Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
http://url3617.survey-dk.wsp.com/ls/click?upn=u001.ij1HAbhzRyHEzsdkbUp3KMDTDDgC6GefOMwBmU0bAiq7ZNmjGvc22XFtrAyMYviy3Jwu-2FRDHh1txaXSD-2F5rF42m8A0U-2F3OP82JJlfr53UvVQSEwBkkDFeI7ZHaLhEbFBp-9h_kSVfb8GI3tgKT0-2FI0TZaD4NDjHyVTXSPshPCdVu4UjU3Pnry5jKtkIJP3YW8kEP01FW2m3gjZqyzTQ3TZzEzSRFQVOASAWTJpe3B0A0D5pPa

Overview

General Information

Sample URL:http://url3617.survey-dk.wsp.com/ls/click?upn=u001.ij1HAbhzRyHEzsdkbUp3KMDTDDgC6GefOMwBmU0bAiq7ZNmjGvc22XFtrAyMYviy3Jwu-2FRDHh1txaXSD-2F5rF42m8A0U-2F3OP82JJlfr53UvVQSEwBkkDFeI7ZHaLhEbFBp-9h_kSVfb8GI3t
Analysis ID:1517990

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

HTML body contains password input but no form action
HTML title does not match URL
Stores files to the Windows start menu directory

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 7012 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6372 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1988,i,8615327354190017739,13023527876257823646,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 7400 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.PrintCompositor --lang=en-US --service-sandbox-type=print_compositor --mojo-platform-channel-handle=6072 --field-trial-handle=1988,i,8615327354190017739,13023527876257823646,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 1868 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.PrintCompositor --lang=en-US --service-sandbox-type=print_compositor --mojo-platform-channel-handle=5788 --field-trial-handle=1988,i,8615327354190017739,13023527876257823646,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 5892 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://url3617.survey-dk.wsp.com/ls/click?upn=u001.ij1HAbhzRyHEzsdkbUp3KMDTDDgC6GefOMwBmU0bAiq7ZNmjGvc22XFtrAyMYviy3Jwu-2FRDHh1txaXSD-2F5rF42m8A0U-2F3OP82JJlfr53UvVQSEwBkkDFeI7ZHaLhEbFBp-9h_kSVfb8GI3tgKT0-2FI0TZaD4NDjHyVTXSPshPCdVu4UjU3Pnry5jKtkIJP3YW8kEP01FW2m3gjZqyzTQ3TZzEzSRFQVOASAWTJpe3B0A0D5pPahCnJlKyezHgzSvxPK4XW2GmajK9ThyIbdpADtkHtXQlI1r5Cilf0UxsHzj0FhMjRVPOoBZkEIu1UY3Ogo7sNdfSMVnCTEA-2Frb88IxPuMCw-3D-3D" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • Phishing
  • Compliance
  • Software Vulnerabilities
  • Networking
  • System Summary
  • Boot Survival

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx#HTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx#HTTP Parser: Title: Knutsen Group Survey 2024 does not match URL
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: <input type="password" .../> found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx#HTTP Parser: <input type="password" .../> found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No favicon
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No favicon
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No favicon
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No favicon
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No favicon
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx#HTTP Parser: No favicon
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx#HTTP Parser: No favicon
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No <meta name="author".. found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No <meta name="author".. found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No <meta name="author".. found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No <meta name="author".. found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No <meta name="author".. found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx#HTTP Parser: No <meta name="author".. found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx#HTTP Parser: No <meta name="author".. found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No <meta name="copyright".. found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No <meta name="copyright".. found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No <meta name="copyright".. found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No <meta name="copyright".. found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxHTTP Parser: No <meta name="copyright".. found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx#HTTP Parser: No <meta name="copyright".. found
Source: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx#HTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49922 version: TLS 1.2
Source: chrome.exeMemory has grown: Private usage: 1MB later: 29MB
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: global trafficHTTP traffic detected: GET /ls/click?upn=u001.ij1HAbhzRyHEzsdkbUp3KMDTDDgC6GefOMwBmU0bAiq7ZNmjGvc22XFtrAyMYviy3Jwu-2FRDHh1txaXSD-2F5rF42m8A0U-2F3OP82JJlfr53UvVQSEwBkkDFeI7ZHaLhEbFBp-9h_kSVfb8GI3tgKT0-2FI0TZaD4NDjHyVTXSPshPCdVu4UjU3Pnry5jKtkIJP3YW8kEP01FW2m3gjZqyzTQ3TZzEzSRFQVOASAWTJpe3B0A0D5pPahCnJlKyezHgzSvxPK4XW2GmajK9ThyIbdpADtkHtXQlI1r5Cilf0UxsHzj0FhMjRVPOoBZkEIu1UY3Ogo7sNdfSMVnCTEA-2Frb88IxPuMCw-3D-3D HTTP/1.1Host: url3617.survey-dk.wsp.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: url3617.survey-dk.wsp.com
Source: global trafficDNS traffic detected: DNS query: iapv.wsp.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: dc.services.visualstudio.com
Source: global trafficDNS traffic detected: DNS query: apis.google.com
Source: global trafficDNS traffic detected: DNS query: play.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50099
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50099 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49939
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49938
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49936
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49934
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49933
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49936 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49929
Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49928
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49927
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49926
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49922
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49922 version: TLS 1.2
Source: classification engineClassification label: clean1.win@36/64@26/113
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1988,i,8615327354190017739,13023527876257823646,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://url3617.survey-dk.wsp.com/ls/click?upn=u001.ij1HAbhzRyHEzsdkbUp3KMDTDDgC6GefOMwBmU0bAiq7ZNmjGvc22XFtrAyMYviy3Jwu-2FRDHh1txaXSD-2F5rF42m8A0U-2F3OP82JJlfr53UvVQSEwBkkDFeI7ZHaLhEbFBp-9h_kSVfb8GI3tgKT0-2FI0TZaD4NDjHyVTXSPshPCdVu4UjU3Pnry5jKtkIJP3YW8kEP01FW2m3gjZqyzTQ3TZzEzSRFQVOASAWTJpe3B0A0D5pPahCnJlKyezHgzSvxPK4XW2GmajK9ThyIbdpADtkHtXQlI1r5Cilf0UxsHzj0FhMjRVPOoBZkEIu1UY3Ogo7sNdfSMVnCTEA-2Frb88IxPuMCw-3D-3D"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1988,i,8615327354190017739,13023527876257823646,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.PrintCompositor --lang=en-US --service-sandbox-type=print_compositor --mojo-platform-channel-handle=6072 --field-trial-handle=1988,i,8615327354190017739,13023527876257823646,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.PrintCompositor --lang=en-US --service-sandbox-type=print_compositor --mojo-platform-channel-handle=5788 --field-trial-handle=1988,i,8615327354190017739,13023527876257823646,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.PrintCompositor --lang=en-US --service-sandbox-type=print_compositor --mojo-platform-channel-handle=6072 --field-trial-handle=1988,i,8615327354190017739,13023527876257823646,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.PrintCompositor --lang=en-US --service-sandbox-type=print_compositor --mojo-platform-channel-handle=5788 --field-trial-handle=1988,i,8615327354190017739,13023527876257823646,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Extra Window Memory Injection		1
Extra Window Memory Injection		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://url3617.survey-dk.wsp.com/ls/click?upn=u001.ij1HAbhzRyHEzsdkbUp3KMDTDDgC6GefOMwBmU0bAiq7ZNmjGvc22XFtrAyMYviy3Jwu-2FRDHh1txaXSD-2F5rF42m8A0U-2F3OP82JJlfr53UvVQSEwBkkDFeI7ZHaLhEbFBp-9h_kSVfb8GI3tgKT0-2FI0TZaD4NDjHyVTXSPshPCdVu4UjU3Pnry5jKtkIJP3YW8kEP01FW2m3gjZqyzTQ3TZzEzSRFQVOASAWTJpe3B0A0D5pPahCnJlKyezHgzSvxPK4XW2GmajK9ThyIbdpADtkHtXQlI1r5Cilf0UxsHzj0FhMjRVPOoBZkEIu1UY3Ogo7sNdfSMVnCTEA-2Frb88IxPuMCw-3D-3D0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
plus.l.google.com
142.250.186.46
truefalse
    		unknown
    play.google.com
    		142.250.181.238
    		truefalse
      		unknown
      sendgrid.net
      		167.89.118.128
      		truefalse
        		unknown
        www.google.com
        		142.250.184.228
        		truefalse
          		unknown
          url3617.survey-dk.wsp.com
          		unknown
          		unknownfalse
            		unknown
            dc.services.visualstudio.com
            		unknown
            		unknownfalse
              		unknown
              iapv.wsp.com
              		unknown
              		unknownfalse
                		unknown
                apis.google.com
                		unknown
                		unknownfalse
                  		unknown

                  Contacted URLs

                  NameMaliciousAntivirus DetectionReputation
                  https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspxfalse
                    		unknown
                    https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx#false
                      		unknown

                      World Map of Contacted IPs

                      • No. of IPs < 25%
                      • 25% < No. of IPs < 50%
                      • 50% < No. of IPs < 75%
                      • 75% < No. of IPs

                      Public IPs

                      IPDomainCountryFlagASNASN NameMalicious
                      142.250.186.46
                      		plus.l.google.comUnited States
                      		15169GOOGLEUSfalse
                      142.250.110.84
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      152.199.19.161
                      		unknownUnited States
                      		15133EDGECASTUSfalse
                      172.217.16.202
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      1.1.1.1
                      		unknownAustralia
                      		13335CLOUDFLARENETUSfalse
                      40.115.98.85
                      		unknownUnited States
                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                      167.89.118.128
                      		sendgrid.netUnited States
                      		11377SENDGRIDUSfalse
                      216.58.206.67
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      20.50.88.245
                      		unknownUnited States
                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                      20.50.88.234
                      		unknownUnited States
                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                      216.58.206.42
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      20.50.88.235
                      		unknownUnited States
                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                      20.50.88.238
                      		unknownUnited States
                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                      142.250.185.170
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      142.250.181.238
                      		play.google.comUnited States
                      		15169GOOGLEUSfalse
                      239.255.255.250
                      		unknownReserved
                      		unknownunknownfalse
                      142.250.185.174
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      142.250.185.131
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      142.250.184.238
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      142.250.184.228
                      		www.google.comUnited States
                      		15169GOOGLEUSfalse
                      172.217.16.195
                      		unknownUnited States
                      		15169GOOGLEUSfalse

                      Private

                      IP
                      192.168.2.16

                      General Information

                      Joe Sandbox version:41.0.0 Charoite
                      Analysis ID:1517990
                      Start date and time:2024-09-25 09:28:35 +02:00
                      Joe Sandbox product:CloudBasic
                      Overall analysis duration:
                      Hypervisor based Inspection enabled:false
                      Report type:full
                      Cookbook file name:defaultwindowsinteractivecookbook.jbs
                      Sample URL:http://url3617.survey-dk.wsp.com/ls/click?upn=u001.ij1HAbhzRyHEzsdkbUp3KMDTDDgC6GefOMwBmU0bAiq7ZNmjGvc22XFtrAyMYviy3Jwu-2FRDHh1txaXSD-2F5rF42m8A0U-2F3OP82JJlfr53UvVQSEwBkkDFeI7ZHaLhEbFBp-9h_kSVfb8GI3tgKT0-2FI0TZaD4NDjHyVTXSPshPCdVu4UjU3Pnry5jKtkIJP3YW8kEP01FW2m3gjZqyzTQ3TZzEzSRFQVOASAWTJpe3B0A0D5pPahCnJlKyezHgzSvxPK4XW2GmajK9ThyIbdpADtkHtXQlI1r5Cilf0UxsHzj0FhMjRVPOoBZkEIu1UY3Ogo7sNdfSMVnCTEA-2Frb88IxPuMCw-3D-3D
                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                      Number of analysed new started processes analysed:16
                      Number of new started drivers analysed:0
                      Number of existing processes analysed:0
                      Number of existing drivers analysed:0
                      Number of injected processes analysed:0
                      Technologies:
                      • EGA enabled
                      Analysis Mode:stream
                      Analysis stop reason:Timeout
                      Detection:CLEAN
                      Classification:clean1.win@36/64@26/113
                      • Exclude process from analysis (whitelisted): SgrmBroker.exe, svchost.exe
                      • Excluded IPs from analysis (whitelisted): 172.217.16.195, 142.250.184.238, 142.250.110.84, 34.104.35.123, 40.115.98.85
                      • Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, waws-prod-db3-127.northeurope.cloudapp.azure.com, clientservices.googleapis.com, clients.l.google.com
                      • Not all processes where analyzed, report is missing behavior information
                      • VT rate limit hit for: http://url3617.survey-dk.wsp.com/ls/click?upn=u001.ij1HAbhzRyHEzsdkbUp3KMDTDDgC6GefOMwBmU0bAiq7ZNmjGvc22XFtrAyMYviy3Jwu-2FRDHh1txaXSD-2F5rF42m8A0U-2F3OP82JJlfr53UvVQSEwBkkDFeI7ZHaLhEbFBp-9h_kSVfb8GI3tgKT0-2FI0TZaD4NDjHyVTXSPshPCdVu4UjU3Pnry5jKtkIJP3YW8kEP01FW2m3gjZqyzTQ3TZzEzSRFQVOASAWTJpe3B0A0D5pPahCnJlKyezHgzSvxPK4XW2GmajK9ThyIbdpADtkHtXQlI1r5Cilf0UxsHzj0FhMjRVPOoBZkEIu1UY3Ogo7sNdfSMVnCTEA-2Frb88IxPuMCw-3D-3D

                      LLM Input / Output

                      InputOutput
                      URL: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx Model: jbxai
                      {
"brand":["Knutsen Group"],
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"unknown",
"text_input_field_labels":["Enter your SELF-CHOSEN access code:"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                      URL: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx Model: jbxai
                      {
"brand":["Knutsen Group"],
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"unknown",
"text_input_field_labels":["Enter your SELF-CHOSEN access code: "],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                      URL: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx Model: jbxai
                      {
"phishing_score":2,
"brands":["Knutzen Group Survey 2024"],
"sub_domain":"iapv",
"legit_domain":"wsp.com",
"partial_domain_match":true,
"brand_matches_associated_domain":false,
"reasons":"The domain name 'wsp.com' is a common domain extension for companies and organizations,
 but the subdomain 'iapv' is not associated with the legitimate domain name 'wsp.com'. The brand name 'Knutzen Group Survey 2024' does not match the domain name 'wsp.com',
 which is associated with the WSP company. This suggests that the webpage may be a phishing site.",
"brand_matches":[false],
"url_match":true,
"gpt4o":{
"riskscore":8,
"legit_domain":"knutsen.com",
"reasons":["The URL 'iapv.wsp.com' does not match the legitimate domain 'knutsen.com' associated with Knutsen Group.",
"The domain 'wsp.com' is not commonly associated with Knutsen Group.",
"The presence of an input field asking for a 'SELF-CHOSEN access code' is unusual and can be a tactic used in phishing attempts.",
"The URL structure and the brand association do not align,
 which is a common indicator of phishing."]}
,
"brand_input":"Knutsen Group",
"input_fields":"Enter your SELF-CHOSEN access code: "}
                      URL: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx Model: jbxai
                      {
"phishing_score":2,
"brands":["KNUTSEN GROUP SURVEY 2024",
"WSP Arbeidsmilj"],
"sub_domain":"iapv",
"legit_domain":"wsp.com",
"partial_domain_match":false,
"brand_matches_associated_domain":true,
"reasons":"The domain name 'wsp.com' matches the identified brand 'WSP Arbeidsmilj',
 and the subdomain 'iapv' is likely a specific section or department within the company. However,
 the presence of 'KNUTSEN GROUP SURVEY 2024' as the brand name on the webpage is unusual,
 as it suggests a temporary or specific survey,
 which may raise some suspicions. Nevertheless,
 the overall design and functionality of the webpage appear professional and legitimate.",
"brand_matches":[false,
false],
"url_match":true,
"gpt4o":{
"riskscore":8,
"legit_domain":"knutsen-group.com",
"reasons":["The URL 'iapv.wsp.com' does not match the legitimate domain name 'knutsen-group.com'.",
"The domain 'wsp.com' is not commonly associated with Knutsen Group.",
"The presence of a subdomain 'iapv' adds to the suspicion as it is not a known subdomain for Knutsen Group.",
"The input field 'Enter your SELF-CHOSEN access code:' is unusual and could be a tactic to phish for sensitive information."]}
,
"brand_input":"Knutsen Group",
"input_fields":"Enter your SELF-CHOSEN access code:"}
                      URL: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx Model: jbxai
                      {
"brand":["Knutsen Group"],
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"unknown",
"text_input_field_labels":["Enter your SELF-CHOSEN access code: Save"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                      URL: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx Model: jbxai
                      {
"brand":["Knutsen Group"],
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"unknown",
"text_input_field_labels":["Enter your SELF-CHOSEN access code: "],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                      URL: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx Model: jbxai
                      {
"phishing_score":2,
"brands":["Knutzen Group"],
"sub_domain":"iapv",
"legit_domain":"wsp.com",
"partial_domain_match":true,
"brand_matches_associated_domain":false,
"reasons":"The domain name 'wsp.com' is a partial match for the legitimate domain name associated with the Knutzen Group,
 which is 'knutzen-group.com'. The subdomain 'iapv' is not an abbreviation or specific identifier for the Knutzen Group,
 but rather a generic subdomain. The webpage's design and content are consistent with a legitimate survey form,
 but the domain name does not fully match the legitimate domain name associated with the brand.",
"brand_matches":[false],
"url_match":true,
"gpt4o":{
"riskscore":8,
"legit_domain":"knutsen-group.com",
"reasons":["The URL 'iapv.wsp.com' does not match the legitimate domain 'knutsen-group.com'.",
"The domain 'wsp.com' is not associated with Knutsen Group.",
"The presence of an input field asking for a 'SELF-CHOSEN access code' is unusual and suspicious.",
"The URL structure and domain do not align with the expected domain for Knutsen Group,
 indicating a high likelihood of phishing."]}
,
"brand_input":"Knutsen Group",
"input_fields":"Enter your SELF-CHOSEN access code: "}
                      URL: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx Model: jbxai
                      {
"phishing_score":8,
"brands":["Knutsen Group"],
"sub_domain":"iapv",
"legit_domain":"wsp.com",
"partial_domain_match":true,
"brand_matches_associated_domain":false,
"reasons":"The domain name 'wsp.com' does not match the brand name 'Knutsen Group'. The subdomain 'iapv' could be an abbreviation or a specific department within the company,
 but it does not provide any information about the brand. The lack of branding in the domain name makes it difficult to determine the exact relationship between the domain and the company.",
"brand_matches":[false],
"url_match":true,
"gpt4o":{
"riskscore":8,
"legit_domain":"knutsen-group.com",
"reasons":["The URL 'iapv.wsp.com' does not match the legitimate domain name 'knutsen-group.com'.",
"The domain 'wsp.com' is not associated with Knutsen Group,
 which raises suspicion.",
"The presence of an input field asking for a 'SELF-CHOSEN access code' is unusual and could be a tactic to collect sensitive information.",
"The URL structure and domain do not align with the expected domain for Knutsen Group,
 indicating a high likelihood of phishing."]}
,
"brand_input":"Knutsen Group",
"input_fields":"Enter your SELF-CHOSEN access code: Save"}
                      URL: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx# Model: jbxai
                      {
"brand":["Knutsen Group"],
"contains_trigger_text":true,
"trigger_text":"The Questionnaire is anonymous,
 and you have to provide a SELF-CHOSEN access code. Enter your SELF-CHOSEN access code: Save The SELF-CHOSEN access code is personal,
 and only YOU know it - So please remember it. Click here to view document",
"prominent_button_name":"Save",
"text_input_field_labels":["Enter your SELF-CHOSEN access code: "],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                      URL: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx# Model: jbxai
                      {
"brand":["Knutsen Group"],
"contains_trigger_text":true,
"trigger_text":"The Questionnaire is anonymous,
 and you have to provide a SELF-CHOSEN access code. Enter your SELF-CHOSEN access code: Save The SELF-CHOSEN access code is personal,
 and only YOU know it - So please remember it. Click here to view document",
"prominent_button_name":"Save",
"text_input_field_labels":["Enter your SELF-CHOSEN access code: "],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                      URL: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx# Model: jbxai
                      {
"phishing_score":2,
"brands":["Knutsen Group"],
"sub_domain":"iapv",
"legit_domain":"wsp.com",
"partial_domain_match":true,
"brand_matches_associated_domain":false,
"reasons":"The domain name 'wsp.com' does not fully match the legitimate domain name associated with the identified brand 'Knutsen Group'. The brand 'Knutsen Group' is not commonly associated with the given domain 'wsp.com',
 which suggests that the webpage may be a phishing site.",
"brand_matches":[false],
"url_match":true,
"gpt4o":{
"riskscore":8,
"legit_domain":"knutsen.com",
"reasons":["The URL 'iapv.wsp.com' does not match the legitimate domain 'knutsen.com' associated with Knutsen Group.",
"The domain 'wsp.com' is not commonly associated with Knutsen Group.",
"The presence of an input field asking for a 'SELF-CHOSEN access code' is unusual and could be a tactic to collect sensitive information.",
"The URL structure and the brand association do not align,
 which is a common indicator of phishing."]}
,
"brand_input":"Knutsen Group",
"input_fields":"Enter your SELF-CHOSEN access code: "}
                      URL: https://iapv.wsp.com/LoginPage.aspx?schemaID=891565&id=jLjZLnvOqTakTJpsZnT25cGEN93WYxLbinVrZCWbGtc%3d&path=LoginPage.aspx# Model: jbxai
                      {
"phishing_score":2,
"brands":["Knutsen Group"],
"sub_domain":"iapv",
"legit_domain":"wsp.com",
"partial_domain_match":true,
"brand_matches_associated_domain":false,
"reasons":"The domain name 'wsp.com' does not fully match the identified brand 'Knutsen Group'. The subdomain 'iapv' is not a common practice for companies to use their initials or a part of their name as the domain. However,
 the design and functionality of the webpage seem legitimate and professional.",
"brand_matches":[false],
"url_match":true,
"gpt4o":{
"riskscore":8,
"legit_domain":"knutsen-group.com",
"reasons":["The URL 'iapv.wsp.com' does not match the legitimate domain name 'knutsen-group.com'.",
"The domain 'wsp.com' is not associated with Knutsen Group,
 which raises suspicion.",
"The presence of a subdomain 'iapv' does not provide any clear association with Knutsen Group.",
"The input field 'Enter your SELF-CHOSEN access code' is unusual and could be a tactic to phish for sensitive information."]}
,
"brand_input":"Knutsen Group",
"input_fields":"Enter your SELF-CHOSEN access code: "}

                      Created / dropped Files

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 25 06:29:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2673
                      Entropy (8bit):3.9876690025133166
                      Encrypted:false
                      SSDEEP:
                      MD5:C0E1F3599A3679D3B023797E4635C53B
                      SHA1:C26F16D06671797F23B7F24E95ADBA81DD03EEEB
                      SHA-256:0B443A63026C23AF31FDC9C028E0B57177FF1E207D40A61B40D09282117EDC65
                      SHA-512:E26489C4AF83FFB52E3E9D2A08369C515214232DB5FC213767EBD37E2548355DC44688CC9B4546F7667F702F467A0A0EC5C3A4E3DAC19D14BDDFDEF74841EE01
                      Malicious:false
                      Reputation:unknown
                      Preview:L..................F.@.. ...$+.,...........N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I9Y.;....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V9Y.;....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V9Y.;....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V9Y.;..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V9Y.;...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........~..b.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 25 06:29:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2675
                      Entropy (8bit):4.003888160539018
                      Encrypted:false
                      SSDEEP:
                      MD5:0A88C83BF232B7A122282EA163CBF1BA
                      SHA1:70B835698C86CAD8CDAF19038C2FB217E00CA8BF
                      SHA-256:FE02D52D8F9D11EBA85606EEE949C0A70E46F4FF0B89A12AF48739F1EE8AA995
                      SHA-512:D5C304574322D8CB902499A93020209057B8E88F9334CFBFC2091817FAF906166FB57BB6B9FA349692E33DF03CFA6931EDFE6956C27B57BDCAFBA452C1CF5AFB
                      Malicious:false
                      Reputation:unknown
                      Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I9Y.;....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V9Y.;....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V9Y.;....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V9Y.;..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V9Y.;...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........~..b.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2689
                      Entropy (8bit):4.009588816410877
                      Encrypted:false
                      SSDEEP:
                      MD5:89D52A2E4BE460702B351C103BF8D2A2
                      SHA1:E30186923B6617AAB69DC5771B167CB83B6A3D50
                      SHA-256:DF21147EE2630FA116BBA9315AAF05DFB2A4CCB3E403BF8A5C03987A898DFA02
                      SHA-512:5E4DB201BBB518699B11F23519761B51CDDE0E1493814D929846747404377BFE007BD20420AA74D45B4C9C4C6EE66E0C4E0EE495217820380B2CF1648BD2B0B9
                      Malicious:false
                      Reputation:unknown
                      Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I9Y.;....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V9Y.;....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V9Y.;....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V9Y.;..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........~..b.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 25 06:29:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2677
                      Entropy (8bit):3.9998839709502456
                      Encrypted:false
                      SSDEEP:
                      MD5:B0B6D5337C4FE7C72C2B533901CC6EE8
                      SHA1:0DC59F88BB66727FC1388D813BF166ED9D457A2B
                      SHA-256:A0304B6B5BACB705543412EAD5F75D1DE220F87A9ACF5980DFA50E3946E4D5E8
                      SHA-512:B2A607E1FDE5B294982DEEA39907EBE7A1CBDEBD580A411959C61E968DC23228C15E9B1C003F46A789B7C0FCA20692B7A6191B728EF20A5CB5C7AB7F14C34CDE
                      Malicious:false
                      Reputation:unknown
                      Preview:L..................F.@.. ...$+.,....iJ......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I9Y.;....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V9Y.;....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V9Y.;....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V9Y.;..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V9Y.;...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........~..b.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 25 06:29:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2677
                      Entropy (8bit):3.9894986508733847
                      Encrypted:false
                      SSDEEP:
                      MD5:D1EEF264AC7223D2B34AD4C9E3CCED2B
                      SHA1:1F7057D9F7EC1EA73576D443F9DAB1FCA8D53A2B
                      SHA-256:DF759213BB790B3B151BCBFCEE0C14A9B65EC750C3F2BBBC9116E289D741058F
                      SHA-512:307CA42B4F7143DAE553296437E0E7C7E0ABDE81AAF5138E0BBAFA7F24DC8510DB902FECD1B39E72494D21CBD80B8DB4CA9AE2A4346B263A1CCC36F5C58E5AAE
                      Malicious:false
                      Reputation:unknown
                      Preview:L..................F.@.. ...$+.,.....i.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I9Y.;....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V9Y.;....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V9Y.;....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V9Y.;..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V9Y.;...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........~..b.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 25 06:29:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2679
                      Entropy (8bit):4.000658133551333
                      Encrypted:false
                      SSDEEP:
                      MD5:6914D2861BC319FCF9768C18F9B133EC
                      SHA1:9D8A94B6930FDE819F06D98532975C895E2546A4
                      SHA-256:A6E9CC0FFAA2128519F662307561125B9CDAFD75E4164D74676EFB8C299EEBDA
                      SHA-512:D98D24A6860EC9B93C905D481824B2BFF400E677AB388776E05A4CB8FFAEC193F89F8420CD4156F5B7FCFE8E8679CB8977E24B4C0A62848D51DD886227E93665
                      Malicious:false
                      Reputation:unknown
                      Preview:L..................F.@.. ...$+.,...........N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I9Y.;....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V9Y.;....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V9Y.;....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V9Y.;..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V9Y.;...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........~..b.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      Chrome Cache Entry: 103

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):3882
                      Entropy (8bit):4.777716484588888
                      Encrypted:false
                      SSDEEP:
                      MD5:3B21D6D713FA1EC7FFFF26186986D88B
                      SHA1:6DE0B1AC1857F52E7A889505FDC287B640AD4584
                      SHA-256:D5504740EB374F702E3177B67E4F3180534309A731F1B28B2F6A43918F5FCFD3
                      SHA-512:5A4242200B665AFFE5CD4D629A35693F2160D61926982517D50002DDB514F2DFB1A7F54F5AD021BB56CB3B319F907F7A204A6724A6EC2CD83394AFBEC96B399D
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/icons.css
                      Preview:.@charset "UTF-8";....@font-face {.. font-family: "orbicon-iapv";.. src:url("/fonts/orbicon-iapv.eot");.. src:url("/fonts/orbicon-iapv.eot?#iefix") format("embedded-opentype"),.. url("/fonts/orbicon-iapv.woff") format("woff"),.. url("/fonts/orbicon-iapv.ttf") format("truetype"),.. url("/fonts/orbicon-iapv.svg#orbicon-iapv") format("svg");.. font-weight: normal;.. font-style: normal;....}....[data-icon]:before {.. font-family: "orbicon-iapv" !important;.. content: attr(data-icon);.. font-style: normal !important;.. font-weight: normal !important;.. font-variant: normal !important;.. text-transform: none !important;.. speak: none;.. line-height: 1;.. -webkit-font-smoothing: antialiased;.. -moz-osx-font-smoothing: grayscale;..}....[class^="icon-"]:before,..[class*=" icon-"]:before {.. font-family: "orbicon-iapv" !important;.. font-style: normal !important;.. font-weight: normal !important;.. font-variant: normal !important;.. text-transform: none !important;

                      Chrome Cache Entry: 104

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 101 x 101, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):9794
                      Entropy (8bit):7.952529920251959
                      Encrypted:false
                      SSDEEP:
                      MD5:4E693A4E04CB8663556CEE5136F9D564
                      SHA1:1F3ABC7916C5BC8DE9BC5E105B23FAD23CA2C7FA
                      SHA-256:7AE6162BF0C206750F95D383329129CF085A2DDBD1FBB581769E498D4A4C7939
                      SHA-512:EA7679EE7B325AF6D35CB35619778B9EDB2D2D86628F603E89FB1329980DEE4EFC933E7E15DAF036B7DABBE7DD4CA2684B572AE5F357DAA3F3CB9C6A2D30D943
                      Malicious:false
                      Reputation:unknown
                      Preview:.PNG........IHDR...e...e.....T|-.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:0AE75C726E9711E5A5DDEA8B00A61A23" xmpMM:DocumentID="xmp.did:0AE75C736E9711E5A5DDEA8B00A61A23"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:0AE75C706E9711E5A5DDEA8B00A61A23" stRef:documentID="xmp.did:0AE75C716E9711E5A5DDEA8B00A61A23"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>wb....".IDATx..].|T..m....Bz!@.!.# U...{...Q. bAQ|(.>......(U....Q..j..{!...l.....@.($,...K....|g..o.sy`.M*..|.....

                      Chrome Cache Entry: 105

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (61301), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):236987
                      Entropy (8bit):4.976426374837117
                      Encrypted:false
                      SSDEEP:
                      MD5:7CFA70B37DAD39B70B4283C9B9A6DA41
                      SHA1:0E906C7C7DAD8C8EDA49A34CDEEA9D6D540576C0
                      SHA-256:D309DDA4C6EFD4B2C99FDC32663C17A4CF864DB48A4B5C7A1A0D4DC0136394D7
                      SHA-512:AF176A376163C43F6242EF53E01D95E6B790B6CB9DFB48A21DE64ECB65B1A11A2BDD81F1C49C1B708D7E62810DCE6859A7C20AEF77F0250904B250F90E023707
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/kendo/2016.2.504/kendo.common-office365.min.css
                      Preview:/** .. * Kendo UI v2016.2.504 (http://www.telerik.com/kendo-ui) .. * Copyright 2016 Telerik AD. All rights reserved. .. * .. * Kendo UI commercial licenses may be obtained at .. * http://www.telerik.com/purchase/license-agreement/kendo-ui-complete

                      Chrome Cache Entry: 106

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with no line terminators
                      Category:downloaded
                      Size (bytes):60
                      Entropy (8bit):4.43183237120822
                      Encrypted:false
                      SSDEEP:
                      MD5:86023D0A303AB50C8CC8A1B796724E75
                      SHA1:90AEA3D713EEEBD324B3B59F8CDE002EA4BFEB96
                      SHA-256:668ABDA2BEF27C3DD8E84F7A45212A707178C8C2B83831F3C85286D3373C31FD
                      SHA-512:6B29485598FCBFA839D8A0A89A90B73013D6A8D01EFE2B76576A8856E1615CD4E5103839155A7DD59B3B0075DBF89D5019E8521B4DAA13680069DD0E797CD5FC
                      Malicious:false
                      Reputation:unknown
                      URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwm45ev6VcADkRIFDc5BTHoSBQ3OQUx6EhcJzpyt538wQM4SBQ3OQUx6EgUNzkFMeg==?alt=proto
                      Preview:ChIKBw3OQUx6GgAKBw3OQUx6GgAKFgoLDc5BTHoaBAhLGAIKBw3OQUx6GgA=

                      Chrome Cache Entry: 107

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Unicode text, UTF-8 text, with very long lines (1149), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):5449
                      Entropy (8bit):2.3147305722917766
                      Encrypted:false
                      SSDEEP:
                      MD5:0B0D1219ECA66DA07A91E1327B43A580
                      SHA1:C2397AE1F023AD359D5DEF4DCA5E6C0C7CF07F48
                      SHA-256:02D7A5F2A074866EF34DB576E8A557E3121D84C6C78115285232CC9E7D5C16D2
                      SHA-512:D4FAEA8C612578AD81BC2FD06B403189C1FED33478F3DACF504828FB7145B60A177251ECA3838C838D2D5D2DEA1DBD23EA9E066C29724FA318CDDF2F95B54DFB
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Scripts/kendo/2016.2.504/cultures/kendo.culture.da-DK.min.js
                      Preview:/** .. * Kendo UI v2016.2.504 (http://www.telerik.com/kendo-ui) .. * Copyright 2016 Telerik AD. All rights reserved. .. * .. * Kendo UI commercial licenses may be obtained at .. * http://www.telerik.com/purchase/license-agreement/kendo-ui-complete

                      Chrome Cache Entry: 108

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:HTML document, ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):10978
                      Entropy (8bit):4.28984012681502
                      Encrypted:false
                      SSDEEP:
                      MD5:CC67BD9F4C165200ACE9423247565E6F
                      SHA1:223A04967A6B38E2AA975005406F5CA354E5F37C
                      SHA-256:60C0E247820C81702547B228202C5F65425C55CB8DEFEA3D5665FD588072B771
                      SHA-512:19C313562935F2123BF981D5150BD9E86C6D7A77ED1A2EA44BE269C9B9A40683F9B5B97F64AE3061EC29AE76D868E1311C39A2DEC9E60EBB3E9927804BA8986E
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Scripts/printThis.js?v=1
                      Preview:/*.. * printThis v1.5.. * @desc Printing plug-in for jQuery.. * @author Jason Day.. *.. * Resources (based on) :.. * jPrintArea: http://plugins.jquery.com/project/jPrintArea.. * jqPrint: https://github.com/permanenttourist/jquery.jqprint.. * Ben Nadal: http://www.bennadel.com/blog/1591-Ask-Ben-Print-Part-Of-A-Web-Page-With-jQuery.htm.. *.. * Licensed under the MIT licence:.. * http://www.opensource.org/licenses/mit-license.php.. *.. * (c) Jason Day 2014.. *.. * Usage:.. *.. * $("#mySelector").printThis({.. * debug: false, * show the iframe for debugging.. * importCSS: true, * import page CSS.. * importStyle: false, * import style tags.. * printContainer: true, * grab outer container as well as the contents of the selector.. * loadCSS: "path/to/my.css", * path to additional css file - us an array [] for multiple.. * pageTitle: "", * add title to print p

                      Chrome Cache Entry: 109

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 124 x 91, 8-bit/color RGB, non-interlaced
                      Category:downloaded
                      Size (bytes):2523
                      Entropy (8bit):7.598026496389004
                      Encrypted:false
                      SSDEEP:
                      MD5:FD98906ADD1CBA339171322F375129F0
                      SHA1:6CAEF6878B8912D12DC834F95867C17B9E1EE071
                      SHA-256:42D9E5E32854F949FE09A9E52A5D126921A223446FC5572379B4BB0E699CC768
                      SHA-512:57BF4FC4EDC45884CAB9FF8552139151ECAEF6B53C085524DBFC9FA24A35D0C642EAFE872B78DF9C4BC3F39A9D9922DD9B619504084F9468A4A2F06C2B3BC795
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Images/en-GB.png
                      Preview:.PNG........IHDR...|...[.....>.vg....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:06E42C63763911E59D758C1145A209AB" xmpMM:DocumentID="xmp.did:06E42C64763911E59D758C1145A209AB"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:06E42C61763911E59D758C1145A209AB" stRef:documentID="xmp.did:06E42C62763911E59D758C1145A209AB"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>......QIDATx..?h.W....!.0..U.i...(............Z<t..v..%....3..B...*...S....S.`..E....Y....N'.;Y.~_<\N......

                      Chrome Cache Entry: 111

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (11652), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):15942
                      Entropy (8bit):4.649151452294785
                      Encrypted:false
                      SSDEEP:
                      MD5:D171BB0216024EC278193FC0AE3929AF
                      SHA1:FB93DA9EE2A64A7F7970FBA83D92BFC83BED3BA9
                      SHA-256:674A9C07EC451CBAB42B838C72EC2F7114E977C1D4B0E70B75CA8E8E46D17C9E
                      SHA-512:5EEA47D0BE1E32970582F518AD6FFA5EE132E1530FF28E6D00F4AA426EFF3DEC323E62F554818F77B278E4EED9DC72584A8130659FD75B7F2091261DE76C52A1
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Scripts/kendo/2016.2.504/kendo.aspnetmvc.min.js
                      Preview:/** .. * Kendo UI v2016.2.504 (http://www.telerik.com/kendo-ui) .. * Copyright 2016 Telerik AD. All rights reserved. .. * .. * Kendo UI commercial licenses may be obtained at .. * http://www.telerik.com/purchase/license-agreement/kendo-ui-complete

                      Chrome Cache Entry: 112

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (2493), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):2580
                      Entropy (8bit):5.385205941854383
                      Encrypted:false
                      SSDEEP:
                      MD5:17358300F109D971CE77627555362EE4
                      SHA1:740B1EBEAFF644CD261CA6762E425174A4094F94
                      SHA-256:8ED0585A83BD4DB39DD4A27BAA05A661372005E7CA810A43740531A2873CC39E
                      SHA-512:B91470F7FC8F40A2B6C384AFBA971EE3C3270FE065E4FBCE7DB9A2B2F07D55A3230EB1488DCD94DC048845F10BEC236FB2F19A1A6E26FB7898D5097DB6B2FD9F
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Scripts/FileSaver.min.js
                      Preview:/*! @source http://purl.eligrey.com/github/FileSaver.js/blob/master/FileSaver.js */..var saveAs=saveAs||(navigator.msSaveOrOpenBlob&&navigator.msSaveOrOpenBlob.bind(navigator))||(function(h){"use strict";var r=h.document,l=function(){return h.URL||h.webkitURL||h},e=h.URL||h.webkitURL||h,n=r.createElementNS("http://www.w3.org/1999/xhtml","a"),g=!h.externalHost&&"download" in n,j=function(t){var s=r.createEvent("MouseEvents");s.initMouseEvent("click",true,false,h,0,0,0,0,0,false,false,false,false,0,null);t.dispatchEvent(s)},o=h.webkitRequestFileSystem,p=h.requestFileSystem||o||h.mozRequestFileSystem,m=function(s){(h.setImmediate||h.setTimeout)(function(){throw s},0)},c="application/octet-stream",k=0,b=[],i=function(){var t=b.length;while(t--){var s=b[t];if(typeof s==="string"){e.revokeObjectURL(s)}else{s.remove()}}b.length=0},q=function(t,s,w){s=[].concat(s);var v=s.length;while(v--){var x=t["on"+s[v]];if(typeof x==="function"){try{x.call(t,w||t)}catch(u){m(u)}}}},f=function(t,u){var v=t

                      Chrome Cache Entry: 113

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:GIF image data, version 89a, 16 x 16
                      Category:downloaded
                      Size (bytes):557
                      Entropy (8bit):4.911293200480825
                      Encrypted:false
                      SSDEEP:
                      MD5:43B7DDFD5A5018933CCB3488FF8C725E
                      SHA1:CDDCEAAA31EA65F112DD5CC52EC6078538E30278
                      SHA-256:4F243F9305377FB1071242F34EDAF787D9CD6D575AFDF8524F49A64AF7B350F4
                      SHA-512:24A264EF7933688E48279707822E3061A57036491E571E66F72FE59D6B22D38259488B3A90FC568E85B7CC051A8B63EE5DD2C3775CA95F74EA114115C0FAA943
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/kendo/2016.2.504/Office365/loading.gif
                      Preview:GIF89a.............!..NETSCAPE2.0.....!.......,......................>..!.......,............Q.!.......,............Q.!.......,............Q.!.......,............Q.!.......,............Q.!.......,............Q.!.......,............Q.!.......,..................!.......,......................{Y..!.......,...................ZF[.8..x.xp%.^&x..!.......,...................ZFm...}...E....R..!.......,...................ZFm...-...^..!.......,...................ZFm...-..H...!.......,...................ZFm.....H..!.......,......................{Y..;

                      Chrome Cache Entry: 115

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (2287)
                      Category:downloaded
                      Size (bytes):173712
                      Entropy (8bit):5.55565619706236
                      Encrypted:false
                      SSDEEP:
                      MD5:D0E0CBBDEA9D007C350823ECA43548B1
                      SHA1:CF11E646D6EAA0DC1C83E99FB93F16647A2611A5
                      SHA-256:8940C95C71EAFF7DCBB43BFAD06C66ADEA6D60D2D8F5C4CC879F931ED4FE5C0D
                      SHA-512:29B886B57DEEC83AF96572254354C5FB5F5698118F1C97C1C6485EDDE9C6C0A3B51FF9F37BE1D90F6C9F7D9CF428C4AA1A637D2D12B2BCD419E11FFC31A61FEB
                      Malicious:false
                      Reputation:unknown
                      URL:"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.RRlsmNlDmQQ.2019.O/rt=j/m=q_dnp,qmd,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTv3Qzh6Ja6eSLzWU_FOQIMZM5uKUQ"
                      Preview:this.gbar_=this.gbar_||{};(function(_){var window=this;.try{._.oj=class extends _.Q{constructor(){super()}};.}catch(e){_._DumpException(e)}.try{.var pj,qj,sj,vj,yj,xj,rj,wj;pj=function(a){try{return a.toString().indexOf("[native code]")!==-1?a:null}catch(b){return null}};qj=function(){_.Ka()};sj=function(){rj===void 0&&(rj=typeof WeakMap==="function"?pj(WeakMap):null);return rj};vj=function(a,b){(_.tj||(_.tj=new rj)).set(a,b);(_.uj||(_.uj=new rj)).set(b,a)};.yj=function(a){if(wj===void 0){const b=new xj([],{});wj=Array.prototype.concat.call([],b).length===1}wj&&typeof Symbol==="function"&&Symbol.isConcatSpreadable&&(a[Symbol.isConcatSpreadable]=!0)};_.zj=function(a,b,c,d){a=_.zb(a,b,c,d);return Array.isArray(a)?a:_.Rc};_.Aj=function(a,b){a=(2&b?a|2:a&-3)|32;return a&=-2049};_.Bj=function(a,b){a===0&&(a=_.Aj(a,b));return a|1};_.Cj=function(a){return!!(2&a)&&!!(4&a)||!!(2048&a)};_.Dj=function(a,b,c){32&b&&c||(a&=-33);return a};._.Hj=function(a,b,c,d,e,f,g){const h=a.ha;var k=!!(2&b);e=k?

                      Chrome Cache Entry: 116

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (789)
                      Category:downloaded
                      Size (bytes):794
                      Entropy (8bit):5.148445308666886
                      Encrypted:false
                      SSDEEP:
                      MD5:D7E8B6CD6FBA3F8A45D9DD3C76D3E383
                      SHA1:1E05C108763E1EBFD26FB669BEA567119F88A2A6
                      SHA-256:6F0F0E9604A6EBB664B107A4EAFBAE7E9086F6E97112CD73B20A39DBB2DA417E
                      SHA-512:DB0A9B738A7337850A8800F72DB7C48FBBAD87C0B6943087CAE562F38568DCE1537B945C701881AE3AE630E504E96F7854B1177E21624C120950018B28070C8B
                      Malicious:false
                      Reputation:unknown
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["",["philadelphia eagles injury report","nvidia stocks","earth mini moon asteroid nasa","brook cheuvront south africa","playstation 30th anniversary ps5 pro","cincinnati reds manager","kmart stores closing","helldivers update patch notes"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                      Chrome Cache Entry: 119

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 124 x 91, 8-bit/color RGB, non-interlaced
                      Category:dropped
                      Size (bytes):1130
                      Entropy (8bit):6.337448868321375
                      Encrypted:false
                      SSDEEP:
                      MD5:6EBB18C187D712112E3F3031B9CC764E
                      SHA1:EFBC4F4630BDFAE8E46F7F2A7942D19F76EC9491
                      SHA-256:7A8DE8D624CBE3A259592AB22E41220754CC4B5A7BB5EEAEBF4224E4B11270DA
                      SHA-512:2106E744AE4EE24CCF4B7FC06C8051D1A0420D1C9AD5086B7CABD97C03386EC7BAF3EB54FA20D17ED9AEF06114EA6ADE259DD848B0968C290681F61145839546
                      Malicious:false
                      Reputation:unknown
                      Preview:.PNG........IHDR...|...[.....>.vg....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:EB104C28763811E5B0CED1AE02E533F3" xmpMM:DocumentID="xmp.did:EB104C29763811E5B0CED1AE02E533F3"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:EB104C26763811E5B0CED1AE02E533F3" stRef:documentID="xmp.did:EB104C27763811E5B0CED1AE02E533F3"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.^.-....IDATx.....P...6.>..W..../.K....7......m.....~..q8..C......w.F....c8Vy.t..]..:tA..]..:tA.....:tA......:tA

                      Chrome Cache Entry: 120

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text
                      Category:downloaded
                      Size (bytes):29
                      Entropy (8bit):3.9353986674667634
                      Encrypted:false
                      SSDEEP:
                      MD5:6FED308183D5DFC421602548615204AF
                      SHA1:0A3F484AAA41A60970BA92A9AC13523A1D79B4D5
                      SHA-256:4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
                      SHA-512:A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5
                      Malicious:false
                      Reputation:unknown
                      URL:https://www.google.com/async/newtab_promos
                      Preview:)]}'.{"update":{"promos":{}}}

                      Chrome Cache Entry: 121

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):4290
                      Entropy (8bit):0.8809386824714196
                      Encrypted:false
                      SSDEEP:
                      MD5:9AE67EDE697F04173529EEC7360FC5E5
                      SHA1:F798DABB7C9BE966D56CFC43361BC35BB1E2A7E8
                      SHA-256:2D471A22DBDDC4C20B1AD577190FF411C7C9231A3067B077CAF5000E040A1E9B
                      SHA-512:DBEDDBDE91C959C30AC93988533A7A8191C4B4D3D2749F00E9B96B6D1672DF05FF06C49EB8505A90D727ED18BF4E9847F5C40CCF96722BE10011A19832D28F09
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/kendo/2016.2.504/kendo.dataviz.min.css
                      Preview:/** .. * Kendo UI v2016.2.504 (http://www.telerik.com/kendo-ui) .. * Copyright 2016 Telerik AD. All rights reserved. .. * .. * Kendo UI commercial licenses may be obtained at .. * http://www.telerik.com/purchase/license-agreement/kendo-ui-complete

                      Chrome Cache Entry: 123

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):415
                      Entropy (8bit):4.934819005924868
                      Encrypted:false
                      SSDEEP:
                      MD5:49D3E3BEF7E656836183302FB1B2F1C5
                      SHA1:B127FE6F538ECB2D005BBB8C859C3CB2C07D7E5F
                      SHA-256:09B6D5ECA5F7AE37A7C183639B8A37F0338432074826B143056D44923FE13E9D
                      SHA-512:FCB3A2F370D3E398368AB825A7044D34B4AAE3794D3C8D1FFFE9E67A2CBD31BECD83E21D48089174F14AEAD4B69B67EC1B424F54CDB53430CB74BE11178548EF
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Scripts/frontpage.js
                      Preview:.$(document).ready(function() {.. setInterval(function() { changeTab(); }, 20000);..});..function changeTab() {.. var tabStrip = $("#tabStripFeatures").data("kendoTabStrip");.. var currentIndex = $("#tabStripFeatures").data("kendoTabStrip").select().index();.. var nextIndex = ((currentIndex+1) % 4);.. var nextTab = tabStrip.tabGroup.children("li").eq(nextIndex);.. tabStrip.select(nextTab);..}

                      Chrome Cache Entry: 124

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (61301), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):216188
                      Entropy (8bit):4.983769068695203
                      Encrypted:false
                      SSDEEP:
                      MD5:E93DD6AE4FC05549B143669568B8C95F
                      SHA1:8D8043F197AF214B0C1187A78948B4FAC03892D5
                      SHA-256:F146AF5FD10F8F9BAABC309DA6C0493CB856CDE732C0CAF821892DB50BCC4387
                      SHA-512:731E5382AD1222CE4C9128F885CD5FA19105F9EAB64A886148C5B3B24796BDFF3C396C73E10D97CC07A793EB4DA570B7E60FC946ED8A4FBCC5D84464C00E60EB
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/kendo/2016.2.504/kendo.common.min.css
                      Preview:/** .. * Kendo UI v2016.2.504 (http://www.telerik.com/kendo-ui) .. * Copyright 2016 Telerik AD. All rights reserved. .. * .. * Kendo UI commercial licenses may be obtained at .. * http://www.telerik.com/purchase/license-agreement/kendo-ui-complete

                      Chrome Cache Entry: 125

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Unicode text, UTF-8 text, with very long lines (10809), with CRLF line terminators
                      Category:dropped
                      Size (bytes):10923
                      Entropy (8bit):5.1117683472409565
                      Encrypted:false
                      SSDEEP:
                      MD5:1FC7E10D5A16956AAFBEEB412D42761B
                      SHA1:80C21B7CAAA4876E6DF3ACBB4B2829357FA43212
                      SHA-256:C228A8E12E33827977851A6B9DDE862FEBA61AC34C5AD5BC675E55603754D770
                      SHA-512:6EFCA01B60FA6D03FDBABF6C554D9E1714C95D264888E81CF1349F681FEF4399E824B83BA3610FDD513D6FE73958D340A5CEF5F90EBD9BFDB597674C572BE25B
                      Malicious:false
                      Reputation:unknown
                      Preview:/*!.. * clipboard.js v1.7.1.. * https://zenorocha.github.io/clipboard.js.. *.. * Licensed MIT . Zeno Rocha.. */..!function(t){if("object"==typeof exports&&"undefined"!=typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var e;e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:this,e.Clipboard=t()}}(function(){var t,e,n;return function t(e,n,o){function i(a,c){if(!n[a]){if(!e[a]){var l="function"==typeof require&&require;if(!c&&l)return l(a,!0);if(r)return r(a,!0);var s=new Error("Cannot find module '"+a+"'");throw s.code="MODULE_NOT_FOUND",s}var u=n[a]={exports:{}};e[a][0].call(u.exports,function(t){var n=e[a][1][t];return i(n||t)},u,u.exports,t,e,n,o)}return n[a].exports}for(var r="function"==typeof require&&require,a=0;a<o.length;a++)i(o[a]);return i}({1:[function(t,e,n){function o(t,e){for(;t&&t.nodeType!==i;){if("function"==typeof t.matches&&t.matches(e))return t;t=t.parentNode}}var i=9;i

                      Chrome Cache Entry: 127

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):4300
                      Entropy (8bit):0.9011365755912777
                      Encrypted:false
                      SSDEEP:
                      MD5:6DE60B2E4DC9DE895452D9B1427FFE8D
                      SHA1:B42D61954779DE1D934499A90E1F04CA36C5C84C
                      SHA-256:B2B33D167EE57901D6D37E10E0B2259B462AD4D2C15978DCCBC9F740E4B61CC9
                      SHA-512:28C244EEF946F07E5AA766DD0301A9E58BA0DD323B87437FA6E8210E927BCEB80C3A81AE521F7585683A1639E4B1A163F10E41C90C7C72C64CE5115E9B678FA2
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/kendo/2016.2.504/kendo.dataviz.office365.min.css
                      Preview:/** .. * Kendo UI v2016.2.504 (http://www.telerik.com/kendo-ui) .. * Copyright 2016 Telerik AD. All rights reserved. .. * .. * Kendo UI commercial licenses may be obtained at .. * http://www.telerik.com/purchase/license-agreement/kendo-ui-complete

                      Chrome Cache Entry: 128

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (833)
                      Category:downloaded
                      Size (bytes):838
                      Entropy (8bit):5.146879974501052
                      Encrypted:false
                      SSDEEP:
                      MD5:A1138A30553484EC3D75F81007C77A83
                      SHA1:B09726734D97D81D453AB268AB1A453EE4F96FD5
                      SHA-256:BA72A3C819470781F9A6123065C234CA9C88D64B89497D96EE85B221C3CDBA14
                      SHA-512:283D8439670E53812C67F0835836CB9D98C6B8E4ADD76CEF3D8259320EF145C37C5BFA576E27542489C135B8BDFB0E54A0276CD736AE5616AC2A1AF775EC9027
                      Malicious:false
                      Reputation:unknown
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["",["kings dominion halloween haunt brawl","north american pine squids","playstation 30th anniversary ps5 pro","port strikes","tufts lacrosse players hospitalized","tropical storm hurricane helene path","it ends with us streaming release date","ps5 console 30th anniversary edition"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                      Chrome Cache Entry: 129

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 101 x 101, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):4807
                      Entropy (8bit):7.849920170225359
                      Encrypted:false
                      SSDEEP:
                      MD5:567D3A57A1590404AD15976B03A084FB
                      SHA1:AFDF8D071A6B667D99B328BDD57145AE74F274FD
                      SHA-256:E6CD4C03F65DE776A4658F7ACD964D05DA77FE299EFAEEB4CA836353A76F4125
                      SHA-512:3F84B931B8C958097FDE5C16A8C5F9375012B720809DF3A796782E35A33AD748529AB3C128CA506878FD2C484E581BB2267FE2DE2C2FC8AB9116A26A23BE5A9F
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Images/feature1.png
                      Preview:.PNG........IHDR...e...e.....T|-.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:4E3CC9716E9211E5A0C6E68D1D361A51" xmpMM:DocumentID="xmp.did:4E3CC9726E9211E5A0C6E68D1D361A51"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4E3CC96F6E9211E5A0C6E68D1D361A51" stRef:documentID="xmp.did:4E3CC9706E9211E5A0C6E68D1D361A51"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..t....=IDATx..]}lS....!!_..B..l|L.+.P.6(N.....R...Th.i...l m..&...>T..45.(..L..(]Ub...Z1.U....V 4...H.j.w}_x....N....Gz

                      Chrome Cache Entry: 132

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (5162), with no line terminators
                      Category:downloaded
                      Size (bytes):5162
                      Entropy (8bit):5.3533581296433415
                      Encrypted:false
                      SSDEEP:
                      MD5:6776548F23C2A44FBD3C7343F0CB43E1
                      SHA1:1E6871D4196BB00F0D161D5DC8872A8D940CEC30
                      SHA-256:DDFC74A717ADCA6E6DB1BCF58D64FF7205F52BA4B61617A0137045088622C86E
                      SHA-512:947B3AC76BC7B6DF6FD1C4AEA94E79D1E168E3B15BB4DC2A497E3DAFF60DAA58A490C89BA11A10910BB4B21C79A56CEAEDFFAE32A77D39E245422BE874BF7CF1
                      Malicious:false
                      Reputation:unknown
                      URL:"https://www.gstatic.com/og/_/ss/k=og.qtm.pZbbn6aKAZ8.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTt6If9d1pi4yP4MpRCU4A1M3rvNtg"
                      Preview:.gb_Q{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ka{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_La{fill:#f9ab00}.gb_F .gb_La{fill:#fdd663}.gb_Ma>.gb_La{fill:#d93025}.gb_F .gb_Ma>.gb_La{fill:#f28b82}.gb_Ma>.gb_Na{fill:white}.gb_Na,.gb_F .gb_Ma>.gb_Na{fill:#202124}.gb_Oa{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

                      Chrome Cache Entry: 133

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (1885)
                      Category:downloaded
                      Size (bytes):126135
                      Entropy (8bit):5.498654960721984
                      Encrypted:false
                      SSDEEP:
                      MD5:C299A572DF117831926BC3A0A25BA255
                      SHA1:673F2AC4C7A41AB95FB14E2687666E81BC731E95
                      SHA-256:F847294692483E4B7666C0F98CBE2BD03B86AE27B721CAE332FEB26223DDE9FC
                      SHA-512:B418A87A350DBC0DEF9FAF3BE4B910CB21AE6FFFC6749EECEA486E3EB603F5AF92F70B936C3D440009482EDE572EE9736422CF89DCDD2B758DFA829216049179
                      Malicious:false
                      Reputation:unknown
                      URL:"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SpvAvsXfWWo.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-MoqWi0fF1M09Ccs-6QfulXvxfdg/cb=gapi.loaded_0"
                      Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x800000, ]);.var ba,fa,ha,na,oa,sa,ua,wa;ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};fa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.ma=ha(this);na=function(a,b){if(b)a:{var c=_.ma;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&fa(c,a,{configurable:!0,writable:!0,value:b})}};.na("Symbol",function(a){if(a)r

                      Chrome Cache Entry: 139

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (65531)
                      Category:downloaded
                      Size (bytes):133803
                      Entropy (8bit):5.435922833114009
                      Encrypted:false
                      SSDEEP:
                      MD5:476E328177452EDDEBAA9179BAE90C8D
                      SHA1:7D36AD28F907C826C8929E975A31F40A758B2223
                      SHA-256:CBBAE8E50EBB64CB9A85277E38C1CA1F30558023B578AD245739468FAB3E2A27
                      SHA-512:5A991AB86C483C3B9C86780D83CF9C0828FD3BE7BA9CCFAD2DE1B5DAE589DBCEDE6C1AA9F350AEE88BF4D90FE04E64710938D11181FF96B52E74F158136F95BC
                      Malicious:false
                      Reputation:unknown
                      URL:https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
                      Preview:)]}'.{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Fa gb_3d gb_Re gb_rd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e\u003cdiv class\u003d\"gb_Qd\"\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_ld gb_pd gb_Hd gb_md\"\u003e\u003cdiv class\u003d\"gb_xd gb_sd\"\u003e\u003cdiv class\u003d\"gb_Kc gb_R\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z\"\u003e\u003c\/path\u003e\u003c\/svg\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_Kc gb_Nc gb_R\" aria-label\u003d\"Go back\" title\u003d\"Go back\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.

                      Chrome Cache Entry: 141

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 1070 x 859, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):144791
                      Entropy (8bit):7.982262664704339
                      Encrypted:false
                      SSDEEP:
                      MD5:4F1D6E451FC9A488899FE68928A3EB23
                      SHA1:DF85BC6E894B86D999B45167D3BE08F5F5EC4D71
                      SHA-256:D76218E93330F6B769B262FF289732EAAA0B6CA02087D3CC613C7B15C39EE706
                      SHA-512:A4DF2A5F167D154A8C8A6F8BB9E7D3AFE33B10FB5D50B82D334BC52FE3CCFE618AD7629B254EA9E0B888679A494DCE125C8ED681B8291D69814D7FF08C2D89A2
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Images/iAPV_Demo.png
                      Preview:.PNG........IHDR.......[......g.Z....tEXtSoftware.Adobe ImageReadyq.e<...xiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c111 79.158325, 2015/09/10-01:10:20 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:989b40c8-9231-425f-8fbe-943a5893dfd3" xmpMM:DocumentID="xmp.did:E19C86FADC5911E5A06AC94F90102A27" xmpMM:InstanceID="xmp.iid:E19C86F9DC5911E5A06AC94F90102A27" xmp:CreatorTool="Adobe Photoshop CC 2015 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:989b40c8-9231-425f-8fbe-943a5893dfd3" stRef:documentID="xmp.did:989b40c8-9231-425f-8fbe-943a5893dfd3"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..C..1.IDATx..[.5[z.4...q..C.b..

                      Chrome Cache Entry: 143

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with no line terminators
                      Category:downloaded
                      Size (bytes):84
                      Entropy (8bit):4.3077962651258455
                      Encrypted:false
                      SSDEEP:
                      MD5:EFCA3DFB3DC89CB2DD5D1FF240060FE0
                      SHA1:0E046E75DA6CB38E421052B33F53F192C30F963B
                      SHA-256:254816389F8D15643556260F80C2E46BAF0BD6C93CD86B9B53FF1325BDFC491F
                      SHA-512:07BEDCE27D69A3B7D36E09CEC2139B4E2CE7E7906299457DB8DFED6608FE949D920C59E980387B1C4BA4D069C945F850C4542135855563B3EE2625B476FE8DEA
                      Malicious:false
                      Reputation:unknown
                      URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHglMVyZsraAuYxIFDc5BTHoSBQ3OQUx6EgUNzkFMehIeCc6cred_MEDOEgUNzkFMehIFDc5BTHoSBQ3OQUx6?alt=proto
                      Preview:ChsKBw3OQUx6GgAKBw3OQUx6GgAKBw3OQUx6GgAKHwoLDc5BTHoaBAhLGAIKBw3OQUx6GgAKBw3OQUx6GgA=

                      Chrome Cache Entry: 145

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (32006), with CRLF line terminators
                      Category:dropped
                      Size (bytes):2705209
                      Entropy (8bit):5.259065488479412
                      Encrypted:false
                      SSDEEP:
                      MD5:6E2C32B1770E782DBD37D7E9D9593EF6
                      SHA1:407EDAA38F54EB56F3810C6EBF398906B263A7E1
                      SHA-256:85384124EC8A8982BD9FD342515594C338E406F8E73ED74D61F35E227DE36549
                      SHA-512:5EF249148F86576232E303031F189C40205F414BD8192B5678D37A52B6708D091751B40E9AA048FE6B05C2D7A888B302FA241FA97B84B12B761143E9EC77DA22
                      Malicious:false
                      Reputation:unknown
                      Preview:/** .. * Kendo UI v2016.2.504 (http://www.telerik.com/kendo-ui) .. * Copyright 2016 Telerik AD. All rights reserved. .. * .. * Kendo UI commercial licenses may be obtained at .. * http://www.telerik.com/purchase/license-agreement/kendo-ui-complete

                      Chrome Cache Entry: 146

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 101 x 101, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):9863
                      Entropy (8bit):7.957853627502562
                      Encrypted:false
                      SSDEEP:
                      MD5:A481B0D6BA96D4BDEC51FDD5D1021D4F
                      SHA1:95F42AC5BF7173CFC65656705AC2E2EAB22B5720
                      SHA-256:D09868CE436962229EAC97A9F1EF33B0549A4AC26B6E3ECF5EB09B1C4374F343
                      SHA-512:3F827B90E10988042E51EBAD1C8F6DB89A95C93FDECA641A7B3BCAEF0827BC4E94396B077B9F97D7F1CB45CCB6BCBDD0D39636AD6F3F829518CAB6ABD306E88C
                      Malicious:false
                      Reputation:unknown
                      Preview:.PNG........IHDR...e...e.....T|-.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:E3302C0E6E9611E5B0DC86FAFC7193BF" xmpMM:DocumentID="xmp.did:E3302C0F6E9611E5B0DC86FAFC7193BF"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:E3302C0C6E9611E5B0DC86FAFC7193BF" stRef:documentID="xmp.did:E3302C0D6E9611E5B0DC86FAFC7193BF"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>......".IDATx..].\.U...fo....@..q.4.LQ..9{......[..fj..a.e..iF...EA......{.....s..D.\....w.........p.....@........

                      Chrome Cache Entry: 147

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Web Open Font Format (Version 2), TrueType, length 23104, version 1.0
                      Category:downloaded
                      Size (bytes):23104
                      Entropy (8bit):7.99156722818266
                      Encrypted:true
                      SSDEEP:
                      MD5:1CC129A6D80110163C34A4C76328AF22
                      SHA1:3E0F48A19DB5E0E22A7FFDE38139E1E01610736C
                      SHA-256:5800871D0294BA92129DDE9A6EBA5ABA7D6148DC4298190842E5B45114DD45EF
                      SHA-512:4DF0D482868BFEA5B75A8481FE66BC2F6572518D7ABBAEA854568BF395FB105C56F36B913B620063D2959907D8E848E93562A90B8C35C5EB581651495A2096B0
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/fonts/titillium-semibold-webfont.woff2
                      Preview:wOF2......Z@.........Y.........................?FFTM.....L....`..J.B..e.....T..^.6.$.....N.. ..n..4...?webf..#.'..'(t'.*m..>m.%......G...@...?!......j..C...FV&.........<..........vS...w[2%kf.).O.....m.......Y.Z.....h.q..,.....K8.m.S...M..B.H.<....=.......h)(.W.Zi..>t...:(9.X...vQ.;..W$Z.....^~...6.-.+..7W..$...+..RD...DT.B.e_%.;W.......o......0..HQ.a2NL.}*..E].J...;....k..~.pNNSc...{.*...@....2.l:a.....r.\...<f.,b'.K...K...T..h..j..a.X.............-y.Lf&e...W./.._....Z..1.:.k$F.Bs.(@.&.?..O...,..=...?.u.mrM.E...t..\...p..+%.PR=.e.a.o[?......e..,.J.......|.F`.......O..jeo..F.6....#......O.4...2..j[.Ki..H.N.$......B..^..}||....m...0..W..DDD..DD$. """....V.@P..i...F.l..9.]....nJU.t....../..U.......@X.<..l....K[*.....sJ40UA.d....2n.Qs..w&.!K..!.2.R...Hi..~W..B,.9~.U..@.. .....)/E9...&i.+...).Ik.eo..b.).......!T!.6...)..W.9....6._..x....X(.YN.\...e9........Iw....Jg4D.....E...B.\e..pq. .E.).7....d..{.c.............0.~_....K.....*....P.........h.lT....{.

                      Chrome Cache Entry: 148

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                      Category:downloaded
                      Size (bytes):32038
                      Entropy (8bit):5.104352236785294
                      Encrypted:false
                      SSDEEP:
                      MD5:4859E39AE6C0F1F428F2126A6BB32BD9
                      SHA1:1C0C85678AE963BC96D0B7FBE1EB89074CF1FBE0
                      SHA-256:A94F8A8553CAEA8430DD4CA3CC01D4E318D19828F74CB65453FFB7F5D9E2F44D
                      SHA-512:97541B40D8BEAC0DD8831EF8D2814EFEF10CFB185DF316E05B4F3AEF0A2D1839FB7A39D90F141F490E21B2955C32DF9D690785CC4DEF97CDFCE21ACF9BBAA2C7
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/favicon.ico
                      Preview:............ .h...F... .... .........00.... ..%..V...@@.... .(B...:..(....... ..... .....@................................................................................................................................................u..L..n......................................................x..V..m......................................................{..X..n.........................................................\..q........................................................a..u........................................................d..x................................................S.......i..{................................................E.......q...................................................E.......o...................................................E.......q...................................................E.......u...................................................C........................................................

                      Chrome Cache Entry: 151

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):1096
                      Entropy (8bit):4.934415454764127
                      Encrypted:false
                      SSDEEP:
                      MD5:6E0F57D21F66F8B95FA50432C534F14A
                      SHA1:135A3FE99B89DEA51A49B9295FB3DF28185CA87B
                      SHA-256:691333D018129BA15D3FBF396F8F33CC280124910A387554AA386D0AF3C25E55
                      SHA-512:0E4AA09F6FC20E4B0A2170AD6D8C7DE07E66A0564095E71A2F412BC9D733225304B9A892C97C78AD326E68261A6E3A4770EA7697595765C92F3994CB22B49A88
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/Regular.css?v=13&t=20240925
                      Preview:.html {.. background-color: #1e242b;.. margin: 0;.. padding: 0;.. font-size: 1em;.. -moz-min-width: 1100px;.. -ms-min-width: 1100px;.. -o-min-width: 1100px;.. -webkit-min-width: 1100px;.. min-width: 1100px;..}....body {.. background-color: #fff;.. color: #333d47;.. font-size: 1em;.. font-family: "titilliumthin", Verdana, Helvetica, Sans-Serif;.. margin: 0;.. padding: 0;.. -moz-min-width: 1100px;.. -ms-min-width: 1100px;.. -o-min-width: 1100px;.. -webkit-min-width: 1100px;.. min-width: 1100px;..}.....k-window #SchemaWindow_wnd_title + .k-window-actions #btnPrint:hover span,...k-window #SchemaWindow_wnd_title + .k-window-actions #btnSave span,...k-window #SchemaWindow_wnd_title + .k-window-actions #btnContact:hover span,...k-window #SchemaWindow_wnd_title + .k-window-actions #btnEmail:hover span,...k-window #SchemaWindow #btnPrint:hover span,...k-window #SchemaWindow #btnSave span,...k-window #SchemaWindow #btnContact:hover sp

                      Chrome Cache Entry: 152

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with no line terminators
                      Category:downloaded
                      Size (bytes):60
                      Entropy (8bit):4.462373354557567
                      Encrypted:false
                      SSDEEP:
                      MD5:AB9722A0AC9509D92A2A1962E71072F1
                      SHA1:85D633F539593AFC46430418BEB0F37A65749177
                      SHA-256:8EEC80FC7863B0D509F3C478B3B60402C76C216907ADFB309EFEA22833D33978
                      SHA-512:1ACC444AD4657C3D52943E72AFE7252434AEA3C9937AB89A4C843F06FD14FB95918316B6D7CB4D6AE54A0DFED46F753626250E09EB7559FE3024C0E6CB6D0106
                      Malicious:false
                      Reputation:unknown
                      URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwkmC0MjMfMHUBIFDZFh1L0SBQ1lIZnqEhAJzpyt538wQM4SBQ3OQUx6?alt=proto
                      Preview:ChoKCw2RYdS9GgQIVhgCCgsNZSGZ6hoECEsYAgoNCgsNzkFMehoECEsYAg==

                      Chrome Cache Entry: 155

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 340 x 336, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):17369
                      Entropy (8bit):7.933825924782847
                      Encrypted:false
                      SSDEEP:
                      MD5:A7C4988D3BB54271AD289538F44C8434
                      SHA1:81B1150C7CBBFB7EBF4D65A6E7960F2922E1E9A9
                      SHA-256:0F07ECAA719977C4CA2A042A95CD765DA7E650CCAB2E21060372DA19558451CA
                      SHA-512:4F8981EE793694126A166555D57C0BF04529F8C1697599610B61BF422A1F7C77E4798E4976C9E0BBDB6C8CE30481801FD94D8B756BF157B97208D7926BC8B22E
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/kendo/2016.2.504/Office365/sprite.png
                      Preview:.PNG........IHDR...T...P.............tEXtSoftware.Adobe ImageReadyq.e<..C{IDATx..}..U..:^...6>..p..+....8.`...V.y).q...})v,.RRR.........f.2.b_K....Y.g.c.8$LQ,7X,&......b0..v..y.}]w..^..>g.}~?.8.....{.......ZY..... .s.y.V..*.I9)e.}..cRNJY.[..@..Aj...<!e...#I.P...<)..\d...|.3O.n).Yv.>..........{.....&e...K9!e..CR..H.B..)_../J.....R...h.........W..K9.2l:....X..2".G......<'eD.Y).8.tY.*...x..<.e)...x..@ ...L......5..N.)...4....g..*8.....i..o..|.X..?d..}.B.=O.7.V.6P.>..2|.e...{Z.)..2$......}U.....B...m._RL.w..-)_....3.S...*....,......5..k3t;..>E..Ev.p.N..z....:N9..d.)....%....F...~_.M..Z.L/JYf._X.M..z...B..#.}.j.i...>SC....z.Q..5.\.{...)j[...?;.....mJ..\.5...{..oS.9...+...?.aY.\e...._dY~]..,S_}....u...T.....C....S.Q.uC.8n.P..Q..q.!.]..O24...#.).d.*.=.p.}.0U.....[^Zd..%..._.H._..S...Oc........t.k.........ap.......-l}.eE_.....P..XI.m..z..2V..7Tb.3....H.)X!.>.e.....5..5.~.q.-i...T.Z-.|.......h......x..*.....*.NMn.z..&.s.d..o..&.x..`G:@b.,...7..u...

                      Chrome Cache Entry: 157

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (3487), with CRLF line terminators
                      Category:dropped
                      Size (bytes):3521
                      Entropy (8bit):5.541032356468106
                      Encrypted:false
                      SSDEEP:
                      MD5:8934CDF9E10A78A0D3D7D202D71D982D
                      SHA1:1ACC0A669BA39A5FF3D3D27F9F89BEA07229E828
                      SHA-256:05EBC13FC45EE53E91269D12954AD7ED75F46CB2F969D315DE41EDB6A0BAB2D9
                      SHA-512:F323F89A4972E75728CE056BD8513EBB52FE2C2E56D01C0A68039D7D34B277CF0A5F5200447148EE5DC7E356B1828C7B8B16B65CDA74CC192ED9FF4DCA182829
                      Malicious:false
                      Reputation:unknown
                      Preview:/*! ics.js Wed Sept 14 2017 */..var ics=function(e,t){"use strict";{if(!(navigator.userAgent.indexOf("MSIE")>-1&&-1==navigator.userAgent.indexOf("MSIE 10"))){void 0===e&&(e="default"),void 0===t&&(t="Calendar");var r=-1!==navigator.appVersion.indexOf("Win")?"\r\n":"\n",n=[],i=["BEGIN:VCALENDAR","PRODID:"+t,"VERSION:2.0"].join(r),o=r+"END:VCALENDAR",a=["SU","MO","TU","WE","TH","FR","SA"];return{events:function(){return n},calendar:function(){return i+r+n.join(r)+o},addEvent:function(t,i,o,l,u,s){if(void 0===t||void 0===i||void 0===o||void 0===l||void 0===u)return!1;if(s&&!s.rrule){if("YEARLY"!==s.freq&&"MONTHLY"!==s.freq&&"WEEKLY"!==s.freq&&"DAILY"!==s.freq)throw"Recurrence rrule frequency must be provided and be one of the following: 'YEARLY', 'MONTHLY', 'WEEKLY', or 'DAILY'";if(s.until&&isNaN(Date.parse(s.until)))throw"Recurrence rrule 'until' must be a valid date string";if(s.interval&&isNaN(parseInt(s.interval)))throw"Recurrence rrule 'interval' must be an integer";if(s.count&&isNaN

                      Chrome Cache Entry: 158

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2560x600, components 3
                      Category:dropped
                      Size (bytes):79516
                      Entropy (8bit):7.800694910307074
                      Encrypted:false
                      SSDEEP:
                      MD5:BCC8F92C59B70135B8517612FFA2D885
                      SHA1:28DB07EAB809753A10883A39A8E1021293E9AEE1
                      SHA-256:F63DAB0256BBC5A82CEFAD370364F3AD12C9A6D2FEC98BFC6D484FF6BDF8DE5A
                      SHA-512:AA531E6DDE21E95C62D5F689533A564E0CF253E25A361C073CE02D0B2753BBE8CE50DE0DD9281E147D81DC69685F7A6151A7B3639367896AB6349C33EB4EC675
                      Malicious:false
                      Reputation:unknown
                      Preview:......Exif..II*.................Ducky.......<......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c067 79.157747, 2015/03/30-23:40:42 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:4d5e3e54-4b0c-4019-a2b8-d1b204ef1da7" xmpMM:DocumentID="xmp.did:C166407A585011E5B2BEA90787F77B92" xmpMM:InstanceID="xmp.iid:C1664079585011E5B2BEA90787F77B92" xmp:CreatorTool="Adobe Photoshop CC 2015 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4a3b9de1-ae2b-4e41-8605-f4723d13c3b1" stRef:documentID="adobe:docid:photoshop:f6466a10-8b66-1178-9cba-d99e3efa8e19"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d.............................

                      Chrome Cache Entry: 159

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (61301), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):469463
                      Entropy (8bit):5.076851463283363
                      Encrypted:false
                      SSDEEP:
                      MD5:139BE55821BD54CE2DC5659347311E43
                      SHA1:F287C13F39D554660CD33710E84EFE71CF97DA7B
                      SHA-256:013A50406D27A28074D31A13339CFCFDEA7FCCE4C1152959AB7A7A26260255C4
                      SHA-512:941B93311F0CD83CED3424494C21A6D17C8548CC46C03E5F57F94702CC1028B7EADBD1EC8C21A0D23716306071E5EAEA13595A73631FE5972000F42EE73D168A
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/kendo/2016.2.504/kendo.mobile.all.min.css
                      Preview:/** .. * Kendo UI v2016.2.504 (http://www.telerik.com/kendo-ui) .. * Copyright 2016 Telerik AD. All rights reserved. .. * .. * Kendo UI commercial licenses may be obtained at .. * http://www.telerik.com/purchase/license-agreement/kendo-ui-complete

                      Chrome Cache Entry: 160

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Unicode text, UTF-8 text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):21295
                      Entropy (8bit):4.791834103166139
                      Encrypted:false
                      SSDEEP:
                      MD5:07623D24FADFA6ACFF21E8B3341C5E45
                      SHA1:296C81E581B102D27DDB010AFF500536F157B3C5
                      SHA-256:F0AFE55650F4460224272796BEC2EDF30719A57E20557E38418646BA923F3EE4
                      SHA-512:C4A3ABF575BBAE2455EEF3193FCAFF1BEE4E606382DC2864A6DE4B03B0951AEDAD01F423A000790706C096B0743FC18BA6D07D6ACF9468201B88A8CCD738A281
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Scripts/Blob.js
                      Preview:/* Blob.js.. * A Blob, File, FileReader & URL implementation... * 2019-04-19.. *.. * By Eli Grey, http://eligrey.com.. * By Jimmy W.rting, https://github.com/jimmywarting.. * License: MIT.. * See https://github.com/eligrey/Blob.js/blob/master/LICENSE.md.. */....;(function () {.. var global = typeof window === 'object'.. ? window : typeof self === 'object'.. ? self : this.... var BlobBuilder = global.BlobBuilder.. || global.WebKitBlobBuilder.. || global.MSBlobBuilder.. || global.MozBlobBuilder.... global.URL = global.URL || global.webkitURL || function (href, a) {.. .a = document.createElement('a').. .a.href = href.. .return a.. }.... var origBlob = global.Blob.. var createObjectURL = URL.createObjectURL.. var revokeObjectURL = URL.revokeObjectURL.. var strTag = global.Symbol && global.Symbol.toStringTag.. var blobSupported = false.. var blobSupportsArrayBufferView = false.. var arrayBufferSupported = !!global.ArrayBuffer.. var blobBuilderSupported =

                      Chrome Cache Entry: 161

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:HTML document, ASCII text, with very long lines (7558), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):7712
                      Entropy (8bit):5.287624976571946
                      Encrypted:false
                      SSDEEP:
                      MD5:1192E7806E85E6A3237A8A893854D5EE
                      SHA1:156400CE019D3D99435B7C8FD8829B137E329A95
                      SHA-256:1979B9EF787D446E08EF4E215FA8706197C460D134AF568B13E54E1F6BD3B5D9
                      SHA-512:C6FDB434C7B8CB60906DEE39D6FDFC7C1ACA44C490C6337DC2A60BBC7BD115907215398ADC70BC629631A49F21FC2B2D5591DAC41471B19AB76B6385C9CE5320
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Scripts/kendo.modernizr.custom.js
                      Preview:/* eslint no-use-before-define: 0 */../* Modernizr 2.6.2 (Custom Build) | MIT & BSD.. * Build: http://modernizr.com/download/#-shiv-cssclasses-load.. */..;window.Modernizr=function(a,b,c){function u(a){j.cssText=a}function v(a,b){return u(prefixes.join(a+";")+(b||""))}function w(a,b){return typeof a===b}function x(a,b){return!!~(""+a).indexOf(b)}function y(a,b,d){for(var e in a){var f=b[a[e]];if(f!==c)return d===!1?a[e]:w(f,"function")?f.bind(d||b):f}return!1}var d="2.6.2",e={},f=!0,g=b.documentElement,h="modernizr",i=b.createElement(h),j=i.style,k,l={}.toString,m={},n={},o={},p=[],q=p.slice,r,s={}.hasOwnProperty,t;!w(s,"undefined")&&!w(s.call,"undefined")?t=function(a,b){return s.call(a,b)}:t=function(a,b){return b in a&&w(a.constructor.prototype[b],"undefined")},Function.prototype.bind||(Function.prototype.bind=function(b){var c=this;if(typeof c!="function")throw new TypeError;var d=q.call(arguments,1),e=function(){if(this instanceof e){var a=function(){};a.prototype=c.prototype;var

                      Chrome Cache Entry: 162

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):23084
                      Entropy (8bit):5.148145989068974
                      Encrypted:false
                      SSDEEP:
                      MD5:BA7B7B215A6B49E484490CD307CAFC0F
                      SHA1:D291FC3A1B08C7AB416A451E65930CCDDBDEC66C
                      SHA-256:AC50E4EBE06FFE357AA5087DA71510442911144340DBDC080D28DB025DBE7DAA
                      SHA-512:4E31522949CC0553743FDF65570AB686F89299C89A965F850E2B258633168734F94E48BDE38BADACF8618D52251D3E708EB2496190CA71E870990F7049F8F210
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/bootstrap-theme.css
                      Preview:/*!.. * Bootstrap v3.3.2 (http://getbootstrap.com).. * Copyright 2011-2015 Twitter, Inc... * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE).. */.....btn-default,...btn-primary,...btn-success,...btn-info,...btn-warning,...btn-danger {.. text-shadow: 0 -1px 0 rgba(0, 0, 0, .2);.. -webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, .15), 0 1px 1px rgba(0, 0, 0, .075);.. box-shadow: inset 0 1px 0 rgba(255, 255, 255, .15), 0 1px 1px rgba(0, 0, 0, .075);..}...btn-default:active,...btn-primary:active,...btn-success:active,...btn-info:active,...btn-warning:active,...btn-danger:active,...btn-default.active,...btn-primary.active,...btn-success.active,...btn-info.active,...btn-warning.active,...btn-danger.active {.. -webkit-box-shadow: inset 0 3px 5px rgba(0, 0, 0, .125);.. box-shadow: inset 0 3px 5px rgba(0, 0, 0, .125);..}...btn-default .badge,...btn-primary .badge,...btn-success .badge,...btn-info .badge,...btn-warning .badge,...btn-danger .ba

                      Chrome Cache Entry: 164

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Web Open Font Format, TrueType, length 64184, version 1.2
                      Category:downloaded
                      Size (bytes):64184
                      Entropy (8bit):6.469502870172387
                      Encrypted:false
                      SSDEEP:
                      MD5:2D27C2BE554D3ACB53AC645A791BC04F
                      SHA1:D9411199EC4CC5AF4461F94B51EA6906EDFA332E
                      SHA-256:8329D2B4C1C7C96260D03217CAE87833A6D0FF4196FA889DDB239641198DB846
                      SHA-512:866B3FEE76768BA80EA566124052FB1D8201567129B5A852626521ED8D0E11348FD6427F02B3F38C84A3EE2F21E526072145B9AE4207E557BE8DA352D415146D
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/kendo/2016.2.504/images/kendoui.woff?v=1.1
                      Preview:wOFF...............l........................OS/2.......`...`...Pcmap...h...\...\....gasp................glyf..........1B..head.......6...6.A.9hhea......$...$.1..hmtx.............0.loca...h........l~..maxp...0... ... .{..name...P...E...EQ!..post....... ... ...............................3...................................@...&.....@...@............... .........................H............. ...'.&......... .............. ....<........................................79..................79..................79.......c............%.c............A...-.]......!.7....].W.....A...-.].......!.A.....].W.......c.................W.............c.....].......!.c...W.].W.......c.....].......!.c...W.].W.......c.....]......!....W...].W.......c.....]......!.c...].W......c.m.S..........3.#.%...GG.W.....7.............m.S.]........!5!..!...7........]GGG.W.........S...........!.!.!5!.A........7.....W...WGG........m............3.#.....GGG.......7................]......7....].W.......c............!.7.....

                      Chrome Cache Entry: 165

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (540), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):149623
                      Entropy (8bit):5.064147372417535
                      Encrypted:false
                      SSDEEP:
                      MD5:E1F677F0900BDA76D9A390445C92D19C
                      SHA1:E811C8CA3F21F7DD375FCABBFEBAF31E6FF3059B
                      SHA-256:CC20AB51B7D9D725C44BA342B8CE7BCBEA258907000233E642AE309B0D111399
                      SHA-512:D021DBC2F546965E54ABCE7BEE682D64C92846605F2549ED21D57D9C6BC8A96D6B44AD2A907281EBDB2E3D2ED7323F0476E6193F00E46A6373678B37C85EE562
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/bootstrap.css
                      Preview:/*!.. * Bootstrap v3.3.2 (http://getbootstrap.com).. * Copyright 2011-2015 Twitter, Inc... * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE).. */..../*! normalize.css v3.0.2 | MIT License | git.io/normalize */..html {.. font-family: sans-serif;.. -webkit-text-size-adjust: 100%;.. -ms-text-size-adjust: 100%;..}..body {.. margin: 0;..}..article,..aside,..details,..figcaption,..figure,..footer,..header,..hgroup,..main,..menu,..nav,..section,..summary {.. display: block;..}..audio,..canvas,..progress,..video {.. display: inline-block;.. vertical-align: baseline;..}..audio:not([controls]) {.. display: none;.. height: 0;..}..[hidden],..template {.. display: none;..}..a {.. background-color: transparent;..}..a:active,..a:hover {.. outline: 0;..}..abbr[title] {.. border-bottom: 1px dotted;..}..b,..strong {.. font-weight: bold;..}..dfn {.. font-style: italic;..}..h1 {.. margin: .67em 0;.. font-size: 2em;..}..mark {.. color: #000;.. background: #

                      Chrome Cache Entry: 166

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:GIF image data, version 89a, 48 x 48
                      Category:dropped
                      Size (bytes):1513
                      Entropy (8bit):6.427972405510437
                      Encrypted:false
                      SSDEEP:
                      MD5:7165703AE5EB3FC61811517D5EB9D19A
                      SHA1:3925ED01631E2A22855EE8ABD884C35C3D86F53C
                      SHA-256:B5BCA1E3347C17DAE0D27AC0E212A1C1E16DC59DD5FEDE0E3583D3D160A229C7
                      SHA-512:0C957F33AFB7FCFB0301E292D8A7659D08A3FD1A126DDEDB5F273851303C90805C524E7315B22D78F8A26CF2F6FBDC5BE04CBC28BF45625EB739DCC24FFB442A
                      Malicious:false
                      Reputation:unknown
                      Preview:GIF89a0.0..........!..NETSCAPE2.0.....!.......,....0.0...1................H........L...............)..!.......,............`..Q.!......., ...........`..Q.!.......,$...........`..Q.!.......,$...........`..Q.!......., ...........`..Q.!.......,..#.........`..Q.!.......,..#.........`..Q.!.......,............`..Q.!.......,............`..Q.!.......,............`..Q.!.......,............`..Q.!.......,..............z...cr...!.......,....0.0...9............{.....#U..d.....L..............L*.....z..!.......,....0.0...g............{.....#U..d.M.Bi,.t}.:.o}4..XCM.......D....X.fq....U...-.KD+.V.D.^.cW..n^).....(8H.P..!.......,....0.0...b............{.....#U..d.M.Bi,.t}.:......B..L.z.f.I.J.M.T.*.....>..j.\&_cN..v..lu.........S..!.......,....0.0...]............{.....#U..d.M.Bi,.t}.:......B..L.zF...T).T.3r.@k.....JY.e9.=A...........i..!.......,....0.0...U............{.....#U..d.M.Bi,.t}.:......B..L.zF...T).T.........f]...+..........!.......,....0.0...Q............

                      Chrome Cache Entry: 167

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 48 x 23, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):675
                      Entropy (8bit):7.47320933642387
                      Encrypted:false
                      SSDEEP:
                      MD5:BCD742A3AEC40079955FB55DE871761B
                      SHA1:417CA04D6A3751DC4D31076DE181D9C46B97161C
                      SHA-256:76D4DF0A113E4FD613E9A34A9D8B483FA87EA8674A0C1FDD9381FC1BDE4D89AA
                      SHA-512:93FB0099126B49FA8A2B571538AA96D32A6915DFE577E5201030EFEC75672413D90A14785E12129C607C664C99BBB5E04F924C9E95F00E33FE6B5F434602E233
                      Malicious:false
                      Reputation:unknown
                      Preview:.PNG........IHDR...0.........M.......sRGB.........gAMA......a.....pHYs..........o.d...8IDATXG.=H\A.... B.-m...`.F.....M0X..K.Mg.&...1.F0`.[..F....Mi.N....3..&..........;..;3..7/_\&I...,t....N.bf..Iv..U +.K...V..`.....U.]........sL!f...MfQ..+%...x&%W..d.A........AC.QiXi...`NL....I.s..De...........z.1...w......r..c.. ?.$/.u)..j......e!..V.c)........|.....N....^...K...Gq!%%W.Z.I[.JS...=.;i..1........)FY~#tI....MJ&.^.........`.x..<....(=RRM....!.a.RK......}.B^.wRx..=..Rre;@l....L...u.<^.\y.M.!.H.a\.{)..w.|..a..s...%ia......v...p.F..e..=&.bl7.`.>.......{..sv.w........`..F]..w....k.R..|.^q>..F......X..\..:._.....h5..ZM...$w.~..v~%f....IEND.B`.

                      Chrome Cache Entry: 168

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (61301), with CRLF line terminators
                      Category:downloaded
                      Size (bytes):77405
                      Entropy (8bit):4.831114788359916
                      Encrypted:false
                      SSDEEP:
                      MD5:A80807AD3EC4388E3AB495A862EED0DB
                      SHA1:B3F3C581A6A19B34DE9D97B169BDA3D104E7D649
                      SHA-256:4B767C9F1297AD2F44FCD04DCF2D6C52F9CEBD6B615FF37E280FFD43FC9C8821
                      SHA-512:D82930373E00A6451B47F1A56E6D3A762D1CFFD2A0307E6B8DFD54D4E6EC00F6B472EADBB2866A13402BD2AAE084BE9DE210853EF6ADAEE199045DF9ECC55716
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/kendo/2016.2.504/kendo.office365.min.css
                      Preview:/** .. * Kendo UI v2016.2.504 (http://www.telerik.com/kendo-ui) .. * Copyright 2016 Telerik AD. All rights reserved. .. * .. * Kendo UI commercial licenses may be obtained at .. * http://www.telerik.com/purchase/license-agreement/kendo-ui-complete

                      Chrome Cache Entry: 171

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:SVG Scalable Vector Graphics image
                      Category:downloaded
                      Size (bytes):1660
                      Entropy (8bit):4.301517070642596
                      Encrypted:false
                      SSDEEP:
                      MD5:554640F465EB3ED903B543DAE0A1BCAC
                      SHA1:E0E6E2C8939008217EB76A3B3282CA75F3DC401A
                      SHA-256:99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
                      SHA-512:462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0
                      Malicious:false
                      Reputation:unknown
                      URL:https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
                      Preview:<svg xmlns="http://www.w3.org/2000/svg" width="74" height="24" viewBox="0 0 74 24"><path fill="#4285F4" d="M9.24 8.19v2.46h5.88c-.18 1.38-.64 2.39-1.34 3.1-.86.86-2.2 1.8-4.54 1.8-3.62 0-6.45-2.92-6.45-6.54s2.83-6.54 6.45-6.54c1.95 0 3.38.77 4.43 1.76L15.4 2.5C13.94 1.08 11.98 0 9.24 0 4.28 0 .11 4.04.11 9s4.17 9 9.13 9c2.68 0 4.7-.88 6.28-2.52 1.62-1.62 2.13-3.91 2.13-5.75 0-.57-.04-1.1-.13-1.54H9.24z"/><path fill="#EA4335" d="M25 6.19c-3.21 0-5.83 2.44-5.83 5.81 0 3.34 2.62 5.81 5.83 5.81s5.83-2.46 5.83-5.81c0-3.37-2.62-5.81-5.83-5.81zm0 9.33c-1.76 0-3.28-1.45-3.28-3.52 0-2.09 1.52-3.52 3.28-3.52s3.28 1.43 3.28 3.52c0 2.07-1.52 3.52-3.28 3.52z"/><path fill="#4285F4" d="M53.58 7.49h-.09c-.57-.68-1.67-1.3-3.06-1.3C47.53 6.19 45 8.72 45 12c0 3.26 2.53 5.81 5.43 5.81 1.39 0 2.49-.62 3.06-1.32h.09v.81c0 2.22-1.19 3.41-3.1 3.41-1.56 0-2.53-1.12-2.93-2.07l-2.22.92c.64 1.54 2.33 3.43 5.15 3.43 2.99 0 5.52-1.76 5.52-6.05V6.49h-2.42v1zm-2.93 8.03c-1.76 0-3.1-1.5-3.1-3.52 0-2.05 1.34-3.52 3.1-3

                      Chrome Cache Entry: 172

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Web Open Font Format, CFF, length 8920, version 1.0
                      Category:downloaded
                      Size (bytes):8920
                      Entropy (8bit):7.947202659371119
                      Encrypted:false
                      SSDEEP:
                      MD5:1FE954B84065F1765B4BCCBDA263400E
                      SHA1:6560232FF739EEDE3B317052CE50B7D380699D91
                      SHA-256:908A2ACE4FF85187B22CF73DDB6FA8F7146FDA3695E25AA1B4F6B58810E4C13E
                      SHA-512:3C6CC073967A19F2D3EA0735258DAE1F37D7E6D2AD9719B15541CB362109193FDD6126D825C8B03FD713E4260C3BD4F8DD05269238A90E5F9F23DEA5F4C0809B
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/fonts/orbicon-iapv.woff
                      Preview:wOFFOTTO..".......50........................CFF .......Y../..Q.FFTM.. d........q.J.GDEF.. ........ ._..OS/2.. ....H...`Q.^.cmap.. ....t...RG...head..!\.......6...Ehhea..!........$.2..hmtx..!..../...h...=maxp..!..........2P.name..!.........n.`.post.."........ ....x..z{|.U.o*..:v4.R.9].qF.aE...!..N....QcH !v.$...IBw..+'..4!.<y...B.F. 2,........|f.....r......$.:{......U.;...=..S.%.L...]WY.....b......KL..VD.M.>.....~-..M......^..;.go...h$...i:.....7...w..7.p.M...inOx !+!/.2.9.#ao.X..O..%.2'p.q.p..Vq.qu\.....Ns....xC...........&.......&~.x9.tW..I.I-I=I.>H.".%EM&[).......z.k...e..........j{YAQq.4..+.6U..}.\W[]XT=C..zY."{QY..Y.}QQy..,.yS..v.pQEQa....rCmM...+...,.U\.\Yk..PWZ]P.O......r..|T..........8..V]ZSY.Z....E....pc...i..A.)..{......pj..i5..j........^`Pj..E.6..Ee.j.~.j...^J...lU.*...........l.q.=.........(3..=..TW.........S.A(-(+.(... .k........T...RUT]...j....T...?...^_..";...+........jky.....f[Ea._.]c..}..^TZa.)]TS[UUY.....]g+,.........A+!..9/.@$.\

                      Chrome Cache Entry: 173

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (492), with CRLF line terminators
                      Category:dropped
                      Size (bytes):278214
                      Entropy (8bit):4.82907577516496
                      Encrypted:false
                      SSDEEP:
                      MD5:2D3C02F85E354284C9F5985D40F05664
                      SHA1:65FA1FC1014D17D7BDC6226889A1780152D44878
                      SHA-256:AA79887A3308A15FDA55B83660BF64A1992EF5210E47B2292AEB87FEAF71B8BC
                      SHA-512:B617462E161372E695FB5DF0A02E9C622169645B33B9F443577299C2B667E0926E1265C411A93FC1A02C7D516EDA54F108FCA39AB6C83AC5BAFDB128E54EBDF8
                      Malicious:false
                      Reputation:unknown
                      Preview:./// <reference path="ics.min.js" />..var ms_ie = /MSIE|Trident/.test(window.navigator.userAgent);..var is_iOS = /iPhone|iPad|iPod/.test(window.navigator.userAgent);..if (screen.width < 1100) {.. var mvp = document.getElementById('vp');.. if (mvp) mvp.setAttribute('content', 'width=1100');..}....var deviceXDPI = screen.deviceXDPI;..$(document).ready(function () {.. setKendoCulture();.. UpdateLevelInfo();.. notification = $("#notification").data("kendoNotification");.. if (!notification) notification = $("#notificationMobile").data("kendoNotification");.. $(".choiceList input[type='checkbox']").removeAttr("data-bind");.. removeNoData();.. //Refresh session on server every 5minutes.. setInterval(function () {.. $.ajax({.. type: "POST",.. url: "/Account/RefreshSession",.. contentType: "application/json; charset=utf-8",.. dataType: "json",.. success: function (msg) {.... }.. });.

                      Chrome Cache Entry: 174

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (65536), with no line terminators
                      Category:dropped
                      Size (bytes):96705
                      Entropy (8bit):5.228470338380378
                      Encrypted:false
                      SSDEEP:
                      MD5:1DD63DE72CF1F702324245441844BE13
                      SHA1:58A8BDCDCB398AF7DB424357DF70DF18E7B30E9D
                      SHA-256:5201C813C37A4168CC5C20C701D4391FD0A55625F97EB9F263A74FB52B52FD0E
                      SHA-512:532D1E907B433AB97785CF632D9637A957152BAF0BA57879C856CBAA469BFFECA22C4F99485679539944B27068D39E70F7D44282594F999142454DA57329A11B
                      Malicious:false
                      Reputation:unknown
                      Preview:"use strict";var AI,Microsoft,__extends=this&&this.__extends||function(){var i=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)t.hasOwnProperty(n)&&(e[n]=t[n])};return function(e,t){function n(){this.constructor=e}i(e,t),e.prototype=null===t?Object.create(t):(n.prototype=t.prototype,new n)}}();function _endsWith(e,t){var n=e.length,i=n-t.length;return e.substring(0<=i?i:0,n)===t}!function(e){e.ApplicationInsights||(e.ApplicationInsights={})}(Microsoft||(Microsoft={})),function(e){var t;t=function n(){},(e.Telemetry||(e.Telemetry={})).Base=t}(Microsoft||(Microsoft={})),function(e){var t;t=function n(){this.ver=1,this.sampleRate=100,this.tags={}},(e.Telemetry||(e.Telemetry={})).Envelope=t}(Microsoft||(Microsoft={})),function(e){var t;(t=e.ApplicationInsights||(e.ApplicationInsights={})).Context||(t.Context={})}(Microsoft||(Microsoft={})),function(e){var t;(t=e.ApplicationInsights||(e.ApplicationInsights={})).Context||(t.Co

                      Chrome Cache Entry: 175

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):241173
                      Entropy (8bit):4.711482542760108
                      Encrypted:false
                      SSDEEP:
                      MD5:8FD8C6B4E2F1D97BC3E20F8C1A36FA66
                      SHA1:1DAD47ECECD60BD8717D413731A349D16033A18E
                      SHA-256:C3A3F588008BB3830D36CA7461C593B02F0B30BE40213CEDB838F3A49D212323
                      SHA-512:B0C0C92E82AB1DC41C6A7EFDD88A7C04B5177BCB96D2554CAB09962B4489ACACDA8BD3FF36C8C7E8756D30060BB9DC78DCE55904AFA5666D5F020D32783CF5F9
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/Content/Site.css?v=12&t=20240925
                      Preview:.body.hideBefore:before {.. display: none;..}....a {.. color: #333d47;.. outline: none !important;.. padding-left: 3px;.. padding-right: 3px;.. text-decoration: underline;..}.... a:link, a:visited,.. a:active, a:hover {.. color: #333d47;.. }.... a:hover { .. color: #333d47;.. background-color: #c7d1d6;.. }..b {.. font-family: 'titilliumbold';..}..header, footer, hgroup,..nav, section {.. display: block;..}....mark {.. background-color: #a6dbed;.. padding-left: 5px;.. padding-right: 5px;..}.....float-left {.. float: left;..}.....float-right {.. float: right;..}.....clear-fix:after {.. content: ".";.. clear: both;.. display: block;.. height: 0;.. visibility: hidden;..}....h1, h2, h3,..h4, h5, h6 {.. color: #000;.. margin-bottom: 0;.. padding-bottom: 0;..}....h1 {.. font-size: 2em;..}....h2 {.. font-size: 1.75em;..}....h3 {.. font-size: 1.2em;..}....h4 {.. font-size: 1.1em;.

                      Chrome Cache Entry: 176

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:GIF image data, version 89a, 105 x 50
                      Category:dropped
                      Size (bytes):1673
                      Entropy (8bit):6.5200517170347805
                      Encrypted:false
                      SSDEEP:
                      MD5:7D59601352329AB1D003C8E68AA5999F
                      SHA1:8C15AD36A002D77241AEA5A3BCD5A14E3052C4D8
                      SHA-256:EB2326572D3B43A2F745C4416240D32452020B0CC329BBA18D9BBF8D7A5FA9A9
                      SHA-512:2688CCD4512223FF9CC41C3FBDD2E8BC8C25335681E6BBEC0937D1930B35159A471CC39EE32170C7AF325EEEF1123E7AD8F3DF28D455FD62FC8015F51D517647
                      Malicious:false
                      Reputation:unknown
                      Preview:GIF89ai.2.........3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.........3..3.33.f3..3..3..3+.3+33+f3+.3+.3+.3U.3U33Uf3U.3U.3U.3..3.33.f3..3..3..3..3.33.f3..3..3..3..3.33.f3.3..3..3..3.33.f3..3..3..f..f.3f.ff..f..f..f+.f+3f+ff+.f+.f+.fU.fU3fUffU.fU.fU.f..f.3f.ff..f..f..f..f.3f.ff..f..f..f..f.3f.ff.f..f..f..f.3f.ff..f..f.......3..f.........+..+3.+f.+..+.+..U..U3.Uf.U..U.U......3..f.............3..f.............3..f............3..f.............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U....3.f.........3.f...........3..f.............3..f..............3..f..........+..+3.+f.+..+..+..U..U3.Uf.U..U..U......3..f..............3..f..............3..f.............3..f.....................!.......,....i.2......}..m.v..*\......Jd(..@..3j......-....]Am.Q~Lx2.7w+...2[.....W0..<....n..W.m.<G..Es8.f...gLs.....qfV.0.2.I.cW.H...*....k~../&G......jL[;{..86.7.o%.Cj.......w.".&..S.r1A[..%..q...k...'.M

                      Chrome Cache Entry: 178

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Web Open Font Format (Version 2), CFF, length 28368, version 1.0
                      Category:downloaded
                      Size (bytes):28368
                      Entropy (8bit):7.991544220847255
                      Encrypted:true
                      SSDEEP:
                      MD5:E9C09423F2D138515C708E6D5E6811DA
                      SHA1:06C1D6D8ACEB135858A6AA320D421C4A673DD478
                      SHA-256:4C9013133766B0726A19351A5F47C4C0C24F37304BE11C1D9AB501E788C34FAD
                      SHA-512:6EF3FA807F88A09CE67F014AAE4FC114D20FFA13E2654B792B6712D38C08BD050256DAE9FE26E33270B9A7907D54CFF83BCBF4EFE1D916A6C6BA20E7672C3929
                      Malicious:false
                      Reputation:unknown
                      URL:https://iapv.wsp.com/fonts/titillium-thin-webfont.woff2
                      Preview:wOF2OTTO..n........,..nz...........................(...R..z.`..j.6.$.......v. ?webf..Q.w(7v7..^.t.mM..CPj...M.bw+......F......3....`.....UU..j.p.LQ.G...0.b...x....X.....%.VI.TI..U5z/.-......B"....4....t.E.t|8...W.=.C.b0X..+.3......X.}.,3Q.y..&C.-.)..(S.....).>..oL.:.S.T.9D.z..@"...G.".B...Qnv*.R9_.M.........5S.*......D....Tw..V.....j..V.......)..*...l..x.s..S........e.5.....#z.%....d(`a.V..``.*. .Fb..../V.....kY..P...C.....B| ...?...}?I....3...$.+...p..*......p...L......Q.:.s.=.r.c.....c....,.r....j.655.7.Y...... ..sZC..Zaf-=..O.uV.5..p ..lW.f.d.lO(.j8..c........W.*eS.d...k.\.d.K..G(<.5..P`4.0................R.?.%n...,.E(=.D......wn..iDk..".k;:U..E..%...cbb..@.F2.Z.,.....#Q..0...8h.. ..8...T.)d_..S.H..!..R.A...."....u.....{Zj.....:._5.....;...l..B(.v".`..82...(.d.4.l.I.....T...7.........w^9.)./XK.(M...c..G..V.4f(UTD.T.34.f.;Q....i..3...[w.BM*.y.vBdE......HP.f...."...2........Q_=.;.....J...6...T..v./..f.....:.....2`....*EG X`.E......].A...j

                      Chrome Cache Entry: 179

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (3083), with CRLF line terminators
                      Category:dropped
                      Size (bytes):4061
                      Entropy (8bit):5.154427982155114
                      Encrypted:false
                      SSDEEP:
                      MD5:58BD7EFD249F034AE23DC47595FE1E52
                      SHA1:2DB52797C81436BD57A7912249F1A1244B798829
                      SHA-256:3C00B4D34CAE1EDEFC9ECCC9D913B43A20CCBBFB8BCCF2D19584E4F09DC03B5D
                      SHA-512:0DE74D0563C5D212C650F35B0987E3F2A8E5127344F7616A9FBC5DDD2B1C7EEEE2A72ED9BB7DEE9C776E82A443DDCE158FBFF22EFFAC96A661325B3FE0E73B66
                      Malicious:false
                      Reputation:unknown
                      Preview:// Unobtrusive Ajax support library for jQuery..// Copyright (c) .NET Foundation. All rights reserved...// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information...// @version v3.2.6..// ..// Microsoft grants you the right to use these script files for the sole..// purpose of either: (i) interacting through your browser with the Microsoft..// website or online service, subject to the applicable licensing or use..// terms; or (ii) using the files as included with a Microsoft product subject..// to that product's license terms. Microsoft reserves all other rights to the..// files not expressly granted by Microsoft, whether by implication, estoppel..// or otherwise. Insofar as a script file is dual licensed under GPL,..// Microsoft neither took the code under GPL nor distributes it thereunder but..// under the terms set out in this paragraph. All notices and licenses..// below are for informational purposes only...!function(t){function

                      Chrome Cache Entry: 180

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (32029), with CRLF line terminators
                      Category:dropped
                      Size (bytes):97185
                      Entropy (8bit):5.374276891254097
                      Encrypted:false
                      SSDEEP:
                      MD5:2B6294333DB8EEB65BC7717144357D23
                      SHA1:74EF185A3CBA75AF7F4E1B3DCAF1B32B0DB5C1AF
                      SHA-256:4946FCF019E50CF850A0344E45B3A8F93D5EAD5E1DADE33695025EF732913AF1
                      SHA-512:BF4197F2ECA58ED25DFDD82D518FB0A6F900695318DC5A47E2039273C3BDA02B1D73249D5EA7D047BFBDA3A692606B430C836912E043F87751FDD900576BEC9C
                      Malicious:false
                      Reputation:unknown
                      Preview:/*! jQuery v1.12.3 | (c) jQuery Foundation | jquery.org/license */..!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="1.12.3",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.c

                      Chrome Cache Entry: 182

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with no line terminators
                      Category:downloaded
                      Size (bytes):196
                      Entropy (8bit):5.093420329328666
                      Encrypted:false
                      SSDEEP:
                      MD5:F9EF28C48FC5EDD7721BDF4A082FDF15
                      SHA1:D7C9D18174C099D886779C1A501CD68BA342868E
                      SHA-256:62B0902D5F5705A89D7D88C8CCB16A5C1C7E7094B9BED06BB68951B9CC490793
                      SHA-512:50502874A955407E2061D993215C75776E47D50E0AA68EF0376C986A1B3D2DCE18F6C4EFE546D8EF94E80B6CA141EE681C3B4ECA2660C08043CD2A69172802A7
                      Malicious:false
                      Reputation:unknown
                      URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwkmC0MjMfMHUBIFDZFh1L0SBQ1lIZnqEjMJNpkOfAO0hAMSBQ09H49LEgUNzkFMehIFDT0fj0sSBQ09H49LEgUNzkFMehIFDc5BTHoSJQmelTGLnkN68RIFDT0fj0sSBQ3OQUx6EgUNPR-PSxIFDT0fj0sSFwnOnK3nfzBAzhIFDc5BTHoSBQ3OQUx6?alt=proto
                      Preview:ChoKCw2RYdS9GgQIVhgCCgsNZSGZ6hoECEsYAgo2CgcNPR+PSxoACgcNzkFMehoACgcNPR+PSxoACgcNPR+PSxoACgcNzkFMehoACgcNzkFMehoACiQKBw09H49LGgAKBw3OQUx6GgAKBw09H49LGgAKBw09H49LGgAKFgoLDc5BTHoaBAhLGAIKBw3OQUx6GgA=

                      Chrome Cache Entry: 183

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (65531)
                      Category:downloaded
                      Size (bytes):77551
                      Entropy (8bit):6.0915020672869495
                      Encrypted:false
                      SSDEEP:
                      MD5:02BEE5DEC581B91F3CBC5EE27AE24E72
                      SHA1:98752B91968E9A6C03CD654119D6A74293749322
                      SHA-256:961EFAA82C06A62389F0E245F6B3E1BC2E799A99E6A03FAB09FCD32667FFEA78
                      SHA-512:34223948E4604F1570C27B4C88AB87BEB0326479E73B885B38890629B3A72CE2CEFBB410A91607F6B142BDC5D012ECDA843918F58DBA84A1EC1CF13E85653498
                      Malicious:false
                      Reputation:unknown
                      URL:https://www.google.com/async/ddljson?async=ntp:2
                      Preview:)]}'.{"ddljson":{"accessibility_description":"","alt_text":"Celebrating Popcorn","cta_data_uri":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAawAAADICAMAAACDBCVmAAADAFBMVEUAAADDh4JuFz9VJlehMD/TaC6YGy7BUkbifid5CyeJDTA6BD+EByw9AUAyBzgtB0ItDkY4CkhCBkhKA0mEDjWKETWMEjSbJT+bGC2uISO0KSWrNBy4NSm3LyZQAkp0DDxgB0OTFDGkHCjURh/LYR7VayHFNiC7OirykwvhiArDRivujAmnLTHcehpVHR1fHAxpHgN0HCe9QSyYGjnqbA1iFwBhJRljHyNgMEJaQVZbPXZcQH2MIDtgLyv0oBbmhhzFTi7JVC6kVURyJwRcEQDLWjF7MAeiSxW6Xx3slibKdiOPRBHumijwoCyuVhqJPAPOYTLRaDPDciPVbzVqUFtiRInTfQmuXQf0rR7YdjeZRzOFNg/1tAK2fCKVVxvbfjjkdij6xhT6xzHepTTCiybugizghzqEwOZuntRuf6D6uyb+0Tn90ErysTajYh7ypzHkkT3omj7zoDloS5qP0/NwqOFoVm7+2j37wkbsokDfWyN/hZVub4H9yEr5tjzvqkL/vTn4vkVUDAD/4kG9nzhLMA81Hwl4VybnxEcCAgEfDQA7KBYfGwzatT3/102ubSXlxGj/23fEolOWeDTTr1751HP+xmqlgj7/sRb3uEZjSx/zsUT/tGXwrl7vkzmbO2r+oEJELijDey/0iC13XInQYQS1aVLfgCz/zliHZjH/5FbrtJeMbVswGgI/IQdZPBX94a1ONj3bp0n8qz378NJzQxhHHhL00KWcT4XOzLsoFQA/PHNLYZbvmi5pQz//3nq/cmM8b8ApYbguQo5FMleflY5CcbweXr4hSa//6H//43uyjEn6mUAeTLfQk

                      Chrome Cache Entry: 184

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 101 x 101, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):10229
                      Entropy (8bit):7.9519471412210665
                      Encrypted:false
                      SSDEEP:
                      MD5:0AE46F505B4508922EA3E4F4B308E05C
                      SHA1:1BCEA2C62EBCCAFA1DA6BF2C3F4B62361CD20744
                      SHA-256:9D578152638EA134F29E33E31699F57894FEFC7EA63C428436B985AD7F3BDF92
                      SHA-512:25E20640574EC1503C57D0D2134AD1337609990EEC9A657F09C4AAD2B1680913FE55DD5283F106421B93A1FE708047F8BA013EEFA7EA2EA3A47AC2B7F3D28479
                      Malicious:false
                      Reputation:unknown
                      Preview:.PNG........IHDR...e...e.....T|-.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:7EC6DBF26E9711E5AFCA9CF2C1C9F3C6" xmpMM:DocumentID="xmp.did:7EC6DBF36E9711E5AFCA9CF2C1C9F3C6"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7EC6DBF06E9711E5AFCA9CF2C1C9F3C6" stRef:documentID="xmp.did:7EC6DBF16E9711E5AFCA9CF2C1C9F3C6"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>......$kIDATx..].`TU.>S3.Lzo.7 .!.." .K.fA@pu.#.....DW....A.D).R..!!.$..Bz!=.L..of2...$0.ww.0..{.;.;.{..L|H-,..|......:

                      Chrome Cache Entry: 185

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (763)
                      Category:downloaded
                      Size (bytes):768
                      Entropy (8bit):5.111216228237638
                      Encrypted:false
                      SSDEEP:
                      MD5:872A7A6CFB9B24EDA30DCEA722530D7D
                      SHA1:880CC533F4761BC89D5F03CDE227A44B8A9F26DE
                      SHA-256:61146CDCFD634E2AAEA2413004ADDEF0C9C89BB532EF10E37CEED659C05F998B
                      SHA-512:2557C49B4581C1CB5B111C7D8945E5FE21EEC5F7F4CDB6010AB70CDE6292BF56BD31E70C50CE1E7885D880561263F3B3030C68547CDA637229E9F6C6B7B4B140
                      Malicious:false
                      Reputation:unknown
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=7&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["",["monster hunter wilds release date","wordle answers","pga tour presidents cup","fbi raids carahsoft","liberal arts college rankings","nyt strands hints","rachel jacob savage","major league baseball wild card"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggestrelevance":[1256,1255,1254,1253,1252,1251,1250,1200],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                      Chrome Cache Entry: 188

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):80038
                      Entropy (8bit):5.591954329116323
                      Encrypted:false
                      SSDEEP:
                      MD5:08C2ECCFAAFCC0EEC4E0F670543B6500
                      SHA1:9626FDA037EE85CA3422B0201037CE6E0714CC27
                      SHA-256:D4DBF674A47BC9A3EFF2EA173BB85FE0F089015D124C12CDE04859D9E5B11579
                      SHA-512:4020B83360AB1E18E0629C7690DB661F6607AFE11C3C40D2AA2B928E91D945BA82911F6E8E16496A689B23EF07857B1C610689C03B6B23D73B0C1578FE2A032C
                      Malicious:false
                      Reputation:unknown
                      Preview:/*!....JSZip - A Javascript class for generating and reading zip files..<http://stuartk.com/jszip>....(c) 2009-2014 Stuart Knightley <stuart [at] stuartk.com>..Dual licenced under the MIT license or GPLv3. See https://raw.github.com/Stuk/jszip/master/LICENSE.markdown.....JSZip uses the library pako released under the MIT license :..https://github.com/nodeca/pako/blob/master/LICENSE..*/..!function(a){if("object"==typeof exports&&"undefined"!=typeof module)module.exports=a();else if("function"==typeof define&&define.amd)define([],a);else{var b;b="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:this,b.JSZip=a()}}(function(){return function a(b,c,d){function e(g,h){if(!c[g]){if(!b[g]){var i="function"==typeof require&&require;if(!h&&i)return i(g,!0);if(f)return f(g,!0);var j=new Error("Cannot find module '"+g+"'");throw j.code="MODULE_NOT_FOUND",j}var k=c[g]={exports:{}};b[g][0].call(k.exports,function(a){var c=b[g][1][a];return e(c?c:a)},k,

                      Static File Info

                      No static file info