Edit tour

Windows Analysis Report
https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N

Overview

General Information

Sample URL:	https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N
Analysis ID:	1454575

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

HTML body contains low number of good links

HTML body contains password input but no form action

HTML title does not match URL

Invalid T&C link found

Stores files to the Windows start menu directory

Classification

×

Process Tree

System is w10x64_ra

chrome.exe (PID: 7132 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6212 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1936,i,38682199048825665,2872572572187740898,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

• Phishing
• Compliance
• Networking
• System Summary
• Boot Survival

Click to jump to signature section

Show All Signature Results

Phishing

AI detected phishing page

Source: https://ps6q3676.loginprotect.net

LLM: Score: 9 brands: Google Reasons: The URL 'https://ps6q3676.loginprotect.net' is highly suspicious as it does not match the legitimate domain 'google.com' associated with the Google brand. The presence of a login form asking for a password further raises concerns. The URL uses a subdomain and domain name that are not associated with Google, which is a common social engineering technique used in phishing attacks. The page does not contain a CAPTCHA, which is not necessarily indicative of phishing but is worth noting. Overall, the combination of a suspicious domain and the use of a login form strongly suggests that this is a phishing site. DOM: 0.1.pages.csv

Source: https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N

HTTP Parser: Number of links: 0

Source: https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N

HTTP Parser: Title: Google does not match URL

Source: https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N

HTTP Parser: Invalid link: Conditions

Source: https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N

HTTP Parser: <input type="password" .../> found

Source: https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N	HTTP Parser: No favicon
Source: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fhub.tryriot.com%2Fyou-got-phished%3Fd%3DQALAHQu0HO56gLnZ_CF6N&title=Loading%20%E2%80%A2%20Riot&referrer=https%3A%2F%2Fps6q3676.loginprotect.net%2F&muid=NA&sid=NA&version=6&preview=false	HTTP Parser: No favicon
Source: https://m.stripe.network/inner.html#url=https%3A%2F%2Fhub.tryriot.com%2Fyou-got-phished%3Fd%3DQALAHQu0HO56gLnZ_CF6N&title=Loading%20%E2%80%A2%20Riot&referrer=https%3A%2F%2Fps6q3676.loginprotect.net%2F&muid=NA&sid=NA&version=6&preview=false	HTTP Parser: No favicon

Source: https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N

HTTP Parser: No <meta name="author".. found

Source: https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49811 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.209.161
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26

Source: global traffic	DNS traffic detected: DNS query: ps6q3676.loginprotect.net
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: lh3.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: hub.tryriot.com
Source: global traffic	DNS traffic detected: DNS query: api.tryriot.com
Source: global traffic	DNS traffic detected: DNS query: js.stripe.com
Source: global traffic	DNS traffic detected: DNS query: m.stripe.network
Source: global traffic	DNS traffic detected: DNS query: cdn.segment.com
Source: global traffic	DNS traffic detected: DNS query: m.stripe.com
Source: global traffic	DNS traffic detected: DNS query: s3.noreply.link
Source: global traffic	DNS traffic detected: DNS query: production-upload-pictures.s3.amazonaws.com
Source: global traffic	DNS traffic detected: DNS query: eu.ui-avatars.com
Source: global traffic	DNS traffic detected: DNS query: api.segment.io
Source: global traffic	DNS traffic detected: DNS query: stripe.com
Source: global traffic	DNS traffic detected: DNS query: widget.intercom.io
Source: global traffic	DNS traffic detected: DNS query: snap.licdn.com
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: js.intercomcdn.com
Source: global traffic	DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: api-iam.intercom.io
Source: global traffic	DNS traffic detected: DNS query: nexus-websocket-a.intercom.io

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49811 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@17/73@74/347

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1936,i,38682199048825665,2872572572187740898,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1936,i,38682199048825665,2872572572187740898,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
www.google.com	0%	Virustotal		Browse
www.cloudflare.com	0%	Virustotal		Browse
googlehosted.l.googleusercontent.com	0%	Virustotal		Browse
lh3.googleusercontent.com	0%	Virustotal		Browse
hub.tryriot.com	0%	Virustotal		Browse
d2ydto3tvnoy32.cloudfront.net	0%	Virustotal		Browse
d1tcqh4bio8cty.cloudfront.net	0%	Virustotal		Browse
stripecdn.map.fastly.net	0%	Virustotal		Browse
d296je7bbdd650.cloudfront.net	0%	Virustotal		Browse
cdn.segment.com	0%	Virustotal		Browse
js.stripe.com	0%	Virustotal		Browse
api.tryriot.com	0%	Virustotal		Browse
m.stripe.network	0%	Virustotal		Browse
m.stripe.com	0%	Virustotal		Browse
api-iam.intercom.io	0%	Virustotal		Browse
d1z2nil05cdov2.cloudfront.net	0%	Virustotal		Browse
eu.ui-avatars.com	0%	Virustotal		Browse
nexus-websocket-a.intercom.io	0%	Virustotal		Browse
stripe.com	0%	Virustotal		Browse
widget.intercom.io	0%	Virustotal		Browse
s3-3-w.amazonaws.com	0%	Virustotal		Browse
snap.licdn.com	0%	Virustotal		Browse
api.segment.io	0%	Virustotal		Browse
px.ads.linkedin.com	0%	Virustotal		Browse
js.intercomcdn.com	0%	Virustotal		Browse
www.linkedin.com	0%	Virustotal		Browse
s3.noreply.link	0%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label	Link
about:blank	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
d1tcqh4bio8cty.cloudfront.net	18.239.94.128	true	false	0%, Virustotal, Browse	unknown
ps6q3676.loginprotect.net	213.188.195.74	true	true		unknown
d2ydto3tvnoy32.cloudfront.net	18.66.27.93	true	false	0%, Virustotal, Browse	unknown
widget.intercom.io	18.239.83.71	true	false	0%, Virustotal, Browse	unknown
api-iam.intercom.io	52.204.125.28	true	false	0%, Virustotal, Browse	unknown
riot-production-load-balancer-65433030.eu-west-1.elb.amazonaws.com	46.137.42.173	true	false		unknown
eu.ui-avatars.com	172.67.75.120	true	false	0%, Virustotal, Browse	unknown
stripecdn.map.fastly.net	151.101.128.176	true	false	0%, Virustotal, Browse	unknown
d296je7bbdd650.cloudfront.net	99.86.8.175	true	false	0%, Virustotal, Browse	unknown
d1z2nil05cdov2.cloudfront.net	18.239.18.83	true	false	0%, Virustotal, Browse	unknown
www.cloudflare.com	104.16.124.96	true	false	0%, Virustotal, Browse	unknown
m.stripe.com	54.218.138.227	true	false	0%, Virustotal, Browse	unknown
stripe.com	198.202.176.201	true	false	0%, Virustotal, Browse	unknown
www.google.com	216.58.206.68	true	false	0%, Virustotal, Browse	unknown
api.segment.io	35.155.246.37	true	false	0%, Virustotal, Browse	unknown
nexus-websocket-a.intercom.io	35.174.127.31	true	false	0%, Virustotal, Browse	unknown
googlehosted.l.googleusercontent.com	142.250.184.193	true	false	0%, Virustotal, Browse	unknown
s3-3-w.amazonaws.com	52.92.32.97	true	false	0%, Virustotal, Browse	unknown
js.intercomcdn.com	18.239.94.93	true	false	0%, Virustotal, Browse	unknown
m.stripe.network	unknown	unknown	false	0%, Virustotal, Browse	unknown
www.linkedin.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
hub.tryriot.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
lh3.googleusercontent.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
px.ads.linkedin.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
api.tryriot.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
production-upload-pictures.s3.amazonaws.com	unknown	unknown	false		unknown
cdn.segment.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
snap.licdn.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
s3.noreply.link	unknown	unknown	false	0%, Virustotal, Browse	unknown
js.stripe.com	unknown	unknown	false	0%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N	true		unknown
https://m.stripe.network/inner.html#url=https%3A%2F%2Fhub.tryriot.com%2Fyou-got-phished%3Fd%3DQALAHQu0HO56gLnZ_CF6N&title=Loading%20%E2%80%A2%20Riot&referrer=https%3A%2F%2Fps6q3676.loginprotect.net%2F&muid=NA&sid=NA&version=6&preview=false	false		unknown
about:blank	false	Avira URL Cloud: safe	unknown
https://hub.tryriot.com/you-got-phished?d=QALAHQu0HO56gLnZ_CF6N	false		unknown
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fhub.tryriot.com%2Fyou-got-phished%3Fd%3DQALAHQu0HO56gLnZ_CF6N&title=Loading%20%E2%80%A2%20Riot&referrer=https%3A%2F%2Fps6q3676.loginprotect.net%2F&muid=NA&sid=NA&version=6&preview=false	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
18.239.94.93	js.intercomcdn.com	United States		16509	AMAZON-02US	false
142.250.185.129	unknown	United States		15169	GOOGLEUS	false
52.204.125.28	api-iam.intercom.io	United States		14618	AMAZON-AESUS	false
18.239.18.83	d1z2nil05cdov2.cloudfront.net	United States		16509	AMAZON-02US	false
198.202.176.201	stripe.com	United States		22182	AS22182US	false
13.227.222.191	unknown	United States		16509	AMAZON-02US	false
35.174.127.31	nexus-websocket-a.intercom.io	United States		14618	AMAZON-AESUS	false
18.66.27.93	d2ydto3tvnoy32.cloudfront.net	United States		3	MIT-GATEWAYSUS	false
52.218.98.50	unknown	United States		16509	AMAZON-02US	false
52.92.32.97	s3-3-w.amazonaws.com	United States		16509	AMAZON-02US	false
142.250.184.225	unknown	United States		15169	GOOGLEUS	false
142.250.184.227	unknown	United States		15169	GOOGLEUS	false
18.239.94.128	d1tcqh4bio8cty.cloudfront.net	United States		16509	AMAZON-02US	false
142.250.184.206	unknown	United States		15169	GOOGLEUS	false
104.16.124.96	www.cloudflare.com	United States		13335	CLOUDFLARENETUS	false
35.155.246.37	api.segment.io	United States		16509	AMAZON-02US	false
142.250.185.67	unknown	United States		15169	GOOGLEUS	false
1.1.1.1	unknown	Australia		13335	CLOUDFLARENETUS	false
74.125.133.84	unknown	United States		15169	GOOGLEUS	false
54.218.138.227	m.stripe.com	United States		16509	AMAZON-02US	false
142.250.184.193	googlehosted.l.googleusercontent.com	United States		15169	GOOGLEUS	false
2.16.164.10	unknown	European Union		20940	AKAMAI-ASN1EU	false
142.250.185.238	unknown	United States		15169	GOOGLEUS	false
216.58.206.68	www.google.com	United States		15169	GOOGLEUS	false
151.101.128.176	stripecdn.map.fastly.net	United States		54113	FASTLYUS	false
172.67.75.120	eu.ui-avatars.com	United States		13335	CLOUDFLARENETUS	false
13.107.42.14	unknown	United States		8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
46.137.42.173	riot-production-load-balancer-65433030.eu-west-1.elb.amazonaws.com	Ireland		16509	AMAZON-02US	false
18.239.83.71	widget.intercom.io	United States		16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
13.33.187.98	unknown	United States		16509	AMAZON-02US	false
213.188.195.74	ps6q3676.loginprotect.net	Italy		25400	TELIA-NORWAY-ASTeliaNorwayCoreNetworksNO	true
34.226.97.248	unknown	United States		14618	AMAZON-AESUS	false
35.81.90.104	unknown	United States		237	MERIT-AS-14US	false
99.86.8.175	d296je7bbdd650.cloudfront.net	United States		16509	AMAZON-02US	false
143.204.98.44	unknown	United States		16509	AMAZON-02US	false
142.250.185.74	unknown	United States		15169	GOOGLEUS	false

Private

IP
192.168.2.17
192.168.2.16

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1454575
Start date and time:	2024-06-10 14:55:58 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	14
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.phis.win@17/73@74/347

Warnings

Exclude process from analysis (whitelisted): svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.184.227, 74.125.133.84, 142.250.185.238, 34.104.35.123, 199.232.214.172
Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information

LLM Input / Output

Input	Output
URL: https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N Model: Perplexity: mixtral-8x7b-instruct	{ "riskscore": 0, "reasons": "The provided JavaScript code is not malicious. It initializes some variables for a Vue.js application using the Nuxt.js framework. The variables contain configuration data for louserzation settings and application paths. There are no signs of phishing, redirects to unrelated sites, or other malicious activities." }
window.__NUXT__={};window.__NUXT__.config={public:{IGNORE_BOTS:"false",i18n:{baseUrl:"",defaultLocale:"",defaultDirection:"ltr",strategy:"prefix_except_default",lazy:false,rootRedirect:"",routesNameSeparator:"___",defaultLocaleRouteNameSuffix:"default",skipSettingLocaleOnNavigate:false,differentDomains:false,trailingSlash:false,configLocales:[],locales:{},detectBrowserLanguage:{alwaysRedirect:false,cookieCrossOrigin:false,cookieDomain:"",cookieKey:"i18n_redirected",cookieSecure:false,fallbackLocale:"",redirectOn:"root",useCookie:true},experimental:{localeDetector:"",switchLocalePathLinkSSR:false,autoImportTranslationFunctions:false}}},app:{baseURL:"/",buildAssetsDir:"/_nuxt/",cdnURL:""}}
URL: https://ps6q3676.loginprotect.net Model: gpt-4o	```json { "phishing_score": 9, "brands": "Google", "phishing": true, "suspicious_domain": true, "has_loginform": true, "has_captcha": false, "setechniques": true, "has_suspicious_link": false, "legitmate_domain": "google.com", "reasons": "The URL 'https://ps6q3676.loginprotect.net' is highly suspicious as it does not match the legitimate domain 'google.com' associated with the Google brand. The presence of a login form asking for a password further raises concerns. The URL uses a subdomain and domain name that are not associated with Google, which is a common social engineering technique used in phishing attacks. The page does not contain a CAPTCHA, which is not necessarily indicative of phishing but is worth noting. Overall, the combination of a suspicious domain and the use of a login form strongly suggests that this is a phishing site." }

URL: https://hub.tryriot.com/you-got-phished?d=QALAHQu0HO56gLnZ_CF6N Model: Perplexity: mixtral-8x7b-instruct	{ "loginform": false, "urgency": false, "captcha": false, "reasons": [ "The title and text of the webpage do not contain a login form requesting sensitive information.", "The text of the webpage does not create a sense of urgency or interest by using phrases such as 'Click here to view document' or 'To view secured document click here'.", "The text of the webpage does not contain a CAPTCHA or any other anti-robot detection mechanism." ] }
Title: Oops OCR: Google Inc.noreply@gpolge.com En votre absence, Laurent MOREA.. IT HAPPENS TO THE BEST OF US. You just got phished but don't worry, this time it was just a drill. O To help you stay safe for the real thing, we've got 8 practical tips to share. This exercise is sponsored by SecurityTeam. We're here to help so don't hesitate to reach out the hotline.

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jun 10 11:56:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.986868072907116
Encrypted:	false
SSDEEP:
MD5:	EA8C898E049EB03EDEBBC3D4907127CE
SHA1:	299637AED28A2A76F5CB9F1E5E5B568B5B105E8C
SHA-256:	832F582527E2BB30C4F5425A3233F043CB929DE127FA411D84A5C0DAB2BB5000
SHA-512:	1A5180FE82741FB5311AD528FF08C262FE5FF047F07D57D1CBBF5535CCF5B263BA7BD9BE767397CC005D715724E1073D94AB87732B0E42CC37E7D0AEC96A9C72
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....,v.5...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.g....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.g....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.g....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.g..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.g...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............m......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jun 10 11:56:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.00214142514924
Encrypted:	false
SSDEEP:
MD5:	15B0B2C70EBA061874466122CBEB09CA
SHA1:	497FB00648BC96F475529DA43800C5A1A4FF3662
SHA-256:	D4428C1B3B45306468FD51A9DADBFBAAF0CEDB2E40742B9954100EF3B33190ED
SHA-512:	589C41042697C705CF8C8431E8AC937C959473F8F7643AE6171A4D2F959A214ED91B01DD9A2C35697D696FC920DD620449139FF10631AABBB6AB2578D0F474E8
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......k.5...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.g....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.g....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.g....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.g..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.g...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............m......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.009278004216035
Encrypted:	false
SSDEEP:
MD5:	7C71EC6D49508E5DA987A433CC4A8058
SHA1:	7FCDE3122C1D2393B905DA83ED8091B9C9F1D84E
SHA-256:	089A58E4AA092C6C86B7C2B7688D3A5836993AE3691A9CD133A1AAA76D4DD417
SHA-512:	797F148C5786099BABFF7AE4FE428D0B22E79DD1E8D46DE7E2B8A6A7EAF94C33DE88240A4BFD0D7D806F744A38DE00EAC96ACA9A1E2E7448C0AF16B110FEE213
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.g....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.g....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.g....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.g..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............m......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jun 10 11:56:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9986610174865884
Encrypted:	false
SSDEEP:
MD5:	4A3F5A75BBC8FFF139BE05164F8EF78A
SHA1:	3125A75C42EEAD532FF75E49E667BB9807009D2B
SHA-256:	B89F1790A471C972F946AA14B4B13B229365F23AF814A3A79DD0295DF76EFB15
SHA-512:	7D695C18DE68CBEA67E590C1B79C6BA3DE5EDB9411C8E940B6A377B195147B9AE714CC2D575D2CE634979EBE597A5FCECF8FD2D162770B5F2D68023E42DAED5D
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......e.5...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.g....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.g....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.g....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.g..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.g...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............m......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jun 10 11:56:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.987564696625195
Encrypted:	false
SSDEEP:
MD5:	7800AF368C7CC8D7B90D831201F32153
SHA1:	42BA76EDC0F2E3BA848DC97BC6218A53723BF9B9
SHA-256:	5D963FBCDB6FDC79345162D870DEF9B3CE4A0BE8850C718B97B3F18FD97E067F
SHA-512:	22D657E856CF3E07AE0D63E61C2E5891260B25BC2141EC05AF73572E73C68A86311A5484B98254B2C119A4DA6A440ACD7A7CCB8EC870FB535824572AB0D85FDF
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....[.p.5...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.g....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.g....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.g....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.g..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.g...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............m......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jun 10 11:56:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.996747981796312
Encrypted:	false
SSDEEP:
MD5:	9F82DE743D19A7280556ED38CE206499
SHA1:	1CE3C6F34357DF6A21C973FF08E9F4E43B7BFB34
SHA-256:	698A4FD7F603EEB49666A2D7D9517F3846D4A75C1752FF66E5E49B6267AA75A2
SHA-512:	73FB080B221F20B45B703677BBDEACA7A9B696A8ED51AA909DA1C22B298B5507EA5E660899464FAA28A0ADE392D9A205B58A7F8E0565FD5EB8B607BB8A8617BD
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....\M].5...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.g....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.g....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.g....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.g..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.g...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............m......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 100

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	360
Entropy (8bit):	4.476986390018692
Encrypted:	false
SSDEEP:
MD5:	685A574CB7B4B1EB749FD5327422A9FB
SHA1:	38B65868F6DC822ED217FA1D6AD49427B0E871F2
SHA-256:	E302B643AC7A6E1F1F8AB02B6C5605654B057AF967920B7FF686CEA8A144663D
SHA-512:	B49B593BC6AD15CED696257F8A757C47909D1D9E60835BE90C1421F2C48BE34B66CC217B5FC0B761496B573BC862D18569D7A1AB3A7184B8C5242F29D516513F
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/site.webmanifest
Preview:	{. "name": "",. "short_name": "",. "icons": [. {. "src": "/android-chrome-192x192.png",. "sizes": "192x192",. "type": "image/png". },. {. "src": "/android-chrome-512x512.png",. "sizes": "512x512",. "type": "image/png". }. ],. "theme_color": "#ffffff",. "background_color": "#ffffff",. "display": "standalone".}.

Chrome Cache Entry: 101

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	127
Entropy (8bit):	4.4298332085731005
Encrypted:	false
SSDEEP:
MD5:	DE5ACD084A938B27CECD8B9CC18B99F5
SHA1:	D74402B069000D2708B3E54AEE72166266679687
SHA-256:	2A326D7DB7800CBDE0346DD7110D3B0D93E963712F9DA8BBCDC1C51C3ABDDCD1
SHA-512:	F7DE6778C1FA85775F30435D5FEFA6CE096EEB2BDC415F62AFA6A5E9F8D9F2FA4BDCEFE3C6BA6450DFFDF19D261DF8D5613399BF7C598E78169AA709390C5ABA
Malicious:	false
Reputation:	unknown
Preview:	{"url":"/api/attack/event/page-opened","statusCode":404,"statusMessage":"Page Not Found","message":"Page Not Found","stack":""}

Chrome Cache Entry: 102

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	1117
Entropy (8bit):	5.031875006986189
Encrypted:	false
SSDEEP:
MD5:	407D54ADE44EAB5E1D6E6758AC86E441
SHA1:	1F2E78112A470982C491163B5EB3A81D5DD580D5
SHA-256:	0056736DC6C938CEF617BEC08A9B6D47418A305AD2127D9EA673E9D6C8847F0F
SHA-512:	E744FE71A64F9A0517130479B004CD3150DA479F459F4D0504B9D5E242223C88940D344C4357BAC8AF22E481FAE964C10E4163DE0C5DD070D531750C720DB957
Malicious:	false
Reputation:	unknown
Preview:	{"integrations":{"Intercom":{"activator":"#IntercomDefaultWidget","appId":"ojy6gxax","collectContext":false,"mobileApiKey":"","richLinkProperties":[],"versionSettings":{"version":"3.1.0","componentTypes":["browser","ios","android","server"]},"type":"browser","bundlingStatus":"bundled"},"LinkedIn Insight Tag":{"partnerId":"3663316","versionSettings":{"version":"1.0.1","componentTypes":["browser"]},"type":"browser","bundlingStatus":"bundled"},"PostHog":{"versionSettings":{"componentTypes":[]}},"Segment.io":{"apiKey":"ERl6L9mGvXaGhBGfTdHsweKd2jJpGNDH","unbundledIntegrations":[],"addBundledMetadata":true,"maybeBundledConfigIds":{"Intercom":["5fcfa7db5f15695b8e775de9"],"LinkedIn Insight Tag":["61d47ff31a3a239cb830f893"]},"versionSettings":{"version":"4.4.7","componentTypes":["browser"]}}},"plan":{"track":{"__default":{"enabled":true,"integrations":{}}},"identify":{"__default":{"enabled":true}},"group":{"__default":{"enabled":true}}},"edgeFunction":{},"analyticsNextEnabled":true,"middlewareS

Chrome Cache Entry: 103

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 155008, version 3.19
Category:	downloaded
Size (bytes):	155008
Entropy (8bit):	7.985376268069565
Encrypted:	false
SSDEEP:
MD5:	8BA72229BB86683870FA2481666D7E8D
SHA1:	9AA0857DF8916EFD7536F02F4039A3205ED44931
SHA-256:	8DE63F4BE4CB63616AC0FC3FD43F749FCA0FA0A4A85E5124719DA28501AFCEC5
SHA-512:	55431A005C68CB295E7FD9B88FBCCC25996DB6F9E06E923F929DDF4C78C93C0F429F2CC3C458730795D2CBB3C2A4D5EA963DB0CB9972A9A562FA62B85D07D106
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/fonts/Inter/Inter-Medium.woff
Preview:	wOFF......].................................FFTM..]d............GDEF.............7.SGPOS...T..\|...t.2..GSUB......,.........OS/2.......Y...`".nGcmap.............bbgasp................glyf..9L..L=..,.\|...head...l...6...6-.aZhhea.......!...$....hmtx...D......'..h.Iloca..!....I..'....xmaxp........... ....name...........r..1post...h..B..d.....prep.. .........h............nt._.<.................UP....\|.j..............x.c`d`.Z.7..A..../.d..."...........x.c`d`...0.........C.....4U.....x.c`a.f........6....2.f..p..H31.23.(...L..........!(.7.......\+.F00p.`Z.....cc..Q..<.V4.....x..Z.tTU..Uo~U..024..6...+~..C.&....5....4.AP.1 .EA.h.Q..c.y...AAE...A.Q1......D.....C....^]k.u..;.s.......i..W...O...V..XM0....Y.#'8...6.Vz.d.%\|.+`j.`........l.@.q%.......MV[.Qf.B.9......_....1......1.-.\|...\|..>...(7..,.E.}..'YO.`+.......=1..m..H..\..uO.[..1..`.Fw.Qt.,,.^n.5s?}...n4.~4..,3;c.y.c_.i.9.xL.. .,c9....,..x..r..2J.y."./#e?..J./0]?.i.L.uD..1z..1L.f#,..7..2.....x/.w...Xa&....H0.c.ys .

Chrome Cache Entry: 104

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (45026)
Category:	downloaded
Size (bytes):	257317
Entropy (8bit):	5.47979275995746
Encrypted:	false
SSDEEP:
MD5:	4B91BF2AB4A14B8883D6544AA5F16422
SHA1:	751DB6F208CED46E0C70D090C1E0E95755C119B2
SHA-256:	11F26A0D8C05A68F5B61663DEC46EE10626456AA6892FBB8141B391F47AB7187
SHA-512:	A12FDF67C41372F0708FA55D02EB15B4CA4C71F900AF358EA31168E3F148F32C5F28D87F75CEF6E4CC36672ABC4B0F4D935349D750EF6DCD8BAF1F00DC8F4448
Malicious:	false
Reputation:	unknown
URL:	https://ps6q3676.loginprotect.net/_nuxt/CggZbbro.js
Preview:	function __vite__mapDeps(indexes) {. if (!__vite__mapDeps.viteFileDeps) {. __vite__mapDeps.viteFileDeps = ["./5yAEUTJE.js","./BFCZNSbT.js","./fCt9Ho7h.js","./DlAUqK2U.js","./360learning.gIrROL0l.css","./LGd2SYQF.js","./Ovh.C4HyRxxg.css","./TBD-tZtF.js","./G0qnDv74.js","./CWbduFA-.js","./adobe.0XVUK8Zb.css","./kmC8tFm0.js","./adp.AmXS8Sa-.css","./DUsPnQGL.js","./agicap.Dqw0XI6K.css","./BgqfVHn_.js","./dgv1YBMV.js","./rUzqbkox.js","./Dk7Zh_zB.js","./BOmOdOca.js","./airbnb.DDsPsCwb.css","./BCLVQklz.js","./aircall.DIpylFmp.css","./BQNztC15.js","./CyiZ1v4L.js","./airtable.TC6QR50S.css","./aYhKjAVL.js","./alan.DpORwRFc.css","./DVghKkvc.js","./amazon.c9F91WMs.css","./BXt_gpUZ.js","./CoxKY4ry.js","./ameli.CxMvt7us.css","./BP-yDF5o.js","./DhKghFgl.js","./DkZ_nGBk.js","./apollo.BsYw9zFF.css","./LUjsHjJd.js","./BW8P5D8b.js","./apple.tmXSGkqG.css","./Bb83_VUD.js","./armado.C8zV3omP.css","./R4XV2gQS.js","./asana.BLipd-yJ.css","./C2jI_fzj.js","./atlassian.BlpsUjKl.css","./2aZLdBrw.js","./aws.Cn8

Chrome Cache Entry: 105

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 58404, version 0.0
Category:	downloaded
Size (bytes):	58404
Entropy (8bit):	7.991419001727381
Encrypted:	true
SSDEEP:
MD5:	A66ADA8EB5C6202318D8949220148150
SHA1:	5D007E4A1EEB052327524BA1EFA27D6B5833C0BD
SHA-256:	12A747D3BE3001F7FFFE99DA84D4C4EF9CC7B843CF607A26483B7E5E57836218
SHA-512:	E24F74F5FC6D48E4DE38E3E8ACC9B7E3E1BE35F5A039E5D13984127641A2028BAF230A40DDBB76EFF965B219ED880F5DA5F232AC02AF4DBE46747BD9FFAAA6A0
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/fonts/Fellix/Fellix-Medium.woff
Preview:	wOFF.......$................................FFTM..............q{GDEF...<...S...j.O.PGPOS......<6...l...qGSUB.......?...Ri..dOS/2.......O...`u..Xcmap...............gasp...4............glyf......w....\|.62Yhead...X...6...6.`..hhea.......!...$.(..hmtx...$.........#..loca.......H...`....maxp........... .x.Rname...,........n.@.post...$........K.t........G..._.<..........k.!......tQ.!.F................x.c`d``..o2.,..?..Nq^g.. .f.....2...x.c`d``.g.g`g..& f.B...0........x.c`a.e......j.r...a..f:.....3.1..;......cp`.U=.6..d.Y........Ar./...).......6.x...h.G..;;.w.AB8.1.....rH.#.9.j.kb.. r...`%..Z....""rH.......DD$H(U.P.J.B..u..i....M..7..q........7....u..?E...St.+H;.H..wn#.D.:...A...n..E. .\...R.c..L.D.z.o]h..H.A.n.Gz-.......`9a.hD.....Q...4...s.0rN.)g?r...!.6.~.9.>rj/...t...o....H.E...h....g............<.94.>d.M...*..i.:..>.z....M......Ly.Y+..+.M..S.Fj...T0...C...,W.8N..Q..1.........~q........{..h..i..q>@.^....)..w........H..n.N...P...Z8.s..... m.C.....ZT.QTF."f?e.....

Chrome Cache Entry: 106

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	78
Entropy (8bit):	3.9920503104173806
Encrypted:	false
SSDEEP:
MD5:	B9A31D3949B1882A09ED2F8508D538F3
SHA1:	1C4FB4A004AC374AE735C210F8560BE0DCE354AC
SHA-256:	560A481D94B94BE28E45A6EE498682F92B2EB99F8F6F5956C9AAD969F61EE5E5
SHA-512:	2F13BAC82A699ECD16AF4049FA8C5F35FF85B736025F576CA5A8A690C561E4803D85578FE449B18A95CFCA2791200A3A6EBB9602D7D12219975BEDB48360E1EE
Malicious:	false
Reputation:	unknown
URL:	https://ps6q3676.loginprotect.net/favicon.ico
Preview:	data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7

Chrome Cache Entry: 108

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	310
Entropy (8bit):	5.398129477811427
Encrypted:	false
SSDEEP:
MD5:	07A8025E1F11E9B9E55C3DF92C09F50F
SHA1:	01D80E0AD49479C86D13F1878B33BBA15D3BEEBF
SHA-256:	C956352189E88D145C92F399970DADD720F82E1247CA8571490CEA7A20A20DE3
SHA-512:	FD05572F80AC131BA369556282FF0944D2A8FA24259263AE77409E2757633C74D15A2846BC64ACFF8E984151733878192C2A17910338A462AF074CC3FCD27F5F
Malicious:	false
Reputation:	unknown
Preview:	fl=724f85.h=www.cloudflare.com.ip=173.254.250.91.ts=1718024193.356.visit_scheme=https.uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36.colo=DFW.sliver=none.http=http/1.1.loc=US.tls=TLSv1.3.sni=plaintext.warp=off.gateway=off.rbi=off.kex=X25519.

Chrome Cache Entry: 109

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 504364
Category:	downloaded
Size (bytes):	155659
Entropy (8bit):	7.998128329219656
Encrypted:	true
SSDEEP:
MD5:	CDECB5E988D44AAAFF78DA70724BC53C
SHA1:	861CBD6C6CCA4BA33748E099B6FFA0BC53DBA91C
SHA-256:	DBDAB9B53B1BBFFFEC2E4B53E7AFF560A9EC93C8CA364C456459D53D469AEEC0
SHA-512:	4BD31FE1D33FA4906DE053E922C1D428B94C914E279AE0A3A495587084AA78D01AB89746B7BEEC5CA0FC1A4399C39E6FCBE389B64ED4172D9043FACBB8A16761
Malicious:	false
Reputation:	unknown
URL:	https://js.intercomcdn.com/vendor-modern.2795e86a.js
Preview:	...........y..8.(....6O....$[^.0:Y..N.L..2j..%B....&).jS....@......ozb..Q(..p.l..m.....1..i.-............[.....E.(hv......i..7.{}......'{...}.c..{q......\|..zA.I....._.....\..>...;..p~r.jY:3.30.......D.$.zA.....C.m...."{..&8..x..=.3....;.>..Os......eD....-..f....Y2.'M^.2~...f..ko.{..J..-...m.....,jN.(N^.=..c..g.oePh.=Tk3.:x...0.'0LQ....I....%c..^.....a.b.T.xN,l...c.Dv...0.0(E.<.m ....S...y..=$...U.b.Z...8`.`..[>mXK...f.z.KVQ..4..7r.V.>....d..&..".+.....^.Z.....a...RUz._...'.....D..t.3..8..L3.>.,y....W..5.I.C...2.$..&..}[B../..h.O...g. &..K}..4...X.4.... .LH4.-...K.....2..g..!&.N....Pm.Xb.......[i...Y..^.C6.K.....2H....P....[...g..h...L...i.5'q.a...8....Ck.e>......$F5..rS.V.J.rXJL-.S....A.X......a...V;Nj..l..fh.p.y...c_.....4....N..4=.j..........n........f....y.X.3a:...\|......_..(y&.<- P...I!..h....[.8..<u.h..DRU.%...n....."9..#.7.5-..........V..b.3.0L....j.&.4+2..-c+4'8..d9&P~f..I....0yO-..5Z...}_...z7...?.....\|...f

Chrome Cache Entry: 110

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 58660, version 0.0
Category:	downloaded
Size (bytes):	58660
Entropy (8bit):	7.991533100273717
Encrypted:	true
SSDEEP:
MD5:	EE7CF122DE6149EC1FDE7A6A4D0721C9
SHA1:	5C32B4A0E37B62DBB419E850F19D39DCE7BB4D28
SHA-256:	E68F156B7B9F9872CCBAB33EF8795C2F24649101D6BA008052C4398DAE2C8150
SHA-512:	113D285B608A7B412006428CD9545758008DF2DA9993D37726AFEF1D5E4BE0F27E6B479FC396882CF55C7960E18ED7940CB3E5006B088049CEFD79A72119A8F7
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/fonts/Fellix/Fellix-Regular.woff
Preview:	wOFF.......$................................FFTM..............q{GDEF...(...S...j.O.PGPOS......<I...l92..GSUB...\|...?...Ri..dOS/2.......N...`uU.5cmap...............gasp... ............glyf......x&.....].head...X...6...6....hhea.......!...$.R..hmtx...$............loca.......H...`."..maxp........... .x.Qname...@.........1.Mpost............K.t........G.MP._.<..........k.!......tQ.B.J................x.c`d``k...8......o..".Y...D.....x.c`d``.g.c`g..& f.B...0........x.c`a)a......j.r...a..f:.....`.....z..180.gk...8.C..R..a2H..... .....a.....x..]hTG...;w..P$..h..I..!.....P......Ad.!,K....PSE.,..%....t.."A$..B.~.!h.X.. ..H...mZ0...3{W.5j..~.....{..9g&.;.......G.V.......... e.#..!..T..Ck... R..N $s.z..q..'h.1...].F..*..M.<J.....F1..Q..=..3\|.F........g..}H.Z......HsnZ..;..?..Y.=E=...sz.3....1........2..i2G.^....u..\|O\oF....#BR..hD.".FPb.W..at...Y.v.m.X..!....\|.Y4.i..6...rk.v....F.AE`...4...K.{.......h.....Y.....5....E...N+b..j..R%Q.Nc.Y..m.c..w>.........E.s..5.`..}..

Chrome Cache Entry: 111

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	82
Entropy (8bit):	4.383594884337988
Encrypted:	false
SSDEEP:
MD5:	2ECE426E3900FA6EBAD39380AEAA2539
SHA1:	24C4E875361BC77874B005F816D160223DC68B46
SHA-256:	E4CE65C3A33FDF0AD73B34857BFF62AF3A6187509551AFBFECBA345FEA02BF55
SHA-512:	66A11A88F239BC8AD325671B2EADDFE0F88CC1EFDD4FA08E83D2FCA2E615DB4A101B935AD89F274B606F0C6DFF41BE575708268E8FB34F897EC28F7D8024BC65
Malicious:	false
Reputation:	unknown
Preview:	{. "success": false,. "message": "malformed JSON",. "code": "invalid_request".}

Chrome Cache Entry: 112

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	11297
Entropy (8bit):	7.934872972698637
Encrypted:	false
SSDEEP:
MD5:	857714D85B243F3F4CD118C829CC6856
SHA1:	A5F8D323CD91C386445F5F9F86C626881038E808
SHA-256:	8FDD2C40144EE08C710C030B5CE66676DAB30F09EE243CECA201452F6CBC9719
SHA-512:	84C133B5833AE09269987E43A73215C8A7CED7EF93722E10846B20F29928F164D610D8974D3594C2A65041D1112A31A199D1D3732B49B5139E9AE652DA5C02B7
Malicious:	false
Reputation:	unknown
URL:	https://production-upload-pictures.s3.amazonaws.com/workspaces/profile-images-upload/25187e84576484bb5e339b7db487ff89b7d86ec4336373e1bb34046db605ae0b?v=1716976141475
Preview:	.PNG........IHDR.............>..z....sRGB....... .IDATx^.}.x....{.{.I !....(xA."^...A......). W...R.l.BU.......(!$@.......}k.L8...s...............k.{....{Lh1.....F@..&&.4.Y0#. .$dC`.$#.$......0.......0.%+..3.LB..F@2.LB..`....m......P..X<#.$d.`.$#.$......0.......0.%+..3.LB..F@2.LB..`....m......P..X<#.$d.`.$#.$......0.......0.%+..3.LB..F@2.LB..`....m......P..X<#.$d.`.$#.$......0.......0.%+..3.LB..F@2.LB..`....m......P..X<#.$d.`.$#.$......0.......0.%+..3.LB..F@2.LB..`....m......P..X<#.$d.`.$#.$......0.......0.%+..3.LB..F@2.LB..`....m......P..X<#.$d.`.$#.$......0.......0.%+..3.LB..F@2.LB..`....m......P..X<#.$d.`.$#.$......0.......0.%+..3.LB..F@2.LB..`....m......P..X<#.$d.`.$#.$......0.......0.%+..3.LB..F@2.LB..`....m......P..X<#.$d.`.$#.$......0.......0.%+..3.LB..F@2.LB..`....m......P..X<#.$d.`.$#.$......0.......0.%+..3.LB..F@2.LB..`....m......P..X<#.$d.`.$#psHh.y..M\|;=....).&v......;(.l..A.....&n...Ei...J.F..........Ti....7.:?.........%........l.7F..#..9....X...M..x..@.

Chrome Cache Entry: 113

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 2207
Category:	downloaded
Size (bytes):	1062
Entropy (8bit):	7.777847508659921
Encrypted:	false
SSDEEP:
MD5:	E3B346A4F0B35B7FF884730F4C61CD2E
SHA1:	DF4050CE0E0F7AE7E37CE6E0290E4817FF9595D0
SHA-256:	0CBEE3E3F7123D4B0E5D9A72CE33548B3F6DD4141B83EF4506770A92D880DB8C
SHA-512:	08342B70A65A9FB908F545627503FE34564EB3032367294ED239EF058AB32F4DEEBC5533F831F3BBB58CDB5310BDC7F95414AD027BB596CD2859520FE8F210B3
Malicious:	false
Reputation:	unknown
URL:	https://cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz
Preview:	...........U.n.6.}.PX@...m.....K..".../.`..m3KS\...u....f'.........{...>;UR....gR;...3..?..N.E..H...r/+.&_.(.IQm....bV^.....</.w......<....7./.m.j].........:.U.s...0(g....a..D....n#K81Lg....D..<'......2T.....x..sf."'..;Qxjl.+.3.n........w..J%..8....q...v.$l.1L.M..FRG5~..X0....?.Zpq...t5 .+.6r......l.Pn..%.....p..7ch`3F.......lj.~..Lf:'..L!~..\.A... S3..<..0Ve5. ...n,.$uF.B$...0.'.:...H..7m..!.._^...!)#b..)W..4...k*.6......#..sM..dF....i.....X..D..C....g..[.....2..Q..M..sZ.%~x.s[...b.h+......J...Z..hp....E..Kt.ByT...n..T.w_..J..........%.,U.9.P......%e.X...j'.....~..Y.C.Bj=...X...)....j.Bl...q...K....=....~j.p0..K.K..Ap.k...w^x.............O=.L.=KFw.."j.......:v..1.R.lj......7Z.=.f...X...&.#.>...IJz.W.MP.6.C...a...{.4....Yh...#.}.P`..[..R....n.4....%.......H..X....d..0\;V?..$C....L{.K.a?...v".)..L;.........G3?.:...i.....y.A. L+..D.[.....Ap..(9.r...G...m.7n>.8...Y....(`.;.......n......_....S.VGy.Zz..G......zP.......,...(..^b!K..&i....

Chrome Cache Entry: 114

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	778
Entropy (8bit):	5.452256948179536
Encrypted:	false
SSDEEP:
MD5:	C1A708ADD7E83730F6FCDA6E8E1516FF
SHA1:	D3560495FC4260D2EE4C529D7C9F51C7BD9A6373
SHA-256:	597C33A104DB00D280504868DCB54999FCDD52F6E6610637A778F837BFE372CA
SHA-512:	BCEA309294F5E32E82BD1CFEC7F57706F15969B03064644C7AC9D6B5827C9941B9D0D118F80D853BEAD7283F9CEB94EBF21A295542E3C71A294D6DA9FD876910
Malicious:	false
Reputation:	unknown
Preview:	{"id":"cf6d3676-eb21-4a30-912e-35e4346e8023","apiUrl":"https://api.tryriot.com/v2/graphql","templateTypes":["CREDENTIALS"],"employeeEmail":"clavaysse@norauto.fr","employeeId":"00781367-af6c-43dc-ad1b-6b95067edb05","employeeName":"Clement LAVAYSSE","employeePictureUrl":"https://lh3.googleusercontent.com/a-/ALV-UjWdhMY27jeZdmtse9KpiWfaUF7MewyLIrUWXiBETGj7wTJrB6FK=s96-c","employeeLocale":"fr","isFromQRCode":false,"serviceId":"google","url":"https://ps6q3676.loginprotect.net/api/attack?d=QALAHQu0HO56gLnZ_CF6N","isRequestFromFile":false,"shouldSimulateLoading":false,"workspaceName":"Norauto","workspaceProfileUrl":"https://s3.noreply.link/services/logos/google.png","redirectUrl":"https://hub.tryriot.com/you-got-phished?d=QALAHQu0HO56gLnZ_CF6N","openPageRedirectionUrl":null}

Chrome Cache Entry: 116

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (8012)
Category:	dropped
Size (bytes):	2243656
Entropy (8bit):	5.121705709383111
Encrypted:	false
SSDEEP:
MD5:	78AC49373C8E33795829A987CD040D51
SHA1:	F574250ABD531614AA9A301DB64FD505BE0EB5B9
SHA-256:	0636FC1D98B6093BD7ED95D2B77A7A4C9270D5AE5F49BFEF1C198316EEA7E862
SHA-512:	426CD1AF1F106EDB2AA18692FC903E24E190B77B01EDDD75847F2CA26C8CEBE45FA1A1D74FA8164A2D1A4181678E1B75F87E4D523672F24900178F158D616A23
Malicious:	false
Reputation:	unknown
Preview:	<!DOCTYPE html>.<html. class="MktRoot". lang="en-US". data-js-controller="Page". data-page-id="Home". data-page-title="Stripe \| Financial Infrastructure to Grow Your Revenue". data-loading.>. <head>. <script>window.__capturedErrors = [];.window.onerror = function (message, url, line, column, error) { __capturedErrors.push(error); };.window.onunhandledrejection = function(evt) { __capturedErrors.push(evt.reason); }.</script>.<meta. name="sentry-config". data-js-dsn="https://7cd38b0eb2b348b39a6002cc768f91c7@errors.stripe.com/376". data-js-release="a6869cb06d8cb5f58be2e6e7bbc1a7e432b873cd". data-js-environment="production". data-js-project="mkt".>.. <meta name="experiment-treatments" content="wpp_site_header_nav_redesign_full.control.ursula.9b7c372d-3e14-41ba-ac56-711226d64a4f.a,acquisition_top_cta_change.control.ursula.56419ad1-9ed5-4b2c-830e-a7ffd28b1423.a,wpp_homepage_title_copy.control.ursula.065d9388-2f26-4ce6-b08a-0823c189a5bc.a,acquisition_sticky_nav.treatment_ful

Chrome Cache Entry: 118

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 58476, version 0.0
Category:	downloaded
Size (bytes):	58476
Entropy (8bit):	7.990626898166362
Encrypted:	true
SSDEEP:
MD5:	A2CB9CEAD5E85EE282DCB48B71152F07
SHA1:	08070C4CA0A9038B2241FF4D25B255BB11D24F3D
SHA-256:	14CE4B5954A22B81588A1918F27FD18FB4A64CEEAEDD4586475B84B7341A9AA6
SHA-512:	615865AF01C2E043FF00170D63F356292CA7C58B2560A742DE8FF9A7F76E512C002A6270C30A52ED9DD2BDA9D2041D224AB533580AB363F2A622EC07B448478E
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/fonts/Fellix/Fellix-Bold.woff
Preview:	wOFF.......l................................FFTM...P..........p.GDEF...T...S...j.O.PGPOS......<g....q...GSUB.......?...Ri..dOS/2.......O...`v...cmap...............gasp...L............glyf......wd.....SX.head...X...6...6../hhea.......!...$....hmtx...$..........z~loca.......J...`....maxp........... .x.Qname...t........m.B.post...<........K.t........G.._.<..........k........sN...-...B............x.c`d``..o......g.-.\...A..:..T.k...x.c`d``.g.c`g..& f.B...0........x.c`a.........,...,..t.!.)..g.`..v.$........z.m.M.38\|.....&..._..d..r.....;.x..mh.G....[BZ.C.i\|k%j....H.B.[.&i....B8. ..AJ.Q..R.}H......RR$.....l0.Jb.."....""-......i....?.3.3..<.3/./.,..@.6.K\|..AY..\|M.bw.NK.u:.V...3.Z'm.T.1CR.&d...lU_.{.S)Uc....YR-.T..uY....Mm._..hZ....R..K.3$uN.....vw9.>i.<......'....:.c...<.v5)g...%.-......P#.<&...eM.fu...rK.5.._.....j.H...'~.>......S.....9...g/...%mW0N?.D..\|.._4.....R.{L...b........./.U.qVJ.}.o5J.5"+...Q.........{.e..I.$.WC..fy..{/....u.ow.K.. ..Z.YM.~...!.

Chrome Cache Entry: 119

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	406
Entropy (8bit):	4.845991472180285
Encrypted:	false
SSDEEP:
MD5:	2FD0A1D014E411AEEA2D5DC41CEBA835
SHA1:	1D40892B0950BAB0B918D69A2671F477E1CE9D1C
SHA-256:	F65C7AC74F7050B8B26C6C67B39D4A4E0D0B2DA89AF7B2667462FBCC1D50743B
SHA-512:	B0600572283A04D0104AA144E9484B94FDE0A158144CC4F6BBB74FE9F270B9FD687945969C184978E79C1FB6E0B0B931E7759B1FC021B96D2FE7428059D62429
Malicious:	false
Reputation:	unknown
Preview:	{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}.

Chrome Cache Entry: 121

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max compression, from Unix, original size modulo 2^32 71723
Category:	downloaded
Size (bytes):	21911
Entropy (8bit):	7.990284604228861
Encrypted:	true
SSDEEP:
MD5:	C467A63B2E7C3A99BE423ACE649014D8
SHA1:	91A3CB3EBF4F3996512A740FC202E1803828594F
SHA-256:	D070E8B363B2CB1BC55B94F1612A1AF673155DF31773E992007F8952E3661EE5
SHA-512:	956B41FC42B9C3C4E161AF37270D3EAEA9E5936B4A99685727235BF9A46BF05ACAE5A64A4EB9A305EBF1ED5F752DF8FB9912626765DEBF1EB82839DF2124CA92
Malicious:	false
Reputation:	unknown
URL:	https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Preview:	...........i{.8.0...........dFo.N'=.N..>.E.%.b".j...X..~....E.2..<.L."A.P...B-.......5.Xx....a...xs..E....K.0pw.Z..N}....`...[...e..N.......,rn.e.+q.........^yQ..I=......vz.O.QPi....3.\&..j...I..[.Q..i..,../y.....l.W.E.S....d..^.A2..V..S/....f..p....@.e.K>..0...u.&.d....X.i.x.f?...q.z<.G.n.C(..Z..U...lo:.e=....b...s....'..I.Qx]..u...~..0.-.X...Q......q8Z.y.8=...m.....a.i@.\|.].j."Gv8..".]w.%..1....f..3.....1....O.KfY.n.F....Y....r.@......3....4..,..?.x....K7a>.0.....?..~}...=;k..g.....4....$..O...u.6..<Jn.#o6.C.8.p...a..O..,a#............0..WY.....&....~..].5l._...\|w..C..K...[h,..z.y...#6...E.[,x0V.6B.n.....w....t...$.J.j.#=g.........6..%..?<k._.2.......;kx...`.LX.k..\|..".f5..G."\M.....w....m!l..E.U.+M.m.{;....A.Yg....1O.Z..H.,...6$J....".xT8C.Q8+.3...(\.Di.f.P.......>.....a..4a....u/.'c..L.A.Pe.I...%x..pA...............P..3.i.dAG.8.].H..#..:.....'.0L\.aY;a."..g70L..r ....0...h4.............a.D...m>.b..D..6...Yu.at.h7....*W<

Chrome Cache Entry: 122

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (47911)
Category:	downloaded
Size (bytes):	2815702
Entropy (8bit):	5.52429946090487
Encrypted:	false
SSDEEP:
MD5:	DD7B44B1E390A4436D9843977B13D025
SHA1:	9240C80185B0CE3A0942033AFD8F1007266AB2FE
SHA-256:	A087991E0D19A739C8C54F67E225B2BC3F2FB2771928EB812EA6D7FE64D359AE
SHA-512:	F56CB1F09D6DC46937DB4537B5FD1EC69ADB82D969CDC3F6B3C5B624E84B71ABA0E31D56915FD4BAB516AAC6FD92CA3BFA06EF2E90F0E1BBEF70EDA52770C5AA
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/assets/index-jvjANaE2.js
Preview:	const __vite__fileDeps=["assets/1448e86d90e0feb307c2894c24e87767.C92d9Fqy.js","assets/7a57c662a7565fd9eeb320f3d0f60d92.DxbJY9pw.js","assets/a34a69125d48fd301e7bb1419da3f86a.CJZ_wzcI.js","assets/Bot-BuJRLIdW.css","assets/628675810a37da28c19336bc56c3fcbe.CIwNgWO2.js","assets/29022ed5858fc89ce67c33299a60e85e.Cs1-nZgc.js","assets/d51040f682e5f36f2225b6efd8f695f6.CHu4wQik.js","assets/update-group-B9qRgaQm.css","assets/9eb541d3c2e0370094c706546c01db29.9h3g8NHK.js","assets/0cdf8d1f49929e1e64852ac33ba485b0.tt4qNwW8.js","assets/29eff11988174ad8414c4f63f7392cb7.DzXKZWnV.js","assets/36c66111e35576d022be3b66c1be7cad.YJHA53ZG.js","assets/fc587c79b2f6c181cffb8afff9837a84.CbwPkOC6.js","assets/101337420c597b3a1df915c791f2abee.s21JUlk9.js","assets/f0cd09f19ff306b50ad2eb176d2ac09a.C_wUbG3v.js","assets/38c170798e4871ec7a78abd4f973479c.DoV5cKma.js","assets/3321673b766fb11248b36fbb293e9ef9.B9usaFFz.js","assets/78cef5d056a68ecb3412f31473defac3.Bl011Ez4.js","assets/Remedial-UCnL8UyW.css","assets/99dea7800713

Chrome Cache Entry: 123

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 156252, version 3.19
Category:	downloaded
Size (bytes):	156252
Entropy (8bit):	7.9852652617616755
Encrypted:	false
SSDEEP:
MD5:	38516D9C84C245BB4271DFF615B39185
SHA1:	D84AD76F881D78276B6BFD2F89AC5528FEB5A18A
SHA-256:	885D09DD9FB2C124E361C422764ECE01772D4AA2BB9B7AEEB0E49501378AD49A
SHA-512:	6878DC2AC7382A62C77AA12AD356854A8B1AB67FBC53F7D92A93F603B4BFC751B3E0034185583AFFB83390529359DEFBB223C33FE0229D728C5893811E65DCE6
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/fonts/Inter/Inter-SemiBold.woff
Preview:	wOFF......b\................................FFTM..b@............GDEF...4.........7.SGPOS......\|i..t....GSUB...8..,.........OS/2.......Y...`#_necmap.............bbgasp...,............glyf..9h..P...0XG.$Rhead...l...6...6-.aqhhea.......!...$.].~hmtx...D......'.1...loca..!....Q..'....maxp........... ....name................post......B..d.....prep..!.........h...........E .._.<.................UP..H.\|.j.)............x.c`d`.Z.7..A....2Y.@.d.....1.....x.c`d`...0.........C.....4U.....x.c`a7d.``e``Wc....p.B3.b8.....X..@......B....y.@......p.A......#...V0..J...1p.(......G...x..Z.tTU..Uo~.D.J+tl...dh@.D.....""......B...v.>\|...2.. @@.0..b0...........i......}n..1$......^....9......\...%@p#. ..{b.U...."..'.....z..5z7.5"x...O......5.&.>.Z.1....Xb5@.. ^5..F.FL7Gb.U..X.-..[kP."..5.`.[.l.,.Y)(..a.u.E...I>w...1.4......A..".m......t"i=...T...Yf............!.ki!s.z:..0......o.]1.<..0.t.9....hi...-...";x..n..r.9....X....~.1zoR..z#.7W......hg6Aw)....q{kg.........e\.Nl.S.o.z..If..

Chrome Cache Entry: 124

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 146428, version 3.19
Category:	downloaded
Size (bytes):	146428
Entropy (8bit):	7.985148167845007
Encrypted:	false
SSDEEP:
MD5:	D7F54354F4E8BD20A447B8C9A802E4E9
SHA1:	9FEE60B734F7996131A6CC36694E27E8E9A3BB2B
SHA-256:	642439443CC4AD0DC8DF3813C318443348B8A88E49264E7E0D61786EF74AF2E1
SHA-512:	BB3802B6507D1A00A0C23056993097914136AE8B0C89EA61699E7AE88F6CCB1E297A7F227BD96559A6D796F7CC2534E99EDC7F91E554EBFDC58C3FD6DABFB07E
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/fonts/Inter/Inter-Regular.woff
Preview:	wOFF......;........`........................FFTM..;.............GDEF.............7.SGPOS...P..x...ij/..GSUB......,.........OS/2.......Y...`".nZcmap.............bbgasp................glyf..6x..1...&.%UT.head...l...6...6-.aHhhea.......!...$....hmtx...D......'...MLloca...,...L..'...E.maxp........... ....name..g............jpost..id..B..d.....prep...$........h.............w._.<.................UP....\|.j..............x.c`d`.Z.7..A..../_d...".....X.....x.c`d`...0.........C.....4U.....x.c`aWc........6....2.f..p..H31.23.(...L..........!(.7.......\+.F00p.`Z.....cc..Q..<.9..s...x..Z=hk.~%..s.s..r.\x....fq.....`.X\. ..1.Pa.1....\.p!.3.0...D...f0......3.B...X.r.A4..<.{.#.z..;..bxx........?'=...b.....\[e...:......W.Q..f...L..59vr.t.\.3hw.6..}#.....m.vD.....3.....R.{.\|....c,...#)'.Rw..de...L.#....i..2..->.....U.$z.m.(J....p..b,..,.....lr..K.k.~....?.W#...4.k....a........k..K;z...3}.'.._.h...(.Y.._.%R.w.$E.c1.I...b.R..)q~''...^.......\.FG...p.H-....<.y...S.\|..."...u"

Chrome Cache Entry: 126

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (47653)
Category:	downloaded
Size (bytes):	47656
Entropy (8bit):	5.4575391401031785
Encrypted:	false
SSDEEP:
MD5:	48ED7AE7E685F5469D86B54CC802F8EB
SHA1:	E88318F6E8B0D255D2D5CB684A4DF120437AE610
SHA-256:	899D1EC3C095342571D3BE2091EC6F984D4CC82390D1F61945C391FA035B00D9
SHA-512:	FC3597F228DCC171ED1537C39DCD2D4F0CB093AD1B202695FB686276261BDF86C16D8550374A8EE72A353A8CF24F87B04F41E1ACB9D7F4B40A7624FAE79289A2
Malicious:	false
Reputation:	unknown
URL:	https://snap.licdn.com/li.lms-analytics/insight.min.js
Preview:	!function(){"use strict";function t(t,n,e){return n in t?Object.defineProperty(t,n,{value:e,enumerable:!0,configurable:!0,writable:!0}):t[n]=e,t}var n,e,r,o,i={ADVERTISING:"ADVERTISING",ANALYTICS_AND_RESEARCH:"ANALYTICS_AND_RESEARCH",FUNCTIONAL:"FUNCTIONAL"},a="GUEST",u="MEMBER",c=0,l=1,s=2,f=(t(n={},a,"li_gc"),t(n,u,"li_mc"),n),d=function Qe(){var t=arguments.length>0&&arguments[0]!==undefined?arguments[0]:null,n=arguments.length>1&&arguments[1]!==undefined?arguments[1]:null,e=arguments.length>2&&arguments[2]!==undefined?arguments[2]:null,r=arguments.length>3&&arguments[3]!==undefined?arguments[3]:null;for(var o in function(t,n){if(!(t instanceof n))throw new TypeError("Cannot call a class as a function")}(this,Qe),t=t\|\|{},this.consentAvailable=!1,this.issuedAt=n,this.userMode=e,this.optedInConsentMap={},i)t[o]=t[o]\|\|c,t[o]!==c&&(this.consentAvailable=!0),this.optedInConsentMap[o]=t[o]===l\|\|t[o]===c&&r===l},v=(e=[i.ADVERTISING,i.ANALYTICS_AND_RESEARCH,i.FUNCTIONAL],r=[c,l,s,c],o=new R

Chrome Cache Entry: 128

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 512 x 512, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	3246
Entropy (8bit):	7.787204754600502
Encrypted:	false
SSDEEP:
MD5:	229ACA278B8DC94785657FAB72538BB0
SHA1:	4CBD9EEBC7331492E8E11908531C97533023FC98
SHA-256:	32503195A85983661560FDFF02383C120D59DB743BF2B02ADBA67C80AF62C0BA
SHA-512:	2B7E4356DBCF0588E0BEC25A1608827314270B6D01C6B8EA25E8B4178E331C274C4DDB238305FBC77D5FC9BD1CDA2B9C76645C056183A943E89A9AA927A1C18A
Malicious:	false
Reputation:	unknown
URL:	https://eu.ui-avatars.com/api/?name=o&format=png&size=512&color=ffffff&color=174A26&background=ABF7BE&length=1&font-size=0.55&bold=true
Preview:	.PNG........IHDR..............$.....PLTE...!V0.P+.L(.J&.K'.R-.N).S..e=B\|R..1iA7pG2jB..$Z4 T/.Oi.z5mE@{QR.c..g.xD.T9rIY.j/f?h.yF.W;tKJ.Zw..C}SK.[o..e.vn..U.f[.l)_9N._#X3..W.g(^7q..S.d6nF..b.s}..L.]0g@z....4lC..I.YE.U..c.t..=vM..P.`Z.k..-c<X.im.~l.}f.w?yOx....`.q..>xN']6~.....j.\|^.o"W1T.e..8qH<uLp..G.X..u..a.rt....\|.....{..a:+b;Q.a...M.^.._.ps........\.m..&[5.........v............m%......IDATx...[+.a...w....%...)!.7rHn.oD\H...f..~...o=.ox............................................................................P...~yhd~lg..../_.e;..s......@{.^...W2..\|....I%.>j............Z .j/....7...@.}.'2....o..i.53....?5y.H.J.3..'...H...Ll...@<..b3./...w;..&...H....T.....+6]v.!.H[c.%2..@.T.:b......S......D..Q.>..@E....(n...&.&.D6A.......gd...}..[=.....7..U.....hk(U..1..C...!z..J..I.0..........`..w3...T`.s.i.*.r+.z........K...#.7....b.4...`.G1....!.DL.v...W.0=.Cyvp..-.....x40...s...k...a.................~<..,@yT.c..';.....\;..2.(..2.

Chrome Cache Entry: 129

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 156092, version 3.19
Category:	downloaded
Size (bytes):	156092
Entropy (8bit):	7.986023704067009
Encrypted:	false
SSDEEP:
MD5:	05D32D3CF921BC5A1FDCEE02A5D74143
SHA1:	073A29C509D7F4CB6D9EBE6A3041272285BF688D
SHA-256:	579D0960AE1E10BFA16F1085A563F3E93A54FC98DC7B9C2017983771D8BC4189
SHA-512:	BBD524C1EEF4A70E26E2ACB4655D2E18979FD1D0E1F0434B43F9F822C8744BBFB104C8456512938B82DA123ABE8918D5A7D731C22FD6D3DF5A6F40C2A0C74C2F
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/fonts/Inter/Inter-ExtraBold.woff
Preview:	wOFF......a.................................FFTM..a.............GDEF...l.........7.SGPOS......y...t....GSUB...p..,.........OS/2.......Y...`$'n.cmap.............bbgasp...d............glyf..98..R...4h.:.#head...l...6...6,5a.hhea.......!...$.7.;hmtx...D......'.X...loca.. ....G..'....4maxp........... ....name...0..........8.post... ..*B..d.....prep.. .........h.............._.<.................UP..".p.j.V.@..........x.c`d`.Z.7..A...<.,...2.....0.....x.c`d`...0.........C.....4U.....x.c`a.eV``e``Wc....p.B3.b8.....X..@......B....y.@......p.A......#...V0..J...1p.(....,B.L...x..Z.tUE.....}I@QDF>....\|"..A.....!"....f....... .'.@"....1..(..O.#bC..v....."C+c#y....}...\.W...:Uu.V.[...T..V.=..+.P:.&.5R1.NFc.6d.e8l.Df.+...p.H...=.G.,.5..Y........)....&&.i.K.g.`......C......._.1.j..0d._.:'...(u...qPj. F..0.)(.f=.I....Q.].g&......kI{.Tx...].6..^..NK.v.....\|c..Bx..$...f..}s..g.A....O.}...;..k...Or..(.[....\.%.o.....;F9.}p.1.....g.....V6.,[....6zh.e~~....W..@...........Z.E.jl...+3..

Chrome Cache Entry: 130

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 58240, version 2.3
Category:	downloaded
Size (bytes):	58240
Entropy (8bit):	7.988765360335527
Encrypted:	false
SSDEEP:
MD5:	F5DA251799922331DE6F3519F36A1DE7
SHA1:	D4E9AA9ADCA7373F9BDD733A6C12B96E1CDB1E7E
SHA-256:	79F19A8539D4FDD431A399674C122C6C59B5AD56EDF51368266064AC6C8ADFF8
SHA-512:	B9A0060FA028B608BC9CF9122BAEBB3412B2ABF068C8BFD1DE16C922AC844E6672DCA1D2E5874C6E6A206144BB18802B7573F89EBB491646C77DBAB8CE55D136
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/fonts/IBMPlexMono/IBMPlexMono-Medium.woff
Preview:	wOFF.......................................FFTM...d......... ..GDEF...........././jGPOS.......I...X....GSUB............&J.OS/2.......[...`...cmap...........J....cvt .......D...D..."fpgm...........s.Y.7gasp...............!glyf................head.......6...6.leohhea.......!...$.o.%hmtx...l...O........loca............`..maxp....... ... .B..name...\|.......S68.Ipost...\......".$._.prep.............).4.........'<#_.<..........<................l............x.c`d``a.....).../...."..;.................*.i....................x.c`a.`..................\|.M98...8Y......00.;0XX3@..........L,...20.02.'00N..1.0..R....k....x..OlTU..'Q...5....).A.(X.....i..i............saL..RLD.@..B].(..........b.>.....n.3.aa._....s.=..36.....f+..>.m....:....p.<...w.S.+(.>.....s.5.2..^...}K..:..h..5....`.QP.X..8.r.=.h.t.a)..Z...@.......#`.......s.....`....>.j..]ZWNvM.w..4..=.}....,....=...S."x_e_.O._.k...>...jM-.E.W..:...B...b..c8.U6N.j.......9...Dd.....h.Z:.....g.o5.?._A.....f.=..C...8...

Chrome Cache Entry: 131

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	139
Entropy (8bit):	4.7844096507155776
Encrypted:	false
SSDEEP:
MD5:	2F0A9504365D2EB55148CA1E1BC3D1F1
SHA1:	EE245DE8A1347F11ABD8832B1C0EFFAABDCCA445
SHA-256:	E28BE9CC249FF343CDB92C6E36D1372801EA253DB6E99F70CA6D2F5ACD50379C
SHA-512:	40E7FC044F7098A74DD8EA49103BDB318588DCB71AD86E5F7620767623FE6F23BBAFF9D8B9B5D600F7A0D2B71C806EEEBC4FECE79F27CC6DDBB21E9FF44CA07A
Malicious:	false
Reputation:	unknown
URL:	https://ps6q3676.loginprotect.net/_nuxt/builds/meta/0395d515-06b0-432d-a643-32ff8c1d1ae7.json
Preview:	{"id":"0395d515-06b0-432d-a643-32ff8c1d1ae7","timestamp":1717659293377,"matcher":{"static":{},"wildcard":{},"dynamic":{}},"prerendered":[]}

Chrome Cache Entry: 133

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (526), with no line terminators
Category:	downloaded
Size (bytes):	526
Entropy (8bit):	4.844995662196588
Encrypted:	false
SSDEEP:
MD5:	D96C709017743C0759CF3853D1806BA5
SHA1:	72E21587610C49C8305A55E71F73FA88ED618205
SHA-256:	BA2338AA6670580269C762F51C4291DAEF913201AA8F4D4FD166C1A878262652
SHA-512:	974E260ED8BD1D99628FC3248F07179F6EA228E37A6B9D3EF906DBA57571F2DF54D73F93D1F3460902D28A90BD4793BCA35477B2EF8FBF424B9112147F04BCCF
Malicious:	false
Reputation:	unknown
URL:	https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Preview:	!function(){"use strict";var e="https://m.stripe.network",n=window.location.hash,t=/preview=true/.test(n)?"inner-preview.html":"inner.html",o=document.createElement("iframe");o.src="".concat(e,"/").concat(t).concat(n);var i=function(n){if(n.origin===e){var t=window.opener\|\|window.parent\|\|window;if(!t)return;t.postMessage(n.data,"")}else o.contentWindow.postMessage(n.data,"")};window.addEventListener?window.addEventListener("message",i,!1):window.attachEvent("onMessage",i),document.body&&document.body.appendChild(o)}();

Chrome Cache Entry: 135

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Category:	downloaded
Size (bytes):	625586
Entropy (8bit):	5.362529533605268
Encrypted:	false
SSDEEP:
MD5:	F29BBD0469F158A894E4F9C36CAADF11
SHA1:	999D4B226C12215041326FDE3E0AE1B5D8692E0F
SHA-256:	E6065DEA915063A7C89F4592E32E0208701B281D55F3077E3BDE07BCFD31B02B
SHA-512:	34509F428B786BA7A9B26C8AC4998B71D65675B7569D8F6316A6B16894159CDD1D91CA576D51CA4B36EF733821442DF0CC7706EAF3D6B6E692F78AE19A533523
Malicious:	false
Reputation:	unknown
URL:	https://js.stripe.com/v3
Preview:	!function(){function e(t){var n=o[t];if(void 0!==n)return n.exports;var i=o[t]={id:t,loaded:!1,exports:{}};return r[t](i,i.exports,e),i.loaded=!0,i.exports}var t,n,r={723:function(e,t,n){"use strict";function r(e){l.length\|\|(a(),!0),l[l.length]=e}function o(){for(;d<l.length;){var e=d;if(d+=1,l[e].call(),d>1024){for(var t=0,n=l.length-d;t<n;t++)l[t]=l[t+d];l.length-=d,d=0}}l.length=0,d=0,!1}function i(e){return function(){function t(){clearTimeout(n),clearInterval(r),e()}var n=setTimeout(t,0),r=setInterval(t,50)}}e.exports=r;var a,c,s,u,l=[],d=0,p=void 0!==n.g?n.g:self,m=p.MutationObserver\|\|p.WebKitMutationObserver;"function"==typeof m?(c=1,s=new m(o),u=document.createTextNode(""),s.observe(u,{characterData:!0}),a=function(){c=-c,u.data=c}):a=i(o),r.requestFlush=a,r.makeRequestCallFromTimer=i},5937:function(e,t,n){e.exports=n.p+"fingerprinted/img/abnamro-4445e65420800f96f68cfc67a273f66b.svg"},1520:function(e,t,n){e.exports=n.p+"fingerprinted/img/asn-3d9b1bbff2f8f12105510992dbb37ae8.svg

Chrome Cache Entry: 137

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Java source, ASCII text, with very long lines (1191)
Category:	downloaded
Size (bytes):	1192
Entropy (8bit):	5.194776802791399
Encrypted:	false
SSDEEP:
MD5:	333B45314BD6797253C31A7AEDC54CB8
SHA1:	2C98CAB9C53E0E9BB51F81EEC288EFDD9968D218
SHA-256:	20D921587A05FB8250228805AD3CED2942E7F58B106812A6DA8174310AC3A6BC
SHA-512:	05E4CF2C0997EF81936C122E64AB9CB41C2267B138CEC499D31A60A56002FA3F73DEC5C339F04BAC26FE35A070DBFDD48E2B20BE90A0DD637425712C69D64A15
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/assets/6a992d5529f459a44fee58c733255e86.D3L-TPZH.js
Preview:	import{f as a}from"./6a992d5529f459a44fee58c733255e86.CTeVBgDW.js";import{i as c}from"./c188f2db5a79d48a586161fa8620f2f1.DS1Agtkw.js";import"./index-jvjANaE2.js";function l(r,u){var i,n;if(!r\|\|!Object.keys(r))return{};var o=r.integrations?Object.keys(r.integrations).filter(function(e){return r.integrations[e]===!1}):[],s=[];return((i=u.remotePlugins)!==null&&i!==void 0?i:[]).forEach(function(e){o.forEach(function(t){e.creationName==t&&s.push(e.name)})}),((n=u.remotePlugins)!==null&&n!==void 0?n:[]).reduce(function(e,t){return t.settings.subscriptions&&s.includes(t.name)&&t.settings.subscriptions.forEach(function(f){return e["".concat(t.name," ").concat(f.partnerAction)]=!1}),e},{})}function v(r,u){function i(n){var o=r,s=n.event.event;if(o&&s){var e=o[s];if(c(o,e)){var t=l(e,u);n.updateEvent("integrations",a(a(a({},n.event.integrations),e==null?void 0:e.integrations),t))}else return n.updateEvent("integrations",a(a({},n.event.integrations),{All:!1,"Segment.io":!0})),n}return n}return{n

Chrome Cache Entry: 139

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	42
Entropy (8bit):	4.4875555180168565
Encrypted:	false
SSDEEP:
MD5:	18697A8F160ED20DA28C20B4CF5A7420
SHA1:	90C2C3BEC2B6F0DFFD4290E56626C1962FBA3A5A
SHA-256:	3F106281DA4014E83E31FA12357BC0E5D475CAEFFE729CD164E7FD5F737595E7
SHA-512:	0AFD236B62649808554CCE10760CC4BF22FB21291305145A4771F2F18F6E8AE79BE347DFE0A78F9DE6F48D82D99AB2CAF438E38ADB45A31FEE083B8E778D0C9F
Malicious:	false
Reputation:	unknown
URL:	https://ps6q3676.loginprotect.net/_nuxt/entry.DSzgUraC.css
Preview:	#__nuxt,body,html{height:100%;width:100%}.

Chrome Cache Entry: 140

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Java source, Unicode text, UTF-8 text, with very long lines (4453)
Category:	downloaded
Size (bytes):	4456
Entropy (8bit):	5.536614879887252
Encrypted:	false
SSDEEP:
MD5:	F1489148DEB8586785408FBBB05BCAA2
SHA1:	748442DB79418753AB009DD88243EB48E266A9A7
SHA-256:	7F00BD48208518B62DAA18EE7037E1886A7B463C16CCA53AF2BE20708E4FBBA5
SHA-512:	F61B3392AB1E75D753E72072C0A28C2563D2921AC36817B9E6EF86429FDA3897B6B59A97B75F25A3F21B6E20564D8738BECF05B170C8C81BCDF4B4DE1FF1A476
Malicious:	false
Reputation:	unknown
URL:	https://ps6q3676.loginprotect.net/_nuxt/DfOhF5Y9.js
Preview:	import{d as b,z as w,r as g,c as _,u as y,o as f,a as m,b as s,w as C,t as e,x as M,e as t,f as P,v as k,i as z,k as S}from"./CggZbbro.js";import{u as B}from"./BFCZNSbT.js";import"./fCt9Ho7h.js";const A={class:"flex flex-col min-h-screen main","data-testid":"google-login"},H={class:"login-block"},V={class:"side left"},I=S('<svg width="48" height="48" viewBox="0 0 48 48" aria-hidden="true"><path fill="#4285F4" d="M45.12 24.5c0-1.56-.14-3.06-.4-4.5H24v8.51h11.84c-.51 2.75-2.06 5.08-4.39 6.64v5.52h7.11c4.16-3.83 6.56-9.47 6.56-16.17z"></path><path fill="#34A853" d="M24 46c5.94 0 10.92-1.97 14.56-5.33l-7.11-5.52c-1.97 1.32-4.49 2.1-7.45 2.1-5.73 0-10.58-3.87-12.31-9.07H4.34v5.7C7.96 41.07 15.4 46 24 46z"></path><path fill="#FBBC05" d="M11.69 28.18C11.25 26.86 11 25.45 11 24s.25-2.86.69-4.18v-5.7H4.34C2.85 17.09 2 20.45 2 24c0 3.55.85 6.91 2.34 9.88l7.35-5.7z"></path><path fill="#EA4335" d="M24 10.75c3.23 0 6.13 1.11 8.41 3.29l6.31-6.31C34.91 4.18 29.93 2 24 2 15.4 2 7.96 6.93 4.34 14.12l7.

Chrome Cache Entry: 144

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	196
Entropy (8bit):	4.704701400148228
Encrypted:	false
SSDEEP:
MD5:	6B92D2824C457CBB780E697B7C210622
SHA1:	EFA0CA0494F96D89FC9FB518D7A62A46FC93EE36
SHA-256:	6BA5F3EDB2C2E41A487F3791ABD280E5F8BD70490535BF54D72DD503038223C7
SHA-512:	658E21FB37BA60D45AC8ADA160D99A0BF69337F7B009BBD246AF5BB62581D2CE5AAF59594DD3B5F4862EC4252D2641DCF1DC0A60CF6C3E6A9F3BDEC11A2FEA3E
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/assets/c188f2db5a79d48a586161fa8620f2f1.DS1Agtkw.js
Preview:	function l(e,d){var o,i;return typeof(d==null?void 0:d.enabled)=="boolean"?d.enabled:(i=(o=e==null?void 0:e.__default)===null\|\|o===void 0?void 0:o.enabled)!==null&&i!==void 0?i:!0}export{l as i};.

Chrome Cache Entry: 145

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 156524, version 3.19
Category:	downloaded
Size (bytes):	156524
Entropy (8bit):	7.986291856299173
Encrypted:	false
SSDEEP:
MD5:	36F085290CFE7B079437088CFE3BC41B
SHA1:	36C305A6EA07EE88450D2A14A739D98DB5828B04
SHA-256:	2F78EAFE3A1CC503DD2B1CB5FE942F093BC18B438811DE9A7906D4D7BD83AB2B
SHA-512:	7069417551AC8054A7B22E0E6AED351D34DC99D0CE0756ECFF76C6F9A073CFDD7DE7295CF47DB6B6A31D4731D35C533AD6B6BC9B0D95ECD003E44B513DF0C543
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/fonts/Inter/Inter-Bold.woff
Preview:	wOFF......cl................................FFTM..cP............GDEF...t.........7.SGPOS......\|<..t.O...GSUB...x..,.........OS/2.......Y...`#.nccmap.............bbgasp...l............glyf..9l..R...2..SvJhead...l...6...6,.a.hhea.......!...$...\hmtx...D......'.D.#'loca..!$...F..'...4@maxp........... ....name...p........Hpi]post...(..*B..d.....prep..!.........h...........zS=_.<.................UP....\|.j.?............x.c`d`.Z.7..A..../.2Y.@.d.......X...x.c`d`...0.........C.....4U.....x.c`a.g........6....2.f..p..H31.23.(...L..........!(.7.a.....\+.F00p.`Z.....cc..Q..<.TT.....x..Z.xU...g.!....Td(.. (...2.....0.H52...X! 3I.0....H..E...S..... ...JEs.9....&}._....o..{Xk.5.P.V......\.\|...E..K.Zb.3.'..d.z"G..l=.w.....`2.3...`"6..Q..G.1.O...ou"~.i..Xku.Ts.....t.s....c...4W........n...Wl'"......(.......8..B'k>i<....mv....IoG...J.P.d....C+.....~(.^....N.@.4.2c..k......~..I3.9.....=.Q.(CA...l..r.k..<@.b..H.C.>.....D.oc..IA.....lv...._..u....}Q..V.^.3........x.8.S.....\|

Chrome Cache Entry: 146

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (65180)
Category:	downloaded
Size (bytes):	120938
Entropy (8bit):	5.291183889234888
Encrypted:	false
SSDEEP:
MD5:	EED940F1B2C3E0384E52640CC8E1AAC2
SHA1:	A041E570CEF62B2CB0D291B66817F5982F0580FD
SHA-256:	79D9745DF610302D5EEE4C57A8D06C605D55C2BE31D78E5B547E33E5CDFB04BE
SHA-512:	92F015AA5408F763A01EBAB7B977B5E3A296A20AE67E82E9B47A2169C471387CACFB8CFFBA452875258C13245007DE47F9037029BE39EFFD9CA719F98473EBC1
Malicious:	false
Reputation:	unknown
URL:	https://ps6q3676.loginprotect.net/?d=QALAHQu0HO56gLnZ_CF6N
Preview:	<!DOCTYPE html><html><head><meta charset="utf-8">.<meta name="viewport" content="width=device-width, initial-scale=1">.<meta name="IMPORTANT" content="This page is part of a simulated phishing attack initiated by Riot on behalf of its customers. If you have any questions please contact help@tryriot.com.">.<meta name="robots" content="noindex, nofollow">.<style>/! tailwindcss v3.4.3 \| MIT License \| https://tailwindcss.com/*,:after,:before{border:0 solid #e5e7eb;box-sizing:border-box}:after,:before{--tw-content:""}:host,html{line-height:1.5;-webkit-text-size-adjust:100%;font-family:ui-sans-serif,system-ui,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji;font-feature-settings:normal;font-variation-settings:normal;tab-size:4;-webkit-tap-highlight-color:transparent}body{line-height:inherit;margin:0}hr{border-top-width:1px;color:inherit;height:0}abbr:where([title]){-webkit-text-decoration:underline dotted;text-decoration:underline dotted}h1,h2,h3,h4,h5,h6{font-s

Chrome Cache Entry: 147

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	15406
Entropy (8bit):	5.7703823993612895
Encrypted:	false
SSDEEP:
MD5:	ED55C2A70AC58ECEB3078D02F92ADC06
SHA1:	22828344D90DC13360C990ED966E3A65C264BBF7
SHA-256:	B0B5EA168517E45FE008B891D1AD92DAC7CC5D909EE815E2755C9385F0AB01B6
SHA-512:	6A5F0B72E35D642ED8917CAFDCCF108E55BB2F850CE657FD3E16D13A85CD25EB6B33F9BBC9CD10D022A6AE22E80ED55258DC719C9DBA41D428BF67F2D4F0946D
Malicious:	false
Reputation:	unknown
Preview:	............ .h...6... .... .(.......00.... .h&......(....... ..... ...........................................*1.............0...0..1...41........................U.....)...,...-...,.../...0...2..M\..6I..(?..Uq.....................h.,...,.\|.,.}.-.......0...6..":..'?..Zp............................Uo.O.5.H"W.T7q.W6p.h4e..@\......................1...............vy..AS..AU..AS..JW.........................1...............De..Kl..Eb..GI..HK..Hh..Lm..Lm..............................Lr..V...]...............}...b...e...j.......................d...\...m...........y...{...........................................Y...r...s}..................x...................................Rx..a...................l...r.....................................................}..................................1...........................................................1.........................................................................................................................................

Chrome Cache Entry: 148

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 144 x 144
Category:	downloaded
Size (bytes):	32308
Entropy (8bit):	7.877845714502848
Encrypted:	false
SSDEEP:
MD5:	6C2A89E2870AFDAED28F225CB2168DE6
SHA1:	A6F3A0206BAB04590D97478FBF5298D2E5D6FD52
SHA-256:	FC53178B1A8B37E186A8AE9C9A953E667E8363F4608D3F4ABF6C77D65A1E9EE0
SHA-512:	E6BFAD6D9350C286549C78A3EA3E05C5FCEE71022D3BA02F499C281C0F90552E1C54AE7AC49A90739A7842A573672F1D17F000E693832790BDD45BDCF99D1E23
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/loading.gif
Preview:	GIF89a..........+...[\[...........mmm...$$$....................BBBYYY222KKKsts........:::.......ddd...yzy......RRR....eee...kkk###+,+.........ZZZCCC........tut...KLK...CDC.........343............fff...+++#$#...jjj.................TTTlll......QQQSSSuuuzzz......cdc...\|\|\|ttt..........................111sss...TUT..........++***UUU...lml{{{ded...121..............JKJYZY......efe...jkj443....Z[Z...z{z$%${\|{......}}}...\\\..........BCB...........STSrrrxyx...............;;;...klk.........<<<...UVULML......%%%.......[[[......ccc...JJJ......DEDLLL...........................:;:......\]\```.........)))......000...>?>...www........................--,999......bbbvvv333.....232...HHH&&&...454...!!!DDD......^^^nnn...XXX.........EFE......%&%..."""............!..NETSCAPE2.0.....!.......,...............H......\....#J.H....3j.... C..I...(S.\...0c.I...8s.....@...J...H.*]...P.J.J...X.j....`..K...h.]...p..K...x..........L.....+^....#K.L....3k.....

Chrome Cache Entry: 149

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1112 x 1155, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	254379
Entropy (8bit):	7.952165693293911
Encrypted:	false
SSDEEP:
MD5:	D545A22002B93640EF49A1DC5D6C8AD0
SHA1:	B6555F9E443E0F89393709D04869C816B1633562
SHA-256:	40DCD89942A519E1731C4B5841F77A70B02639434D9766FC90D4D2ED1270FAC2
SHA-512:	0BF759609E5E993000879A0E3FB452CF009F1B462AC22818DF0356C25DD9284334898E8134DC4AB62995FCCDCD2EEB6AF8A85E76C38EDCED5080842EC445CD68
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...X.........M..I....pHYs...%...%.IR$.....sRGB.........gAMA......a....@IDATx....l#g...>o."EQ..bR".L+..]....UW..'Y......18&`.....8..`...9..B.0.t/.....Ey....=."y[X.}..3.).z...n.l[...N.....EQ..x/... CJ.....L..q3#...J..n<.~.............._.RJq.f.1...1....X.G>oo?.y.q..8u......:.....S.S..}...q...\....j.Y.........).w..ut.\|'>{.q.c...v.\|..3.......\|.........{O.?.v.........g........;.o......>....}gl?...~..{..g.....3...?..O......................?.........`8p..\...j.......\|..O.S.GfpL6......o._.....z....:.s...........g.,........k1.^.....?.............H.{.......O_.~...N.[:u.O~v.s?z.........C..N.u.e.wt?c..vg_Gz.9>.9...N...<.t...........G~....E>r_O?7....7.......y................?.s......^......'.......x.>.3.Y.."G)...2.^...?)k[.....[..+.......W-."..g..r. R'.I...{......>#R.,X..%.l.g.Y?cF.........LFX.#./w...3..]...c}....$..Zf.9..Y}....SV.C..S.:..=(........,..cr.g..V..uM..........9.7F...m....,..;...=L....}.......q.....C..Q.#s...?..s..)....

Chrome Cache Entry: 150

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	141
Entropy (8bit):	4.8053170903944125
Encrypted:	false
SSDEEP:
MD5:	271C4A3B9D077160B28BE2F63D75A358
SHA1:	6D21E059DEA40B420FC0A6CB6BB46A95F0A30BD5
SHA-256:	9774388C44A7545B067C7914B6E0411BBB5E58B79FDD376BEBF9672B5DDC787B
SHA-512:	DD177DF141A31C7BB99731BBC1F0D8F021CC9F8409956DF405C390D0CE85F2A586D3526FED14BF1CDB9F5DC4A4E8BF4B03456EABDD3E0D9731C2697E4DDDE62F
Malicious:	false
Reputation:	unknown
URL:	https://ps6q3676.loginprotect.net/_nuxt/DPQct8E7.js
Preview:	const a=()=>({fallbackLocale:"en",legacy:!1,formatFallbackMessages:!0,silentFallbackWarn:!0,silentTranslationWarn:!0});export{a as default};.

Chrome Cache Entry: 151

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 4271
Category:	downloaded
Size (bytes):	1879
Entropy (8bit):	7.9019247183819115
Encrypted:	false
SSDEEP:
MD5:	DE0A11B95ACA20DC7CC5BCEC42ADC9E4
SHA1:	D8CAF184A39CBBF2FD55FBF5E7E477C1B64D860E
SHA-256:	58BBE7CADCD9BF4C2CCE390E289E135F2D83D7A679D213D80F2DAF2C1E0D2464
SHA-512:	25DDC03ABAC771E6F39D2CE3DF06FCF67B2273BDD5F69E07228A95D5B2065490D6CF626DDBA91CE30DE6783AEC78E2D20C033320EC69D7D9CECC6E19579664D5
Malicious:	false
Reputation:	unknown
URL:	https://cdn.segment.com/next-integrations/integrations/intercom/3.1.0/intercom.dynamic.js.gz
Preview:	...........Wm..6..._.#]Y.7.%W).....[d...Aqg..-.6.Yd(j.\|...=C.X.n....!93.7>3~Pe....U....o.T...>..W....)]VW.....,;,c..:.......E.....z.}.......Z..z...H[.M..+]m.I....7.;...COOd(..6..vR2.....e.\/X.......\|.H.7&.d.q.4..Hq3...n.Af.6V;..F.[Q.=....H..q&.".LE....tZ...!-pY...('..d....X........_.5T.i....4.j.....(..$...0.......v.0j..`1D.1.......~8.\......N......#...Y..g..y...`......+S.....[v.1.U.....N.t&.....f...,.5LPR...%S....D.......Uik,m.J$+.g.;L.M.G.....e.f'Z!TqA..{..w.1.g.e..rc.i..k"...m...}F=.A..NZ.d......D.......g..C.'.........;..YUn~....s7>.eHVQ.$..y].....RV.[/.l.....I..J.U..E...T..r)N...@......S..O7...\v.eV.'.....!`.......u...^8x...T......+..........Q.5......[.^....#......N.7h.;......... .L.u."%..............h........;..C.0...nM.H>\&J.%....W..Zt..k`Q}B...#C3...t\.....yp..o...:....N..hPWrB)G..-..0..{...h.w../@...P?. B:..h....'...?.W.3.7r.=..weu.."...a@.D?..'.........b.eS.(.....>...m...o.......D.....`.m...[U~.R.d.04....IT..rb.

Chrome Cache Entry: 152

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	144
Entropy (8bit):	4.54178832719941
Encrypted:	false
SSDEEP:
MD5:	F447C440ABF2B8AF203938329FE494F8
SHA1:	3E071AE6400D84FB2EBE38EAEE60E1161D9F4556
SHA-256:	11BBA994684E05187E8CB291F03254CE7810FB3EABBC900299F078F2E584550F
SHA-512:	BC05CEC72D8512A1CE483156BDCD963199EBFFD224D991AABAD638D3FA075CD7C96E20B20B85C7224925B8263143772174B3BC824EA258C0B196C83E03007C9F
Malicious:	false
Reputation:	unknown
Preview:	{"errors":[{"code":"media_type_not_acceptable","message":"The Accept header should send a media type of application/json"}],"type":"error.list"}

Chrome Cache Entry: 153

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Java source, ASCII text
Category:	downloaded
Size (bytes):	204
Entropy (8bit):	4.9709312058253134
Encrypted:	false
SSDEEP:
MD5:	29D932C20D8159675E38FD401B5DAEB1
SHA1:	99B489F5DC09A3B58F542EB7A06ADBD8D3B6275F
SHA-256:	8B96D3624ED610D63580F576494ACEED4A22F4E6E2574DCBBAB16B484A698DE9
SHA-512:	F50045EF82BDFA9F73772DA9FCFC09ACF3268B2FC81AC3F243894690669A8470525CBDF3D25A08C41A8FE66C508D4E83C6CB82D163714352391208C69A8D0EEE
Malicious:	false
Reputation:	unknown
URL:	https://ps6q3676.loginprotect.net/_nuxt/fCt9Ho7h.js
Preview:	import{s as n,D as o}from"./CggZbbro.js";function i(){const r=n();return s=>{const t=new URL(s),e=r.query[o];typeof e=="string"&&t.searchParams.set(o,e),window.location.href=t.toString()}}export{i as u};.

Chrome Cache Entry: 154

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 58508, version 2.3
Category:	downloaded
Size (bytes):	58508
Entropy (8bit):	7.988850215004103
Encrypted:	false
SSDEEP:
MD5:	654E3A0695D8A2F6121047254ECBBD38
SHA1:	F7F1D52A56C41C25963E3319A0626EED298C2010
SHA-256:	77CC622383DB738BEFA2DBBED825564A127D41995E94A4CFB46D8A346DCD3B87
SHA-512:	7ECDB00F91A52776ED2B003DB310F3E82496923EA22484EEA4CF99A41301085D505CA5EE2D48AEF75FB6F0069CD8B74015BD9616C385201149E836986185CD51
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/fonts/IBMPlexMono/IBMPlexMono-SemiBold.woff
Preview:	wOFF.......................................FFTM...p......... ..GDEF...........././jGPOS...$...K...X.+..GSUB............&J.OS/2.......Z...`.L..cmap...........J....cvt .......D...D...afpgm...........s.Y.7gasp...............!glyf............A...head.......6...6.\ezhhea.......!...$._..hmtx...l...U........loca............'.maxp....... ... .B..name..........qy.Vlpost...h......".$._.prep..............6............'_.<..........<................w............x.c`d``a.....)........."..;..M.{.............i....................x.c`a.`.``e``........1.!.............y..S....5..x:.0.``......-...#.p...t...... .....7.._..x..MLUG../.)...J(Oy........_Eb.......1DW...I.......F..JJ.E.nL..1...M..MW]...............a\....;.g.9..y2..G....~...U....k...=8..A......`.4..`+..j.N.w.-...u.Q.Q..d@9...`..!:....`.q...M.g.&..~..-..e.s.........=..ufhw...y0...0..Gy.<.9...6..Z...-.y..C.6.....M.?..w9......k....8.......=..=......x.gq$`$..;...c...).Y...$J..;`"`.w.!.V...........I..z.?C.t.!............'...

Chrome Cache Entry: 155

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	6854
Entropy (8bit):	7.7538427453673
Encrypted:	false
SSDEEP:
MD5:	EB89F860CF901D2D4D637D7B3E1DE3FF
SHA1:	ECC4C29B7AA9F04237995E047B69FA98E88805CE
SHA-256:	A2389695A4F9C17CBC3E18C9480EF935AA70D0C57F66CCD96C1D01F9B5C9EB83
SHA-512:	7D3E0F539812AAD595D4C82317C9AF9F15715CC561FD676E0A0575437735DD81A12CA8CDED26E7BAE89DAB8EBB1E886AB03DCDADA5112551B6149F690F516E99
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...............6.....pHYs.................sRGB.........gAMA......a....[IDATx...{...}.....vW.D`.F%......dUp...l....zIz1..N...#.NA.i.K.4S...h..:...A%3.B.Q;.........}........g.s9..~fv........;.yr....P..........! ..#...`.............0B@..F.........! ..#...`.............0B@..F.........! ..#...`.............0B@..F.........! ..#...`.............0B@..F.........! ..#...`.............0B@..F.........! ..#...`.............0B@..F.........! ..#...`.............0B@..F.........! ..#...`.............0B@..F.........! ..#...`.............0B@..F.........! ..#...`.............0R)@F...2....2..>t ..B.g..\|...N..>....b.......o..=.i...~_1sV.....^9w.......xd .C.......`...B.4*...L.9. .p....t..s......bW...3...R9w.T-Z"U........Stu..n...v..w$.....R&.] 5.W}..V)H...T..D_....Yz...m0.A.Z.D...J...'g.@...RG..... .[....nu.._!...........h.<..#&H..A.t.~..gYiXR{mK..U.\|.Q# .....k/KW.A4..3.. &..]....! .Mq...U.tUR..%...6..D.8...!.Br.(...9..`..A$.J/..r....F@`..p.!.D..XA8.EH`..`.4...p.

Chrome Cache Entry: 156

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 58536, version 0.0
Category:	downloaded
Size (bytes):	58536
Entropy (8bit):	7.991291632674047
Encrypted:	true
SSDEEP:
MD5:	8AA00BF8594E0566ECDBB8075E3F5477
SHA1:	599EF32B0AA33E86A52FFFE96CB2955EE9EFE9E5
SHA-256:	90F264F803A7BA24BFB40383502F7CA6342FEA6565D73468357BCE41DFCFB8C9
SHA-512:	8FC17372A7F37985E5CD71022B8C31697871EF2A850917E3F848D4B81E7E23C379ADE9275912B26903F7B82C51ADA96740F46E0F089C9F8A51CF527AA7B21E8C
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/fonts/Fellix/Fellix-SemiBold.woff
Preview:	wOFF.......................................FFTM.............q.GDEF...x...S...j.O.PGPOS......<~...l,.r.GSUB.......?...Ri..dOS/2.......N...`v!.zcmap...............gasp...p............glyf......wU...X.L.Phead...X...6...6.)..hhea.......!...$....hmtx...$...........loca.......J...`..,pmaxp........... .x.Qname...`.......Lah@/post...`........K.t........G6.o_.<..........k........tQ...=................x.c`d``[.o..,..?..vq.d.. .f.........x.c`d``.g.c`g..& f.B...0........x.c`aie.``e``5f9...0.B3.eH....;.. 1..B......xU.-...q..%c....d...K.=@J....[4....x.W}HUg.~.{.s.%....\e.c\B.r....l.....!r....S[.t.m.%DB".?Z.sI.......!"a1.!.!2$"ds.cd.=...[v.r....<...}ot...S.u....v.<.k$..$...8WQk]......o.....2j5Z..RfO.bz...(v.vl.i..7...;P.?.Z..[.6.U.Z..d.;.W`U...6.P_C.@.s.Y]B.".&.?....Yu.I...i..pm.....V.m!?..e.H.{Y..E.u(r6..(.... 2......t/<.......3...p.nC.z..i.!cM....>5.L..k9.O....V.. *h....n..-.-......$.)..C..,9.s.....;........U....4.?m.u.v.<.c.....J.B...v....{.<..q5l..<q...H....f..b..".....`=..

Chrome Cache Entry: 157

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	311
Entropy (8bit):	5.387221624395101
Encrypted:	false
SSDEEP:
MD5:	BF3890291E42FC4DC18B9F4C19849135
SHA1:	792644CC36754A3C15B04365331F4654F3638AE8
SHA-256:	52B9D19FD7357882105487AA695B9DFC6EDFA8FEB0703F2D149BA6B543E71559
SHA-512:	42BFB41968102375F28C66D1A9ACEE4C1A08DDFE5BE6C82F681776FFE801BC9359D405F287B9CC2CF766AE302CFBFDFED4153BE3426E40B3CB20F3B7ED5A749E
Malicious:	false
Reputation:	unknown
URL:	https://www.cloudflare.com/cdn-cgi/trace
Preview:	fl=557f154.h=www.cloudflare.com.ip=173.254.250.91.ts=1718024192.606.visit_scheme=https.uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36.colo=DFW.sliver=none.http=http/1.1.loc=US.tls=TLSv1.3.sni=plaintext.warp=off.gateway=off.rbi=off.kex=X25519.

Chrome Cache Entry: 159

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 6706
Category:	downloaded
Size (bytes):	2671
Entropy (8bit):	7.9262129030965145
Encrypted:	false
SSDEEP:
MD5:	550BAE861D52DA7239F790A25E23118B
SHA1:	89E20A2011AE143EA47DF778641DC672370D5C7B
SHA-256:	16F1DE2597FEB5C8D195C525790C2600D3CE301BC57C25983118FF63C04E50DF
SHA-512:	B3A7725697F1E9970093E568F21F477A12D6F0F5B0A0EEE517BF50261041CB5F7AF51B04FD8A2EC0FDDC40A3140CB17A276EB29D2D32DC37C085413828B85734
Malicious:	false
Reputation:	unknown
URL:	https://widget.intercom.io/widget/ojy6gxax
Preview:	...........Y.s.8..+.wC.1....N/M...5.N...M.c.-@.....a..~...l ............x.....\|$....Y...+..]R.>%B.4X.b&C:...gOX.Q..H-.l.$l0$).RI.k.Ai12..WT.......0f. !j.....La.}.j.^:.T..D........x.@...+..+<..Kk-I....g:...G...il{.....`"...d.7.+.F).p..;..={........'..g..q.8....h5c.nd..G'G.i.N.9.....pUy.$M....=...EL...L.#.W..AJ..'.)...S9....zG.<.....G3..^.....".,..,.D......9..EV....T.$.D.}.....`..z..."g.Xp...~....u....,.V.$..}..}.%...%$......$.Y.c...R).+.PI.).l..T.YL..{..7....D...B0Z1.....We...$S....K...0.%P..F.B.....Vj?l.+u."...h......-.n..F..[....>.Q.8F.U..(..~...K....>tl.S.D...>..kt.5<.'...z].(......pC.V..pj.NH^.Q..V.......2?...Ibj..f.[.'#".v.....n,A...ydc...e.......P.B.h...k..:?>g..YD.=./.Y,..~_IJ...i..\|#..r.@}%)qT.q.AA...".?5.l..[....d?._o.n.w9%..%..{...}...v\.)[..e.D....V..^Z.+..._o....o...A.t.}....N.Q...Z.U6.)......z....LgG...=gjr-)&.b$N...s....`..I...1}..R.+..kd..........@.?+.h8..k./.DT6..R..#K. ..=Q$.r5...c&K.H..)....Eob....h)..F..!.c...H`z....._

Chrome Cache Entry: 160

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4468)
Category:	downloaded
Size (bytes):	4469
Entropy (8bit):	5.106168489616804
Encrypted:	false
SSDEEP:
MD5:	E8DDD32EEA042C11A852D7107BF84D6D
SHA1:	AFDB5B03AA6BB1A75912672E7709F160E0F2D9E4
SHA-256:	343099A267ED2C2F87E6B3D2D9B3A91DEA5B8F5C9720EE43E4E9B756C23D3FAE
SHA-512:	E93354B041760B2A7C498EFCAF387E99EB9455667F466D33D60C18CBA7D4CAA46B0C399CC4A8516F04CBC8862B14215CB45A588A154D05E31F2E1D0C237CADCA
Malicious:	false
Reputation:	unknown
URL:	https://ps6q3676.loginprotect.net/_nuxt/google.Bb_pkccs.css
Preview:	.main{background-color:#fff;justify-content:space-between;min-height:100vh;padding:0}@media (min-width:600px){.main{background:#f0f4f9;justify-content:center;padding:48px 0}}@media (min-width:600px) and (orientation:landscape){.main{background:#fff;justify-content:space-between;padding:0}}@media (min-width:960px){.main{background:#f0f4f9;justify-content:center;padding:48px 0}}.login-block{background-color:#fff;border-radius:0;display:flex;margin:0 auto;padding:16px 24px 24px;position:relative;width:100%}@media (min-width:600px){.login-block{border-radius:28px;min-height:528px;padding-left:24px;padding-right:24px;padding-top:96px;width:480px}}@media (min-width:600px) and (orientation:portrait){.login-block{padding-top:16px}}@media (min-width:600px) and (orientation:landscape){.login-block{border-radius:28px;min-height:unset;padding-left:24px;padding-right:24px;width:100%}}@media (min-width:960px){.login-block{border-radius:28px;min-height:382px;padding:38px 36px 36px;width:840px}}@media

Chrome Cache Entry: 161

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text
Category:	downloaded
Size (bytes):	3440
Entropy (8bit):	4.7243343179138435
Encrypted:	false
SSDEEP:
MD5:	80A47D416438981CF45C3B9A816F4628
SHA1:	65D0DDD23948BA91F9F1513119A29829B6C3DD47
SHA-256:	53772F2EA0DFB4FC157E2C879731005D25B228CB4674A0FF6E12B02300926729
SHA-512:	CD189DB4357B75F96EFA2C95BB418FF55FE7F3FBE8894928BA29AD42F618951D20F888C20A111DC07E06DE9FDF3B22930A4F9FDEB25A2D7EE1B9529A70A2D13A
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/you-got-phished?d=QALAHQu0HO56gLnZ_CF6N
Preview:	<!doctype html>.<html lang="en">. <head>. <meta charset="utf-8" />. <meta http-equiv="X-UA-Compatible" content="IE=edge" />. <meta name="viewport" content="width=device-width,initial-scale=1.0" />. <link rel="icon" href="/favicon.ico" />. <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png" />. <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png" />. <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png" />. <link rel="manifest" href="/site.webmanifest" />. <link. rel="preload". as="font". href="/fonts/Inter/Inter-Regular.woff". type="font/woff". crossorigin="anonymous". />. <link. rel="preload". as="font". href="/fonts/Inter/Inter-Medium.woff". type="font/woff". crossorigin="anonymous". />. <link. rel="preload". as="font". href="/fonts/Inter/Inter-SemiBold.woff". type="font/woff". crossorigin="anonymous". />.

Chrome Cache Entry: 162

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	200
Entropy (8bit):	4.942373347667344
Encrypted:	false
SSDEEP:
MD5:	3437AADDCDF6922D623E172C2D6F9278
SHA1:	F69066CF20141AC93418102D3EEE7C0225B8A623
SHA-256:	35DCC382EB69D00369D708708CDC545F3968B68FA5BBE3E728D11FEDD04F93BB
SHA-512:	2DAE5C5C30C6A0E763D8128F2CE1D467EAD432E582AB4EBB68E23991DB08F57490ABC0EED805FD33FAB5503C1737D9D47D4CC1090AE15D7391593FBB295D66E7
Malicious:	false
Reputation:	unknown
URL:	https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Preview:	<!doctype html><html><head><meta charset="utf-8"/><script defer="defer" src="https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js"></script></head><body></body></html>

Chrome Cache Entry: 164

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (64974)
Category:	downloaded
Size (bytes):	94801
Entropy (8bit):	5.2127907001112295
Encrypted:	false
SSDEEP:
MD5:	B12CE4565192AB0289FEA812008F40FE
SHA1:	A073CD63A82160B424D9EBDFB22AFC9FBED61DAA
SHA-256:	440E9843BCBEAD469CC0543E6A2ED12CE5CDF8D1CC27D61B1C743625F76D8F9D
SHA-512:	72369CFC2CCF5599081093317C7BE6A4CC223A2E6BD98D11FB3AD5C5F44DCAFBDBF639A21177B6E2AF343796C0080DDC39B8C056193D1A227B36B8DF46F41866
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/assets/6a992d5529f459a44fee58c733255e86.CTeVBgDW.js
Preview:	const __vite__fileDeps=["assets/6fceefc50e457ada3fb321f54f3e80bb.DpdPAYc8.js","assets/index-jvjANaE2.js","assets/index-CkzlrcBh.css","assets/6a992d5529f459a44fee58c733255e86.DH6vDoOx.js","assets/6a992d5529f459a44fee58c733255e86.DJ2toLBr.js","assets/6a992d5529f459a44fee58c733255e86.DNY4-AqD.js","assets/c188f2db5a79d48a586161fa8620f2f1.DS1Agtkw.js","assets/6a992d5529f459a44fee58c733255e86.CmD5shou.js","assets/6a992d5529f459a44fee58c733255e86.D3L-TPZH.js","assets/6a992d5529f459a44fee58c733255e86.Sljyozgh.js"],__vite__mapDeps=i=>i.map(i=>__vite__fileDeps[i]);.import{b8 as q,b9 as A}from"./index-jvjANaE2.js";var Ze=function(e,t){return Ze=Object.setPrototypeOf\|\|{__proto__:[]}instanceof Array&&function(r,n){r.__proto__=n}\|\|function(r,n){for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(r[i]=n[i])},Ze(e,t)};function L(e,t){if(typeof t!="function"&&t!==null)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");Ze(e,t);function r(){this.constructor=e}e.p

Chrome Cache Entry: 165

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	819703
Entropy (8bit):	4.597562701494799
Encrypted:	false
SSDEEP:
MD5:	2C7D48AF6BA1C8A156D7546511E00A5A
SHA1:	BE5C1B9DF8331FCD883C847EB818699522CA8B4E
SHA-256:	BAD2260AE799408EE0641214378D5F9A5D18AF0DDD397B457D652EC0C693B22F
SHA-512:	E8691A4790DBB180E2BFE7E3CF96A8D9848418D31AE749365B515D4B53992E3956AE20AE262D293A9DF415A91D01B181C4FC1FD84ADAE2231DB65D2FC0BBD9B3
Malicious:	false
Reputation:	unknown
URL:	https://ps6q3676.loginprotect.net/_nuxt/BFCZNSbT.js
Preview:	import{z as ze,r as ne,A as je,B as xe,C as qe}from"./CggZbbro.js";import{u as _e}from"./fCt9Ho7h.js";function Ee(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}var oe;oe={passwords:"123456,password,12345678,qwerty,123456789,12345,1234,111111,1234567,dragon,123123,baseball,abc123,football,monkey,letmein,shadow,master,696969,mustang,666666,qwertyuiop,123321,1234567890,pussy,superman,654321,1qaz2wsx,7777777,fuckyou,qazwsx,jordan,123qwe,000000,killer,trustno1,hunter,harley,zxcvbnm,asdfgh,buster,batman,soccer,tigger,charlie,sunshine,iloveyou,fuckme,ranger,hockey,computer,starwars,asshole,pepper,klaster,112233,zxcvbn,freedom,princess,maggie,pass,ginger,11111111,131313,fuck,love,cheese,159753,summer,chelsea,dallas,biteme,matrix,yankees,6969,corvette,austin,access,thunder,merlin,secret,diamond,hello,hammer,fucker,1234qwer,silver,gfhjkm,internet,samantha,golfer,scooter,test,orange,cookie,q1w2e3r4t5,maverick,sparky,phoenix,mickey,bigdog,snoopy,guitar,wh

Chrome Cache Entry: 166

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	5430
Entropy (8bit):	3.6534652184263736
Encrypted:	false
SSDEEP:
MD5:	F3418A443E7D841097C714D69EC4BCB8
SHA1:	49263695F6B0CDD72F45CF1B775E660FDC36C606
SHA-256:	6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770
SHA-512:	82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563
Malicious:	false
Reputation:	unknown
Preview:	............ .h...&... .... .........(....... ..... ............................................0...................................................................................................................................v.].X.:.X.:.r.Y........................................q.X.S.4.S.4.S.4.S.4.S.4.S.4...X....................0........q.W.S.4.X.:.................J...A...g.........................K.H.V.8..........................F..B.....................,.......................................B..............................................B..B..B..B..B...u..........................................B..B..B..B..B...{.................5.......k...........................................................7R..8F.................................................2........Vb..5C..;I..................R^.....................0................Xc..5C..5C..5C..5C..5C..5C..lv..........................................]i..<J..:G..Zf....................................................

Chrome Cache Entry: 167

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Category:	downloaded
Size (bytes):	88751
Entropy (8bit):	5.414296471740167
Encrypted:	false
SSDEEP:
MD5:	69CB7809B5011312E716F29B3D19DCE6
SHA1:	833DABFB546D57065AEBA7190B5EE5A2428DFA47
SHA-256:	E039E607C78306C7E029A7FD0ECDB14F86456F16E1A5CE65AA26B4FDF1D38A3C
SHA-512:	4259C8F940CFE4B7EC384E5ABD855713DA7792A955A7B737B75E45E6559A90292ADE59D7CCAB381EA4C2D0FA5109B4ABD9BFA0887C05C9FB1A27469D5E198A69
Malicious:	false
Reputation:	unknown
URL:	https://m.stripe.network/out-4.5.43.js
Preview:	var StripeM=function(e){var t={};function n(r){if(t[r])return t[r].exports;var _=t[r]={i:r,l:!1,exports:{}};return e[r].call(_.exports,_,_.exports,n),_.l=!0,_.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var _ in e)n.d(r,_,function(t){return e[t]}.bind(null,_));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=30)}([function(e,t,n){"use strict";(function(e){n.d(t,"a",(function(){retur

Chrome Cache Entry: 168

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	2
Entropy (8bit):	1.0
Encrypted:	false
SSDEEP:
MD5:	99914B932BD37A50B983C5E7C90AE93B
SHA1:	BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F
SHA-256:	44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
SHA-512:	27C74670ADB75075FAD058D5CEAF7B20C4E7786C83BAE8A32F626F9782AF34C9A33C2046EF60FD2A7878D378E29FEC851806BBD9A67878F3A9F1CDA4830763FD
Malicious:	false
Reputation:	unknown
URL:	https://px.ads.linkedin.com/attribution_trigger?pid=3663316&time=1718024234320&url=https%3A%2F%2Fhub.tryriot.com%2Fyou-got-phished%3Fd%3DQALAHQu0HO56gLnZ_CF6N
Preview:	{}

Chrome Cache Entry: 169

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 815 x 1205, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	421697
Entropy (8bit):	7.988601046575629
Encrypted:	false
SSDEEP:
MD5:	ED6638416A282A0AA905CB55A22B65B0
SHA1:	2F292FD3EB7C9594CDEEAD74794E51A022782245
SHA-256:	893597203D67101FAE5E2D44A0F66FEB71FD35F8F4396BBC6946657EA5E94165
SHA-512:	0388B0DFA36B4944964CC27DC5AC029A9C91C25D181AC1AA60D31E1C32572D87A0036FFEDBD3AAB5D925D9206C040B1433E73AC573F446D7A6C9EB1782E20FFD
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/assets/remedial-svg-lock-CP3kTWzi.png
Preview:	.PNG........IHDR.../..........w.....pHYs...%...%.IR$.....sRGB.........gAMA......a...n.IDATx........%..g.o.gF.5..@....H..e.\T..wN7...?#..`.so3.B7...]..w..-..=.f.F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..h4..F..`.9.?[..s...YIc.Y...h4..F..h4.!x.=r.Y>...e.QP..U......F..h4............(....H.l....D...F..h4..F...d`^.......z+.J@....F..h4..F..G....,-z.....V..t..h4..F..h\|....J .y.YG...N...j9.r4..F..h4..o...a..(8..^....F........L.........h4..w..9.cL...i\|......xQ.Kg23Y..(..-..F..m...F..h4~`....s.@x.^..(..Gr.....e...h4./t..h4...;..>..-".b...x.....:.20/...N.F....d.F..h4.......t....mg^6...C.K..4pA}.NE.h4.mt..h4...;.:.Q....>.4...'.... .A.].\| ...4..o.=P..F......To..r[X..I.g.mQ...HE?{.g.S..5..o....h4......j^.3....t1ys.."Y..F.~..9..a/..:..B...".).2>v....L..WuPiO.W...j....]..w...F..h\|.P.3..3.....Nm..UN.

Chrome Cache Entry: 170

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 512 x 512, 4-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	437
Entropy (8bit):	4.46626326157571
Encrypted:	false
SSDEEP:
MD5:	55F18C5724ED254EB0A9DFA07BBA7163
SHA1:	95F898CF26554D927CFD44904DB300118A7E5AB5
SHA-256:	4372BA442C34A332D3440973F127A9CD591725FF4F4519322245D0B52AAF1C32
SHA-512:	D22BADCF690C6F320D45FF4999CF55B58AEAAE0459371437B2B14366719EB8F95AE9E3E81A6BF5DA59A07FD4272C9C09AEE085A2556B5391E737352286CF97D4
Malicious:	false
Reputation:	unknown
URL:	https://eu.ui-avatars.com/api/?name=l&format=png&size=512&color=ffffff&color=423A16&background=F7E491&length=1&font-size=0.55&bold=true
Preview:	.PNG........IHDR..............V......PLTE.....t..ixl:g\/B:..`....[IDATx.........P+I.H...g7)...Fx.........................................s.... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... .E.(.r..kM....... @....... @....... @............................................c.B.F6.....IEND.B`.

Chrome Cache Entry: 171

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (966)
Category:	downloaded
Size (bytes):	967
Entropy (8bit):	5.207215474786704
Encrypted:	false
SSDEEP:
MD5:	4627DAB333C2A0D02CBDC25132781918
SHA1:	B09C9F6422CD7A13F6EAD0375004BBF7CF2AE501
SHA-256:	6635B7E90C75CFB5BA791FA82E80EE7B7B5BAA5DE549B1AE88D9840FD765CBA9
SHA-512:	1715A0429E5BF13D10AC2EEF55059940617912A782AA7D0E29BB70AECAB6DD206AA3FBB6FE54557E8FAF0D7A0DE813B8E0A1DF4AE9B461B63B5FFD75C71782EF
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/assets/Remedial-UCnL8UyW.css
Preview:	@keyframes pulse-c2661e99{to{box-shadow:0 0 0 10px transparent}}.pulsing[data-v-c2661e99]{animation:pulse-c2661e99 1.5s infinite cubic-bezier(.66,0,0,1);box-shadow:0 0 #111111b3}.bg-gradient[data-v-c9d3f93a]{background:linear-gradient(190deg,#d7c4fd80,#ffc2f180)}.layer[data-v-a82011bb]{position:absolute;top:0;right:0;bottom:0;left:0;height:510px;width:524px;-webkit-user-select:none;-moz-user-select:none;user-select:none}@media (min-width: 535px){.card[data-v-f7fcc427]{border-radius:.375rem;border-width:1px;border-color:rgb(168 165 184 / var(--tw-border-opacity));--tw-border-opacity: .3;--tw-shadow: 0 4px 6px -1px rgb(0 0 0 / .1), 0 2px 4px -2px rgb(0 0 0 / .1);--tw-shadow-colored: 0 4px 6px -1px var(--tw-shadow-color), 0 2px 4px -2px var(--tw-shadow-color);box-shadow:var(--tw-ring-offset-shadow, 0 0 #0000),var(--tw-ring-shadow, 0 0 #0000),var(--tw-shadow)}}@media (max-width: 535px){.card[data-v-f7fcc427]{min-height:100vh;justify-content:space-between}}.

Chrome Cache Entry: 172

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (376)
Category:	downloaded
Size (bytes):	826
Entropy (8bit):	5.041712273444367
Encrypted:	false
SSDEEP:
MD5:	79D71E6759C07E2161AA7B7E6EE16FAF
SHA1:	2DA6A9A1C4058607E769EC5EF7CB08EFEB3D3747
SHA-256:	F22D6C94C0B7F6ED369EA82B11ECF15A6989B79E075EE4342704003AB6CD978A
SHA-512:	BC7409593468F96BE12E4976B3737DFFA5F307A6CCBBFF82CAF4D9CA0366AF20B06F4808CD24D343373E2FB6F980283A33939AC0BB9FFA9153450E4686E3DE3B
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/assets/7a57c662a7565fd9eeb320f3d0f60d92.DxbJY9pw.js
Preview:	import{L as c,aC as l,G as r,aD as i,aE as s,M as d,P as m}from"./index-jvjANaE2.js";const g=o=>{const e=a=>{const t=o();t&&(a.returnValue=t)};c(()=>{window.addEventListener("beforeunload",e)}),l(()=>{window.removeEventListener("beforeunload",e)})},L=`. mutation UpdateEmployeeCustomLocale($locale: String!) {. employeePublicProfile {. updateLocale(input: {locale: $locale}) {. employee {. id. language. }. }. }.}. `;function p(){const o=r({useAuthHeaders:!1});return(e,a={})=>o({document:L,operationName:"UpdateEmployeeCustomLocaleMutation"},e,a)}const E=o=>{const e=i(),a=p();return async(t,n)=>{n&&!n.customLocale&&!e.value&&t&&await a({locale:s()},{headers:{Authorization:t}});const u=(n==null?void 0:n.customLocale)\|\|s();return d(m({customLocale:u}).code,o)}};export{g as a,E as u};.

Chrome Cache Entry: 174

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (14950)
Category:	downloaded
Size (bytes):	35392
Entropy (8bit):	5.3815165480639315
Encrypted:	false
SSDEEP:
MD5:	B16D94CF9AB1B1AB3C89515E2292B7A1
SHA1:	BE1A4148B3FA456AEA1871F7EDAB754AA48CC848
SHA-256:	3744BF4D5C032E40989D4EBCDA18D0EA58EAA118A839D676676BA51F949FE2E7
SHA-512:	85A5822612490193C8F963CA89F6CABC981A4CD13352F37ED708247CD6B530F056BC6C5042F374F90FD23CC0457195AD031661E015E3A64EBCB89854DC2BD36C
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/assets/78cef5d056a68ecb3412f31473defac3.Bl011Ez4.js
Preview:	import{d as v,o as c,c as h,a as o,b as p,_ as ce,w as Ae,u as R,e as f,f as r,g as A,t as m,h as l,A as Te,B as ie,i as Le,j as w,S as Pe,k as u,F as ue,r as Ce,n as W,l as $,m as z,p as de,I as H,q as Be,C as O,s as I,v as Ie,x as Ee,y as Ue,z as Q,T as N,D as me,E as U,G as ee,H as De,J as X,K as C,L as te,M as Fe,N as Me,O as ae,P as Ge,Q as pe,R as _e,U as J,V as Ne,W as oe,X as ze,Y as je,Z as Ye,$ as Oe,a0 as re,a1 as We}from"./index-jvjANaE2.js";import{u as qe}from"./3321673b766fb11248b36fbb293e9ef9.B9usaFFz.js";import{u as Ve,a as He}from"./7a57c662a7565fd9eeb320f3d0f60d92.DxbJY9pw.js";const Qe={class:"flex justify-end"},Xe=v({__name:"EmployeeProfileButton",props:{employee:{}},emits:["click"],setup(s){return(e,t)=>(c(),h("div",Qe,[o("div",{class:"flex items-center p-ds-6 bg-white rounded-full cursor-pointer shadow-ds-regular-1",onClick:t[0]\|\|(t[0]=Ae(a=>e.$emit("click"),["stop"]))},[p(ce,{src:e.employee.logoUrl,name:e.employee.name,size:"medium"},null,8,["src","name"])])]))}})

Chrome Cache Entry: 177

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	4.378783493486175
Encrypted:	false
SSDEEP:
MD5:	4C42AB4890733A2B01B1B3269C4855E7
SHA1:	5B68BFE664DCBC629042EA45C23954EEF1A9F698
SHA-256:	F69E8FC1414A82F108CFA0725E5211AF1865A9CEA342A5F01E6B2B5ABE47E010
SHA-512:	0631C6EFD555699CB2273107FE5AF565FEC2234344E2D412C23E4EE43C6D721CB2B058764622E44FD544D840FF64D7C866565E280127C701CAAB0A48C35D4F5C
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwlTESCBjR_5mRIFDYOoWz0SBQ3OQUx6?alt=proto
Preview:	ChIKBw2DqFs9GgAKBw3OQUx6GgA=

Chrome Cache Entry: 178

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (38634)
Category:	downloaded
Size (bytes):	311255
Entropy (8bit):	5.391312727915478
Encrypted:	false
SSDEEP:
MD5:	2AC9A77148D42E289D1FA7277AC3F248
SHA1:	DE942EE1349A6353BBC82DC00660AF168C2AEBDD
SHA-256:	2C4EAC73411A36CCA14FEF8B2C34CC54A1E349ABF5C61B6A118479043FD6B2E2
SHA-512:	2640C326DC0513DC50C18A911DF96F84BD6C256C43DE66B33CC7850BD0AF27B40FD41F6E7423C6E243059FDFC2144DC81FDE238EC5611332124B46CC2F13AB2C
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/assets/6a992d5529f459a44fee58c733255e86.C0q5ff2b.js
Preview:	const hc=Object.prototype.toString;function Mt(e){switch(hc.call(e)){case"[object Error]":case"[object Exception]":case"[object DOMException]":return!0;default:return et(e,Error)}}function mn(e,t){return hc.call(e)===`[object ${t}]`}function mc(e){return mn(e,"ErrorEvent")}function pi(e){return mn(e,"DOMError")}function od(e){return mn(e,"DOMException")}function Qe(e){return mn(e,"String")}function vo(e){return typeof e=="object"&&e!==null&&"__sentry_template_string__"in e&&"__sentry_template_values__"in e}function wo(e){return e===null\|\|vo(e)\|\|typeof e!="object"&&typeof e!="function"}function Lt(e){return mn(e,"Object")}function Xr(e){return typeof Event<"u"&&et(e,Event)}function id(e){return typeof Element<"u"&&et(e,Element)}function ad(e){return mn(e,"RegExp")}function Gn(e){return!!(e&&e.then&&typeof e.then=="function")}function cd(e){return Lt(e)&&"nativeEvent"in e&&"preventDefault"in e&&"stopPropagation"in e}function et(e,t){try{return e instanceof t}catch{return!1}}function _c(e

Chrome Cache Entry: 180

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 470699
Category:	downloaded
Size (bytes):	141166
Entropy (8bit):	7.998117681814393
Encrypted:	true
SSDEEP:
MD5:	F0B374CDBB5F238469B226F736C1E78D
SHA1:	7381F8029A235EC598597CBFFF78D00D2D2FF008
SHA-256:	076111E6FDEEB7AB2BE83795C6DFF0F1B3C719DC91AB0C83C4C323E8236ACDA3
SHA-512:	951A00885A6A841C01820DE7CAF8BFD6AAA19F1614B2B159226A885F2BA4286519996AF755D7A69B74D75D04D46C32814022F844E9E72727EC23AFA8B6554770
Malicious:	false
Reputation:	unknown
URL:	https://js.intercomcdn.com/frame-modern.52fa4978.js
Preview:	............w.H.(.W(.......H-GG..d...G.D....4...%......h.J..9.{gw,..cu.`.f..{;.p.3..,bn.a..h....S/.....r`..w..Ym7..M.7. v.n.....Z..z......q../....x;...n,n...76.;.......M.1.p...x.....E..>yp..o.F..>...r..AhT.l.FV...S............O..Ga0..V?px.zvqx{z.=...._..VY...._..Ed..y.Q...\|z....1=5Bs."+.Q......N.0.:..w..-.56...C.{.....Vs....k..W\..P=hl.[..lm...z..^..f.Z}S<.....&4....}[=..o7X..D<H...\.m....6=p./...-.X..r.. ....V....Z5.0...\.`[.f..p/.Y........d...My/.T.Q....h...Rmo..V]62..N..v.[[..<r..m5.....x.,{}..\g....`..Qo...7.."...6....0,. LWc...Q.MM....Zl.....N.T..l..t$.$3.pin.<...~..6....u1.. ..k.l......Z..\|cc],.w..l...5..8...f..6.b..).l.6.......%cj4..`.y?..z.....e....g.y...,....g.~.m.g.b..xm..$..NS.%.%c^om..fK..&..^knm.....0.f..0..%.0...l..F]\|.%....7.@....>.U...l...d....u...G....!.....>.Z.M..C.....U......8...(..7.lc{C..k.vp......V}....\|H.P..x.p..<..`X....`.F\!:.....#!%.$.6...$.a.u./..;...g.V.}n.MklO...j...X.e....x;....&............W.8t.qu

Chrome Cache Entry: 181

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (930), with no line terminators
Category:	downloaded
Size (bytes):	930
Entropy (8bit):	5.12292712843304
Encrypted:	false
SSDEEP:
MD5:	06BFCD88AF438673A8BF9B845A11AA6E
SHA1:	D024A745032CBE115526ABE648D9FA0F0A10A681
SHA-256:	947AC0903521F5ECEEFC90637C066306A8CA67466CCC188BB0107FB7CFB532D1
SHA-512:	6A37EA27F3AD16DE6BCB4C386D9F09962902AE2F2FDF76B6723CFF8155CD0B9D4504D1EA6ED3C4D5C9D49BE9C636EB9386BB13C9A787A71F02640A8EC939D180
Malicious:	false
Reputation:	unknown
URL:	https://m.stripe.network/inner.html
Preview:	<!doctype html><html><head><meta charset="utf-8"><title>StripeM-Inner</title></head><body><script>!function(){var e=document.createElement("script");e.defer=!0,e.src="out-4.5.43.js",e.onload=function(){var e;window.StripeM&&(e=window.location.hash,/ping=false/.test(e)\|\|(e=(e=e.match(/version=(4\|6)/))?e[1]:"4",window.StripeM.p({t:!0,v:e})),e=function(e){if(window.opener\|\|window.parent\|\|window)try{var i=((t=JSON.parse(e.data)).message\|\|t).action,t=t.message?t.message.payload:t;switch(i){case"ping":window.StripeM.p({t:!0,o:{muid:t.muid,sid:t.sid,referrer:t.referrer,url:t.url,title:t.title,v2:t.v2},v:t.version\|\|"4"});break;case"track":if(!t.source\|\|!t.data)return;window.StripeM.b({muid:t.muid,sid:t.sid,url:t.url,source:t.source,data:t.data},t.version\|\|"4")}}catch(e){}},window.addEventListener?window.addEventListener("message",e,!1):window.attachEvent("onMessage",e))},document.body.appendChild(e)}()</script></body></html>

Chrome Cache Entry: 95

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	137
Entropy (8bit):	4.483872350023047
Encrypted:	false
SSDEEP:
MD5:	56CB135498CF7DAC13FF8A9F57455C7E
SHA1:	7B3D636F1D77451AF0FBB4F277B6B9B4B7486378
SHA-256:	7FDAC25A32C8E41417846CF493BD904F164DC8313099BA3502CDAAE65EBF3B8A
SHA-512:	DA1A8E4A4C0612C472720EA43DB08A55FE9498FF75F461EA0115A6BE8B43DA40283727377F8CF933A23CCC99217355CEF8F428B75DD9D8D6C1AE4B1FEDE2E776
Malicious:	false
Reputation:	unknown
Preview:	{"url":"/api/attack/event/credentials-submitted","statusCode":404,"statusMessage":"Page Not Found","message":"Page Not Found","stack":""}

Chrome Cache Entry: 97

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8435)
Category:	downloaded
Size (bytes):	8436
Entropy (8bit):	5.174517687002171
Encrypted:	false
SSDEEP:
MD5:	EB7E8F072DFD619B493C8569457C9AA9
SHA1:	4A5A5D9BACA6E0CC7D5DD65D912850DE4576E4CA
SHA-256:	9F2AD2F0FC84817C5E8038E3A30350B59D8BC016B8E951F865FE38C62AA0F999
SHA-512:	A690779865A62328FA733D8E176F2276C9C4D08EF737D6C4C33BB4C2CBC639B997C4185D03221F2ECC373E5D4FAAE8EA33F9AF4B8E9D3A8B4EC8ACD466B7D7C4
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/assets/6a992d5529f459a44fee58c733255e86.DNY4-AqD.js
Preview:	import{_ as f,a as v,l as I,b as C,u as M,c as _,r as w,e as P,f as p,C as N,h as j,j as y,k as F,m as L,i as S,n as R,o as B,P as Q,q as W,s as G,t as T,v as U}from"./6a992d5529f459a44fee58c733255e86.CTeVBgDW.js";import{i as V}from"./c188f2db5a79d48a586161fa8620f2f1.DS1Agtkw.js";import"./index-jvjANaE2.js";function k(e){return e.toLowerCase().replace(".","").replace(/\s+/g,"-")}function D(e,t){return t===void 0&&(t=!1),t?btoa(e).replace(/=/g,""):void 0}function H(e){return("Integration"in e?e.Integration:e).prototype.name}function J(e,t,n){var i,a;try{var r=((a=(i=window==null?void 0:window.performance)===null\|\|i===void 0?void 0:i.getEntriesByName(e,"resource"))!==null&&a!==void 0?a:[])[0];r&&t.stats.gauge("legacy_destination_time",Math.round(r.duration),_([n],r.duration<100?["cached"]:[],!0))}catch{}}function K(e,t,n){var i;if("Integration"in e){var a={user:function(){return n.user()},addIntegration:function(){}};e(a),i=e.Integration}else i=e;var r=new i(t);return r.analytics=n,r}fun

Chrome Cache Entry: 98

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	97335
Entropy (8bit):	5.182329462571337
Encrypted:	false
SSDEEP:
MD5:	CA583933312BD33F2937F7931030FD54
SHA1:	91214711365205C6AFDCC4CF396D93E4F67E5771
SHA-256:	5324F558615F35AB8ED1B94F0B07D7C401E96C897EE2F91A4F8F3F36FA56C293
SHA-512:	E07FDC706E0E77AB43EBB80A0F949D8011CC65DBEA6438F5215BD9BB831F353E233E08E9A610CE6353F96BDD6B600CF54205A6FEE86EF550340701642FB72BFA
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/assets/index-CkzlrcBh.css
Preview:	.pop-enter-active[data-v-608f1562]{animation:pop-608f1562 .2s}@keyframes pop-608f1562{0%{transform:scale(.9)}50%{transform:scale(1.05)}to{transform:scale(1)}}.danger-shadow[data-v-2f9a9bf8]{box-shadow:0 5px 5px #ff5c6105,0 1px 3px #ff5c6166}.modal-shadow[data-v-55d02e12]{box-shadow:4px 108px 43px #00000005,2px 61px 37px #00000014,1px 27px 27px #00000024,0 7px 15px #00000029,0 0 #00000029}.modal-transition-enter-active[data-v-ad28ac26],.modal-transition-enter-active[data-v-ad28ac26] .modal,.modal-transition-leave-active[data-v-ad28ac26]{transition:all .1s linear}.modal-transition-enter-from[data-v-ad28ac26],.modal-transition-leave-to[data-v-ad28ac26]{opacity:0}.modal-transition-enter-from[data-v-ad28ac26] .modal{scale:.8!important}.modal-transition-enter-to[data-v-ad28ac26] .modal{scale:1}*,:before,:after{box-sizing:border-box;border-width:0;border-style:solid;border-color:currentColor}:before,:after{--tw-content: ""}html,:host{line-height:1.5;-webkit-text-size-adjust:100%;-moz-tab-size

Chrome Cache Entry: 99

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Java source, ASCII text
Category:	downloaded
Size (bytes):	298
Entropy (8bit):	5.020923583692243
Encrypted:	false
SSDEEP:
MD5:	002239B2220F5DCD1E7521742C355C8E
SHA1:	21C10CE7CB61A873ADA253644CEC08A41AD3350D
SHA-256:	A15F423AF3D669FF7534FB0C04F3D70F896ABCD9E0F9483177C37708E6C7E806
SHA-512:	EA1A4FCBA431431F6109AB94AB8F8ECC9580730E002FA7E4ABCC186E32601C2AF764D3F5C6B7FE508765701E92F0CD44E326F4FEDBD1ABBC62B372F1968D5EAC
Malicious:	false
Reputation:	unknown
URL:	https://hub.tryriot.com/assets/3321673b766fb11248b36fbb293e9ef9.B9usaFFz.js
Preview:	import{aF as e,aG as i,K as r,aH as u}from"./index-jvjANaE2.js";const d=(a,o=r())=>{const c=u(o),n=t=>{o.value&&(o.value==t.target\|\|o.value.contains(t.target)\|\|a(t))};return e(()=>{document.body.addEventListener("click",n)}),i(()=>{document.body.removeEventListener("click",n)}),c};export{d as u};.

Static File Info

⊘No static file info