXk8XhhfOznvtvpyJS9p0x/JO2eXR1JZmevh3dI/iy8RACoegDAzDySJgGR6A5qXXptcMPQjceh5WPraXtH0ngSYdSp2D1DP3QENxwsZYUwq1aE4x2ZFW5zhhQF7P6V3FZT04Nf1vt1EUd9u58kGsTyruK/rHxdr1Zg+BFEjlan6smmagSZYs3VCf+znlCbBY7KiXt49uP/Dpt2sYmrZBuECzCXx5JmKZpKUuO9sk68VNpq8PqPy7XuMmfcuiibB89ALbNfieKEgiwzMWQ4mfg3kvoKIw9gePClOgAHr/S19M/hsYvOY1bv1Du6JrQ5VO5pVVO8Hnc+F819krNHWLsJORPVusjx6Mb3Mbgh6a1qgrpJAR5bARWa6ObOBSUIrkQF/OzWtAATgDVBPgLWzIzrAHtIt/XUcJtvv6blj38Zm9DIuidC1D+Uny3tvSsoSY8xEbeAeV/7dPMyfoRKM/3h6bjWuxQxBrPFRkZqywOLudrQSZOOOlSgj/WYAEDeXH05/Gnj2jKf3F4wOZW9CG+Ece9wf4coePcKNlgW/O/7NsFECHtRZpYPmrOYFZ2vttt0/mSiSuZ0dZdGIfg6PzHJJKHiPjYeNa5l4u679h6dGgzk9sStdGNXzm7NAV3CivGi73sWfokQd00paINbWpVUek4n9rBb3WgCB5jTN0YW+ujOP+033VwPj+jKb+3l/pq9pjcRLiwiokbZswi9zSB8sl1UqXuGYgsChar7XHTUa3vCKoY6e6V7mS1Z5MAowjmIjDE0MouptDzsXyCzLlC8DhdoCBThNI6Up+AqtMmDjMySeNAdXx/xgKDcYtIgQl4jqjVADHHmLzwUBSALcRg+3RPyXRlijnp3enKRDqJ+E4Ue8QClspW1IrBFQU774BE2lq0EGLl0g/MT+uSjTidGsa/e5v8Bc1Y9wrA2CPH4i/DBOAUCrPc0SvexZvlQl7gyANUagFGBpz+LOJ83bOpp0Rbp8k/VQPtOS+VaaRBsDNkuSVqV4tSmrIPtxhL3Id3lz2fwuobwGdxDA9lLXOUFdtOoB9ZBZGTaTpn21rVqpU1m8h3AxSC4NkQ3Ubfpq/uOIawgVXI/bcfb0gaPpOVG/DebEFxv3fedO1UNApaET51+B6/3g5n3eWUGH4imDkfToFDHg2EoyDGYAWwHuhcbYqsYZSY3oldDnBZbt7I5AR8WKbmsO1GYQUE4RzGS6dhl31QniNMjA/o55Svo8PYkjiMESp0p9gZbIQ8hb4ONBbmy67pSLKpm+T8/pP7oTi/rv8tdrepC043DWAqHHh+N+vhiFuKxU3w==
                                        MIME-Version1.0

                                        File Icon

                                        Icon Hash:46070c0a8e0c67d6