Edit tour

Windows Analysis Report
https://resolve.picrights.com/700236898551

Overview

General Information

Sample URL:	https://resolve.picrights.com/700236898551
Analysis ID:	1465444

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Snort IDS alert for network traffic

HTML body contains low number of good links

HTML body contains password input but no form action

Stores files to the Windows start menu directory

Classification

×

Process Tree

System is w10x64_ra

chrome.exe (PID: 3676 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://resolve.picrights.com/700236898551 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 5160 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=2012,i,8515389233265462721,1635049981725015869,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

ETPRO TROJAN Terse HTTP 1.0 Request Possible Nivdort - Source IP: 192.168.2.4 - Destination IP: 35.214.137.3

Timestamp:	07/01/24-16:38:29.505044
SID:	2815568
Source Port:	49731
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

Joe Sandbox Signatures

• Phishing
• Compliance
• Networking
• System Summary
• Boot Survival

Click to jump to signature section

Show All Signature Results

Source: https://resolve.picrights.com/?ReturnUrl=%2f700236898551

HTTP Parser: Number of links: 0

Source: https://resolve.picrights.com/?ReturnUrl=%2f700236898551

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://resolve.picrights.com/?ReturnUrl=%2f700236898551

HTTP Parser: <input type="password" .../> found

Source: https://resolve.picrights.com/?ReturnUrl=%2f700236898551	HTTP Parser: No favicon
Source: https://resolve.picrights.com/700236898551	HTTP Parser: No favicon
Source: https://resolve.picrights.com/700236898551	HTTP Parser: No favicon

Source: https://resolve.picrights.com/?ReturnUrl=%2f700236898551

HTTP Parser: No <meta name="author".. found

Source: https://resolve.picrights.com/?ReturnUrl=%2f700236898551

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.17:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.22:443 -> 192.168.2.17:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.96.50:443 -> 192.168.2.17:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.17:49813 version: TLS 1.2

Networking

Snort IDS alert for network traffic

Source: Traffic

Snort IDS: 2815568 ETPRO TROJAN Terse HTTP 1.0 Request Possible Nivdort 192.168.2.4:49731 -> 35.214.137.3:80

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27

Source: global traffic	DNS traffic detected: DNS query: resolve.picrights.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: media.picrights.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: cdn.livechatinc.com
Source: global traffic	DNS traffic detected: DNS query: api.livechatinc.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.17:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.22:443 -> 192.168.2.17:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.96.50:443 -> 192.168.2.17:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.17:49813 version: TLS 1.2

Source: classification engine

Classification label: mal48.win@13/67@18/84

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://resolve.picrights.com/700236898551
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=2012,i,8515389233265462721,1635049981725015869,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=2012,i,8515389233265462721,1635049981725015869,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://resolve.picrights.com/700236898551	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
media.picrights.com	82.80.249.131	true	false		unknown
code.jquery.com	151.101.130.137	true	false		unknown
resolve.picrights.com	82.80.249.167	true	false		unknown
www.google.com	172.217.18.4	true	false		unknown
api.livechatinc.com	unknown	unknown	false		unknown
cdn.livechatinc.com	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://resolve.picrights.com/700236898551	false		unknown
https://resolve.picrights.com/?ReturnUrl=%2f700236898551	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
142.250.185.99	unknown	United States		15169	GOOGLEUS	false
82.80.249.167	resolve.picrights.com	Israel		8551	BEZEQ-INTERNATIONAL-ASBezeqintInternetBackboneIL	false
216.58.206.74	unknown	United States		15169	GOOGLEUS	false
172.217.18.4	www.google.com	United States		15169	GOOGLEUS	false
216.58.206.78	unknown	United States		15169	GOOGLEUS	false
82.80.249.131	media.picrights.com	Israel		8551	BEZEQ-INTERNATIONAL-ASBezeqintInternetBackboneIL	false
2.19.96.251	unknown	European Union		20940	AKAMAI-ASN1EU	false
142.250.185.202	unknown	United States		15169	GOOGLEUS	false
151.101.130.137	code.jquery.com	United States		54113	FASTLYUS	false
74.125.206.84	unknown	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
142.250.185.174	unknown	United States		15169	GOOGLEUS	false
142.250.181.228	unknown	United States		15169	GOOGLEUS	false
142.250.185.195	unknown	United States		15169	GOOGLEUS	false
142.250.186.40	unknown	United States		15169	GOOGLEUS	false
142.250.186.42	unknown	United States		15169	GOOGLEUS	false
2.19.96.40	unknown	European Union		20940	AKAMAI-ASN1EU	false

Private

IP
192.168.2.17

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1465444
Start date and time:	2024-07-01 16:40:55 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://resolve.picrights.com/700236898551
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	16
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.win@13/67@18/84

Warnings

Exclude process from analysis (whitelisted): TextInputHost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.99, 142.250.185.174, 74.125.206.84, 34.104.35.123, 142.250.185.202, 142.250.185.195, 216.58.206.74, 216.58.206.78, 142.250.186.40
Excluded domains from analysis (whitelisted): ssl.google-analytics.com, fonts.googleapis.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, fonts.gstatic.com, ajax.googleapis.com, clientservices.googleapis.com, clients.l.google.com, www.google-analytics.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://resolve.picrights.com/700236898551

LLM Input / Output

Input	Output
URL: https://resolve.picrights.com/?ReturnUrl=%2f700236898551 Model: Perplexity: mixtral-8x7b-instruct	{"loginform": false,"urgency": true,"captcha": false,"reasons": ["The webpage contains text that creates a sense of urgency, such as 'you should note that use of an image without a valid license is considered copyright infringement, in violation of copyright laws' and 'proceed to resolve the matter'.","The webpage does not contain a login form, but it does request a 'Reference Number' provided in correspondence received from PicRights.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]}
Title: PicRights OCR: PicRights.com Welcome to PicRights' Resolution Website 700236898551 PassWord We, at PicRights, help our customers protect their digital imagery. You should note that use of an image without a valid license is considered copyright infringement, in violation of copyright laws. By entering the Reference Number provided in the correspondence you received from us, you can view the imagery and its use on your website, and proceed to resolve the matter. Impressum SSL This site only uses stnctly usA,'CA +1 437 887 2292 Pie Rights Gn%H About SSL 8808 *fflkzn SZ uK 020 0607 Certificates CHE-1137.667 FR +33 972157995
URL: https://resolve.picrights.com Model: gpt-4o	```json{ "phishing_score": 3, "brands": "PicRights", "phishing": false, "suspicious_domain": false, "has_prominent_loginform": true, "has_captcha": false, "setechniques": false, "has_suspicious_link": false, "legitmate_domain": "picrights.com", "reasons": "The URL 'https://resolve.picrights.com' appears to be a subdomain of 'picrights.com', which is a legitimate domain associated with PicRights. The webpage has a prominent login form, which is common in both legitimate and phishing sites. There are no obvious social engineering techniques or suspicious links present. The site also displays SSL security badges and contact information, which are positive indicators. However, the presence of a login form without a CAPTCHA could be a minor concern. Overall, there is insufficient evidence to classify this site as a phishing site."}

URL: https://resolve.picrights.com/700236898551 Model: Perplexity: mixtral-8x7b-instruct	{"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form, so there is no request for sensitive information.","The text does not create a sense of urgency, as it does not pressure the reader to take immediate action.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]}
Title: PicRights OCR: Payment Have a question? PicRights.com Unlicensed Use of The Associated Press Imagery The Associated Press has retained PicRights to resolve image licensing issues on its behalf. The Associated Press is the copyright holder or authorized licensor of the imagery in question. PicRights is authorized to resolve this matter or answer your questions about this matter on behalf of The Associated Press. Below you can see the The Associated Press imagery in question on the left, and its use on your website on the right. Imagery used on your website Have a question? O Additional Supporting Documents. = SOA = SRA = RHF
URL: https://resolve.picrights.com/700236898551 Model: Perplexity: mixtral-8x7b-instruct	{"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form, so there is no attempt to collect sensitive information.","The text does not create a sense of urgency, as it simply presents information about an image licensing issue.","There is no CAPTCHA or other anti-robot detection mechanism on the webpage.","The webpage appears to be a legitimate notice from PicRights on behalf of The Associated Press regarding unlicensed use of its imagery."]}
Title: PicRights OCR: Payment Have a question? PicRights.com Unlicensed Use of The Associated Press Imagery The Associated Press has retained PicRights to resolve image licensing issues on its behalf. The Associated Press is the copyright holder or authorized licensor of the imagery in question. PicRights is authorized to resolve this matter or answer your questions about this matter on behalf of The Associated Press. Below you can see the The Associated Press imagery in question on the left, and its use on your website on the right. v Imagery used on your website v 20304588288480 hps://wwwl .wsrb.com/blogZpageL2 Represented image Usage on your website

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jul 1 13:41:25 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.989535051923168
Encrypted:	false
SSDEEP:
MD5:	F829C6253A65C3B67E2FBCFB3CB07EF7
SHA1:	6D2F878306A0EEEF51B082F5A2E4E37BA7355B76
SHA-256:	4F363AECD8043F93675F785568467A3C671B9BD18BA8EDE5BA19FF915CE3AF4E
SHA-512:	A4C97578B9CA8698FC9B482525CCE1EF13EE8091CDDF6ECD50D515CB9896F17EC3A10FF510D73BB95769F8BDC77234F048BFE6242D8DEA99F08FCE9B9AFA8DAC
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....5R..........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I.X%u....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X,u....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V.X,u....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V.X,u...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X-u...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........E..O.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jul 1 13:41:25 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.004537415623437
Encrypted:	false
SSDEEP:
MD5:	F20B1D37790A5ECF6F7DE5B45FC4DB3F
SHA1:	1C36916179FCD657ADDA7502E9DA274270131A93
SHA-256:	DFBC4276925E3526B0F01FA5D99F3CFF1BC9CD09513399C6DEAB5EFB252D5FF1
SHA-512:	73D7DBD1B801AAE6B43697096A4266EC219A719ADF6EDDF266141EFD24AC381328DAD113C56FCECD1E1C8B71A10E8CD95F7BFF78759418B9AADB711F8405257F
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,................y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I.X%u....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X,u....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V.X,u....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V.X,u...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X-u...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........E..O.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.01351487952299
Encrypted:	false
SSDEEP:
MD5:	C6ECB2773001400B7BE9F46A70F1C463
SHA1:	B9C8BFF123D160DF0F6B64623F2FE3E05EABB149
SHA-256:	6F6106A81DBDDB388AD4124615EB1B846124E12738C6E026E62EEC32B85D58E7
SHA-512:	CD2DD6B4C6998A3CAEC8687582E29D623156C0ECBDB758F1ECD49A08F49D8B24BE7A15B0BE1DF4F7BAA65574787D3A5644924646568C9B88B1E2D034FBEE3591
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....v. ;.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I.X%u....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X,u....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V.X,u....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V.X,u...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.N...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........E..O.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jul 1 13:41:25 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	4.004443156115889
Encrypted:	false
SSDEEP:
MD5:	43BCFE75A2B007461D547C3A0B681C2E
SHA1:	BB9B374D259D2341C9153BE4F70F55C7C4F78FFD
SHA-256:	5069D04AA9FE8FA94B48B099E7BCBD9541DE837764FA2E214AB85B48001A0B4D
SHA-512:	67345813F7A0EF72E205D5DDD26675ADFD527C01BC92880F887F8707C708C5EDC2F2B782E686EE7A6473B9F1394D274E3CB12D12EEDB1CEBC681F014390BE789
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.... ...........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I.X%u....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X,u....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V.X,u....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V.X,u...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X-u...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........E..O.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jul 1 13:41:25 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.994909156561599
Encrypted:	false
SSDEEP:
MD5:	551AA21A4232D26EAAE2D71E594DDCEC
SHA1:	4AE7374609857EE030EDFDB07F04907EECAA90D9
SHA-256:	8C839A412CFF145F18355405203F240C8D612138876B22E0C5544A750F106EE3
SHA-512:	3065B296E75C6BB1ADB2F6262D3B0889132D6701718F043EC18D274254FFB2C9BEAFA083CBD5A3B6F6C54D705E470E631101E09AB1A4414A395E33A9D8D90510
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,...............y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I.X%u....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X,u....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V.X,u....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V.X,u...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X-u...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........E..O.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jul 1 13:41:25 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	4.005306870389228
Encrypted:	false
SSDEEP:
MD5:	694BB1D2CCED1F6BF6B13E3E5567B22E
SHA1:	53B7A22D27F707375897D3371B4AA4DECB019401
SHA-256:	3DBC0B56626B24C6758A2839C76A4191ECEDE15519C443CC2A44DFA981B6A989
SHA-512:	B73A014F27185DAF39D0A506CE44B07626B217337D2CC28DDF6D8EEA673CE0E7B620917DEAFA42B0724914EB11550A3D782825A2207861779723AB1BD35C3D6D
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,................y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I.X%u....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X,u....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V.X,u....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V.X,u...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X-u...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........E..O.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 101

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (585), with CRLF line terminators
Category:	downloaded
Size (bytes):	19034
Entropy (8bit):	4.846427058546004
Encrypted:	false
SSDEEP:
MD5:	25AC7EAB43786F5E07FAEA409262E1EF
SHA1:	F95D0C335298AD4C4A97F9BF2C0EAC1E24025355
SHA-256:	24CD0ECE202873EEA3FB03EE321DF92294305954FE695DF36095FC876322CF66
SHA-512:	0AF922F7399846AAAAE1ED930F20361705EA7E610E2F00D00D81C3E43BC2B3307A2E0925F9D22D7BDF49C04E4DA70277811E8DF597FFC21FB2B42B43DAA71AA8
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/700236898551
Preview:	<!DOCTYPE html>..<html>..<head>.. <script>.. useTranslation = true;.. </script>.. <meta name="robots" content="noindex">.. <meta name="viewport" content="width=device-width" />.. <title></title>.. <link href="/Content/msdropdown/dd.css" rel="stylesheet"/>..<link href="/Content/msdropdown/flags.css" rel="stylesheet"/>.... <link rel="stylesheet" type="text/css" href="/Content/AbCollection/style_green.css">.. Mvc bundle ignores .min.js files-->.. <script src="/Scripts/AbCollection/vendor/jquery-3.7.1.min.js"></script>.. <script src="/Scripts/AbCollection/vendor/modernizr-2.8.3.min.js"></script>.. <script src="/Scripts/AbCollection/vendor/jquery.tools.min.js"></script>.. <script src="/Scripts/jquery-ui-1.13.2.js"></script>..<script src="/Scripts/AbCollection/ChatParameters.js"></script>..<script src="/Scripts/AbCollection/helper.js"></script>..<script src="/Scripts/AbCollection/main.js"></script>..<script src="/Scripts/AbCollec

Chrome Cache Entry: 102

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	downloaded
Size (bytes):	82401
Entropy (8bit):	5.226163295528552
Encrypted:	false
SSDEEP:
MD5:	C50E663F51193023EB88163A64479029
SHA1:	85FD702611C60AF363ACF86BC98A7DAFD519C2BC
SHA-256:	277F7E7565405ADB7265B05C09F5F99BCD403E8AC3B24C2AB4039693D425F916
SHA-512:	73023B3A927F119D2542A02FC8321ACB041FA8BE0AD2F5A9C0CE9A4BAE7F6CA0AC2DFF2463CB72CE92B3A2BF0484586CC21688BCF9ED269AA46E07842C6EFE2E
Malicious:	false
Reputation:	unknown
URL:	https://cdn.livechatinc.com/tracking.js
Preview:	!function(){"use strict";function e(e,t){return e+t}const{hasOwnProperty:t}={};function n(e,n){return t.call(n,e)}function i(){return(i=Object.assign\|\|function(e){for(var t=arguments.length,i=Array(t>1?t-1:0),o=1;t>o;o++)i[o-1]=arguments[o];return i.forEach((t=>{for(const i in t)n(i,t)&&(e[i]=t[i])})),e}).apply(void 0,arguments)}function o(e){return Array.isArray(e)}function r(e){return"object"==typeof e&&null!==e&&!o(e)}function a(e){if("keys"in Object&&"function"==typeof Object.keys)return Object.keys(e);const t=[];for(const n in e)Object.prototype.hasOwnProperty.call(e,n)&&t.push(n);return t}function s(e,t){return a(t).reduce(((n,i)=>(n[i]=e(t[i]),n)),{})}function c(e){return o(e)?e.map(c):r(e)?s(c,e):e}function l(e){return o(e)?e.filter((e=>null!=e&&!Number.isNaN(e))):Object.keys(e).reduce(((t,n)=>{const i=e[n];return null==i\|\|Number.isNaN(i)\|\|(t[n]=i),t}),{})}function d(e,t){for(let n=0;t.length>n;n++){const i=t[n];if(e(i))return i}}function u(e,t){for(let n=t.length-1;n>=0;n--)if

Chrome Cache Entry: 104

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (437), with CRLF line terminators
Category:	downloaded
Size (bytes):	54851
Entropy (8bit):	5.208373164824555
Encrypted:	false
SSDEEP:
MD5:	B95EAA448C81CD869EF49FF08A534886
SHA1:	A972E9B4F3F4B1FF5B2AF68FA30B59691BA5B9A2
SHA-256:	A831BEE9FE4C34B9BA696E80554C5AF6487C38B59F9844814103EB1F04B56D54
SHA-512:	1FC7F8FF15EECA02C738DC42668D6D639C4B739AEF910760BD0F0DC163C75F00853D3F47C88D0E55B5C549AC614282984242A2A7CF86FFBA6D22017754B85A66
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/vendor/msdropdown/jquery.dd.js
Preview:	// MSDropDown - jquery.dd.js..// author: Marghoob Suleman - http://www.marghoobsuleman.com/..// Date: 10 Nov, 2012 ..// Version: 3.5.2..// Revision: 27..// web: www.marghoobsuleman.com../..// msDropDown is free jQuery Plugin: you can redistribute it and/or modify..// it under the terms of the either the MIT License or the Gnu General Public License (GPL) Version 2../ ..var msBeautify = msBeautify \|\| {};..(function ($) {...msBeautify = {...version: {msDropdown:'3.5.2'},...author: "Marghoob Suleman",...counter: 20,...debug: function (v) {....if (v !== false) {.....$(".ddOutOfVision").css({height: 'auto', position: 'relative'});....} else {.....$(".ddOutOfVision").css({height: '0px', position: 'absolute'});....}...},...oldDiv: '',...create: function (id, settings, type) {....type = type \|\| "dropdown";....var data;....switch (type.toLowerCase()) {....case "dropdown":....case "select":.....data = $(id).msDropdown(settings).data("dd");.....break;....}....return data;...}..};....$.msDropDow

Chrome Cache Entry: 106

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 21 x 81, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3733
Entropy (8bit):	7.907058253244198
Encrypted:	false
SSDEEP:
MD5:	131F40A1E0B79516A041938CFBDA9218
SHA1:	2950374226ACF9EEB8215986C601D51B0EBD8C2F
SHA-256:	80E4AEBA9C1504EDAFEE5B17C80372E37952E4BEBEE214D96A0232B9BA83205C
SHA-512:	08AEF985C054FE9C681B06395B684F6F3AC74EB6200D3C7BC4C997EF1E6C0DF7330A2D6E0FD39F5F2856F35EF6FE2D91DA9F1D231F4E352168BC6B67CB7ACBA8
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/AbCollection/images/qBg_green.png
Preview:	.PNG........IHDR.......Q.....=.......pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 107

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 399x399, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.0.12], baseline, precision 8, 98x110, components 3
Category:	dropped
Size (bytes):	14278
Entropy (8bit):	7.8211455881942
Encrypted:	false
SSDEEP:
MD5:	4D3C8671040C542BC6E067EEF7D3FC97
SHA1:	16FA42C428015E8501A4F955520D9CFB3CE2C33B
SHA-256:	FCF5968697740A143452654A04C23422912ACFEEFAB27D9479AF6EE2889BB814
SHA-512:	8D61CB1E41260D26B1C9F71EB2C41F453E7E6613F9B2B314E278F6A036957B54091C101161388E4000706C2D519E606D30DCCEDCBE23AD478453DB393035491D
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.............hExif..MM..................>...........F.(...........1.........N....................paint.net 4.0.12.....C....................................................................C.......................................................................n.b.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.......7.......%.=...h_.j..`......1...O.zt.T....OJ.......&....d....=......R....\|g.....5.g..oe.......3.Y..s23...%..o..x..K......[[Xe.....!...Q..y...qE.j.$.....(&.... ..I]..).%+%...~>G-8....N7..P.d..R....F..5.K....5.._xGW....-sU. .R....v.....e../.[...n..

Chrome Cache Entry: 108

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	15423
Entropy (8bit):	4.6245269945757235
Encrypted:	false
SSDEEP:
MD5:	5BF72C90B235D9837BD2A3A154EC0488
SHA1:	2C79083060804BF3062749C99CB7464C02A3D573
SHA-256:	D6EA33572CA0C6C1D354BC8BBCDFC6B5CD94493D0D793918665463ABE367772F
SHA-512:	7C0805A5CC928347AFB5EF70632F8E7C0E5557965DA8422ABBA813A6AFA96596B06EB854A463618DCB5B6C7A8FE3FB190A23D578879DAF9AAF4BA93368C58310
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/CollectionSite/js/helper.js
Preview:	./*.. MBP - Mobile boilerplate helper functions.. /....(function (document) {.... window.MBP = window.MBP \|\| {};.... /.. Fix for iPhone viewport scale bug.. * http://www.blog.highub.com/mobile-2/a-fix-for-iphone-viewport-scale-bug/.. /.... MBP.viewportmeta = document.querySelector && document.querySelector('meta[name="viewport"]');.. MBP.ua = navigator.userAgent;.... MBP.scaleFix = function () {.. if (MBP.viewportmeta && /iPhone\|iPad\|iPod/.test(MBP.ua) && !/Opera Mini/.test(MBP.ua)) {.. MBP.viewportmeta.content = 'width=device-width, minimum-scale=1.0, maximum-scale=1.0';.. document.addEventListener('gesturestart', MBP.gestureStart, false);.. }.. };.... MBP.gestureStart = function () {.. MBP.viewportmeta.content = 'width=device-width, minimum-scale=0.25, maximum-scale=1.6';.. };.... /.. Normalized hide address bar for iOS & Android.. * (c) Scott Jehl, scottjehl.com.. * MIT Licen

Chrome Cache Entry: 109

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (32403), with CRLF line terminators
Category:	downloaded
Size (bytes):	97886
Entropy (8bit):	5.38719406916471
Encrypted:	false
SSDEEP:
MD5:	C6E4B8538D771B53A0890E61F342F75A
SHA1:	663EE2585BCB118E0DA786ED37B5EF95CFF19C52
SHA-256:	B4CD3DC8A5D8464510905102324F84189B59D708EC6B87C5E2E593402AE1F7CC
SHA-512:	952F69FC1ECFD1D9C677CD4C1FC5598D33C1F09F959B1E0182877E659085ADFA7C0FAAFFF69E0169F80C4ADB9CC71D0622185BD5F8B40E389C077627339A6067
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/AbCollection/vendor/jquery.tools.min.js
Preview:	/!.. jQuery Tools v1.2.7 - The missing UI library for the Web.. * .. * dateinput/dateinput.js.. * overlay/overlay.js.. * overlay/overlay.apple.js.. * rangeinput/rangeinput.js.. * scrollable/scrollable.js.. * scrollable/scrollable.autoscroll.js.. * scrollable/scrollable.navigator.js.. * tabs/tabs.js.. * tabs/tabs.slideshow.js.. * toolbox/toolbox.expose.js.. * toolbox/toolbox.flashembed.js.. * toolbox/toolbox.history.js.. * toolbox/toolbox.mousewheel.js.. * tooltip/tooltip.js.. * tooltip/tooltip.dynamic.js.. * tooltip/tooltip.slide.js.. * validator/validator.js.. * .. * NO COPYRIGHTS OR LICENSES. DO WHAT YOU LIKE... * .. * http://flowplayer.org/tools/.. * .. * jquery.event.wheel.js - rev 1 .. * Copyright (c) 2008, Three Dub Media (http://threedubmedia.com).. * Liscensed under the MIT License (MIT-LICENSE.txt).. * http://www.opensource.org/licenses/mit-license.php.. * Created: 2008-07-01 \| Updated: 2008-07-14.. * .. * -----.. * .. /../! jQuery v1.7.1 jquery.com \| jquery.org/license *

Chrome Cache Entry: 111

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	7179
Entropy (8bit):	4.917373282748434
Encrypted:	false
SSDEEP:
MD5:	2F0514D469C583CD1FE34D999E8B957C
SHA1:	64FA52B3E84B59ADF6C9A8EDDD49D789F98E6409
SHA-256:	3A679DF63F20B8DA5F8DF6D711E79AF1EBB1F8CEEDEF1967C165E657D4CA95C3
SHA-512:	09694C05173C096BFDA41C6A5B1CC2F7116CF7E41C969A42E7FD828A48DDF5E3D52A9CC9D07A1F1196217CE49EDCC6F0EFFED6BE35E99472A2EF23D7ABB104BD
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/CollectionSite/js/main.js
Preview:	var EMailAddress;..var useTranslation = true;......$(function () {.. if (!Number($("#TaxAmount").val())) {.. $(".TaxAmount").hide();.. }.. $("#changeLang p").click(function () {.. CallAnalyticsLanguageChange($(this).attr("value"));.. var pageUrl = window.location.href.replace("mes=", "s=");.. $('<form method="post" action="' + pageUrl + '"><input name="lang" value="' + $(this).attr("value") + '"></form>').appendTo('body').submit();.. });.... $(".picList dt").first().next("dd").slideToggle();.. $(".picList dt").first().toggleClass("active");.. //$(".picList dt, .bp dt").click(function (e) {.. // if (e.target.tagName.toLowerCase() != "a") {.. // $(this).next("dd").slideToggle();.. // $(this).toggleClass("active");.. // }.. //});.. try {.. $(".picList dd .mag, .dispute").overlay({.. mask: {.. color: '#fff',.. loadSpeed: 200,.. opacity: 0.8..

Chrome Cache Entry: 112

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 284 x 173, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	8067
Entropy (8bit):	7.915365339715315
Encrypted:	false
SSDEEP:
MD5:	7B3A108FD275926363E1E4CC81D25AA1
SHA1:	F48C3EB7085193F20C7EFD7795C105C6D8813689
SHA-256:	7F73CEB4EC4B6D5CF33316BD734F014DB2605C56BD382A41716C176DA974740E
SHA-512:	B46B1355A98E8F284DAB5344E0168196196F01BF85C70C9BEE30D7A1308DFAEC181DF84179EA6910852AB60D0C89D73D7A6C31F6DBE28D602B7D9F79729FFBBA
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR.............b.......tEXtSoftware.Adobe ImageReadyq.e<..."iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)" xmpMM:InstanceID="xmp.iid:2B1B6574BDDA11E5BCA3C1D7EF18AC03" xmpMM:DocumentID="xmp.did:2B1B6575BDDA11E5BCA3C1D7EF18AC03"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:2B1B6572BDDA11E5BCA3C1D7EF18AC03" stRef:documentID="xmp.did:2B1B6573BDDA11E5BCA3C1D7EF18AC03"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..8.....IDATx..]..]eu..0.<'.5....!.@..y...$..4.E]4.]R).e...Z..hU\...<\XYfQ..@j.w!.0@...c.. ....$.I2.L.....L..<.s.>..o..

Chrome Cache Entry: 113

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1195
Entropy (8bit):	6.614079559351088
Encrypted:	false
SSDEEP:
MD5:	6568BE914B154A06300667F373EEFF5B
SHA1:	0E9D27A07E528F408229DAD2E564387E075CD728
SHA-256:	D8EBA13B866D7CC6E7841C85C31D3153B07A49CCA7916D23D89CD8CFA0FAD33D
SHA-512:	E72D55ED9FC2CAE748DB422BF394378B6FF35A1A716F403309EF602BFFC83F05D3DE6BEBE78D5B5092160F1E76599818C72469491F41A99C08886A742B86EBF2
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/CollectionSite/Images/ex.png
Preview:	.PNG........IHDR.............;.J....tEXtSoftware.Adobe ImageReadyq.e<..."iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)" xmpMM:InstanceID="xmp.iid:C6EA707986D211E580B0F15B87363705" xmpMM:DocumentID="xmp.did:C6EA707A86D211E580B0F15B87363705"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:C6EA707786D211E580B0F15B87363705" stRef:documentID="xmp.did:C6EA707886D211E580B0F15B87363705"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......IDATx.b.`!.....9....G ...O.....e....C...I.?....J >..dBR`..!.M#.0......."t.Z@.....E....>``/.A6...{.8.Y.$ .G..

Chrome Cache Entry: 115

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	4194
Entropy (8bit):	5.120397404738739
Encrypted:	false
SSDEEP:
MD5:	27D5E3E6B3FBC86B26135CAA63D11A05
SHA1:	529AD0DBA0ECF87458354F0B302C9D9BDC0222AB
SHA-256:	90ABBAF964259875F02976FAB824C0BA83035A23DC9260A8DAB4996B960E6821
SHA-512:	C38F0C0C336B7A5A360A5EFFF083DD185F4FE9CE6F53264D2043C2C22EDB9D3E054ACE173886AE0D992C536709BE999B345171179D0790ACB3613372C53FBCCB
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/msdropdown/dd.css
Preview:	.borderRadius{-moz-border-radius:5px; border-radius:5px; }...borderRadiusTp{-moz-border-radius:5px 5px 0 0; border-radius:5px 5px 0 0;}...borderRadiusBtm{-moz-border-radius:0 0 5px 5px ; border-radius:0 0 5px 5px;}.....ddcommon {position:relative;display:-moz-inline-stack; zoom:1; display:inline-block; display:inline; cursor:default;}...ddcommon ul{padding:0;margin:0;}...ddcommon ul li{list-style-type:none;}...borderRadiusTp ul li:last-child{-moz-border-radius:0 0 5px 5px ; border-radius:0 0 5px 5px;border-bottom:0 none #c3c3c3; }...borderRadiusBtm ul li:first-child{-moz-border-radius:5px 5px 0 0; border-radius:5px 5px 0 0 ;border-bottom:1 solid #c3c3c3; }.....ddcommon .disabled img, .ddcommon .disabled span, .ddcommon.disabledAll{..opacity: .5; / standard: ff gt 1.5, opera, safari /..-ms-filter:"alpha(opacity=50)"; / ie 8 /..filter:alpha(opacity=50); / ie lt 7 /..-khtml-opacity:.5; / safari 1.x /..-moz-opacity:.5; / ff lt 1.5, netscape */..color:#999999;..}.....ddcommon:focu

Chrome Cache Entry: 116

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1305)
Category:	downloaded
Size (bytes):	46274
Entropy (8bit):	5.48786904450865
Encrypted:	false
SSDEEP:
MD5:	E9372F0EBBCF71F851E3D321EF2A8E5A
SHA1:	2C7D19D1AF7D97085C977D1B69DCB8B84483D87C
SHA-256:	1259EA99BD76596239BFD3102C679EB0A5052578DC526B0452F4D42F8BCDD45F
SHA-512:	C3A1C74AC968FC2FA366D9C25442162773DB9AF1289ADFB165FC71E7750A7E62BD22F424F241730F3C2427AFFF8A540C214B3B97219A360A231D4875E6DDEE6F
Malicious:	false
Reputation:	unknown
URL:	https://ssl.google-analytics.com/ga.js
Preview:	(function(){var E;var g=window,n=document,p=function(a){var b=g._gaUserPrefs;if(b&&b.ioo&&b.ioo()\|\|a&&!0===g["ga-disable-"+a])return!0;try{var c=g.external;if(c&&c._gaUserPrefs&&"oo"==c._gaUserPrefs)return!0}catch(f){}a=[];b=n.cookie.split(";");c=/^\sAMP_TOKEN=\s(.?)\s$/;for(var d=0;d<b.length;d++){var e=b[d].match(c);e&&a.push(e[1])}for(b=0;b<a.length;b++)if("$OPT_OUT"==decodeURIComponent(a[b]))return!0;return!1};var q=function(a){return encodeURIComponent?encodeURIComponent(a).replace(/\(/g,"%28").replace(/\)/g,"%29"):a},r=/^(www\.)?google(\.com?)?(\.[a-z]{2})?$/,u=/(^\|\.)doubleclick\.net$/i;function Aa(a,b){switch(b){case 0:return""+a;case 1:return 1a;case 2:return!!a;case 3:return 1E3a}return a}function Ba(a){return"function"==typeof a}function Ca(a){return void 0!=a&&-1<(a.constructor+"").indexOf("String")}function F(a,b){return void 0==a\|\|"-"==a&&!b\|\|""==a}function Da(a){if(!a\|\|""==a)return"";for(;a&&-1<" \n\r\t".indexOf(a.charAt(0));)a=a.substring(1);for(;a&&-1<" \n\r\t".i

Chrome Cache Entry: 117

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	126
Entropy (8bit):	4.96916088096786
Encrypted:	false
SSDEEP:
MD5:	E42C6E8D53F729335F696908FEAECAE2
SHA1:	4957A6FEC5760AF54EBCDFE620A0252CED08CB79
SHA-256:	1853DBE955A13D7ADEFE04E56D51499CEF0B29248CFF16A758D73D7A23C05ABC
SHA-512:	6AB20DADE3A520ED2FAAEFA8A9DCA8A3B17816791F807B3E01AD73AC34D4237E58342C4ACA8133C0B49D32B01A7C95F43B43946BCB41A9CE4CFEA919E478D61D
Malicious:	false
Reputation:	unknown
URL:	https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=5973981&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fresolve.picrights.com%2F700236898551&channel_type=code&jsonp=__cm2z1uyknr4
Preview:	__cm2z1uyknr4({"organization_id":"893ef77a-3180-4677-b07e-cea96da11f7c","livechat_active":false,"default_widget":"livechat"});

Chrome Cache Entry: 118

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	697
Entropy (8bit):	4.905799389713344
Encrypted:	false
SSDEEP:
MD5:	B7A1F519A3D30638BD5FD3BF3A5FF253
SHA1:	4EFB2569C2622B1F60711958A449C92A1918A8EF
SHA-256:	1BCFDF599DFA54F3F49EED68314453FE92A75ACFD9841E8D872C5891706A12C8
SHA-512:	508F3B9B4AE8B0F68BDC95206B3177C6DACB49A69D653A6C218C9C40F2DBD4E098F87E62C0D25D3804D5E713D721EB511C7E07D6E1C76F292012F350117348EA
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/AbCollection/vendor/ChatWrapper.js
Preview:	.var LC_API = LC_API \|\| {};..var livechat_show = false;....LC_API.on_before_load = function () {.. // show the chat window only if visitor is currently chatting with an agent.. if (LC_API.visitor_engaged() === false && livechat_show === false) {.. LC_API.hide_chat_window();.. }..};....LC_API.on_chat_started = function () {.. livechat_show = true;..};....LC_API.on_chat_window_minimized = function () {.. LC_API.hide_chat_window();..};....LC_API.on_chat_window_hidden = function () {.. //$("#showChatLink").show();.. livechat_show = false;..};....function showChat() {.. //$("#showChatLink").hide();.. livechat_show = true;.. LC_API.open_chat_window();....}

Chrome Cache Entry: 119

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2343)
Category:	downloaded
Size (bytes):	52916
Entropy (8bit):	5.51283890397623
Encrypted:	false
SSDEEP:
MD5:	575B5480531DA4D14E7453E2016FE0BC
SHA1:	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1
SHA-256:	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
SHA-512:	174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A
Malicious:	false
Reputation:	unknown
URL:	https://www.google-analytics.com/analytics.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var n=this\|\|self,p=function(a,b){a=a.split(".");var c=n;a[0]in c\|\|"undefined"==typeof c.execScript\|\|c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length\|\|void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};function q(){for(var a=r,b={},c=0;c<a.length;++c)b[a[c]]=c;return b}function u(){var a="ABCDEFGHIJKLMNOPQRSTUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;.function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r\|\|u();v=v\|\|q();for(var c="",d=0;;){var e=b(-1),f=b(0),h=b(64),g=b(64);if(64===g&&-1===e)return c;c+=String.fromCharCode(e<<2\|f>>4);64!=h&&(c+=String.fromCharCode(f<<4&240\|h>>2),64!=g&&(c+=String.fromCharCode(h<<6&192\|g)))}};var w={},y=function(a){w.TAGGING=w.TAGGING\|\|[];w.TAGGING[a]=!0};var ba=Array.isArray,c

Chrome Cache Entry: 120

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	784
Entropy (8bit):	4.596035786928307
Encrypted:	false
SSDEEP:
MD5:	5EF297B5889D5A03F874A2C0FE7C51C2
SHA1:	65B19D2919830DAF64A6E559D63F9165E0075629
SHA-256:	5E01373ED1E3559B6B56FA1E1DE922AF01F4B0AD5D9BD36B23B720C27B8189E9
SHA-512:	FA357D60F2EA7FA2391B4E35484803F0984E19251D59F6ADB84AE3B401D51FF15AD43A33343AA7E2ABB7211DDF81B2B1479099FBFAEDEEAB55B290FB1CAD2D44
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/CollectionSite/js/plugins.js
Preview:	// Avoid `console` errors in browsers that lack a console...(function() {.. var method;.. var noop = function () {};.. var methods = [.. 'assert', 'clear', 'count', 'debug', 'dir', 'dirxml', 'error',.. 'exception', 'group', 'groupCollapsed', 'groupEnd', 'info', 'log',.. 'markTimeline', 'profile', 'profileEnd', 'table', 'time', 'timeEnd',.. 'timeline', 'timelineEnd', 'timeStamp', 'trace', 'warn'.. ];.. var length = methods.length;.. var console = (window.console = window.console \|\| {});.... while (length--) {.. method = methods[length];.... // Only stub undefined methods... if (!console[method]) {.. console[method] = noop;.. }.. }..}());....// Place any jQuery/helper plugins in here...

Chrome Cache Entry: 121

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 13, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	979
Entropy (8bit):	7.163182396945713
Encrypted:	false
SSDEEP:
MD5:	B00FB080D17B079DA5C9D6B3E61C8F77
SHA1:	A8F51F8D899995532F972DE4F31652A48C2AF23E
SHA-256:	9E0F1490CE35CA47FE46EA5E18697FE60A7F93FCDC4A239B596AF09B4ECA9FBE
SHA-512:	9302C44C44ECD2133D72E637A162154B32BCE3C7D0D24464B03F4F365FB190E171AD263FBEF582878CE843B8CAA6DB4528114D060CF61BD300A0EBF3C6F3853F
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............N>.....sRGB........ cHRM..z&..............u0...`..:....p..Q<....pHYs................YiTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.4.0">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:tiff="http://ns.adobe.com/tiff/1.0/">. <tiff:Orientation>1</tiff:Orientation>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>.L.'Y....IDAT(.}..n.@......S).m^.+V..]...+^.....B.T.:u<c{~8w.P/.#..s.9.\[...........h....;...z]a.r..\|....3........]....b..7.ty.`..RK.i-{.@]\p.%q.P.X....q..EU...;..[..Kt.t....G.}..".E(c....m{.e......_.@.0.Fj...{.J!O...8)...........1..SR.D.....'R.........<t\...Z.m...R.3JRK..o_aw.d?..V..?A<...[...../R{..q......!?9F1c.o..p....,GO..?SK1B.H...q......,M.;."..d.\|p...".b...K(..j..yV.\|..B.. x1!.(VST...C.DR.v..Y*-7..%...D.m...y.^.N.y...\|.T.(.....c'....E..!L.\.4...C..1..\|'.I<..K..S......Q........IEND.B`.

Chrome Cache Entry: 122

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 13, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	548
Entropy (8bit):	7.431142061431753
Encrypted:	false
SSDEEP:
MD5:	18BE2D80DB38529A8F14DA63013861C6
SHA1:	699A94754801EAF5FA91B2E8F69450FC05F50D4E
SHA-256:	EDD162C7BD271B695629EE97E3560B327B4D0ABFF1DF68EE2D5E3135510D891E
SHA-512:	7E65B904DDE7DFE5E50858FC14980BE44A5B790F114271DBBFD9224C5F50AEBD9F0678D1B60DA4A34E999A6CD842D6C05A7F10DBCAE1D3053535AA4547DA4BC6
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............N>.....sRGB.........gAMA......a.....pHYs..........+......IDAT8O..K/.Q../Q$U.G....X..R.i.f!.;B$l.../.z\|....,,}......;.....6CK.I.s....9g..\.C.>..d2...m.TD...%..><...;d..O.oz]d0...e...>.....6E:M8.Y\0AZ.'.5...tO.G...F.Jap2..u....X.....~.@.....e..A..&N.@.....h.y.)..k..................w.1.)[8.*8...R(.#2r.......;...Q.8..+.0....H.,....B.......-=x.E$.v\.uH...k...9.D....^A.;.R..W..N....I....@z6....=.... .(..<x .-A.k.H.....@.!.X.'.V."..:.L....W.......bc....q.sdj.....n........t.........IEND.B`.

Chrome Cache Entry: 123

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x333, components 3
Category:	dropped
Size (bytes):	19008
Entropy (8bit):	7.947617158222552
Encrypted:	false
SSDEEP:
MD5:	24A95244377C78EA0CB44A5B854FD84E
SHA1:	A97641A0F18DED4CF30D15EAD094B342D1CE20D1
SHA-256:	CAD26F98B48ACFEF4A0DEB7E7F21D5D918E276403B918D74B00514A25D74B49F
SHA-512:	611321FA66AE9768F53AE46D643031A8CE63F253CC1FFB5EFAD3B90A8FD75617E6154AE3A16A0A5652674807D75093F9FE0E3225A367BB28C5264D0F4853A66B
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....H.H.....C.....................................'!..%..."."%()+,+. /3/2'+...C..............*************************************************......M...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...O....0.J<..].%.w....G....o.1.Ji..(.7....K <;~t.(.K..(....F.............M.W..'..kG.5..:..}...s...8....{./^...H..s.qJ...%-t..K..(......Q@./..IE./..Hii(...1@..zR....b..?/.....RAo=....?...&.#......]...o'.^H.'...Gc.6..".d..'5.S.N;jtC.9o..A._.D.[.H.%..#n\..^..P..............YG.<..Z...VM4UZ*..6....#.o./..^..\c.=.G..'..7..B.L_.N.?..>.......t....H..N...

Chrome Cache Entry: 125

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (369), with CRLF line terminators
Category:	downloaded
Size (bytes):	29192
Entropy (8bit):	5.151977149620984
Encrypted:	false
SSDEEP:
MD5:	7F0B1DDA792C28E7191B9B2587E92889
SHA1:	8678B705E5F99FC283734108BBB1F5E064167BC0
SHA-256:	E951DD6AE10788D3CEBD5687E49E565C4E4E5854E64BB7EC9C2C8385C0714925
SHA-512:	989ADEFCCAB2703C97FA0E4D00467A1C3574F4D37B02F7B46EABC4571D1B886D0827CFBF5E13D5ACE28C7764103A06712C49E6C795387073603B0833AB8A7DFC
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/AbCollection/style_green.css
Preview:	/! normalize.css v1.1.3 \| MIT License \| git.io/normalize /..@import url(https://fonts.googleapis.com/css?family=Roboto:400,700,900,100);..article, aside, details, figcaption, figure, footer, header, hgroup, main, nav, section, summary { display: block; }....audio, canvas, video { display: inline-block; }....audio:not([controls]) { display: none; height: 0; }....[hidden] { display: none; }....html { -ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%; }....button, html, input, select, textarea { font-family: sans-serif; }....body { margin: 0; }....a:focus { outline: dotted thin; }..a:active, a:hover { outline: 0; }....h1 { font-size: 2em; margin: .67em 0; }....h2 { font-size: 1.5em; margin: .83em 0; color: #23282b; }....h3 { font-size: 1.17em; margin: 1em 0; color: #23282b; }....h4 { font-size: 1em; margin: 1.33em 0; }....h5 { font-size: .83em; margin: 1.67em 0; }....h6 { font-size: .67em; margin: 2.33em 0; }....abbr[title] { border-bottom: 1px dotted; }....b, strong { font-wei

Chrome Cache Entry: 127

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	2063
Entropy (8bit):	5.203407247495648
Encrypted:	false
SSDEEP:
MD5:	88F79579E824B46438D49123F9DEB2C8
SHA1:	15FE78F19CE60702D91D2383CE0B7A4ADA9B0078
SHA-256:	5510469E871FF5FEEAEBA8C395710591EC2FF5A04610DE64DB610C5A6C64715B
SHA-512:	042E29B771EFF935906655654E5A511E370AD8E14EB52ECF237F2473740043DA3B36DB64F04F553F90892AE5B8BFCC615AF51EBF7A2F1E3DB64276F31851FAD2
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/CollectionSite/js/googleAnalytics.js
Preview:	.window['ga-disable-UA-44912714-1'] = true;..(function (i, s, o, g, r, a, m) {.. i['GoogleAnalyticsObject'] = r; i[r] = i[r] \|\| function () {.. (i[r].q = i[r].q \|\| []).push(arguments).. }, i[r].l = 1 * new Date(); a = s.createElement(o),.. m = s.getElementsByTagName(o)[0]; a.async = 1; a.src = g; m.parentNode.insertBefore(a, m)..})..(window, document, 'script', '//www.google-analytics.com/analytics.js', 'ga');......ga('create', trackerId, 'picscout.com');..ga('send', 'pageview');........var _gaq = _gaq \|\| [];.._gaq.push(['_setAccount', trackerId]);.._gaq.push(['_trackPageview']);....var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;..ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';..var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);........function CallAnalyticsImagePreview() {.. _gaq.push(['_trackEvent', 'PreviewMatch', 'click', '

Chrome Cache Entry: 129

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1912 x 1040, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	2644282
Entropy (8bit):	7.986235595247239
Encrypted:	false
SSDEEP:
MD5:	B9E060DFE21AC68822701D2926C7ADA7
SHA1:	4E75356D13DAAFC8ED4F37C3C8C0C0B3AA2AA127
SHA-256:	FB2BCFE5ED5816154A4CF6895B40DBC74D06DFAF8432CA16CCC7F7B737127495
SHA-512:	8C4B1B7DBDF2750882C1F9C47A1414FF3E5834AD6FC02398667BD1431E93899271F523E630D45895EC7A9EED16AA4177B62752E0D77C3783F81FAB39DA38D4C2
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...x............"....sRGB.........gAMA......a.....pHYs..........o.d....tEXtSoftware.Greenshot^U......IDATx^...p.W.....E..7.c#&..v...v.=..I....U....=@.B...x.:...Z....DI.%e(Q.%J..z/Z...w.$..D.. ..._."..?O.<.U$...$.;{..D........S...g)........J)..RJ)..RJ.=...e.\|...'..?~...G..8r.....U..w..@\|..m..3.fJ)..RJ)..RJ..7h.)..g..=..}.......~.....}........o ...6.;.o&.fJ)..RJ)..RJ..4h....v....._\|.{...}........)...[..........$.fJ)..RJ)..RJ5'n.\|..9.2....}..KWz{.....7..C\|..Y3....)..RJ)..RJ)..A...'.tw........3.8...$...~.[....K)..RJ)..RJ.....O.>..........K.....!..\|'......R\|W..^J)..RJ)..RJ.5'h.,......?.rf2..w..L\|?..3..^J)..RJ)..RJ.5'n.\|..o...>Q.=B&..f...o).fJ)..RJ)..RJ'r.\|\|..?.p....2..7..O\|K.4SJ)..RJ)..R:A..'..>\|\|...\|....2..7..O\|K.]5\|{)..RJ)..RJ)..d.L.....RJ)..RJ)..RM......)..RJ)..RJ).d.L.....RJ)..RJ)..RM......)..RJ)..RJ)......+"<._..o.........M.>ct.A.^.1(.7..!...fJ)..RJ)..RJ5G.4.....s......?...?...w..h..:.....Z.\|..o.y.....a.A.=_..RJ)..

Chrome Cache Entry: 132

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (14756), with CRLF line terminators
Category:	downloaded
Size (bytes):	15418
Entropy (8bit):	5.32518972893926
Encrypted:	false
SSDEEP:
MD5:	9D6981C7347B118E0942D4B71C7328C4
SHA1:	666DC176FCAB1D0F08603A3A20F7398FB6985E56
SHA-256:	4D9BC12D794ED221AE1CBEBBBEBA7B267305C6DC94704412E6CFEA0E156A5237
SHA-512:	070108CD389ABEDAACEC9FB7FC31DCFF80517B432B2B23CC8CAFC6E8FA1C3913292BFD12C1E8D164DE2E4279CB6D65AB76809A3CCE1FF767B9021B70373B775B
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/CollectionSite/js/vendor/modernizr-2.6.2.min.js
Preview:	/* Modernizr 2.6.2 (Custom Build) \| MIT & BSD.. * Build: http://modernizr.com/download/#-fontface-backgroundsize-borderimage-borderradius-boxshadow-flexbox-hsla-multiplebgs-opacity-rgba-textshadow-cssanimations-csscolumns-generatedcontent-cssgradients-cssreflections-csstransforms-csstransforms3d-csstransitions-applicationcache-canvas-canvastext-draganddrop-hashchange-history-audio-video-indexeddb-input-inputtypes-localstorage-postmessage-sessionstorage-websockets-websqldatabase-webworkers-geolocation-inlinesvg-smil-svg-svgclippaths-touch-webgl-shiv-mq-cssclasses-addtest-prefixed-teststyles-testprop-testallprops-hasevent-prefixes-domprefixes-load.. */..;window.Modernizr=function(a,b,c){function D(a){j.cssText=a}function E(a,b){return D(n.join(a+";")+(b\|\|""))}function F(a,b){return typeof a===b}function G(a,b){return!!~(""+a).indexOf(b)}function H(a,b){for(var d in a){var e=a[d];if(!G(e,"-")&&j[e]!==c)return b=="pfx"?e:!0}return!1}function I(a,b,d){for(var e in a){var f=b[a[e]];if(f!==c)

Chrome Cache Entry: 133

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	8725
Entropy (8bit):	5.408832871814157
Encrypted:	false
SSDEEP:
MD5:	E25764D415A17D73CDDA8E345A9B01A2
SHA1:	E59334D8CCFFC8DD84B9FF4AA897975F4126866F
SHA-256:	8DB82DFA8F933AAE71141A73C0B11B16586144C4A07871493432CFDC1DE4E585
SHA-512:	4738AFD10DE1699D36BF0256AABF39D75FCF0E50A50FE290105D74B486BF2AA383F577F2E778B9C2E3162334F243B1966EC33A8B41FB2A432289379087DBA05C
Malicious:	false
Reputation:	unknown
URL:	"https://fonts.googleapis.com/css?family=Roboto:400,700,900,100"
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxFIzIFKw.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxMIzIFKw.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxEIzIFKw.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxLIzIFKw.woff2) format('woff2');. unicode-range:

Chrome Cache Entry: 134

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	15373
Entropy (8bit):	4.630993904287687
Encrypted:	false
SSDEEP:
MD5:	8D3A536904B662132F8D3E3D48E22918
SHA1:	D483156D603B4F823AF7618ACCC13A3B97A21877
SHA-256:	475F3FC5BB9F9ABD3E0D15ADE7A5CDD881DE5F1A71592D5F085248262648498D
SHA-512:	9EE4C2510DA8321F3DFBA78FE8EADC3C4F44698037A9D45663F156ED2C99916EDB27D25A78135C374961A64C28D11D7356617CFE46974EB63A2EC83113E401CE
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/AbCollection/helper.js
Preview:	/*.. MBP - Mobile boilerplate helper functions.. /....(function(document) {.... window.MBP = window.MBP \|\| {};.... /.. Fix for iPhone viewport scale bug.. * http://www.blog.highub.com/mobile-2/a-fix-for-iphone-viewport-scale-bug/.. /.... MBP.viewportmeta = document.querySelector && document.querySelector('meta[name="viewport"]');.. MBP.ua = navigator.userAgent;.... MBP.scaleFix = function() {.. if (MBP.viewportmeta && /iPhone\|iPad\|iPod/.test(MBP.ua) && !/Opera Mini/.test(MBP.ua)) {.. MBP.viewportmeta.content = 'width=device-width, minimum-scale=1.0, maximum-scale=1.0';.. document.addEventListener('gesturestart', MBP.gestureStart, false);.. }.. };.... MBP.gestureStart = function() {.. MBP.viewportmeta.content = 'width=device-width, minimum-scale=0.25, maximum-scale=1.6';.. };.... /.. Normalized hide address bar for iOS & Android.. * (c) Scott Jehl, scottjehl.com.. * MIT License..

Chrome Cache Entry: 135

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	49387
Entropy (8bit):	4.694590156872652
Encrypted:	false
SSDEEP:
MD5:	F0E2DC54CE66B6BF9D9916AEBD45B9AB
SHA1:	4BA3CA0ED10521EB83901CE93DC83164229A6017
SHA-256:	F7CDEC245B3C44D3CFA7CC3DD9278BD090B021D4FD71C49093DE8CE9A435483B
SHA-512:	D12AC28860EB07EDB37EE766BE4CD09CD612ED8848BC56EDAB759D350230E1B3AA35C98905B67E10AB2602E5DD01AC876A9AC7443C60488F16ED8A97C5807601
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/modernizr-2.5.3.js
Preview:	/!.. Modernizr v2.5.3.. * www.modernizr.com.. .. Copyright (c) Faruk Ates, Paul Irish, Alex Sexton.. * Available under the BSD and MIT licenses: www.modernizr.com/license/.. /..../.. * Modernizr tests which native CSS3 and HTML5 features are available in.. * the current UA and makes the results available to you in two ways:.. * as properties on a global Modernizr object, and as classes on the.. * <html> element. This information allows you to progressively enhance.. * your pages with a granular level of control over the experience... .. Modernizr has an optional (not included) conditional resource loader.. * called Modernizr.load(), based on Yepnope.js (yepnopejs.com)... * To get a build that includes Modernizr.load(), as well as choosing.. * which tests to include, go to www.modernizr.com/download/.. .. Authors Faruk Ates, Paul Irish, Alex Sexton.. * Contributors Ryan Seddon, Ben Alman.. */....window.Modernizr = (function( window, document, undefined ) {....

Chrome Cache Entry: 137

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2363)
Category:	downloaded
Size (bytes):	36662
Entropy (8bit):	5.274856471619552
Encrypted:	false
SSDEEP:
MD5:	3C2DA607F80184551F63B34EC1333F7A
SHA1:	E6BB00A0EA07DAA01A9537FE66A448F77AF8AB56
SHA-256:	8473ED670B978405CB4EF7A6822385043B30107E0DAE82A008326C6ED237CE51
SHA-512:	D2CD89DD93F96E04B3B7A90C6EC8BA5C38C4D2EE3CCAA4D860CFFDEBD83F5566A2B29DE1420BD4D8F578F3FD4BE2657A682B54F0C6AD5374C5298EB38D47F643
Malicious:	false
Reputation:	unknown
URL:	https://code.jquery.com/ui/1.13.2/themes/smoothness/jquery-ui.css
Preview:	/! jQuery UI - v1.13.2 - 2022-07-14. http://jqueryui.com.* Includes: core.css, accordion.css, autocomplete.css, menu.css, button.css, controlgroup.css, checkboxradio.css, datepicker.css, dialog.css, draggable.css, resizable.css, progressbar.css, selectable.css, selectmenu.css, slider.css, sortable.css, spinner.css, tabs.css, tooltip.css, theme.css.* To view and modify this theme, visit http://jqueryui.com/themeroller/?ffDefault=Verdana%2CArial%2Csans-serif&fwDefault=normal&fsDefault=1.1em&cornerRadius=4px&bgColorHeader=cccccc&bgTextureHeader=highlight_soft&bgImgOpacityHeader=75&borderColorHeader=aaaaaa&fcHeader=222222&iconColorHeader=222222&bgColorContent=ffffff&bgTextureContent=flat&bgImgOpacityContent=75&borderColorContent=aaaaaa&fcContent=222222&iconColorContent=222222&bgColorDefault=e6e6e6&bgTextureDefault=glass&bgImgOpacityDefault=75&borderColorDefault=d3d3d3&fcDefault=555555&iconColorDefault=888888&bgColorHover=dadada&bgTextureHover=glass&bgImgOpacityHover=75&borderColorHover=9

Chrome Cache Entry: 138

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65447)
Category:	downloaded
Size (bytes):	87533
Entropy (8bit):	5.262536918435756
Encrypted:	false
SSDEEP:
MD5:	2C872DBE60F4BA70FB85356113D8B35E
SHA1:	EE48592D1FFF952FCF06CE0B666ED4785493AFDC
SHA-256:	FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
SHA-512:	BF6089ED4698CB8270A8B0C8AD9508FF886A7A842278E98064D5C1790CA3A36D5D69D9F047EF196882554FC104DA2C88EB5395F1EE8CF0F3F6FF8869408350FE
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/AbCollection/vendor/jquery-3.7.1.min.js
Preview:	/! jQuery v3.7.1 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

Chrome Cache Entry: 140

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 13, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	649
Entropy (8bit):	7.541609616006669
Encrypted:	false
SSDEEP:
MD5:	3CEDEAFA1907B1A8F6F23738028D8989
SHA1:	493DDA5F260202914C5E8F399B3AC4AF67559276
SHA-256:	E8D4D04F97AA5F335772F15EC02420E7ADEE7EC3478E7C2FF90A9A1CE4155A32
SHA-512:	DEF709298F6AD446A02DBF108C96459942C8B69C3FE65230746CE22AFC73D64BA0C7FDEAF8F0376EDCD976A2063D4C891E55D337218239B0561CB2BA66B5D5C2
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/Flags/italy.png
Preview:	.PNG........IHDR..............N>.....sRGB.........gAMA......a.....pHYs..........+......IDAT8O..Mo.Q..`Lha.\.h)X.u1030.....S.hcl..?.ta...X.6n..PfjBju.../Z^..J...&of..9....oK..$pK"EFx).Kw..j...o.^..I.Z.../_.qe....o.2%..............S.1...`....t.~..N..n..v...S.....:...V..W..A..bOT.A.J....3..8....s.3...C..yJF#L.VJB./QEkTQY....M....#AN...}..@....P.(..B..n...i...Z.C6.,.....k..`......F...F.N...+......vl....Udft..VK.=......c...+bm..........'..Z....e.+,:]6....vi.l.... .&..f...Q..#...^..<....,.7....{. >....D."..=+..CK..e?...X...-...........t...-\|&t.A.;Y..%D...WdD.E......7.M.M.q`..4.i..o.=..nJ.;.Y....?.p"]2d.~.....IEND.B`.

Chrome Cache Entry: 141

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1004)
Category:	downloaded
Size (bytes):	529159
Entropy (8bit):	5.068587196203611
Encrypted:	false
SSDEEP:
MD5:	CBC65FF85E08B21D7E0C0394FBF3A371
SHA1:	0EBABCD2C6DA47BDE11FADF331A02C98845B0A8D
SHA-256:	C4B0FB9E123AD9F72C1192B6FEFF0BB0171BE251BB76050B92E5E85C1FE3F757
SHA-512:	CA70D36E3179AD41EC5818F3EE7B258EBAD25AA2D33C968E47349EE5A1821713A28116519B0334E72FA4B82B716A8092CD5181D4ACB75DE459B0385B48B7735D
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/jquery-ui-1.13.2.js
Preview:	/! jQuery UI - v1.13.2 - 2022-07-14. http://jqueryui.com.* Includes: widget.js, position.js, data.js, disable-selection.js, effect.js, effects/effect-blind.js, effects/effect-bounce.js, effects/effect-clip.js, effects/effect-drop.js, effects/effect-explode.js, effects/effect-fade.js, effects/effect-fold.js, effects/effect-highlight.js, effects/effect-puff.js, effects/effect-pulsate.js, effects/effect-scale.js, effects/effect-shake.js, effects/effect-size.js, effects/effect-slide.js, effects/effect-transfer.js, focusable.js, form-reset-mixin.js, jquery-patch.js, keycode.js, labels.js, scroll-parent.js, tabbable.js, unique-id.js, widgets/accordion.js, widgets/autocomplete.js, widgets/button.js, widgets/checkboxradio.js, widgets/controlgroup.js, widgets/datepicker.js, widgets/dialog.js, widgets/draggable.js, widgets/droppable.js, widgets/menu.js, widgets/mouse.js, widgets/progressbar.js, widgets/resizable.js, widgets/selectable.js, widgets/selectmenu.js, widgets/slider.js, widgets/sorta

Chrome Cache Entry: 143

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	40
Entropy (8bit):	4.512814895472355
Encrypted:	false
SSDEEP:
MD5:	EAD7A3429D23F30E298E243373809BF2
SHA1:	B4D98C4B5767175C3AEAD26DB1A2D8630FCC5822
SHA-256:	3240413298FDDA89DC8F85B2AA94F5268B03CDFDB0D76ADDCE87A83064AB6CF9
SHA-512:	261EC38D00F89DC5A0DE2F8EF346F4188DBC1AC08703E08259F4FA0D59798A226974B86BDD2F2462F51591214C643F9904BC73E83572741CC59F3D67A6DF4742
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSFwlSqWmrgJ5AfxIFDbx3JZcSBQ3OQUx6?alt=proto
Preview:	ChoKCw28dyWXGgQIVhgCCgsNzkFMehoECEsYAg==

Chrome Cache Entry: 145

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 13, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	215
Entropy (8bit):	6.190570803004852
Encrypted:	false
SSDEEP:
MD5:	56A3F8AED7B76E1D1EE8BD970C0B9C8B
SHA1:	1CBDE2F3193B3405356848A7C369DE955789EB01
SHA-256:	18881E06E12D532CC85B0DB8D08A2E29A0D90079B608FD0F2715501A9C5D4D03
SHA-512:	C2F8955D5981AEF6BC6A29BC36440E295625A60C2425C5DE49D45BF4828043E4A9A2804C7DE953DD05D0C33B48D82E37975F231310676365D7D14F759FAE991A
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............PN^....sRGB.........gAMA......a.....pHYs..........+.....lIDAT8O....0..]..0.,@6D..,...%..#%%B...No.>[T.F..!..=E.d...0...>.+._1......%.8c...BA\|..W..9..&...L......'....Y.b.....IEND.B`.

Chrome Cache Entry: 147

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 16 x 32
Category:	downloaded
Size (bytes):	204
Entropy (8bit):	6.37880145383071
Encrypted:	false
SSDEEP:
MD5:	F522C8699FD0952BE7384E79E165129B
SHA1:	32EA8B622203B9AE72A90BFA3E70377382866142
SHA-256:	643A59E6F3EAFA4737E6FD7ECE340C446841502DB00086F10B4052859251E908
SHA-512:	DDEA8B5E06E70832681AE859ABE4F4926EFD420D4F62257752BB105106C3506BDF7E4EF5CC8841B367FE68140D84A277E8453CA7F1E6B161629B830B56474249
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/msdropdown/skin1/dd_arrow.gif
Preview:	GIF89a.. ..............................?.B(.,".&.........................B.E...........2...~~~............!.......,...... ...I`'.di.h..l.np,.. ...].l.....Xq..@......tJ.ZQ..vk.$........Ivb...KA.J....;

Chrome Cache Entry: 148

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 60 x 41, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	6566
Entropy (8bit):	7.939875743051019
Encrypted:	false
SSDEEP:
MD5:	5E67A93167D5899243927B702E555007
SHA1:	55C2FF008F977B2FD3DC66808C35504F918F1BA5
SHA-256:	9D9EA155D39703797DAE5DC3E4E3F0480D42D3EFE7C3BA57D710A32619B7AEBA
SHA-512:	F75DC03B1A8D9CDB20DACE6ED51CB517F00DB814269038CC38F56C1570B304DE0A26F9374AAB2E638C5615147CF4659E1A22E2EA83C1212E04EEBF2B3B523BE0
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/CollectionSite/Images/ssl-icon.png
Preview:	.PNG........IHDR...<...).....i.JZ....gAMA....7......$iCCPICC Profile..8..U.o.T.>.oR..? XG...US[......I...J....$.:7......O{.7...@...H<!..b{....IS..IH{...!&..U.vb'S.\...9.9.;.^.D=_i...U......$......M...K...N-..................N.#.z..."O.n..}...Q..k.K.....i.......6.....}..x..'=N!?.........<..f/.a_....Un.."f....ar../.q.1....u..].X....c....+.T..?....K._..Ia......\|.x.Q...}t..G__......{.p..M.ju1{.....%..#8.ug......V...c..Si.a..J}.._.qV...Z...#.d......?.......:73...KWkn..A..YQ..2.;^..)m.......v....J...&..fzg............t..y.?.:/....].Rb...G.DD#N.-b.J;.P.2..F6<%2....a1"O..l.y9.......-.Q.;.p..X?S....b..0.g...7...K.:....rm:..}(..OuT.:NP..@}(.Q..........K+.#O.14[.. ..hu7.>.kk?..<......kkt.q..m.6.n.....-.mR.;`z.....v..x#.=\..%..o.Y..R.......#&.?.>........n._....;j..;.$}*}+.(}'}/.L.tY.".$].....9..%.{._a..]h.k.5'SN.{.......<...._..............t..jM.{-...4.%.....T..t.Y...R6....#.v\..x:..'H..O...3.....^.&.......0::.m,L%.3.:qVE..t...]~....I.v.6..W...).

Chrome Cache Entry: 149

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (12162), with CRLF line terminators
Category:	downloaded
Size (bytes):	13777
Entropy (8bit):	4.840261560853169
Encrypted:	false
SSDEEP:
MD5:	C28451969B556D469EBEB9DD50F26654
SHA1:	21C29D83AB953A9D141A568F0D2A0C5126623119
SHA-256:	2FC2ED3A5E98E981484EB8AC0912D4029BCD5243CE956DBE8C6E8067BBB87122
SHA-512:	15163426E2FD71384C34F87EBB6B01CF8332D63DACAA6FB6484DB680AD9A914FFAB5AA20A6C000E8D758EB8F953676EC99FF592A7EFFAAF445E87DF39F1F97F0
Malicious:	false
Reputation:	unknown
URL:	https://media.picrights.com/v1/Files/PicScout.IT.Common.TLDs.js
Preview:	var wwwTlds=["ac","ad","ae","aero","af","ag","ai","al","am","ao","aq","ar","arpa","as","asia","at","au","aw","ax","az","ba","bb","bd","be","bf","bg","bh","bi","biz","bj","bm","bn","bo","br","bs","bt","bv","bw","by","bz","ca","cat","cc","cd","cf","cg","ch","ci","ck","cl","cm","cn","co","com","coop","cr","cu","cv","cw","cx","cy","cz","de","dj","dk","dm","do","dz","ec","edu","ee","eg","er","es","et","eu","fi","fj","fk","fm","fo","fr","ga","gb","gd","ge","gf","gg","gh","gi","gl","gm","gn","gov","gp","gq","gr","gs","gt","gu","gw","gy","hk","hm","hn","hr","ht","hu","id","ie","il","..........","im","in","info","int","io","iq","ir","is","it","je","jm","jo","jobs","jp","ke","kg","kh","ki","km","kn","kp","kr","kw","ky","kz","la","lb","lc","li","lk","lr","ls","lt","lu","lv","ly","ma","mc","md","me","mg","mh","mil","mk","ml","mm","mn","mo","mobi","mp","mq","mr","ms","mt","mu","museum","mv","mw","mx","my","mz","na","name","nc","ne","net","nf","ng","ni","nl","no","np","nr","nu","nz","om",

Chrome Cache Entry: 150

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 13, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	580
Entropy (8bit):	7.204427547642225
Encrypted:	false
SSDEEP:
MD5:	C945BA51C43AA9EEEB755DBE777955E4
SHA1:	4B69D9D5470E2B83DFD50A369088E31C50CBB942
SHA-256:	B0BCA69676BA23A5A955F1987ADC4EC0DB2978960439779E1F02D965B28FB60A
SHA-512:	75559ACA5E2A097E000ABC97D8B986871E15F6BC7E09DA294557824540653E4E3F090D7D8306969BC186B07DCF8D73774C5E1FE3A4052EB87D9C3DDDBE04BFD5
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............N>.....sRGB.........gAMA......a.....pHYs..."...".......0tEXtDescription.2D illustration of the flag of Spain........tEXtCopyright.Bigstock.`.X....tEXtComment.ID:4304875...4...aIDAT8O...J.A...&...4FI.F.....Vi$... X...Z.F......@.....D.......&.=....F..,..s.{..!...C>.$.q.F.pP......'.h...?!.<..'...}.m-.~[.c........j....(.gP,. E..x.<....._....P;YF)?......5...&Q.R.i.0.h..n........wk..lC.b...o..r7.J>.......~.P=.@..`-.>c.......Y<4r..sx<^.]}..I_..q4.%....?.&.1!+q....It.S..q.........t.;.+..0.'.o.`,.D.PQk.?..[S.d.8>...O.A/........IEND.B`.

Chrome Cache Entry: 151

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 100, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	4172
Entropy (8bit):	7.812241798894021
Encrypted:	false
SSDEEP:
MD5:	5E2B25E9A38131879DC23E866614E92A
SHA1:	E82941F0A77BC8B2B38B76EC9FA12A47AF5C07C4
SHA-256:	643E9BA544A861A5CB50969C8CA45D5B3097600BF40FA092915C6B8AD9CE07BD
SHA-512:	6837C28770A6DD0C732785305C894074C15B55ADE4D8D07F1435BD68512ECB0DA45D37E35A944A670E793A3BC7C55BDAFE16414AC5F090BE0A638558FED826DF
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/CollectionSite/Images/mag.png
Preview:	.PNG........IHDR...0...d........f....tEXtSoftware.Adobe ImageReadyq.e<...MiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS6 (13.0 20120305.m.415 2012/03/05:21:00:00) (Windows)" xmpMM:InstanceID="xmp.iid:CAE2311DAE4611E29F35B8A08ACB0E38" xmpMM:DocumentID="xmp.did:CAE2311EAE4611E29F35B8A08ACB0E38"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:CAE2311BAE4611E29F35B8A08ACB0E38" stRef:documentID="xmp.did:CAE2311CAE4611E29F35B8A08ACB0E38"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......IDATx...iT.W.&.B.... ..x.Thm..q.gN.7.H+...uj.93=g6...Ngm.v\.Z..n..:

Chrome Cache Entry: 153

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	100
Entropy (8bit):	4.660120962176606
Encrypted:	false
SSDEEP:
MD5:	912E931BF67F232674DCD486A7FFE881
SHA1:	2128BE30054DC484E52E69DF117EE9E725134C8B
SHA-256:	593439BC8593E1B500F06B04D2007289E79AFC09DEDE96FD206C8658FEC38CBD
SHA-512:	5F97BF3CB896E80D743B75C1FDBB2CB216B7BE7E40ECE32C4CBA09FF0CB5B504A690D07034EA9DFD4AFEAF90C1582AAD58186925122C2BC6FD6504E3F2FFD115
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSJQkFRUDxoF7zZRIFDfTByKYSBQ2Qz1AMEgUNIoqPaxIFDU4zjIYSHgk3hUNnvXSD-hIFDaDDOpkSBQ2Qz1AMEgUN2NNeVw==?alt=proto
Preview:	CigKBw30wcimGgAKCw2Qz1AMGgQICRgBCgcNIoqPaxoACgcNTjOMhhoACh8KBw2gwzqZGgAKCw2Qz1AMGgQICRgBCgcN2NNeVxoA

Chrome Cache Entry: 155

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	4.2359263506290326
Encrypted:	false
SSDEEP:
MD5:	D9C76AED25FEBAB5575B56D5373C13A6
SHA1:	45BA9B4A29845BE449DF688B3CCD1850D7D4B980
SHA-256:	AED8CA47E86B245524F61C7324057B23BACB614678CFA059E4AF3254CA884CC3
SHA-512:	0BDB6815534A60A261C7C8A4F00219894BF1E4B4A4F302957970CD0D9F5E911E16A675257E2C9CD6C8E208B9A0845C67C9E3ED6F4E506AC08C5C8F027317EB88
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSFwn6AZyqe6zTWBIFDfkv2KUSBQ39jTy8?alt=proto
Preview:	ChIKBw35L9ilGgAKBw39jTy8GgA=

Chrome Cache Entry: 156

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65447)
Category:	downloaded
Size (bytes):	75266
Entropy (8bit):	5.267156221153447
Encrypted:	false
SSDEEP:
MD5:	AC4CD41321F4DB07B7CBA182182DDB75
SHA1:	C2F006E19777CEEF065DBB1A2BF16372EAA7B5F4
SHA-256:	EC7B3B1B73D9420EC05B1AFB94535D7482792B0464EDE9D4FB70062A2D3BD058
SHA-512:	999B0C385EE31B3D72425693CBA83F58ABE7DF2B368C6DACBBD69FF533FE4B4D1EE618C4AA2AEE38CFC36C050C1EA4B23F211B638C06F1BFF49A5D57C77E13F9
Malicious:	false
Reputation:	unknown
URL:	https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
Preview:	/! jQuery v3.7.1 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

Chrome Cache Entry: 157

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	777
Entropy (8bit):	4.992600230587684
Encrypted:	false
SSDEEP:
MD5:	A103ED518493C4905AE817D1AB820D92
SHA1:	7893D38F95A511D3FEA57D08A5EA207E69B44EC9
SHA-256:	9FEDC9A4C010967F905A5566E3F71D53ED992C5280A5C2EA6E56BCA651FD6D58
SHA-512:	2288F0B3F2A30B051EB03999C6738C577181A15F7ADA8844966EFBE87DBCD755F4457E2C756FD017E2A32EEF325647C2ECDEE6DE79C87D922B9261EAE2D9E58B
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/AbCollection/vendor/liveChat.js
Preview:	.var __lc = {}; // !!! Do NOT rename this var, reserved name for tracking.js of livechatinc..__lc.license = ChatParameters.chatLicense;..__lc.params = [.. { name: 'Case-ID', value: ChatParameters.caseId },.. { name: 'REF-ID', value: ChatParameters.refId },.. { name: 'Page', value: document.title }..];....(function () {.. var scriptLiveChat = document.createElement('script');.. scriptLiveChat.type = 'text/javascript';.. scriptLiveChat.async = false;.. scriptLiveChat.src = ('https:' == document.location.protocol ? 'https://' : 'http://') + 'cdn.livechatinc.com/tracking.js';.... var scriptFirstElement = document.getElementsByTagName('script')[0];.. scriptFirstElement.parentNode.insertBefore(scriptLiveChat, scriptFirstElement);..})();........

Chrome Cache Entry: 158

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	113
Entropy (8bit):	4.332893328768201
Encrypted:	false
SSDEEP:
MD5:	F3FF7C3A703298E092AECE0E82152ACA
SHA1:	95801480BFC1C2EF773ADF609D1AF07CC84A30C1
SHA-256:	C88338781902C7872FADAB038B5527CA379700B936B3073AA31540E1B92A75C8
SHA-512:	AEEDE4EC2271574C3E3589AB275DFB97C0A8B90F480990295A2ADEC68983C6F4142EDEC9ACFCB1691FC876D061CACE77E17956555DA3A6473D80A5F11757D156
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/AbCollection/ChatParameters.js
Preview:	.var ChatParameters = new function() {.. var chatLicense = "";.. var caseId = "";.. var refId = "";..}

Chrome Cache Entry: 159

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	26413
Entropy (8bit):	5.123965690573269
Encrypted:	false
SSDEEP:
MD5:	21A0C8FCBD7F747ED28C8F634694553E
SHA1:	177E22B23E76FE4C346020F69A6F007E8BDA7E8B
SHA-256:	A7C0AF480A969BEF18A7857CA76A292C4A75D6FBBCDA654AE90085F5DC3459A2
SHA-512:	3F9B5340C1BA91797191BBC99C0797713B8C3AB0D3C2ED68A520BF2AE70279C4E3AF6FEAFDDD14071F1748A43B20A7AC315520DF75C3CD201B71EAAEF23A2F3C
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/CollectionSite/Site.css
Preview:	./! normalize.css v1.1.3 \| MIT License \| git.io/normalize /..@import url(https://fonts.googleapis.com/css?family=Roboto:400,700,900,100);..article, aside, details, figcaption, figure, footer, header, hgroup, main, nav, section, summary { display: block; }..header{ position: relative;}....audio, canvas, video { display: inline-block; }....audio:not([controls]) { display: none; height: 0; }....[hidden] { display: none; }....html { -ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%; }....button, html, input, select, textarea { font-family: sans-serif; }....body { margin: 0; }....a:focus { outline: dotted thin; }..a:active, a:hover { outline: 0; }....h1 { font-size: 2em; margin: .67em 0; }....h2 { font-size: 1.5em; margin: .83em 0; color: #23282b; }....h3 { font-size: 1.17em; margin: 1em 0; color: #23282b; }....h4 { font-size: 1em; margin: 1.33em 0; }....h5 { font-size: .83em; margin: 1.67em 0; }....h6 { font-size: .67em; margin: 2.33em 0; }....abbr[title] { border-bottom: 1px

Chrome Cache Entry: 160

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	1472
Entropy (8bit):	5.009495493046341
Encrypted:	false
SSDEEP:
MD5:	C331DB13A1E9C7AB6655EA559CC9F9A1
SHA1:	2D1D6609520201BC8C2693E44DE3652C4F5C9921
SHA-256:	940E3D2A1845410DAB134AFC0583D0F04D78197EC9803F536FFE3A52DE1F28CD
SHA-512:	0ED54CFF272EB0614C603C0B34F61721B0F774852ED896E20B03C1EC9E9829F41616A17898EF00B7B08951F7858B866EFD7F065F162EE125324353AE279F199E
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/PicScout.IT.Common.js
Preview:	.var PicScout = PicScout \|\| {};..PicScout.IT = PicScout.IT \|\| {};....PicScout.IT["Common"] = {.... isValidEmail: function isValidEmail(email) {.. if (!email) return true;.. var tlds = ["ac", "ad", "ae"];.. try {.. tlds = wwwTlds;.. } catch(ex) {.. }.... email = email.replace(/^\s+\|\s+$/, '');.. email = email.replace(/[\u200B-\u200D\uFEFF]/g, '');.. var rex = new RegExp("^[A-Za-z0-9\\.\\-!&_]+@[A-Za-z0-9\\.\\-_]+\\.[A-Za-z]+$");.. var endofString = email.split('.');.. var ending = endofString.length - 1;.. var tld = endofString[ending];.. .. if (!email.match(rex)) {.. return false;.. }.. if (email.split('@')[1].indexOf("..") > -1) {.. return false;.. }.. if ($.inArray(tld.toLowerCase(), tlds) < 0) {.. return false;.. }.. return true;.. }..}..$('input, textarea').on('paste keypress', function () {//m.A..

Chrome Cache Entry: 161

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 36 x 50, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3825
Entropy (8bit):	7.897166005460593
Encrypted:	false
SSDEEP:
MD5:	A4B6E9EB86E51BA541EF1164BEB4C14C
SHA1:	87A510A7EB4D96BF9ED6ED228A5A7A5AB0543C42
SHA-256:	935DAEC4326E52D3C16F3AF2FAA85E2E88873C2FBBC6A5AC3B42107FDA1188F9
SHA-512:	5D246B216FD8DDAFDF5E144DB468656DBACCA1D6036AFB8960A94FB3224D3F9AFF145BD33BD542F5A6A1396EF848172277EBD1549FA329521E55B0B8CE20B252
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/AbCollection/images/document_green.png
Preview:	.PNG........IHDR...$...2.....4.y.....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 165

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	8517
Entropy (8bit):	4.709878425631894
Encrypted:	false
SSDEEP:
MD5:	5BC60BE9A0219A6E9F74831467C63272
SHA1:	AA4E4064744DC6737CEA292E6FEDB0F9C37092CA
SHA-256:	BA8B62A31D2466EB81EF6A097D12018E8C0755C32ED1937594D45D03C791A532
SHA-512:	2B1710FA65243C356A35152A8182CC413F64BEA63CB93DB969F0582969994789B6744523603DAAB9EDECDEFD4D5646F3AE5B6C37830763CC9D8EF9D987363A4D
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/AbCollection/main.js
Preview:	var callus_show = false;..var useTranslation = true;....$(document).ready(function() {.. $.post("/PageVisits/SavePageVisit", { customerCaseId: window.CaseId, pageName: window.PageNameForDb });.... $(".picList a").click(function(event) {.. event.stopPropagation();.. });.. $(".picList dt, .faqWrapper dt").click(function(event) {.. $(this).next("dd").slideToggle();.. $(this).toggleClass("active");.. });.. $("#EvidenceLbl").click(function(event) {.. $('.picListWrap').slideToggle();.. $(this).toggleClass('active');.. });.. $("#ShowMoreBtn").click(function(event) {.. $(this).hide();.. $('.seconderyFaq').slideToggle();.. event.stopPropagation();.. return false;.. });.. $("#showChatLink").click(function (event) {.. var isArab = $("#hdnIsArabCountry").data("value");.. if (isArab === 'True') {.. pleaseCallUs();.. } else {.. showChat();.. event.stopPro

Chrome Cache Entry: 166

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Category:	downloaded
Size (bytes):	15744
Entropy (8bit):	7.986588355476176
Encrypted:	false
SSDEEP:
MD5:	15D9F621C3BD1599F0169DCF0BD5E63E
SHA1:	7CA9C5967F3BB8BFFEAB24B639B49C1E7D03FA52
SHA-256:	F6734F8177112C0839B961F96D813FCB189D81B60E96C33278C1983B6F419615
SHA-512:	D35A47162FC160CD5F806C3BB7FEB50EC96FDFC81753660EAD22EF33F89BE6B1BFD63D1135F6B479D35C2E9D30F2360FFC8819EFCA672270E230635BCB206C82
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......=........t..=..........................d..d..^.`.. .T..<.....\|..{........6.$.... ..t. ..I.3.%.....8..&....4Z.\|t .8.........D...$.uNE.P.E.Ak...=.x.9Xz.`.I..R....#F+B`..}.RP\|E...Z\.W[.............C...QB....m...cm.?.F.g.......Q....3......p...L2.[......!+@U..^~.......D.?.......j...U...c..U.l.6{...m.CD].h.t.....Q8.....@P...L.c.....+...ZD..2.K...:..4{g..:..~....v......<..H^.R.'....8....?.;...uy.VW..8=.".F..*.....@E....c....=..Ib.....y8$.a){.......KiIW.&..~.}..1..w.M..{.4......!..{..F.H.5#K...t..5.w...ve;. '......NJ......'(%;...?...D...M.Cq,<.=?.f......._...V..bA.(..37..v....+.uY.C.b.w8AF..3.n.-..'..U%.2....o.l."...^bj..aoF.!`....A....j...'.:Z.u...[..p.GW:U%.Ejq...:I...C........S.C...sJe.6D...<.UM,..&h..z}.y\|..9...D..j...n..B.$..T....?../.Q..=B...C._.f.#.:Bo.@]T.(..v..F..+d...". ......R..R..R....!..~A....X............>!`p..,08. 9.../.....r..Q.......Qpg.\ko...C..3..Y.y..t'.d9..>#\|..3..?.#..$....i........g5.z....S....{3..Sp..S2..w.6........

Chrome Cache Entry: 168

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Category:	downloaded
Size (bytes):	15860
Entropy (8bit):	7.988022700476719
Encrypted:	false
SSDEEP:
MD5:	E9F5AAF547F165386CD313B995DDDD8E
SHA1:	ACDEF5603C2387B0E5BFFD744B679A24A8BC1968
SHA-256:	F5AEBDFEA35D1E7656EF4ACC5DB1F243209755AE3300943EF8FC6280F363C860
SHA-512:	2A71EDB5490F286642A874D52A1969F54282BC43CB24E8D5A297E13B320321FB7B7AF5524EAC609CF5F95EE08D5E4EC5803E2A3C8D13C09F6CC38713C665D0CE
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Preview:	wOF2......=...........=..........................d.....^.`.. .H..<........8........6.$.... ..~. ..)..~E......6..J..`.. :.....8.;..5......!.l.j.%SX.SDm...RXh...&.X......5..._...............@...8...Gi..g.;9..'.Q......1..5.U.....w.+.hn..........c.....5.#{..%.#.JP..i.J..U(.6.D5V.<"Ex6"...k..[..{.?.d2....{.........W.......S...hT,.l..'.9.;[@..._.L..\|+...)......S...9F......T..t...-=X.:FtZ..uZ.[.?..f<.....@.....'...I...e..........8.?..-R.3,%X...I2\|.Wk{i...V2C....H$.H.LH.{.........(...6U..%W[t.R....j.........iS..%..L....rf.=..7..9i.I...1.Mj..C..u.B.........vJ.....+.u$.=..3..T..R.._.gs...6).$.-.PUH..Hl....WDd.......fK.(B.F1>..5.._[..]}VA#X...c.....%.(s50...m...^...1...'.$U*H.t...H...s.AZu...'...8.p...@.@.....q..Y.#.....#.....G.....G@..o8. A........:.........S.:..N.S.j.....tav.}.9h..s.....he.......{,~k...,eK.z}.......5%G...l.uCK.....V..............m.....U}.Sz..Z.c.{.....:..g......>h..'\|Z........a....^.b...o.>...g........f../w'....Ja.o(

Chrome Cache Entry: 169

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10271), with no line terminators
Category:	downloaded
Size (bytes):	10271
Entropy (8bit):	4.8721459788482715
Encrypted:	false
SSDEEP:
MD5:	DABE1448AFEC306DA4DB496E4C03561E
SHA1:	7C6F4FDA4427E9DE762EF74288D35FEBEBE9E2CB
SHA-256:	CD9C3EFBBFB47283B678FFD6867E0BA00ACABA7F05459271F4E2648A1B76236D
SHA-512:	DB2C57E0B7C7A6BC8F9D2A2D8BBEB7DE17F56981015CFADC0FE2699B52E6F5CDA849EAF4BC12BE44E6EEFF3801151EE244B8BB8F43F210E1E003E90AE70CDAE7
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/msdropdown/flags.css
Preview:	.flag{float:left;padding:0 !important;margin:0 5px 0 0;width:16px;height:11px;background:url(../../images/msdropdown/icons/flagssprite_small.png) no-repeat;}.flag.ad{background-position:0 0}.flag.ae{background-position:0 -11px}.flag.af{background-position:0 -22px}.flag.ag{background-position:0 -33px}.flag.ai{background-position:0 -44px}.flag.al{background-position:0 -55px}.flag.am{background-position:0 -66px}.flag.an{background-position:0 -77px}.flag.ao{background-position:0 -88px}.flag.ar{background-position:0 -99px}.flag.as{background-position:0 -110px}.flag.at{background-position:0 -121px}.flag.au{background-position:0 -132px}.flag.aw{background-position:0 -143px}.flag.ax{background-position:0 -154px}.flag.az{background-position:0 -165px}.flag.ba{background-position:0 -176px}.flag.bb{background-position:0 -187px}.flag.bd{background-position:0 -198px}.flag.be{background-position:0 -209px}.flag.bf{background-position:0 -220px}.flag.bg{background-position:0 -231px}.flag.bh{background-p

Chrome Cache Entry: 170

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 151 x 151, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	1180
Entropy (8bit):	7.729003683971808
Encrypted:	false
SSDEEP:
MD5:	805B732F13E8297AE89D4F7A1176DD70
SHA1:	BDA88695C1EBD0168AAC59F36CE436705C28BC22
SHA-256:	BCB349B63FBE9E1761D88C0C54CBA2CD0D58D1A8F410A63EFD77338AC2194FF0
SHA-512:	7634B50D1C8E54A78C73322843305ABDB4056BB5E92F0455CD974D24E0000949EAC3F0925B8912E73B73AEFC5EDE61E6449E0DE6587D1330A732E9FCF30FCDAB
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR............./A9K....PLTE.......2-....JF....-(......666............]]]....UQ.[X.........eee...,,,...............WWWAAA...mmm...LLL$$$....fd.D@uuu....'!........>.....IDATx...b.@...M. .V@..$.....~..a.. .d{...P.o...2...0..0..0..0.3....TsN..(..T.n....P=g.....}:l.......\.........H...F.f(k.o&...U4.....i..$....K\.rJ.[vP/.^a......h.pT.9...z.4.X.wy9...k=."..,.......?...Sy.z.\.y.n....C7..RCU?n.r..!M...I..../......["._M...9n)ZM^..?.iv.r.:..i...DL...P=#E.46..P.W.A..:...IR..8.#......N.Z0......u.+../..^....W..... k..Z..j1Ks.....u..yjV.(.A,.W@....>..X.W.......<..\|..I.3r.+)..V.d-...c#..1qF...#..W..RF....F.T.D..$!F...Q$.R.,..jS<^...y......zy.......e..w.}...z.,.2Y.C.2..P.(..F.5}...._....n."./....._'.....:.MM...Q^..1K.?...<..g7#.xE..hPF1.aFv.z.k.'...mi..l?..r).U.....\|ol.0....#3.U....P.. ...>Z.r5....v..T.:8.{N&..:....[.u$>P.h.t.Y...?.e<.#6.O..:._.#...-cf....v.`.Z..u.s...2./B.]K.9Z.x.{b;..c_.V.p6.e,.d.1...e..O.5...ja..CU.......v.u....8X.2...y.

Chrome Cache Entry: 171

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	3659
Entropy (8bit):	5.1882675986748295
Encrypted:	false
SSDEEP:
MD5:	AFD7EDAD3BDAAB853281A1A19BED6994
SHA1:	1643807782BCDD3EDD2DBBAC431F5B4102A17459
SHA-256:	A370B8D8355B4B072DE979EB0B05F1D10064E946736E93E244261FA6B8D617AA
SHA-512:	2FB45856734F284DA01C618AB0D9B910FBFFF9C158CCDE22311DBE907283CEF0EA5E22CD3FC0794CEB88AFD4D07ED8CA7E4B66DF36BF7438ED8EEE76356FF040
Malicious:	false
Reputation:	unknown
Preview:	<!DOCTYPE html>..<html>.. <head>.. <title>The resource cannot be found.</title>.. <meta name="viewport" content="width=device-width" />.. <style>.. body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;} .. p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}.. b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}.. H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }.. H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }.. pre {font-family:"Consolas","Lucida Console",Monospace;font-size:11pt;margin:0;padding:0.5em;line-height:14pt}.. .marker {font-weight: bold; color: black;text-decoration: none;}.. .version {color: gray;}.. .error {margin-bottom: 10px;}.. .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:pointer; }.. @media screen and (max-width

Chrome Cache Entry: 173

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1912 x 1040, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	648693
Entropy (8bit):	7.98987078532496
Encrypted:	false
SSDEEP:
MD5:	CDFAA075F6891A349291AF2738F0C2E4
SHA1:	E3AC53226DE850CAD7BE49338CBBB4CA212804DF
SHA-256:	20FAF6118A1D1F3CD9E16B27B7B3244B7AB40807464D172410CE5F4A6C25EF89
SHA-512:	4CFE17DAB0586D17859E6003B0DCE8E743C18AE92AF9B0B0C505C8D52363235C37AE2519142C8995013CDAA158F9A7673C8D24AAA851343A94B1904CC6443D75
Malicious:	false
Reputation:	unknown
URL:	https://media.picrights.com/v1/Reports/85TMJfTXK0edVjjZZmUaYw2/ScreenCapture
Preview:	.PNG........IHDR...x............"....sRGB.........gAMA......a.....pHYs..........o.d....tEXtSoftware.Greenshot^U......IDATx^...T......u..s.Y...s.kg.{........=&....w..Q. .V...".n41...D.ILL,.{...w.7..\......g...3....l.\|....^.Z.].pE.?.Y.;wI.={.x...nEu[..U.......U..fU1.;w....O.?y...gN.8}.8.@.]'...r....g.f......@..E.j...x....S....:t._~?x.7.!.A.n9......P.F.'..k........jZ4[[.#G....m..........~.../...x..{O.@...n.{.........0U...K.e..._~.....o......F.@...n.{Ru.r.R4........h.\|....S.....S1......;S.O.K.^.............._>}....y...x..M..#.zD.I.3....T.U.........<n.i..q..={..83.n.{R.L.?..3lw/........E..g~...........N.;S.O.K).........\4.>x...m.{.T..)...........@5-...x.....}..7F.GHu..r..]............7...O(.........E3!...f.......D.L...........0Q4.r?.h.......L.S4'&.v...\..<..'e.II.m.TP....L.).k..Ry.h.......L.+......W......W.~..O~.Ak......m....D....f.=4!........d.........^.(..........o.g_.LTT...T.eD.e....2..Wn....Mc...\....Yc..JJ..f..^_}..m.........'...#.fU..

Chrome Cache Entry: 174

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 44 x 26, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	4127
Entropy (8bit):	7.911161156363432
Encrypted:	false
SSDEEP:
MD5:	024DE34D7E0B969F55EB58276C40ECE9
SHA1:	910AD9F60F5A53405BB6FE4E74A66C54FF090FC1
SHA-256:	9C9876D3E5254445DBF872E6DE922EC403E8DB72B268E33FD09A0EA7CFA19326
SHA-512:	EBC6D75D3BD390EB040D7B8F6E432B6434DBBA263C4FA967513B17F350CB13116716AB89191919A6CD2648AC4B46754729719CA234409A2DD3E7D35B90BD0F7C
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/AbCollection/images/arrow_green.png
Preview:	.PNG........IHDR...,................pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 175

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 19 x 18, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	755
Entropy (8bit):	7.580834545806061
Encrypted:	false
SSDEEP:
MD5:	22369B6BB437E33A3AD41852BC301F7E
SHA1:	F6F18AA237F8AE9E1112CEBAC45C9FB31303AF01
SHA-256:	5A50AB945FA052A493CDEAB651B9609EB50E2F49DA54785AFA0C93BC0CAA026D
SHA-512:	B2AE0E2F8DE1F04ACC8F88D0F10050F7CE19B7472ACAD8E7BFFC83B35FE70B786786B27F7969ADE473A7A946FFF1850613B716DF4016C5ECBCB34B090A6C5AC9
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/AbCollection/images/info.png
Preview:	.PNG........IHDR................i....sRGB.........gAMA......a.....pHYs................}IDAT8O...nZA....1.b..$,$.P .......B.t.RX.#...I^..i)...l.A.-0wllN..s........=..?.uX.e.......L..p.V..l6[..h4...s.......8..^.Z.s...B.m4........3r6...fww......h.G8.>].(6....K...}...x.^.\..(4.`P.v.m...N..wvvnV./..n..j.P.=.H.I...E.?::.5....xl.....ro\|>....5.E%.\.A...z..D.%...\|...._+;;;+...L&...bu\|.......i6.......u:.B<..=)<'.....x\|\|4n.[.QO...&s:...K~.._..IW....W.JF..@.J.........@W..d2.q.^..Q&r.(..U..B.p8.t:U..6.=:.)....d2??!..~.<.4...C,.....4.......U^..I.o.3Ui....].....~{{...c.b.^... .T...!..P...+A..[....._.E".S...8.S'...9.....B(.D...X.m..J.b1o(#..1w<1.Hs.....I&...r.$.....o.^..u4...g...tq*S.^....b..o.j5.u...l.)......){.b.......IEND.B`....IEND.B`.

Chrome Cache Entry: 176

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 13, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	739
Entropy (8bit):	6.714485202713317
Encrypted:	false
SSDEEP:
MD5:	02BE1248909BC247DB6D3DCCF16A53D0
SHA1:	ADFF1269A9316BC3F58A632A6A435AFC2021BED3
SHA-256:	915323CE32FBEDA845A220884C977CCF8794527BDEC8C7A77D0F560CC6FCA3B7
SHA-512:	ACB4FCEA306A7B0BB6D15309CA2BBE521ABC8DBF7E9B8378DE61560DAEBB03AF2C5AD45F944850294C5A5EE3EEB47CF8706ECABCEEBB47BB26745D4C0091B1C2
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/Flags/germany.png
Preview:	.PNG........IHDR..............N>.....sRGB........ cHRM..z&..............u0...`..:....p..Q<....pHYs................YiTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.4.0">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:tiff="http://ns.adobe.com/tiff/1.0/">. <tiff:Orientation>1</tiff:Orientation>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>.L.'Y....IDAT(..R.N.0..7^. (...>.Gn\|0......j..a. .7h.%J...............".c.......V.e...L`f,m{.....)..8....]....s."ZVO.p.@......\|.6.D.%....z.m...~.k.x.^.../...>..pxrj.u.......\|s/.......o.d._H58?.....d...#.U.1...(S."..cj............CTK5.....F.s.O<......IEND.B`.

Chrome Cache Entry: 177

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	285314
Entropy (8bit):	5.053808917632283
Encrypted:	false
SSDEEP:
MD5:	12E87D2F3A4C8B347AB13A0764D420A3
SHA1:	4BE715E11048C057FDF2EE0FBBFAD4DBF3504C55
SHA-256:	78A85ACA2F0B110C29E0D2B137E09F0A1FB7A8E554B499F740D6744DC8962CFE
SHA-512:	FA4D699E582DE05D47F0BEEDDF3F79A37FCA3BEA3BF083447174DB9E8250FC5D95A835615A86A256697F3841EFF47B1583151A556F886E264F50941F17F63167
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/jquery-3.7.1.js
Preview:	/!. jQuery JavaScript Library v3.7.1. * https://jquery.com/. . Copyright OpenJS Foundation and other contributors. * Released under the MIT license. * https://jquery.org/license. . Date: 2023-08-28T13:37Z. */.( function( global, factory ) {..."use strict";...if ( typeof module === "object" && typeof module.exports === "object" ) {....// For CommonJS and CommonJS-like environments where a proper `window`...// is present, execute the factory and get jQuery....// For environments that do not have a `window` with a `document`...// (such as Node.js), expose a factory as module.exports....// This accentuates the need for the creation of a real `window`....// e.g. var jQuery = require("jquery")(window);...// See ticket trac-14549 for more info....module.exports = global.document ?....factory( global, true ) :....function( w ) {.....if ( !w.document ) {......throw new Error( "jQuery requires a window with a document" );.....}.....return factory( w );....};..} else {...factory( global

Chrome Cache Entry: 179

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2043), with CRLF line terminators
Category:	downloaded
Size (bytes):	2324
Entropy (8bit):	5.215093141640643
Encrypted:	false
SSDEEP:
MD5:	FD435A15FDEBA17EE2A47A3874B5AB27
SHA1:	E508396394BD376C3720371E86304611D6B05AB3
SHA-256:	F73B95C5075460BC853DC51C8ADA9DB64906803382160B8C62809F5C92BF10DA
SHA-512:	0FDBD6838F56D6DE1BA8445FCAA66620A8B09E0F11335324CED532AE63F4198814F5FC2E67E3587FDB0EA06C4C88F501B1EBE36E992C1FFC7903F7FACE53DB08
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/jquery.customSelect.min.js
Preview:	/!.. jquery.customSelect() - v0.4.2.. * http://adam.co/lab/jquery/customselect/.. * 2013-05-22.. .. Copyright 2013 Adam Coulombe.. * @license http://www.opensource.org/licenses/mit-license.html MIT License.. * @license http://www.gnu.org/licenses/gpl.html GPL2 License.. */..(function(a){a.fn.extend({customSelect:function(c){if(typeof document.body.style.maxHeight==="undefined"){return this}var e={customClass:"customSelect",mapClass:true,mapStyle:true},c=a.extend(e,c),d=c.customClass,f=function(h,k){var g=h.find(":selected"),j=k.children(":first"),i=g.html()\|\|" ";j.html(i);if(g.attr("disabled")){k.addClass(b("DisabledOption"))}else{k.removeClass(b("DisabledOption"))}setTimeout(function(){k.removeClass(b("Open"));a(document).off("mouseup."+b("Open"))},60)},b=function(g){return d+g};return this.each(function(){var h=a(this),j=a("<span />").addClass(b("Inner")),i=a("<span />"),g=h.position();h.after(i.append(j));i.addClass(d);if(c.mapClass){i.addClass(h.attr("class"))}if(c.mapSt

Chrome Cache Entry: 180

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16
Category:	downloaded
Size (bytes):	1406
Entropy (8bit):	2.9383710682298716
Encrypted:	false
SSDEEP:
MD5:	87B828776BBA2070CD9887CB81138937
SHA1:	B0748401B5AF86F9245E587985EF5E497704222C
SHA-256:	EBEB1A5343DBBCB115C1BC2F1C8C8D1D3236E881D3D2C3AA69DE5F2E60E67B34
SHA-512:	11E1AD317A0B2F174F693893132C78538B5F8F76A7EBF53478FD918ACA494930CD62A44FE629F9E7C9CA4CCA70A52F4C9CE71C35651E80A3D5D8E7B89F663F58
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/favicon.ico
Preview:	..............h.......(....... ...............................................POO.....................sss.....}\|\|.............AAA.................CCC.........................srs.............EEE.........................................................................BBB...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Chrome Cache Entry: 181

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (14856), with CRLF line terminators
Category:	downloaded
Size (bytes):	15518
Entropy (8bit):	5.326329352612796
Encrypted:	false
SSDEEP:
MD5:	EDC6FE2E73A88DE4444BB6D3C16998D5
SHA1:	F4D0E123BD8607058F7E744C80FC728F0F7DD1FC
SHA-256:	6A40E518311B650B771BE1D6FDD1AECEEE2B92E1FC40D70913BEDF30C65B87B1
SHA-512:	238F1081F3B5B10099892187AC48C20C0E31DB4EB2BA3B12A76D685635DE81DB6F88AF0D498BFFB3FD39270EEB5DAE8A0F77ACCABE765A0D1EB7EBFBC9499D35
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Scripts/AbCollection/vendor/modernizr-2.8.3.min.js
Preview:	/* Modernizr 2.8.3 (Custom Build) \| MIT & BSD.. * Build: http://modernizr.com/download/#-fontface-backgroundsize-borderimage-borderradius-boxshadow-flexbox-hsla-multiplebgs-opacity-rgba-textshadow-cssanimations-csscolumns-generatedcontent-cssgradients-cssreflections-csstransforms-csstransforms3d-csstransitions-applicationcache-canvas-canvastext-draganddrop-hashchange-history-audio-video-indexeddb-input-inputtypes-localstorage-postmessage-sessionstorage-websockets-websqldatabase-webworkers-geolocation-inlinesvg-smil-svg-svgclippaths-touch-webgl-shiv-mq-cssclasses-addtest-prefixed-teststyles-testprop-testallprops-hasevent-prefixes-domprefixes-load.. */..;window.Modernizr=function(a,b,c){function D(a){j.cssText=a}function E(a,b){return D(n.join(a+";")+(b\|\|""))}function F(a,b){return typeof a===b}function G(a,b){return!!~(""+a).indexOf(b)}function H(a,b){for(var d in a){var e=a[d];if(!G(e,"-")&&j[e]!==c)return b=="pfx"?e:!0}return!1}function I(a,b,d){for(var e in a){var f=b[a[e]];if(f!==c)

Chrome Cache Entry: 182

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 13, 4-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	297
Entropy (8bit):	5.9326244065225415
Encrypted:	false
SSDEEP:
MD5:	17A69B3A4DAF471DB088EA7FF1DE989B
SHA1:	C5CAF651AFD3EDAF6C63ECAC348A267678A9139F
SHA-256:	20FF786D6FCC6A43233D19253A58E6F26F80041E0E321EFD60564F05B67A470D
SHA-512:	E61E20D8C1E1DA70E72217261E71AD531F10AC685FDC166DCEFF51CF27C171970DC4DC3B3EB36A1087E7EC9F84EEE3FA9D398EB785F2288AB7647C0387FF097B
Malicious:	false
Reputation:	unknown
URL:	https://resolve.picrights.com/Content/Flags/usa.png
Preview:	.PNG........IHDR.............V`#*....sRGB........0PLTE..f..c..p..$......GG.......bb..................F.g"....bKGD.........tIME......./K+....%IDAT..c```Tvu.....{..............+..g.8U.:p=...%tEXtdate:create.2016-04-25T09:03:12-04:00!).j...%tEXtdate:modify.2016-04-25T09:03:12-04:00Pt).....IEND.B`.

Chrome Cache Entry: 183

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 13, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	756
Entropy (8bit):	7.589975244250564
Encrypted:	false
SSDEEP:
MD5:	7BD59945C365D7EB27D3D56529A0DC9C
SHA1:	F4246D09304B6B8889B0AF8CF3744CD295E51508
SHA-256:	F72235802C36F5624BE90092DE485EE5430B175CF81795CEE780395E5B197032
SHA-512:	69A701A2D01FD18303923B74D3AD69E7026F370C4424C6C7FB12B545BFBD68F2D05AE1F4B7906A9364A0F32C5AD74A9982DF194AC4D0E276699F29C9C1D0DCBC
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............N>.....sRGB.........gAMA......a.....pHYs.................IDAT8OMS.KTQ.>.9C69..FKZI..L!Hl.iFg.7.....E.BpQ...,..E.&..]T.".....9.QKK...6EB...;......=....\|.....ay.&.o.].!..x..7..3.(l._..u<....\|.bq.r....v~.H9A...n+.....+9.&L0a.....&...,..Z(E..[..8...)`-...oME ..R..3...+.v..xs..c.].F...O........T...v......Y[.b.i....m.z....Q.. ....xn......agM.......[.i"...6.x........zn.`..G$o..T.0y.<i.bsy.{.1.........Lx;.T......X.....c...O.96.....\.......".!.;..P43R:a.....q...LGwn.BN-BN...s....I.......5......s..-#;.rDN..2....P..D..U.....OYl.<.H...".Q.A.%...)e.Mj...$p_..W.....<~.d......6...hX..M...F~...Ag...Z..9.A..3...$.;Q...Q.i.=k..'...D`...&U.:.GhL.......V..5.t...l...7e..!......UQ..I.k}...........m...O.e....IEND.B`.

Static File Info

⊘No static file info