Edit tour
Windows
Analysis Report
https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654
Overview
General Information
| Sample URL: | https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D# |
| Analysis ID: | 1447350 |
 | |
Detection
| Score: | 3 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 80% |
Signatures
Connects to several IPs in different countries
Detected non-DNS traffic on DNS port
Executes massive DNS lookups (> 100)
Found iframes
HTML body with high number of embedded SVGs detected
HTML title does not match URL
Stores files to the Windows start menu directory
Classification
- System is w10x64_ra
chrome.exe (PID: 3552 cmdline: "C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// www.ack.ne t/contests /?utm_sour ce=The+Inq uirer+and+ Mirror+New sletter&ut m_campaign =b12e41642 0-EMAIL_CA MPAIGN_202 4_05_21_05 _10_COPY_0 1&utm_medi um=email&u tm_term=0_ -501d27be6 8-%5BLIST_ EMAIL_ID%5 D#/gallery ?group=483 654 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 4176 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2028 --fi eld-trial- handle=194 0,i,680801 9166968838 632,615350 1397650066 301,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No yara matches
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
There are no malicious signatures, click here to show all signatures.
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | DNS traffic detected: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Classification label: | ||
| Source: | File created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Window detected: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | Acquire Infrastructure | 1 Drive-by Compromise | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
| Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Avira URL Cloud | safe |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Avira URL Cloud | safe |
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| securepubads.g.doubleclick.net | 172.217.18.2 | true | false | unknown | |
| um.simpli.fi | 34.91.62.186 | true | false | unknown | |
| tls13.taboola.map.fastly.net | 151.101.129.44 | true | false | unknown | |
| static.nl3.vip.prod.criteo.net | 178.250.1.3 | true | false | unknown | |
| global.px.quantserve.com | 91.228.74.244 | true | false | unknown | |
| ssum.casalemedia.com | 172.64.151.101 | true | false | unknown | |
| id5-sync.com | 162.19.138.120 | true | false | unknown | |
| d-ams1.turn.com | 46.228.164.13 | true | false | unknown | |
| live.rezync.com | 18.238.243.61 | true | false | unknown | |
| rtb.openx.net | 35.227.252.103 | true | false | unknown | |
| platform.twitter.map.fastly.net | 146.75.120.157 | true | false | unknown | |
| bttrack.com | 192.132.33.69 | true | false | unknown | |
| 1.cpm.ak-is2.net | 77.245.57.72 | true | false | unknown | |
| stats.g.doubleclick.net | 142.250.110.157 | true | false | unknown | |
| mwzeom.zeotap.com | 172.67.40.173 | true | false | unknown | |
| ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | 3.75.62.37 | true | false | unknown | |
| api.intentiq.com | 18.239.50.17 | true | false | unknown | |
| dsum.casalemedia.com | 104.18.36.155 | true | false | unknown | |
| openrtb-dc11.axonix.com | 155.204.117.1 | true | false | unknown | |
| www.google.com | 172.217.18.4 | true | false | unknown | |
| sync.intentiq.com | 52.222.149.10 | true | false | unknown | |
| lb.eu-1-id5-sync.com | 162.19.138.82 | true | false | unknown | |
| bcp.crwdcntrl.net | 52.49.45.15 | true | false | unknown | |
| sync1.intentiq.com | 18.66.196.40 | true | false | unknown | |
| match.adsrvr.org | 52.223.40.198 | true | false | unknown | |
| router.infolinks.com | 172.66.41.9 | true | false | unknown | |
| match.prod.bidr.io | 34.251.183.115 | true | false | unknown | |
| ow-lhrc.pubmnet.com | 185.64.190.84 | true | false | unknown | |
| pagead-googlehosted.l.google.com | 216.58.206.65 | true | false | unknown | |
| chidc2.outbrain.org | 50.31.142.159 | true | false | unknown | |
| creativecdn.com | 185.184.8.90 | true | false | unknown | |
| pugm-lhrc.pubmnet.com | 185.64.190.78 | true | false | unknown | |
| uip.semasio.net | 77.243.51.121 | true | false | unknown | |
| zeta-ssp-385516103.us-east-1.elb.amazonaws.com | 52.20.226.171 | true | false | unknown | |
| events-ssc.33across.com | 34.117.239.71 | true | false | unknown | |
| pug-lhr-bc.pubmnet.com | 185.64.191.210 | true | false | unknown | |
| pixel-sync.sitescout.com | 34.36.216.150 | true | false | unknown | |
| pixel.onaudience.com | 141.94.171.213 | true | false | unknown | |
| euw-ice.360yield.com | 52.18.168.73 | true | false | unknown | |
| warp.media.net | 2.19.100.239 | true | false | unknown | |
| oajs.openx.net | 34.120.107.143 | true | false | unknown | |
| ssum-sec.casalemedia.com | 104.18.36.155 | true | false | unknown | |
| googleads.g.doubleclick.net | 142.250.181.226 | true | false | unknown | |
| hblg.media.net | 104.119.108.27 | true | false | unknown | |
| rtb.adgrx.com | 54.217.19.5 | true | false | unknown | |
| istrp.adform.net | 37.157.2.250 | true | false | unknown | |
| widget.us5.vip.prod.criteo.com | 74.119.117.16 | true | false | unknown | |
| iad-2-sync.go.sonobi.com | 69.166.1.66 | true | false | unknown | |
| am1-direct-bgp.contextweb.com | 208.93.169.131 | true | false | unknown | |
| oa.openxcdn.net | 34.102.146.192 | true | false | unknown | |
| de.tynt.com | 67.202.105.32 | true | false | unknown | |
| adservice.google.com | 142.250.185.66 | true | false | unknown | |
| hde.tynt.com | 67.202.105.33 | true | false | unknown | |
| pixel-eu.onaudience.com | 141.94.171.215 | true | false | unknown | |
| core.iprom.net | 195.5.165.20 | true | false | unknown | |
| contextual.media.net | 23.35.228.23 | true | false | unknown | |
| scontent.xx.fbcdn.net | 157.240.253.1 | true | false | unknown | |
| widget.nl3.vip.prod.criteo.com | 178.250.1.9 | true | false | unknown | |
| spug-lhrc.pubmnet.com | 185.64.190.81 | true | false | unknown | |
| rtb.adentifi.com | 54.83.114.132 | true | false | unknown | |
| id.a-mx.com | 79.127.216.47 | true | false | unknown | |
| ssbsync-euw1.smartadserver.com | 89.149.192.76 | true | false | unknown | |
| cx.serverbid.com | 159.89.246.130 | true | false | unknown | |
| ad.mrtnsvr.com | 34.102.163.6 | true | false | unknown | |
| sync.srv.stackadapt.com | 54.164.102.167 | true | false | unknown | |
| d1x4rwm1kh8pnu.cloudfront.net | 18.66.121.216 | true | false | unknown | |
| cdn.id5-sync.com | 172.67.38.106 | true | false | unknown | |
| d5p.de17a.com | 213.155.156.181 | true | false | unknown | |
| pixel.tapad.com | 34.111.113.62 | true | false | unknown | |
| pippio.com | 107.178.254.65 | true | false | unknown | |
| ssp.ads.betweendigital.com | 188.42.191.196 | true | false | unknown | |
| sync.ipredictive.com | 54.163.32.160 | true | false | unknown | |
| s.amazon-adsystem.com | 52.46.128.147 | true | false | unknown | |
| aax-eu.amazon-adsystem.com | 52.95.115.196 | true | false | unknown | |
| imgsync-amsfpairbc.pubmnet.com | 198.47.127.18 | true | false | unknown | |
| thumbnails.infolinks.com | 172.66.42.247 | true | false | unknown | |
| syndication.twitter.com | 104.244.42.136 | true | false | unknown | |
| mml1.melia.com | 109.232.197.110 | true | false | unknown | |
| trace.mediago.io | 35.208.249.213 | true | false | unknown | |
| ipac.ctnsnet.com | 35.186.193.173 | true | false | unknown | |
| outspot2-ams.adx.opera.com | 82.145.213.8 | true | false | unknown | |
| match.adsby.bidtheatre.com | 134.122.57.34 | true | false | unknown | |
| ib.anycast.adnxs.com | 37.252.171.85 | true | false | unknown | |
| dsp.nrich.ai | 51.68.39.188 | true | false | unknown | |
| matching.truffle.bid | 23.88.86.2 | true | false | unknown | |
| uipus.semasio.net | 50.57.31.206 | true | false | unknown | |
| jsdelivr.map.fastly.net | 151.101.193.229 | true | false | unknown | |
| d2avimlm6gq3h9.cloudfront.net | 18.239.87.194 | true | false | unknown | |
| lax1-ib.adnxs.com | 104.254.151.36 | true | false | unknown | |
| eu-eb2.3lift.com | 76.223.111.18 | true | false | unknown | |
| 1x1.a-mo.net | 18.184.248.131 | true | false | unknown | |
| livepixel-production.bln.liveintent.com | 3.82.81.96 | true | false | unknown | |
| sync.crwdcntrl.net | 54.77.98.227 | true | false | unknown | |
| rtb-csync-euw1.smartadserver.com | 81.17.55.116 | true | false | unknown | |
| cm.g.doubleclick.net | 142.250.184.226 | true | false | unknown | |
| ds-pr-bh.ybp.gysm.yahoodns.net | 54.77.179.61 | true | false | unknown | |
| sync.1rx.io | 46.228.174.117 | true | false | unknown | |
| idaas-ext.cph.liveintent.com | 34.203.21.209 | true | false | unknown | |
| spug-amsfpairbc.pubmnet.com | 198.47.127.20 | true | false | unknown | |
| star-mini.c10r.facebook.com | 157.240.252.35 | true | false | unknown |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false |
| unknown | |
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 145.40.97.67 | am6-prebid.a-mx.net | Netherlands | 34108 | BREEDBANDDELFTNL | false | |
| 145.40.97.66 | unknown | Netherlands | 34108 | BREEDBANDDELFTNL | false | |
| 104.18.24.173 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
| 142.250.185.226 | unknown | United States | 15169 | GOOGLEUS | false | |
| 142.250.185.227 | unknown | United States | 15169 | GOOGLEUS | false | |
| 88.221.169.246 | unknown | European Union | 16625 | AKAMAI-ASUS | false | |
| 198.47.127.205 | pug-ams-bc.pubmnet.com | United States | 62713 | AS-PUBMATICUS | false | |
| 37.252.171.52 | unknown | European Union | 29990 | ASN-APPNEXUS | false | |
| 159.89.246.130 | cx.serverbid.com | United States | 14061 | DIGITALOCEAN-ASNUS | false | |
| 172.217.18.4 | www.google.com | United States | 15169 | GOOGLEUS | false | |
| 142.250.185.234 | unknown | United States | 15169 | GOOGLEUS | false | |
| 34.241.112.102 | unknown | United States | 16509 | AMAZON-02US | false | |
| 151.101.130.49 | unknown | United States | 54113 | FASTLYUS | false | |
| 216.58.206.42 | unknown | United States | 15169 | GOOGLEUS | false | |
| 99.86.91.41 | unknown | United States | 16509 | AMAZON-02US | false | |
| 142.250.185.238 | unknown | United States | 15169 | GOOGLEUS | false | |
| 3.92.155.74 | unknown | United States | 14618 | AMAZON-AESUS | false | |
| 172.217.18.2 | securepubads.g.doubleclick.net | United States | 15169 | GOOGLEUS | false | |
| 2.19.100.239 | warp.media.net | European Union | 16625 | AKAMAI-ASUS | false | |
| 107.178.254.65 | pippio.com | United States | 15169 | GOOGLEUS | false | |
| 239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
| 142.250.186.142 | unknown | United States | 15169 | GOOGLEUS | false | |
| 134.122.57.34 | match.adsby.bidtheatre.com | United States | 14061 | DIGITALOCEAN-ASNUS | false | |
| 23.88.86.2 | matching.truffle.bid | United States | 18978 | ENZUINC-US | false | |
| 37.157.6.232 | unknown | Denmark | 198622 | ADFORMDK | false | |
| 52.95.115.196 | aax-eu.amazon-adsystem.com | United States | 16509 | AMAZON-02US | false | |
| 141.95.98.64 | unknown | Germany | 680 | DFNVereinzurFoerderungeinesDeutschenForschungsnetzese | false | |
| 142.250.186.130 | unknown | United States | 15169 | GOOGLEUS | false | |
| 52.49.45.15 | bcp.crwdcntrl.net | United States | 16509 | AMAZON-02US | false | |
| 216.58.206.33 | unknown | United States | 15169 | GOOGLEUS | false | |
| 104.254.151.36 | lax1-ib.adnxs.com | United States | 29990 | ASN-APPNEXUS | false | |
| 141.94.171.213 | pixel.onaudience.com | Germany | 680 | DFNVereinzurFoerderungeinesDeutschenForschungsnetzese | false | |
| 184.73.49.33 | idx.cph.liveintent.com | United States | 14618 | AMAZON-AESUS | false | |
| 208.93.169.131 | am1-direct-bgp.contextweb.com | United States | 26228 | SERVEPATHUS | false | |
| 3.69.205.38 | elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com | United States | 16509 | AMAZON-02US | false | |
| 74.125.206.84 | unknown | United States | 15169 | GOOGLEUS | false | |
| 104.119.108.27 | hblg.media.net | United States | 16625 | AKAMAI-ASUS | false | |
| 37.157.2.250 | istrp.adform.net | Denmark | 198622 | ADFORMDK | false | |
| 162.19.138.120 | id5-sync.com | United States | 209 | CENTURYLINK-US-LEGACY-QWESTUS | false | |
| 54.77.179.61 | ds-pr-bh.ybp.gysm.yahoodns.net | United States | 16509 | AMAZON-02US | false | |
| 18.184.248.131 | 1x1.a-mo.net | United States | 16509 | AMAZON-02US | false | |
| 89.149.192.76 | ssbsync-euw1.smartadserver.com | Netherlands | 60781 | LEASEWEB-NL-AMS-01NetherlandsNL | false | |
| 142.250.186.131 | unknown | United States | 15169 | GOOGLEUS | false | |
| 34.203.21.209 | idaas-ext.cph.liveintent.com | United States | 14618 | AMAZON-AESUS | false | |
| 142.250.186.138 | unknown | United States | 15169 | GOOGLEUS | false | |
| 178.250.1.9 | widget.nl3.vip.prod.criteo.com | France | 44788 | ASN-CRITEO-EUROPEFR | false | |
| 35.186.154.107 | cm-supply-web.gammaplatform.com | United States | 15169 | GOOGLEUS | false | |
| 2.18.96.187 | unknown | European Union | 20940 | AKAMAI-ASN1EU | false | |
| 88.221.124.22 | unknown | European Union | 16625 | AKAMAI-ASUS | false | |
| 178.250.1.3 | static.nl3.vip.prod.criteo.net | France | 44788 | ASN-CRITEO-EUROPEFR | false | |
| 13.32.27.23 | s.ad.smaato.net | United States | 7018 | ATT-INTERNET4US | false | |
| 18.239.87.194 | d2avimlm6gq3h9.cloudfront.net | United States | 16509 | AMAZON-02US | false | |
| 18.208.18.19 | unknown | United States | 14618 | AMAZON-AESUS | false | |
| 142.250.181.226 | googleads.g.doubleclick.net | United States | 15169 | GOOGLEUS | false | |
| 34.102.163.6 | ad.mrtnsvr.com | United States | 15169 | GOOGLEUS | false | |
| 141.94.171.215 | pixel-eu.onaudience.com | Germany | 680 | DFNVereinzurFoerderungeinesDeutschenForschungsnetzese | false | |
| 157.240.253.1 | scontent.xx.fbcdn.net | United States | 32934 | FACEBOOKUS | false | |
| 46.228.174.117 | sync.1rx.io | United Kingdom | 56396 | TURNGB | false | |
| 91.228.74.244 | global.px.quantserve.com | United Kingdom | 27281 | QUANTCASTUS | false | |
| 151.101.193.229 | jsdelivr.map.fastly.net | United States | 54113 | FASTLYUS | false | |
| 52.222.149.10 | sync.intentiq.com | United States | 16509 | AMAZON-02US | false | |
| 52.58.37.188 | cs.emxdgt.com | United States | 16509 | AMAZON-02US | false | |
| 37.157.5.132 | unknown | Denmark | 198622 | ADFORMDK | false | |
| 69.173.151.100 | unknown | United States | 26667 | RUBICONPROJECTUS | false | |
| 2.23.197.190 | unknown | European Union | 1273 | CWVodafoneGroupPLCEU | false | |
| 34.120.107.143 | oajs.openx.net | United States | 15169 | GOOGLEUS | false | |
| 154.54.250.80 | unknown | United States | 26558 | FREEWHEELUS | false | |
| 142.250.184.225 | unknown | United States | 15169 | GOOGLEUS | false | |
| 142.250.184.226 | cm.g.doubleclick.net | United States | 15169 | GOOGLEUS | false | |
| 142.250.184.227 | unknown | United States | 15169 | GOOGLEUS | false | |
| 198.47.127.20 | spug-amsfpairbc.pubmnet.com | United States | 62713 | AS-PUBMATICUS | false | |
| 162.19.138.82 | lb.eu-1-id5-sync.com | United States | 209 | CENTURYLINK-US-LEGACY-QWESTUS | false | |
| 18.238.243.61 | live.rezync.com | United States | 16509 | AMAZON-02US | false | |
| 2.19.96.104 | unknown | European Union | 20940 | AKAMAI-ASN1EU | false | |
| 3.75.62.37 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | United States | 16509 | AMAZON-02US | false | |
| 108.156.46.14 | d26da0dx1ebj70.cloudfront.net | United States | 16509 | AMAZON-02US | false | |
| 172.64.152.89 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
| 104.16.133.24 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
| 8.2.110.161 | cm-x.mgid.com | United States | 46636 | NATCOWEBUS | false | |
| 104.18.36.155 | dsum.casalemedia.com | United States | 13335 | CLOUDFLARENETUS | false | |
| 13.107.42.14 | unknown | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
| 198.47.127.18 | imgsync-amsfpairbc.pubmnet.com | United States | 62713 | AS-PUBMATICUS | false | |
| 35.214.185.183 | envoy-hl.envoy-csync1.core-b8mf.ov1o.com | United States | 19527 | GOOGLE-2US | false | |
| 146.75.120.157 | platform.twitter.map.fastly.net | Sweden | 30051 | SCCGOVUS | false | |
| 142.250.184.238 | unknown | United States | 15169 | GOOGLEUS | false | |
| 141.95.171.139 | green.erne.co | Germany | 680 | DFNVereinzurFoerderungeinesDeutschenForschungsnetzese | false | |
| 172.217.18.104 | unknown | United States | 15169 | GOOGLEUS | false | |
| 188.42.191.196 | ssp.ads.betweendigital.com | Luxembourg | 7979 | SERVERS-COMUS | false | |
| 34.91.62.186 | um.simpli.fi | United States | 15169 | GOOGLEUS | false | |
| 34.117.239.71 | events-ssc.33across.com | United States | 139070 | GOOGLE-AS-APGoogleAsiaPacificPteLtdSG | false | |
| 82.145.213.8 | outspot2-ams.adx.opera.com | United Kingdom | 39832 | NO-OPERANO | false | |
| 18.239.18.118 | tags.crwdcntrl.net | United States | 16509 | AMAZON-02US | false | |
| 81.17.55.116 | rtb-csync-euw1.smartadserver.com | Netherlands | 24588 | NETPROVODOV-ASRU | false | |
| 54.88.142.103 | pxl.iqm.com | United States | 14618 | AMAZON-AESUS | false | |
| 52.222.149.36 | unknown | United States | 16509 | AMAZON-02US | false | |
| 52.29.54.89 | match-eu-central-1-ecs.sharethrough.com | United States | 16509 | AMAZON-02US | false | |
| 67.202.105.23 | pixel.33across.com | United States | 32748 | STEADFASTUS | false | |
| 172.64.151.101 | ssum.casalemedia.com | United States | 13335 | CLOUDFLARENETUS | false | |
| 52.211.130.211 | unknown | United States | 16509 | AMAZON-02US | false | |
| 54.164.102.167 | sync.srv.stackadapt.com | United States | 14618 | AMAZON-AESUS | false |
| Joe Sandbox version: | 40.0.0 Tourmaline |
| Analysis ID: | 1447350 |
| Start date and time: | 2024-05-24 21:03:14 +02:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
| Sample URL: | https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 14 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | stream |
| Analysis stop reason: | Timeout |
| Detection: | CLEAN |
| Classification: | clean3.win@59/237@563/869 |
- Exclude process from analysis (whitelisted): svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.186.131, 142.250.184.238, 74.125.206.84, 216.58.206.42, 104.16.133.24, 104.16.132.24, 34.104.35.123, 142.250.184.227, 142.250.186.66, 172.217.18.104, 142.250.185.238, 142.250.185.161, 142.250.186.138, 142.250.184.234, 172.217.16.138, 172.217.23.106, 142.250.185.74, 142.250.185.106, 142.250.181.234, 142.250.185.138, 142.250.186.74, 142.250.185.234, 142.250.185.202, 142.250.186.106, 142.250.185.170, 142.250.186.42, 216.58.212.170, 172.64.152.89, 104.18.35.167, 142.250.185.227, 142.250.185.130, 216.58.206.33
- Excluded domains from analysis (whitelisted): fonts.googleapis.com, accounts.google.com, content-autofill.googleapis.com, fonts.gstatic.com, usersync-geo-global.usersync-prod-sas.akadns.net, clientservices.googleapis.com, pagead2.googlesyndication.com, clients2.google.com, 50fcdbe305a9df1b1c334ddef504a003.safeframe.googlesyndication.com, edgedl.me.gvt1.com, cdn-ima.33across.com.cdn.cloudflare.net, www.googletagmanager.com, tpc.googlesyndication.com, xandr-g-geo.trafficmanager.net, wac.apr-8315.edgecastdns.net, clients.l.google.com, bloximages.chicago2.vip.townnews.com.cdn.cloudflare.net, www.google-analytics.com
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654
| Input | Output |
|---|---|
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The code checks for a login cookie and sets it if the user is logged in. It also processes user services. No malicious activity detected."
} |
/*<![CDATA[*/
jQuery(document).ready(function($){
var iqLogin = Cookies.get('tnt-iq-login') || false;
if (__tnt.user.loggedIn && iqLogin == false) {
if (__tnt.user.services) {
var userServices = __tnt.user.services.split(',');
for (i = 0; i < userServices.length; i++) {
var serviceData = 'has_subservice: ' + userServices[i];
}
}
Cookies.set('tnt-iq-login', 1);
}
});
/* */ | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code is related to advertisement functionality using Google Publisher Tags (GPT). It defines an ad slot and sets targeting options, which is standard for ad-serving scripts. There are no indications of malicious behavior."
} |
/*<![CDATA[*/
googletag.cmd.push(function(){
var adUnit = (window.frameElement && window.frameElement.getAttribute('data-gam-adunit')) ? window.frameElement.getAttribute('data-gam-adunit') : '/132916964,23111922244/ack.net/contests/homepage';
gptAdSlots['ad-3323184'] = googletag.defineSlot(adUnit, [1, 1], 'ad-3323184').setCollapseEmptyDiv(true).addService(googletag.pubads());
gptAdSlots['ad-3323184'].setTargeting('pos', ['impact-sticky-anchor']);
});
/* */ | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code is related to advertisement functionality using Google Publisher Tags (GPT). It defines ad slots and size mappings for responsive ads. There are no indications of malicious behavior such as data exfiltration, credential stealing, or unauthorized access attempts."
} |
/*<![CDATA[*/
googletag.cmd.push(function(){
var adUnit = (window.frameElement && window.frameElement.getAttribute('data-gam-adunit')) ? window.frameElement.getAttribute('data-gam-adunit') : '/132916964,23111922244/ack.net/contests/homepage';
var mapping = googletag.sizeMapping().addSize([320, 0], [320, 50]).addSize([768, 0], [[728, 90], [320,50]]).addSize([992, 0], [[970, 90], [728, 90], [728, 250], [970, 250]]).addSize([1200, 0], [[1170, 90], [970, 90], [728, 90], [728, 250], [970, 250]]).build();
gptAdSlots['ad-3323157'] = googletag.defineSlot(adUnit, [[320,50],[728,90],[970,90],[728,250],[970,250],[1170,90]], 'ad-3323157').defineSizeMapping(mapping).setCollapseEmptyDiv(true).addService(googletag.pubads());
gptAdSlots['ad-3323157'].setTargeting('pos', ['breakout-one']);
});
/* */ | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code does not exhibit any malicious behavior. It primarily deals with pushing subscription service IDs to a data layer, which is typically used for analytics or tracking purposes. There are no signs of phishing or other harmful activities."
} |
$(function(){
var bloxServiceIDs = [];
var bloxUserServiceIds = [];
var dataLayer = window.dataLayer || [];
bloxServiceIDs.push();
if (__tnt.user.services){
var bloxUserServiceIDs = __tnt.user.services.replace('%2C',',').split(',');
}
// GTM tncms.subscription.paid_access_service_ids
if(bloxServiceIDs){
dataLayer.push({'tncms':{'subscription':{'access_service_ids':bloxServiceIDs.toString()}}});
}
// GTM tncms.subscrption.user_service_ids
if(bloxUserServiceIDs){
dataLayer.push({'tncms':{'subscription':{'user_service_ids':bloxUserServiceIDs.toString()}}});
}
}); | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The code provided is a password visibility toggle feature, which is common in web applications to enhance user experience. It does not exhibit any malicious behavior. However, it is important to ensure that the rest of the code and the context in which this code is used are secure."
} |
/*<![CDATA[*/
document.getElementById('user-password-toggle').addEventListener('click', function() {
var passInput = document.getElementById('user-password'),
passToggle = document.getElementById('user-password-toggle'),
passIcon = passToggle.getElementsByClassName('tnt-svg')[0];
if (passInput.type === 'password') {
passInput.type = 'text';
passIcon.classList.replace('tnt-eye', 'tnt-eye-slash');
} else {
passInput.type = 'password';
passIcon.classList.replace('tnt-eye-slash', 'tnt-eye');
}
}); /* */ | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code is primarily focused on advertisement functionality, including setting targeting parameters, handling viewable impressions, and managing user IDs for ads. There are no signs of malicious behavior such as data exfiltration, credential stealing, or unauthorized access. The use of localStorage and dataLayer is consistent with standard ad tracking practices."
} |
/*<![CDATA[*/
googletag.cmd.push(function() {
googletag.pubads().setTargeting('browser', __tnt.client.browser.name);
if (__tnt.ads.dfp.targeting) {
for (var k in __tnt.ads.dfp.targeting) {
if (__tnt.ads.dfp.targeting.hasOwnProperty(k)) {
googletag.pubads().setTargeting(k,__tnt.ads.dfp.targeting[k]);
}
}
}
googletag.pubads().disableInitialLoad();
googletag.pubads().addEventListener('impressionViewable', function(event) {
for (var key in gptAdSlots) {
if (gptAdSlots[key] === event.slot && __tnt.ads.slots[key]) {
if (!__tnt.ads.slots[key].viewableImpression) __tnt.ads.slots[key].viewableImpression = true;
}
}
});
if (window.localStorage) {
var sID = window.localStorage.getItem('_us_master_id');
if (sID) {
if (window.dataLayer) {
dataLayer.push({
'tncms.ad.userstitch_id': sID
});
}
googletag.pubads().setPublisherProvidedId(sID);
}
}
googletag.pubads().enableSingleRequest();
googletag.enableServices();
});
/* */ | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 2,
"reasons": "The code collects user information such as user ID, login state, and a URL hash parameter. While this is typical for tracking purposes and not inherently malicious, it does involve handling user data, which could be a privacy concern if not managed properly."
} |
var dataLayer = window.dataLayer || [];
dataLayer.push(
{'user_id': __tnt.user.screenName},
{'user_state': __tnt.user.loggedIn ? 'logged in' : 'anonymous'},
{'utm_label': __tnt.urlHash('utm_label')}
); | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code is related to advertisement functionality using Google Publisher Tags (GPT). It defines an ad slot and sets targeting parameters. There are no indications of malicious behavior such as data exfiltration, credential stealing, or unauthorized access attempts."
} |
/*<![CDATA[*/
googletag.cmd.push(function(){
var adUnit = (window.frameElement && window.frameElement.getAttribute('data-gam-adunit')) ? window.frameElement.getAttribute('data-gam-adunit') : '/132916964,23111922244/ack.net/contests/homepage';
gptAdSlots['ad-3323181'] = googletag.defineSlot(adUnit, [2, 1], 'ad-3323181').setCollapseEmptyDiv(true).addService(googletag.pubads());
gptAdSlots['ad-3323181'].setTargeting('pos', ['impact-top']);
});
/* */ | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code primarily checks for the presence of advertisements and tracks an event if adblock is detected. It does not contain any malicious behavior such as phishing, data exfiltration, or unauthorized access to user information. The code is related to advertisement functionality, which is considered no risk."
} |
window.__tnt = window.__tnt || {};
__tnt.compatibility = __tnt.compatibility || {};
__tnt.compatibility.status = '';
__tnt.compatibility.check = function() {
if (typeof __tnt.advertisements == 'undefined') {
__tnt.compatibility.status = 'FAIL: object 0 undefined';
return false;
}
return true;
};
__tnt.compatibility.notification = function() {
};
(function() {
function compatibilityCheck() {
if (!__tnt.compatibility.check()) {
__tnt.trackEvent({
'category':'subscription',
'action':'adblock',
'label':'adblock detected',
'value':'1'
});
__tnt.compatibility.notification();
}
}
if (document.readyState != 'loading') {
compatibilityCheck();
} else {
document.addEventListener('DOMContentLoaded', compatibilityCheck);
}
})(); | |
| URL: https://googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/zrt_lookup_fy2021.html Model: Perplexity: mixtral-8x7b-instruct | ```json
{
"loginform": false,
"reasons": [
"The text does not contain any elements typically found in a login form, such as input fields for a username and password, a submit button, or labels for these elements."
]
} |
Nantucket 676 F Friday, May 24, 2024 Newsletter Q Log In Subscrih This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE CONTESTS Search... Advanced search | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The provided JavaScript code primarily handles UI interactions such as sticky navigation and drawer toggling for iOS devices. There are no indications of malicious behavior such as data exfiltration, credential harvesting, or unauthorized access. The code appears to be part of a legitimate site's functionality."
} |
/*<![CDATA[*/
!function(t,i,n){var e,a,s,o,c,d={init:function(){a=i.getElementById("site-navbar-container"),n.client.platform.ios?a.classList.add("affix-sticky"):(e=i.getElementById("main-body-container"),s=a.offsetHeight||a.clientHeight,o=!1,c=0,t.addEventListener("scroll",d.navPosition,!1),t.addEventListener("mousewheel",d.navPosition,!1))},navPosition:function(){o||(o=!0,setTimeout(function(){var n=a.getBoundingClientRect(),d=t.pageYOffset||i.documentElement.scrollTop,f=n.top+d;d>=f&&d>c?a.classList.contains("affix")||(c=f,a.classList.add("affix"),a.classList.remove("affix-top"),e.style.marginTop=s+"px"):a.classList.contains("affix-top")||(a.classList.remove("affix"),a.classList.add("affix-top"),e.style.marginTop="0px"),o=!1},25))}};"loading"==i.readyState?i.addEventListener("DOMContentLoaded",d.init,!1):d.init()}(window,document,__tnt);
document.addEventListener('DOMContentLoaded', function() {
var isIOS = /iPad|iPhone|iPod/.test(navigator.userAgent) && !window.MSStream;
if (isIOS) {
Array.from(document.querySelectorAll('[data-toggle="offcanvas"]')).forEach(function(drawer) {
drawer.addEventListener("mouseover", function(e) {
var drawerCls = drawer.dataset.target === 'left' ? 'active-left' : 'active-right';
document.documentElement.classList.add('drawer-open', drawerCls);
})
})
}
}); /* */ | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code is primarily focused on tracking user interactions and events for analytics purposes. It does not contain any elements that are indicative of malicious behavior such as phishing, data exfiltration, or unauthorized access. The code handles event tracking and integrates with Google Analytics and TNCMS Tracking, which are common practices for legitimate websites. Therefore, it poses no risk."
} |
__tnt.trackEvent = function(obj) {
if (typeof obj === 'object') {
if (obj.category && obj.action) {
__tnt.googleEvent(obj);
} else if (obj.network && obj.socialAction) {
__tnt.googleSocial(obj);
} else if (obj.url) {
__tnt.googlePageView(obj);
}
if (typeof TNCMS.Tracking != 'undefined' && obj.metric) {
TNCMS.Tracking.addEvent({
app: obj.app,
metric: obj.metric,
id: obj.uuid
});
}
}
};
if (__tnt.trackEventLater.length > 0) {
__tnt.trackEventLater.forEach(function(obj) {
__tnt.trackEvent(obj);
});
}
Array.from(document.querySelectorAll('body [data-track]')).forEach(function(el) {
el.addEventListener(__tnt.client.clickEvent, function() {
__tnt.trackEvent(JSON.parse(el.dataset.track));
});
});
Array.from(document.querySelectorAll('body [data-tncms-track-event]')).forEach(function(el) {
el.addEventListener(__tnt.client.clickEvent, function() {
__tnt.trackEvent(JSON.parse(el.dataset.tncmsTrackEvent));
});
});
Array.from(document.querySelectorAll('body [data-tncms-track-dmp]')).forEach(function(el) {
el.addEventListener(__tnt.client.clickEvent, function() {
var dmpData = el.dataset.tncmsTrackDmp;
});
}); | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The provided JavaScript code is primarily for loading and initializing the Segment analytics library. It includes functionality for tracking user interactions and loading the analytics script from a known CDN. There are no obvious signs of malicious behavior such as data exfiltration, credential stealing, or unauthorized access. The code does include a debug statement and a custom event dispatch, but these are common in analytics setups. Overall, the risk is minimal."
} |
!function(){var a=window.analytics=window.analytics||[];if(!a.initialize)if(a.invoked)window.console&&console.error&&console.error("Segment snippet included twice.");else{a.invoked=!0;a.methods="trackSubmit trackClick trackLink trackForm pageview identify reset group track ready alias debug page once off on addSourceMiddleware addIntegrationMiddleware setAnonymousId addDestinationMiddleware".split(" ");a.factory=function(b){return function(){var c=Array.prototype.slice.call(arguments);c.unshift(b);
a.push(c);return a}};for(var e=0;e<a.methods.length;e++){var f=a.methods[e];a[f]=a.factory(f)}a.load=function(b,c){var d=document.createElement("script");d.type="text/javascript";d.async=!0;d.src="https://cdn.segment.com/analytics.js/v1/"+b+"/analytics.min.js";b=document.getElementsByTagName("script")[0];b.parentNode.insertBefore(d,b);a._loadOptions=c};a._writeKey="YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6";a.SNIPPET_VERSION="4.15.3";a.debug(google_tag_manager["rm"]["61227858"](27));a.load("YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6");a.ready(function(){var b=
window.analytics.user();sUserId=null;b&&(sUserId=b.id()||b.anonymousId());b=new CustomEvent("TownnewsSegmentLoaded",{detail:{analytics:window.analytics,user_id:sUserId}});window.document.dispatchEvent(b)})}}(); | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The provided JavaScript code primarily handles form validation and event initialization, which are common in web applications. There is no evidence of malicious activity such as data exfiltration, unauthorized access, or harmful operations. The code includes form validation, event listeners, and form field copying, which are typical functionalities for enhancing user experience and ensuring data integrity. The risk score is set to 1 due to the absence of any clear malicious intent or behavior."
} |
/*<![CDATA[*/ document.addEventListener('DOMContentLoaded', function() {
$('#form-super-purchase').validate({
onkeyup: false,
errorClass: 'has-error text-danger',
errorElement: 'span',
validClass: 'has-success text-success',
highlight: function(element, errorClass, validClass) {
$(element).parents('.form-group').addClass(errorClass).removeClass(validClass);
},
unhighlight: function(element, errorClass, validClass) {
$(element).parents('.form-group').removeClass(errorClass).addClass(validClass);
},
rules: {
password_verify: {
equalTo: '#password-super-purchase',
hasSequentialNumbers: true,
hasRepeatingChars: true,
minlength: 8
}
},
messages: {
password_verify: {
equalTo: "The password you entered doesn't match.",
minlength: "Passwords must be at least 8 characters long."
}
}
});
});
(function() {
/* Check if Spreedly has already been initialized on this form */
if (!document.getElementById('form-super-purchase').classList.contains('spreedly-initialized')) {
document.getElementById('form-super-purchase').classList.add('spreedly-initialized');
window.tntPayment = document.createEvent('Event');
tntPayment.initEvent('tnt-payment',true,true,{});
window.tntShowOfferModalTab = document.createEvent('Event');
tntShowOfferModalTab.initEvent('tnt-show-offer-modal-tab',true,true,{});
window.paymentPromisesSpreedly = [];
var copyToggle = document.getElementById('same-info-super-purchase');
if (copyToggle) {
copyToggle.addEventListener("change", function(event){
if(event.target.checked){
var billingForm = document.getElementById('form-billing-location-super-purchase'),
deliveryForm = document.getElementById('form-location-super-purchase');
if(billingForm && deliveryForm){
try {
deliveryForm.querySelector('input[name=address]').value = billingForm.querySelector('input[name="postal-address"]').value;
deliveryForm.querySelector('input[name=municipality]').value = billingForm.querySelector('input[name="postal-city"]').value;
} catch (e) { /* Address, city not collected */ }
deliveryForm.querySelector('select[name=region]').value = billingForm.querySelector('select[name="postal-state"]').value;
deliveryForm.querySelector('select[name=country]').value = billingForm.querySelector('select[name="postal-country"]').value;
deliveryForm.querySelector('input[name=postal_code]').value = billingForm.querySelector('input[n | |
| URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2314059807734673&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1716577059&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32 Model: Perplexity: mixtral-8x7b-instruct | ```json
{
"loginform": false,
"reasons": [
"The text does not contain any elements typically found in a login form, such as input fields for a username and password, a submit button, or labels for these elements."
]
} |
Nantucket 676 F Friday, May 24, 2024 Newsletter Q Log In Subscrih This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE CONTESTS Search... Advanced search | |
| URL: https://50fcdbe305a9df1b1c334ddef504a003.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS c.7V1urrayg Toggery Sho Home of the Original Nantucket Reds TM 62 Main Street 508.228.0437 Search... Advanced search | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 2,
"reasons": "The JavaScript code provided appears to be related to form validation and user interaction handling on a registration form. It does not contain any obvious malicious elements such as data exfiltration, keylogging, or unauthorized access. The code includes event listeners, form validation rules, and input masking, which are common in legitimate web applications. However, without seeing the full context and considering the potential for misuse in certain scenarios, a minimal risk score is assigned."
} |
window.tntSignup = document.createEvent('Event');
tntSignup.initEvent('tnt-signup',true,true,{});
jQuery(document).ready(function($){
$('#user-register-form input').each(function(){
if( $(this).attr('data-mask') && $(this).data('mask') !== '' ){
$(this).mask( $(this).data('mask') );
}
});
if( $('#input-smslist-phone').length > 0 && $('#input-phone').length > 0 ){
$('#input-phone').change(function(){
$('#input-smslist-phone').val( $(this).val() );
});
}
document.getElementById('user-register-form').addEventListener('click', function(e) {
if (e.target.matches('.mailing-lists-select-all')) {
var inputs = document.getElementById('user-register-form')['lists[]'];
for (var i=0; i<inputs.length; i++) {
inputs[i].checked = true;
}
} else if (e.target.matches('.mailing-lists-select-none')) {
var inputs = document.getElementById('user-register-form')['lists[]'];
for (var i=0; i<inputs.length; i++) {
inputs[i].checked = false;
}
}
});
$('#user-register-form').validate({
onkeyup: false,
errorElement: 'span',
errorPlacement: function(error, element){
error.appendTo( element.parents('.form-group').find('.input-container') );
},
errorClass: 'has-error text-danger',
validClass: 'has-success text-success',
highlight: function(element, errorClass, validClass){
$(element).parents('.form-group').addClass(errorClass).removeClass(validClass);
},
unhighlight: function(element, errorClass, validClass){
$(element).parents('.form-group').removeClass(errorClass).addClass(validClass);
},
rules: {
phone: {
required: function(element){
return $('input[name="smslist_lists[]"]').is(':checked');
}
},
screen_name: {
required: false,
remote_username: __tnt.scrubUrl($('#input-username').data('check-url'))
},
password: {
hasSequentialNumbers: true,
hasRepeatingChars: true,
minlength: 8
},
password_verify: {
equalTo: '#input-password'
}
},
messages: {
| |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 2,
"reasons": "The provided JavaScript code appears to handle user subscription status and manage UI elements based on user authentication and subscription state. It does not contain any obvious signs of malicious activity such as data exfiltration, credential stealing, or unauthorized access attempts. However, it does manipulate the DOM and handles user events, which could potentially be exploited if combined with other vulnerabilities. The code is likely part of a legitimate subscription management system."
} |
/*<![CDATA[*/ window.__tnt || (window.__tnt = {});
window.__tnt.subscription || (__tnt.subscription = {});
window.__tnt.subscription.access || (__tnt.subscription.access = {});
window.userStatus = document.createEvent('Event');
userStatus.initEvent('tnt-user-status', true, true);
userStatus.version = 3;
userStatus.hasAccess = false;
userStatus.accessMethod = 'none';
userStatus.accessError = null;
window.tntPurchase = document.createEvent('Event');
tntPurchase.initEvent('tnt-purchase',true,true,{});
window.addEventListener('tnt-user-status',function(event){
var blockEl = document.getElementById('user-controls-3332742'),
subscribeButton = blockEl.querySelector('.no-services'),
manageButton = blockEl.querySelector('.has-services');
buttonWrapper = blockEl.querySelector('.aplus-user-manage');
if(__tnt.user.services){
blockEl.classList.add('user-is-subscriber');
blockEl.classList.remove('user-is-known');
blockEl.classList.remove('user-unknown');
} else if(__tnt.user.authToken){
blockEl.classList.add('user-is-known');
blockEl.classList.remove('user-is-subscriber');
blockEl.classList.remove('user-unknown');
}else{
blockEl.classList.remove('user-is-known');
blockEl.classList.remove('user-is-subscriber');
blockEl.classList.add('user-unknown');
}
});
document.addEventListener("DOMContentLoaded", function(event) {
var modalWrapper = document.getElementById('access-offers-modal'),
modalEl = null,
loginTab = document.getElementById('user-modal-tab-login'),
offersTab = document.getElementById('modal-offers-tab'),
templateEl = offersTab.querySelector('template.template-promo-service'),
headerEl = offersTab.querySelector('.offer-group-title'),
outputEl = offersTab.querySelector('.output'),
accessMethods = document.getElementById('access-methods'),
purchaseTab = document.getElementById('user-modal-tab-purchase'),
purchaseForm = document.getElementById('form-super-purchase'),
purchaseRateDisplay = document.getElementById('user-purchase-rate'),
previewMode =false,
limit = 3,
context = "organic",
legacyContext = "Block",
siteNameEl = document.head.querySelector('meta[property="og:site_name"]'),
siteName = "",
purchaseMenuOption = document.getElementById('purchase-menu-toggle-3332742'),
purchaseLinkOnLoginModal = document.getElementById('user-modal-purchase-toggle');
if(siteNameEl){ siteName = siteNameEl.content }
if(modalWrapper){ modalEl = modalWrapper.querySelector('.modal') }
if(purchaseLinkOnLoginModal && !purchaseLinkOnLoginModal.getAttribute('data-offer')){
var sOfferId = "";
purchaseLinkOnLoginModal.setAttribute('data-offer', sOfferId);
purchaseLinkOnLoginModal.setAttribute('data-context', co | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 2,
"reasons": "The JavaScript code appears to be related to form validation and event handling for a purchase form. It includes functionality for validating password fields, copying address information between forms, and initializing payment events. There is no evident malicious behavior such as data exfiltration, keylogging, or unauthorized network requests. However, the code does handle sensitive information like passwords and addresses, which warrants a low risk score due to the potential for misuse if the site itself is compromised."
} |
/*<![CDATA[*/ document.addEventListener('DOMContentLoaded', function() {
$('#form-super-purchase').validate({
onkeyup: false,
errorClass: 'has-error text-danger',
errorElement: 'span',
validClass: 'has-success text-success',
highlight: function(element, errorClass, validClass) {
$(element).parents('.form-group').addClass(errorClass).removeClass(validClass);
},
unhighlight: function(element, errorClass, validClass) {
$(element).parents('.form-group').removeClass(errorClass).addClass(validClass);
},
rules: {
password_verify: {
equalTo: '#password-super-purchase',
hasSequentialNumbers: true,
hasRepeatingChars: true,
minlength: 8
}
},
messages: {
password_verify: {
equalTo: "The password you entered doesn't match.",
minlength: "Passwords must be at least 8 characters long."
}
}
});
});
(function() {
/* Check if Spreedly has already been initialized on this form */
if (!document.getElementById('form-super-purchase').classList.contains('spreedly-initialized')) {
document.getElementById('form-super-purchase').classList.add('spreedly-initialized');
window.tntPayment = document.createEvent('Event');
tntPayment.initEvent('tnt-payment',true,true,{});
window.tntShowOfferModalTab = document.createEvent('Event');
tntShowOfferModalTab.initEvent('tnt-show-offer-modal-tab',true,true,{});
window.paymentPromisesSpreedly = [];
var copyToggle = document.getElementById('same-info-super-purchase');
if (copyToggle) {
copyToggle.addEventListener("change", function(event){
if(event.target.checked){
var billingForm = document.getElementById('form-billing-location-super-purchase'),
deliveryForm = document.getElementById('form-location-super-purchase');
if(billingForm && deliveryForm){
try {
deliveryForm.querySelector('input[name=address]').value = billingForm.querySelector('input[name="postal-address"]').value;
deliveryForm.querySelector('input[name=municipality]').value = billingForm.querySelector('input[name="postal-city"]').value;
} catch (e) { /* Address, city not collected */ }
deliveryForm.querySelector('select[name=region]').value = billingForm.querySelector('select[name="postal-state"]').value;
deliveryForm.querySelector('select[name=country]').value = billingForm.querySelector('select[name="postal-country"]').value;
deliveryForm.querySelector('input[name=postal_code]').value = billingForm.querySelector('input[n | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS c.7V1urrayg Toggery Sho Home of the Original Nantucket Reds TM 62 Main Street 508.228.0437 Search... Advanced search | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code is related to advertisement functionality using Google Publisher Tags (GPT). It defines ad slots and size mappings for displaying ads. There is no indication of malicious behavior such as phishing, data exfiltration, or unauthorized access to sensitive information."
} |
/*<![CDATA[*/
googletag.cmd.push(function(){
var adUnit = (window.frameElement && window.frameElement.getAttribute('data-gam-adunit')) ? window.frameElement.getAttribute('data-gam-adunit') : '/132916964,23111922244/ack.net/contests/homepage';
var mapping = googletag.sizeMapping().addSize([320, 0], [[300, 250], [320, 50]]).addSize([768, 0], [[300, 250], [320, 50]]).addSize([992, 0], [[300, 250], [300,600]]).addSize([1200, 0], [[300, 250], [300,600]]).build();
gptAdSlots['ad-3323160'] = googletag.defineSlot(adUnit, [[300,250],[320,50],[300,600]], 'ad-3323160').defineSizeMapping(mapping).setCollapseEmptyDiv(true).addService(googletag.pubads());
gptAdSlots['ad-3323160'].setTargeting('pos', ['rectangle-one']);
});
/* */ | |
| URL: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90 Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS c.7V1urrayg Toggery Sho Home of the Original Nantucket Reds TM 62 Main Street 508.228.0437 Search... Advanced search | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code appears to be related to advertisement functionality from a known ad service (Google DoubleClick). There are no indications of malicious behavior in the code snippet provided."
} |
vu("https://securepubads.g.doubleclick.net/pcs/view?xai\x3dAKAOjsscpJzxiFxoHlEW8TDSal5-HEBoEIQPfT0_d5Oa5lxAECusxq78-deAdvbwsulAPvTKlskql3pwF3q3u3qt9xNpocw6c_aFVJgK49Y2icz64i4VkYLrGLLXpW76lFUW22aROsmglEhLkh3-SgAyhhpFX990Ji-8mqNwIcrhzMTNbKr77ksTJXeYilJUK3rG_XhMxjWovPqxYPJ_gpKKCHEeNJOONwGD-i9onLcB8uTQd0jIaWs9ZD7-fjVjyGI87CTflvVO0Xm8AX2xzh4kW9zuA3OV9Nmw8o2ZNXMvMmfb4epHMHcaq5pq1x2g_tZLdG4bULDhmSGidLykqrlJ7fc5fcg4veMs0loXXHrJy7rvkegD\x26sai\x3dAMfl-YSCJ7NRerdXXzUFtv9ADSzGsiB3mn9eX2UpsBLioUzSDKm3kIg-59uKXwyewFAlb3ip7EhuTOIa3FbpVmcVCJt7IKWnPHS0L9tGcdjGCu6utokAC2ZDaj-Crg2vh70nXYv14bGHCjhxuputPPdd_63F\x26sig\x3dCg0ArKJSzEGndVmYqwPjEAE\x26uach_m\x3d%5BUACH%5D\x26adurl\x3d") | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The JavaScript code primarily deals with tracking, advertisement detection, and responsive design breakpoints. It includes Google Tag Manager integration and checks for ad blockers. There are no evident signs of malicious behavior such as phishing attempts, data exfiltration, or unauthorized access to sensitive information. The risk score is set to 1 due to the presence of tracking functionality, but this is considered low risk."
} |
(function(){var tnsrc=window.location.hash.match(/[&#]tncms-source=([^&]+)/);var dl = window.dataLayer = window.dataLayer || [];dl.push({"townnews":{"product":{"software":"BLOX","version":"1.77.2"},"crm":{"group_id":null}},"tncms":{"template":{"version":"3.155.0"},"page":{"grid":"ample","style":"default","path":"\/contests","app":"editorial","theme":"flex","skin":"flex-editorial","http_status":200},"system":{"render_time":318},"client":{"is_bot":"no","is_gdpr":"no"}}});if (tnsrc && tnsrc[1]) {dl.push({'tncms.campaign.internal_source': tnsrc[1]});}window.addEventListener("DOMContentLoaded", function(oEvent) {var oTest = document.createElement('div');oTest.innerHTML = ' ';oTest.className = 'adsbox';document.body.appendChild(oTest);var nTimeoutID = window.setTimeout(function() {if (oTest.offsetHeight === 0) {dl.push({'event': 'tncms.ad.blocked'});}document.body.removeChild(oTest);window.clearTimeout(nTimeoutID);}, 100);});var nWidth=Math.max(document.documentElement.clientWidth, window.innerWidth || 0),aBPs=[[300,"Extra small: Most smartphones."],[768,"Small: Tablet devices."],[992,"Medium: Laptops & landscape tablets."],[1200,"Large: Desktop computers."]],i,c,aThisBP,aBP;for(i=0,c=aBPs.length;i<c;i++){aThisBP=aBPs[i];if(aBP===undefined||aThisBP[0]<=nWidth){aBP=aThisBP;}}if(aBP!==undefined){dl.push({'tncms.client.breakpoint':aBP[1]});}(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'tncms.start':new Date().getTime(),event:'tncms.start'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-PDQV3N');})(); | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The provided JavaScript code primarily handles form submission and input focus behavior for a search form. It includes basic input validation and sanitization by removing question marks from the query. There are no indications of malicious activities such as data exfiltration, unauthorized access, or harmful manipulations. The risk score is set to 1 due to the minimal potential for user experience issues if the input validation is not comprehensive."
} |
/*<![CDATA[*/ (function(d) {
var form = d.getElementById('site-search-3323205'),
query_input = d.getElementById('site-search-3323205-term'),
search_dropdown = d.getElementById('site-search-3323205-dropdown');
/** Input focus */
try {
search_dropdown.onmouseenter = function(){
setTimeout(function(){
query_input.focus();
}, 700);
};
} catch (error) {
// No dropdown behavior
}
/** Submit handler */
form.onsubmit = function(){
// Filter query
var elem = document.querySelector("#site-search-3323205 input[name=q]"),
sQueryFiltered = elem.value.replace(/\?/g, '');
elem.value = sQueryFiltered;
// No submit if empty input
if( query_input.val() ){
return true;
} else{
return false;
}
};})(document); /* */ | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code appears to be a URL related to Google DoubleClick, which is commonly used for advertisement purposes. There are no indications of malicious behavior in the code snippet provided."
} |
vu("https://securepubads.g.doubleclick.net/pcs/view?xai\x3dAKAOjsss9Olec4aE9WZSLjavsGuIVDsdWfJIqEAZkU6il7EF9QpSgbEoOxRJtSdPULqNu5apYkEG5R91LODsnvgiL2cbb14-8cqRH53ofsqBaoz6h0WICpGH9djdx_85PGQV0wtuTqCIdiYjRmcf5evQN7YWu-NuQPa2-1oV_QRkl7KKAtExYkk8WMGBKDf8oqZrNWJD0q-_7Cztnqa-UTrfuAiwmFxHLDl2QilEzYMfUp1s2FNlTpDaUid_m_DudqQ2j8RcCrNQkOmKhhwGw74smfKlKnsfWRVbItKHdgkIZPDhsX870elPv2QM28zPmgjGX_XvkBYjLgrAh3lkzZkb-g0YCSN3oNhPC0o8pulPwUsxcB0L\x26sai\x3dAMfl-YRWJEJwB4o0FnCLZ_rB1XFTtu-5MKgcohcVcqhEWpAo1B1TUDk6W-D16t-ySQ-V6EEKeA7lZGEOsQqASr8JecAFlS27WzGlV8f79pzUGD8N5wCKWBw7qT09rxfJmS8lrLIkdSys1-yXNSD_rsU-uWGg\x26sig\x3dCg0ArKJSzFFLS5ON8Ou9EAE\x26uach_m\x3d%5BUACH%5D\x26adurl\x3d") | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code appears to be part of the Google Closure Library, which is a legitimate and widely-used library for optimizing and managing JavaScript code. There are no indications of malicious behavior such as data exfiltration, credential harvesting, or other harmful activities."
} |
(function(){'use strict';/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ var l=this||self;function m(a){a:{var b=["CLOSURE_FLAGS"];for(var c=l,d=0;d<b.length;d++)if(c=c[b[d]],null==c){b=null;break a}b=c}a=b&&b[a];return null!=a?a:!1};var p=m(610401301),r=m(188588736);var t;const u=l.navigator;t=u?u.userAgentData||null:null;function v(a){return p?t?t.brands.some(({brand:b})=>b&&-1!=b.indexOf(a)):!1:!1}function w(a){var b;a:{if(b=l.navigator)if(b=b.userAgent)break a;b=""}return-1!=b.indexOf(a)};function x(){return p?!!t&&0<t.brands.length:!1}function y(){return x()?v("Chromium"):(w("Chrome")||w("CriOS"))&&!(x()?0:w("Edge"))||w("Silk")};!w("Android")||y();y();w("Safari")&&(y()||(x()?0:w("Coast"))||(x()?0:w("Opera"))||(x()?0:w("Edge"))||(x()?v("Microsoft Edge"):w("Edg/"))||x()&&v("Opera"));var z=Symbol();var A={},B={};function C(a){return!(!a||"object"!==typeof a||a.o!==B)}function F(a){return null!==a&&"object"===typeof a&&!Array.isArray(a)&&a.constructor===Object}let G;function H(a,b,c){if(!Array.isArray(a)||a.length)return!1;const d=a[z]|0;if(d&1)return!0;if(!(b&&(Array.isArray(b)?b.includes(c):b.has(c))))return!1;a[z]=d|1;return!0}class I{}class J{}Object.freeze(new I);Object.freeze(new J);let K;function L(a,b){return M(b)}function M(a){switch(typeof a){case "number":return isFinite(a)?a:String(a);case "boolean":return a?1:0;case "object":if(a)if(Array.isArray(a)){if(H(a,void 0,0))return}else if(null!=a&&a instanceof Uint8Array){let b="",c=0;const d=a.length-10240;for(;c<d;)b+=String.fromCharCode.apply(null,a.subarray(c,c+=10240));b+=String.fromCharCode.apply(null,c?a.subarray(c):a);return btoa(b)}}return a};function N(a,b,c,d,f){if(null!=a){if(Array.isArray(a))a=H(a,void 0,0)?void 0:f&&(a[z]|0)&2?a:O(a,b,c,void 0!==d,f);else if(F(a)){const k={};for(let e in a)k[e]=N(a[e],b,c,d,f);a=k}else a=b(a,d);return a}}function O(a,b,c,d,f){const k=d||c?a[z]|0:0;d=d?!!(k&32):void 0;a=Array.prototype.slice.call(a);for(let e=0;e<a.length;e++)a[e]=N(a[e],b,c,d,f);c&&c(k,a);return a}function P(a){return a.l===A?a.toJSON():M(a)};function Q(a,b,c){if(null!=c&&"string"!==typeof c)throw Error();a=a.g;let d=a[z];if(d&2)throw Error();a:{var f=d>>14&1023;f=0===f?536870912:f;if(b>=f){let k,e=d;if(d&256)k=a[a.length-1];else{if(null==c)break a;k=a[f+(+!!(d&512)-1)]={};e|=256}k[b]=c;b<f&&(a[b+(+!!(d&512)-1)]=void 0);e!==d&&(a[z]=e)}else a[b+(+!!(d&512)-1)]=c,d&256&&(c=a[a.length-1],b in c&&delete c[b])}};var S=class{constructor(){a:{var a=void 0;null==a&&(a=K);K=void 0;if(null==a){var b=96;a=[]}else{if(!Array.isArray(a))throw Error("narr");b=a[z]|0;if(b&2048)throw Error("farr");if(b&64)break a;var c=a;b|=64;var d=c.length;if(d&&(--d,F(c[d]))){b|=256;c=d-(+!!(b&512)-1);if(1024<=c)throw Error("pvtlmt");b=b&-16760833|(c&1023)<<14}}a[z]=b}this.g=a}toJSON(){return G?R(this,this.g,!1):R(this,O(this.g,P,void 0,void 0,!1),!0)}};S.prototype.l=A;S.prototype.toString=function(){return R(this,this.g,!1).toString()}; function R(a,b,c){var d=r?void 0:a | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided code appears to be a URL for a Google DoubleClick advertisement. It includes tracking parameters and hexadecimal strings, which are common in ad URLs. There is no indication of malicious behavior."
} |
vu("https://securepubads.g.doubleclick.net/pcs/view?xai\x3dAKAOjssw1JbuWdoGMV5_KU7eo8pJAb_m0NIwUYYHPO_-FMKRqYd37SINfDsPRrWxrjKtH-LaooUvSVaVHYx2IvQwkdvXA0OZcgn7bHByNUOOwVUwcAvi8yj376mayIZMVx1TI3_xuIB18xtsHNIvo0XFVFVA2fTrKZTnFtVXMapNXM1oKaGkBItubQ2NfiY0LKB9e98lMjhMGewv-txTQEpG4x6pN6U9isIvZ3u1vHZe9yK0cL7ekHPl_YvQ63Sn4ZfOH4HitarOw5Dl_wKPm7-hG58Mlo7bhE9r1rU9FKMAwbQhCHVxvjVv0mbuRMj8KVyuLcWTORbFfJYQikRHM-DpWRWpLou2EOiw0UJyjWZzfk7uoZ2SpVwE\x26sai\x3dAMfl-YTGzBg4mq21tfDoJU6Uq8TJ0yt6HoEETqITSkDz2Rj_Nn9OLNoLXjXgh9RtYtQ-kQrmL61mPJpMNmB87b3CesLyBeq3yhHJc__6BJiverdn3Q83UyCNBon3J0iJcG7X_tE1TgAIvAge27mFnnucvtK5\x26sig\x3dCg0ArKJSzO1gMD7B5BM3EAE\x26uach_m\x3d%5BUACH%5D\x26urlfix\x3d1\x26adurl\x3d") | |
| URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS c.7V1urrayg Toggery Sho Home of the Original Nantucket Reds TM 62 Main Street 508.228.0437 Search... Advanced search | |
| URL: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code appears to be part of a legitimate library, likely related to Google. It includes common utility functions for handling symbols, iterators, and object properties. There are no indications of malicious behavior such as data exfiltration, credential harvesting, or unauthorized access attempts."
} |
/*
Copyright 2022 Google LLC
SPDX-License-Identifier: Apache-2.0
*/
var m,aa,ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ca="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a},da=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");},ea=da(this),fa="function"===typeof Symbol&&"symbol"===typeof Symbol("x"),q={},ha={},v=function(a,b,c){if(!c||null!=a){c=ha[b];if(null==c)return a[b];c=a[c];return void 0!==c?c:a[b]}},w=function(a,b,c){if(b)a:{var d=a.split(".");a=1===d.length;var e=d[0],g;!a&&e in q?g=q:g=ea;for(e=0;e<d.length-1;e++){var f=d[e];if(!(f in g))break a;g=g[f]}d=d[d.length-1];c=fa&&"es6"===c?g[d]:null;b=b(c);null!=b&&(a?ca(q,d,{configurable:!0,writable:!0,value:b}):b!==c&&(void 0===ha[d]&&(a=1E9*Math.random()>>>0,ha[d]=fa?ea.Symbol(d):"$jscp$"+a+"$"+d),ca(g,ha[d],{configurable:!0,writable:!0,value:b})))}};w("Symbol",function(a){if(a)return a;var b=function(g,f){this.g=g;ca(this,"description",{configurable:!0,writable:!0,value:f})};b.prototype.toString=function(){return this.g};var c="jscomp_symbol_"+(1E9*Math.random()>>>0)+"_",d=0,e=function(g){if(this instanceof e)throw new TypeError("Symbol is not a constructor");return new b(c+(g||"")+"_"+d++,g)};return e},"es6");w("Symbol.iterator",function(a){if(a)return a;a=(0,q.Symbol)("Symbol.iterator");for(var b="Array Int8Array Uint8Array Uint8ClampedArray Int16Array Uint16Array Int32Array Uint32Array Float32Array Float64Array".split(" "),c=0;c<b.length;c++){var d=ea[b[c]];"function"===typeof d&&"function"!=typeof d.prototype[a]&&ca(d.prototype,a,{configurable:!0,writable:!0,value:function(){return ia(ba(this))}})}return a},"es6");var ia=function(a){a={next:a};a[v(q.Symbol,"iterator")]=function(){return this};return a},ja=function(a){return a.raw=a},x=function(a){var b="undefined"!=typeof q.Symbol&&v(q.Symbol,"iterator")&&a[v(q.Symbol,"iterator")];if(b)return b.call(a);if("number"==typeof a.length)return{next:ba(a)};throw Error(String(a)+" is not an iterable or ArrayLike");},ka=function(a){if(!(a instanceof Array)){a=x(a);for(var b,c=[];!(b=a.next()).done;)c.push(b.value);a=c}return a},la=function(a,b){return Object.prototype.hasOwnProperty.call(a,b)},ma=fa&&"function"==typeof v(Object,"assign")?v(Object,"assign"):function(a,b){for(var c=1;c<arguments.length;c++){var d=arguments[c];if(d)for(var e in d)la(d,e)&&(a[e]=d[e])}return a};w("Object.assign",function(a){return a||ma},"es6");var na="function"==typeof Object.create?Object.create:function(a){var b=function(){};b.prototype=a;return new b},oa;if(fa&&"function"==typeof v(Object,"setPrototypeOf"))oa=v(Object,"setPrototypeOf");else{var pa;a:{var qa={a:!0},ra={};try{ra.__proto__=qa;pa=ra.a;b | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D Model: gpt-4o | ```json
{
"riskscore": 4,
"reasons": "The code contains functions that interact with the DOM and handle events, which can be used for legitimate purposes but also for malicious activities such as phishing. The use of 'window.open' to open URLs can be a red flag if used to redirect users to malicious sites. However, without further context or additional code that clearly indicates malicious intent, the risk cannot be fully determined."
} |
if (typeof(ss) === "undefined") { ss = function(){}; }function st(id) {var a = document.getElementById(id);if (a) {a.myt = (new Date()).getTime();xy(window.event, a);mb(a);}}function ha(a,x){ if (accbk()) return;su(a);}function ia(a,e,x) {if (accbk()) return;su(a);}function ja(a,x) {if (accbk()) return;su(a);}function ga(o,e,x) {if (document.getElementById) {var a=o.id.substring(1),p="",r="",g=e.target,t,f,h;if (g) {t=g.id;f=g.parentNode;if (f) {p=f.id;h=f.parentNode;if (h)r=h.id;}} else {h=e.srcElement;f=h.parentNode;if (f)p=f.id;t=h.id;}if (t==a||p==a||r==a)return true;ia(a,e,x);window.open(document.getElementById(a).href);}} | |
| URL: https://50fcdbe305a9df1b1c334ddef504a003.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Model: gpt-4o | ```json
{
"riskscore": 2,
"reasons": "The provided JavaScript code appears to be part of Google's Closure Library, which is a widely used and legitimate library for optimizing and managing JavaScript code. The code includes functions for handling URLs, encoding data, and managing errors. There are no obvious signs of malicious behavior such as data exfiltration, credential stealing, or unauthorized access. However, the code does include functionality for sending error reports to a Google server, which could potentially be used to track user behavior. This is considered low risk and is typical for debugging and analytics purposes."
} |
(function(){/*
Copyright The Closure Library Authors.
SPDX-License-Identifier: Apache-2.0
*/
var f=this||self,h=function(a){return a};var n=function(a,b){this.h=a===l&&b||"";this.g=m},p=function(a){return a instanceof n&&a.constructor===n&&a.g===m?a.h:"type_error:Const"},m={},l={};var r=void 0;/*
SPDX-License-Identifier: Apache-2.0
*/
var t,aa=function(){if(void 0===t){var a=null,b=f.trustedTypes;if(b&&b.createPolicy){try{a=b.createPolicy("goog#html",{createHTML:h,createScript:h,createScriptURL:h})}catch(c){f.console&&f.console.error(c.message)}t=a}else t=a}return t};var ca=function(a){this.g=ba===ba?a:""};ca.prototype.toString=function(){return this.g+""};var ba={},da=function(a){var b=aa();a=b?b.createScriptURL(a):a;return new ca(a)};var ea={},u=function(a,b){this.g=b===ea?a:""};u.prototype.toString=function(){return this.g.toString()};var ha=function(){var a=v,b={message:fa(v)};var c=void 0===c?{}:c;this.error=a;this.context=b.context;this.msg=b.message||"";this.id=b.id||"jserror";this.meta=c};var w=function(a){w[" "](a);return a};w[" "]=function(){};var ia=RegExp("^(?:([^:/?#.]+):)?(?://(?:([^\\\\/?#]*)@)?([^\\\\/?#]*?)(?::([0-9]+))?(?=[\\\\/?#]|$))?([^?#]+)?(?:\\?([^#]*))?(?:#([\\s\\S]*))?$");var ja=function(a,b){if(a)for(var c in a)Object.prototype.hasOwnProperty.call(a,c)&&b(a[c],c,a)};var ka=RegExp("^https?://(\\w|-)+\\.cdn\\.ampproject\\.(net|org)(\\?|/|$)"),ma=function(){var a=la;this.g=x;this.h=a},na=function(a,b){this.url=a;this.j=!!b;this.depth=null};function oa(a){f.google_image_requests||(f.google_image_requests=[]);var b=f.document;b=void 0===b?document:b;b=b.createElement("img");b.src=a;f.google_image_requests.push(b)};var y=function(){this.i="&";this.h={};this.o=0;this.g=[]},z=function(a,b){var c={};c[a]=b;return[c]},qa=function(a,b,c,d,e){var k=[];ja(a,function(g,A){(g=pa(g,b,c,d,e))&&k.push(A+"="+g)});return k.join(b)},pa=function(a,b,c,d,e){if(null==a)return"";b=b||"&";c=c||",$";"string"==typeof c&&(c=c.split(""));if(a instanceof Array){if(d=d||0,d<c.length){for(var k=[],g=0;g<a.length;g++)k.push(pa(a[g],b,c,d+1,e));return k.join(c[d])}}else if("object"==typeof a)return e=e||0,2>e?encodeURIComponent(qa(a,b,c,d,e+1)):"...";return encodeURIComponent(String(a))},sa=function(a){var b="https://pagead2.googlesyndication.com/pagead/gen_204?id=jserror&",c=ra(a)-27;if(0>c)return"";a.g.sort(function(za,Aa){return za-Aa});for(var d=null,e="",k=0;k<a.g.length;k++)for(var g=a.g[k],A=a.h[g],O=0;O<A.length;O++){if(!c){d=null==d?g:d;break}var q=qa(A[O],a.i,",$");if(q){q=e+q;if(c>=q.length){c-=q.length;b+=q;e=a.i;break}d=null==d?g:d}}a="";null!=d&&(a=e+"trn="+d);return b+a},ra=function(a){var b=1,c;for(c in a.h)b=c.length>b?c.length:b;return 3997-b-a.i.length-1};var ta=function(a){if(.01>Math.random())try{if(a instanceof y)var b=a;else b=new y,ja(a,function(d,e){var k=b,g=k.o++;d=z(e,d);k.g.push(g);k.h[g]=d});var c=sa(b);c&&oa(c)}catch(d){}};var fa=function(a){var b=a.toString();a.name&&-1==b.indexOf(a.name)&&(b+=": "+a.name);a.message&& | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D Model: gpt-4o | ```json
{
"riskscore": 2,
"reasons": "The provided JavaScript code appears to be part of the Google Closure Library, which is a well-known and widely used library for optimizing and managing JavaScript code. There are no obvious signs of malicious behavior such as data exfiltration, credential harvesting, or unauthorized access to user information. The code primarily deals with event handling and user agent detection. However, without the full context of how this script is used within the web page, a small risk remains."
} |
(function(){'use strict';/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ var m=this||self;function aa(a){a:{var b=["CLOSURE_FLAGS"];for(var c=m,d=0;d<b.length;d++)if(c=c[b[d]],null==c){b=null;break a}b=c}a=b&&b[a];return null!=a?a:!1}function ba(a,b){function c(){}c.prototype=b.prototype;a.W=b.prototype;a.prototype=new c;a.prototype.constructor=a;a.V=function(d,e,f){for(var g=Array(arguments.length-2),h=2;h<arguments.length;h++)g[h-2]=arguments[h];return b.prototype[e].apply(d,g)}};function ca(){};function n(a,b){this.type=a;this.g=this.target=b;this.defaultPrevented=!1};var da=aa(610401301),ea=aa(188588736);var t;const fa=m.navigator;t=fa?fa.userAgentData||null:null;function u(a){return da?t?t.brands.some(({brand:b})=>b&&-1!=b.indexOf(a)):!1:!1}function w(a){var b;a:{if(b=m.navigator)if(b=b.userAgent)break a;b=""}return-1!=b.indexOf(a)};function x(){return da?!!t&&0<t.brands.length:!1}function y(){return x()?u("Chromium"):(w("Chrome")||w("CriOS"))&&!(x()?0:w("Edge"))||w("Silk")};var z="closure_listenable_"+(1E6*Math.random()|0);var ha=0;function ia(a,b,c,d,e){this.listener=a;this.proxy=null;this.src=b;this.type=c;this.capture=!!d;this.m=e;this.key=++ha;this.j=this.l=!1}function A(a){a.j=!0;a.listener=null;a.proxy=null;a.src=null;a.m=null};function ja(a){let b=0;for(const c in a)b++}const ka="constructor hasOwnProperty isPrototypeOf propertyIsEnumerable toLocaleString toString valueOf".split(" ");function la(a,b){let c,d;for(let e=1;e<arguments.length;e++){d=arguments[e];for(c in d)a[c]=d[c];for(let f=0;f<ka.length;f++)c=ka[f],Object.prototype.hasOwnProperty.call(d,c)&&(a[c]=d[c])}};function B(a){this.src=a;this.g={};this.h=0}B.prototype.add=function(a,b,c,d,e){var f=a.toString();a=this.g[f];a||(a=this.g[f]=[],this.h++);var g=C(a,b,d,e);-1<g?(b=a[g],c||(b.l=!1)):(b=new ia(b,this.src,f,!!d,e),b.l=c,a.push(b));return b};function D(a,b){var c=b.type;if(c in a.g){var d=a.g[c],e=Array.prototype.indexOf.call(d,b,void 0),f;(f=0<=e)&&Array.prototype.splice.call(d,e,1);f&&(A(b),0==a.g[c].length&&(delete a.g[c],a.h--))}} function C(a,b,c,d){for(var e=0;e<a.length;++e){var f=a[e];if(!f.j&&f.listener==b&&f.capture==!!c&&f.m==d)return e}return-1};var ma="closure_lm_"+(1E6*Math.random()|0),E={},na=0; function oa(a,b,c,d,e){if(Array.isArray(b))for(var f=0;f<b.length;f++)oa(a,b[f],c,d,e);else(f=typeof d,d="object"==f&&null!=d||"function"==f?!!d.capture:!!d,c=pa(c),a&&a[z])?(a=a.g,b=String(b).toString(),b in a.g&&(f=a.g[b],c=C(f,c,d,e),-1<c&&(A(f[c]),Array.prototype.splice.call(f,c,1),0==f.length&&(delete a.g[b],a.h--)))):a&&(a=qa(a))&&(b=a.g[b.toString()],a=-1,b&&(a=C(b,c,d,e)),(c=-1<a?b[a]:null)&&"number"!==typeof c&&c&&!c.j&&((e=c.src)&&e[z]?D(e.g,c):(d=c.type,b=c.proxy,e.removeEventListener? e.removeEventListener(d,b,c.capture):e.detachEvent?e.detachEvent(d in E?E[d]:E[d]="on"+d,b):e.addListener&&e.removeListener&&e.removeListener(b),na--,(d=qa(e))?(D(d,c),0==d.h&&(d.src=null,e[ma]=null)):A(c))))}function qa(a){a=a[ma];return | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The provided JavaScript code appears to be related to tracking click times on elements with a specific ID. It does not exhibit any behavior that would be considered malicious, such as stealing user data, injecting malicious scripts, or redirecting users to phishing sites. The code modifies URLs to include a 'clkt' parameter, which seems to be used for tracking purposes. As tracking functionality is considered no risk, the overall risk score is very low."
} |
function su(id) {var a = document.getElementById(id);var b = (new Date()).getTime();if (a && a.myt && b) {var t = b - a.myt;if (window.css) {css(id,'clkt',t);return;}var bi = a.href.indexOf("&clkt=");if (bi > 0) {var c = a.href.substring(0, bi+6); var d = a.href.substring(bi+6, a.href.length);var ei = d.indexOf("&");var r = '';if (ei >= 0)r = d.substring(ei, d.length);a.href = c + t + r; } else {a.href += "&clkt=" + t;}}} | |
| URL: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90 Model: gpt-4o | ```json
{
"riskscore": 2,
"reasons": "The code primarily handles GDPR and US privacy compliance by extracting consent strings from the URL parameters and using them to modify URLs for tracking pixels and iframes. This behavior is typical for tracking and advertisement purposes, which are considered low risk. There is no evidence of malicious activity such as data exfiltration, credential harvesting, or unauthorized access. However, the use of dynamically created iframes and images could potentially be exploited if combined with other malicious code."
} |
var syncPixels = "";
var syncIframes = "";
var GDPR_APPLIES = "gdpr=";
var GDPR = "gdpr_consent=";
var US_PRIVACY = "us_privacy=";
var params = location.search.substring(1);
var consentString = "";
var usPrivacy = "";
var gdprAppliesValue = "1";
try {
var index = params.indexOf(GDPR);
if (index >= 0) {
consentString = params.substring(index + GDPR.length).split("&")[0];
}
index = params.indexOf(GDPR_APPLIES);
if (index >= 0) {
var tmp = params.substring(index + GDPR_APPLIES.length).split("&")[0];
gdprAppliesValue = (tmp == null || tmp === "" || tmp === "1") ? "1" : "0";
}
index = params.indexOf(US_PRIVACY);
if (index >= 0) {
usPrivacy = params.substring(index + US_PRIVACY.length).split("&")[0];
}
} catch (e) {
console.log("Can't detect gdpr consent string");
}
if (syncPixels) {
var sync = syncPixels.split(" ");
if (sync != null) {
sync.forEach(function(url) {
url = url.replace("${GDPR}",gdprAppliesValue);
url = url.replace("${GDPR_STRING}", consentString);
url = url.replace("${US_PRIVACY}", usPrivacy);
new Image().src = url;
});
}
}
if (syncIframes) {
var syncF = syncIframes.split(",");
if (syncF != null) {
syncF.forEach(function(url) {
url = url.replace("${GDPR}",gdprAppliesValue);
url = url.replace("${GDPR_STRING}", consentString);
url = url.replace("${US_PRIVACY}", usPrivacy);
var iframe = document.createElement("iframe");
iframe.src = url;
iframe.style.display = "none";
iframe.style.width = "0px";
iframe.style.height = "0px";
document.body.appendChild(iframe);
});
}
} | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The provided JavaScript code appears to be part of the Google Closure Library, which is a widely used and legitimate library for optimizing and managing JavaScript code. There are no obvious signs of malicious activity, such as data exfiltration, credential harvesting, or unauthorized access attempts. The code primarily deals with user agent detection and data manipulation, which are common tasks in web development. Therefore, it is considered low risk."
} |
(function(){'use strict';/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ var u=this||self;function aa(a){a:{var b=["CLOSURE_FLAGS"];for(var c=u,d=0;d<b.length;d++)if(c=c[b[d]],null==c){b=null;break a}b=c}a=b&&b[a];return null!=a?a:!1};var ba=aa(610401301),ca=aa(188588736);var v;const da=u.navigator;v=da?da.userAgentData||null:null;function w(a){return ba?v?v.brands.some(({brand:b})=>b&&-1!=b.indexOf(a)):!1:!1}function x(a){var b;a:{if(b=u.navigator)if(b=b.userAgent)break a;b=""}return-1!=b.indexOf(a)};function y(){return ba?!!v&&0<v.brands.length:!1}function D(){return y()?w("Chromium"):(x("Chrome")||x("CriOS"))&&!(y()?0:x("Edge"))||x("Silk")};function E(a){E[" "](a);return a}E[" "]=function(){};!x("Android")||D();D();x("Safari")&&(D()||(y()?0:x("Coast"))||(y()?0:x("Opera"))||(y()?0:x("Edge"))||(y()?w("Microsoft Edge"):x("Edg/"))||y()&&w("Opera"));var ea={},F=null;var G=Symbol();var fa={},ha={};function ka(a){return!(!a||"object"!==typeof a||a.g!==ha)}function H(a){return null!==a&&"object"===typeof a&&!Array.isArray(a)&&a.constructor===Object}let I;function J(a,b,c){if(!Array.isArray(a)||a.length)return!1;const d=a[G]|0;if(d&1)return!0;if(!(b&&(Array.isArray(b)?b.includes(c):b.has(c))))return!1;a[G]=d|1;return!0}class la{}class ma{}Object.freeze(new la);Object.freeze(new ma);function na(a){if("boolean"!==typeof a){var b=typeof a;throw Error(`Expected boolean but got ${"object"!=b?b:a?Array.isArray(a)?"array":b:"null"}: ${a}`);}return a};let oa;function pa(a,b){return qa(b)}function qa(a){switch(typeof a){case "number":return isFinite(a)?a:String(a);case "boolean":return a?1:0;case "object":if(a)if(Array.isArray(a)){if(J(a,void 0,0))return}else if(null!=a&&a instanceof Uint8Array){let b="",c=0;const d=a.length-10240;for(;c<d;)b+=String.fromCharCode.apply(null,a.subarray(c,c+=10240));b+=String.fromCharCode.apply(null,c?a.subarray(c):a);return btoa(b)}}return a};function ra(a,b,c,d,e){if(null!=a){if(Array.isArray(a))a=J(a,void 0,0)?void 0:e&&(a[G]|0)&2?a:sa(a,b,c,void 0!==d,e);else if(H(a)){const f={};for(let g in a)f[g]=ra(a[g],b,c,d,e);a=f}else a=b(a,d);return a}}function sa(a,b,c,d,e){const f=d||c?a[G]|0:0;d=d?!!(f&32):void 0;a=Array.prototype.slice.call(a);for(let g=0;g<a.length;g++)a[g]=ra(a[g],b,c,d,e);c&&c(f,a);return a}function ta(a){return a.A===fa?a.toJSON():qa(a)};function L(a,b,c){const d=a.l;let e=d[G];if(e&2)throw Error();M(d,e,b,c);return a}function M(a,b,c,d){var e=b>>14&1023;e=0===e?536870912:e;if(c>=e){let f,g=b;if(b&256)f=a[a.length-1];else{if(null==d)return;f=a[e+(+!!(b&512)-1)]={};g|=256}f[c]=d;c<e&&(a[c+(+!!(b&512)-1)]=void 0);g!==b&&(a[G]=g)}else a[c+(+!!(b&512)-1)]=d,b&256&&(a=a[a.length-1],c in a&&delete a[c])}function N(a,b,c){if(null!=c&&"string"!==typeof c)throw Error();return L(a,b,c)};var O=class{constructor(){a:{var a=void 0;null==a&&(a=oa);oa=void 0;if(null==a){var b=96;a=[]}else{if(!Array.isArray(a))throw Error("narr");b=a[G]|0;if(b&2048)throw Error("farr");if(b&64)break a;var c=a;b | |
| URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ack.net#{%22lwid%22:{%22origin%22:0},%22bundle%22:{%22origin%22:0},%22optout%22:{%22value%22:false,%22origin%22:0},%22tld%22:%22ack.net%22,%22topUrl%22:%22www.ack.net%22,%22version%22 Model: gpt-4o | ```json
{
"riskscore": 2,
"reasons": "The provided JavaScript code appears to be part of a legitimate library or framework for handling asynchronous operations, object inheritance, and cookie management. It includes functions for logging metrics and errors, which are common in performance monitoring and error tracking tools. There are no obvious signs of malicious behavior such as data exfiltration, credential stealing, or unauthorized access. However, without knowing the full context of its use, a minimal risk score is assigned."
} |
!function(){"use strict";var i=function(t,e){return(i=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(t,e){t.__proto__=e}||function(t,e){for(var n in e)e.hasOwnProperty(n)&&(t[n]=e[n])})(t,e)};function t(t,e){function n(){this.constructor=t}i(t,e),t.prototype=null===e?Object.create(e):(n.prototype=e.prototype,new n)}var e=function(){return(e=Object.assign||function(t){for(var e,n=1,i=arguments.length;n<i;n++)for(var o in e=arguments[n])Object.prototype.hasOwnProperty.call(e,o)&&(t[o]=e[o]);return t}).apply(this,arguments)};function n(r,s,a,l){return new(a=a||Promise)(function(t,e){function n(t){try{o(l.next(t))}catch(t){e(t)}}function i(t){try{o(l.throw(t))}catch(t){e(t)}}function o(e){e.done?t(e.value):new a(function(t){t(e.value)}).then(n,i)}o((l=l.apply(r,s||[])).next())})}function s(n,i){var o,r,s,t,a={label:0,sent:function(){if(1&s[0])throw s[1];return s[1]},trys:[],ops:[]};return t={next:e(0),throw:e(1),return:e(2)},"function"==typeof Symbol&&(t[Symbol.iterator]=function(){return this}),t;function e(e){return function(t){return function(e){if(o)throw new TypeError("Generator is already executing.");for(;a;)try{if(o=1,r&&(s=2&e[0]?r.return:e[0]?r.throw||((s=r.return)&&s.call(r),0):r.next)&&!(s=s.call(r,e[1])).done)return s;switch(r=0,s&&(e=[2&e[0],s.value]),e[0]){case 0:case 1:s=e;break;case 4:return a.label++,{value:e[1],done:!1};case 5:a.label++,r=e[1],e=[0];continue;case 7:e=a.ops.pop(),a.trys.pop();continue;default:if(!(s=0<(s=a.trys).length&&s[s.length-1])&&(6===e[0]||2===e[0])){a=0;continue}if(3===e[0]&&(!s||e[1]>s[0]&&e[1]<s[3])){a.label=e[1];break}if(6===e[0]&&a.label<s[1]){a.label=s[1],s=e;break}if(s&&a.label<s[2]){a.label=s[2],a.ops.push(e);break}s[2]&&a.ops.pop(),a.trys.pop();continue}e=i.call(n,a)}catch(t){e=[6,t],r=0}finally{o=s=0}if(5&e[0])throw e[1];return{value:e[0]?e[1]:void 0,done:!0}}([e,t])}}}function a(t,e){if(!function(t){try{return void 0!==t.cookie}catch(t){return!1}}(t))return null;for(var n=t.cookie.split(";"),i=0;i<n.length;i++){var o=n[i],r=o.substr(0,o.indexOf("=")).replace(/^\s+|\s+$/g,""),s=o.substr(o.indexOf("=")+1);if(r===e&&s)return decodeURIComponent(s)}return null}var o=(r.prototype.logCounter=function(t){var e="entry=c~"+(this.METRIC_PREFIX?this.METRIC_PREFIX+".":"")+(t||"")+"~1";this._eventsQueue.push(e)},r.prototype.logHistogram=function(t,e){var n="entry=h~"+(this.METRIC_PREFIX?this.METRIC_PREFIX+".":"")+(t||"")+"~"+e;this._eventsQueue.push(n)},r.prototype.logError=function(t,e,n){void 0===n&&(n=null);var i=e&&e.message||e,o="string"==typeof n?[n]:n,r=[this.METRIC_PREFIX,t].concat(o).reduce(function(t,e){return t.concat(e&&e.split(".")||[])},[]).filter(function(t){return null!=t&&null!=t&&""!=t}).map(function(t){return"&tag="+encodeURIComponent(t)}).join(""),s="https://"+this.CSM_BASE_DOMAIN+"/iex?gPath="+(this.METRIC_PREFIX?this.METRIC_PREFIX+".":"")+encodeURIComponent(t)+"&msg="+encodeURIComponent(i)+r;this.logPixel(s)},r.prototype.sendMetrics=function(){this.flushEventQueue()},r.prot | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code primarily deals with advertisement functionality and audience targeting using local storage. It does not exhibit any malicious behavior such as phishing, data exfiltration, or unauthorized access to sensitive information."
} |
/*<![CDATA[*/ window.googletag = window.googletag || {cmd: []};
window.gptAdSlots = window.gptAdSlots || [];
window.__tnt = window.__tnt || {};
__tnt.ads = __tnt.ads || {};
__tnt.ads.dfp = __tnt.ads.dfp || {};
__tnt.ads.dfp.dmp = __tnt.ads.dfp.dmp || {};
__tnt.ads.dfp.dmp.audienceCheck = function(settings) {
if (!__tnt.client.capabilities.supportsLocalStorage() || localStorage.getItem('tncms.dmp.audiences') == null) return false;
if (settings.block && typeof settings.audience != 'undefined' && settings.audience.length > 0) {
if (__tnt.compareArray(JSON.parse(localStorage.getItem('tncms.dmp.audiences')), settings.audience.split(','))) return true;
} else if (typeof __tnt.ads.dfp.dmp.hideAudience != 'undefined' && __tnt.ads.dfp.dmp.hideAudience.length > 0) {
if (__tnt.compareArray(JSON.parse(localStorage.getItem('tncms.dmp.audiences')), __tnt.ads.dfp.dmp.hideAudience)) return true;
}
return false;
};
__tnt.ads.dfp.targeting = __tnt.ads.dfp.targeting || {};
__tnt.ads.dfp.targeting.k = ["the inquirer and mirror"];
__tnt.ads.dfp.targeting.page = ["index","app-editorial"];
__tnt.ads.dfp.templates = __tnt.ads.dfp.templates || {};
__tnt.ads.dfp.templates = {
cube:"https:\/\/bloximages.chicago2.vip.townnews.com\/ack.net\/shared-content\/art\/tncms\/templates\/libraries\/flex\/components\/ads\/resources\/scripts\/templates\/cube.a023713b7eff47127899286dc36e1970.js",
interstitial:"https:\/\/bloximages.chicago2.vip.townnews.com\/ack.net\/shared-content\/art\/tncms\/templates\/libraries\/flex\/components\/ads\/resources\/scripts\/templates\/interstitial.df40f87de692498682823c6773da5459.js",
nativeArticle:"https:\/\/bloximages.chicago2.vip.townnews.com\/ack.net\/shared-content\/art\/tncms\/templates\/libraries\/flex\/components\/ads\/resources\/scripts\/templates\/native-article.9b3cd3bb8591bed71346f4fe429b96dc.js",
pageCurl:"https:\/\/bloximages.chicago2.vip.townnews.com\/ack.net\/shared-content\/art\/tncms\/templates\/libraries\/flex\/components\/ads\/resources\/scripts\/templates\/page-curl.ca0c1a7372c29272ef1ccf504ced01a9.js",
parallax:"https:\/\/bloximages.chicago2.vip.townnews.com\/ack.net\/shared-content\/art\/tncms\/templates\/libraries\/flex\/components\/ads\/resources\/scripts\/templates\/parallax.0ce32932f3b4125f930bea8d431f8f03.js",
paw:"https:\/\/bloximages.chicago2.vip.townnews.com\/ack.net\/shared-content\/art\/tncms\/templates\/libraries\/flex\/components\/ads\/resources\/scripts\/templates\/paw.9ea074ccc913cb273a4b790e1e37460a.js",
pencil:"https:\/\/bloximages.chicago2.vip.townnews.com\/ack.net\/shared-content\/art\/tncms\/templates\/libraries\/flex\/components\/ads\/resources\/scripts\/templates\/pencil.2662e4159cdac4809283c5399d78644b.js",
reveal:"https:\/\/bloximages.chicago2.vip.townnews.com\/ack.net\/shared-content\/art\/tncms\/templates\/libraries\/flex\/c | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code is primarily focused on tracking events and virtual page views using Google Analytics. It does not contain any malicious elements such as data exfiltration, phishing attempts, or unauthorized access to user information. The code is safe and poses no risk."
} |
/*<![CDATA[*/
__tnt.googleEvent = function(obj) {
dataLayer.push({
'event': 'tncms.event.trigger',
'tncms.event.trigger.category': obj.category,
'tncms.event.trigger.action': obj.action,
'tncms.event.trigger.label': obj.label,
'tncms.event.trigger.value': obj.value
});
}
/* Virtual page view */
__tnt.googlePageView = function(obj) {
var sURL = obj.url.replace(/^.*\/\/[^\/]+/, '');
dataLayer.push({
'event': 'tncms.event.virtual_pageview',
'tncms.event.virtual_pageview.url': sURL,
'tncms.event.virtual_pageview.title': obj.title,
'tncms.event.virtual_pageview.metric': obj.metric
});
}
/* Social event */
__tnt.googleSocial = function(obj) {
dataLayer.push({
'event': 'tncms.event.social',
'tncms.event.social.network': obj.network,
'tncms.event.social.action': obj.socialAction,
'tncms.event.social.target': obj.url
});
} /* */ | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The provided JavaScript code primarily handles form submission and input focus behavior. It does not exhibit any malicious behavior such as data exfiltration, unauthorized access, or code injection. The only minor issue is the potential for a small error in the form submission logic (query_input.val() should be query_input.value), but this does not pose a security risk."
} |
/*<![CDATA[*/ (function(d) {
var form = d.getElementById('site-search-3325431'),
query_input = d.getElementById('site-search-3325431-term'),
search_dropdown = d.getElementById('site-search-3325431-dropdown');
/** Input focus */
try {
search_dropdown.onmouseenter = function(){
setTimeout(function(){
query_input.focus();
}, 700);
};
} catch (error) {
// No dropdown behavior
}
/** Submit handler */
form.onsubmit = function(){
// Filter query
var elem = document.querySelector("#site-search-3325431 input[name=q]"),
sQueryFiltered = elem.value.replace(/\?/g, '');
elem.value = sQueryFiltered;
// No submit if empty input
if( query_input.val() ){
return true;
} else{
return false;
}
};})(document); /* */ | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The provided JavaScript code primarily handles user subscription status and UI updates based on that status. It does not exhibit any behavior typically associated with malicious activities such as data exfiltration, credential stealing, or unauthorized access. The code appears to be part of a legitimate subscription management system. However, the code is incomplete, and a full assessment would require the complete script."
} |
/*<![CDATA[*/ window.__tnt || (window.__tnt = {});
window.__tnt.subscription || (__tnt.subscription = {});
window.__tnt.subscription.access || (__tnt.subscription.access = {});
window.userStatus = document.createEvent('Event');
userStatus.initEvent('tnt-user-status', true, true);
userStatus.version = 3;
userStatus.hasAccess = false;
userStatus.accessMethod = 'none';
userStatus.accessError = null;
window.tntPurchase = document.createEvent('Event');
tntPurchase.initEvent('tnt-purchase',true,true,{});
window.addEventListener('tnt-user-status',function(event){
var blockEl = document.getElementById('user-controls-3332739'),
subscribeButton = blockEl.querySelector('.no-services'),
manageButton = blockEl.querySelector('.has-services');
buttonWrapper = blockEl.querySelector('.aplus-user-manage');
if(__tnt.user.services){
blockEl.classList.add('user-is-subscriber');
blockEl.classList.remove('user-is-known');
blockEl.classList.remove('user-unknown');
} else if(__tnt.user.authToken){
blockEl.classList.add('user-is-known');
blockEl.classList.remove('user-is-subscriber');
blockEl.classList.remove('user-unknown');
}else{
blockEl.classList.remove('user-is-known');
blockEl.classList.remove('user-is-subscriber');
blockEl.classList.add('user-unknown');
}
});
document.addEventListener("DOMContentLoaded", function(event) {
var modalWrapper = document.getElementById('access-offers-modal'),
modalEl = null,
loginTab = document.getElementById('user-modal-tab-login'),
offersTab = document.getElementById('modal-offers-tab'),
templateEl = offersTab.querySelector('template.template-promo-service'),
headerEl = offersTab.querySelector('.offer-group-title'),
outputEl = offersTab.querySelector('.output'),
accessMethods = document.getElementById('access-methods'),
purchaseTab = document.getElementById('user-modal-tab-purchase'),
purchaseForm = document.getElementById('form-super-purchase'),
purchaseRateDisplay = document.getElementById('user-purchase-rate'),
previewMode =false,
limit = 3,
context = "organic",
legacyContext = "Block",
siteNameEl = document.head.querySelector('meta[property="og:site_name"]'),
siteName = "",
purchaseMenuOption = document.getElementById('purchase-menu-toggle-3332739'),
purchaseLinkOnLoginModal = document.getElementById('user-modal-purchase-toggle');
if(siteNameEl){ siteName = siteNameEl.content }
if(modalWrapper){ modalEl = modalWrapper.querySelector('.modal') }
if(purchaseLinkOnLoginModal && !purchaseLinkOnLoginModal.getAttribute('data-offer')){
var sOfferId = "";
purchaseLinkOnLoginModal.setAttribute('data-offer', sOfferId);
purchaseLinkOnLoginModal.setAttribute('data-context', co | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery?group=483654 Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The provided JavaScript code appears to be handling form submission and input focus behavior for a search form. It includes basic input validation and sanitization by removing question marks from the query. There are no indications of malicious activity such as data exfiltration, unauthorized access, or harmful actions. The code is straightforward and seems to serve its intended purpose without posing significant security risks."
} |
/*<![CDATA[*/ (function(d) {
var form = d.getElementById('site-search-3325158'),
query_input = d.getElementById('site-search-3325158-term'),
search_dropdown = d.getElementById('site-search-3325158-dropdown');
/** Input focus */
try {
search_dropdown.onmouseenter = function(){
setTimeout(function(){
query_input.focus();
}, 700);
};
} catch (error) {
// No dropdown behavior
}
/** Submit handler */
form.onsubmit = function(){
// Filter query
var elem = document.querySelector("#site-search-3325158 input[name=q]"),
sQueryFiltered = elem.value.replace(/\?/g, '');
elem.value = sQueryFiltered;
// No submit if empty input
if( query_input.val() ){
return true;
} else{
return false;
}
};})(document); /* */ | |
| URL: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No input fields for username or password were found in the text.",
"No submit button for the login form was found in the text.",
"The text contains references to a newspaper and real estate, which do not suggest a login form."
]
} |
Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS May 23-Oune 6 Toggery Sho Home of the Original The Best of Nantucket Reds TM 62 Main Street 508.228.0437 NANTUCKET Search... Advanced search | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
i Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS June 6 May 23- Toggery Sho Home of the Original The Nantucket Reds TM 62 Main Street 508.228.0437 nced search | |
| URL: about:blank Model: gpt-4o | ```json
{
"riskscore": 2,
"reasons": "The code primarily deals with hiding an element and dynamically loading a script for advertisement purposes. The use of 'clickTAG' and 'redirecturl' parameters suggests it is related to ad tracking and redirection, which is common in advertising scripts. There is no immediate indication of malicious behavior such as data exfiltration, credential stealing, or unauthorized access. However, dynamically loading external scripts can pose a risk if the external source is compromised."
} |
if (document.getElementById('banner')) {document.getElementById('banner').style.display = 'none'; }; var script = document.createElement('script'); var domain = window._Adform && _Adform.ADFBannerData && _Adform.ADFBannerData.CREFURL ? _Adform.ADFBannerData.CREFURL : ''; var targetUrl = dhtml.getVar('clickTAG', 'http://www.adform.com'); script.src = 'https://c.bannerflow.net/a/663dd44df777125c4a03dc20?did=5ced02fe0fd60d000186f5ac&redirecturl=' + encodeURIComponent(targetUrl)+'&domain=' + domain + '&targetwindow=' + dhtml.getVar('landingPageTarget', '_blank'); document.getElementsByTagName('body')[0].appendChild(script); | |
| URL: about:blank Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The code listens for 'message' events and processes JSON data. It appears to handle custom events related to advertisements. There is no immediate indication of malicious behavior, but the use of 'message' events can be a vector for attacks if not properly secured. The risk is minimal but present."
} |
window.addEventListener('message',
function(e) {
try {
if (e.data.indexOf('{') == 0) {
var data = JSON.parse(e.data);
if (data.type == 'AdformCustomEvent') {
if (!isNaN(data.value)) {
dhtml.sendEvent(data.value, 'scratched');
} else {
var evData = JSON.parse(data.value);
dhtml.sendEvent(evData.eventId.toString(), evData.eventName);
};
};
};
} catch (e) {
}
}); | |
| URL: https://embed-1039441.secondstreetapp.com/embed/def5f4ef-bf03-4d76-92f8-3cfe109469cd/gallery/?group=483654 Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for the login form is present in the text."
]
} |
i Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS June 6 May 23- Toggery Sho Home of the Original The Nantucket Reds TM 62 Main Street 508.228.0437 nced search | |
| URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy= Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS May 23- June 6 Toggery Sho Home of the Original The Nantucket Reds TM 62 Main Street 508.228.0437 nced search | |
| URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.ack.net&purl=https%3A%2F%2Fwww.ack.net%2Fcontests%2F%3Futm_source%3DThe%2BInquirer%2Band%2BMirror%2BNewsletter%26utm_campaign%3Db12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01%26utm_ Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No input fields for username or password were found in the text.",
"No submit button for the login form was found in the text.",
"The text appears to be the header and navigation menu of a website, not a login form."
]
} |
Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS May 23-Oune 6 Toggery Sho Home of the Original The Best of Nantucket Reds TM 62 Main Street 508.228.0437 NANTUCKET Search... Advanced search | |
| URL: https://resources.infolinks.com/static/container-4.0.html Model: gpt-4o | ```json
{
"riskscore": 3,
"reasons": "The code listens for messages from other windows and processes them to create iframes and inject content. This behavior can be risky if the source of the messages is not trusted, as it could lead to cross-site scripting (XSS) attacks. However, the code does not appear to perform any obviously malicious actions by itself. It is important to ensure that the messages received are from trusted sources."
} |
(function () {
window.addEventListener("message", displayMessage, false);
function displayMessage(e) {
try {
const evt = JSON.parse(e.data);
if (evt.name === "IL_iceContent") {
createContentIFrame(evt.content);
const styleElement = document.createElement("style");
styleElement.textContent = "body { margin: 0px !important; }";
document.head.appendChild(styleElement);
}
if (evt.name === "IL_sendExternalMrc") {
evt.mrcTrackingPixels.map((pixel) => {
document
.getElementById("IL_IFR_Content")
.insertAdjacentHTML(
"beforeend",
"<img src='" +
pixel +
"'style='display:none; width:1px; height:1px' alt=''>"
);
});
}
} catch (err) {
//console.log("[ICE] do nothing", err)
}
}
/**
* creates second nested iframe to display the ad content
*/
function createContentIFrame(content) {
const iframe = document.createElement("iframe");
iframe.setAttribute("width", "100%");
iframe.setAttribute("height", "100%");
iframe.setAttribute("frameborder", "0");
iframe.setAttribute("scrolling", "no");
// Setting up communication between parent and iframe
iframe.setAttribute("sandbox", "allow-scripts allow-same-origin");
iframe.onload = function () {
const iframeDoc =
iframe.contentDocument || iframe.contentWindow.document;
handleContent(content, iframeDoc);
};
document.body.appendChild(iframe);
}
/**
* Aims to handle content that is sent to be rendered
* @param {*} content The ad content
* @param {*} iframeDoc the iframe container document
*/
function handleContent(content, iframeDoc) {
var frag = iframeDoc.createRange().createContextualFragment(content);
iframeDoc.body.appendChild(frag);
const styleElement = document.createElement("style");
styleElement.textContent = "body { margin: 0px !important; }";
iframeDoc.head.appendChild(styleElement);
}
})(); | |
| URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fembed-1039441.secondstreetapp.com Model: gpt-4o | ```json
{
"riskscore": 2,
"reasons": "The provided JavaScript code appears to be a minified and obfuscated script, which is a common practice for legitimate purposes such as performance optimization. The code includes functionality for module loading and compatibility checks, which are typical in many web applications. There is no immediate indication of malicious behavior such as data exfiltration, credential harvesting, or unauthorized access. However, due to the obfuscation, a thorough manual review would be necessary to completely rule out any hidden malicious intent."
} |
!function(){Function&&Function.prototype&&Function.prototype.bind&&(/(MSIE ([6789]|10|11))|Trident/.test(navigator.userAgent)||function(e){var t={};function r(n){if(t[n])return t[n].exports;var i=t[n]={i:n,l:!1,exports:{}};return e[n].call(i.exports,i,i.exports,r),i.l=!0,i.exports}r.m=e,r.c=t,r.d=function(e,t,n){r.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:n})},r.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.t=function(e,t){if(1&t&&(e=r(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(r.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var i in e)r.d(n,i,function(t){return e[t]}.bind(null,i));return n},r.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return r.d(t,"a",t),t},r.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},r.p="https://platform.twitter.com/",r(r.s=115)}([function(e,t){"function"==typeof Object.create?e.exports=function(e,t){e.super_=t,e.prototype=Object.create(t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}})}:e.exports=function(e,t){e.super_=t;var r=function(){};r.prototype=t.prototype,e.prototype=new r,e.prototype.constructor=e}},function(e,t,r){var n=r(25),i=n.Buffer;function o(e,t){for(var r in e)t[r]=e[r]}function a(e,t,r){return i(e,t,r)}i.from&&i.alloc&&i.allocUnsafe&&i.allocUnsafeSlow?e.exports=n:(o(n,t),t.Buffer=a),o(i,a),a.from=function(e,t,r){if("number"==typeof e)throw new TypeError("Argument must not be a number");return i(e,t,r)},a.alloc=function(e,t,r){if("number"!=typeof e)throw new TypeError("Argument must be a number");var n=i(e);return void 0!==t?"string"==typeof r?n.fill(t,r):n.fill(t):n.fill(0),n},a.allocUnsafe=function(e){if("number"!=typeof e)throw new TypeError("Argument must be a number");return i(e)},a.allocUnsafeSlow=function(e){if("number"!=typeof e)throw new TypeError("Argument must be a number");return n.SlowBuffer(e)}},function(e,t,r){var n=r(3);function i(e,t){var r;for(r in e)e.hasOwnProperty&&!e.hasOwnProperty(r)||t(r,e[r]);return e}function o(e){return{}.toString.call(e).match(/\s([a-zA-Z]+)/)[1].toLowerCase()}function a(e){return e===Object(e)}function f(e){var t;if(!a(e))return!1;if(Object.keys)return!Object.keys(e).length;for(t in e)if(e.hasOwnProperty(t))return!1;return!0}function s(e){return e?Array.prototype.slice.call(e):[]}e.exports={aug:function(e){return s(arguments).slice(1).forEach(function(t){i(t,function(t,r){e[t]=r})}),e},async:function(e,t){n.setTimeout(function(){e.call(t||null)},0)},compact:function e(t){return i(t,function(r,n){a(n)&&(e(n),f(n)&&delete t[r]),void 0!==n&&null!==n&&""!==n||delete t[r]}),t},contains:function(e,t){return!(!e||!e.indexOf)&&e.indexOf(t)>-1},forIn:i,isObject:a,isEmptyObject:f,toType:o,isType:function(e,t){return e==o(t)},toRealArray:s}},fun | |
| URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7BC31581-A96C-4988-9719-697CC8124055&redir=true&gdpr=0&gdpr_consent= Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
i Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS June 6 May 23- Toggery Sho Home of the Original The Nantucket Reds TM 62 Main Street 508.228.0437 nced search | |
| URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for the login form is present in the text."
]
} |
i Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS June 6 May 23- Toggery Sho Home of the Original The Nantucket Reds TM 62 Main Street 508.228.0437 nced search | |
| URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.ack.net&purl=https%3A%2F%2Fwww.ack.net%2Fcontests%2F%3Futm_source%3DThe%2BInquirer%2Band%2BMirror%2BNewsletter%26utm_campaign%3Db12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01%2 Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code primarily consists of user synchronization (user sync) scripts for various advertising networks. These scripts are used for tracking and advertisement purposes, which are considered no risk as per the given instructions. No malicious activities such as data exfiltration, credential stealing, or unauthorized access were detected."
} |
var encUrl='https%3A%2F%2Fwww.ack.net%2Fcontests%2F%3Futm_source%3DThe%2BInquirer%2Band%2BMirror%2BNewsletter%26utm_campaign%3Db12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01%26utm_medium%3Demail%26utm_term%3D0_-501d27be68-%255BLIST_EMAIL_ID%255D%23%2Fgallery%3Fgroup%3D483654';try {
var pbmRTBUsync = document.createElement('img');
pbmRTBUsync.style.width = '1px';
pbmRTBUsync.id = "pbmRTBUsync";
pbmRTBUsync.style.height = '1px';
pbmRTBUsync.style.display = 'none';
pbmRTBUsync.src = "https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID";
if (document.body) document.body.appendChild(pbmRTBUsync);
} catch( err ) {
console.log(err.message);
}
try {
var apnImgUsersync = document.createElement('img');
apnImgUsersync.style.width = '1px';
apnImgUsersync.id = "apnImgUsersync";
apnImgUsersync.style.height = '1px';
apnImgUsersync.style.display = 'none';
apnImgUsersync.src = "https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID";
if (document.body) document.body.appendChild(apnImgUsersync);
} catch( err ) {
console.log(err.message);
}
try {
var sharethroughImgUsersync = document.createElement('img');
sharethroughImgUsersync.style.width = '1px';
sharethroughImgUsersync.id = "sharethroughImgUsersync";
sharethroughImgUsersync.style.height = '1px';
sharethroughImgUsersync.style.display = 'none';
sharethroughImgUsersync.src = "https://match.sharethrough.com/universal/v1?supply_id=k0cy4N0g";
if (document.body) document.body.appendChild(sharethroughImgUsersync);
} catch( err ) {
console.log(err.message);
}
try {
var iqmUsync = document.createElement('img');
iqmUsync.style.width = '1px';
iqmUsync.id = "iqmUsync";
iqmUsync.style.height = '1px';
iqmUsync.style.display = 'none';
iqmUsync.src = "https://pxl.iqm.com/i/ck/infolink?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fiqm-us%3Fuid%3D%7BIQM_COOKIE%7D%20";
if (document.body) document.body.appendChild(iqmUsync);
} catch( err ) {
console.log(err.message);
}
try {
var eqUsync = document.createElement('img');
eqUsync.style.width = '1px';
eqUsync.id = "eqUsync";
eqUsync.style.height = '1px';
eqUsync.style.display = 'none';
eqUsync.src = "https://ssbsync.smartadserver.com/api/sync?callerId=112&gdpr=0&gdpr_consent=";
if (document.body) document.body.appendChild(eqUsync);
} catch( err ) {
console.log(err.message);
}
try {
var oxUsersync = document.createElement('img');
oxUsersync.style.width = '1px';
oxUsersync.id = "oxUsersync";
oxUsersync.style.height = '1px';
oxUsersync.style.display = 'none';
oxUsersync.src = "https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D";
if (document.body) document.body.appendChild(oxUsersync);
} catch( err ) {
console.log(err.message);
}
try | |
| URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=6207cfa2-1a00-11ef-a962-a2484125e765 Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
i Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS June 6 May 23- Toggery Sho Home of the Original The Nantucket Reds TM 62 Main Street 508.228.0437 nced search | |
| URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D Model: gpt-4o | ```json
{
"riskscore": 3,
"reasons": "The script dynamically creates and appends script, iframe, and img elements to the document, which can be used for legitimate purposes such as loading ads or tracking pixels. However, this behavior can also be exploited for malicious purposes such as loading malicious scripts or tracking users without their consent. The use of localStorage and the handling of consent data indicate that the script is likely related to ad tracking or consent management, which is generally low risk but should be monitored for compliance with privacy regulations."
} |
(function(){var aa=window,p=navigator,aj=aa.top||aa,ak=aa.location.search.substr(1),A=encodeURIComponent,W=decodeURIComponent,aA=aa.parseInt,P=aa.PubMatic||(aa.PubMatic={}),K=0,ad=0,b=0,ap="pubmatic.com",V="ads."+ap,am=1,Q="https://",a=(aa.__cmp?1:0),ao=function(aF){return typeof aF==="function"},av=console.log.bind(console,"PubMatic:"),au=function(aJ,aI){var aG=0,aF=aJ.length,aH=false;for(;aG<aF;aG++){if(aJ[aG]===aI){aH=true;break}}return aH},n=function(aF,aI){var aH=aa.document.createElement("script");aH.type="text/javascript";aH.src=aF;aH.async=true;if(ao(aI)){aH.onload=aH.onreadystatechange=aI}var aG=aa.document.getElementsByTagName("script")[0];aG&&aG.parentNode&&ao(aG.parentNode.appendChild)&&aG.parentNode.appendChild(aH)},ar=function(aH){var aG=aa.document.createElement("iframe");aG.src=aH;aG.style.height="0px";aG.style.width="0px";aG.style.display="none";aG.height=0;aG.width=0;aG.border="0px";aG.hspace="0";aG.vspace="0";aG.marginWidth="0";aG.marginHeight="0";aG.style.border="0";aG.scrolling="no";aG.frameBorder="0";var aF=aa.document.getElementsByTagName("script")[0];aF&&aF.parentNode&&ao(aF.parentNode.appendChild)&&aF.parentNode.appendChild(aG)},s=function(aF){var aH=aa.document.createElement("img");aH.src=aF;aH.style.height="0px";aH.style.width="0px";aH.style.display="none";aH.height=0;aH.width=0;aH.border="0px";aH.hspace="0";aH.vspace="0";aH.marginWidth="0";aH.marginHeight="0";aH.style.border="0";aH.scrolling="no";var aG=aa.document.getElementsByTagName("script")[0];aG&&aG.parentNode&&ao(aG.parentNode.appendChild)&&aG.parentNode.appendChild(aH)},j=function(aG){var aI={},aL=aG.split("?")[1];if(aL){var aK=aL.split("&");for(var aH=0,aF=aK.length;aH<aF;aH++){var aJ=aK[aH].split("=");if(aJ.length==2){aI[aJ[0]]=aJ[1]}}}return aI},d="PubMatic",az="PubMatic_USP",ax=(function(){try{return aa.localStorage&&ao(aa.localStorage.getItem)&&ao(aa.localStorage.setItem)}catch(aF){return false}})(),h=function(aF,aG){function aJ(){var aR={};function aS(){if(aR.getConsentData&&aR.getVendorConsents){aF(aR)}}return{consentDataCallback:function(aT){aR.getConsentData=aT;aS()},vendorConsentsCallback:function(aT){aR.getVendorConsents=aT;aS()}}}function aQ(){window.__cmp("getConsentData",null,aH.consentDataCallback);window.__cmp("getVendorConsents",null,aH.vendorConsentsCallback)}var aH=aJ();var aO={};if(window.__cmp){if(typeof window.__cmp==="function"){aQ()}else{setTimeout(function(){if(typeof window.__cmp==="function"){aQ()}},500)}}else{if(window!==aj){if(aK()&&typeof window.$sf.ext.cmp==="function"){aP("getConsentData",aH.consentDataCallback);aP("getVendorConsents",aH.vendorConsentsCallback)}else{var aM=window;var aL;while(!aL){try{if(aM.frames.__cmpLocator){aL=aM}}catch(aN){}if(aM===window.top){break}aM=aM.parent}aI("getConsentData",aL,aH.consentDataCallback);aI("getVendorConsents",aL,aH.vendorConsentsCallback)}}else{setTimeout(function(){if(typeof window.__cmp==="function"){aQ()}},500)}}function aK(){return !!(window.$sf&&window.$sf.ext)}function aP(aS,aT){f | |
| URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1 Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The provided JavaScript code primarily deals with loading external resources such as iframes, scripts, and images from various URLs. These URLs are related to advertisement and tracking services, which are considered no risk as per the given instructions. There is no evidence of malicious behavior such as data exfiltration, credential harvesting, or unauthorized access. The risk score is set to 1 due to the general caution required when dealing with external resources, but no specific malicious activity is detected."
} |
(function(){var i,d=document,p="unsafe-url",e,s,t,u=["1https://ssc-cms.33across.com/ps/?us_privacy=&ts=1716577436498.1&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D","1https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=","https://x.bidswitch.net/sync?ssp=the33across&us_privacy=","https://ups.analytics.yahoo.com/ups/58350/sync?redir=true","https://ssc-cms.33across.com/ps/?us_privacy=&ts=1716577436498.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID","https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID"];try{for(i=0;i<u.length;++i){t=u[i].charAt(0);if(t=="1"){e=d.createElement("iframe");if(e){s=e.style;s.position="absolute";s.visibility=s.overflow="hidden";s.left=s.bottom=s.width=s.height="1px";e.referrerPolicy=p;d.body.appendChild(e);e.src=u[i].substr(1);}}else if(t=="3"){e=d.createElement("script");if(e){e.referrerPolicy=p;d.body.appendChild(e);e.src=u[i].substr(1);}}else{e=new Image();if(e){e.referrerPolicy=p;e.src=u[i];}}}}catch(x){};})(); | |
| URL: https://c1.adform.net/serving/cookie/match?party=14&cid=7BC31581-A96C-4988-9719-697CC8124055&gdpr=0&gdpr_consent= Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
i Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS June 6 May 23- Toggery Sho Home of the Original The Nantucket Reds TM 62 Main Street 508.228.0437 nced search | |
| URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7BD616BF12AB4F0B97944F812AE9B4DF&gdpr=0&gdpr_consent= Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
i Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS June 6 May 23- Toggery Sho Home of the Original The Nantucket Reds TM 62 Main Street 508.228.0437 nced search | |
| URL: https://sync.targeting.unrulymedia.com/csync/RX-3e386540-351a-4d38-bae7-2f06d223a8d0-003 Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
i Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS June 6 May 23- Toggery Sho Home of the Original The Nantucket Reds TM 62 Main Street 508.228.0437 nced search | |
| URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhXSbVRhhbRhahVWM&gdpr=0&gdpr_consent= Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
i Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS June 6 May 23- Toggery Sho Home of the Original The Nantucket Reds TM 62 Main Street 508.228.0437 nced search | |
| URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3251&pub_id=1503928 Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
i Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS June 6 May 23- Toggery Sho Home of the Original The Nantucket Reds TM 62 Main Street 508.228.0437 nced search | |
| URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3251&pub_id=1503928 Model: gpt-4o | ```json
{
"riskscore": 2,
"reasons": "The provided JavaScript code appears to be part of a module bundler or loader, which is common in modern web development. It includes functionality for handling module exports, object property definitions, and some utility functions for working with typed arrays. There is also a section related to consent data handling, which is typical for compliance with privacy regulations like GDPR. No obvious malicious behavior such as data exfiltration, credential harvesting, or unauthorized access is detected. However, the presence of consent data handling indicates potential privacy implications, which slightly increases the risk score."
} |
!function(t){var e={};function a(n){if(e[n])return e[n].exports;var i=e[n]={i:n,l:!1,exports:{}};return t[n].call(i.exports,i,i.exports,a),i.l=!0,i.exports}a.m=t,a.c=e,a.d=function(t,e,n){a.o(t,e)||Object.defineProperty(t,e,{enumerable:!0,get:n})},a.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},a.t=function(t,e){if(1&e&&(t=a(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var n=Object.create(null);if(a.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var i in t)a.d(n,i,function(e){return t[e]}.bind(null,i));return n},a.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return a.d(e,"a",e),e},a.o=function(t,e){return Object.prototype.hasOwnProperty.call(t,e)},a.p="./",a(a.s=114)}({1:function(t,e,a){"use strict";var n="undefined"!=typeof Uint8Array&&"undefined"!=typeof Uint16Array&&"undefined"!=typeof Int32Array;function i(t,e){return Object.prototype.hasOwnProperty.call(t,e)}e.assign=function(t){for(var e=Array.prototype.slice.call(arguments,1);e.length;){var a=e.shift();if(a){if("object"!=typeof a)throw new TypeError(a+"must be non-object");for(var n in a)i(a,n)&&(t[n]=a[n])}}return t},e.shrinkBuf=function(t,e){return t.length===e?t:t.subarray?t.subarray(0,e):(t.length=e,t)};var r={arraySet:function(t,e,a,n,i){if(e.subarray&&t.subarray)t.set(e.subarray(a,a+n),i);else for(var r=0;r<n;r++)t[i+r]=e[a+r]},flattenChunks:function(t){var e,a,n,i,r,s;for(n=0,e=0,a=t.length;e<a;e++)n+=t[e].length;for(s=new Uint8Array(n),i=0,e=0,a=t.length;e<a;e++)r=t[e],s.set(r,i),i+=r.length;return s}},s={arraySet:function(t,e,a,n,i){for(var r=0;r<n;r++)t[i+r]=e[a+r]},flattenChunks:function(t){return[].concat.apply([],t)}};e.setTyped=function(t){t?(e.Buf8=Uint8Array,e.Buf16=Uint16Array,e.Buf32=Int32Array,e.assign(e,r)):(e.Buf8=Array,e.Buf16=Array,e.Buf32=Array,e.assign(e,s))},e.setTyped(n)},10:function(t,e,a){"use strict";t.exports={2:"need dictionary",1:"stream end",0:"","-1":"file error","-2":"stream error","-3":"data error","-4":"insufficient memory","-5":"buffer error","-6":"incompatible version"}},114:function(t,e,a){"use strict";e.__esModule=!0;var n=a(36),i=a(115),r=new n.default;window.queuePixels=r.queuePixels,i.getConsentData(function(t,e){e||r.requestPixels(t)})},115:function(t,e,a){"use strict";e.__esModule=!0;var n=1e3,i={},r=window.addEventListener?window.addEventListener:function(t,e,a){window.attachEvent("on"+t,e)},s=window.removeEventListener?window.removeEventListener:function(t,e,a){window.detachEvent("on"+t,e)},o=function(t){return!t||!t.purpose||!t.purpose.consents||!0===t.purpose.consents[1]},l=function(t){var e=t.data;try{e=JSON.parse(e)}catch(t){}var a=e.__cmpReturn||e.__tcfapiReturn;a&&("getConsentData"===a.command&&a.returnValue?h(a.callId,a.returnValue.consentData):a.success&&a.returnValue&&h(a.callId,a.returnValue.tcStri | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
i Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS May 23-Oune 6 Toggery Sho Home of the Original The Best of Nantucket Reds TM 62 Main Street 508.228.0437 ELIN Memorial Day PROM0100FF2024 YARDS with nced search | |
| URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D Model: Perplexity: mixtral-8x7b-instruct | {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for login is present in the text."
]
} |
i Nantucket 676 F Friday, May 24, 2024 Log In Subscrih Newsletter Q This Week's Newspaper Sunny Essential Nantucket since 1821 Classifieds Real Estate Contests Special Sections Free Games NEWS OBITUARIES ARTS & ENTERTAINMENT LIFESTYLE PHOTO GALLERIES SPORTS EAT & DRINK. OPINION NANTUCKET TODAY SUBSCRIBE Nantucket Real Estate Sotheby's Maury DISCOVER MORE People Salcs & Rentals INTERNATIONAL REALTY CONTESTS June 6 May 23- Toggery Sho Home of the Original The Nantucket Reds TM 62 Main Street 508.228.0437 nced search | |
| URL: https://sync.a-mo.net/isyn?lr=%5Bobject%20Object%5D&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= Model: gpt-4o | ```json
{
"riskscore": 0,
"reasons": "The provided JavaScript code primarily consists of URLs used for user synchronization and tracking purposes, which are common in advertising networks. There are no indications of malicious behavior such as data exfiltration, credential stealing, or unauthorized access attempts. The use of random hexadecimal strings and placeholders for GDPR and privacy-related parameters further suggests compliance with data protection regulations."
} |
__am$CK(["https://x.bidswitch.net/sync?ssp=adaptmx&user_id=fddc7155-af29-4c29-b97d-739af69cc326&gdpr={{GDPR}}&gdpr_consent={{GDPR_CONSENT}}&us_privacy={{US_PRIVACY}}&gpp={{GPP_STRING}}&gpp_sid={{GPP_SID}}","https://ups.analytics.yahoo.com/ups/58570/occ?uid=fddc7155-af29-4c29-b97d-739af69cc326","https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr={{GDPR}}&gdpr_consent={{GDPR_CONSENT}}&us_privacy={{US_PRIVACY}}","https://id.a-mx.com/u?&gdpr={{GDPR}}&gdpr_consent={{GDPR_CONSENT}}&us_privacy={{US_PRIVACY}}&gpp={{GPP_STRING}}&gpp_sid={{GPP_SID}}&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dfddc7155-af29-4c29-b97d-739af69cc326%26bidder%3Damx_com%26uid%3D","https://rtb.openx.net/sync/prebid?&gdpr={{GDPR}}&gdpr_consent={{GDPR_CONSENT}}&us_privacy={{US_PRIVACY}}&r=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dfddc7155-af29-4c29-b97d-739af69cc326%26bidder%3Dopenx%26uid%3D%24%7BUID%7D","https://cm.adform.net/cookie?&gdpr={{GDPR}}&gdpr_consent={{GDPR_CONSENT}}&us_privacy={{US_PRIVACY}}&gpp={{GPP_STRING}}&gpp_sid={{GPP_SID}}&redirect_url=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dfddc7155-af29-4c29-b97d-739af69cc326%26bidder%3Dadform%26uid%3D%24UID","https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr={{GDPR}}&gdpr_consent={{GDPR_CONSENT}}&us_privacy={{US_PRIVACY}}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.a-mo.net%252Fsetuid%253FA%253Dfddc7155-af29-4c29-b97d-739af69cc326%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID","https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr={{GDPR}}&gdpr_consent={{GDPR_CONSENT}}&us_privacy={{US_PRIVACY}}&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dfddc7155-af29-4c29-b97d-739af69cc326%26bidder%3Dindex_rtb%26uid%3D","https://ap.lijit.com/pixel?&gdpr={{GDPR}}&gdpr_consent={{GDPR_CONSENT}}&us_privacy={{US_PRIVACY}}&gpp={{GPP_STRING}}&gpp_sid={{GPP_SID}}&redir=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dfddc7155-af29-4c29-b97d-739af69cc326%26bidder%3Dsovrn%26uid%3D%24UID","https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dfddc7155-af29-4c29-b97d-739af69cc326%26bidder%3Dappnexus%26uid%3D%24UID"], {"amuid":"fddc7155-af29-4c29-b97d-739af69cc326"}); | |
| URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH868Z4&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C359%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0& Model: gpt-4o | ```json
{
"riskscore": 2,
"reasons": "The provided JavaScript code primarily deals with cookie synchronization and logging, which are common in advertising and tracking scripts. There are no obvious signs of malicious behavior such as data exfiltration, credential stealing, or unauthorized access. However, it does handle user data and cookies, which could potentially be used for tracking purposes. This is considered low risk but should be monitored for any changes or misuse."
} |
try{
var cookieSyncConfig = {"datalen":153,"visitor":{"vsCk":"visitor-id","vsDaCk":"data","sepVal":"|","sepTime":"*","sepCs":"~~","vsDaTime":31536000,"cc":"US","zone":"e","coc":"NA"},"cs":"10","lookup":{"g":{"name":"g","time":14,"cookie":"data-g","urls":[{"type":"img","url":"https:\/\/cm.g.doubleclick.net\/pixel?cs=10&google_nid=media&google_cm=1&google_hm=<encb64vsid>&google_sc=1&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}","eu_url":null}],"pvid":77,"isBl":0,"g":1,"cocs":0},"loop":{"name":"loop","time":365,"cookie":"data-lop","urls":[{"type":"other","url":"https:\/\/csync.loopme.me\/?pubid=11498&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop","eu_url":null}],"pvid":359,"isBl":0,"g":0,"cocs":0}},"ussyncmap":[],"hasSameSiteSupport":"1","csDelSS":true,"batch":{"gGroups":["apx","csm","ppt","rbcn","son","bdt","con","opx","tlx","mma","c1x","ys","sov","fb","r1","g","pb","dxu","rkt","trx","wds","crt","ayl","bs","ui","shr","lvr","yld","msn","zem","dmx","pm","som","adb","tdd","soc","adp","vm","spx","nat","ob","adt","got","mf","emx","sy","lr","ttd","yie","mgt","tst","ats","pts","mdn","mts","trs"],"bSize":2,"time":30000,"ngGroups":["loop"]},"log":{"successLper":100,"failLper":100,"logUrl":{"cl":"https:\/\/hblg.media.net\/log?logid=kfk&evtid=chlog"}},"csloggerUrl":"https:\/\/c21lg-d.media.net\/log?logid=kfk&evtid=cs&del=%3Cdel%3E&vsid=%3Cvsid%3E&origin=1&flt=0","optout":"mnet_optout","cslogger_host":"c21lg-d.media.net","ck_del_sld_tld":true,"rtus":[],"gdpr":false,"gdprconsent":"1","cookieDeletionList":[],"ccpa":false,"ccpaconsent":"1","info":{"domain":".media.net","cid":"8CUH868Z4","itype":"APPNEXUS_EXPERIMENTNone","pid":"8PR113JGC","svr":"299","ll":2,"obpurge":false}};
window._mNCk=window._mNCk||{},function(t,e,n,r,o){"use strict";function i(t){return"function"==typeof t}function a(t){return"[object Array]"===Object.prototype.toString.call(t)}function u(t){switch(typeof t){case"string":return f(t)&&("1"===t||"true"===t);case"number":return 0!==t;case"boolean":return t;case"object":return null!==t;default:return!1}}function c(t){return f(t)?encodeURIComponent(t):""}function s(t){if(!f(t))return"";try{return decodeURIComponent(t)}catch(e){return t}}function f(t){return void 0!==t&&""!==t&&null!==t}function l(t,e){if(!f(e)||!f(t))return"";if(a(e)){var n,r,o="";for(n=0,r=e.length;n<r;n++)o+="&"+t+"[]="+e[n];return o}return"&"+t+"="+e}function p(t,e){var n,r="",o=!!e,i=o?e:t;for(n in i)i.hasOwnProperty(n)&&(o&&(n=e[n]),f(t[n])&&(r+=l(n,t[n])));return r}function m(t){if(!f(t))return{};var e,n,r,o,i={};if(e=t.indexOf("?"),e===-1)return i;for(n=t.substring(e+1).split("&"),r=n.length;r--;)o=n[r].split("="),i[o[0]]=o[1];return i}function h(t){this.url=t,this.map=m(this.url)}function d(t){var e={};this.set=function(t,n){return e[t]=n,this},this.get=function(t){return u(e[t])?e[t]:""},this.loadFrom=function(t){return t&&(e=t),this},this.serialize=function(){return e},t | |
| URL: https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D#/gallery/?group=483654 Model: gpt-4o | ```json
{
"phishing_score": 2,
"brands": "The Inquirer and Mirror",
"phishing": false,
"suspicious_domain": false,
"has_loginform": true,
"has_captcha": false,
"setechniques": false,
"reasons": "The URL and the web page appear to be legitimate. The domain 'ack.net' is associated with 'The Inquirer and Mirror,' a known publication. The page does not exhibit common phishing characteristics such as misspellings, suspicious requests for personal information, or unusual domain names. The presence of a login form is typical for news websites offering subscriptions or member services."
} |
 | |
| URL: https://www.google.com/recaptcha/api2/aframe Model: gpt-4o | ```json
{
"riskscore": 2,
"reasons": "The code appears to be related to Google's reCAPTCHA service, which is used for anti-fraud and anti-abuse purposes. It includes functionality for message handling and image creation, which is typical for such services. However, it does interact with localStorage and sessionStorage, which could potentially be used for tracking or storing user data. Given the context and the source (google.com/recaptcha), the risk is minimal but not entirely absent."
} |
/** Anti-fraud and anti-abuse applications only. See google.com/recaptcha */ try{var clients={'sodar':'https://pagead2.googlesyndication.com/pagead/sodar?'};window.addEventListener("message",function(a){try{if(a.source===window.parent){var b=JSON.parse(a.data);var c=clients[b['id']];if(c){var d=document.createElement('img');d.src=c+b['params']+'&rc='+(localStorage.getItem("rc::a")?sessionStorage.getItem("rc::b"):"");window.document.body.appendChild(d);sessionStorage.setItem("rc::e",parseInt(sessionStorage.getItem("rc::e")||0)+1);localStorage.setItem("rc::h",'1716577481856');}}}catch(b){}});window.parent.postMessage("_grecaptcha_ready", "*");}catch(b){} | |
| URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Model: gpt-4o | ```json
{
"riskscore": 1,
"reasons": "The provided JavaScript code appears to be part of the Google Closure Library, which is a legitimate and widely-used library for optimizing JavaScript. There are no obvious signs of malicious behavior such as data exfiltration, credential harvesting, or unauthorized access. The code primarily deals with polyfills and utility functions. However, as with any code, it is important to ensure it is sourced from a trusted location to avoid any potential risks."
} |
(function(){/*
Copyright The Closure Library Authors.
SPDX-License-Identifier: Apache-2.0
*/
'use strict';function m(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var p="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,d){if(a==Array.prototype||a==Object.prototype)return a;a[b]=d.value;return a};
function aa(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var d=a[b];if(d&&d.Math==Math)return d}throw Error("Cannot find global object");}var r=aa(this),u="function"===typeof Symbol&&"symbol"===typeof Symbol("x"),v={},w={};function x(a,b){var d=w[b];if(null==d)return a[b];d=a[d];return void 0!==d?d:a[b]}
function y(a,b,d){if(b)a:{var e=a.split(".");a=1===e.length;var g=e[0],k;!a&&g in v?k=v:k=r;for(g=0;g<e.length-1;g++){var c=e[g];if(!(c in k))break a;k=k[c]}e=e[e.length-1];d=u&&"es6"===d?k[e]:null;b=b(d);null!=b&&(a?p(v,e,{configurable:!0,writable:!0,value:b}):b!==d&&(void 0===w[e]&&(a=1E9*Math.random()>>>0,w[e]=u?r.Symbol(e):"$jscp$"+a+"$"+e),p(k,w[e],{configurable:!0,writable:!0,value:b})))}}
y("Symbol",function(a){function b(k){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new d(e+(k||"")+"_"+g++,k)}function d(k,c){this.g=k;p(this,"description",{configurable:!0,writable:!0,value:c})}if(a)return a;d.prototype.toString=function(){return this.g};var e="jscomp_symbol_"+(1E9*Math.random()>>>0)+"_",g=0;return b},"es6");
y("Symbol.iterator",function(a){if(a)return a;a=(0,v.Symbol)("Symbol.iterator");for(var b="Array Int8Array Uint8Array Uint8ClampedArray Int16Array Uint16Array Int32Array Uint32Array Float32Array Float64Array".split(" "),d=0;d<b.length;d++){var e=r[b[d]];"function"===typeof e&&"function"!=typeof e.prototype[a]&&p(e.prototype,a,{configurable:!0,writable:!0,value:function(){return ba(m(this))}})}return a},"es6");function ba(a){a={next:a};a[x(v.Symbol,"iterator")]=function(){return this};return a}
function z(a){var b="undefined"!=typeof v.Symbol&&x(v.Symbol,"iterator")&&a[x(v.Symbol,"iterator")];return b?b.call(a):{next:m(a)}}var ca="function"==typeof Object.create?Object.create:function(a){function b(){}b.prototype=a;return new b},A;if(u&&"function"==typeof Object.setPrototypeOf)A=Object.setPrototypeOf;else{var B;a:{var da={a:!0},C={};try{C.__proto__=da;B=C.a;break a}catch(a){}B=!1}A=B?function(a,b){a.__proto__=b;if(a.__proto__!==b)throw new TypeError(a+" is not extensible");return a}:null}
var D=A;function E(){this.j=!1;this.h=null;this.l=void 0;this.g=1;this.u=this.s=0;this.i=null}function F(a){if(a.j)throw new TypeError("Generator is already running");a.j=!0}E.prototype.o=function(a){this.l=a};function G(a,b){a.i={B:b,L:!0};a.g=a.s||a.u}E.prototype.return=function(a){this.i={return:a};this.g=this.u};function H(a,b,d){a.g=d;return{value:b}}function ea(a){this.g=new E;this.h=a}
function fa(a,b){F(a.g);var d=a.g.h;if(d)retur |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2673 |
| Entropy (8bit): | 3.9887842116325363 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 58CC2A285FA90BA3DE9A09D3F03C3260 |
| SHA1: | 35231F0704994AE2D3683D2273B50DA6CFD64A93 |
| SHA-256: | FEADE82BE243A6418BC3563881AC36F1B9B3FDB44514C5C3B977ED1D18176139 |
| SHA-512: | AFF44BDE47C5BCFF9B4BFF05C4BBC3DF157F82FB98FCA7A9DF2A2A86002727CD3E98B9DE576F1798FEA2EB9C5AC82693EF13CA8A06E67ADC4224646555D35CC0 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2675 |
| Entropy (8bit): | 4.006891172478807 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D7ABB992955037FA34F3031E76F33ED1 |
| SHA1: | 2FCC2F1D1BC046E265B37D9096C9C6EB5F28BC12 |
| SHA-256: | 62B599A27B158FA393BF7F8864F2D44646C7ADA78827DA452062C923A3D5D28B |
| SHA-512: | E0482E37B75C86BA0077A9226242112C70D11783514520ADB8981C965A489A872E186A986FD791853804F2A2A9B92D5348E33E17DA8B8B83A1F2B171815BCCDF |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2689 |
| Entropy (8bit): | 4.008034443732533 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | F39874928F7A50D153B61299D52E7B92 |
| SHA1: | 88F93C5FFF4C0DD428749E1C2369EE6C7C4CF015 |
| SHA-256: | D555EA4E51B34154F923746489EA61A88F244D4125C134A2AEC3F0B9EC9C979B |
| SHA-512: | 22BC7E76463CDE67A7F95A2272EA674AFAA1BFDF865783BACF23C38B70A318DDFFF003ED738C2FEA5BB30B42F62459B4B47CAA1B27CAD6C440BCEA46CD11BD26 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2677 |
| Entropy (8bit): | 4.003176091455756 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 84CA494040E538B34F7E5A708342FFF4 |
| SHA1: | 405E63D13E618FC15ADD88152D25039F8794DCEB |
| SHA-256: | DABECD5681EF176129E57F79AE5F5F6030326412C65E0BCAE3F8481E49F19FEE |
| SHA-512: | DBE931D2BFF029090FF1FDC9490D532AB9BAD5D590B909E569C85F7CC0E74A7D9C827DCF0227B5A0E2FC2F31C0DFA3F7307E56E5BCF893F9A00780127F4BD98C |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2677 |
| Entropy (8bit): | 3.990688790364791 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 7094C7F46AE8C1C48EE36E88269D2BF8 |
| SHA1: | 58683A5B0E4B7CAD5FC838A6C6B78BB21418E651 |
| SHA-256: | AF9DEB1458DDCF11875E5CD4C3870802A1322720156074A424C886FA61189420 |
| SHA-512: | 79B9B4723D458446C53F0FCF19AD5D87A2FC66A1E89D83371C77DAC08EEF2A941D6BF204C43A9CDBED8682F6749BE04D4D4580D41044B6CC7D236F6ACD089B83 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2679 |
| Entropy (8bit): | 4.000397273215438 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5FC07FB8C711CF43737C2404080D3AD6 |
| SHA1: | B22C3A41CA67001B188D1492E8C2A63267AECA1B |
| SHA-256: | 2213875CDC458FB6B95F2D441A01BEB097B3C90F644AB2DDD34C101E46092CA9 |
| SHA-512: | 8BA8FC045D36A529F5934BCFBDB98A557BC5E2CA37641C1D96A489D11F5E452C28345D8930EB18BC8905D51DAFC8A42E69259EEF58103AEC4696495C79DD0309 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 157361 |
| Entropy (8bit): | 4.892527604378313 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5C1C54FD70EAD87073BD2D8D53A2E624 |
| SHA1: | 7963D59A1AC52FCC6D59CF94BD768E51C879B2C9 |
| SHA-256: | F44F6526E35F8F2595A297C9E049E8EFE9159F763C1D14832ADA2D66931EEBF8 |
| SHA-512: | E540E97EC90BBF22ECBAEC6136ED992DA80CEC0DC1A394848BCB9E16F6E2278EF0544F24B4C6D6D6E3B338D3B81A4037049A8F29F7C4A60A941A2B0DDB2D9A3A |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.d9bf9fa5b377514df7224a864456e96d.css |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 291997 |
| Entropy (8bit): | 5.573969604951686 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5CE219061746AC6CF71CC56ED193B23B |
| SHA1: | 6BD625F5A752300C1800614FCDED0593A7488AF5 |
| SHA-256: | 47A5FE1DC59F135EBC44440A8B9F1D8C6480B7E4D93AAB5053126BF83EF373BA |
| SHA-512: | 4690885CA888E014C0394BE8B3CB33518D2D1161BF9C66C690397A9565FAB32CC5F72EE62CDDE6DB0A55643C9E59A556B4D47EC17ED8E58321610B1477C16E27 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 69639 |
| Entropy (8bit): | 4.869426023874478 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 0A65E43F87B9AC1B8D2CB56646206390 |
| SHA1: | 9744808FCEADEA589A5496A45DA53D925106B996 |
| SHA-256: | 8F60C8E46FF2161132091C8BDAF0628C161918A67A1D65854C21BC6BDFF7EB91 |
| SHA-512: | 42337730D48F86D401E0E309C75EE0F3B29A451A41217B783171A856E83FEA6689394960B690419689A2487668BC9606624D293C41DB61D3C59957DBEBF74026 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://resources.infolinks.com/static/iquid-01.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2601 |
| Entropy (8bit): | 7.827018237457941 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | F3312A45B49A7AF7A540A0A4D493A1DB |
| SHA1: | BBCDD7B9630CC53C1E5C3BB4072B9E94496338A4 |
| SHA-256: | 544A4E3BD8036C58C021E02F8498988B2749622900851F8EC8EA64DAAD947F84 |
| SHA-512: | 73492FA014350EDB30CAA9D5764742D5E8C4B799FE5EDFA4AB60902CE5A2C8B9FD216357657A7D2363D07E63F17983C9480085650D974DD37206E8EAE8673716 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 150652 |
| Entropy (8bit): | 5.597416472916628 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 7E5D721D586B53D473137CDC2B919B4D |
| SHA1: | 1B98DDEB425FB87741B7603E5DF8D35C0E6C2332 |
| SHA-256: | E7C46326CF4759468A3FE6A4C72820A43EAD7902D0178D068A9666BD5692A750 |
| SHA-512: | 97824446CB71D2E2765D5D37EF97EB7F24AEA0737B3C7BA9545CE83B8EC0CEC24EA1B72DDFB78D92CBE4D4792DCF308B15EE29ED1209F94E6CCFC7C7FD0D96B3 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2314059807734673 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 590331 |
| Entropy (8bit): | 4.995616247235668 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 58A3B0A2ACCF592779B5D01C599F6DD1 |
| SHA1: | 521AD849D029847DDF0B5514ABE12D8E42CCE4A3 |
| SHA-256: | CD488C039BD674250DD04FD8A125BCDD6FA0BE6B2F756A6B9EB329EA8AF2B1D7 |
| SHA-512: | 7285A0AD3E16BB273C7C7179E82AD6C96AFE043F9AD107964C414FC04BC9B1629C19B336FD08A38976485B77097B2920901FD8B707B722F6A22FE993AB86B5C8 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.ack.net/contests/?utm_source=The+Inquirer+and+Mirror+Newsletter&utm_campaign=b12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01&utm_medium=email&utm_term=0_-501d27be68-%5BLIST_EMAIL_ID%5D |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 33 |
| Entropy (8bit): | 4.498939573903908 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5D267438958C4E6C62B0C9A367011385 |
| SHA1: | A41AD33CC630AA99C148717A0DBA90F7C94A72B0 |
| SHA-256: | ECAA1CE03A09539BAB2EAE59E3D9CA2176248EAD5485E99FB1952BF9DFE63B0B |
| SHA-512: | 9335F0D9E32A353C003310E99D6BB690F874AABA108FB75300BA3E1C24A4573770A053A798B9853327C451270411FA817BF2123D9C9882726115487BB69CAF42 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://lb.eu-1-id5-sync.com/lb/v1 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 39364 |
| Entropy (8bit): | 7.994498718242397 |
| Encrypted: | true |
| SSDEEP: | |
| MD5: | 3A8012EC36F9A10B6E08246AB0B2B3BD |
| SHA1: | 4C175A2409791B7637CCE679653D174F528F81C9 |
| SHA-256: | C9E8C3D39F75BCFD9C4CB7E4D2FCD5720993FD73E0CCB0BAB98ADB4FFABF1296 |
| SHA-512: | 414943424BD266BF900C90AF458D4FFC29AF801021418C3C126F257DBAA52009545499FF28983F6A5790034D01BAD8E64D444DD0218120AE59BA97A389202C1F |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/ptsanscaption/v19/0FlMVP6Hrxmt7-fsUFhlFXNIlpcaeg_x.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 3144 |
| Entropy (8bit): | 4.837947157992555 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C627B816028D73D26A4DD794D96CDC31 |
| SHA1: | A8018DE8384F1E176CA197C0113399E962359053 |
| SHA-256: | 6735B79D351D6CC479060BC5664A7EE8069F73BB067AF6E2135E6CA9D93498E3 |
| SHA-512: | 65F77108E559BCB4E71285893598D4FED0A5477D94253C0103A7B1212964DFCA630881D9313E707C297F4D3E150EBD0F3DDB20AC8AEE0356078EC270E16F26E4 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/staticcontent/css/template_presets/ugc_sweepstakes/graphicheader.css |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 603 |
| Entropy (8bit): | 0.935856668666257 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 2C739853E3EDFA26869416E3D4E5D369 |
| SHA1: | C263DC1C36C954B252BC7E775E6E82865D9B29B8 |
| SHA-256: | 00DAEF3B4A945D15F73EFA05E0CE2CA51F2F8252E1DA8FAE5C2EFB0F6DDDACCE |
| SHA-512: | EAE3DF357290171698ED241A53688A1907712A53D5AC7B8CA06C618335FE45FC556C9903DCC09283A4DABB6AC896CA67AF1AEAFA528593DB532F2E8586540A86 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2314059807734673&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1716577059&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.ack.net%2Fcontests%2F%3Futm_source%3DThe%2BInquirer%2Band%2BMirror%2BNewsletter%26utm_campaign%3Db12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01%26utm_medium%3Demail%26utm_term%3D0_-501d27be68-%255BLIST_EMAIL_ID%255D%23%2Fgallery%3Fgroup%3D483654&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&dt=1716577429020&bpp=4&bdt=3615&idt=774&shv=r20240522&mjsv=m202405210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=543620632423&frm=20&pv=2&ga_vid=708250260.1716577430&ga_sid=1716577430&ga_hid=383569264&ga_fc=0&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1263&bih=907&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083637%2C31083639%2C31083868%2C42531705%2C44798934%2C95331690%2C95331833%2C95331982%2C95331712%2C31078663%2C31078665%2C31078668%2C31078670&oid=2&pvsid=3712519101130699&tmod=153034285&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C984%2C1280%2C907&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=828 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 129784 |
| Entropy (8bit): | 6.217780035911654 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C839F6F1019EE2BFD4CE273BE7EFA479 |
| SHA1: | AA6EA35667A17EE7B4FD4548E36D9B3EE49C95FF |
| SHA-256: | AC36A3EF679FEEC7C10969B12514D5E83E5BD65B936A2BAD2D67643642C7E92C |
| SHA-512: | 8FC4CF1EDF5FA4AFEDB9CF55FD25737ACAC6B5FB4BDCAE31FBE313CD614897A858CFB6F78F3B4B2BDAF93F0D6FC684BBF8BFF5262167C0B0FA33C8097DAAE5F8 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://d1x4rwm1kh8pnu.cloudfront.net/ballot/assets/CSS/fonts/FontAwesome.woff?v=3.2.1-ss-23 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 10730 |
| Entropy (8bit): | 7.981896304436561 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 83095D53079235FE2DD2ECB503EBE3DA |
| SHA1: | E5F5BFC8D72175368DFBE9D7ABD8A47FF4EBCA82 |
| SHA-256: | 79434FA4A8CADDA1D70058C7F906314B399BC36A1FA9B92BCB22E4A7B5CB762D |
| SHA-512: | DBC03F48F76127B9C303948DF3E582EFF2484A92CA9C8346BE211ADF3E2F242033BF5457BFEE74ACED53203C2CE0C58C32B78F0CA44063F789992DCE81D556AD |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/content/tncms/custom/image/5c1c4746-cb48-11ee-8535-1be82a683942.jpg |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 257375 |
| Entropy (8bit): | 5.5480284028952065 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 110FC2BFFE3C23C431F683B30E6E2F24 |
| SHA1: | DA0101A2A439637A85AD687D6A4E12029A25A640 |
| SHA-256: | 9DE5F9B078FD921EE8BC511007E220FF3DEC84DE3BECD63A5E12825F0596F6A3 |
| SHA-512: | D9B169A67FDA18A3364A1BD08386C5C778E4BDBC2E8568A5A5A3E6901A47608414334AEF95A819AAA0412E47DC00993091BCD8CD7AB53A51216EC280F4102E86 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 14892 |
| Entropy (8bit): | 7.98489201092774 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 9EC6DEAF6BADA919E20B98F9F7B718B1 |
| SHA1: | 501D36403AD8205E4644532600019ECB10F5CB0A |
| SHA-256: | 7B348B30EA1FE43857E68FC462C29E5C6E63C97666AF75135C4396A272E54762 |
| SHA-512: | 03849431CEF204A1584FFE6F23DBE86730AFD076146AB3D1855B9C3402168A97FAA8A529E69FAE45EA24CFF7110C2930CB4744162BA0ED95D95600F6E777B322 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 829 |
| Entropy (8bit): | 5.402876979968737 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 370CF99A57B03687997E868E26E6DE0E |
| SHA1: | 90E59BB5A12BAF98D02C15BE2825CA359CBD93C9 |
| SHA-256: | CCE5713B8466DCDB1ED04992D2865DCC84508FAABE9553A5C5254AF53E7DD094 |
| SHA-512: | 9B3C9B94F115DCB372333B9D01F0F6E710B2A6F567C3E3641FACAB062C39DED06B8A190C6F9D548670CC715FEA4CBA4BAF415A1A196F9F363386B12FFBFEF189 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.google.com/recaptcha/api2/aframe |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 42433 |
| Entropy (8bit): | 5.259079994020187 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 0AB4E955C478B1FFF4FC8801A94BF4E4 |
| SHA1: | 22ABA186710F946D21AE19C617D7EB2651965AC6 |
| SHA-256: | 16EEF82325D88BCCB3F09D34D6155A3EE890EDFDB479D44264212B5D5ECA1AF9 |
| SHA-512: | FC8C34DE88F2173B3C388D1713F10F4B0E6BFEBF481AEBB2BE5556AA55E0269D810780797F653CF6BC85F69345B363C64390B9D9F091F94EC80BB2EC4E1C5A7B |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://static.criteo.net/js/ld/publishertag.ids.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 95548 |
| Entropy (8bit): | 5.588880031292874 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3658AEF8308941BD4A4E87ACBBDDC514 |
| SHA1: | 5F669E293B61657210757366887F1C47E7F228BE |
| SHA-256: | B5080F48182821A78ECB0905C3EF6C92ECB5A89F0996A964EAF647A7785C00E1 |
| SHA-512: | E44EAF072426E62E5298E01380B5F5600F09CF65494EDC07ABC8A455B2DB5D594E600FE9D4B334FAA777C87FAD2A1EC358460E22D314F0A3C2E355CC0B8C28E7 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://securepubads.g.doubleclick.net/tag/js/gpt.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 104534 |
| Entropy (8bit): | 5.474812672336902 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | BE4252937DE84054115C8244CFE6415E |
| SHA1: | DB5839E1BA863B5DCEE08E12B6C5A72EB087EC87 |
| SHA-256: | B4582AA1BC6E2844C8F017661B26BEB77CFC7952B431409528599458591F4090 |
| SHA-512: | F39A3FBA082EA5EE0C48F234B55570EF2B0EA425D6AD305AFFB2C0DFBE2CFB50536A4AF533D68FB23BDF8924D8F1FB6DD00E7A35E8C4BED3553FBB9D5FF2EB9F |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://securepubads.g.doubleclick.net/static/topics/topics_frame.html |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2368 |
| Entropy (8bit): | 7.917976057860558 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 93FC94BDE1FE6F97B85B4DCFEA8ABF3A |
| SHA1: | D08546CB64B8E8FFB1D87499CB0D064D3680E0E7 |
| SHA-256: | A9CE675741B1D1AE9F0A583C33E24CDEFC129848176B1717F2BFA1862EB72448 |
| SHA-512: | DD6A376381114EE2332D61A2FA309634CED39007831CB9B4F1AB2C9313A6DA602146589E65AB272FEE908896685DB53AE2F88D91EAAD5D1152443AD62F5403E0 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://thumbnails.infolinks.com/thumbnail.jpg?domain= |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 416 |
| Entropy (8bit): | 4.479378070162942 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | FA69F7C44D978E8006A7AD75BFE08005 |
| SHA1: | 0025FB40BD2A1A55C4325FD505931F4B1A3EB071 |
| SHA-256: | A14A0922DF56A8B4B8EB3B2BD22CFBA40CB9CDE6E603C73C447E8C9634D7A491 |
| SHA-512: | 51D2334B05F40D497691E684532EAD1BECEBDA8DB6B206D819F4B62FB263B6686C0454F9BEA8121FFF0C91BD9CB1626EA59FA3422910EA625182DC6D66B0F3D0 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/settings?key=top_offset_iframe |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 115693 |
| Entropy (8bit): | 7.990286268231932 |
| Encrypted: | true |
| SSDEEP: | |
| MD5: | 6360C1CDF01CAA53344D100CEF8A6851 |
| SHA1: | 8B1074EB3257BFE5571197ECD507451B0A97EFCE |
| SHA-256: | EB105AC8A175311A3D1D5D24EF28305029CFD4F96B7CF15577262DC88650DBBB |
| SHA-512: | DF92A1326E7AA0450392F71277FC720DC14C9E68E1B3A84F12308A73026FA72D75E7087E012DFED5DC5A06FA11CAC9BB7C85E7FB1E3AC39FD538F139D8791415 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 419 |
| Entropy (8bit): | 4.487884037193966 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5D438A3C205648A36990F559F2B7DDD2 |
| SHA1: | 0895915CAEBB0E208DA6B2CD5E92EF22422B4F6F |
| SHA-256: | FFA83CB5B40AB38AA878B38A2D9667ACF0BCE2DDC7E10D35E053269790D8AD87 |
| SHA-512: | 8190155AC86717480E1CC6689781CDA3E2958293B54200D90C21ED52126F961886307985D2F5930E18E63ADC33576466658FCCDC8C59716E6E844FDBBD617943 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/settings?key=bottom_offset_iframe |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 23549 |
| Entropy (8bit): | 5.497269137822647 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 04D54855E108E62BB5D4B0F48931940D |
| SHA1: | D09FADCC7BAF9DEB38F01A02E7F331CB2AE4F6D6 |
| SHA-256: | 36EA295580B6AE83E3E1D6B4BDF7564AF630736A9D46E3A7E8B7AACAF96B1DCD |
| SHA-512: | 0DFA11277B4E15C426FD0092A73BE9B6B1C7A5C2DAA3880373F54DFE6CD8A377F612F4C6F79ECBA9EDAE7D5F1DF8964E77078E10F638282C7FBEF412A54CA716 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://tpc.googlesyndication.com/pagead/js/r20240522/r20110914/abg_lite_fy2021.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 14200 |
| Entropy (8bit): | 7.9848584303999575 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 8189FC633208846686EEC91EA316D6FE |
| SHA1: | CE99A5D3A3E51EA1166DE5E664265DB6F7783449 |
| SHA-256: | FAE9EE8DA96BA004F96A5719E3CD323B3248C49A28E56777CE829900D50929ED |
| SHA-512: | F41D7510F7021E85EB8B57FF27759412BE13BCD40D8992FD4664CD16C6A25D3C8FFCD928F4C44EACBDEA52C12B050D239427DECE751B72C7BDA467A4E0B7D11E |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 143331 |
| Entropy (8bit): | 7.944322946035951 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 35B683CC45156330C8EC66209AD6F619 |
| SHA1: | 09412E210F465A47E930F5DE87518AF598F69121 |
| SHA-256: | 4188C04D0AB530C530CCE833F5252A87CE584893FD1642D11C759655617E77B8 |
| SHA-512: | 70F871CA55896E28C9F58BCE078D8709105739B5D010104D19F6351DAC32296C8F961A3F135110810FE19012A937CA4AFF1420BEFE11D3549B9659D846D89CDB |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 4636 |
| Entropy (8bit): | 7.802895717318115 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5C0B9572C2A24224A85C8A446A8A65D0 |
| SHA1: | 9325333B5835D6AD6A9E23A8DB6C55491A3CAEEC |
| SHA-256: | 76ED17D27A3A7BB88E2456BEFC8D1364C9F14344671A071A9E652EB50F9E230B |
| SHA-512: | 999C9A479DDFF7CDC4FE05104125B2F666499968D5F5AA8802C082683E5848DE3881796C7ED4E9E0093DCD59C7036193A3AC9A4568FA2C199187BA1DB05E94EF |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F59c910d931ae9c0318638256%2F7d60c9c5-4798-4db4-aef5-d2cfa70f724b.woff&t=%2501 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 725 |
| Entropy (8bit): | 5.484556497983608 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 0C2717098F5F6CF51C3299827081F42A |
| SHA1: | 41CDB3AE59EEE260FB1FB314614A3F0B06E0E8ED |
| SHA-256: | 0D7CE538729FDE5F2683E6E687C28A0624E64D8322F11529FE6E7CC23B5104DA |
| SHA-512: | 2FC4D6F1DE37DBB1642CC8D28FE4AFF39AD9E1F191106C07EB334DD3B2D9F657569830B2A13004A9023C9F57F1159A605B4E841671271AA9D40EB06D6C8EEA3A |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://google-bidout-d.openx.net/w/1.0/pd?plm=5 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 327164 |
| Entropy (8bit): | 5.5061054495525745 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 81267302EFDFB3E4524A22631A8FC99E |
| SHA1: | EFB274E7D019D5F3CDBEE88D317F46FE45BC91EE |
| SHA-256: | 70C00445D6632039ED99AF760731DAF3BF60EB12061863EE61E2CD7276A54D18 |
| SHA-512: | D378A12E5465E2DEFBBB794D1F5CA287D8A9B31E16482F782DC6C53D9F6CB4600B8B2ADCAAC0CCF963AA06B42569C8119E16987F59FB052B4AB1254784ED5EF0 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fembed-1039441.secondstreetapp.com |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 294489 |
| Entropy (8bit): | 5.229458813208863 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 6604474DD0CD4B9B02EFB2128AD7D08F |
| SHA1: | D96C3AFC952DC86697F099551CF08ECA5B7FA0D0 |
| SHA-256: | 87DA6C6411727AD9582F9389D5B464F69FCE9D77A992EBEB41AC6DCF5D0CA075 |
| SHA-512: | EEDADEF2ED57AE4F2F00FD100B798A1710407C26F5789AB91D918B928F634266128B4873B1D9F4214264F0C2726CC10B2E7E0E456C3BCB35B921ABF6CF63DB79 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://d1x4rwm1kh8pnu.cloudfront.net/ballot/assets/CSS/consumer_ballot-6604474dd0cd4b9b02efb2128ad7d08f.css |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 408463 |
| Entropy (8bit): | 5.526010130392721 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | F28932EA4F300B603223470CFA68D237 |
| SHA1: | 33A830C1ED066C2FB92F756C2E4172141B42EC28 |
| SHA-256: | 4B2C8B6E7978DB1A1BA167674DDB400A9168C48D9DE88016FA0CD5FF9FBE720C |
| SHA-512: | B8C0C5BCB7EECFCFBB9ACB6B7FD84AB35D861FF4EBA62D4EFCABEC218BC5F26531F6CB01F744EB90B72ABD99751D79EC655D084E454647981841808B10D28A21 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://imasdk.googleapis.com/js/sdkloader/ima3.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2668 |
| Entropy (8bit): | 4.459978268283667 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | CA20FAFDD9EB008FEA69930377978B23 |
| SHA1: | 2E12E81415F8A41D3511107728CB1408F2C02F33 |
| SHA-256: | BCF7CF073E4DC6E46A9CD1F03C6815816377F97A806F55D14651FF1EFA0425E1 |
| SHA-512: | 07EF3524E5DBC229D8E13BBEF11DE2DFE69B76B2BF02D983EAA41B8E0A0C96BA876C9100434E6D419B45E00E475C365F7A73EE634D44FC5CCD91C38EED9A2682 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://resources.infolinks.com/static/container-4.0.html |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 28918 |
| Entropy (8bit): | 5.18391357356486 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 35FD0B843E42386C2700EC105A4DB871 |
| SHA1: | 05627FEF57C521244932B9345645B81CA4B12BF5 |
| SHA-256: | 8CD2E6F0EA667C5DC60FCC1E1E365DFA30AD920C03E73AA6E459538DBF2977B8 |
| SHA-512: | 853E16CEAE096718F3D2EA99D4BDBACD29EB0D4C0619383133A0CACE465209BA8E29E75ED8AEAE3DF325E22ABE7EE415A2DE66E9192D82D44F1AE60D0E6DA8BD |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.wall.6bda27a55ad97fc4b06896d2aeaff321.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2349 |
| Entropy (8bit): | 4.883329110735439 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 9C9A508E42F8790DA19F36551C2BAAAA |
| SHA1: | E738732DA8953A733D28D5A3E7CADCCFAF3BFB02 |
| SHA-256: | 90C21E041FEED89DBB47AB17D68D50282025FF7E1AB403B13EA4DC320AA3723E |
| SHA-512: | A456465E919EC76E32123081D0F6A7C9F0F232B7D49068B128C18EDAA4CDD69785B290CED907BA7CD0B7F16A675911E6A882C6956702D31FB0B8F211083CC2D8 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/organization_promotions/1039441 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2488 |
| Entropy (8bit): | 5.020280959201957 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | AA2294C0C5BDC64D4FC19F4CF1E41774 |
| SHA1: | B60737C2A343F332F602A8FFE49E34B8C4C8D973 |
| SHA-256: | CF3E21AAD61783D6E6908E5631C43656C05A34A9C7F64EAB44DCD7FC58562AA8 |
| SHA-512: | 2601F823A1000EAE0493B15ADB54B4A56A6B0050144C453A8F1A3E711457061FFFD6E1E9D384DD6B8609350D5D623E45FDF7A0CE4CA4A0CD365FF1F001415F4D |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 15024 |
| Entropy (8bit): | 5.732028797065447 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | FB4710EC916B717BBC465E7EB653007D |
| SHA1: | 3AD43AE53F640AC9C76C7950332DC378825DD691 |
| SHA-256: | 2C1D2122BDE8E57C6A0D64D3AE5AB9311B92A90D939505522EA8017A0332AFED |
| SHA-512: | D7FCBF3C4E536442CA8FB6A05DD96DBC6F63895BB033E52F3E6881F4450C8B51E21A0D0F648EBBB503168FC82456B8B1F8DD636680F064A2FA33B27FFDCADC0D |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/additional-methods.54cac72c4ecc4fe6191818374fa8d218.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 428 |
| Entropy (8bit): | 4.4694120438583935 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | BC94518BC0352C4668C62D35F06F561B |
| SHA1: | A56BDE8E2EEF52C3F0ED9087E45A92F4D1E15862 |
| SHA-256: | BFB0C8786108835C9EF7D74C0A7A77183A6D234721915A048EF7B0705ECFE2C1 |
| SHA-512: | 638C23E7D91A58624613AB3F862337942C1FC67B1ADC1E60BC0236610EA21F25F0693E6294A7980CFB049A7E5774BC58133004B4621EFEB28DC3F74934E2AA9F |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/settings?key=enable_google_integration |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 45716 |
| Entropy (8bit): | 4.801905773368298 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 1FD7414DBE783398C2F9DD26F2A3321D |
| SHA1: | 5B032062E601F1B351DFBEFF0256786CEE90A332 |
| SHA-256: | 606174F48BED9102B814DA111D615DEE4DFBC5914393499DBE519CA3D3D895C6 |
| SHA-512: | F238BBE873032E8C1DD4B78E0B72EBB80CADEAC45999EA8D9F5DCAF9D23C90E275E94A7A01BEA04C21933E6CF18A330DF9C337844D8A52BDD3B1EA46C6087ABB |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/matchups?excludeSecondaryMatchups=true |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 73447 |
| Entropy (8bit): | 5.315425597976914 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 841DABCE0B477A93D9CF7379B9EB1368 |
| SHA1: | F1AFDA122D766036A7C3418D785C17168106A391 |
| SHA-256: | 1616C8CD083E6B17F6A75AB0695BD4A4573B31AE8398FFB43758288028F6A773 |
| SHA-512: | F8B298EFFAB6828E6386061FBC87CF6924EB9DBCAF82C559F76F6A8D924A752D97B6FD750BEB90CAC7D32B995903A7A075A17D18060B632DA416444B81943406 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 38515 |
| Entropy (8bit): | 5.420814596304703 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 69C7EAC9E71F644001805A13DCD0CD3F |
| SHA1: | 64F386EB99441CDB961D03F9BF95F3AAC6F81ECC |
| SHA-256: | 32DB2DC8E43C5765FAEFF465DF96DF03830B677370AF133C4E72503679BCE211 |
| SHA-512: | 148A17A43132C6DA1BB702D882519E1D66AA73BDDED339582217681E98ADBAA8933FA733E5CE54DA2BCC47034EAB426D08302FCACA6EFCC4ADA300ECA70F712C |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&family=Roboto:wght@300;400;500&family=Muli&family=Material+Icons&family=Material+Icons+Outlined&display=swap |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 5245 |
| Entropy (8bit): | 5.6023826563772925 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5827732181B0502BB0F72C7E84F437EA |
| SHA1: | 96004C012170572E4314A0DFAA2C32BE3E4C6ACA |
| SHA-256: | B8B7BFD54D7C59CF506219B4A539359982F71AEB7769FC256A7B0A95A4828308 |
| SHA-512: | DC155234D35353288F07E40FB54994C2EA107CFA467E80B117BFEC3D2D4AAA8CDEE1E39917BD8CDC5FBDB390A27FE94CD3BAE6BBFAA51B0D4CB268BF1E2D395F |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43791099&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 4252 |
| Entropy (8bit): | 5.06050603388838 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D30756563F8FAF38E52BDC6B5DAC8C5E |
| SHA1: | 0E017E3E03AB5499D39FDC9192DE7B7E47CE3E28 |
| SHA-256: | FBFCB1AB339F8D9297CB712B47F0D88AE56D07D008005C144D4CF989407378C6 |
| SHA-512: | 1ED0161A19D2C3B9EC6CFD18E093F7B16BF22F0B276D0D3592330802B071F443AB34AD0133EE47EB06272389A9ABE822BA097A71FD173C3188911165BCEB8590 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.d0dff6a7777a7a3e27203f7c5c80da86.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 219217 |
| Entropy (8bit): | 5.418054083421649 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | B6458A569A70D12F4B60C738067BA729 |
| SHA1: | DA9A362C42111F33A5EA79CECD8CC86445C3FF16 |
| SHA-256: | 42BBD0012A46493C1CA8E228B118806D03BB60BB93ECB05D40413DC0401722F0 |
| SHA-512: | B10E146EBA03A1787024CE1F719C5256F4AD8C132A7CE05061B40E7254EB282F19031E4188449C17EA421FA2C9D1B3FC0E36BE8C861F9865DA6F226ADEC12175 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 13922 |
| Entropy (8bit): | 5.358531718216509 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 8973D0686C501510D85E96FB9B9D7C4E |
| SHA1: | B795FA4FF07C810C373348785082D56D422F3B99 |
| SHA-256: | 7458EDD9B7B53F7B32C80F4856A8A0D1C4B7557C589F7C6B860C30A43829AC3A |
| SHA-512: | DB2D4FB366ABB51728862F3C8031BA91CB08740F1AE10D668774A6F216E16382672CC6420B8A6B01096DF952D8962A829F05010287F51309724DD4E09C9B2F25 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 7524 |
| Entropy (8bit): | 7.890669724332646 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 317A96D0C7904A8F401F78BDCBA19EAA |
| SHA1: | CFFB730FCCBB9E63D1620809C84342E95F16783A |
| SHA-256: | 67AA22BBF1D0AA9890357A829FA85C036A391BC09017BC60477795DC99AABC65 |
| SHA-512: | 379DDD611E4DEC732CA1CCA79555BEC97382BC6096808ACDD901AC60064F550E64E6DF490AD9FCBC6C3F9B1670888FFD93AFAF974E650BAF678297C2055BDD7D |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F59c910d931ae9c0318638256%2F28fa068d-650f-4cfc-916b-5142cd8bc797.woff&t=%20%3AFOcdehimoprtw |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 417 |
| Entropy (8bit): | 4.511607693461341 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 2BB24473C8B1B67AEEC4FB68E91194E9 |
| SHA1: | 43CF600BE90A7DFFD7870A07282F8ECEE0F9DE7B |
| SHA-256: | 0AAE1EE75CB033864AD04FD956674FE646656D8943179A3EC532B4FB28B9CBB0 |
| SHA-512: | 8EF1023EC872AA616AD7BAFD1C768916D7988FDE6543E30D1084A7D95D863E7C9076B56394376624FEE0221C641BD4DFF7F53193F3E6162599288CA52C30B84C |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/settings?key=allow_writeins |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 16942 |
| Entropy (8bit): | 6.01587671727573 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | A4B0BAA0299C972D5C7E9AAFC43888AA |
| SHA1: | 435891A94962E79405D67F27C1FC45E932EE8AA1 |
| SHA-256: | 48B2E797A84DBC202EB120B16D3BD0553C48A79769229051CA95C017DEF9F778 |
| SHA-512: | 25A1181CC58EB4B5FF8B6ECD717CE084F8772B12D52B254054EBC8F927064825F4F25C3297AEE226C1E82F7E87013E19FBEE22FA9E809CADD417ABD196F0CA40 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240522&st=env |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 31511 |
| Entropy (8bit): | 4.471932967612357 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 0B68444915B2A54486494D51C92A3690 |
| SHA1: | ABED7DE29EFAED28280F991FED48A8AD88151972 |
| SHA-256: | 71850AE0BF8353E8CFAD7F285270C0B527A3499A815B13F79665D7952D920678 |
| SHA-512: | 17F86DE3109F29ABE6D136CA52B7B0D7D9C8BE2AC26546323914D1E686FFAD4884FCDA830C77141D912D0EB68CF98E6B7FB6CAB8606D539CEED77176C63A4373 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/datepicker3.9f2593097fc3849b80bb9d187a12b345.css |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 539 |
| Entropy (8bit): | 4.598912011399093 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 07DA4F027F7F12613DCAE4E26C25A6C5 |
| SHA1: | CDB7051ABE6EEC8126CACE4503A1E94FBE53EA3B |
| SHA-256: | C25E9C93CD91E782F9FED1463383469EA2A23B80556A6DA6E97D0083170D30D8 |
| SHA-512: | E542E97E814BA1266B55D51CFEFA69BACD2148B24A5AE12493422F2F46AAB4E2AE5C6908EB240E9BC27E764B9F2FBD9A96289F16B0F31F6997340061E7D4B4F9 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 128352 |
| Entropy (8bit): | 7.998349465466699 |
| Encrypted: | true |
| SSDEEP: | |
| MD5: | 53436ACA8627A49F4DEAAA44DC9E3C05 |
| SHA1: | 0BC0C675480D94EC7E8609DDA6227F88C5D08D2C |
| SHA-256: | 8265F64786397D6B832D1CA0AAFDF149AD84E72759FFFA9F7272E91A0FB015D1 |
| SHA-512: | 6655E0426EB0C78A7CB4D4216A3AF7A6EDD50ABA8C92316608B1F79B8FC15F895CBA9314BEB7A35400228786E2A78A33E8C03322DA04E0DA94C2F109241547E8 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 33908 |
| Entropy (8bit): | 4.8051801142377935 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 12356FD8CB8979C32425E884E38A5FB1 |
| SHA1: | 98064DF00A02AE628009112EF8BE73F4947F5913 |
| SHA-256: | A126F8CB14CFA1F7C378647C4987C6BE485D4399FBFA2281B1DD0CC7EEC80B7C |
| SHA-512: | 8DA566A5C020CBFC2251D0E5500E51FBF55F4B2785A3403A2C0754DCE761008D5CB90617BE2CDD5EFE9358B6DF8A0A03DE96826B88FED55424504EEB87D577C7 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/tnt.access.offers.4fdfd736f9e289ead7758b846cd6b78a.css |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 431 |
| Entropy (8bit): | 4.512717509137254 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 450328546B68B9EF2CC4E00609457C24 |
| SHA1: | D132B0F04D889CB95E15BCD9C945F57EF1B62524 |
| SHA-256: | 6F7D8DF99F6CC28CA586C4015B0C708215E22E7FED58EE85F01FD238B36A6A9E |
| SHA-512: | 0E160CCD3E85DDC8F42E034A0A38E774D03CB5C50C4334A6E3C6792995712AB6FA4413AB8E019DDA2776E48DD8A3BA9D437B32AE077D4383ED004E87D2F7846B |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/settings?key=dips_url |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 306376 |
| Entropy (8bit): | 5.503226520420306 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 34860CFA4BFDDB045D978702FFE2D3BB |
| SHA1: | 0403A1CF66AC3C82B9DCD0D4330A1A475CCBDF3C |
| SHA-256: | 3196D741BE2FAECCB1793ACA6BFF6655F47FC9FE7AB9F438C478951A14D57D09 |
| SHA-512: | CB1DCD4032341793E7573065AAD79A56625405AB1E5AB4298D89C63C8E7BC4AC7D5F0FDAE62A5B0AC7AC9E8FD750722E33EFC22920DDA19344CA3E2017D8C8A9 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://connect.facebook.net/en_US/sdk.js?hash=82708586cd765d176cec3e90500482b4 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 431 |
| Entropy (8bit): | 4.515549505196122 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 45B4FD32B3DF036A01DE535CA201205E |
| SHA1: | 2F262FCA26B755CEF9B7A01AC59589EBFC1AE89D |
| SHA-256: | A08189C807E0B8DD080C1F249F92E3CF8651CC24AE6190E3D2FAE3088DADE963 |
| SHA-512: | C4C8E62D3CBE548FF3682F380F9B5344BB9FFDDB174B139AC4A76D904E68339F044DA77133329116F5172DA5122C7D2433CC0D958F3EBC24361C6810489E8188 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/settings?key=disable_writein_autocomplete |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1195 |
| Entropy (8bit): | 5.136352788493526 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 6BD342E07CE454DF76037B5A2632F56E |
| SHA1: | 861031276B9473A4F738F456A0AC0B88ACE2CA1F |
| SHA-256: | E388E19CA38C825B329E762C79C66BBD41BD334F18312C5E97FDE0A8F64BCA36 |
| SHA-512: | 54C8CAA5EB1F859510D94F2AB783409EB1BF40526FA99CCC2156B4CCC74459F961F20C9B9736E7823F0F4A9EF5E6A3F86BF14834D64012E88B7FC3C0EBEC899A |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 109614 |
| Entropy (8bit): | 5.08441411290563 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 87DF60D54091CF1E8F8173C2E568260C |
| SHA1: | 33183CD663FDC4907BCD1D2662CEA2CD86D80EDD |
| SHA-256: | 296FFFF5BE5FA17A541DF8E925D24E473CED64D535F543542BEBC15759B761FD |
| SHA-512: | EE5CCC02818F6D30CD7A00ECFCD77A51CEF3A9E2924A984F7FF7373EAFD4CF01DE2126E61905B6A4FC9074F79D96157A866F77372724CF46AD8F448F716E3265 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 42 |
| Entropy (8bit): | 3.9297954712258907 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D31320B41A6A283815FB2F490B9F227F |
| SHA1: | E21F339A128F97ED4F85AA079661CEC810089DC6 |
| SHA-256: | 435B1ECE4A55F4F8D06866B32C1AEE3CC4661EB905265894795F15A57BF1B33D |
| SHA-512: | F6AEAB24B8BE1A17B061DFBD89EF67E669E9A57B4A39E6051467A4974C854E87DACDBCDAC9F4F129C5EDB3739BBE06D27E0D94528D8C6229FDC3848A43BCB047 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 4676 |
| Entropy (8bit): | 4.357842655794871 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 8DC4516B302E84279C28632D473CDFF7 |
| SHA1: | 904BC598603D4AAD68128B8304DADD1D28254113 |
| SHA-256: | 4DB60939F3738FE7CBE1F25B1D1519DE132068B9069CFE9991E513B52D8A5685 |
| SHA-512: | 7F7B68BAE588ECEE04EC03FD99ED744290F5743E7CB4DA4C35DCAD364617A89A6A168332E3B6FD20206D4FB5A65AC4C4131FDE194D1609F4BE895DC1EB7088B0 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://d1x4rwm1kh8pnu.cloudfront.net/ballot/Images/Logos/upland-second-street-logo-color-8dc4516b302e84279c28632d473cdff7.svg |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 5570 |
| Entropy (8bit): | 7.967095731455644 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 01E40E709BFE2214770F75135AD699A4 |
| SHA1: | ABFBF0ADF5E5C05701F60B97E7A2C4B9AAFEFA31 |
| SHA-256: | 913146C6E8B6A6A66BB49EDB2F5B044D87CFB904455E825018872CA948618E46 |
| SHA-512: | 574C143A3BF9EA8DC529A07C116CC46663C384AEB419F3B5E2DD58491EE43CF45723B1333F2DE8A507A6A17FD1C5ED5B68398FF9D8DB5DC3EEEAD4F699E18C80 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fmelia-hotels-international%2F5b1e7460bb093f129c2d2c03%2Fimages%2Fb36b8ff5-4349-4bb2-857a-764b358f33a5.jpg&w=260&h=90&q=85&f=webp&rt=cover&x1=0&y1=0&x2=2880&y2=997 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 3286 |
| Entropy (8bit): | 5.061636323746364 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D7A9686585851DEF4845753511791DEA |
| SHA1: | 429222BB85514771E588032205B010271B82EA24 |
| SHA-256: | D2F1FD9C6AE21B9CC6BD16EA9C9DF73824E83052215B3F18667ECF6BF1585275 |
| SHA-512: | 78DC200FDF1D815C457EFF9E65A48FF7C8400E2686AE6E6E0311155F37A89B8EED96C1FDC02ED288D6EE2A5D0EE5F4C44941AB95A656B96BE53AD9FD5B2E1086 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.output.a0d6428746b3141c652c4f04ea9aab20.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 425499 |
| Entropy (8bit): | 5.605037910630616 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 629EAFA6AD7F4B95C9E603999E8CEF7A |
| SHA1: | 2A3F821A3FB89842C48E5C680B0D233E48FABDC7 |
| SHA-256: | A9AA46B59AE1863BD0FB777716EBB0D624ABBC3AC7C8018AA47ABA088A1649F7 |
| SHA-512: | 8D43DC61CE023B000D27E48599A9035664CF99EA1B5C8E7DF7DE340F774DE9C2D51A849BA3C02A98AE6912D447EEFF7D897A1D621E2A513DD0D032AFF81D399F |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 17456 |
| Entropy (8bit): | 7.987128137224685 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 0EDD602219E55E70D0B938CFF3993EF9 |
| SHA1: | 458EC884E013223487619FA5AF458CF5D761E24C |
| SHA-256: | 21D757DFC21F5DD52A77AC03A0509939B4F5E9D83B0B35A908B78CB64F9163A1 |
| SHA-512: | EE6DFB158CDA0A9E241DEA49B24589079DB2A7DB6E907851A255E4B79C48F3B5D06322E86A8422E674E7D3C9B35369BFEC2D4C8C1C366834D8854287E5105313 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://resources.infolinks.com/static/brands/ulta_728x90.jpg |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 93421 |
| Entropy (8bit): | 7.959639095389312 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 64357BB0DE8C717A79A79E314804C992 |
| SHA1: | 07DD8BB7504C978CBACA6D9A054535D5B961238F |
| SHA-256: | 5B89AC0D26F095A531C1F300F7DB36268346ACE4751C4251F2D74A8F0A1BDCDF |
| SHA-512: | AEB29EF12E3081FBE9F976D81F2CF0227BF1F45F0C73C73E8D47B22890A109EB0B3DD1F9F65AEE1A059D9F80BFCDDB95D430DE263481ABF70A08827D62C76C94 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1629 |
| Entropy (8bit): | 5.338465464683756 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 8B2690ECF96B153D031D31C75F5C9F5B |
| SHA1: | 91737C987F5EC480BCBD4968566D97757FBBB09C |
| SHA-256: | 22C6358B31973F1F34FD4630A96BAAD42393D23806AFC973D93A8C15973E74F0 |
| SHA-512: | 2D3F306F3D12092FFFC3864F7F9ADC304B2C3B20649A09AE4F1DFAF4B47E7468968301E8BC4E1A9ACE825E374226B1795E80E9E99B04C145CD767AE9E98F5E9A |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 170 |
| Entropy (8bit): | 5.335916817166796 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | E7673C60AF825466F83D46DA72CA1635 |
| SHA1: | FC0FCBEE0835709BA2D28798A612BFD687903FB5 |
| SHA-256: | 0B8A20373C6DD04E091902226D922B3688143A8938AFB9D283D889DE7B55CEB5 |
| SHA-512: | F1C33E72643CE366FD578E3B5D393799E8C9EA27B180987826AF43B4FC00B65A4EAAE5E6426A23448956FEE99E3108C6A86F32FB4896C156E24AF0571A11C498 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTcwODA1MjctYzc1Zi0yZTA1LWRmMGMtZjYxNWMzZDY5YzNl |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 20935 |
| Entropy (8bit): | 5.219730481070534 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 62FB0D924F71B628B980D90DA7158EE5 |
| SHA1: | 166723D7B067F1002E4DBC68894A1EA9BC7A8F9A |
| SHA-256: | A481CA181E9D6F64E4B75C4B87779E08AA375D45E1EA2AD9C21A7D8E38F361B2 |
| SHA-512: | 547D18EF4D330437BD11046F956D36585F4B89F857D20E85B6DA61D4F01C550445DFE37E2E1CBBB026A40DD7ADBBB64C1F9BD3908774AEEC77B8AB67B7BC1424 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 111 |
| Entropy (8bit): | 4.454151681332766 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 035A0B1459161E0E2054B879A3F3546C |
| SHA1: | A8F64489A5F41476A61118CE09F277EBEF360508 |
| SHA-256: | 0609B70C35EAB974A2C2D99D6DA5D84D95B97F9FE3D28828710D04835153CB20 |
| SHA-512: | 159D8E9D3EC439D91C9845B770462899ED85A2E22C854F5E8EB29C784B4ED920F83AA79ECB6341700F4BDD52F2D74B3AE2CC478C4C7368A945F6BDD301138599 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=XANDR&ead-name=AMERICA_US_AO_RTG_MR_DEST-GENERICO-VAC_DIS_XANDR_ALL_DIS-EST_NA_NA&ead-location=DISPLAY_RETARGETING_US-DIS_DIS-EST_EN&ead-creative=AMERICA_US_AO_RTG_MR_DEST-GENERICO-VAC_DIS_XANDR_ALL_DIS-EST_NA_NA&ead-creativetype=DEST-GENERICO-VAC&eseg-name=AO&eseg-item=VAC&ead-mediaplan=US-Retargeting&ea-rnd=61258&adfrmid=6631658570956177409 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 568 |
| Entropy (8bit): | 5.220849267254173 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 2E2A6826C25F4A2F22F0112C0E467584 |
| SHA1: | 4F03595E16983C608E43D6CC6F558F515C716780 |
| SHA-256: | 0857D11FEF8BE7A02171417365501F07D12E4D0FD4969A8CE43B9ADFFB7B1158 |
| SHA-512: | 15EA2426FE40C9914E6C1C0467910F58A523B73507888586A890144924BAFF7EA72E363C08E20841BB28FA7B229CD8A4129E489580BF3E2422DCB42386D5818D |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdn.segment.com/analytics-next/bundles/tsub-middleware.bundle.77315eced46c5ae4c052.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 33 |
| Entropy (8bit): | 4.498939573903909 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 7AAD36DFABE60FD87676FCAA54CEA0D0 |
| SHA1: | DC1A24A9A571173EEE4BBF1F51101F5B76653D2B |
| SHA-256: | 136E4F90FC126AD3A778F8A71FB9681D727DC25EF1FB48AEED387708203DB050 |
| SHA-512: | 02CEF8D67FB084F5C1E9080AF9B6F4EFD5DC267BEB7B12DE67BCBC760EDBC32B343D5047400D704CD060B38AB86438C40A1CCED15EE05F2CC2F2ADE9243AA5A4 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 43 |
| Entropy (8bit): | 3.1173295799313006 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 718E8BD317B47C1018A861F423615C1C |
| SHA1: | 874D28C9586324D5D16558065197CEA533F10B67 |
| SHA-256: | 11E3A37194C2691FF2EB5C2237CB14A9269C30E844DC48047F9324391477F11F |
| SHA-512: | 03C6C7B9B9D5A09139097D9BB5F35428DF9B8A5AA0DBAD467CEF79F7B4FE7ED7CE96346AA1AEE3972D296A22FAA3679725EFD6B3620A86C58AEC5E6E6A3C7CB5 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 870 |
| Entropy (8bit): | 4.557768118179261 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | AD809A6B9AFDA5DDE3EFF67031431B4B |
| SHA1: | 060E8CBE024196552636C951D6CDF83AEE97F55B |
| SHA-256: | 8EC44A4B321F5115D8760F193298585D8B28A26DD3190D0A3690B9E09A489A94 |
| SHA-512: | D36BDEF3595ECF8BD520C5292C2F14390D768958A26D8A2D5252D27C18EA1F3A7FCE522FE250027C98A2F0A56DC853A48396309F9A2816404CFE95DF9BAFBB0F |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 42 |
| Entropy (8bit): | 2.9881439641616536 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D89746888DA2D9510B64A9F031EAECD5 |
| SHA1: | D5FCEB6532643D0D84FFE09C40C481ECDF59E15A |
| SHA-256: | EF1955AE757C8B966C83248350331BD3A30F658CED11F387F8EBF05AB3368629 |
| SHA-512: | D5DA26B5D496EDB0221DF1A4057A8B0285D15592A8F8DC7016A294DF37ED335F3FDE6A2252962E0DF38B62847F8B771463A0124EF3F84299F262ED9D9D3CEE4C |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 14192 |
| Entropy (8bit): | 7.985470850221832 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 455A62700063C9049C4A7646AAD9EA67 |
| SHA1: | 4BFD01BC2808565E15BFE9B41DEE2DF9D96EE630 |
| SHA-256: | F94B7756C96411B34B90CEDCD0234FB84C06127006B9AF456D7633705BA8513B |
| SHA-512: | 66DAC8C43365E39CE7C7BA5BFCE0C55E643B232849640D75BB9373E2C1AC3E733C10A24398685380F4515332B73FAB36F6CECD916DF2D5842E5C3E78939908F9 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCds18Q.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 19 |
| Entropy (8bit): | 3.5110854081804286 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | B25F504B63B180A43E697993D2C3AB9D |
| SHA1: | 4347F45A359BC4207863EB82CB3DCF3D8F0A72FC |
| SHA-256: | 6F0FC5ED67235ABBD377C0D62F6F03C0D2C4FD0F7308CDCE6C098A0AA3D92560 |
| SHA-512: | 8F15CFC3231A5EA7939A0982A317A25BD25818F1A58849D7C5737B8B630132D45F74C33580B7161AB1FC83CB6BB5F03602CFCCE935AA2860015BBFE6196C028F |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/settings?key=google_maps_api_key |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 39827 |
| Entropy (8bit): | 5.426881544196986 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 21F8671135AFBD2E874C42D3DC478AFA |
| SHA1: | FBBE938AEBBAF60E3B8388721A41905B36681E60 |
| SHA-256: | F6CD320C5BA515FEF3997AFE473332231160A2CB715F1A99679A7CEFA1CF0BE0 |
| SHA-512: | 830FB51CC3DDE68BD79A3961E6F5C2D435A966CE552FBE683A45AC29F20F8EB7C6F048DEF36E590E851A672DA740BD8F7BDA573CE9E65B37F0DD6D59D8CA5F53 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://tags.crwdcntrl.net/lt/c/16589/sync.min.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 14712 |
| Entropy (8bit): | 7.984524638079703 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3AFEAE0D768769F5E5F30AC9805C5B70 |
| SHA1: | 3ADA17C2B462DB3E7A1FD85C3F4670DFE7704F4D |
| SHA-256: | 0D0A6262C545E8BBC895116E5AFB22579C468D7ABB77E378F377D6FED57C1DCE |
| SHA-512: | 71C361AC0D7B72B222D4F087B46D1BEA318ED6652C4D37EC3403F0B0616482B5040232E06F2FCF13109CDF6151DC209E882C0DB40B2C6ACE4E2E0292FCDCDAB5 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2791 |
| Entropy (8bit): | 5.287322045927613 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5C7D501A421E8374AEA0ED48A56FCBB0 |
| SHA1: | 6D3E76AF7ACA71F56F36D587C040E1B9EBC42892 |
| SHA-256: | 44CE81F335EF7BF6DE6077CF455BA3246E3C6296C341569078483632DB25F096 |
| SHA-512: | BD4417BE5B755D5768BC3CFF88F4F78488274CAB93E5EFF8DBD776A4120440143D7C8EBF9C122E08E08A564F4B51AC7EBC6B48233EC97369770782FA7B67C1C3 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://resources.infolinks.com/static/usync/iqusync-1.29.min.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 4968 |
| Entropy (8bit): | 7.798721334045115 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | A890706174F48DE1094DCF6D2FCC7244 |
| SHA1: | 906227598C031E79B703E60B08EB98CE6A820A9D |
| SHA-256: | DC097D3CA883462C41BFAAFAAD0314D4281C2322CFA4FA3B36CF2065B57DE948 |
| SHA-512: | 6354DA237E58BA59A8DC631CD2664AF8F395C59305F96FA42D1E838131ABE5FFA882DAD5793E5BE4CCD2015300A1D1789A82E89ACC66C17DC88BE28E4353A77B |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F59c910d931ae9c0318638256%2Fbbf9e2bb-1fa5-4e5c-a827-d8aea169a654.woff&t=%20DMaeilmory |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 732 |
| Entropy (8bit): | 5.250407629492537 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | E6147523B7396AAD764A752DFC6BE7F7 |
| SHA1: | 22B6719BFB0FE1AAAD21FB3511F130E83839AB56 |
| SHA-256: | A5230196DF9A4E9F6382C504668862EFC8E25C1EC093C7DC997FBEDB4B3EC54E |
| SHA-512: | B4398AECFCE57041267675D8B208E903B2DF7735E00E17875AE17B84FF7BD9019888A8B1EF066E4701E297063FB51DAC8560858858C90C7FB2B5B4C6DB4126C0 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 59622 |
| Entropy (8bit): | 5.8638220659747615 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | A4CA5BBD6199CCB958125EF763398A4D |
| SHA1: | 97F2F683089DB56CF2A015F53AA0AEE56D2112F5 |
| SHA-256: | D34BE3C626E4FF7FC1195C292C54A04E0FBE4CEAC311B5B95DE71AF6D47C6F26 |
| SHA-512: | C3E4DB1B3A1544D123BD460D1686019BE942D12B0296A8468D56D3AB537E453B14EB71639BC37079747F464C4098E371D764BC1D31D9D038CE06BAFA179DFB2D |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 66297 |
| Entropy (8bit): | 5.5535578320202506 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | CBEDAB71A5200BE2EDA51262AAF62E96 |
| SHA1: | 414A47FB2CC6B2C97E31F62585717559880991FB |
| SHA-256: | 5DDA9799AA8E8227323D0D62A9E7B82D5019D89EAE5A0E4101B43700BC252166 |
| SHA-512: | F1F011BB9A62373C52259CBD7FB3E3C2DE6CC0192ACB45CEF13C1B439F685C371C10851C2C2B39559246C200D87E0710C864F58FCF10D7636E410E43592886DB |
| Malicious: | false |
| Reputation: | unknown |
| URL: | "https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&family=Oswald:wght@500;600;700&family=Playfair+Display:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&family=PT+Sans+Narrow:wght@400;700&display=swap" |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 16072 |
| Entropy (8bit): | 5.511526781045287 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 1EFFFD6CB33146ADD963FAED777BEF4E |
| SHA1: | E02756C23FF8938F41B45C054F2DF1E74017AF4B |
| SHA-256: | C861DD92BE984FE498ECE34C0F3C921861AC51BFEE50323FCAE21231ABF7A82B |
| SHA-512: | C18BC005BD7EE270D1A009801311F2CD53DCB5E6E669216AEA55393FC30B642749926E357370D39FB013E0D9EC1BF781869AB5C568AC09529477DEF0192D3154 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158685&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D3%26buyeruid%3DPM_UID |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 533 |
| Entropy (8bit): | 5.284657659464005 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C68C938D4AAEED0F50D02412B7ABE021 |
| SHA1: | 0C8BE3DC9A66B2B6D8F5C6E5D8C066CD69243AEC |
| SHA-256: | 448E1A4179FFA476609ED1E8909867082486239C06FB2E277F7843E3269D427B |
| SHA-512: | 18EFD30AACD64AABD908C93B0761268F95651D222FBD35FB241AA170591B2C21B8FA7028FD7DFBEA5643A7E2A8719BF305C0539C8EED65A18426AC30919D8F0D |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 420 |
| Entropy (8bit): | 4.494243388080468 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 7D9EEF79BB13932B0522078EEE47F4C8 |
| SHA1: | 44191E14B5C2448F9449D53B99BE6E0CC4A514ED |
| SHA-256: | 525F2E8E5B81CE00E54A312BAD4763280F94A3B1CE1D71F200E481FDA2605A58 |
| SHA-512: | 4DF781E0CFE9EB59A56DF44770612E19EB35008B03FD1FBF5EA746301E2E0CCFEBAF4C04D64AA1C67F014A44019FD07BA439E8AC7A250F4A780DCE659AF1C80E |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/settings?key=use_static_iframe |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1566 |
| Entropy (8bit): | 5.248207387310702 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 525F55CFAE48820DBFBF7A882800C650 |
| SHA1: | 16FE20908055B94867D41F40B54FE517EA4C3E87 |
| SHA-256: | 949C6D9CFC7ABEFC4CE3662C80E53F3D1800706244A86A2C933D3206EEF0EFE1 |
| SHA-512: | 7668CDF31B26C24E5C9C857E19FAB39F01DB47CE9AF0404E63DB3E10B132E0F411391DC38F4515DC3E1643E5AA6CA4F2A746B1D089C051A4A71F623F3D33B3D6 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 5630 |
| Entropy (8bit): | 5.163589033929584 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3968AF44A0A19BF833F5C6B4EA356CA1 |
| SHA1: | 4B68FF2254ECD1487441EFE9266271CE65B3ECC7 |
| SHA-256: | 4FB12E283104E6F78827F022E16670F8140C53F97728DFA88F4978139131987C |
| SHA-512: | 6EDD611FF8047E099EC7DA1A68961FD47AC7F933B474E72BF3F7E4A9C3598D2213463FB2E82BBB748A5571B0BD5AEC872C9020DDC5DDD4FA3F8C33591CFF657D |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 17126 |
| Entropy (8bit): | 5.29973973758961 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 69FF6D99504E355F116E0D507F3DCF2B |
| SHA1: | F178DD84437901376171D9637573919246174BE1 |
| SHA-256: | DA691C9121865CC84CB038ACD5C8CC3B8ADCD480C4F1EDEAA8BBF8ACD532EE0F |
| SHA-512: | EA5CCEFC97EBDDA7AAD080B004D53D172C688FB36148532F989FB8C572E1C4D054F4440D26C23397ACF983609A3BE0B174D03ACB6CE7126A24A5BD59354664C1 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdn.segment.com/analytics-next/bundles/870.bundle.6e2976b75e60ab2b2bf8.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 96112 |
| Entropy (8bit): | 5.284025963642991 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 7E620160AF4322F1830AEDB59BBBDB86 |
| SHA1: | 7F6D00420C0403D19B681E0728A8E0DB055334B3 |
| SHA-256: | 8070A035A373B78B44DA1D975C6CB8B4AAB538DDBE46A590E4BF922DDD686B8A |
| SHA-512: | 4A1B6A74FC42D92DCADC5BE7B5A5E2B61E3C6CE09330D47B1CBA84406596BE71ADC6FEF3A46B5B7D0C66001C33169EE2DFD45890681D0EEF29A83F274BC28712 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdn.id5-sync.com/api/1.0/esp.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 93065 |
| Entropy (8bit): | 5.182415079046025 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 824BEB891744DB98CCBD3A456E59E0F7 |
| SHA1: | 57082A005D743EC4A7F928A928BD7BD561078C7C |
| SHA-256: | 173460E89E6A7244218BADAE2016F65C48A3EAE9D400802273EECA18B07336F1 |
| SHA-512: | 6C19E304AF16AE43504A44EB60C542526D0D8F635E4F57AB557E93999AD608BE99C25354898EF4826DEFE63F8BA72E4D09C5EAC445EFBDE4587534CA202958E2 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://platform.twitter.com/widgets.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 398 |
| Entropy (8bit): | 4.9180922005232945 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4AB56A73B1E9ACF4FC4F44DB43335672 |
| SHA1: | A369A152E41A083BC5EC27059F5BBA67D1C57396 |
| SHA-256: | D62D3DE0C98ED4521838632E7F98E87AFE83AD925AB55123AE3F57DD89999C03 |
| SHA-512: | FCBF28F92A2FEE53C439364E013B6C9A16FBDA3BC32D845B291E7649DAC3AC494F2FE98CA01AC7CD1C98E3E52B92EC030327D6F9EF346746F958BB12B9358FFC |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 43 |
| Entropy (8bit): | 3.5257351171929923 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 13E1C7A2184E36D7AE519E99B1AA226F |
| SHA1: | 355CCAD4EAC39838E1CC76FD0B670FD2EA1E5AA3 |
| SHA-256: | 48A33CA9F42B91902D57AD8AC52E1CE32B92C8C10C732F2DBB6FE960EBFD9438 |
| SHA-512: | B1A6CFA7B21DBB0B281D241AF609F3BA7F3A63E5668095BBA912BF7CFD7F0320BAF7C3B0BFABD0F8609448F39902BAEB145BA7A2D8177FE22A6FCEA03DD29BE1 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2689 |
| Entropy (8bit): | 5.40021492400263 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 9EF158292B617D358506529B02C73629 |
| SHA1: | 843852D8ADDBF1A7F96C5607179E1C9423ED8A4C |
| SHA-256: | 3164DB7EF9EFC7121CE85192340A653C6CB87E34CAA05849C8FD47B7872F9FC5 |
| SHA-512: | D4B0E6E8900043C9C4EE010ABFD00A51D891FE4B4F424418DC1A75075E3DF931D0558BFB3E983190079EDDD0BF11D7604E70CEAF119351690812EBC21D7EAEB8 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://tpc.googlesyndication.com/pagead/js/r20240522/r20110914/client/window_focus_fy2021.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 62 |
| Entropy (8bit): | 3.9237100146972455 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3F386F5061436A0338A64E0910DB495D |
| SHA1: | 599FE4A552C991A2B3CE5A1660732BF7B21FB901 |
| SHA-256: | 0AF3AAE90B7DE9FDCEEE2AB421378EA2F54C74BE81EF43FC6C1790A032755D80 |
| SHA-512: | 235479F42CBBE0A4B0100167FECE0D14C9B47D272B3BA8322BCFE8539F055BF31D500E7B2995CC968EBF73034E039F59C5F0F9410428663034BF119D74B5672C |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://tags.bluekai.com/site/33141?&id=73006e78623def33 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 18500 |
| Entropy (8bit): | 7.989500817921123 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4868DD20C7C64A087DDE7426200C3C0E |
| SHA1: | 602F24BCF3A112718917140E1F605BC6C2D2A6DC |
| SHA-256: | BCB3C99616A6B90084E82690AB8519141A78FEA94C0AB3A3A5CA7611C0D77E4C |
| SHA-512: | 72326C1F86BCC9A2A1CF73B9DBE07B00327CF5442E163F1CA74251EAC1449E7ED4CD0159475FEE300AF0A9BC29093EB63411813F62987A4C779D5C1767928E6D |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/muli/v29/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 95 |
| Entropy (8bit): | 4.347811435468635 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 71A50DBBA44C78128B221B7DF7BB51F1 |
| SHA1: | 0EC63B140374BA704A58FA0C743CB357683313DD |
| SHA-256: | 3EB10792D1F0C7E07E7248273540F1952D9A5A2996F4B5DF70AB026CD9F05517 |
| SHA-512: | 6AD523F5B65487369D305613366B9F68DCDEEE225291766E3B25FAF45439CA069F614030C08CA54C714FDBF7A944FAC489B1515A8BF9E0D3191E1BCBBFE6A9DF |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=7BC31581-A96C-4988-9719-697CC8124055 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 52745 |
| Entropy (8bit): | 5.703133498397194 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 10775E9435A2B4D7369A756CAD4E5D7E |
| SHA1: | E840C653263FB245BF60FCA42EBF57DDAFE5EFB4 |
| SHA-256: | 1F518326F67933F914D9F3920769F2C264518CD3B717F4EDA5176200472E1082 |
| SHA-512: | 1CA33B49D8111A695AD283BA0865E4043A53CF3270356E1688FC2F6AA37F5DDF4B7BA11650546A55CF7503DB4ECBAE28BEC78F32B5D640E4D11F0F1D9E05C86B |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://pagead2.googlesyndication.com/bg/H1GDJvZ5M_kU2fOSB2nywmRRjNO3F_TtpRdiAEcuEII.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2618 |
| Entropy (8bit): | 5.246014547140588 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 631D15608EE47C15A1005913E1B54082 |
| SHA1: | 85D163E157057A39873ACE54A863A1DB93F60564 |
| SHA-256: | AA4391F03DA55DE95CAEBED478D3E1183FB01A3E8F1C5891A48E75717ED2BED9 |
| SHA-512: | 554AF304695BC41CB45828A5D65E1B6F5A78DF9314681E5D334B717A8941F24EC04B43179148FC8F43F9E8767BBF89C74E5E4DAD9542A8AD9092E365F5CC9979 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.ack.net/shared-content/art/tncms/tracking.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 39896 |
| Entropy (8bit): | 5.136496453379834 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D457560D3DFBF1D56A225EB99D7B0702 |
| SHA1: | 92AE9115129306AEFDB0E48226C39E070820AB37 |
| SHA-256: | 93EAC8B1FB14D0863561633DFDF563013C023393AABFB122E3BE7256629D9235 |
| SHA-512: | 3574016962220483DDAB5B7C6DD5F92E0732A63C19C9C87068700804824F5F247A1A32EC075C1CBA620FD4FA8757BCA33E359110567E0F112037B108D7B69C3E |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 43 |
| Entropy (8bit): | 3.0314906788435274 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 325472601571F31E1BF00674C368D335 |
| SHA1: | 2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A |
| SHA-256: | B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B |
| SHA-512: | 717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 53044 |
| Entropy (8bit): | 5.438374620694402 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 0B6AA3AA07869D5163C8D489F7C66256 |
| SHA1: | BD32C24DFC6C71AE54BF2E6473AD61FA6F81BE3B |
| SHA-256: | 3D649C0B3E87FD6ABCB983656A0A1B3923A2A59885C3A30538641FD4F7126CBD |
| SHA-512: | D754CB423718F3BC335081D41A88386B58E2EB523635BD15773B43495064B52B0FBB9265DA8DD19E47A97CFAA1FABD40C73C36F9684F6C44F2A18E6502F44E88 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3251&pub_id=1503928 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 105342 |
| Entropy (8bit): | 5.175350182844609 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 68480FC5B54CF9ED6D63662A928A46D7 |
| SHA1: | 97C1516C7BEB2BDC5D9F3D5700927022623CBAD1 |
| SHA-256: | 1C51748877763982247CF0490BC8FC94821031453B09D7E716F3906EC7CBF662 |
| SHA-512: | 202B7DD5B231723CA27766F5F46FE43E51DD97808760C5991839B7D3F5F00799AA53F75842B5C645C6E79891D120503986155A89AB49D35FC3A043C4605CA150 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 26 |
| Entropy (8bit): | 3.748328660365574 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | CE60FE6A9E744ED59B047D4DB97B52E4 |
| SHA1: | 6D51AF86FAD2DAFFD3967044F1DFC1E7195FF406 |
| SHA-256: | 45BA1ABF4AABE47CB4132751F68392689D6FABB42ADCD57BE6A2F6E22DA6BDD0 |
| SHA-512: | 0E4CFD96D51BDA80A2B9443F6E0CC1D73498F98137653ACF481B4612A5BEBF021640E5027FFA1469D9F3C15523B9C5194DD6A5B0D30B916DEBBF7DEE1E9A666F |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/sponsored_posts?BypassCache=true |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 492 |
| Entropy (8bit): | 5.30889665845201 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5EF4DF5C808929DCB19DA0968338A268 |
| SHA1: | 85C785AA541EFA239349581547F777D9DDE83A79 |
| SHA-256: | AA3B4F98D5A2FC599657FD9A7014A79A39FF1BDE344AF8F6613C29674A682715 |
| SHA-512: | 257DD15B19EA06C3C9265A396D60E1E6B78CBB4BBD4559F3EACE88E9A83FF795368159FE5783A64BA75E0BCB747049F04773A1D3595EA6E9FD94C2BDEC4EBFB3 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISJQlmaTYisTuLUxIFDUQjc8gSBQ2DqFs9EgUNzkFMehIFDVTora8SFwmu7WHQz2GnCRIFDeeNQA4SBQ3OQUx6EhAJW8yUbQ9kzCcSBQ3njUAOEhAJFD49LHPJfYwSBQ2DqFs9EhAJ2IIH5jxScygSBQ18Gu77EhcJlNnGchmg9DkSBQ3OQUx6EgUNVOitrxKjAQmbuyjXlAlZHxIFDYOoWz0SBQ3OQUx6EgUNVOitrxIFDZaxMksSBQ3T5j6SEgUNxmiw_BIFDWC-LTgSBQ1cRxVIEgUNH3ZG0hIFDRMsJtQSBQ0srb2VEgUNZrTZaxIFDcQ29nQSBQ2U1FseEgUNlW7A6hIFDR99oUcSBQ1u1ykLEgUNoHnZphIFDRIP_GoSBQ339KVLEgUNuaThwRIFDQ74TcY=?alt=proto |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 165550 |
| Entropy (8bit): | 4.555940759227244 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 865FD772ECD8F01F264185AE55123991 |
| SHA1: | A4FFBE2070A5A0A419868750F0E66BF8B41494AD |
| SHA-256: | 3D646159A6A8C5FB3DE3C97348DA9C93EA1AE871A95B23B991574D30604ACCAB |
| SHA-512: | EBEF47B95AF702AB08E9BC2B6296AB3CB01AB1D7749DB5212766682EA500AE9C78253500F5986CB4119B510BD0583F3D19AD0050F020C4FC3CFDCD25EB0CC6E9 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/settings?category=UI_Text |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 36477 |
| Entropy (8bit): | 5.158602520031583 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3D430FD2D49CC540DF9F50B06269C853 |
| SHA1: | 94A9272F7C97E08EDFEC6880A8C39A896EEDDBA0 |
| SHA-256: | 4A681F87D010C573D69E321EB3C33368BF2A72B8B07366433E2D46FC691A5124 |
| SHA-512: | 03A3C2AF642932AA8489B1C8F6FD297BE45A8BECCD8C9BC68CCC989C8F751347CD06A5F707CF9E56C91B7C47F6905814095B78F30347BE3B65B355EB9B0AF3D2 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://d1x4rwm1kh8pnu.cloudfront.net/ballot/assets/consumer-ballot-3d430fd2d49cc540df9f50b06269c853.css |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 17314 |
| Entropy (8bit): | 5.342134706855769 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 2CC87E9764AEBCBBF36FF2061E6A2793 |
| SHA1: | B4F2FFDF4C695AA79F0E63651C18A88729C2407B |
| SHA-256: | 61C32059A5E94075A7ECFF678B33907966FC9CFA384DAA01AA057F872DA14DBB |
| SHA-512: | 4ED31BF4F54EB0666539D6426C851503E15079601A2B7EC7410EBF0F3D1EEC6A09F9D79F5CF40106249A710037A36DE58105A72D8A909E0CFCE872C736CB5E48 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://tpc.googlesyndication.com/sodar/sodar2.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 24340 |
| Entropy (8bit): | 5.308887142273082 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4CD00C82E6ACDE1783D16230B9CAB3AF |
| SHA1: | B072EAB2AE6B2E0D5451B6B5BDC47155E2E57063 |
| SHA-256: | FBA18C4B7EB2AE187CD09B4042C43B6DED92DB3CED6C19E82993826405E87097 |
| SHA-512: | 7B5A794B7EA7848AC125BB5CB1870426710947E74517ECBB23524064296A86814947567F3C49CB60599F7EA56A4A905F22D2A2C7189E91B37EC0BB5EE7DE2DF0 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://c.bannerflow.net/scripts/widget.7344fd1cc1316959bffb.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 381415 |
| Entropy (8bit): | 5.424107386156273 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | AE63279BA686550B433842DD713533FC |
| SHA1: | D46B1DB94946304C71F2EFEB1EB866435231FE59 |
| SHA-256: | 0D0FD41A302491651608058CDB5BE0101BA8C7A5CDD316365227D5E81E9FF354 |
| SHA-512: | 0A8F5F48B2C0F352637B9F386B085D7A5D81BA251FF238674DD79C9F555BC34BDB4CC74A84C31700B15BEBBD983E3B552A300995A153C444306E9CF9BEC805F4 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://resources.infolinks.com/js/vidice/4.1/vidice.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 3093 |
| Entropy (8bit): | 5.591012948582059 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 0B4D79792A4B5D33177204E03F9476B3 |
| SHA1: | B41A671FE6F903D5AF9653B0180C2B000DB04E1D |
| SHA-256: | 22CF321E2D6AA89894F1345F927F6E827139BCB9B18D46B4D491CB924D7713F4 |
| SHA-512: | 1C093E81EF8CBB7096029B5EF5CE33AB2E1DEAA77AF39E7F830B848CD59A9B002D3DEE2848797A685D78345C942E2BFBD4BBDBAF6DFDF55647D82ECA8073EA4C |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://connect.facebook.net/en_US/sdk.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 71421 |
| Entropy (8bit): | 5.182210899699128 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 26E0B8885D6E12FDBF7B88DF6AC65A25 |
| SHA1: | A26B013EF2040D04A408EC709E47E7339FAABBD4 |
| SHA-256: | DDE1424C204217D342111EA1E01827AA020D99574737C201D02DF72284B30D31 |
| SHA-512: | 7157F63C0DCDA2072DF1401F5E96BBD34C0CD9B7A7887A6DFBE53FB33EB603C9D15224E6FBE45A6EF2557FF410396E7995C19EDB4DB1CAD212F6BF5010ED3C98 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/Scripts/dist/embed.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 16324 |
| Entropy (8bit): | 7.987901807599895 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | F43FA5B4F6366EAE0039E4E49DB645DE |
| SHA1: | D7FEC074BA8B6E69BEC4A995EA722D3D1513AD43 |
| SHA-256: | 0AA6A7045A55DDCB25BBEE4D1EDCB864081CF59F7FC9BDC1ADA22A32ED4AD3AD |
| SHA-512: | A069845ED97D7094CC37A6781F9EF0606818C7473E5D8C572A0EAAD3EB49BA722EC405408E02F5158455521233DFB1E187DC2AAE31DDB6F4CF0610A6367373A1 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 12216 |
| Entropy (8bit): | 4.027254287468505 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 67520A9501C0768293F0F3C32E3F3877 |
| SHA1: | 15743C3A7F6A67AA1A0348714384B21869E72770 |
| SHA-256: | 97345C182CB790DB801BDF74949A4D51DFA364A4C7B638D0AEAEB06BD446898F |
| SHA-512: | B6D6170E8BA316E887BAA17B19E3C22788BA44F8A803904CBDB3A0E393DFE20FA79A3FB3A323D4708B91918491160F273DC0B778228C9D9B8D6C6E6076B917F8 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/forms?formTypeId=1 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 328 |
| Entropy (8bit): | 5.100463142052867 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 104D8031279AC9546212CA1950E6DB52 |
| SHA1: | B8572C3AC1931F3947D501C99EE6E13AA566DFC0 |
| SHA-256: | 5B9DC6D3E12AAB052E68A6701B2A4836A73822C6472BCA368F9F0167968A4139 |
| SHA-512: | 92AB95AA624669801D0B79097EC6D38C925D382A2A2AD4F40C7B4793C1B7204C324D7B156B7ACF34FF538F30AC27C59D8E06ADDDC3EA8FDDEB355E45945F2770 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://router.infolinks.com/gsd?evt=afterGSD&pid=3119781&pdom=www.ack.net&purl=https%3A%2F%2Fwww.ack.net%2Fcontests%2F%3Futm_source%3DThe%2BInquirer%2Band%2BMirror%2BNewsletter%26utm_campaign%3Db12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01%26utm_medium%3Demail%26utm_term%3D0_-501d27be68-%255BLIST_EMAIL_ID%255D%23%2Fgallery%3Fgroup%3D483654&jsv=1931.004-3.034&_cb=17165774337460 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 38372 |
| Entropy (8bit): | 7.994078494945525 |
| Encrypted: | true |
| SSDEEP: | |
| MD5: | 16ECEC131289CA4925D35C0515B28D9F |
| SHA1: | E2CBE7EC2BB494226EA423C7A7353B0E18B304C2 |
| SHA-256: | CB8CAC32D5CEF83E7674916378C2F47BDBBA7E6E6BD936F8026A58AC4E71FA53 |
| SHA-512: | A7ED6208086801275997FCBA3779084400914C74F454FE992FD0AF6E38F4F2F975D2CC63CBE5C1CBA35FE439EC25B0C6B64DD858D036329A2DE720124E70C512 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 316 |
| Entropy (8bit): | 5.67879727206882 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5F3D9CA7BDEB49AD5EED5BBA15F5935C |
| SHA1: | 397E5688FCD1068B30C929438BB7B88423588D21 |
| SHA-256: | A4483529103996A10B61C458B4791EE092FD2E329C0B2F059791EB9378E72C47 |
| SHA-512: | 3573F428D7AFBAC5A0717E2633F933C46FE84FB17DC3CEC96AAECC4C127335391DC1AB17D957DFE58D6AB457E71FD589AAB70EAA6C913271756E3E7AFB2BDC60 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=fddc7155-af29-4c29-b97d-739af69cc326 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 3946 |
| Entropy (8bit): | 4.87518375230305 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | BA1DAC0DA0E8C2731CDAABB962EABB97 |
| SHA1: | 6B053459E43B95A54EC1BC5812595571219A68A3 |
| SHA-256: | 9BFB4A2C4F974120F57A48CC57F7937F8045ABE2BFB1F78B6683DAB126091464 |
| SHA-512: | 2D69DA540664DB98E041F921B4E2041469E7F6C023DCD195278D40B59E7CEA1C951805E8BE63465190583304DE517B22EEB0AC7460A76859151C8159CDEEDA28 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.legacy.8de26295ce9ca025da0008f10ecacd2d.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 9139 |
| Entropy (8bit): | 5.520843752274848 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | F2454552E0DDFA5EE5D983BE2A0C6ECF |
| SHA1: | 6BD76C93838A3D6335C9D25A811CC78F4B321978 |
| SHA-256: | 1C6258F276A2B35AE4A0BAB73C6C33DC1F6559A17C31CF49464561A966BDBC53 |
| SHA-512: | 57686B48EEE84AC0DB1BDDA8681E07DE4D00405358AC52F7C1F6B67860D69D94E4F5D81BF4D220EEA20A2A8BD6F7253671066D53D31E1C031507877E5C9CE42C |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/zrt_lookup_fy2021.html |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 11639 |
| Entropy (8bit): | 5.26601593010469 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 1EEC948DE2C8523FBB217BA517B949F7 |
| SHA1: | 0C5DD429756212E379927B2E97FB18F202922107 |
| SHA-256: | 4B093BF8FE11CE768E5543697030A064DA71B347431594DAF7EFB86F94A201C0 |
| SHA-512: | 93E3C7B1C55FB6140C870952A136A466EB86B365B1C9A860BC989F5D6696DFCD00FDC00C63ACD8EDDB00E7F3EE107D9F84023FB84AC4F1F9AE47C6847FE965CA |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 4000 |
| Entropy (8bit): | 4.872828504194049 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 903304E9F10AB36272269F2E42FFCBD1 |
| SHA1: | 0790E03A627371BADA0569D2F98B7A8914E62245 |
| SHA-256: | 4D1C6260CC3A7A2823147EA4CDF05CED64CBC0F5BE1B8CA2777A96E0681F5368 |
| SHA-512: | CB0C4C180D7DB757E4D87594E5111542D61C6BB6BEAE1F176E23D78E086FE699D9CAAF30F22AD90DB1468967C798977EE003E926A77FCA7F483857D4F5494316 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.gtm.37085f9822fb12feb0326ec09cd5a1a0.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 3493 |
| Entropy (8bit): | 3.9879204092817715 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5142C4E0A419F90522AB64A49A01F64C |
| SHA1: | 81CF96CA59274FA51829D40A6626AD60E5388764 |
| SHA-256: | 7758236AF6BA68F3AE68BC49D286EDCE0A62D699178FED30881CCDB8CCC6AA23 |
| SHA-512: | BEE8D7A2373F4485F8941EC10FA0EE7E6280DDD15FA0317618BE0BA80C28F5BFFCA8EAE12650C4F60FB631B0EBA2E440198966E02800E5422D2CDDA40DBEC853 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/forms?formTypeId=2&matchupClassificationTypeId=1 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 4317 |
| Entropy (8bit): | 5.789395269355661 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 2AA3B66245B7C66E3A969D8F9062DC8A |
| SHA1: | 6F95EFF3599781A8C84028CCF7836A1CBB04E100 |
| SHA-256: | 854FBD22DC4AD703120F220EB21DA2EAA966FC39949F49B8D4D547FEC52EF76E |
| SHA-512: | 57B3F87A333201F0EAEDB72F684605702DB2016DA92E1EA7BFB6981C88416620BFE57FA03E0E3D872801B59064D7B73A43F2585ED3D300F84D0A4088D6CA7937 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://resources.infolinks.com/js/infolinks_main.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 12817 |
| Entropy (8bit): | 5.34459161517544 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 1D3D22DF067F5219073F9C0FABB74FDD |
| SHA1: | D5C226022639323D93946DF3571404116041E588 |
| SHA-256: | 55A119C0394F901A8A297E109C17B5E5402689708B999AB10691C16179F32A4A |
| SHA-512: | 0B6B13B576E8CC05BD85B275631879875A5DBCB70FD78E6C93B259317ED6FD5D886F37D0CC6E099C3D3A8B66FEA2A4C2C631EB5548C1AB2CD7CB5FA4D41EA769 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 85 |
| Entropy (8bit): | 5.30187369510926 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | B4BC22E7B4FADB6A690E863148D2D817 |
| SHA1: | FF9DC54B615A87D8730BF93ACFB823B1C21CA7B7 |
| SHA-256: | C64C0A0FD56F969FE9A625BB60DA5538C2902140F9752C2FB3B7E37A14730033 |
| SHA-512: | FD0F64FDD0F56CB4ABFD9F440051396CFD0D688B4ED58E6DC95D6638A69EEAEC2F14E079015F40A411CEC1A2F50336F8AC1EBCB80FAC580B83E79D520719CE08 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 13 |
| Entropy (8bit): | 3.5465935642949384 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 97EFE0B7EE61E154D57E80758BB797D8 |
| SHA1: | 810B4E115FE9F5AE697666FEBF2A9ABF0B21C9EC |
| SHA-256: | EFABBA3678B85FCAB831B778EA2DDAAD1E2A1E952584D3566BC39B7CCB3429D9 |
| SHA-512: | AA02209CF80FC2564CE0DB0BF9F30241E92EA33101B55FFE5E26D617F90B74277AE68D714A7B00C792EF2B88B582E3F299213A5C3C9BF9AFE6C6C1800FC276AF |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 41331 |
| Entropy (8bit): | 5.38180189774426 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D2F0A3E43C6A222369CF67CADEAF1955 |
| SHA1: | A324CB190EAB49AF9DBEA0077B3F2074D8889CB4 |
| SHA-256: | 636A7FFE73C1F11B9AD6CFF881BA80975977A42D84CD7D9AA19207192D0FC3D5 |
| SHA-512: | B59CAAF3C52551E22DA3EC13EDA64C4D7043C8883FE102C4B949000D168E35870133AD78B8362E8C3E0B0A8BF13F70B6A16FEF0490FEE257E368C0957F8AABE5 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://eus.rubiconproject.com/usync.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 43 |
| Entropy (8bit): | 3.292508224289396 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 55FADE2068E7503EAE8D7DDF5EB6BD09 |
| SHA1: | 317496A096D6C86486A71D4521994BCD171A6BB3 |
| SHA-256: | E586A84D8523747F42E510D78E141015B6424CF67D612854E892A7BCEDC8EC9E |
| SHA-512: | A9ADB9FEEA4BC14B9C34ED17CD30F8CB36DC686E9F69A292FE65BEBC195BE4714391FD98EC7B67BFD363FBBB6089C41A0B7CAB5130B50B461748E668CAC75621 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 239725 |
| Entropy (8bit): | 5.952446915189922 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5D2CA82A798FB036A38ABF82A829272F |
| SHA1: | 445E921DB70681E6AAA2B3CB38E8E0D1F3DDFB9D |
| SHA-256: | 9B46BC1CDAC4AB275468DBC876D0DB1DF58CB4C8E017B6C9BF30FC935E87A846 |
| SHA-512: | D373BE746F4A92F80A0EB86FCD2FC941F1DF3D7160CC03E484970A663FF3CD25C90A96AD0E8AD6623F8E34D57FDE4318394A75095A10FD7F13A64DCBB526DD5F |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://resources.infolinks.com/js/1931.004-3.034/in_search.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2324 |
| Entropy (8bit): | 5.649137804178702 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | FA20560845E04C5711168DFD60E7A903 |
| SHA1: | 1265BA621D9A3FDE72DAE5CFED3042A73EFF177F |
| SHA-256: | 08D421C874BDE9B4519863A9B98AF18A74E1F7F367BA899D5878A8B508834056 |
| SHA-512: | C60CA737A33C8D2833CE0D4C5134AC080FEADC6E0645F759BFEE7EFF43F9ADC3DCCF931436AF2EEA69D966AE0978BA387435C21FAAB654C176E138162799211D |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://sync.a-mo.net/isyn?lr=%5Bobject%20Object%5D&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 3680 |
| Entropy (8bit): | 5.48993723883533 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | E6D3B634711C4A38F768C4239C87A6A9 |
| SHA1: | 40835C5386312521501E8C92184D3D1C1189D3BE |
| SHA-256: | 16A92931624CA280D5DE53E6EA9A7992641143DDF7D714E88599BA2BEDC0377C |
| SHA-512: | 2F4548A609405B80015BD13DAABFFA7447B62E48763E7E9AB0AFC48DB027133DC03144C721EF6E11D78DBC0712EBFBFE3FC0E20917207D508BBEDD48E524DD41 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/embed/def5f4ef-bf03-4d76-92f8-3cfe109469cd/gallery/?group=483654 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 27744 |
| Entropy (8bit): | 5.323533638213789 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 150C1E02FE05C177C49AEB2F0288465B |
| SHA1: | 6B09B76E7E47CB77A3DB2CCE50F5A454542F9AB8 |
| SHA-256: | A64392CC4F5189C41481A7198FFDA2285E106B8EAA0776480707560A93D1EABE |
| SHA-512: | 106E86BC9C8D55110C82CF806E2675D08A778BB7B20B3F6CF03C1AFA29F2D4310C0FE12C084EA38B23037C86B330AEAD138EFC454B8E2BCC6CDA4684D678CF4B |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUH868Z4&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C359%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 43 |
| Entropy (8bit): | 2.7374910194847146 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 07FFF40B5DD495ACA2AC4E1C3FBC60AA |
| SHA1: | E8AC224BA9EE97E87670ED6F3A2F0128B7AF9FE4 |
| SHA-256: | A065920DF8CC4016D67C3A464BE90099C9D28FFE7C9E6EE3A18F257EFC58CBD7 |
| SHA-512: | 49B8DAF1F5BA868BC8C6B224C787A75025CA36513EF8633D1D8F34E48EE0B578F466FCC104A7BED553404DDC5F9FAFF3FEF5F894B31CD57F32245E550FAD656A |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://id5-sync.com/k/264.gif?puid=847d6bcc-507b-4c4b-a0f5-a4e0766e14a4&ttl=%%TTL%% |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 91990 |
| Entropy (8bit): | 7.988218932841748 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4A10B4CEE8CE95FF477B4895F84B5F6E |
| SHA1: | 24E59CB842B05021C825E925B5997ADDCAB337E6 |
| SHA-256: | 6245A5938808539E6CA6E7E0A3D62171A6C3029B7DFF33E1D504DD95F5D2D787 |
| SHA-512: | 55852DF1303E080D47A682B122A811A3BC1E08D95B79DF9734A57CAF1E7F721326736CA60144D71A287E834F1D78D4E4EC4F411A2AF121FECAC4985B9C176F72 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/content/tncms/custom/image/5f00000a-c77f-11ee-8352-7f4d354bc326.png?resize=1333%2C153 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 17951 |
| Entropy (8bit): | 5.264039854862704 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 13964032FB9F994049E3066FDEAF9EBB |
| SHA1: | 56550BA697D5139067423318F24A5F1E4AB1C6CC |
| SHA-256: | B1FDAB029F5F82FAA2DE83CD2EA43D74F2674DE90651CFFE1FB9F84230C00D51 |
| SHA-512: | 7D8F1D6CAF68EC20A2AE69EEC00EF449F3889F31335EE4E91E15421DBAA586A760CC89C512171D4235593FBF9D0CC95F87751E06532D6619F65B17CBF8CE6C1F |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdn-ima.33across.com/ppid.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 9886 |
| Entropy (8bit): | 4.858690632124678 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 0074E8875BE5983630541F9E8C04547D |
| SHA1: | A171909E5D9EC32A19A630C3179C04CB374F6518 |
| SHA-256: | CF7757EB072D08D857634FE0A4997F9EFE4D0C20B614F72858A0D61FE090743C |
| SHA-512: | 717821B7BA2CC0CEF29D2BFDFC5AFD0DF0310CF63AD835E327CB2D60588C7A361D45F7FF129B632DABED11498FF7BC885A567A1E64F4468FB88345E91BCD0145 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 53017 |
| Entropy (8bit): | 5.27806950920412 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 8F1CB5126C2212D1662F43B7612C2DB0 |
| SHA1: | 1DE764369CFEF82B8A99261A76A04374DCF2E6A7 |
| SHA-256: | 4350E5C0DCD496536102D6A245C7DE6DB9589443F75296DCC1F88F5DEDDADD93 |
| SHA-512: | 23A25E91C90F1EE6BFD81899B0C18112FA6234F2009488C8CFCE965B88740BAD96DE75E4AEBCD5973BB1991EDE7560DAAAF6EE7CA88C5475C9E4578EAA8F007C |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://assets.a-mo.net/js/c.js?rj=rtbx |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 85 |
| Entropy (8bit): | 4.292908596521779 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5BEC6606B8392065F9DA9898CA6F7B14 |
| SHA1: | 73AC5B01B5E3293FB792179626E7F8369CDB944D |
| SHA-256: | ACCCC501AA6AFA3CFAC15E8DDCCF1561DEED2ED08C2F7D652ABBDBE9AA71609A |
| SHA-512: | 36FEC10F71295203E59BCC52042EE2691E5DB51D26F6D76D4B19BFEDF4429FDE898C87ABC77CA29F6BB58E6217FF380F0650115C06395CB1DA270BD028C2CF80 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZlDkoAAASXX5IQAy |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 14824 |
| Entropy (8bit): | 7.984080702126934 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 48598BAD30F08E1C3EB3D0E69B420BD5 |
| SHA1: | 28C2CF160273C2062F909A875C4B4C0541EE2F84 |
| SHA-256: | CA57B79A870BBF54700730858603A70D79743779C1B059922EC401BFDDC5ADC9 |
| SHA-512: | 0033327198BD448927A53EADA9AED51ED4F8DA3C8619EDA3B10948F437213F20270C233F7FD403C8C192A05CAEED6905A02D8C62EC22B3885A6A7D6C018F737C |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 21444 |
| Entropy (8bit): | 7.990871977021031 |
| Encrypted: | true |
| SSDEEP: | |
| MD5: | FFD3D57638A7899D80BCC108713C271C |
| SHA1: | D186409EE24FC3D1CC8194434DD707181EAD20EC |
| SHA-256: | 99027D866818F716D208569108A962AC72200197CAE503EFE5B6BF002BF4915B |
| SHA-512: | 7305C344CD8F954929314F3B5C9B996638E57D5F142A327DDC9F42F592880EA30B5102C73EE0E296BB3C4FC21D9FCE5D862A492B4BC1127BA2C79C4DEF527C62 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1968 |
| Entropy (8bit): | 5.012175056041589 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3A946ECA325502B17336151E4FAFAFBE |
| SHA1: | F347F90DF4CC2E8135F53285F35B4180B00C8393 |
| SHA-256: | 2925FAA3AA0983B953AAA8B021B906D4B4A79CC1A6BE9FDB1A9AE007C91A1AE5 |
| SHA-512: | 4097479D65DBC475B4E9A23502291EEEF39B7B83FD444567E79EC67C6A38F5A2F036FBA6FC4940AAC78C6310166385C4EFC843ABFD02EAD1B893A3116BC30347 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://s2.adform.net/Banners/Elements/Files/63577/14918940/14918940.js?ADFassetID=14918940&bv=257 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 157836 |
| Entropy (8bit): | 7.917970220414458 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | A9AECE8A281A3DD06DF6BCA29E6BC865 |
| SHA1: | 1578110094F072AAF4F58CA30984B2AA85EB8B15 |
| SHA-256: | 5D29F125160602EA0F76EA7C8C69AC1CD43DEB5E7764B331F0FA486D644A49F3 |
| SHA-512: | BDD75CBFD7C3FA6E7CD11282E4B859FF1216706BB3DCFC917AB3B4624A0BBBA15AE59D657E03E80CB76792F0ADD11055FBF9408A2AC4B88A29158495FC6D62FF |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 58975 |
| Entropy (8bit): | 5.278522968639938 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 7586740695219E27C1483AC351F18884 |
| SHA1: | 2078C128D66168E617B9AB555C41A353DA85C8E6 |
| SHA-256: | 05E77DAB19940DD457E00282837FAECC886434CC8CC5F631575A5E6C386DE774 |
| SHA-512: | E6D4BC8D37EF78C46C1052AF92AD3265852D9ADA9CC87F768F4ED005815FEEAF206EDC79981350AD281889FB4D6BA7B3FD9E2C733B3F90023EE361C876070E9A |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://resources.infolinks.com/static/id5.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1559 |
| Entropy (8bit): | 5.120755987626891 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3867B2388B619FF7FDDC29EF359FC9AA |
| SHA1: | 511BED0C4D3D57AB4CF1B1D7596FB845ECFBA6AC |
| SHA-256: | 31892C21AE4FB908A875BBE29DBF0DF74C2E84171CFBCAC23540F3AD8222A35A |
| SHA-512: | 7BFD6E6CD2FE7A79F4797439BC7294A36D076D67A3DC5BB8E86FA5AF19B50F0E8FEC18BF33B30588486B231062E43F417708333044207A586AAD999E97E819A5 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1091 |
| Entropy (8bit): | 5.554953274277512 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 614C640D318CAD124DB751EE044418FA |
| SHA1: | 6B73E04CBEAB603ABB08D888A40D7C73DB6371B6 |
| SHA-256: | AA20FA6382817A7B836375C643656636A4B983C8CA19F4384F0285410E95D7E1 |
| SHA-512: | 360BC231F0117750EDA3E58507C4152376BECBB54891D40CC92765F868CE35C1DDB83DD782D498D1A774493DA9682615D595CF69AE3CF0F45AD94F4C82666716 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=287637&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 269 |
| Entropy (8bit): | 5.235195150873638 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C7B1A96E4676C76C0240D4A835FB7252 |
| SHA1: | 8A4DE304873BB5A8C11DD86B86CC8B8356BAD8B5 |
| SHA-256: | E4DF52D49C57BC3E7158CB052CC05C60F1258C24DE5C5728DAC5D43272943AD9 |
| SHA-512: | 349FE7702C3A1355026D9051B3BDF4143358A34A416DF67099E7FA16CACD72270E40DAF59C24C1FE0C6705F91AEDABD0E9D8298985E6A3BF9F133C08DC07AD86 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy= |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 12692 |
| Entropy (8bit): | 7.945922321118378 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | FC9AFF30D24FA43925F6102D1E0BA9D4 |
| SHA1: | 3F06B39209DED4B39F41FEBFC9822B152D39332E |
| SHA-256: | AECE65E1827C3B13B62CE426C90ACE089B4EB9D1AF029CC885CD5703F81CA2B6 |
| SHA-512: | 92A7EB18601CA242075D058E105597348A98429E5739C67EBCA62029940597267481483BE221BB9503995AE6B4F6719463E0B89F1AA840B6AA70ACEB171BAE91 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 3085 |
| Entropy (8bit): | 5.235691275892951 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | B84120EA0E08D66FF364153594B61B74 |
| SHA1: | 2133669AEFC4B4E6BA263306452AB824EA405F85 |
| SHA-256: | CD4AD2E7D257986D3A0C3877268DB59347197D1C90FA6A3AF56542C6EC61F38A |
| SHA-512: | 315E3FA4CE56C9C42AE17F90B5040908641A52FF53C19DEE035C1E677F18CE927E249BB9C5D97F7E817AA87D5830126D48DC87F36E831787501CD824C70761CF |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.mask.84bef41f682a27dac3fd6e812c06365d.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 48236 |
| Entropy (8bit): | 7.994912604882335 |
| Encrypted: | true |
| SSDEEP: | |
| MD5: | 015C126A3520C9A8F6A27979D0266E96 |
| SHA1: | 2ACF956561D44434A6D84204670CF849D3215D5F |
| SHA-256: | 3C4D6A1421C7DDB7E404521FE8C4CD5BE5AF446D7689CD880BE26612EAAD3CFA |
| SHA-512: | 02A20F2788BB1C3B2C7D3142C664CDEC306B6BA5366E57E33C008EDB3EB78638B98DC03CDF932A9DC440DED7827956F99117E7A3A4D55ACADD29B006032D9C5C |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 39137 |
| Entropy (8bit): | 5.516655894743154 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D463DF2FAC35D4F14B2AA160A94BC342 |
| SHA1: | 7D827F527226484FB7E069D6268C3B464FC6626B |
| SHA-256: | E56665F45F815A456F71B32F9897395C17831C46B4924ACC43D5566405C4FCC0 |
| SHA-512: | C3E29F8A8EC17B7DD7BD911D0C6B1B58AA8F7ED26C06333A7C77B26AA24A18AE162B769B9FEC8657E2A8372B4CD0CDCE6F970F9ACAD60EFA887676F15ACCBC1A |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://s2.adform.net/mink/631/s2.adform.net/bootstrap.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 81550 |
| Entropy (8bit): | 5.887195191977213 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | E00C4FA89B02638E459B2B43F2464260 |
| SHA1: | EBAE614672A96A113ECA74560D3C812864139A8D |
| SHA-256: | 0022BCD68FF1535FEAC537271E55B276A38299619D9AEC97D10AEF8961BCDDC5 |
| SHA-512: | 1F72B7D03D6D50F9229B292E4FD4A6E9FF520DBFB3B1B5815E4F112E83C735CB425610BD3FAF0769C5508F036D9E989DD587DBAB5EF14A1FBB3032CC2EDBF88D |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://c.bannerflow.net/accounts/melia-hotels-international/5b1e7460bb093f129c2d2c03/published/7624115/9566075/document.00000068882AE2.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 47 |
| Entropy (8bit): | 4.240239117404927 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C26019C2D1F82BB418B2A56B2BACB59B |
| SHA1: | B11220F5F962FAECC8E9835210C78EA7F87993BA |
| SHA-256: | 09343D3B3473E1C994B2D603C99FEB8A0F63FBD3FF20BE7432FF18B973DBE651 |
| SHA-512: | AE42A74AE1E4AAEDA412ABBEFF6D9072A216C37CE343B103EE5FBABCD58EB9FE4CA7D4AE69D8EDD496F0F3793FBA03FBE7EE7B5C80A6AAE30D1E12B08D53CE9D |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53292372&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 6381 |
| Entropy (8bit): | 5.377780926075056 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | AD1AE10D73D64C81A8C47A2789DC0254 |
| SHA1: | 92374131EEB2B916C377142AAE30CFC94A29DD8D |
| SHA-256: | 7810DC85328B740D2743C87D4BC931482533A3F3217A24E51EEFFD280A8C8112 |
| SHA-512: | 1F629702945AF7065D915F056A9EF17C91844FC948A7F6710C012144CF697C92431B59C883D0C5D57A49D54497A5364CBE4652E09863B612FE01B2AFCCBEBD90 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://d1x4rwm1kh8pnu.cloudfront.net/ballot/assets/chunk.143.bb55c6fd8f4f59bf54e2.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 26998 |
| Entropy (8bit): | 5.25259341146481 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | CAA5420A162D11FFE7EAE9E4FF82A1DC |
| SHA1: | 32E41B104E4882D3AC68C14E663E83E4BBF39949 |
| SHA-256: | 1C756DD78F3FE8604FFDB519FFCE264517C5E4B02CED287D9279BE254D872AE8 |
| SHA-512: | 9E694629DF07BF386FE43208C3852E09BA2E8BC05F55172CB06ECA28284F77C0F74A8F6AFA8BCCD97BABFC2D5ADA7540D75796979C9ACE01B2D829652E8A1FDC |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 16595 |
| Entropy (8bit): | 5.257610671511415 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 661E6ABE0A5412C54B6FAD71BB67C591 |
| SHA1: | 0E36CC51DC77A6D265F529F11BD5D5A1CCF886FE |
| SHA-256: | 719A1764B0D9860BF828AE412AFCB86C0D38E8E0E3C1A3781637F747B22A0C8D |
| SHA-512: | 2C7A883BDFF2A9FE76462D09EFD378E5C1C3FCB757BFE5C9BE70DF2F8489A59B5F859AC25336ADC8638468D6720774F64B89A3526CE1AE641CEA292901DE86D5 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://assets.a-mo.net/js/cframe.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 14160 |
| Entropy (8bit): | 7.984366061864312 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 6CAF2B9A15E4AE129857767920794068 |
| SHA1: | DC6946A2C472822BC25B5FAD19587B998A62B07E |
| SHA-256: | 500F8AAF69DDCF71A16CEAE58C927F03371B33665185E16DF347B67F7F11BDB9 |
| SHA-512: | 9FD2548F0362D28EC755313FA21051105C5651865A67836FB1B368B0065D254F32F3460C07232CC564838FCC984CE0E4C8FD36EE63BF45BF1D3E247F14D62685 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 4175 |
| Entropy (8bit): | 5.502122715981483 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 02BC20A1D25E32881C85377D751EA429 |
| SHA1: | 3549FDA932E70AB9851FFE93592046B8944632A3 |
| SHA-256: | 06F8981A9D73BA11B77E370FB35CE0A54CB48CE5BCFDB66DA69265151738350E |
| SHA-512: | 4E3B03733C274668B34F5B3127361C5B82019FA7489E69370C46277EE748BEA6F579CA9744207C2E12B8D35335E5FD6FCA9F372F53E4C6430FE78D0F05AB609B |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.custom-methods.77562065896d6b48f0405363b8758736.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 7927 |
| Entropy (8bit): | 7.971132676007268 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | DF5542B88BC0E368C6999754A5B9E2BA |
| SHA1: | 54F17142FAEB7C882FEE3BF67D537733E75E43AE |
| SHA-256: | B82DA9703A35C5436F9E47711F5B95D5357F02D590CB39DBA99355B9B073561F |
| SHA-512: | 3BF0A63824E0D30C5A71CAE83DCEEE6E2A587FC5B9B7E81943E42DC448F9654998DA35A0BDC309B40D7D3BCFC3C95AC3D3322D1394B21542578FB2BA69EADC28 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://oa.openxcdn.net/esp.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 100396 |
| Entropy (8bit): | 5.293796778718999 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D6D18FCF88750A16D256E72626E676A6 |
| SHA1: | FCBB64BFFAA442AEC46CD7C7732829D1560CA6FD |
| SHA-256: | BAD3F4A20B737202B4CB52CE0124A2AE5D54BE0002FEB42790867EE446425332 |
| SHA-512: | 39E231209FF17DAAC674468007A1EC15B710E25039EEAA58CB0CC94B998FC13980EB0F94A419BF8B6D9E2ACB2EA688F925EB90AAB5DD5B2EBC67022507159981 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 14613 |
| Entropy (8bit): | 5.420613565921048 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 73930812CBFE166F019D0B20B8305184 |
| SHA1: | 427964CED18BA35D1A72BD050BDBAFC449FA70AA |
| SHA-256: | D3C1D3DFCC906C4CA8FD8EB4C51012202F24A3579C8C61103F515937D84B7CBD |
| SHA-512: | 4F0788561FA7FE0AD5EBD84F72C395D341EEBE4A1192EC8F44712C5F0C6A57C895FAC090DE4CDDBD39A87FAE30C3BC294512F2497CBC0B7516DFF4A45C05C58F |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ack.net |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 73732 |
| Entropy (8bit): | 5.588399248302289 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 7DF91A9BA53BEB853A8A6CAA43E5081F |
| SHA1: | E286B44FEDD9B8ED5EA3B7C65585377900EB8D88 |
| SHA-256: | 8CA8203E29592853551A5BABDDACC5129D1526A706D57D7714192550DEB6367B |
| SHA-512: | E9D577DF61168881A2F204515F01B7B949973AB7C9BB29959D5A626E36B6238EFE0F0CDA1920B2EEBD181CF8516A7EAACC7D7F1C2139B6A1382C4B3A98E45E8B |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://contextual.media.net/nmedianet.js?cid=8CU566D6F&ydspr=1 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 49 |
| Entropy (8bit): | 3.176789192964165 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 56398E76BE6355AD5999B262208A17C9 |
| SHA1: | A1FDEE122B95748D81CEE426D717C05B5174FE96 |
| SHA-256: | 2F561B02A49376E3679ACD5975E3790ABDFF09ECBADFA1E1858C7BA26E3FFCEF |
| SHA-512: | FD8B021F0236E487BFEE13BF8F0AE98760ABC492F7CA3023E292631979E135CB4CCB0C89B6234971B060AD72C0CA4474CBB5092C6C7A3255D81A54A36277B486 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 57 |
| Entropy (8bit): | 4.064698569179295 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | F32D5DF7F15E1A9B6BAA58E05B6225A8 |
| SHA1: | 5DED68F58C040194BA58CB5DC368A8FF336DBDDA |
| SHA-256: | 73F0303851E977716800EFA57A66387958FBD2E6219CB27B8186FEA5E21B2AE7 |
| SHA-512: | 0E1E1FBE8F396F8943A20DA813239031CFA295D28855B9B5323A3F2801EA6CA17BC1E2C8CB953963ACEB1477E001B3EF81B6360222FC9AEC91348C8B19378A54 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://ow.pubmatic.com/setuid?bidder=amx&uid=fddc7155-af29-4c29-b97d-739af69cc326&do=www.ack.net |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 3458 |
| Entropy (8bit): | 5.200134228307927 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D049E0099B3D47838CD0AA5D379E283A |
| SHA1: | B7F429E52E2CE7A86ADDF124EDBB0229F951224D |
| SHA-256: | 18A246F982F020158A7571C9EF7CEEB8109E202436B63E77059DDFAD2E3A1536 |
| SHA-512: | DD182F0680FBAB840AA220EEB04BA305F5D7D65113684710D512FB3610F8C4C91FCBF2363785CD50BA00903E8F6D9CEFC305840F3E0BD1FFD5E4942F5265DF4B |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.ack.net&e=27&uid=fddc7155-af29-4c29-b97d-739af69cc326 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 41751 |
| Entropy (8bit): | 4.8923001654179075 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | BE7F7687EB854FF44205C3D466797864 |
| SHA1: | 332C2C760B31A59F442AB836FFE986E4F05ECE8A |
| SHA-256: | 20CB7E97CDD2BD5B3175038E3C8730A3D639C7B951F803D1CD215E662EEA50F8 |
| SHA-512: | C17D63E2495817FDCF8B5014F55A1A36ACC566AB292746D1A2BED1D1F915030C64FD21082E1A15D18E7819935126679C3481A834CD5E3AA1C8FACDB9557ED460 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.a7351649a9c39f0af7c6d288a87ef140.css |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 463350 |
| Entropy (8bit): | 5.511112111777634 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 6D282A1E65CC9B56F4CE1D5A91D66322 |
| SHA1: | 5E2F8E36C4EA6E46817CCCE9F41C6BC7E186D2DB |
| SHA-256: | 417C7E1B793DAB1354DAA456A61F7344F780AD31FFF8E4FEF024F4997F29942E |
| SHA-512: | C2BF0A8753EF84A2ADD279CEB6DF4073FB29FF5F8730A06DD1A90A65B8448AA7C7C3F8420932566AD98CD51B5985E205A35658EF603770EC6F86E97B36BCB967 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405220101/pubads_impl.js?cb=31083984 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1212 |
| Entropy (8bit): | 5.0200901346412214 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | ED63D18E0C9C48AEB9F9FEF4D49863D0 |
| SHA1: | 6809C8CF778F54024371C123A305C15BAC338091 |
| SHA-256: | C6ECA5C98EF0C269855AAAF467DDA0640678444A844346AFCBCAC932DC2C8A82 |
| SHA-512: | 27996B04B266221443C8425A7D817AEC4A7D445DAE55A374D7532D50956C991CBE6968986EF11FDD1E072C28014413A1977AA47FF029F577601D473E630933CC |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://lexicon.33across.com/v1/ppid?pid=0015a0000344WLkAAM&ver=1.10.0 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 202 |
| Entropy (8bit): | 3.618219514550541 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 86BFF0560946B22F6DD28A9C1ABA04FB |
| SHA1: | 9EFC8025029AA569EFA0CD292E0B7562A3FA9BA1 |
| SHA-256: | F6F23F86A097ED020D191F151F2735F9EE3BD3DE794CCC278CEB5AE714D1700A |
| SHA-512: | 7BF615B3502D3093C6403BCE8053EFD5331CCDAA15D5C4BD3D7D581DCCAFA95A418A1C284A01D082A6822AB2DB15C741802F84F260E9C1D780552CAEB12AF284 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2208 |
| Entropy (8bit): | 4.685644559574232 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4538E243FE5C27F98E01B71AFC3D788F |
| SHA1: | 0DCF8817DE34BAEBBA53AC3E701AD92D045C6C7C |
| SHA-256: | B2231C12A79CCE809D93B852392FCF09030B3DD3F77D54E6A4D555FBDA627EC7 |
| SHA-512: | A8196C988D32EDF73B520B5A44F289ADC6EFE650B07009686FBBB052880F7097D2784BA05F05D5FFDEDEDF9218BCF1ED3887AC205F09CD765FCCF90AF8DFC396 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/domains?organizationId=1763530 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 3142 |
| Entropy (8bit): | 5.229170614038528 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 8A5B1140934648289E96337CDF0A3511 |
| SHA1: | F2F4638B5A99D476B848E5774914EDF0396040F8 |
| SHA-256: | 32209E964449881B7F2A21086506DECCC49063673C2CFFF6288598F843FC81C4 |
| SHA-512: | 727B9F8727C1370F0DBE96050F352C199C478F90466BC8DFB15956B83CEA7905D42F266C8F58194211A56A53C377736F7EEBD66E26C0645F6A18738AF5D6D803 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.ack.net/shared-content/art/tncms/user/user.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 51384 |
| Entropy (8bit): | 7.995018579247014 |
| Encrypted: | true |
| SSDEEP: | |
| MD5: | A2C7AA6E871896C2FE75692350529AF6 |
| SHA1: | 76D58DA3659FC67AF9C670D41B68AC19994DDEAA |
| SHA-256: | C9881931311B77F935225D7EEB7EBD0395480A7737A56D427778C98534ADE38A |
| SHA-512: | DEB99119808782A3C71118B5CB112917BAA925E4BCCCA5C4560D34ABE6074A4DF133D4946B8DE55737D6142BFE99F1DE6AE50757B2CC910EDE90A3F186BE81B3 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 93 |
| Entropy (8bit): | 4.279359495939872 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 37A4E4275D5072B5658C0A1C5C41E1E7 |
| SHA1: | FA2C8C495C7413D6D3998B99D642162B170374F8 |
| SHA-256: | 94AFB2E3894E755F9A824C49CB34C05E5F200BEBD979995D414871262ABCBA3F |
| SHA-512: | B9AADD281BEB88A9E5FFB793CFF6F3313B956FFF414981296D920620385FA696DC3268CDEAF6B531C9AA69AD6B35766575D716A388B6714D35DB37E751E0EA4D |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 162248 |
| Entropy (8bit): | 5.3990705738351705 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 9EA970C2F807EB41ADA1D8C605D4857B |
| SHA1: | 913DAE3CB4E145870913D587C5E86E5EA282F094 |
| SHA-256: | F69FA12195AA4C85A669A79E6E9900787ADE75397DCD49047895400DCE4F2E85 |
| SHA-512: | C16CDE0CE4A8E9A3BA646E3D2937B82040A9FAD7ED5581BF83A7B1E5CC95A15A244699F944523CE1BC8BEFAD617739CE30947AB4362C74919C4DF5B93B85BC7F |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://c.bannerflow.net/scripts/animated-creative.6430570c55e8d68a7035.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1406 |
| Entropy (8bit): | 1.7397988621812874 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 1F6685DFD0C780FD8C71D5AA49A95548 |
| SHA1: | E49F0C3D3BE09A8F7500E3B54694B89E660611B2 |
| SHA-256: | 9ACB6F7FA62F88D0CDD9F8381209CAAC6B2DB8BD2923888CE998B532FB7FA99C |
| SHA-512: | 8E33284299567841F17C8925CB8C8AB13BC839E0A31E9842DE8BF20B88FD878561223B66FEA24704741F5E7F905F16E1C45AB67D3004CDAAB0C7AFBA7078E6F8 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 3828 |
| Entropy (8bit): | 4.641269742087701 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 34871C1B6566F469C29D7FF719DB9C5C |
| SHA1: | 5E6654A63FFCDEA3B2FA3CE4D99240D7E07AE903 |
| SHA-256: | 02D1468EFCF9638BBEB2E30FBDE0274F240DA367097CA1A8207DD7E196E9B037 |
| SHA-512: | A639F089A3F4CBBAE9A9A49413ABD881D0DA07760811054F897A84DC12A7F4C58DE7DEE58F1143D24DE53B776D3198BD0DCCB93D6615B909DED6962F15BFBFB2 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/matchup_groups |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 17066 |
| Entropy (8bit): | 6.017330142191067 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 0C4E82A2CD2F44DE4BD1987BB156E3B2 |
| SHA1: | 1517E6AE284882FB1D16882127F62E80A41E96D1 |
| SHA-256: | 0B9D4E8AE5A96B4AF12D0403D3297538967BF7075B12CD3BE99BF60BFD684CF7 |
| SHA-512: | 044C2D68C1F969B17E3B8E1A1E2C8F2919C64E7D6B81554EE786FED0842C81F507CD0E964C1C72019457216F04131CC936A47EF55CBF441D73A199E9841058DD |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 8704 |
| Entropy (8bit): | 5.445024802778053 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 38F9E6AA75F6098B6B4B9EA0D3585ED1 |
| SHA1: | A5AB837C68AD7484C26E7DB97E97F0ACD086CAB0 |
| SHA-256: | D50881E8CF2AC03741C7C31B98DCABDF91D458ED76766EFC511B26A2B796DD0F |
| SHA-512: | 4F6D2FD9CAA107AC6D216A1EBB96A65F3D9AD2594D2C5EFA0C43AF6C6F7775770136276F0D1B7F48710EA737A2732FDBDBD929226D384A02F8186282AE066311 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.ack.net/shared-content/art/stats/common/tracker.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 83296 |
| Entropy (8bit): | 7.989310384340489 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 32A13D298CE22C5EE3D4D3210123BC57 |
| SHA1: | 313A1463E8E913A655F427FE9BE0964C8CC40CB4 |
| SHA-256: | 428E56CE87F4DE1F567C4A2F97904787D184484CC25A5282174320F75C257F85 |
| SHA-512: | ABCD16CA9B246BE6BE459ACB3EAD0B50DC4601A8F228C0BD8E5A15E3AC40E0231FC8CAA08008C8CBE5EEFA86D123B45695CA50EA120AC53F7CCF4F22D28FE0B1 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/content/tncms/custom/image/a31750ea-ca7c-11ee-8535-e780ef83bae0.png?resize=1200%2C137 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 162292 |
| Entropy (8bit): | 5.907131801052968 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 6205B604D5658BA53E84E426D1419BD7 |
| SHA1: | 84223F41A6E96D81E2194A340803100906EEC134 |
| SHA-256: | 067A6EB2CD1FD76BD9447D2C393BE4DEA2E20574EC57C14A9C44B6ECCA2906D8 |
| SHA-512: | 03DCE84C96EB9AECE1A4625F2E981638CE68D8830F9A61BFA56847F6ABFA7D86EC4FF78502B859DD8314440980C3C0427EB557DD3D6FCF10B6563C98AADBD860 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3712519101130699&correlator=902186057963975&eid=31079956%2C31083984%2C31078663%2C31078665%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202405220101&ptt=17&impl=fifs&iu_parts=132916964%3A23111922244%2Cack.net%2Ccontests%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=2x1%2C1x1%2C1170x90%7C970x90%7C728x90%7C728x250%7C970x250%2C300x250%7C300x600&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1716577430602&lmt=1716577059&adxs=631%2C631%2C47%2C842&adys=0%2C1%2C433%2C524&biw=1263&bih=907&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&u_tz=-240&dmc=8&bc=31&nvt=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzIiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTMyIl0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzIiXV0sMF0.&url=https%3A%2F%2Fwww.ack.net%2Fcontests%2F%3Futm_source%3DThe%2BInquirer%2Band%2BMirror%2BNewsletter%26utm_campaign%3Db12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01%26utm_medium%3Demail%26utm_term%3D0_-501d27be68-%255BLIST_EMAIL_ID%255D%23%2Fgallery%3Fgroup%3D483654&vis=1&psz=1263x1%7C1263x1%7C1263x90%7C359x250&msz=1263x1%7C1263x1%7C1263x90%7C359x250&fws=4%2C4%2C4%2C4&ohw=1263%2C1263%2C1263%2C1263&ga_vid=708250260.1716577430&ga_sid=1716577430&ga_hid=383569264&ga_fc=false&td=1&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQYvNjz3_oxSABSAghkEhsKDDMzYWNyb3NzLmNvbRi82PPf-jFIAFICCGQSGQoKcHViY2lkLm9yZxi82PPf-jFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YvNjz3_oxSABSAghkEhkKCnVpZGFwaS5jb20Yu9jz3_oxSABSAghkEhQKBW9wZW54GLzY89_6MUgAUgIIZBIXCghydGJob3VzZRi82PPf-jFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLzY89_6MUgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1716577425405&idt=5113&prev_scp=pos%3Dimpact-top%7Cpos%3Dimpact-sticky-anchor%7Cpos%3Dbreakout-one%7Cpos%3Drectangle-one&cust_params=browser%3DChrome%26k%3Dthe%2520inquirer%2520and%2520mirror%26page%3Dindex%252Capp-editorial&adks=1946688074%2C2306930947%2C1105799325%2C2216565914&frm=20&eoidce=1 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 193452 |
| Entropy (8bit): | 5.326837029233028 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 70DBD44BB2C4A7A4AF123EF039D7D2B0 |
| SHA1: | C5675B2C3CD5DA001BB60E8516BD1ADD42BAEE64 |
| SHA-256: | 82EFC7A10A7E20BCD83BC9077B8ACF0D172899B7FF5CA7D99E103F055594EFEA |
| SHA-512: | 08A94908C71B684E2CAC4ADC160646C8A6AC047209A86D6CCDE0C9DD30BEC8FBA4CD3725FDC760F2EE8058B31BF4AD7038D11F4593583E4E2E6211A61B6F7C0E |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://resources.infolinks.com/js/1931.004-3.034/ice.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 298754 |
| Entropy (8bit): | 4.534407489415313 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 1D4C81EB9CF10382981D0346556B0D14 |
| SHA1: | 8A7428FD1CE85E431526C5790536AA2D6464E094 |
| SHA-256: | E3AF899AA2BE4AB4B65B4ED9E7CDEB6424F1B6EBB47681C3330582B93533EAE5 |
| SHA-512: | 6ED51F9CFCADF6C08F27C464675A67103CF2054E964DB023A69E48D19FB6ADF31B3B1112C081C299578D8964D6D4C28EA289C619991F9CF77CBC673B79B80DE1 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/matchup_entries?matchupGroupId=483654&pageIndex=1&pageSize=10000 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 35 |
| Entropy (8bit): | 2.9302005337813077 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C2196DE8BA412C60C22AB491AF7B1409 |
| SHA1: | 5FBD472222FEB8A22CF5B8AA5DC5B8E13AF88E2B |
| SHA-256: | 6ADC3D4C1056996E4E8B765A62604C78B1F867CCEB3B15D0B9BEDB7C4857F992 |
| SHA-512: | 84E24A70B78E9DE9C9D0DFEB49F3F4247DBC1C715D8844471EE40669270682E199D48F5FBEC62BD984C9C0270534B407C4D2561DD6C05ADEC3C83C1534F32D5C |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4599 |
| Entropy (8bit): | 4.702142023716197 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3E9EBEFDD0B0550F5EBF5AEC3AD58948 |
| SHA1: | 1C3CEECB3AB8A6D98021B8BA8224BA70B271F8C5 |
| SHA-256: | 9E154239A1DEA3256910E5C5F0E47D64C9F61B447CCFE30F2464EE1655640AEE |
| SHA-512: | C88BC2D27680095D75DE9449923F1E4479B8678568605B563FFFEF732A6A165B3D6448A2B2FBEBA41BBE2F025E60637A50458379C1271C97AA9346554C1DA100 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 30528 |
| Entropy (8bit): | 5.55547419834924 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 45F038E188B2A7F0FEB9A75EAD93215C |
| SHA1: | BEC24A59F0B04F221D49133F34C6416239AB2896 |
| SHA-256: | 26CD88F80E32BF9CD9D41030EDD478F71E9E41A88F06CE1467C3EA9B7D24EC83 |
| SHA-512: | 4B060E84D50A93B4C92348D1C033D34E088953FFE5742E9F43EA672B0BCBEF29E900CC4F162251B56F967F08C957F4688DA7B42C22E81C671F36F4412BF308BD |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 4116 |
| Entropy (8bit): | 7.773650326709332 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 9CB0169BCC453A042A9D6D1C50DD2F64 |
| SHA1: | 070BEAC41803A9B28ECA68B2D5A4293C442CA9F6 |
| SHA-256: | 643F5A805C021F9477B4C29923FB62066F2F3CFDD113F99B4FEEF27BD854FB02 |
| SHA-512: | 7F599872850DAB9A37B1E5E5A3D0E3D77B6931739055C81AAC9A5933AF13222E7EB17B578EDFF6A02252CF1C97631732290C3D2A842B861620216498D2C97612 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F59c910d931ae9c0318638256%2F0199f10e-a165-4afc-8226-a0a984273a21.woff&t=0124FMOPR |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 41973 |
| Entropy (8bit): | 5.299710677376654 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 9FEAFB1E202E0BEC5FE57D365ADF2E05 |
| SHA1: | 020F652BC788B9B11A0B86FC1FA5B9D4F9C80CD8 |
| SHA-256: | 95FBABEDB3CDCE723A6D587747D3D7456F488F755CF4500FF01863F714D45BBF |
| SHA-512: | B2E69EC2733F1BC7ED78FFC439E33D443A46D2786E4702DCAAEA33ACFEAAA33612D19651D3E3AA1DA04B8257EDDF3FC5FA63CFEEF8FF5973A7E69F0B9066949D |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://assets.a-mo.net/js/idw.js?ga=0&gc=&do=www.ack.net&e=27&uid=fddc7155-af29-4c29-b97d-739af69cc326&k=am%2Fid40417338.00000000000000000000000000000000 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 43 |
| Entropy (8bit): | 3.7628743492292966 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | B59FFA18DAD64BE6459B90E0117C2E94 |
| SHA1: | 40AA97C33618FB5459F4B3B8D9B22022B6616C60 |
| SHA-256: | 5F789CCAE156B160492D89A6146B1974D15128790B74ABB995D8E89FA44CDE5E |
| SHA-512: | 19C89EAB341DB35E83AA2AFB5D41707020AF849BA0790CBA277BE2C3BB09E6E53AD9B009410783228CAF8BB82E6B81AB97B2DFD1969755EE47D9668A97F9F7A8 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 928 |
| Entropy (8bit): | 4.723536449996711 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3D895E117ABA8A186E6CF45B3CDB9CEC |
| SHA1: | D21B093763A2C7A884CAAF0E581AA7ED4EFB47CA |
| SHA-256: | C16A1F54128050A2C4334FE3155151163BC9165334FB0C5F97AF87C405A982A8 |
| SHA-512: | D1E822667ABDE1F7650E93B8D2B60C5BC478EA21FFF16D76453C8B2FCD44A07382CD8A9755764444D96B684551C2D177E2A303367199C8F625BE40990B859CF4 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.status.828de94349981272665c0fb0107f3e49.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2523449 |
| Entropy (8bit): | 5.318318164199408 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 8D26B644FB5CBBD7AE8B807994BC7BC2 |
| SHA1: | 4EA830C6CDB31E9BF6FE7AC43615F4FD25AD9846 |
| SHA-256: | 7116BC0EE4ECC4BC8461A29AB744F4D8928C936DDA01C641F9A8E4B2F0FF9661 |
| SHA-512: | 48C516743B0EFDC1D9D0CE2D63B45B0AD9A030ACEAE2BF35EB255DE4007BE7422225A188801C05EE703EF2AAAAD9D0A83CD3AA7FFD178125A5BA78431E2AE6B6 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://d1x4rwm1kh8pnu.cloudfront.net/ballot/assets/vendor-8d26b644fb5cbbd7ae8b807994bc7bc2.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 10803 |
| Entropy (8bit): | 4.950774382567925 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3836F509F9D097ADA818B062709024D0 |
| SHA1: | B8B6D6CD7C3BF7E158C58324860FEBB14CDEA1FF |
| SHA-256: | D23322E92D1054D064B0E77DE96F570D5899025DC71F3BCA9A18E8D41C38EA32 |
| SHA-512: | 63EE01FD96148B64C4450218181EB3C454039846D21B395272EC97E10980E7C9B051A371C1EC6343010F7A35ACB8E397F2A9D74C650DC0BA06C53C1ACCD5D930 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.31e8e7158129efcfbee0b0e2a4b1c720.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 669359 |
| Entropy (8bit): | 5.289396101322938 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 40ACB9C285A2813BD1DFCB809912417E |
| SHA1: | 0E39B5EBBCF7D9894BDD4E2BB70E88F04D857DF5 |
| SHA-256: | 13EB860DE0D693D73728FE8B866F98EC884815C8BF980905BF563AD12D5B0FEC |
| SHA-512: | F3E816D5FAB9E24C5EFB6F2F366AEB3083AC76CECEF6C55D025F309DF7B1E474ED81D3500CA6F68F2848152B778954FE0441FDAF7D6965252455EDDDEF156E4D |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://d1x4rwm1kh8pnu.cloudfront.net/ballot/assets/consumer-ballot-40acb9c285a2813bd1dfcb809912417e.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44523 |
| Entropy (8bit): | 7.711861114510238 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 877CC026D042A86993020C32D05B8881 |
| SHA1: | 601E2B2E4F22D0B6E88435AB2E9E4B7F36BC9C33 |
| SHA-256: | CE2E54BBAD10D3F5AF7808EC2A2B4A4B95FDA0621514154ABE296C29A02D53ED |
| SHA-512: | 3E76BA3322979F30CD24BFFB5A9040763CE358D632E5FA5A27669CD5A88473CE47B736BD78A7C2202E124BF2531F533D668F41741FB4399C33A608D21054FEBD |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 82359 |
| Entropy (8bit): | 5.542384346198929 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 1CAD5A6EDBBF8DA3391EC0F9966CCCA0 |
| SHA1: | 572D86990C0A590CF67B938C9A67966534BEAB49 |
| SHA-256: | 0925DEAB3DC0CA10E7DF8E8664EEEFAABF037F246E17F3A4CC57DBD2918EAA18 |
| SHA-512: | 5D8E5D371A4B65A0B1621E9C19A20D0A580DBDD8186F1F5BD9E630AF4A7A31DE13959E36B93AAA976597D85647C20194E03C114DB01EB422D411C964340DAD84 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdn.adnxs.com/v/s/244/trk.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 4106 |
| Entropy (8bit): | 5.408844136061885 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 66A4C12F7123A6454083A73EF207B4DE |
| SHA1: | C631783F2AF90C2B41C3220BC2036DBA87953A23 |
| SHA-256: | 9E901E3D7C0E16C2DB6399568CBB1C5A3CB0E48956CDD4A0E6B69CB713E6B19A |
| SHA-512: | 9729DF4D80911C82927E8890D8035652C3FBE95C5825F66A30C587BAC7C8D1859031FCB1C96304F1AD383B802EEA1BE607542E64AC89B5C712A09093F36C05FA |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://securepubads.g.doubleclick.net/pagead/js/car.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 426 |
| Entropy (8bit): | 4.495218470488434 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 73B1B1FC718CEFC03C3393AC009FFE9B |
| SHA1: | 1FCB2E96242D31BFEEE888E2F23F00E93AE04B84 |
| SHA-256: | E1F5A9324EE6A8283F4465690BCA9D15FF1929990386C0D39E26A1057B331B24 |
| SHA-512: | ED7C37D946D67FEDE2A2ADB610CC09C02E2637E9924A9EB83139C2D620E5F91DC68724F5EAAC9AC917F6DC9DF6F1D86D46F1EED329EE64BA2445437D45AB10B7 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/settings?key=hide_approved_entrants |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 99429 |
| Entropy (8bit): | 5.445615220941023 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | F4083BE7EC19463B1E86882E1206E306 |
| SHA1: | 7D670D371DCE867AB974AE5AA17AD94A5F835686 |
| SHA-256: | 3D2EFCD80C4F083EBC259F6A0B7BD443B78BB337FD89548A1C4201101EBAD31F |
| SHA-512: | 3C7AC51927D35DF790CE3E7B0870E89990A510B1AECA07721D4B01E1906AB9819C3EAC2E8A4CDBF9DA11B3DEEA1D7DAF092EA6FA994B3280E04A49E268F5ADF3 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://s2.adform.net/mink/631/s2.adform.net/load/v/0.0.246/e/.gSBgiDQ/i/uCAX-4QAAAAAKAAA/r:AdConstructor:contents/HTML:types/Standard |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 594 |
| Entropy (8bit): | 5.180672235959939 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 153E76C0B42F9B8CFE17FD4FBE608A6E |
| SHA1: | D981D68ABF3EC1E2E8FDE270B1D6704F5E9D0B5C |
| SHA-256: | A1B47C1B8F5C7092DCC645719F460EF4ACDBE261859EA321579099B506832924 |
| SHA-512: | 808A030E18066CD4B852E3B1C1EAFD050DCC4D958408A76DABA8F91325A6D65BE3ECDED15E74C4219E569B5C37C135FAD5E4DB89D00A785E45AFBCD5AB9010A3 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/organizations/1763530 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 127931 |
| Entropy (8bit): | 7.990742768414636 |
| Encrypted: | true |
| SSDEEP: | |
| MD5: | 848CB952F4921F8D13C855CEFC10033E |
| SHA1: | 7B55109C558FEB0DBBD38851FB2B94DF0F6F1C5E |
| SHA-256: | C73473CAA87F83B16878E31EA2F3C55186FDEB2231FFBCE2A23407AFB61E449F |
| SHA-512: | 0135D90430DEFCB4B3E9D709AE2E3A027DCEB6F2B63C99A84000E36502420797D44978A2FF352902C061553C8B5B9CA09995FB53B69D05734B06FE81CA56BF1E |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 43 |
| Entropy (8bit): | 3.2226627197680635 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | F837AA60B6FE83458F790DB60D529FC9 |
| SHA1: | 14AF87CCEC7F81BB28D53C84DA2FD5A9D5925CDA |
| SHA-256: | DCECAB1355B5C2B9ECEF281322BF265AC5840B4688748586E9632B473A5FE56B |
| SHA-512: | A85E09C3B5DBB560F4E03BA880047DBC8B4999A64C1F54FBFBCA17EE0BCBED3BC6708D699190B56668E464A59358D6B534C3963A1329BA01DB21075EF5BEDACE |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://sync.targeting.unrulymedia.com/csync/RX-3e386540-351a-4d38-bae7-2f06d223a8d0-003 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 207 |
| Entropy (8bit): | 5.075609301274961 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | DF5AE6BE56626308B219F6BCD8124CCA |
| SHA1: | 2AC521B18D89FBF6A8758C055D38A5B90247BFCD |
| SHA-256: | 64D2CE701B1F0B1D910BFF7F252AE7A53D5F90CF3EFB970163811C757B889D57 |
| SHA-512: | 24ACEEC206281135B8C7AE79E6D71E5DEA80984E2E2F0066042CB1A9FE792305D87B227A2836C440D0CED70E42B47D621304CD0F3EFE03372024F863C97D7F70 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 274663 |
| Entropy (8bit): | 5.507788563860492 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3A87BED16D724CC2BAAF51A05A302AE6 |
| SHA1: | 07826E875D6E90D6FC1E3FD0A2E7A80B8787338F |
| SHA-256: | CD7D225D222456910690BCDD2EFF16EA0D2562710EF8D6759EFEE1732E1EF89E |
| SHA-512: | 6527842722B3603C6BB5C1355FFC5980D387EB14E2676C3C9C251E2C698589378609B6578F5AE28707B716859B25257D82BE655462E8C8046AF4A7A8CB73C44A |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1368 |
| Entropy (8bit): | 4.729179260546466 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | B739F2EAC76926CD30A75A95CBDF4961 |
| SHA1: | 646073E0194D5B11CB3227A0BD8ADA328D6774E3 |
| SHA-256: | DE78C8EBD5963F190541D0856B86A0A2839824DC3D2FE56BECDA39E09C86D931 |
| SHA-512: | 3B78A766DB0B44E99AC0B8D0526F8A20BBF0817687E04F70E9804C1D647AF34360E80503F4FBE7289FCC1BA0A02B6B2E955A645EB09FD4757AA9D6F77EC52D54 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/media_items?promotionId=885404 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 201648 |
| Entropy (8bit): | 5.537599128095113 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | B1AD11E9F65C89DC00B386DC63D305D2 |
| SHA1: | 6D14D43ACCB4475A3459FC6AE3923B0466A0D895 |
| SHA-256: | 36556092DCDECE9003C86D8627EAA7BA497112FC29949DA4E5471FF7CE38830E |
| SHA-512: | 48E7269FAE8021FB86B4DBC3E15ED28BE511E44511443FA5B54CD81B56B71022523B64FDD0CD7B9B9D1DD18DA735EACDC9F21CC580C313DA4EDC605059B644CF |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 18038 |
| Entropy (8bit): | 7.990231704368851 |
| Encrypted: | true |
| SSDEEP: | |
| MD5: | C37063ADAEDCD4A35007B17C59ECAB07 |
| SHA1: | D5CF161CF1A1661247E9331E64D4A30A1066A6F0 |
| SHA-256: | CE4BC5DA7592668B63FA8657D730787EE0F82EA88A2075F83613BB4B696A3A1C |
| SHA-512: | AD05D0ADCF4C8A624F38B737E90446E02755EF476993E2267B48DE2D9368EEE88CC6F04A9671E0A7366616B29FE0A32D0DCE1EAD64A33FC0A92658BF1A1CED96 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 50611 |
| Entropy (8bit): | 5.464681536486382 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 6F4240ECD569B3A66C0B62CF9894530D |
| SHA1: | DE52B51E9E3ACB1D97BD931471526603945A9EEA |
| SHA-256: | CCEB43C2786E2C61A5628378021CFDE531C06693506C35795C8AC5AD09E15F92 |
| SHA-512: | 0487052F73BA1E809A60DCF571B4A728CA409B1D4F8E827A1A889EC0D0357742A5E453477B41009D9BE8C1F6A98A423F9D2BB85485C8B4C602FE220BAC8246A9 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://c.bannerflow.net/a/663dd44df777125c4a03dc20?did=5ced02fe0fd60d000186f5ac&redirecturl=https%3A%2F%2Flax1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfCBmwAAAAMAxBkFAQieycOyBhCB95LvmaO7ikgY8fzkvLS5hoQcIInq0g8osxkwp0c4AkClzY72AUjY63FQAFoDVVNEYgNVU0Ro2AVwWnjGuIsBgAHd3AWIAQGQAQKYAQWgAQKpAVG4HoXrUeA_sQEWZTbIJCPYP7kBAAAAgBSuFkDBAREUQMkBUrgehetR4D_YAaRD4AEA%2Fs%3D25c6836e0e47476eb89b730c243b291884d62bfd%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25215BSttQiFwKsbEKXNjvYBGNjrcSAAKAAxAAAAAAAAAAA6CUxBWDE6NTczNEC8RkmvmXyzzY3tP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DOTEyNyNMQVgxOjU3MzQ%3D%2Fbn%3D93789%2Fclickenc%3Dhttps%3A%2F%2Fa1.adform.net%2FC%2F%3Fbn%3D72714202%3Badfibeg%3D0%3Bcdata%3DmXXA5QZ8i9ilkQWoE64PCe_Nur3QyMDyU0RpAr30GfGhxU_lGQYZP04iRmF3MntfGpte8p-GhPcMQK3LL0TeQEArBVVsR5ERQlL6-x_QkLPSRYcUnuf5EUvJqMRtycPlTFGWMnWVYVgdSzyDUaAYmWT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ack.net%252fcontests%252f%253futm_source%253dThe%252bInquirer%252band%252bMirror%252bNewsletter%2526utm_campaign%253db12e416420-EMAIL_CAMPAIGN_2024_05_21_05_10_COPY_01%2526utm_medium%253demail%2526utm_term%253d0_-501d27be68-%25255BLIST_EMAIL_ID%25255D%3BC%3D1&domain=&targetwindow=_blank |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 43 |
| Entropy (8bit): | 2.9889835948335506 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | B4491705564909DA7F9EAF749DBBFBB1 |
| SHA1: | 279315D507855C6A4351E1E2C2F39DD9CD2FCCD8 |
| SHA-256: | 4E0705327480AD2323CB03D9C450FFCAE4A98BF3A5382FA0C7882145ED620E49 |
| SHA-512: | B8D82D64EC656C63570B82215564929ADAD167E61643FD72283B94F3E448EF8AB0AD42202F3537A0DA89960BBDC69498608FC6EC89502C6C338B6226C8BF5E14 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://us-u.openx.net/w/1.0/sd?id=537072971&val=847d6bcc-507b-4c4b-a0f5-a4e0766e14a4&ttd_puid=bb67d6ed-0e28-70a1-caec-acac0934525e&gdpr=0&gdpr_consent= |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 9270 |
| Entropy (8bit): | 5.141086013932976 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 00E9C65CBBA11C07C4BF4A6E2727B8EA |
| SHA1: | AC1A5D9B6FFCDE916A82169CD74C9A734BDF4A39 |
| SHA-256: | 129151ED0140041B198CE3B364A11861A3B5BAA5BB60475EBF7BEDB9B0FC94D6 |
| SHA-512: | 6C142FA3DE8B0452530D3E0DA7AF3B2CFCA2F0292282E07FF3AEF71426E791B650A8EDE02B5626B7ECF177B45B86630DACDDE9F9480B639E01C7B9D994535D2B |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 316 |
| Entropy (8bit): | 5.602582056660949 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | DD7E5FFAD5349C2C0E2CC89C1A0BC645 |
| SHA1: | E2A7BD11D8D2EFEE64FF70EEA1832CDA0BC4BEEF |
| SHA-256: | 9E53BA88F06090EF6648F1F3B2870DF5F15978C36741A93E7B9A8294074E83E0 |
| SHA-512: | B589BB0A224AF1FEC2D5EC5D6CDA25A103FE27E9FAF9D2F0DE11484552C95C50CC95FF841493785B0762F5CA370BCE35BF589FB15F11AA04AE8EAEB01BC2111E |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 278210 |
| Entropy (8bit): | 5.013324731030806 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5DF74D6DB1FCEC7404889CD02480A221 |
| SHA1: | 868CCBD6D90EDD7CD646C795C9175C0F58CBF29D |
| SHA-256: | 739A83A41C4FA58D778CC438B6F8EE91318E15C2D21FA209290B4940C67346E1 |
| SHA-512: | EB426F4DF9587404C186BB5031DC04EC9952AB19E32FB0F83B7F9464131877E46A7CAE2AC837C1232B8F2F90FFAE4725D734D7353405A534090192A83FCFAC35 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://d1x4rwm1kh8pnu.cloudfront.net/ballot/assets/vendor-5df74d6db1fcec7404889cd02480a221.css |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 267 |
| Entropy (8bit): | 4.809191596272758 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4D3E3D2D86E4EC8AE9AE36B761982325 |
| SHA1: | 44D39F328589892359F539F42BE408DCE4A955F3 |
| SHA-256: | 696608AB0D1F7D45595151EDFD1B072E8F030E612EDA45136423D1848FDBD579 |
| SHA-512: | 5243EE80E0A3B5CD0C0AAE3608AA76A49E64EBFA59B070FE0B8C7F289F20A550D344EF61AEA06150C3804F1AFC5C8E27E176BD99592367B35C110E685E71B83F |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/sweepstakes |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 17218 |
| Entropy (8bit): | 5.266693053762656 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 92372AB5063270A877A9EA52017C9654 |
| SHA1: | 339C26E0F34DE5497B1614704E77DC6747087301 |
| SHA-256: | 6149F1372190ECB81835FF168BA4E436940DECA497565236C3D75FD6607D0F06 |
| SHA-512: | 7035392A362BE8D0CAA7738B22501A43CA3423DC1EBA83D14919CBBB42871FA47B478C5643A4BF12DAB0E925C6B3EB741404DC68F887B578EECF77E801B610A0 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdn-ima.33across.com/ima.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2776 |
| Entropy (8bit): | 5.123321516846334 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | A3A9A9EE8E72DB69D54E805F0586C651 |
| SHA1: | 9423B498B1B19136B84D704924324D3A805965AA |
| SHA-256: | 72E960BAA80EC819264A604F2F8A8E5C21F81B785EBC17595211AD170D8B1BDC |
| SHA-512: | EE97AC661082B66013EDBFF75C1A7AAC9224F696409687A9599968ACCAEA7C88731D84662385B411DA595A0D510F50B40066EB283C9BBC4F1DD6CFE8516267F1 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdn.prod.uidapi.com/uid2SecureSignal.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2162 |
| Entropy (8bit): | 4.655663585165413 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | AA489CAF1E3F2BF852E2C60E6408B067 |
| SHA1: | 9960B9D960FD5CA70683AA20C78A4F962C549168 |
| SHA-256: | 37A31642AF0A7FE695ED0FD68A06A55AF44E854D083DC7F5D0E70535F0189AE0 |
| SHA-512: | EBFFC578839A404557FAC7B51511D3D5FB1BA7711DABA34480FB89875740FFBB90FBCC98986F2F1F5399B42E9707F851301D740477D877FE471F69A061F49C25 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 4354 |
| Entropy (8bit): | 5.148970693739854 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 2FE64877F878F00C2EB0FF66BBD6379C |
| SHA1: | 6DC70FC5E7ABB7F2F823E60C40C17BF75CE7C022 |
| SHA-256: | 92FE1CEA3DF8FC0E2A03F1C8D0099CB105C7D455AC8BE20BE165CE6BFF558365 |
| SHA-512: | EBB38045EDF89FC778245F8E24EA1B54AAF374060396132E08B3A50EF44D6DE54F4007F2855F5B8C36087BD8276F8A4A24E10176487F4E95561065A7B349CE59 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 150590 |
| Entropy (8bit): | 5.5972761931578745 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5E5C00E9BFC43021683B44A33A9BC2C3 |
| SHA1: | 1A57CEAE880ACF1FC6564930B8689C0D374AF0EA |
| SHA-256: | A673FF6E8539B61FD665C2029F1FA9F3D6DF456A5E2AC5F90C5ED49591687B9C |
| SHA-512: | 004CD9A7BC5AB59C97C95C651DF687076B0C41E6EA9E067011377D0B4FBD1DAB53A615307717FE92C0878458EF9BC9F7C083D38ADD6AD2283476EC5B7B08CCC3 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 43 |
| Entropy (8bit): | 3.0950611313667666 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | AD4B0F606E0F8465BC4C4C170B37E1A3 |
| SHA1: | 50B30FD5F87C85FE5CBA2635CB83316CA71250D7 |
| SHA-256: | CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA |
| SHA-512: | EBFE0C0DF4BCC167D5CB6EBDD379F9083DF62BEF63A23818E1C6ADF0F64B65467EA58B7CD4D03CF0A1B1A2B07FB7B969BF35F25F1F8538CC65CF3EEBDF8A0910 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 18823 |
| Entropy (8bit): | 5.268142970222133 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 21174B75D5531877BE1D57B7DDFE20F3 |
| SHA1: | 4692EE92E898A4029EE68A0D894D065D7275B34E |
| SHA-256: | 6BF8A58F79B67BF9D1EA3EAF9FAC1249D237DA074B02CBC525379A42A4525D11 |
| SHA-512: | AEA3134A20F20441C93EAA4C9E95859AA73AE945732E71F890E581F62F585F6A560180C3A230C19A0C9BD40BB7B4F40C5FB5E8C45F67FB87686771E3AF55DBE3 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdn-ima.33across.com/ob.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 33823 |
| Entropy (8bit): | 5.510292667385327 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | F2FCC396D6A87B8EEE20E8813D667668 |
| SHA1: | 0ABF3039BE381EA1CF44B3E6652E59413D88AD5C |
| SHA-256: | 4908103EB097A575D25AECAB0B105C51313E35CE211BB70D82EA0CE6E75ED2B3 |
| SHA-512: | 1DF9B87D38BE81E8F612CF7CE522DD01C4D56C8DEFBCDD581F0CC2514747A916387D79602652709BC1AB69CD277162A649927DF5939C0B07EEA5B6EF4199535D |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 274736 |
| Entropy (8bit): | 4.552657131536905 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 10732268E44FF4CD3B7CF47CC18913D1 |
| SHA1: | 1A512508A576CDA3966F9B00671FE2B9D0552C02 |
| SHA-256: | 7976A9DFE57F9BA6972420500782258DA674FCC523C2DEF08BB6A84CE275C4B5 |
| SHA-512: | 09ED86568E49D6E275EE81E2E405EC9B193B04F0CC672E92335866B865EC2F2C4AFBF776ED2DEDBF09956906BF28F2E5D18BA42D1CA4CB8B3DCF7C58F0AC1372 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://bloximages.chicago2.vip.townnews.com/ack.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 23066 |
| Entropy (8bit): | 7.991285826779579 |
| Encrypted: | true |
| SSDEEP: | |
| MD5: | 7E77FB7151E3FD3C7C6EF12A7E5025CF |
| SHA1: | 322CD33CDD04872DCFA68F2F72366FED6052D501 |
| SHA-256: | E03D882096CDFA372E7CCB0349B33A89B78E4405F5E19FE1BC48D7F42F728A08 |
| SHA-512: | BC93BAFF28EA4E06C2CA2E32B7EE5D721CFF252166DB99813CA59F1AFA4E86617609B5521C84DAD0DBB98A624C8ECFF04CBD44C17FBF6515C7A4103BE934A1AD |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fmelia-hotels-international%2F5b1e7460bb093f129c2d2c03%2Fimages%2F9b833eed-4199-4b63-a97a-3e52ddc2c297.jpg&w=645&h=98&q=85&f=webp&rt=cover&x1=0&y1=849&x2=2879&y2=1286 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 398 |
| Entropy (8bit): | 4.921536445540655 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 40E767172D29C39A1041435558150B6D |
| SHA1: | 6D9D508ACBB4852F0EFE926F3C4CB89C3F6A1C08 |
| SHA-256: | C790655E480E8053E4FF6DEAB3A4110427ED0FCF11C139FC08424F0EB78178DB |
| SHA-512: | D205BBE8D81C196FB8FA260CDF0A2E1A85ED1D21FAA83A0A496DA34BC399769AFA07C2B46C11D56811E730F01D0F3D6D04D75F94A1FC4A20E97DC04C036B0DD6 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 7486 |
| Entropy (8bit): | 7.977686866140964 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4AAC6DA2DF2B4D3EC17446EEA5374F91 |
| SHA1: | 69D09EDA3198405D81D6A52E6959A1518558F25C |
| SHA-256: | 797BB269F01921D824252578A851BC39DBF83E55B25FBFF7DF746B661C53BFB3 |
| SHA-512: | C3D21325E19D48B54A4E9C80C949398BF0DF49895DD3D50C6345C43289C8AC4B60890EE64E7D5225986E81749FAC0B22C0B150C4D74C251D8FC3D3706D8DE5F0 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2812 |
| Entropy (8bit): | 5.446536049026286 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 31ED7073455DCF7C2402B7C53D1E0DFA |
| SHA1: | ECC0B28FA8C70D8F7C42698F8B4D422D0E930069 |
| SHA-256: | 056F221F8DB74AD306293C7DC1A36B55BBD990065D814990B617B82C7A2546F7 |
| SHA-512: | 990409F502F8F5C9B6B629D56FF52E48997DD3CE4547558C493F5FA659CBF299490E86E9DF4B488E4BBDFF97B0393FA3E8BB1B76D44FFD497648CF12E3FACCE6 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | "https://fonts.googleapis.com/css?family=PT+Sans+Caption:400,700" |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 43 |
| Entropy (8bit): | 3.142069457963608 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | DB04C7B378CB2DB912C3BA8A5A774EE3 |
| SHA1: | DEE34BD86C3484D31002182AA2B7CAA4699126B8 |
| SHA-256: | 98B3D9D20E032F90ACA49E9B116225D539FF6FBDB7E42C3C363F63896AC03D2A |
| SHA-512: | 826225FC21717D8861A05B9D2F959539AAD2D2B131B2AFED75D88FBCA535E1B0D5A0DA8AC69713A0876A0D467848A37A0A7F926AEAFAD8CF28201382D16466AB |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id] |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1505251 |
| Entropy (8bit): | 5.600975254778704 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 331E4CD90BDAC4175C882AE8831E1797 |
| SHA1: | 7E0A5151922721D1894E0997FCDF2649F95371D4 |
| SHA-256: | C75CB2781639CD0380759E8F0E1883D1FAFDD5932FCE3D2F4B0086E9EAB9A2EB |
| SHA-512: | 9DE4DDCF07EFDBA84D1C51ECA943703D49AFC1C712DE5126BE2CDF5D405FD4189AC153ADD48B4DB50DED5298EF5FED540FB469F5D05F1A0EC73C1F2221E26B3A |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://d1x4rwm1kh8pnu.cloudfront.net/ballot/assets/chunk.409.a75bc25568239d575929.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 6697 |
| Entropy (8bit): | 4.944254898782605 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | E51CE7FE3A17D99C3ED64415D62DA0C7 |
| SHA1: | B3A50AA990596429CEF0F22A2C503A197DA49FAC |
| SHA-256: | 454D5377E2C5A6722C04453D7AB6294C309EF3422898DEFB992C30AEE2C14899 |
| SHA-512: | 135D24A784D3B05E0B9FB06A9575F47A4F574A81FD5D80BF52E814847DA437D9924506835E7EE529C3C8EF66B8FAA95106286075481E0422CF82D6AD40E3EBC5 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/promotion_contents?organizationPromotionUniqueId=def5f4ef-bf03-4d76-92f8-3cfe109469cd |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 100549 |
| Entropy (8bit): | 5.397364935838252 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D3931F95DA933F2F9B6DA3C6A4AE7C3D |
| SHA1: | 64A0001C58492CFBBE5FD7DFA560AF23D551B90D |
| SHA-256: | EC516DC31A72EC6F2D2E01D6A4E5E38D0AA7E6D4E687DEAEC53E772089A022CF |
| SHA-512: | DDF5E4E27A2995DA753EDDC31C0AF305C4DC838E2D1AE81251E1936DB2BCA02F28CEF5A688650B3E1C740B48DA4A7D0F7E245BF48C5739DB1DF2AA23AF000D71 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://d-code.liadm.com/did-004d.min.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 21945 |
| Entropy (8bit): | 7.979530312546628 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3C49A859321076C9FBB319F471E43C73 |
| SHA1: | 933328F86D641C5D9307DDA5F599B7D2481B7F1A |
| SHA-256: | FB7C4034D580E5BDBDAC4219E4C4F296F0530272849E3EFF5DF756FF585AC730 |
| SHA-512: | 8A677AD32A56A9484E840E70A386B5BFBF613E1798F8447FCC546C5836554223DE3C4D462D853EAB97CF1D1D959AE60E4EC98CF78FB4CB90919ABBC78FF3EB04 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 71243 |
| Entropy (8bit): | 5.5034069443515 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 7036C1798FA650812BD9CF90688354A3 |
| SHA1: | AC4F46865C0FC8610FE1037C9A1FB4B25B416A97 |
| SHA-256: | 8E683A0AE8FC37AEAE8FD20643FAEF0341FE5CF01C30F25F41D6BAD28B1A8365 |
| SHA-512: | 9DCADA3DC895B66DBA864B98CBE526CD5DD48492104F1EABBE7F30BC5785F8EE39E84ECCE8BE74D07E13F41EE486A9422B6C081ABC982AE5442C2F3D67C09B69 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.ack.net/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 6162 |
| Entropy (8bit): | 5.599076700545423 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 6AAAF8E11A32FD37FB419E3A4CE9696C |
| SHA1: | 1FD88F2EE4DE5422E0C344DEBEFE3F2B5ABB2592 |
| SHA-256: | 468959E93F9B4E6F07C6A8F8D0E93D8FCB37D76A8615A93EC153F5842247BA99 |
| SHA-512: | 748B27BDB7C7FA082D7BE6C69F56DC33302105784391320A5CF960531C594097BC406FD3F4690E4CF74F4016F4D56804A4296E9BD885562EB66699E1318F7000 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://50fcdbe305a9df1b1c334ddef504a003.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 37 |
| Entropy (8bit): | 3.753391122901188 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5AF3168BDCD619DD2B6215EA278D8B78 |
| SHA1: | 592FBDDCC73CDAF231E6409F2523CD7960F031C2 |
| SHA-256: | 9C0BDD97665FCF2F3709495021F97E3E082A4ABD99C903BEB1C6D021F7623278 |
| SHA-512: | 9E0F5390B5591608759F3C8F9D9D5D02C63E064B0CAED4C735285679330E083878755F8DA7E905B699BB96EC05263FDE45935D5311D8AFA934DAE82258C97E72 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 421 |
| Entropy (8bit): | 4.469025497551973 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D947EC79B2DB0B4BF98B764952BCB780 |
| SHA1: | FAB30A7AB8A3B23CDF641457C9DC6780BB4D3132 |
| SHA-256: | EC88B1B0A62CF0A13485D8AB96FECC179A1F0A678872275DAAA4320C48F9189F |
| SHA-512: | BE6C59405A009D81B72A4AC36E16E8C1FF3392AB21E36B01619500715E98A1300F068F55EAA746374E24DADEEE98E05816C7922B471B46FBE6FB710F9A510E9A |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://embed-1039441.secondstreetapp.com/api/settings?key=category_sort_criteria |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 52916 |
| Entropy (8bit): | 5.51283890397623 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 575B5480531DA4D14E7453E2016FE0BC |
| SHA1: | E5C5F3134FE29E60B591C87EA85951F0AEA36EE1 |
| SHA-256: | DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD |
| SHA-512: | 174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://www.google-analytics.com/analytics.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 70712 |
| Entropy (8bit): | 7.962472620049121 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 6296F93FA62CF7C9DAFFBB992694624D |
| SHA1: | 587AD259F1A2BA9EAD998861D0235D7694D92A28 |
| SHA-256: | 935CEB378BD9BA978D2130F6EDEAB6BBB8CF535E7A2E59C51450E0DF936A9635 |
| SHA-512: | 8E56D437BDA5CB63E23E969A911BA058C5BA87373F61881712109982D9FE424BBC28424D9D347921E78E8FBA09E8D0173F10222BEE4527E4CB313F164A1FE6CC |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://tpc.googlesyndication.com/simgad/814017094022960192 |
| Preview: |
⊘No static file info
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node