Edit tour

Windows Analysis Report
https://kubota.highq.com/kubota/viewUserProfile.action?metaData.encryptTargetUserID=D1l4_GI3rHw=&metaData.updateUserProfileProcess=true

Overview

General Information

Sample URL:	https://kubota.highq.com/kubota/viewUserProfile.action?metaData.encryptTargetUserID=D1l4_GI3rHw=&metaData.updateUserProfileProcess=true
Analysis ID:	1578542
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

HTML body contains low number of good links

Invalid T&C link found

Stores files to the Windows start menu directory

Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

System is w10x64

chrome.exe (PID: 3552 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4768 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=2032,i,8836023938817567272,6358166955718723625,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 7064 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kubota.highq.com/kubota/viewUserProfile.action?metaData.encryptTargetUserID=D1l4_GI3rHw=&metaData.updateUserProfileProcess=true" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

AI detected phishing page

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	Joe Sandbox AI: Score: 8 Reasons: The brand 'Kubota' is a known brand, primarily associated with agricultural and construction machinery., The legitimate domain for Kubota is 'kubota.com'., The URL 'kubota.highq.com' does not match the legitimate domain 'kubota.com'., The domain 'highq.com' is not directly associated with Kubota, which raises suspicion., The presence of a subdomain 'kubota' on 'highq.com' could be an attempt to mimic the legitimate brand., The email input field 'g7xp40@yowct.net' is not a typical corporate email domain, which is suspicious. DOM: 1.1.pages.csv
Source: https://kubota.highq.com/kubota/Login_input.action	Joe Sandbox AI: Score: 8 Reasons: The brand 'Kubota' is a known brand, primarily associated with agricultural and construction machinery., The URL 'kubota.highq.com' does not match the legitimate domain 'kubota.com'., The domain 'highq.com' is not directly associated with Kubota, which raises suspicion., The presence of input fields for email and password suggests a potential phishing attempt to capture user credentials., The use of a subdomain 'kubota' under 'highq.com' could be an attempt to mimic the legitimate brand. DOM: 2.6.pages.csv

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: Number of links: 1
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Number of links: 1

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: <input type="password" .../> found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: <input type="password" .../> found

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: No favicon
Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: No favicon

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49765 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49866 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49867 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49894 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49893 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49921 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49953 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49952 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49989 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49990 version: TLS 1.2

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49765 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.118.190

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: kubota.highq.com
Source: global traffic	DNS traffic detected: DNS query: s.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: c.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: 684dd326.akstat.io
Source: global traffic	DNS traffic detected: DNS query: baxhxpiccaazwz3equqa-f-7c69def10-clientnsv4-s.akamaihd.net
Source: global traffic	DNS traffic detected: DNS query: baxhxpiccaazwz3equ7a-f-45da9a0ab-clientnsv4-s.akamaihd.net
Source: global traffic	DNS traffic detected: DNS query: 0217991d.akstat.io

Source: chromecache_177.2.dr, chromecache_155.2.dr	String found in binary or memory: http://bugs.jquery.com/ticket/11820
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html
Source: chromecache_176.2.dr	String found in binary or memory: http://github.com/ioncreature)
Source: chromecache_166.2.dr, chromecache_139.2.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/add-inverted-param/
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/define-locale/
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/dst-shifted/
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/js-date/
Source: chromecache_183.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/min-max/
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/zone/
Source: chromecache_176.2.dr	String found in binary or memory: http://silviomoreto.github.io/bootstrap-select)
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: http://stackoverflow.com/questions/3561493/is-there-a-regexp-escape-function-in-javascript
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_163.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_189.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_176.2.dr	String found in binary or memory: https://github.com/Eonasdan/bootstrap-datetimepicker/
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: https://github.com/dordille/moment-isoduration/blob/master/moment.isoduration.js
Source: chromecache_189.2.dr	String found in binary or memory: https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css
Source: chromecache_177.2.dr, chromecache_155.2.dr	String found in binary or memory: https://github.com/jquery/jquery/blob/3.7.1/src/css.js#L216-L246
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: https://github.com/moment/moment/issues/1423
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: https://github.com/moment/moment/issues/2166
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: https://github.com/moment/moment/issues/2978
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: https://github.com/moment/moment/pull/1871
Source: chromecache_176.2.dr	String found in binary or memory: https://github.com/silviomoreto/bootstrap-select/blob/master/LICENSE)
Source: chromecache_176.2.dr	String found in binary or memory: https://github.com/sliptree/bootstrap-tokenfield
Source: chromecache_189.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: https://nodejs.org/dist/latest/docs/api/util.html#util_custom_inspect_function_on_objects
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: https://stackoverflow.com/q/181348
Source: chromecache_170.2.dr, chromecache_183.2.dr	String found in binary or memory: https://tools.ietf.org/html/rfc2822#section-3.3
Source: chromecache_132.2.dr	String found in binary or memory: https://tr-legal.visualstudio.com/HighQ%20Tech/_workitems/edit/263615/?view=edit

Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921

Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49866 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49867 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49894 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49893 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49921 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49953 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49952 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49989 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.5:49990 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@16/118@24/3

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=2032,i,8836023938817567272,6358166955718723625,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kubota.highq.com/kubota/viewUserProfile.action?metaData.encryptTargetUserID=D1l4_GI3rHw=&metaData.updateUserProfileProcess=true"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=2032,i,8836023938817567272,6358166955718723625,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
www.google.com	142.250.181.132	true	false	high
s.go-mpulse.net	unknown	unknown	false	high
684dd326.akstat.io	unknown	unknown	false	high
0217991d.akstat.io	unknown	unknown	false	high
kubota.highq.com	unknown	unknown	false	high
baxhxpiccaazwz3equqa-f-7c69def10-clientnsv4-s.akamaihd.net	unknown	unknown	false	unknown
c.go-mpulse.net	unknown	unknown	false	high
baxhxpiccaazwz3equ7a-f-45da9a0ab-clientnsv4-s.akamaihd.net	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://kubota.highq.com/kubota/Login_input.action	true		unknown
https://kubota.highq.com/kubota/LoginRequiredPage.action	true		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Reputation
http://momentjs.com/guides/#/warnings/zone/	chromecache_170.2.dr, chromecache_183.2.dr	false	high
http://bugs.jquery.com/ticket/11820	chromecache_177.2.dr, chromecache_155.2.dr	false	unknown
https://github.com/moment/moment/issues/1423	chromecache_170.2.dr, chromecache_183.2.dr	false	high
http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html	chromecache_170.2.dr, chromecache_183.2.dr	false	high
https://github.com/sliptree/bootstrap-tokenfield	chromecache_176.2.dr	false	high
https://github.com/jquery/jquery/blob/3.7.1/src/css.js#L216-L246	chromecache_177.2.dr, chromecache_155.2.dr	false	high
http://jqueryui.com	chromecache_166.2.dr, chromecache_139.2.dr	false	high
https://github.com/silviomoreto/bootstrap-select/blob/master/LICENSE)	chromecache_176.2.dr	false	high
http://momentjs.com/guides/#/warnings/add-inverted-param/	chromecache_170.2.dr, chromecache_183.2.dr	false	high
https://getbootstrap.com/)	chromecache_189.2.dr	false	high
https://github.com/moment/moment/issues/2978	chromecache_170.2.dr, chromecache_183.2.dr	false	high
http://momentjs.com/guides/#/warnings/dst-shifted/	chromecache_170.2.dr, chromecache_183.2.dr	false	high
https://tools.ietf.org/html/rfc2822#section-3.3	chromecache_170.2.dr, chromecache_183.2.dr	false	high
https://tr-legal.visualstudio.com/HighQ%20Tech/_workitems/edit/263615/?view=edit	chromecache_132.2.dr	false	unknown
https://stackoverflow.com/q/181348	chromecache_170.2.dr, chromecache_183.2.dr	false	high
https://github.com/moment/moment/pull/1871	chromecache_170.2.dr, chromecache_183.2.dr	false	high
https://github.com/moment/moment/issues/2166	chromecache_170.2.dr, chromecache_183.2.dr	false	high
http://momentjs.com/guides/#/warnings/js-date/	chromecache_170.2.dr, chromecache_183.2.dr	false	high
http://momentjs.com/guides/#/warnings/define-locale/	chromecache_170.2.dr, chromecache_183.2.dr	false	high
https://github.com/dordille/moment-isoduration/blob/master/moment.isoduration.js	chromecache_170.2.dr, chromecache_183.2.dr	false	high
https://github.com/twbs/bootstrap/blob/master/LICENSE)	chromecache_189.2.dr	false	high
https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css	chromecache_189.2.dr	false	high
https://github.com/Eonasdan/bootstrap-datetimepicker/	chromecache_176.2.dr	false	high
http://silviomoreto.github.io/bootstrap-select)	chromecache_176.2.dr	false	unknown
http://github.com/ioncreature)	chromecache_176.2.dr	false	high
https://nodejs.org/dist/latest/docs/api/util.html#util_custom_inspect_function_on_objects	chromecache_170.2.dr, chromecache_183.2.dr	false	high
http://momentjs.com/guides/#/warnings/min-max/	chromecache_183.2.dr	false	high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
142.250.181.132	www.google.com	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false

Private

IP
192.168.2.5

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1578542
Start date and time:	2024-12-19 21:40:46 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 17s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://kubota.highq.com/kubota/viewUserProfile.action?metaData.encryptTargetUserID=D1l4_GI3rHw=&metaData.updateUserProfileProcess=true
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.phis.win@16/118@24/3

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.21.35, 64.233.164.84, 172.217.17.78, 142.250.181.142, 2.16.1.155, 2.16.1.234, 192.229.221.95, 172.217.17.42, 199.232.210.172, 142.250.181.67, 172.217.17.46, 23.195.38.175, 142.250.181.74, 172.217.19.202, 142.250.181.138, 216.58.208.234, 142.250.181.106, 172.217.21.42, 142.250.181.42, 172.217.17.74, 172.217.19.234, 23.204.128.170, 23.32.238.176, 23.32.238.209, 172.217.17.35, 199.232.214.172, 13.107.246.63, 23.218.208.109, 52.149.20.212, 20.231.128.67
Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, a248.b.akamai.net, clients2.google.com, ocsp.digicert.com, redirector.gvt1.com, login.live.com, e104654.a.akamaiedge.net, update.googleapis.com, e4518.dscx.akamaiedge.net, ip46.go-mpulse.net.edgekey.net, client.wns.windows.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, fonts.gstatic.com, hqacc16.highq.com.edgekey.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, wildcard46.akstat.io.edgekey.net, e4518.dscapi7.akamaiedge.net, edgedl.me.gvt1.com, wildcard46.go-mpulse.net.edgekey.net, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://kubota.highq.com/kubota/viewUserProfile.action?metaData.encryptTargetUserID=D1l4_GI3rHw=&metaData.updateUserProfileProcess=true

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: https://kubota.highq.com Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": true }
URL: https://kubota.highq.com
URL: https://kubota.highq.com/kubota/LoginRequiredPage.... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided code appears to be a legitimate fix for a known issue with the viewport width on Windows Phone 8 and Internet Explorer 10 devices. It does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or suspicious redirects. The code is simply modifying the viewport settings to ensure proper rendering on the affected devices, which is a common practice. Overall, this script is considered low-risk." }
// Windows Phone 8 & Internet Explorer 10 in Windows 8 device width from viewport width issue fix by bootstrap if(navigator.userAgent.match(/IEMobile\/10\.0/)) { var msViewportStyle = document.createElement('style') msViewportStyle.appendChild( document.createTextNode( '@-ms-viewport{width:auto!important}' ) ) document.querySelector('head').appendChild(msViewportStyle) }
URL: https://kubota.highq.com/kubota/LoginRequiredPage.... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "The script demonstrates moderate-risk behavior by aggressively manipulating the DOM through repeated clearing of the document body's innerHTML. This could potentially be used to disrupt the user experience or hide malicious content. Additionally, the use of a setInterval function to continuously execute the DOM manipulation function is concerning. While the intent is not entirely clear, the aggressive nature of the script warrants further investigation." }
try { top.document.domain } catch ( e ) { var f = function() { document.body.innerHTML = ''; } setInterval(f, 1); if (document.body) document.body.onload = f; }
URL: https://kubota.highq.com/kubota/Login_input.action... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a boomerang script, which is a common analytics and performance monitoring tool used by many reputable websites. While it uses some legacy APIs like XDomainRequest, the overall behavior is consistent with typical analytics functionality and does not exhibit any high-risk indicators. The script is interacting with known, trusted domains like go-mpulse.net, which suggests a legitimate use case. Therefore, the risk score is assessed as low." }
!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config\|\|{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams\|\|{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n\|\|"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e\|\|d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement\|\|a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp\|\|(new Date).getTime()}if(!window.BOOMR\|\|!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR\|\|{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW";var i=document.currentScript\|\|document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR\|\|{},BOOMR.plugins=BOOMR.plugins\|\|{},!BOOMR.plugins.AK){var n="true"=="true"?1:0,t="cookiepresent",a="baxhxpiccaazwz3eqvsa-f-460840302-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"1566588","ak.ai":parseInt("918031",10),"ak.ol":"0","ak.cr":86,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"69d9faa","ak.r":47647,"ak.a2":n,"ak.m":"a","ak.n":"essl","ak.bpcip":"8.46.123.0","ak.cport":56225,"ak.gh":"2.16.1.230","ak.quicv":"","ak.tlsv":"tls1.3","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1734640996","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==wV1rOkZwOHTrVvCR3xwNaQ6J0QxKMk4JkyQh7TBdEcYcCTWebZb5NtPzKhohQkVQ7F7ChVSKNJuAimKUbbc/K56+NfxcIYtocx9CZxff4KercDcBSn6+ITG883WotWHbgHblWEFsHUyTOWJq81Rh/dkHDjGQU7PqlzbkusBF12W+SJTH4M4HbU9TRQ5DV84G3rE6FYGKhvmIQRgIIiInEqRxPgVZsXomHpiKhcNVmMXyrpiHfreBilUdMHxxx1Sh+EBfr4GoDbyVwFMV5OO94vH26IWRpm0K1CHQ1bLMqsVKqW5oAjh6601NxeoeoB5snEj+TaYoUIzDQWYRO0bAH96NuQ4e8FFUgHNOxtGdsDPKn7q/aIk2o/213B8+pmkiUgTilOPvpnnRuEbuxm6WxhrIpTbiDiNx08AzihrAmHo=","ak.pv":"75","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]\|\|"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc"
URL: https://kubota.highq.com/kubota/Login_input.action... Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "The provided JavaScript snippet appears to be a boomerang script, which is a common analytics and performance monitoring tool. While it does exhibit some moderate-risk indicators, such as external data transmission and the use of legacy APIs, the overall behavior seems to be aligned with typical analytics functionality. The script interacts with known, reputable domains like 'go-mpulse.net', which suggests a legitimate use case. However, the lack of transparency around the data being transmitted and the use of outdated APIs warrant further review to ensure there are no hidden malicious behaviors." }
!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config\|\|{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams\|\|{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n\|\|"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e\|\|d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement\|\|a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp\|\|(new Date).getTime()}if(!window.BOOMR\|\|!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR\|\|{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW";var i=document.currentScript\|\|document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR\|\|{},BOOMR.plugins=BOOMR.plugins\|\|{},!BOOMR.plugins.AK){var n="true"=="true"?1:0,t="cookiepresent",a="baxhxpiccaazwz3equ7a-f-45da9a0ab-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"1566588","ak.ai":parseInt("918031",10),"ak.ol":"0","ak.cr":86,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"69d1f3d","ak.r":47647,"ak.a2":n,"ak.m":"a","ak.n":"essl","ak.bpcip":"8.46.123.0","ak.cport":55381,"ak.gh":"2.16.1.230","ak.quicv":"","ak.tlsv":"tls1.3","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1734640958","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==DhuZsMWgOLbFoG7URF26DNsxu1KQNjyfECNmPpZ3DvLf/QcPdBQadze9dhJofJJjMQ62oKvH37BplwML0DaDNcRXDgAfBVWySAE13Y8LaOksG22be7RfEGSw+DKn2iAQ/N1eTfmfVheko1+5X4rYFbeU9CkgZVXYYgODrRA5CsgVk9JlZDUxrksitSuGVO9aKdceEj2FJ79ZNZK5wo13e45K3rXLHoPCELtnli9HOdShlUfq0ZBRmu9Sjkh3kUnsH0K08FS3w+I2PCA3bmoqJ12Xtdnhk7WKqWR9n+clQCClZjC4qNk170R/57aazuUYIATrsF3bfGrNakLoISouQrTAfGRNbXpw5RimZuHPC0E3xRdnD6T/FYSOHOlouZfH1Is5qskAR0PAk1p7QujI6FI1VQAJysHclVoDDlogQos=","ak.pv":"75","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]\|\|"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc"
URL: https://kubota.highq.com/kubota/Login_input.action... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a boomerang script, which is a common performance monitoring and analytics tool used by many reputable websites. While it uses some legacy APIs like XDomainRequest, the overall behavior is consistent with typical analytics functionality and does not exhibit any high-risk indicators. The script is interacting with known, trusted domains like go-mpulse.net, which suggests a legitimate use case. Therefore, the risk score is assessed as low (3)." }
!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config\|\|{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams\|\|{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n\|\|"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e\|\|d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement\|\|a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp\|\|(new Date).getTime()}if(!window.BOOMR\|\|!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR\|\|{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW";var i=document.currentScript\|\|document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR\|\|{},BOOMR.plugins=BOOMR.plugins\|\|{},!BOOMR.plugins.AK){var n="true"=="true"?1:0,t="cookiepresent",a="baxhxpiccaazwz3eqvfa-f-3e540f135-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"1566588","ak.ai":parseInt("918031",10),"ak.ol":"0","ak.cr":87,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"69d4c9c","ak.r":47647,"ak.a2":n,"ak.m":"a","ak.n":"essl","ak.bpcip":"8.46.123.0","ak.cport":55681,"ak.gh":"2.16.1.230","ak.quicv":"","ak.tlsv":"tls1.3","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1734640970","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==3sPlOik+syqaq1Guj4FG3EdZsJ0TGHMbzlvOO0sIEQLzUEHn0QaoXQ0MS9FhgUIdNwwsFzurT3ussd1934BksS9tDy4i14PudkKl4MDObH+L/i87LzXgDrU/06Xx2lbjSvTeb8aUMlVuNFnSQ1fHTNg8ZY4vO75gvY/F3dnE6F2mBGztkl/mCZ/BGf0m868OQsQ68OgX7WOlTKqlhhPWZnMD9po3y+YXbyjYtDWF5uFbHo1clNQwioSDwXYj7hxUUnMkOwROP77j8t/v4IDSd4zgtZHw1LPGn9eTVjCB9xgNXrzuUN8TUEwdEACvi8yRIUL7nVaErsLI2J/1IWiasyNNFuu1AXpdyNZTS1YLi61lfLC1zptJ14aSw/h7uBHT0gWqW1mAobBoz4hojYx6fCFd82Hxil8OEZf+GkU0gUo=","ak.pv":"75","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]\|\|"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc"
URL: https://kubota.highq.com/kubota/Login_input.action... Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "The provided JavaScript snippet appears to be a boomerang script, which is a common performance monitoring and analytics tool. While it exhibits some moderate-risk indicators, such as external data transmission and the use of legacy APIs, the overall behavior seems to be aligned with typical analytics functionality. The script interacts with known, reputable domains like 'go-mpulse.net' and 'akamaihd.net', which suggests a legitimate use case. However, the script could potentially be improved by using more modern APIs and reducing the amount of data transmitted to external domains." }
!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config\|\|{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams\|\|{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n\|\|"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e\|\|d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement\|\|a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp\|\|(new Date).getTime()}if(!window.BOOMR\|\|!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR\|\|{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW";var i=document.currentScript\|\|document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR\|\|{},BOOMR.plugins=BOOMR.plugins\|\|{},!BOOMR.plugins.AK){var n="true"=="true"?1:0,t="cookiepresent",a="baxhxpiccaazwz3eqvjq-f-32b502618-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"1566588","ak.ai":parseInt("918031",10),"ak.ol":"0","ak.cr":87,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"69d6e74","ak.r":47647,"ak.a2":n,"ak.m":"a","ak.n":"essl","ak.bpcip":"8.46.123.0","ak.cport":55916,"ak.gh":"2.16.1.230","ak.quicv":"","ak.tlsv":"tls1.3","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1734640979","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==qKbf0eDY5GQ5dyM5cfpR6vbwTty/1Y7SzmN2VPVeD5M0Kkm0N9HO/tDWGYejeYHNMoa3fIx12tyWyDHxs5Za2AuwE/jxWXu7KPQ2iPQC9s4d/jb95FgH2E9bO31W+3GY9qBA2hhL7iE/zc8Lv1MuHn/VXZ0pzCltxxDUHTzUV1wIRBpcN0ieX1Ih+/PvtcO+7Cd+tib3KFTGASN6XlqR9W4ECEldlF7jgp6J7xCYFl6YC1GKx9UAp7CAV20uCQugNNh5FaIqaoigWst0DijbUpIs9OXLUbItQzlAC1UepRYbKuJOHBpXiCOtH73eeagsjXwU3ROIU5Q7dvOfRLkvzbN0/d92UtSK939Y+roPHP/3bG9S/BG/EV8h7ylhjXDa7d89RfWEtIVXhCeDBMMLrWCg1wkOuLLooTEsg7KI8wk=","ak.pv":"75","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]\|\|"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc"
URL: https://kubota.highq.com/kubota/LoginRequiredPage.... Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "The provided JavaScript snippet appears to be a boomerang script, which is a common analytics and performance monitoring tool. While it exhibits some moderate-risk indicators, such as external data transmission and the use of legacy APIs, the overall behavior is likely legitimate and aligned with typical analytics functionality. The script interacts with known, reputable domains like 'go-mpulse.net', which suggests a benign purpose. However, the use of obfuscated code and the potential for data exfiltration warrant further review to ensure there are no hidden malicious activities." }
!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config\|\|{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams\|\|{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n\|\|"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e\|\|d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement\|\|a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp\|\|(new Date).getTime()}if(!window.BOOMR\|\|!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR\|\|{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW";var i=document.currentScript\|\|document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR\|\|{},BOOMR.plugins=BOOMR.plugins\|\|{},!BOOMR.plugins.AK){var n="true"=="true"?1:0,t="cookiepresent",a="baxhxpiccaazwz3equqa-f-7c69def10-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"1566588","ak.ai":parseInt("918031",10),"ak.ol":"0","ak.cr":85,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"24cdd1f","ak.r":47647,"ak.a2":n,"ak.m":"a","ak.n":"essl","ak.bpcip":"8.46.123.0","ak.cport":54843,"ak.gh":"2.16.1.151","ak.quicv":"","ak.tlsv":"tls1.3","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1734640928","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==FFZNtFGLfCAyKxRk9QIjlAJUSf1Za8tGCkL5+bepxJ/qUo3M31O1FhO4qZcZGDSNrn6zjcnyVKNm+ihP8Tpk0hUnQDiUqMj4hslBkVsLUx98vJtX+2Rua7gl9uKrCd5+tswT171bc/2SQNJJpqjU6t30OqqE1tngyYhyiGcfcvfm1UitXlg2+cQzukgDfZCDFKo65Qm79zLa4Y0sXk3QY033Ty4jnSFIf9r0YUa2CmgIUgX/p8L+KT/M9THLAqsGEv28427UUjXhrJLCEmjVSS+IyvMbeezD4U9eunnYeCOCtoWpp1ocKsQFpW1HXQ/Db+1Pf1y6wKkmfugfiWID5mQ4e3Z0n143RcP/Gv6HSL6lIVL7kiusIUcG4pCfRX8mJYOVykT1YkEk9KXOxL4IKTxed5+1FNzZxbnv1YOWHVo=","ak.pv":"75","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]\|\|"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc"
URL: https://kubota.highq.com/kubota/js/v4/fastclick.js... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a part of the 'FastClick' library, which is a common library used to improve touch responsiveness on mobile devices. The code does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. The behaviors observed, such as event handling and DOM manipulation, are typical for a library of this nature. While the code uses some legacy practices like `XDomainRequest`, these pose minor risks and are not inherently malicious. Overall, the script seems to be a legitimate implementation of a common mobile optimization library, and the risk score is low." }
function FastClick(a,b){function c(a,b){return function(){return a.apply(b,arguments)}}var d;b=b\|\|{};this.trackingClick=!1;this.trackingClickStart=0;this.targetElement=null;this.lastTouchIdentifier=this.touchStartY=this.touchStartX=0;this.touchBoundary=b.touchBoundary\|\|10;this.layer=a;this.tapDelay=b.tapDelay\|\|200;if(!FastClick.notNeeded(a)){for(var g="onMouse onClick onTouchStart onTouchMove onTouchEnd onTouchCancel".split(" "),f=0,h=g.length;f<h;f++)this[g[f]]=c(this[g[f]],this);deviceIsAndroid&& (a.addEventListener("mouseover",this.onMouse,!0),a.addEventListener("mousedown",this.onMouse,!0),a.addEventListener("mouseup",this.onMouse,!0));a.addEventListener("click",this.onClick,!0);a.addEventListener("touchstart",this.onTouchStart,!1);a.addEventListener("touchmove",this.onTouchMove,!1);a.addEventListener("touchend",this.onTouchEnd,!1);a.addEventListener("touchcancel",this.onTouchCancel,!1);Event.prototype.stopImmediatePropagation\|\|(a.removeEventListener=function(b,c,d){var e=Node.prototype.removeEventListener; "click"===b?e.call(a,b,c.hijacked\|\|c,d):e.call(a,b,c,d)},a.addEventListener=function(b,c,d){var e=Node.prototype.addEventListener;"click"===b?e.call(a,b,c.hijacked\|\|(c.hijacked=function(a){a.propagationStopped\|\|c(a)}),d):e.call(a,b,c,d)});"function"===typeof a.onclick&&(d=a.onclick,a.addEventListener("click",function(a){d(a)},!1),a.onclick=null)}} var deviceIsAndroid=0<navigator.userAgent.indexOf("Android"),deviceIsIOS=/iP(ad\|hone\|od)/.test(navigator.userAgent),deviceIsIOS4=deviceIsIOS&&/OS 4_\d(_\d)?/.test(navigator.userAgent),deviceIsIOSWithBadTarget=deviceIsIOS&&/OS ([6-9]\|\d{2})_\d/.test(navigator.userAgent),deviceIsBlackBerry10=0<navigator.userAgent.indexOf("BB10"); FastClick.prototype.needsClick=function(a){switch(a.nodeName.toLowerCase()){case "button":case "select":case "textarea":if(a.disabled)return!0;break;case "input":if(deviceIsIOS&&"file"===a.type\|\|a.disabled)return!0;break;case "label":case "video":case "path":return!0}return/\bneedsclick\b/.test(a.className)}; FastClick.prototype.needsFocus=function(a){switch(a.nodeName.toLowerCase()){case "textarea":return!0;case "select":return!deviceIsAndroid;case "input":switch(a.type){case "button":case "checkbox":case "file":case "image":case "radio":case "submit":return!1}return!a.disabled&&!a.readOnly;default:return/\bneedsfocus\b/.test(a.className)}}; FastClick.prototype.sendClick=function(a,b){var c,d;document.activeElement&&document.activeElement!==a&&document.activeElement.blur();d=b.changedTouches[0];c=document.createEvent("MouseEvents");c.initMouseEvent(this.determineEventType(a),!0,!0,window,1,d.screenX,d.screenY,d.clientX,d.clientY,!1,!1,!1,!1,0,null);c.forwardedTouchEvent=!0;a.dispatchEvent(c)};FastClick.prototype.determineEventType=function(a){return deviceIsAndroid&&"select"===a.tagName.toLowerCase()?"mousedown":"click"}; FastClick.prototype.focus=function(a){var b;deviceIsIOS&&a.setSelectionRange&&0!==a.type.indexOf("date")&&"time"!==a.type?(b=a.value.length,a.setSelectionRange(b,b)):a.focus()};FastClick.prototype.updateScrollParent=function(a){var b,c;b=a.fastClickScrollParent;if(!b\|\|!b.contains(a)){c=a;do{if(c.scrollHeight>c.offsetHeight){b=c;a.fastClickScrollParent=c;break}c=c.parentElement}while(c)}b&&(b.fastClickLastScrollTop=b.scrollTop)}; FastClick.prototype.getTargetElementFromEventTarget=function(a){return a.nodeType===Node.TEXT_NODE?a.parentNode:a}; FastClick.prototype.onTouchStart=function(a){var b,c,d;if(1<a.targetTouches.length)return!0;b=this.getTargetElementFromEventTarget(a.target);c=a.targetTouches[0];if(deviceIsIOS){d=window.getSelection();if(d.rangeCount&&!d.isCollapsed)return!0;if(!deviceIsIOS4){if(c.identifier===this.lastTouchIdentifier)return a.preventDefault(),!1;this.lastTouchIdentifier=c.identifier;this.updateScrollParent(b)}}this.trackingClick=!0;this.trackingClickStart=a.timeStamp;this.targetElement=b;this.touchStartX=c.pageX; this.touchStartY=c.pageY;a.timeStamp-this.lastClickTime<this.tapDelay&&a.preventDefault();return!0};Fas
URL: https://kubota.highq.com/kubota/js/v4/jquery.js?bt... Model: Joe Sandbox AI	```json { "risk_score": 1, "reasoning": "The provided JavaScript snippet is a part of the jQuery library, which is a widely used and reputable open-source library for DOM manipulation and event handling. The code does not exhibit any high-risk behaviors such as dynamic code execution, data exfiltration, or redirects to malicious domains. It primarily involves utility functions and object manipulations typical of a library. There are no interactions with external domains or obfuscated code present. Therefore, it is considered low risk." }
/! jQuery \| (c) OpenJS Foundation and other contributors \| jquery.org/license / !function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function x(e){return null==e?e+"":"object"==typeof e\|\|"function"==typeof e?n[i.call(e)]\|\|"object":typeof e}var t="3.7.1",l=/HTML$/i,ce=function(e,t){return new ce.fn.init(e,t)};function c(e){var t=!!e&&"length"in e&&e.length,n=x(e);return!v(e)&&!y(e)&&("array"===n\|\|0===t\|\|"number"==typeof t&&0<t&&t-1 in e)}function fe(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()}ce.fn=ce.prototype={jquery:t,constructor:ce,length:0,toArray:function(){return ae.call(this)},get:function(e){return null==e?ae.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=ce.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return ce.each(this,e)},map:function(n){return this.pushStack(ce.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(ae.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(ce.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(ce.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject\|\|this.constructor()},push:s,sort:oe.sort,splice:oe.splice},ce.extend=ce.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]\|\|{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]\|\|{},s++),"object"==typeof a\|\|v(a)\|\|(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(ce.isPlainObject(r)\|\|(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i\|\|ce.isPlainObject(n)?n:{},i=!1,a[t]=ce.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},ce.extend({expando:"jQuery"+(t+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e\|\|"[object Object]"!==i.call(e))&&(!(t=r(e))\|\|"function"==typeof(n=ue.call(t,"constructor")&&t.constructor)&&o.call(n)===a)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){m(e,{nonce:t&&t.nonce},n)},each:function(e,t){var n,r=0;if(c(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},text:function(e){var t,n="",r=0,i=e.nodeType;if(!i)while(t=e[r++])n+=ce.text(t);return 1===i\|\|11===i?e.textContent:9===i?e.documentElement.textContent:3===i\|\|4===i?e.nodeValue:n},makeArray:function(e,t){var n=t\|\|[];return null!=e&&(c(Object(e))?ce.merge(n,"string"==typeof e?[e]:e):s.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:se.call(t,e,n)},isXMLDoc:function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument\|\|e).documentElement;return!l.test(t\|\|n&&n.nodeName\|\|"HTML")},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){var r,i,o
URL: https://kubota.highq.com/kubota/Login_input.action... Model: Joe Sandbox AI	```json { "risk_score": 2, "reasoning": "The script loads an external script from a known domain (go-mpulse.net) and uses dynamic script injection, which is a moderate-risk behavior. However, the domain is associated with Akamai, a reputable content delivery network, suggesting a legitimate use case. No high-risk indicators like data exfiltration or obfuscation are present." }
!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config\|\|{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams\|\|{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n\|\|"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e\|\|d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement\|\|a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp\|\|(new Date).getTime()}if(!window.BOOMR\|\|!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR\|\|{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW";var i=document.currentScript\|\|document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR\|\|{},BOOMR.plugins=BOOMR.plugins\|\|{},!BOOMR.plugins.AK){var n="true"=="true"?1:0,t="cookiepresent",a="baxhxpiccaazwz3eqvnq-f-aef258413-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"1566588","ak.ai":parseInt("918031",10),"ak.ol":"0","ak.cr":89,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"69d8897","ak.r":47647,"ak.a2":n,"ak.m":"a","ak.n":"essl","ak.bpcip":"8.46.123.0","ak.cport":56071,"ak.gh":"2.16.1.230","ak.quicv":"","ak.tlsv":"tls1.3","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1734640987","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==j0exMPklwjrrE86FkSfzezARBKeT6hop+LygyZHAo+cUQn3utfwwskpgPRsc9KDoK0Ao+fLOFdPktONAQPviEfr+0+z+wsPIK3KXJqHstTOb2cSkwccLnpjdyJu7TWJAlZaauTxgs1aX6m+6OI3Ciow3iO6GsSJ/GXO13Q4mzc7pc9lVaZRQ0TMOAfNMv1ZaizdXBlYsRLTrQV9XFEUoK64hcvFfuJvQw+csG4Ge1cniYGXrG4Ez8ZRjccHyW6gNrnn4aMtzZocnBRdY46MgGrYwUlHXlDS76TDVAe9q2ck97P4BNlwdpY0xoJiRKd/kdkojEccrSaQuE0DY5rMuOg6ifG4nggvYdGU5M4S2UekeUCBee15DbMbuP2htdNXzAbglWFf4GpHq926FDQN8ZyXpimXw0CTepHRpb7J0le0=","ak.pv":"75","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]\|\|"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc"
URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "If you need technical support, please email ktc_g.vendormanagement@kubota.com", "prominent_button_name": "Sign in", "text_input_field_labels": [ "Email", "Password" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	{ "brands": [ "Thomson Reuters" ] }
	{ "brands": [ "Thomson Reuters" ] }
URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Sign in", "text_input_field_labels": [ "g7xp40@yowct.net", "password" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	{ "brands": [ "Kubota" ] }
	{ "brands": [ "Kubota" ] }
URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	```json{ "legit_domain": "kubota.com", "classification": "known", "reasons": [ "The brand 'Kubota' is a known brand, primarily associated with agricultural and construction machinery.", "The legitimate domain for Kubota is 'kubota.com'.", "The URL 'kubota.highq.com' does not match the legitimate domain 'kubota.com'.", "The domain 'highq.com' is not directly associated with Kubota, which raises suspicion.", "The presence of a subdomain 'kubota' on 'highq.com' could be an attempt to mimic the legitimate brand.", "The email input field 'g7xp40@yowct.net' is not a typical corporate email domain, which is suspicious." ], "riskscore": 8} Google indexed: False
URL: kubota.highq.com Brands: Kubota Input Fields: g7xp40@yowct.net, password
URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Welcome to Collaborate", "prominent_button_name": "Sign in", "text_input_field_labels": [ "g7xp40@vovct.net" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	{ "brands": [ "Kubota" ] }
	{ "brands": [ "Kubota" ] }
URL: https://kubota.highq.com/kubota/Login_input.action Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Sign in", "text_input_field_labels": [ "g7xp40@vowct.net", "password" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://kubota.highq.com/kubota/Login_input.action Model: Joe Sandbox AI	{ "brands": [ "Kubota" ] }
	{ "brands": [ "Kubota" ] }
URL: https://kubota.highq.com/kubota/Login_input.action Model: Joe Sandbox AI	```json{ "legit_domain": "kubota.com", "classification": "known", "reasons": [ "The brand 'Kubota' is a known brand, primarily associated with agricultural and construction machinery.", "The URL 'kubota.highq.com' does not match the legitimate domain 'kubota.com'.", "The domain 'highq.com' is not directly associated with Kubota, which raises suspicion.", "The presence of input fields for email and password suggests a potential phishing attempt to capture user credentials.", "The use of a subdomain 'kubota' under 'highq.com' could be an attempt to mimic the legitimate brand." ], "riskscore": 8} Google indexed: False
URL: kubota.highq.com Brands: Kubota Input Fields: g7xp40@vowct.net, password

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 19 19:41:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9743586806554974
Encrypted:	false
SSDEEP:	48:8lpdYTcYDHRidAKZdA19ehwiZUklqeh1y+3:8l8vfyy
MD5:	C0749D91A0F0A9268B3805962C574F2C
SHA1:	01E854F7593CAF9DEC3D720320D0B3FCC2ECE517
SHA-256:	B884439E99F188987AEC28DD28F1D519932A5EF70B74EA6F82AEB135BBC76998
SHA-512:	B8AFBA5459042031AD3C50E1D419B12BE87447B94494394BC5835BC2FEAD4DDC1F36F84E63CF7127445CFC8194365EA7396EEE0D2B098A756FAE2EEB65C43AD5
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....+EarVR..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y:.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y=............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........:..].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 19 19:41:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.993137971423284
Encrypted:	false
SSDEEP:	48:8TpdYTcYDHRidAKZdA1weh/iZUkAQkqehiy+2:8T8vl9Qvy
MD5:	4A73FD9A7D0CB8ED07EF4D381AD8958D
SHA1:	D55B68C7F6270CAEBD390F1E5C1EB373ADA2DB57
SHA-256:	8FE088D21B33A0206E74628DAD1E7A505FB0133F0174785F8BC8DD22AD39FD52
SHA-512:	00BB30452052441F910C0ACD0CC5C396C106AEC2F40457BD09FFD3D0F871655C8F43200F0542BC8C6C69E409F78E82AC9D134FE5FC6CAA64696D88231F67D67A
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....PrVR..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y:.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y=............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........:..].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.007577446155779
Encrypted:	false
SSDEEP:	48:8xnpdYTcYsHRidAKZdA14tseh7sFiZUkmgqeh7s8y+BX:8xn8vgney
MD5:	260E3757938338A4CBFE5D1964542CB5
SHA1:	765EC13AC0C92ECBE71D041EB99D5EC712BAB4E4
SHA-256:	559DAE6EB81E7C7D09A568F2AA748AB117F8E1CD26E2C252DBAEE967B95B2D8A
SHA-512:	1989632A6117E873A5238878C5CA4F4078F4B87D7F14F18F082CA3BA16B3CEA6CAF31830E1D4C85CF341D1962F706B3B317B65714029B11EAB8A84295B2C3CCA
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y:.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........:..].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 19 19:41:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.990679580297491
Encrypted:	false
SSDEEP:	48:8GpdYTcYDHRidAKZdA1vehDiZUkwqehWy+R:8G8vmUy
MD5:	E9C4F9476E7128B88E88A7F2CFF1B72B
SHA1:	D6ACE8AE696C665501996039D6BCA73B8807FE41
SHA-256:	3C57E1AAB218A112FEF4D20829EAC2075F293B2DFF426258C4B1118E1EA4B57F
SHA-512:	54F041BFD7F421AD69DE6DB465E2C8BC6B45A669B80986C5270E8C10DA010B097FBF775389D7FB1FBA7BD6FB97D08888278137B074CF73F5D6F475BC224495E7
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....3.KrVR..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y:.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y=............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........:..].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 19 19:41:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9796103863515597
Encrypted:	false
SSDEEP:	48:8+pdYTcYDHRidAKZdA1hehBiZUk1W1qehYy+C:8+8vm94y
MD5:	42505A8881B1BDD948DD55A438B38D3C
SHA1:	4E21B230C8038A9EA2F929711153B0A90D03BC4F
SHA-256:	319EBA241B26A8CA2946CF705C5103869FFED2CE1F106F04840CC6C2FF66C305
SHA-512:	DD96EBEAAA7D1D63C67D5621362844C362CFE1B1D7265AE384382C619DEAACBB9F5D3B1B2A9FA7036C9426628925BFB0BA517B927F6D3F7C4F3EFEC2EDCE58AE
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....WrVR..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y:.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y=............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........:..].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 19 19:41:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.9887416548917383
Encrypted:	false
SSDEEP:	48:8epdYTcYDHRidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbey+yT+:8e8v4T/TbxWOvTbey7T
MD5:	E9CF04B5252540F354F8CA6C7FE4087C
SHA1:	36B9DEA9D537CBC034060CEEA26233543BAD4515
SHA-256:	10297B306038A73B8C190E7E2ED281F7841CBF47D2111E30B454518C793F9CA8
SHA-512:	74F17FD3E555EEF3B54B0C55A11457DC248CE0C9A085A1620295D29AE51F58D61285D3933E01BF2FA9E71C0D8656A7460D67FA2DAE922B236B8F17715FAAB04F
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....HFBrVR..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y:.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y=............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........:..].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (5844), with CRLF line terminators
Category:	downloaded
Size (bytes):	46956
Entropy (8bit):	5.373324507128294
Encrypted:	false
SSDEEP:	384:oBN3kQxNYkRZG8o06UF4boVR1UiJENay8pSmZ/5VuWD:oBN32y/14QR1UiJENay8pSmZ/50O
MD5:	CAD73836C17F94293A85B2DB67E46DC0
SHA1:	B7D4633F1C4418CE60F7CBFC31F3F533BF0B4CA5
SHA-256:	1B3ABE92B8F227F459C3171885272C240D21F388673C13A85A5FD50A8A37541F
SHA-512:	EBDBBB3F07DFDEC81F19D50010A80108009F9EB399F9A36A085782DDCB8CB25230B31C2D0789BB211EDCEEE0D281CF85D3AE7ED1CDC63D4BFD44BCC4A5C0E74E
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/videojs/video-js.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	@charset "UTF-8";...vjs-modal-dialog .vjs-modal-dialog-content, .video-js .vjs-modal-dialog, .vjs-button > .vjs-icon-placeholder:before, .video-js .vjs-big-play-button .vjs-icon-placeholder:before {.. position: absolute;.. top: 0;.. left: 0;.. width: 100%;.. height: 100%;..}.....vjs-button > .vjs-icon-placeholder:before, .video-js .vjs-big-play-button .vjs-icon-placeholder:before {.. text-align: center;..}....@font-face {.. font-family: VideoJS;.. src: url(data:application/font-woff;charset=utf-8;base64,d09GRgABAAAAABDkAAsAAAAAG6gAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABHU1VCAAABCAAAADsAAABUIIslek9TLzIAAAFEAAAAPgAAAFZRiV3hY21hcAAAAYQAAADaAAADPv749/pnbHlmAAACYAAAC3AAABHQZg6OcWhlYWQAAA3QAAAAKwAAADYZw251aGhlYQAADfwAAAAdAAAAJA+RCLFobXR4AAAOHAAAABMAAACM744AAGxvY2EAAA4wAAAASAAAAEhF6kqubWF4cAAADngAAAAfAAAAIAE0AIFuYW1lAAAOmAAAASUAAAIK1cf1oHBvc3QAAA/AAAABJAAAAdPExYuNeJxjYGRgYOBiMGCwY2BycfMJYeDLSSzJY5BiYGGAAJA8MpsxJzM9kYEDxgPKsYBpDiBmg4gCACY7BUgAeJxjYGS7wTiBgZWBgaWQ5RkDA8MvCM0cwxDOeI6BgYmBlZkBKwh

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (409), with CRLF line terminators
Category:	downloaded
Size (bytes):	150481
Entropy (8bit):	5.287645425611689
Encrypted:	false
SSDEEP:	3072:+sISSx9YLMONqq1QjbbyhuJal0YphEVHHs0FfNw/C5mJeKkx:+sISSx9YLMONqq1QjbbyhuJal7phEVH5
MD5:	6A81A54E448690F8B87BB0E063DBCD82
SHA1:	EDE5574FBAD6EE4D069704E4E4D23CC6E2AE1706
SHA-256:	32D36D6567E1675C40AE6B4CD82F1C9144A240FE0237886576AF427D931ABC69
SHA-512:	D192D3C9FF9D031C81E50E12FA26AAA38F9D22EFC214036F235054E58BDBEF47541BCE3EAD04EF386C3C6D69D9D83B90B7ACEA991F91B9B4EA37CBC8A2ED9BCD
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/v4/modules.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/******************************************************************************.. Copyright (c) 2018 or the year of first publication, if earlier, HighQ Solutions Limited or its licensors.. ******************************************************************************/.. /Dashboard Title/...dashTitle {margin-bottom:15px; padding-bottom:5px; font-size:20px; min-height:30px; /border-bottom: 1px solid #e84e0e;/}...dashTitle .icon {font-size:18px;}..../Dashboard Left Panel*/...siteList li{padding:9px 30px 9px 0; display: flex; align-content: space-between; justify-content: space-between; }...siteList li.noResultFound{display: block;}...siteList a.icon{margin-right:-30px; float:right;}...siteCategoryFilter ul.dropdown-menu{max-width:230px;}...dashLeft .moremenu{position: relative;}...dashLeft .moremenu li.dropdown{position: relative;}...dashLeft .moremenu > li.dropdown > .dropdown-menu{ width: 100%; min-width:250px;}...dashLeft .moremenu.nav-pills > li > a{max-width: 150px;}...Trun

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (510)
Category:	downloaded
Size (bytes):	941
Entropy (8bit):	5.5934011440403175
Encrypted:	false
SSDEEP:	24:qo/eK+C6uSWJju6peHSbxbkoq8wN/CPjXDTQAlG9A3ah/:l21CTTJ6LHSFbkoTwN/CPfc8g5h/
MD5:	2329E835B2F4F627A0068B1250FBB128
SHA1:	6C4CCCF50A283270095BC23310B6D1847FA2FE33
SHA-256:	ED3373C8A788A772F2A50D2BD5AA97F3DD1E3289F4454BE3837459030DCC13F8
SHA-512:	B7A36049BE902473FA85D60F855B69E4B5A6BB61B66ED809FB74C95E0C4EB8CD0DAD1B5C4507E46B56AD1B0DEC6C08814D91337001C3736C495E6429FECA47EB
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/base64.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	var Base64={code:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\x3d",encode:function(m,l){var e,g,f,c,h=[],k="",a,d,b=Base64.code;d=("undefined"==typeof l?0:l)?Utf8.encode(m):m;a=d.length%3;if(0<a)for(;3>a++;)k+="\x3d",d+="\x00";for(a=0;a<d.length;a+=3)e=d.charCodeAt(a),g=d.charCodeAt(a+1),f=d.charCodeAt(a+2),c=e<<16\|g<<8\|f,e=c>>18&63,g=c>>12&63,f=c>>6&63,c&=63,h[a/3]=b.charAt(e)+b.charAt(g)+b.charAt(f)+b.charAt(c);h=h.join("");return h=h.slice(0,h.length-k.length)+k},decode:function(m,.l){l="undefined"==typeof l?!1:l;var e,g,f,c,h,k=[],a,d=Base64.code;a=l?Utf8.decode(m):m;for(var b=0;b<a.length;b+=4)e=d.indexOf(a.charAt(b)),g=d.indexOf(a.charAt(b+1)),c=d.indexOf(a.charAt(b+2)),h=d.indexOf(a.charAt(b+3)),f=e<<18\|g<<12\|c<<6\|h,e=f>>>16&255,g=f>>>8&255,f&=255,k[b/4]=String.fromCharCode(e,g,f),64==h&&(k[b/4]=String.fromCharCode(e,g)),64==c&&(k[b/4]=String.fromCharCode(e));c=k.join("");return l?Utf8.decode(c):c}};

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 170 x 30, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1956
Entropy (8bit):	7.864738545255335
Encrypted:	false
SSDEEP:	24:a/MCZDSvcBs9guMF2G1nyLPaS/uUsAnmFyJDqCCPFlGGIkHY1yt/+zMpCZ3lXXqk:yMC2N9gELP00AyRqZFYsHV2zYgbzj
MD5:	84C68FA0BDA6FE693B3D3BEE08EC8E9B
SHA1:	47CB793B8F62B12C7F54BEEA3AA3965447AC2208
SHA-256:	4A5E005B7FD82E80EFD68881A25B0BDDF449B402B277BA47C70A7F365355D961
SHA-512:	DBF407F697751A835E67879CCA4161F7B5142735DE3D3CC389203600A9AE5298BAF0E4EAF7BEEA2CC3EFA643D4065A27160AE93FC60B396C193D51308F486750
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/images/v3/footer_logo_tr.png
Preview:	.PNG........IHDR..............-......tEXtSoftware.Adobe ImageReadyq.e<...FIDATx..[KR.H....lG....lN.\|...`"f.u.....w...6'.8...V....MO..%.(J.`.7S.Q.\..(+..... A....$..HN........I.....#.H.@.......S.ma.K.d".RJ-....;....EPg.?..bt...R2)C)...s.%0.X.K}%u}...3.~.e..RN...P.R&bp70...n......+)z_.}..C.r.D.1..B...._.]#CJ k..U...k?...!q. .4._....qN.:.{.2.{`..h_.I3P.{.Z... .v..(........g@... ..?J.......9(......P7@p.F8..s...'4...<u..s...B.2.TD........m...\.9._u}R.Buw.....A.C......!..3.3.k...#@.;k...i..3...i....yU.R..3.z]O........}7.......3w....f?:..........iW}d..6..:..t.}.,....../..P..0A...G. .b.0.9....,.7E]...5....{.{cO...........m.'...gb.'#.i....0...w.:.FE.55=#...3...fD.\x..7......a..u.._....kH.^;.F.?=...o.....=.".....M;.&.R......P..v)ugh.j..5P.G..'.zt..u.K.......y#cL..Q.8..R...^7d@"...3o.w.=.n.g.=...A/2.mt..q(b._q..u....z;...x.x..r_.uM.=w.KsTv.).......obp.\.D.z..@.U...J0.O.M(.N...^...$.....k.6.@..m...i..M..1\)+..{....BYg.IZ...k.j.o;j.j....s.......(;q

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	51
Entropy (8bit):	4.297151508884876
Encrypted:	false
SSDEEP:	3:YWMmqetEEJtZlCn:YWMm9DJt6
MD5:	60595F7368129753FC4FF67AFAB54F4C
SHA1:	01DEA04FA3E44B20C6F534647E532C12606EAFEA
SHA-256:	A4EEC15E174C5160A0145BED0138CA95594B89F5697E4C1D26BB2D8AA45975D3
SHA-512:	00D083685A0CA9A0A0F07C2DECED05FD195122066325DF4E004D4F50E20A08B658BDA9A14213DB2041409BFE33B832216C07BE01C53E1AAE890100049B87A644
Malicious:	false
Reputation:	low
Preview:	{"site_domain":"arlid:918031","rate_limited":true}.

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C source, ASCII text, with very long lines (65103)
Category:	dropped
Size (bytes):	209939
Entropy (8bit):	5.366006952026174
Encrypted:	false
SSDEEP:	3072:1P6RsHIwj0PdUgdbs8kvdYkODdlm9AZoZXs+eSc:1msHIxHMvd8dtZoZDc
MD5:	FA4C76A7FDE62B18054CF7EB8E946012
SHA1:	B20150066A879D2B78DD3D4908F4ACD148EE66F8
SHA-256:	09EBD7F407439990AAC227E70DA23E1A819E8E30282928E324370805F480BEC4
SHA-512:	D72F5D078675C7ADBF6BFC1980712542A10668AEC9163137A2EC70A5E117F8FFDD0F06A6C4C6636E35C04F2754F33D40C65C59D452AFAA8EA4A382F24F200ABD
Malicious:	false
Reputation:	low
Preview:	/. Copyright (c) 2011, Yahoo! Inc. All rights reserved.. * Copyright (c) 2011-2012, Log-Normal, Inc. All rights reserved.. * Copyright (c) 2012-2017, SOASTA, Inc. All rights reserved.. * Copyright (c) 2017, Akamai Technologies, Inc. All rights reserved.. * Copyrights licensed under the BSD License. See the accompanying LICENSE.txt file for terms.. /./ Boomerang Version: 1.720.0 b17966bb92f8ac2ddcda4ac1d9c0aaea6d2eda7b */..BOOMR_start=(new Date).getTime();function BOOMR_check_doc_domain(e){if(window){if(!e){if(window.parent===window\|\|!document.getElementById("boomr-if-as"))return;if(window.BOOMR&&BOOMR.boomerang_frame&&BOOMR.window)try{BOOMR.boomerang_frame.document.domain!==BOOMR.window.document.domain&&(BOOMR.boomerang_frame.document.domain=BOOMR.window.document.domain)}catch(t){BOOMR.isCrossOriginError(t)\|\|BOOMR.addError(t,"BOOMR_check_doc_domain.domainFix")}e=document.domain}if(e&&-1!==e.indexOf(".")&&window.parent){try{window.parent.document;return}catch(t){try{document.doma

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	downloaded
Size (bytes):	1150
Entropy (8bit):	4.988986771587395
Encrypted:	false
SSDEEP:	24:m8Ywh/kZy5ztJ/SIQsvDqfgvP8/uUXN8oHaRODY2S:tkghY6D2gveVHaU
MD5:	5EB79603256264B91B42AC3EF9601DB6
SHA1:	B4C96EA71B41B51313596280BB9933C3FC2E5485
SHA-256:	6384E8CABA454356B07B87FFA8B5FED94D302126018EA8C0CECDDD560A99DF36
SHA-512:	D98B32C7CDCFD92579EC3C3EB306AF822E7FCC008DDFA6DE415B87E0CB7DFA05547B87F314D79F6255C5FEA8540F03A46045EF6A315C119B23506C96BE079195
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/flag/flag_1003.gif?refreshCacheKey=20240515T111123267
Preview:	............ .h.......(....... ..... ..................................................................................................................................................................................................................................................................................................................................................................................~..}{..zw}.trx.gek.bag.........................................................................................................................d_b._\`.................................................................................................................................................................................................................................................LMX.........................................................................................................................................qot...........................................................

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (579)
Category:	downloaded
Size (bytes):	40183
Entropy (8bit):	5.220033123754301
Encrypted:	false
SSDEEP:	768:kWlzx+CICJkMMNEeQn8GOswHFWm810jJVTZlMHFw:yAvjgZ3
MD5:	AD882BD4C7FBA2404F6C56EC06C367A7
SHA1:	BB224BC7FABC3C89D1858E93BF9FBA0CF323A680
SHA-256:	09A7ED2F0680E162A5E4497F6E42FB8E39648EEA6D556048802C5C607D0ABD71
SHA-512:	6DFB6030C67206DE390768EB42E9A022121848539CF9C346ECD41E97A589F7CE62F2E1897D7498C9E3C3EDF1ACE617D27C9A329FAD59042B995E942F6E18E5F9
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/bootstrap.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if("undefined"===typeof jQuery)throw Error("Bootstrap's JavaScript requires jQuery");+function(a){a=a.fn.jquery.split(" ")[0].split(".");if(2>a[0]&&9>a[1]\|\|1==a[0]&&9==a[1]&&1>a[2]\|\|3<a[0])throw Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher, but lower than version 4");}(jQuery);.+function(a){function g(){var a=document.createElement("bootstrap"),h={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"},d;for(d in h)if(void 0!==a.style[d])return{end:h[d]};return!1}a.fn.emulateTransitionEnd=function(f){var h=!1,d=this;a(this).one("bsTransitionEnd",function(){h=!0});setTimeout(function(){h\|\|a(d).trigger(a.support.transition.end)},f);return this};a(function(){a.support.transition=g();a.support.transition&&.(a.event.special.bsTransitionEnd={bindType:a.support.transition.end,delegateType:a.support.transition.end,handle:function(f){if(a(f.target).is(this))return f.handleObj.handler.ap

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1768)
Category:	downloaded
Size (bytes):	124779
Entropy (8bit):	5.353584950406699
Encrypted:	false
SSDEEP:	1536:H+Fub87YDNpfU5bSzk4Tv2g/boa5ia1Xk00ff1KUrId5NBEmwFWt00ozocdAiTz3:eAf4W20y
MD5:	8E4EA7F1ED0D0B352AC69214358462D8
SHA1:	18852AE9509936A246F4EBF3523205396BFD6175
SHA-256:	20623A1A5E5B4CE39EDE99C54F7C107DD9DAB021ED0E9BC8585540BA19FDD2AD
SHA-512:	C05EF8ABD11F0FD2B72B99478A502B4E85EAC1D95FB4D897AA1A970C8D387C6CB750BDD12D263FE84CD153198025B59D4C53C3C855B4F254DE7B08AC680E73A2
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/v4/common.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/******************************************************************************. Copyright (c) 2018 or the year of first publication, if earlier, HighQ Solutions Limited or its licensors. ******************************************************************************/. body...{font-family: 'Roboto', sans-serif, Arial; font-weight:400; font-size: 14px; line-height:20px; -webkit-font-smoothing: subpixel-antialiased; -ms-overflow-style:scrollbar !important; background:#FCFCFC; color:#404040;}.body, html..{height:100%}/COL-32340/./==================.Other common css.====================/./.siteDropdown .dropdown-menu, .mainMenu li.hideshow .dropdown-menu{max-height: calc(100vh - 160px);}/../ Bootstrap Overwrite */..caret {border-top: 4px solid;}..dropdown-header {font-size:14px; color: #707070;}..dropdown-menu.dropdownMaxWidth {max-width:280px;}..dropdown-menu li a{display: block; text-decoration: none; color:#404040;}..dropdown-menu li a:hover, .dropdown-menu li a[aria-selected=

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (590)
Category:	dropped
Size (bytes):	31223
Entropy (8bit):	5.462211993052096
Encrypted:	false
SSDEEP:	768:h79FEF1lLJ8F1Nwz0D7rI+UObWGXKN4audCON5T2R2gQTzlO6a0wogpyKVdYYfra:hCTLJ8LVb6Md3a0wrycdYY+
MD5:	90D195211ADD97BC73EB0AE1804EB7F5
SHA1:	ABD9150845236C594BCF60D8E5CC16E61A233847
SHA-256:	2B7DC62496843756AE923D71B36965FC46FE060D7ED526849036ADBF3DC79C2C
SHA-512:	6E07B1EECA42AA6926BAD63B9235D45B234FCCD26C27DC332780DFB5ACF36C310189CF6AF47F4CE73B4BFE43A120586EBC82C60046DA11FACC6BB3D2CAC93C81
Malicious:	false
Reputation:	low
Preview:	var microblogImageUploadCounter=0,microblogTotalImages=0,collabCommon_userTimestampKey=collaborateCommon.userID+"_"+(new Date).getTime(),collaborateCommon_timerForNotificationFadeOut=0;if(!CollaborateCommon)var CollaborateCommon={};if(!SiteCommonCollection)var SiteCommonCollection={};CollaborateCommon.onload=function(){$j("#collaborateCustomMessageModal").on("shown.bs.modal",function(){$j("#collaborateMessageOkButton").focus()})};.CollaborateCommon.viewUserProfilePreview=function(a,b,c){var d=$j(a);$j("#msTeamStatusDivId").html("");0==$j("body div.userinfoDropdown").length&&$j('\x3cdiv class\x3d"userinfoDropdown" role\x3d"dialog" aria-labelledby\x3d"userNameFull'+b+'" tabindex\x3d"-1" /\x3e').appendTo("body");var e=$j(".userinfoDropdown");null!=e.attr("lastuser-id")&&e.attr("lastuser-id")==b\|\|e.html('\x3cdiv class\x3d"text-center" style\x3d"padding:72px 20px;"\x3e\x3cimg src\x3d"./images/gray-loaderbig.gif" alt\x3d"Loading..."/\x3e\x3c/div\x3e');.if(d.hasClass("active"))return $j("[dat

Chrome Cache Entry: 134

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (528)
Category:	downloaded
Size (bytes):	7788
Entropy (8bit):	5.220554596844955
Encrypted:	false
SSDEEP:	192:6Jj+A4nFj2stpaj2j/YcCAGHMGQRTPx7BfwBu5QI:6J14nFjzpajg/BCUGQFZ7BfwBu5QI
MD5:	68425596EA84540ED58F06421A7DBB46
SHA1:	A768605A25882B2B82E04520A1BB9264ADD3F1EB
SHA-256:	3649CA3797FF3449B162F115054574535878BF91B449A95FDBB9EB245D5A60BB
SHA-512:	59568019169973E4B2B0DEE7F41EF9F42F53B964186701AE71D24546C6170F01C4756798189DE16953A191984A638A3967C35FCA25B9505A723B63775C4C03A2
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/fastclick.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	function FastClick(a,b){function c(a,b){return function(){return a.apply(b,arguments)}}var d;b=b\|\|{};this.trackingClick=!1;this.trackingClickStart=0;this.targetElement=null;this.lastTouchIdentifier=this.touchStartY=this.touchStartX=0;this.touchBoundary=b.touchBoundary\|\|10;this.layer=a;this.tapDelay=b.tapDelay\|\|200;if(!FastClick.notNeeded(a)){for(var g="onMouse onClick onTouchStart onTouchMove onTouchEnd onTouchCancel".split(" "),f=0,h=g.length;f<h;f++)this[g[f]]=c(this[g[f]],this);deviceIsAndroid&&.(a.addEventListener("mouseover",this.onMouse,!0),a.addEventListener("mousedown",this.onMouse,!0),a.addEventListener("mouseup",this.onMouse,!0));a.addEventListener("click",this.onClick,!0);a.addEventListener("touchstart",this.onTouchStart,!1);a.addEventListener("touchmove",this.onTouchMove,!1);a.addEventListener("touchend",this.onTouchEnd,!1);a.addEventListener("touchcancel",this.onTouchCancel,!1);Event.prototype.stopImmediatePropagation\|\|(a.removeEventListener=function(b,c,d){var e=Node.prot

Chrome Cache Entry: 135

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65261), with CRLF line terminators
Category:	dropped
Size (bytes):	994410
Entropy (8bit):	4.738397453748755
Encrypted:	false
SSDEEP:	6144:XvLmWIFyZDWJwpKpvZY3DJttwZg2fqh/1HlfjizM+8J6FprVbdVWSs5lEDjLXV1Z:fK7qqVBgz6+91FldVgZ25+h+9SbxL
MD5:	48593F281783085DAC7BEA253E513AE7
SHA1:	147A22C0DA882EEA14771623624FF89B364D0822
SHA-256:	2D8EC80D9B2C2F473CF4410CD366EC0A6087B984DDC8F431720D2D96664439AB
SHA-512:	294BB917708C147A3F7CD0EB4FA96C3E4E08D98775640E00BB6B20DC963234E9708AE6AEAA7860977DEF4918B277094FC70F7287BA7B3FFA69088AAEBF5AAFD9
Malicious:	false
Reputation:	low
Preview:	/******************************************************************************.. Copyright (c) 2018 or the year of first publication, if earlier, HighQ Solutions Limited or its licensors.. *******************************************************************************/..var json = '{"officeonline.fileVersion.upload.success":"Your changes have been saved and the document will be updated shortly.","thirdparty.service.document.action.receivecopy":"Receives a Copy","task.menu.label.low":"Low","linkModal.BrowseTab.systemPage.insertLinkMsg":"Click on the system dashboard list to insert a link","site.admin.users.addToGroup.selectAllBidders.label":"Select all bidders","lfs.shareditems.content.lastsharedate.title":"Last shared","document.addNewFileVersion.sql.error":"The request is not valid","userAvatar.upload.validationMessage.ypositionheight":"Please enter valid y position or height. The sum of y position and height should not exceed the actual height of an image.","template.dependency.c

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 170 x 30, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1956
Entropy (8bit):	7.864738545255335
Encrypted:	false
SSDEEP:	24:a/MCZDSvcBs9guMF2G1nyLPaS/uUsAnmFyJDqCCPFlGGIkHY1yt/+zMpCZ3lXXqk:yMC2N9gELP00AyRqZFYsHV2zYgbzj
MD5:	84C68FA0BDA6FE693B3D3BEE08EC8E9B
SHA1:	47CB793B8F62B12C7F54BEEA3AA3965447AC2208
SHA-256:	4A5E005B7FD82E80EFD68881A25B0BDDF449B402B277BA47C70A7F365355D961
SHA-512:	DBF407F697751A835E67879CCA4161F7B5142735DE3D3CC389203600A9AE5298BAF0E4EAF7BEEA2CC3EFA643D4065A27160AE93FC60B396C193D51308F486750
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............-......tEXtSoftware.Adobe ImageReadyq.e<...FIDATx..[KR.H....lG....lN.\|...`"f.u.....w...6'.8...V....MO..%.(J.`.7S.Q.\..(+..... A....$..HN........I.....#.H.@.......S.ma.K.d".RJ-....;....EPg.?..bt...R2)C)...s.%0.X.K}%u}...3.~.e..RN...P.R&bp70...n......+)z_.}..C.r.D.1..B...._.]#CJ k..U...k?...!q. .4._....qN.:.{.2.{`..h_.I3P.{.Z... .v..(........g@... ..?J.......9(......P7@p.F8..s...'4...<u..s...B.2.TD........m...\.9._u}R.Buw.....A.C......!..3.3.k...#@.;k...i..3...i....yU.R..3.z]O........}7.......3w....f?:..........iW}d..6..:..t.}.,....../..P..0A...G. .b.0.9....,.7E]...5....{.{cO...........m.'...gb.'#.i....0...w.:.FE.55=#...3...fD.\x..7......a..u.._....kH.^;.F.?=...o.....=.".....M;.&.R......P..v)ugh.j..5P.G..'.zt..u.K.......y#cL..Q.8..R...^7d@"...3o.w.=.n.g.=...A/2.mt..q(b._q..u....z;...x.x..r_.uM.=w.KsTv.).......obp.\.D.z..@.U...J0.O.M(.N...^...$.....k.6.@..m...i..M..1\)+..{....BYg.IZ...k.j.o;j.j....s.......(;q

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	20559
Entropy (8bit):	5.013492216096953
Encrypted:	false
SSDEEP:	192:YLbUZfGwN3513v8/PeePQ4dsCyYE6d2jDB1glJ3eIvI/gcsMUM11Fse//hbfAu1O:n3v35C75LXqNuwgBHK8+kJ
MD5:	225EDC91B9212A2FDBC00C4C3F5F6197
SHA1:	20E9B55B6186DAA5E89FF736C4A123826570C79C
SHA-256:	83B0A2F81D8780B2EE31F5B85FB7290A5BB1D6EE28178A507ACF8301C00F5B58
SHA-512:	7242C57E5FC3DAE07820F7BB4EA8F2FA8F689D21CAB4C6573ABCA55034DD578C5EB623A7EE77A20B39EA184CEEDA35ED50755C8E885B72B7C406937C9F1E45F1
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/v4/fonticon.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/******************************************************************************.. Copyright (c) 2018 or the year of first publication, if earlier, HighQ Solutions Limited or its licensors.. *******************************************************************************/.. @charset "UTF-8";....@font-face {.. font-family: "highq50";.. src:url("../fonts/Icon/highq50.eot?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267");.. src:url("../fonts/Icon/highq50.eot?#iefix?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267") format("embedded-opentype"),.. url("../fonts/Icon/highq50.woff?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267") format("woff"),.. url("../fonts/Icon/highq50.ttf?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267") format("truetype"),.. url("../fonts/Icon/highq50.svg#highq50?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267") format("svg");.. font-weight: normal;.. font-style: normal;....}....[data-icon]:before {.. fon

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 350 x 97, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	14683
Entropy (8bit):	7.980524638471162
Encrypted:	false
SSDEEP:	384:X1aAbibmAE9VH3hP+JTil6m0Nb7jmc09JTJ:X1lbiNE9BYDmU/10HTJ
MD5:	64F4F3EA7E811F232FBDCD30D6C72A86
SHA1:	B107B2FC564F40BA25A8F870C0CABE416DE8DD87
SHA-256:	C8E02AB8522B91BD020AF019D716E1B617E89CB9DEDD9C1B1ED94B90F1D9562D
SHA-512:	E89082542F730520AA94E8A571E2E5D07FBB1C95060FD48973DB620257968A4810F32DCCAFAA1808CD0F7E295F4DF16D5D7E41CA431386E243D98DCC73E1E085
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/flag/flag_mailLogo.gif?refreshCacheKey=20240515T111123267
Preview:	.PNG........IHDR...^...a.......^.....sRGB...,.....pHYs...t...t..f.x..9.IDATx..i...u&\..Ta..@....n...LY.lE..(vb...Nf2.g..-..H....9.....\|q2Y.q<..E..K.VR.DQ\{_.@7..P{..IQ...&.-.S..A.]xkA..}.}.}_b.!...6..J..'}.6l..aS...6Z....6l..M.6l.h...l...65.a..lj.a.F...`.........-`S...6Z....6l..M.6l.h...l...65.a..lj.a.F..c.`4=......z...6n...5$\..J..<'#:b...).DY..yH..>.p4L!.T......k......t....N....N^...V...j.'U.@h..9~.....DQ. d.U..Z.NLN..y.0p.T...0<....T...:...4[S.qs.E...@..4B.V...9.S..EV..!....:9Q.......PGWWW.3.t8q.kx.(......l&#..5.&........l.:!.....!v.D.&:t.7.[.....{.n..<A."`..qNU...........1...~._..a...\.....F.X...$.;.@)........v.\|>.".e...2..&W..\|....SK.l.<B ....{...ac=>IjPp......1.S.hW.x.W......i. .b.T..j/...P..J.J... .......@. %`c....PTU...B>.....-P."..@.@.3.,..?.mfs.S.N~..Y.Z.....Z.D...^..6.\|b.P&...8....}.G.x..P(.q\|.ZI.3.tzaa.T*...UU@..,..y....`.e..AuC.1..(..uQ.DI..\|....k.Z.X(,-.%.+........q.........ggfO...b!.gh... .84...&6l.=...A$.U..]._.].P.s{.....p.\)

Chrome Cache Entry: 139

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (64394), with CRLF line terminators
Category:	downloaded
Size (bytes):	255084
Entropy (8bit):	5.160386686458492
Encrypted:	false
SSDEEP:	3072:UDa8LPLGI9fB8NnODpEujVHUc9koNRppuzGvStCAvuBFak8J3:eLjv9u4VxvLo1
MD5:	E1BF7600D8C5AC51C115D942BEB026F5
SHA1:	C2DF488EBEEAF00B1612C657025460362D429943
SHA-256:	1B4C820B2ACE35A7E3A10BEB67B98B9AFF7C6BB953D700DCEFDF2517232FF869
SHA-512:	AD0B3316B1D248926E7E12956690936A5CBF7B0671E0E01EEFF6D9D6909B372D4F9F174993F39A2A8C727A4F83AEDC7357A6131AE808ABF2531597D6FC803878
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/jquery-ui.min.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/! jQuery UI - v1.13.2 - 2022-11-09.. http://jqueryui.com..* Includes: widget.js, position.js, data.js, disable-selection.js, focusable.js, form-reset-mixin.js, jquery-patch.js, keycode.js, labels.js, scroll-parent.js, tabbable.js, unique-id.js, widgets/draggable.js, widgets/droppable.js, widgets/resizable.js, widgets/selectable.js, widgets/sortable.js, widgets/accordion.js, widgets/autocomplete.js, widgets/button.js, widgets/checkboxradio.js, widgets/controlgroup.js, widgets/datepicker.js, widgets/dialog.js, widgets/menu.js, widgets/mouse.js, widgets/progressbar.js, widgets/selectmenu.js, widgets/slider.js, widgets/spinner.js, widgets/tabs.js, widgets/tooltip.js, effect.js, effects/effect-blind.js, effects/effect-bounce.js, effects/effect-clip.js, effects/effect-drop.js, effects/effect-explode.js, effects/effect-fade.js, effects/effect-fold.js, effects/effect-highlight.js, effects/effect-puff.js, effects/effect-pulsate.js, effects/effect-scale.js, effects/effect-shake.js, effects/ef

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	51
Entropy (8bit):	4.297151508884876
Encrypted:	false
SSDEEP:	3:YWMmqetEEJtZlCn:YWMm9DJt6
MD5:	60595F7368129753FC4FF67AFAB54F4C
SHA1:	01DEA04FA3E44B20C6F534647E532C12606EAFEA
SHA-256:	A4EEC15E174C5160A0145BED0138CA95594B89F5697E4C1D26BB2D8AA45975D3
SHA-512:	00D083685A0CA9A0A0F07C2DECED05FD195122066325DF4E004D4F50E20A08B658BDA9A14213DB2041409BFE33B832216C07BE01C53E1AAE890100049B87A644
Malicious:	false
Reputation:	low
Preview:	{"site_domain":"arlid:918031","rate_limited":true}.

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65454)
Category:	dropped
Size (bytes):	87526
Entropy (8bit):	5.262323997449038
Encrypted:	false
SSDEEP:	1536:NRUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:VHNwcv9VBQpLl88SMBQ47GKr
MD5:	6FB8B4AD2038E5896AB9FD78D041FB7E
SHA1:	3DB2127019FF6CC562D47B0EFD4A8E78560C63C3
SHA-256:	5AA8EBCF65C11F120CD1177294D524CE4580196290DEC56FE4F2AB1995CF1098
SHA-512:	D26FE040FAD4C6F56AFEF0D14036637385F8AF4E9B5CA372555E94046F2DFBCFB21F8D4CE0DECE6A56C955CA9FBFB67527DF83BBF3E24D80B7B3FDB920BBC107
Malicious:	false
Reputation:	low
Preview:	/! jQuery \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (570)
Category:	downloaded
Size (bytes):	7285
Entropy (8bit):	5.336507920825121
Encrypted:	false
SSDEEP:	192:9yQNjNYve8+Yfhh5ZEAYS7LYxKCsa0gyOF:9FjNObYSncV0pS
MD5:	A37BC2F05AEEE40FE9B5E00E7AB69C4E
SHA1:	FE6347A753AC540646C57186B26DF20DCF12E76C
SHA-256:	4A6CEC5778258A2102177FFC44B3C95D2F49F069187594DEFCE2C0A5DCBF0B2B
SHA-512:	49E07ABBA8181E64AEE20E2AEB6D63BB4DD3FF2D2B94FFB529FE901DB87C616417EAF8DB30BA1DC4CE772BA438C19F0B3A1FB143FDB5DCFCB007AC59C8643605
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/jquery.truncate.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	"undefined"!==typeof jQuery&&function(l){function A(a,b){this.defaults={maxLines:1,lineHeight:null,truncateString:"",truncateAfterLinks:!0,showText:"",hideText:"",showClass:"show",hideClass:"hide",collapsed:!0,debug:!1,contextParent:null,maxSteps:100,tooltip:!1,animate:!1,animateOptions:{complete:function(){}}};this.config=l.extend(!0,{},this.defaults,b);this.$el=l(a);if(null===this.config.lineHeight){var c=NaN,c="normal"===this.$el.css("line-height")?1.14parseFloat(this.$el.css("font-size")):-1===.this.$el.css("line-height").indexOf("px")?this.$el.css("line-height")parseFloat(this.$el.css("font-size")):parseFloat(this.$el.css("line-height"));if(isNaN(c))throw Error('No "lineHeight" parameter was specified and none could be calculated.');this.config.lineHeight=c}"inline"===this.$el.css("display")&&(null===this.config.contextParent?this.config.contextParent=B(this.$el):"inline"===this.config.contextParent.css("display")&&(this.config.contextParent=B(this.config.contextParent)));this.h

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (498)
Category:	dropped
Size (bytes):	935
Entropy (8bit):	5.513990527184043
Encrypted:	false
SSDEEP:	24:Kqc/fO0fofO0bPetKq6U727eghhtp6oEU2be0ie:YOmQOoetH7KeghAob0ie
MD5:	3F6BBE9DCE3B1E832DBA294A09013DA4
SHA1:	851194F84AD0DF927F7AD498999DCB2A74561C86
SHA-256:	460DD47F9D09F9935EF74681260BEDD7A9CAE6D0A6EF9CBDA0057117EC090B32
SHA-512:	398C3ABA9187298F2A5CE6B493B3941BE61E2549FEE332F61EC820976B91A186F3DD711F10A4947A6FC3A846B9B24878AB200A711B56908BCF47317B19E954BB
Malicious:	false
Reputation:	low
Preview:	function callTermsCondition(){window.open("termsOfUse.action?timestamp\x3d"+(new Date).getMilliseconds(),"subWindow","height\x3d700,width\x3d900,resizable\x3dyes,scrollbars\x3dyes");return!1}function callPrivacyPolicy(){window.open("privacyPolicy.action?timestamp\x3d"+(new Date).getMilliseconds(),"subWindow","height\x3d700,width\x3d900,resizable\x3dyes,scrollbars\x3dyes");return!1}.function getContactUsAdminEmails(){GriffinCommon.customAjaxSubmit({REQUEST_TYPE:"POST",REQUEST_URL:"getContactUsAdminEmails.action?"+systemProperty.CSRF_TOKEN_NAME+"\x3d"+systemProperty.CSRF_TOKEN_VALUE,FORM_DATA:{"metaData.siteID":collaborateCommon.metaDataSiteID},CACHE:"false",DATA_TYPE:"html"},function(a){0!=a.length&&(0==a.indexOf("http")\|\|0==a.indexOf("https")\|\|0==a.indexOf("ftp")?window.open(a):-1==a.indexOf("@")?window.open("http://"+a):window.location.href="mailto:"+a);return!0},null)}.function helpClickedForFooter(a,b){window.open(b)};

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65454)
Category:	downloaded
Size (bytes):	87526
Entropy (8bit):	5.262323997449038
Encrypted:	false
SSDEEP:	1536:NRUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:VHNwcv9VBQpLl88SMBQ47GKr
MD5:	6FB8B4AD2038E5896AB9FD78D041FB7E
SHA1:	3DB2127019FF6CC562D47B0EFD4A8E78560C63C3
SHA-256:	5AA8EBCF65C11F120CD1177294D524CE4580196290DEC56FE4F2AB1995CF1098
SHA-512:	D26FE040FAD4C6F56AFEF0D14036637385F8AF4E9B5CA372555E94046F2DFBCFB21F8D4CE0DECE6A56C955CA9FBFB67527DF83BBF3E24D80B7B3FDB920BBC107
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/jquery.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/! jQuery \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (602)
Category:	dropped
Size (bytes):	9025
Entropy (8bit):	5.340472797072539
Encrypted:	false
SSDEEP:	192:/yBVKV6o7kKVpTn9mX8GSLA8vKX+8vKVBEiAp6TKz:roIvzQ8G84+8i72Fz
MD5:	7D762B7F02C0FC5B2681DF4BDDA7298D
SHA1:	54C72BC60F55DE2401D300A733ECF9C6832EA66C
SHA-256:	B8B0CF93FD0135713A27C5C0CA9C0ABC2DDA5C88FBEDF93956B4475901119DD5
SHA-512:	66EBA83CDEAB6E5F8F34C2BC79DE15BCFF4D931566026238069D724DBF701AA6792D048F9383CB756DD15235D5E4AC3F08B31F06CDAEEA6A07E77F123EE68BEA
Malicious:	false
Reputation:	low
Preview:	if(!Navigations)var Navigations={};var navigations_isIE8OR9=-1!=navigator.appVersion.indexOf("MSIE 9")\|\|-1!=navigator.appVersion.indexOf("MSIE 8");$j(window).on("statechange",function(a){navigations_isIE8OR9?("TRUE"!=sessionStorage.getItem("unLoadWindowEvent")&&BrowserState.executeHistoryStateFunction(),sessionStorage.setItem("unLoadWindowEvent","FALSE")):BrowserState.executeHistoryStateFunction()});.if(navigations_isIE8OR9)$j(window).on("unload",function(a){sessionStorage.setItem("unLoadWindowEvent","TRUE")});.Navigations.Dashboard=function(a){if(a&&a.ctrlKey)return!0;$j("#collaborateMainContainer").html('\x3cdiv class\x3d"text-center padd20"\x3e\x3cimg src\x3d"./images/gray-loaderbig.gif"\x3e\x3c/div\x3e');GriffinCommon.customAjaxSubmit({REQUEST_TYPE:"GET",REQUEST_URL:"dashboardContent.action",FORM_DATA:{"metaData.systemPageID":DashboardCollectionVar.metaDataSystemPageID,classicDashboard:DashboardCollectionVar.isClassicDashboardRedirect,callFrom:DashboardCollectionVar.callFrom},CACHE

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (649)
Category:	downloaded
Size (bytes):	35621
Entropy (8bit):	5.295509211639803
Encrypted:	false
SSDEEP:	768:YpoGP8fyk6qp0G9Pw6i6e/I93mobSy2HO:TFf95pP3e/I9mobEO
MD5:	9796344F4E37235E2F8488CAFC180596
SHA1:	09D558DAD176369D61BA50B194076F50234A00E4
SHA-256:	3121C235AA8C80FEED4397B14B88C1FFFC6B235F202A2589BB14A935083B28E1
SHA-512:	3D29606FE7B32E09A8DC22444DFD7CFC9BB9D5A47A2FDAF3050550A4DD95E68B112C9BEC1D95FBDE086250BFD7FCC696C6DFF4BBFD7A618A84C3D1C3CEB828C6
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/bootstrap-select.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	(function(p,f){"function"===typeof define&&define.amd?define(["jquery"],function(z){return f(z)}):"object"===typeof module&&module.exports?module.exports=f(require("jquery")):f(p.jQuery)})(this,function(p){(function(f){function z(a){f.each([{re:/[\xC0-\xC6]/g,ch:"A"},{re:/[\xE0-\xE6]/g,ch:"a"},{re:/[\xC8-\xCB]/g,ch:"E"},{re:/[\xE8-\xEB]/g,ch:"e"},{re:/[\xCC-\xCF]/g,ch:"I"},{re:/[\xEC-\xEF]/g,ch:"i"},{re:/[\xD2-\xD6]/g,ch:"O"},{re:/[\xF2-\xF6]/g,ch:"o"},{re:/[\xD9-\xDC]/g,ch:"U"},{re:/[\xF9-\xFC]/g,.ch:"u"},{re:/[\xC7-\xE7]/g,ch:"c"},{re:/[\xD1]/g,ch:"N"},{re:/[\xF1]/g,ch:"n"}],function(){a=a?a.replace(this.re,this.ch):""});return a}function p(a){var c=arguments,b=a;[].shift.apply(c);var e,d=this.each(function(){var a=f(this);if(a.is("select")){var d=a.data("selectpicker"),k="object"==typeof b&&b;if(!d)d=f.extend({},l.DEFAULTS,f.fn.selectpicker.defaults\|\|{},a.data(),k),d.template=f.extend({},l.DEFAULTS.template,f.fn.selectpicker.defaults?f.fn.selectpicker.defaults.template:{},a.data().t

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18588, version 1.0
Category:	downloaded
Size (bytes):	18588
Entropy (8bit):	7.988601596032928
Encrypted:	false
SSDEEP:	384:WF9srt3EJfKy7iOpqErJeqQhzsaZqPTPabcoqYdBTKYPvS9BlTf:Wn6UhKYieqAiPQTwclYQLlTf
MD5:	115C2D84727B41DA5E9B4394887A8C40
SHA1:	44F495A7F32620E51ACCA2E78F7E0615CB305781
SHA-256:	AE0E442895406E9922237108496C2CD60F4947649A826463E2DA9860B5C25DD6
SHA-512:	00402945111722B041F317B082B7103BCC470C2112D86847EAC44674053FC0642C5DF72015DCB57C65C4FFABB7B03ECE7E5F889190F09A45CEF1F3E35F830F45
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Preview:	wOF2......H........ ..H8................................\|.`..J.\..<........-..Z...x.6.$..0. .... ..S.7.5..K!.;..../.`..Sn.J.e.52P.(.....=9....f.....$....fZ.p...N...t....6.lfS.Ju.i.o.g..<....T"O.o..4..4....M/N.>.K..."[.P...W.u.>]................A.9z....IN^....z..Y.{....m=...+X9<?.......(IAG8rD....52L0.p .EJ..p....=.......[U...pz..g...../L.U.......P..W.U..q$L..6......C.M.0..R..........D(.ilX.Y..SZ.R...Q..j.6.@\."\|.l......3....,.T.....L...ap0......6.j.\&O.z`.$._+vwnr...,....?W.T....!.J...L#%.......A}........\.....l...:....U..u.J.0....O......&.!.)4.V..:.}.0f....:W......?U.....%...b...!....yA.sw.....5..T .}{.t!F.G....{"..pQ.S.v.S....t......U.Y\|.v.@....\|..(..V.........^....../.7......K......J.Uq/L.T-.`.O........;........';vWq.+....J...J..p.....sB`(1LC.k....?Z{...v>dS....F..........\.....UetU........6.V...vE....._.../...%.q...^.l...>^.z..l..p....j..@H...`X.p...KQ. .<@...I...BF.......L..6...y.2=.P....8;..@`.m.....R.B.L.r.*T.T..l@.6.Y....}g.....F.n...

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (576)
Category:	downloaded
Size (bytes):	5748
Entropy (8bit):	5.441096209962554
Encrypted:	false
SSDEEP:	96:XhR/syc2UsOdczDNMFVnvZLoKPKolKPKkgZKgV77hGAHWBPXw:XhREyc/f5cAd3
MD5:	7F091B7127244E99D741FEA29F684FA4
SHA1:	83FB76B362BBA09B008CB25CA45D9129F3AFC58C
SHA-256:	4AC1978DBD194EAFD6449B8525810CC93165D8CB7E192AEEBA4691F7E647C5A7
SHA-512:	42A0B88A3E70A985BE9A2EC6B152354D1253097E8B8575499E18F841787FFA42FC379892E2FF28C38A578E130B273FDFCAA6279CBEADC64261B03F7165B91A7C
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/griffin/dragAndDropCommon.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if(!DragAndDropCommonCollection)var DragAndDropCommonCollection={};DragAndDropCommonCollection.moreLinkExpand=function(a,b,c){""!=a&&""!=b&&(document.getElementById(a).style.display="inline",document.getElementById(b).style.display="none");c&&CollaborateCommon.trackBehaviour(c,"Expansion of More");ModalCenterPosition()};.DragAndDropCommonCollection.unBindDragAndDropForActivity=function(a,b){if(-1==navigator.appVersion.indexOf("MSIE 9")&&-1==navigator.appVersion.indexOf("MSIE 8")){$j(document).off("keyup.mulSelComp");var c=$j("#"+a);$j("#"+b);c.off("dragenter.mulSelComp");c.off("dragover.mulSelComp");c.off("dragleave.mulSelComp");c.off("drop.mulSelComp")}};.DragAndDropCommonCollection.bindDragAndDropForActivity=function(a){var b=GriffinCommon.gethtml5uploadJsArray();b.push(GriffinCommon.getCanvasToBlobMinJsJson());b.push(GriffinCommon.getloadImageAllMinJsJson());b.push(GriffinCommon.getJqueryFileuploadImageJsJson());GriffinCommon.loadJsFilesSequentially(b,0,function(){if(-1==navigator.a

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (602)
Category:	downloaded
Size (bytes):	9025
Entropy (8bit):	5.340472797072539
Encrypted:	false
SSDEEP:	192:/yBVKV6o7kKVpTn9mX8GSLA8vKX+8vKVBEiAp6TKz:roIvzQ8G84+8i72Fz
MD5:	7D762B7F02C0FC5B2681DF4BDDA7298D
SHA1:	54C72BC60F55DE2401D300A733ECF9C6832EA66C
SHA-256:	B8B0CF93FD0135713A27C5C0CA9C0ABC2DDA5C88FBEDF93956B4475901119DD5
SHA-512:	66EBA83CDEAB6E5F8F34C2BC79DE15BCFF4D931566026238069D724DBF701AA6792D048F9383CB756DD15235D5E4AC3F08B31F06CDAEEA6A07E77F123EE68BEA
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/griffin/navigation.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if(!Navigations)var Navigations={};var navigations_isIE8OR9=-1!=navigator.appVersion.indexOf("MSIE 9")\|\|-1!=navigator.appVersion.indexOf("MSIE 8");$j(window).on("statechange",function(a){navigations_isIE8OR9?("TRUE"!=sessionStorage.getItem("unLoadWindowEvent")&&BrowserState.executeHistoryStateFunction(),sessionStorage.setItem("unLoadWindowEvent","FALSE")):BrowserState.executeHistoryStateFunction()});.if(navigations_isIE8OR9)$j(window).on("unload",function(a){sessionStorage.setItem("unLoadWindowEvent","TRUE")});.Navigations.Dashboard=function(a){if(a&&a.ctrlKey)return!0;$j("#collaborateMainContainer").html('\x3cdiv class\x3d"text-center padd20"\x3e\x3cimg src\x3d"./images/gray-loaderbig.gif"\x3e\x3c/div\x3e');GriffinCommon.customAjaxSubmit({REQUEST_TYPE:"GET",REQUEST_URL:"dashboardContent.action",FORM_DATA:{"metaData.systemPageID":DashboardCollectionVar.metaDataSystemPageID,classicDashboard:DashboardCollectionVar.isClassicDashboardRedirect,callFrom:DashboardCollectionVar.callFrom},CACHE

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (588)
Category:	downloaded
Size (bytes):	224979
Entropy (8bit):	5.411360043971814
Encrypted:	false
SSDEEP:	1536:7tFhUhQhLIwVn0OO4esuCsGlsOngVBlMAlrAqMYmMOajnVCoC2:VRWan0OO4E3G5nkn1MYmMqoC2
MD5:	4C88E516AEC4E336FB47AA718B5892CE
SHA1:	016A2CDCAF0BFD56EAA3C7384EDD8CFC384D512C
SHA-256:	800EDBC40A6A4548922FE53CFDD48E24EF4D6A18663F519E7CAD358D2F863731
SHA-512:	D5F1FEF6AD2C12E678738A281CAA5E2659250D1A62C9A7A2596687EAED46C7748A4CECF4BAB6C23EE7975C5229380397E1917152988396B372E677D3E4E2572A
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/griffin/documentAnalysis.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if(!DocumentAnalysisCollection)var DocumentAnalysisCollection={};1>Object.keys(DocumentAnalysisCollection).length&&(DocumentAnalysisCollection={SYSTEM_SERVICE_CONFIGURE_MODAL_ID:"system_admin_document_analysis_service_configure_id",systemAdminManageClassifierVersion:[],saveSystemAdminManageClassifierVersion:[]});.DocumentAnalysisCollection.openEngineConfigurationModal=function(a,b){if("Microsoft"===a){var c=a+" Auto-suggest tags";DocumentAnalysisCollection.callFrom="Add";var d=[{ID:"close",TEXT:GriffinCommon.getResourceBundledProperty("ui.button.text.cancel",null),TYPE:"Cancel",FUNCTION:function(){DocumentAnalysisCollection.closeModal(DocumentAnalysisCollection.SYSTEM_SERVICE_CONFIGURE_MODAL_ID)}},{ID:"next",TEXT:GriffinCommon.getResourceBundledProperty("ui.button.text.test",null),TYPE:"PRIMARY",CLASS:"pull-right ",.FUNCTION:function(){DocumentAnalysisCollection.testConfigurationMicrosoftAI(a)}},{ID:"save",TEXT:GriffinCommon.getResourceBundledProperty("systemadmin.systemsettings.displa

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	51
Entropy (8bit):	4.297151508884876
Encrypted:	false
SSDEEP:	3:YWMmqetEEJtZlCn:YWMm9DJt6
MD5:	60595F7368129753FC4FF67AFAB54F4C
SHA1:	01DEA04FA3E44B20C6F534647E532C12606EAFEA
SHA-256:	A4EEC15E174C5160A0145BED0138CA95594B89F5697E4C1D26BB2D8AA45975D3
SHA-512:	00D083685A0CA9A0A0F07C2DECED05FD195122066325DF4E004D4F50E20A08B658BDA9A14213DB2041409BFE33B832216C07BE01C53E1AAE890100049B87A644
Malicious:	false
Reputation:	low
Preview:	{"site_domain":"arlid:918031","rate_limited":true}.

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Nim source code, ASCII text
Category:	downloaded
Size (bytes):	56723
Entropy (8bit):	5.283110334599086
Encrypted:	false
SSDEEP:	1536:Vpszkivw46GcVBeX8XL9r/FppH4gdADaXlbeYZ8Fw:VbL9r/FppHwaXlbX
MD5:	93EC8DEE4FF22A2BFEBFE53A0F7C21E4
SHA1:	DE7FCC96B68EA5233DE6B07ED7C4F8A2DCA0B650
SHA-256:	10DC1F46E8DE33F244DF4F39F2E499A4B54886E8476AD00C26624E1176F86686
SHA-512:	45DCA144AA3D096BFBCC7FD42252D6BDDA7C2F5AFFB612ED6F0F6483707B8CAA0C46A6CA00657ED5B880B7077DC0D9D0E4170D094057A97021D7A1F6928BD7F8
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/v4/mediascreen.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/******************************************************************************. Copyright (c) 2018 or the year of first publication, if earlier, HighQ Solutions Limited or its licensors. ******************************************************************************/. / Media Query /../ only in tablet/mobile device (COL-19770 - iOS: checkboxes do not align with labels)/..@media (max-device-width: 1024px) {..input[type=checkbox], input[type=radio] {margin-top:1px;}...withoutTitle .fixedContent{visibility: visible;}.....}../ case upto 1024 resolution only /.@media (max-width: 1024px){..body:not(.bodyLang-en):not(.bodyLang-fr) #lookUpParentDiv .col-lg-9.col-sm-8, body.bodyLang-fr #lookUpParentDiv .col-lg-9.col-sm-8{width:48%;}..body:not(.bodyLang-en) #fillterDivID+div button#addToGrid{margin-left:15px;}..../ left panel height on scroll */...tabletScreenMode.myFiles .leftPanelSection, .tabletScreenMode.files .leftPanelSection, .tabletScreenMode.event .leftPanelSection{height:aut

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	610
Entropy (8bit):	5.252242228150342
Encrypted:	false
SSDEEP:	12:Y1Vn6Tt0bz/Upb/Het+0qYBWJ+FTFI8fYeW0T2EN6+JIxASkc1wX2PiID3:Y10Ty/sArxpjnT2ENVJIYc1wGPiA3
MD5:	9B3C9722EF830188E517E760241ECED7
SHA1:	CEAB00B72CDA710AD718F588D266FC21F587B9A2
SHA-256:	0BE8BDC5BB1645758CE38222FC0910C8B74AFF82D8F0F3A933559B09A746EE98
SHA-512:	95F12A96A2AE3E224D7FE8819DDAD05BF2ADFC205D99F99495123C57854544847A224AFD1C37D40542A5AD869F2946F8FDDC8D327D998A342C5CDCE78BB88CC1
Malicious:	false
Reputation:	low
URL:	"https://c.go-mpulse.net/api/config.json?key=VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW&d=kubota.highq.com&t=5782136&v=1.720.0&if=&sl=0&si=57a0d2ff-65bb-4369-8947-3931589c2b89-sordi3&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=918031"
Preview:	{"h.key":"VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW","h.d":"arlid:918031","h.t":1734640947768,"h.cr":"5bb8996f9094ef6d43b0d6332dbc697ff427751d-2fa9630c-dcb5aba4","session_id":"26be9f09-1060-4f82-8beb-51413045a8ab","site_domain":"arlid:918031","beacon_url":"//684dd326.akstat.io/","autorun":true,"BW":{"enabled":false},"RT":{"cookie":null,"session_exp":1800},"ResourceTiming":{"enabled":true,"splitAtPath":true},"PageParams":{"xhr":"none","pageGroups":[],"customMetrics":[],"customTimers":[],"customDimensions":[],"urlPatterns":[],"params":true},"Akamai":{"enabled":true,"dns_prefetch_enabled":true},"user_ip":"8.46.123.0"}

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (579)
Category:	dropped
Size (bytes):	40183
Entropy (8bit):	5.220033123754301
Encrypted:	false
SSDEEP:	768:kWlzx+CICJkMMNEeQn8GOswHFWm810jJVTZlMHFw:yAvjgZ3
MD5:	AD882BD4C7FBA2404F6C56EC06C367A7
SHA1:	BB224BC7FABC3C89D1858E93BF9FBA0CF323A680
SHA-256:	09A7ED2F0680E162A5E4497F6E42FB8E39648EEA6D556048802C5C607D0ABD71
SHA-512:	6DFB6030C67206DE390768EB42E9A022121848539CF9C346ECD41E97A589F7CE62F2E1897D7498C9E3C3EDF1ACE617D27C9A329FAD59042B995E942F6E18E5F9
Malicious:	false
Reputation:	low
Preview:	if("undefined"===typeof jQuery)throw Error("Bootstrap's JavaScript requires jQuery");+function(a){a=a.fn.jquery.split(" ")[0].split(".");if(2>a[0]&&9>a[1]\|\|1==a[0]&&9==a[1]&&1>a[2]\|\|3<a[0])throw Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher, but lower than version 4");}(jQuery);.+function(a){function g(){var a=document.createElement("bootstrap"),h={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"},d;for(d in h)if(void 0!==a.style[d])return{end:h[d]};return!1}a.fn.emulateTransitionEnd=function(f){var h=!1,d=this;a(this).one("bsTransitionEnd",function(){h=!0});setTimeout(function(){h\|\|a(d).trigger(a.support.transition.end)},f);return this};a(function(){a.support.transition=g();a.support.transition&&.(a.event.special.bsTransitionEnd={bindType:a.support.transition.end,delegateType:a.support.transition.end,handle:function(f){if(a(f.target).is(this))return f.handleObj.handler.ap

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	32412
Entropy (8bit):	5.154917866834749
Encrypted:	false
SSDEEP:	768:0Q34lhN4r7Xy7xG0K88PD+X45FCOrmLZJnFS0iv6X7LRF:0QIlUr7ymPD+wFCOrGv1n
MD5:	2DE730D25D946D02526223EA678C7467
SHA1:	5C239B424415DA99FF40680141F3222A299003CB
SHA-256:	64C67A33C8E4002C793573C8D78C8914219A3E4DD54C098B93DB61A2B72AB71D
SHA-512:	10759419C3FD2523C9FCCFE7A1E83EB168C8AB534D38E79317D3D98D4B4EDD8AE14BAFF1D87A7F3CEC4DD25BFBBDA0F3A67F2F0BEEA81E0D1B755D2B1DC87B7A
Malicious:	false
Reputation:	low
Preview:	/!. jQuery Migrate. * Copyright OpenJS Foundation and other contributors. */.( function( factory ) {.."use strict";...if ( typeof define === "function" && define.amd ) {....// AMD. Register as an anonymous module....define( [ "jquery" ], function( jQuery ) {....return factory( jQuery, window );...} );..} else if ( typeof module === "object" && module.exports ) {....// Node/CommonJS...// eslint-disable-next-line no-undef...module.exports = factory( require( "jquery" ), window );..} else {....// Browser globals...factory( jQuery, window );..}.} )( function( jQuery, window ) {."use strict";..jQuery.migrateVersion = "3.5.2";..// Returns 0 if v1 == v2, -1 if v1 < v2, 1 if v1 > v2.function compareVersions( v1, v2 ) {..var i,...rVersionParts = /^(\d+)\.(\d+)\.(\d+)/,...v1p = rVersionParts.exec( v1 ) \|\| [ ],...v2p = rVersionParts.exec( v2 ) \|\| [ ];...for ( i = 1; i <= 3; i++ ) {...if ( +v1p[ i ] > +v2p[ i ] ) {....return 1;...}...if ( +v1p[ i ] < +v2p[ i ] ) {....return -1;...}..}..return 0

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (525)
Category:	dropped
Size (bytes):	4165
Entropy (8bit):	5.458306566929322
Encrypted:	false
SSDEEP:	96:OV2oYAnXeEASj8RmIIbK2EDlqCSPsLNdNNT7NJBbMB:OEk9j8RmlbK2UlqxkhbNPpbMB
MD5:	618BF62B3A337A3BDF1A23F76F9EB710
SHA1:	EA45F54D607029B2641AB3599569F3528699F56D
SHA-256:	690DDD7106974D6BA2B85946981EE7E0791EA4E8979A592BCB99CBB3F94839D9
SHA-512:	3649A8B04167DD6354649B31211A02782483CD3B5A55EAED0A08B8E91D63051E712EB10F3E0A909BF5FFE4A0DBEB5083AF8DE95DB9342C39AB35495EA61A4502
Malicious:	false
Reputation:	low
Preview:	if(!BrowserState)var BrowserState={};BrowserState.isLocalStorageNameSupported=function(){var c=window.sessionStorage;try{return c.setItem("test","1"),c.getItem("test"),c.removeItem("test"),!0}catch(a){return!1}};.BrowserState.getUrlParameter=function(c,a){-1!=navigator.appVersion.indexOf("MSIE")&&-1<c.indexOf("#")&&(firstIndexPathUrl=c.split("#")[0],c=c.split("#")[1],-1<firstIndexPathUrl.indexOf("?")&&-1>=c.indexOf("?")&&(c=firstIndexPathUrl+c));c.indexOf("#")==c.length-1&&(c=c.substr(0,c.length-1));if(-1<c.indexOf("?")){var b=c.split("?")[1];if(void 0!=b&&(b=b.split("\x26"),void 0!=b))if("MAP"==a){var d=b.length,e={},f=!1;for(i=0;i<d;i++){var g=b[i].split("\x3d");"_suid"!=g[0]&&""!=g[0]&&(f=!0,e[$j.trim(b[i].split("\x3d")[0])]=.$j.trim(b[i].split("\x3d")[1]))}if(f)return e}else if("ARRAY"==a)return b}};BrowserState.getUrlParameterArray=function(c,a){var b=BrowserState.getUrlParameter(c,"ARRAY");if(void 0!=b){if(void 0==a\|\|""==a)return b;var d=b.length,e=[];for(i=0;i<d;i++)-1<b[i].inde

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	189
Entropy (8bit):	4.979360582739764
Encrypted:	false
SSDEEP:	3:U6rlwNJCCRIsjPd9lTyWLxLxvPcK2HXVFdCToFOMgxZKIpvdJMG7yyLTNSPW8CC+:U6rlweCRVWWNdPcyx0IpvdCkyyLTNSu7
MD5:	58CDE540E2720C7FC74D7BDFDF9A66CA
SHA1:	C63287ECE92ED6AD2AB977730F602CF2FC8BDCCB
SHA-256:	193D2EE54C544E8C35DD74DC2AD1FFCAEEA4C9FA27DBB7DBEF005092241880AD
SHA-512:	3246AA49A35FF3950548E89CECD95B867A6825018208483688FA8C9B4FDB8EB05380B4E3D3538DA0C2D1BD2C44D6F26E347B2AC502F874B068C618AE22ADD929
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/videojs/videojs-hls-quality-selector.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/*.. videojs-hls-quality-selector.. * @version 1.1.1.. * @copyright 2020 Chris Boustead (chris@forgemotion.com).. * @license MIT.. */...video-js.vjs-hls-quality-selector{display:block}..

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Category:	downloaded
Size (bytes):	18536
Entropy (8bit):	7.986571198050597
Encrypted:	false
SSDEEP:	384:IhocXmE6eM871P7td/mcOKA454H2orQEONKrOqxw:f6WeL1P//9D54WCCKc
MD5:	8EFF0B8045FD1959E117F85654AE7770
SHA1:	227FEE13CEB7C410B5C0BB8000258B6643CB6255
SHA-256:	89978E658E840B927DDDB5CB3A835C7D8526ECE79933BD9F3096B301FE1A8571
SHA-512:	2E4FB65CAAB06F02E341E9BA4FB217D682338881DABA3518A0DF8DF724E0496E1AF613DB8E2F65B42B9E82703BA58916B5F5ABB68C807C78A88577030A6C2058
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......Hh..........H..............................Z..\|.`..J.T..<.....H..U..Z...x.6.$..0. ..t. ..I....p.0.VU.......1....AQ...d..x.....R..4.-.c..C$fUc.c..IX..@..~g.xs.....%...O...eJ.w..U.\|.......%..{.......U+..T#.S......`.n.....V.w.4..~P"..zk.%..../........=3...F.........V.FL..;Bc.........A.Uk.U1.b!Y.BH.DL...s.s...F.m.9a..GJ..1..#.`m5..DI..X5#.........B.Akm.....&..0...{.L.....G......-(.......O4.@3....=......f..l...$.....j..NO...e.Y.tJ2J>F.(.c....08..e...~....D2S7s:.G'Gm........!.7.........r.c.`,.....~.).......c>1.......Y.g2^...T-1.7./r./....>...g.ov@u.?.U.+._...'M..,.,g....!g..9."..yBF.#r+.Ps...%.d=....U...5.b.$:`.4R.II.<A....Q)....e...k.....M.8.z....+.....5}..F........F.d._...].~-](.Lf....Y..W....;-z...;. .@x._v../.%UIm....=s...P.C....G...^..Q.!g.!b._.P....at..?.}....t.z...O(..Y6..R.2.X....k.R..K.gw(.F.K?m..R...7....dj..7. .r.U..be.4......8.].w.B..B......Y..:..8.N..U...NEm...\.^q..f}.......{..6.". ...y-.Y...N.+.M E..`......R.$T

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C source, ASCII text, with very long lines (65103)
Category:	downloaded
Size (bytes):	209939
Entropy (8bit):	5.366006952026174
Encrypted:	false
SSDEEP:	3072:1P6RsHIwj0PdUgdbs8kvdYkODdlm9AZoZXs+eSc:1msHIxHMvd8dtZoZDc
MD5:	FA4C76A7FDE62B18054CF7EB8E946012
SHA1:	B20150066A879D2B78DD3D4908F4ACD148EE66F8
SHA-256:	09EBD7F407439990AAC227E70DA23E1A819E8E30282928E324370805F480BEC4
SHA-512:	D72F5D078675C7ADBF6BFC1980712542A10668AEC9163137A2EC70A5E117F8FFDD0F06A6C4C6636E35C04F2754F33D40C65C59D452AFAA8EA4A382F24F200ABD
Malicious:	false
Reputation:	low
URL:	https://s.go-mpulse.net/boomerang/VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW
Preview:	/. Copyright (c) 2011, Yahoo! Inc. All rights reserved.. * Copyright (c) 2011-2012, Log-Normal, Inc. All rights reserved.. * Copyright (c) 2012-2017, SOASTA, Inc. All rights reserved.. * Copyright (c) 2017, Akamai Technologies, Inc. All rights reserved.. * Copyrights licensed under the BSD License. See the accompanying LICENSE.txt file for terms.. /./ Boomerang Version: 1.720.0 b17966bb92f8ac2ddcda4ac1d9c0aaea6d2eda7b */..BOOMR_start=(new Date).getTime();function BOOMR_check_doc_domain(e){if(window){if(!e){if(window.parent===window\|\|!document.getElementById("boomr-if-as"))return;if(window.BOOMR&&BOOMR.boomerang_frame&&BOOMR.window)try{BOOMR.boomerang_frame.document.domain!==BOOMR.window.document.domain&&(BOOMR.boomerang_frame.document.domain=BOOMR.window.document.domain)}catch(t){BOOMR.isCrossOriginError(t)\|\|BOOMR.addError(t,"BOOMR_check_doc_domain.domainFix")}e=document.domain}if(e&&-1!==e.indexOf(".")&&window.parent){try{window.parent.document;return}catch(t){try{document.doma

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (649)
Category:	dropped
Size (bytes):	35621
Entropy (8bit):	5.295509211639803
Encrypted:	false
SSDEEP:	768:YpoGP8fyk6qp0G9Pw6i6e/I93mobSy2HO:TFf95pP3e/I9mobEO
MD5:	9796344F4E37235E2F8488CAFC180596
SHA1:	09D558DAD176369D61BA50B194076F50234A00E4
SHA-256:	3121C235AA8C80FEED4397B14B88C1FFFC6B235F202A2589BB14A935083B28E1
SHA-512:	3D29606FE7B32E09A8DC22444DFD7CFC9BB9D5A47A2FDAF3050550A4DD95E68B112C9BEC1D95FBDE086250BFD7FCC696C6DFF4BBFD7A618A84C3D1C3CEB828C6
Malicious:	false
Reputation:	low
Preview:	(function(p,f){"function"===typeof define&&define.amd?define(["jquery"],function(z){return f(z)}):"object"===typeof module&&module.exports?module.exports=f(require("jquery")):f(p.jQuery)})(this,function(p){(function(f){function z(a){f.each([{re:/[\xC0-\xC6]/g,ch:"A"},{re:/[\xE0-\xE6]/g,ch:"a"},{re:/[\xC8-\xCB]/g,ch:"E"},{re:/[\xE8-\xEB]/g,ch:"e"},{re:/[\xCC-\xCF]/g,ch:"I"},{re:/[\xEC-\xEF]/g,ch:"i"},{re:/[\xD2-\xD6]/g,ch:"O"},{re:/[\xF2-\xF6]/g,ch:"o"},{re:/[\xD9-\xDC]/g,ch:"U"},{re:/[\xF9-\xFC]/g,.ch:"u"},{re:/[\xC7-\xE7]/g,ch:"c"},{re:/[\xD1]/g,ch:"N"},{re:/[\xF1]/g,ch:"n"}],function(){a=a?a.replace(this.re,this.ch):""});return a}function p(a){var c=arguments,b=a;[].shift.apply(c);var e,d=this.each(function(){var a=f(this);if(a.is("select")){var d=a.data("selectpicker"),k="object"==typeof b&&b;if(!d)d=f.extend({},l.DEFAULTS,f.fn.selectpicker.defaults\|\|{},a.data(),k),d.template=f.extend({},l.DEFAULTS.template,f.fn.selectpicker.defaults?f.fn.selectpicker.defaults.template:{},a.data().t

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (748)
Category:	downloaded
Size (bytes):	36807
Entropy (8bit):	5.232706068105287
Encrypted:	false
SSDEEP:	384:ACRBjtvIid2F9n9tfMf2aij67ctzZriOMNa28y64Vg3q0EsFXtVLdn9p8PIgYhcV:1dIcAerX8B8own6O
MD5:	7F54B32A32DCE3EA29AE0D5AFF673B13
SHA1:	9BA89A46809981C52F3C6CBD86A7140523EFCA0A
SHA-256:	688688ADE3C9A689288A4B947C6183465187D53E5B86A8EB900345DDB8066100
SHA-512:	52657E29F8143BBBF5FD8B288169292F95A32C4429A226957D9AB37D427EE9219142AD4675F9BDB9AA53189D6903B909C321260973267974DB54981ABF7CD739
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/bootstrap-datetimepicker.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	(function(f,d){if("function"===typeof define&&define.amd)define(["jquery","moment"],d);else if("object"===typeof exports)d(require("jquery"),require("moment"));else{if(!jQuery)throw Error("bootstrap-datetimepicker requires jQuery to be loaded first");if(!moment)throw Error("bootstrap-datetimepicker requires moment.js to be loaded first");d(f.jQuery,moment)}})(this,function(f,d){if("undefined"===typeof d)throw Error("momentjs is required");var S=0,L=function(T,y){var L=f.fn.datetimepicker.defaults,.U={time:"icon icon-recent",date:"icon icon-calendar",up:"icon icon-chevron-up",down:"icon icon-chevron-down"},a=this,H,p=function(){var b;if(a.isInput)return a.element;b=a.element.find(".datepickerinput");if(0===b.length)b=a.element.find("input");else if(!b.is("input"))throw Error('CSS class "datepickerinput" cannot be applied to non input element');return b},V=function(){var b;b=a.element.is("input")?a.element.data():a.element.find("input").data();void 0!==b.dateFormat&&(a.options.format=b.d

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (552)
Category:	downloaded
Size (bytes):	22379
Entropy (8bit):	5.360376748881115
Encrypted:	false
SSDEEP:	384:ubybynNjlSDJ18UsdQCOMtPhP22+NP0T03fn9fSdt4qPUbuVc:N+qj8UseMYJ0T03fn9fSdt4qPGF
MD5:	D0F0CF6A6011DA7DFACC3A2EE8761441
SHA1:	DA702E6FD7933BC242D0E5673BF45239BD8530A9
SHA-256:	584FA1A7A31CC6491BD14CDEA329B0E9CDB82E21F05AAE3D057C4A6E648690BC
SHA-512:	CB5046DB6BC8ABB7D721009F1E64A4E912BF09DD235F367B0DB8C5023C624386494576AAE1ABBB2EC9AC8515EAF94E9B9EBB638EB4DF43632D951880658660DA
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/jquery.history.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	"object"!=typeof JSON&&(JSON={});.(function(){function c(b){return 10>b?"0"+b:b}function r(e){return b.lastIndex=0,b.test(e)?'"'+e.replace(b,function(b){var e=g[b];return"string"==typeof e?e:"\\u"+("0000"+b.charCodeAt(0).toString(16)).slice(-4)})+'"':'"'+e+'"'}function l(b,c){var m,a,g,h,k=e,f,d=c[b];d&&"object"==typeof d&&"function"==typeof d.toJSON&&(d=d.toJSON(b));"function"==typeof q&&(d=q.call(c,b,d));switch(typeof d){case "string":return r(d);case "number":return isFinite(d)?String(d):"null";case "boolean":case "null":return String(d);.case "object":if(!d)return"null";e+=p;f=[];if("[object Array]"===Object.prototype.toString.apply(d)){h=d.length;for(m=0;m<h;m+=1)f[m]=l(m,d)\|\|"null";return g=0===f.length?"[]":e?"[\n"+e+f.join(",\n"+e)+"\n"+k+"]":"["+f.join(",")+"]",e=k,g}if(q&&"object"==typeof q)for(h=q.length,m=0;m<h;m+=1)"string"==typeof q[m]&&(a=q[m],g=l(a,d),g&&f.push(r(a)+(e?": ":":")+g));else for(a in d)Object.prototype.hasOwnProperty.call(d,a)&&(g=l(a,d),g&&f.push(r(a)+(e?"

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	6713
Entropy (8bit):	5.395631992451415
Encrypted:	false
SSDEEP:	192:ANOQNNNiNk3XNPN4qNY4NX7NCNRNS3sNEN4NNiNU1NHNUN13eN/NDTNl:uOeD4CdFRPXBYHAaCu4U7tyF0VVl
MD5:	D0042E52F385FB97BCC74CBC95FE2C9D
SHA1:	DD5809C7F7B9FADC5A1B417C5517519F858BBEB2
SHA-256:	6064383CB1F63B285D9A999140DF0B97D3B05ECEE7E5728905B751F1C99AEC0F
SHA-512:	7B936AB6FCF47B031A00EAF62B5D9CBB292DDA63D40456B5EFB6EC2030B1E0AAF9B1F41B50F65DC335DC1A6A8D2E4779C57A898E5092EC46D612B4CD21B171E9
Malicious:	false
Reputation:	low
URL:	"https://fonts.googleapis.com/css?family=Roboto:400,500,700"
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu72xKOzY.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7mxKOzY.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2) format('woff2');. unicode-range: U+0370-0377

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (525)
Category:	downloaded
Size (bytes):	4165
Entropy (8bit):	5.458306566929322
Encrypted:	false
SSDEEP:	96:OV2oYAnXeEASj8RmIIbK2EDlqCSPsLNdNNT7NJBbMB:OEk9j8RmlbK2UlqxkhbNPpbMB
MD5:	618BF62B3A337A3BDF1A23F76F9EB710
SHA1:	EA45F54D607029B2641AB3599569F3528699F56D
SHA-256:	690DDD7106974D6BA2B85946981EE7E0791EA4E8979A592BCB99CBB3F94839D9
SHA-512:	3649A8B04167DD6354649B31211A02782483CD3B5A55EAED0A08B8E91D63051E712EB10F3E0A909BF5FFE4A0DBEB5083AF8DE95DB9342C39AB35495EA61A4502
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/browserState.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if(!BrowserState)var BrowserState={};BrowserState.isLocalStorageNameSupported=function(){var c=window.sessionStorage;try{return c.setItem("test","1"),c.getItem("test"),c.removeItem("test"),!0}catch(a){return!1}};.BrowserState.getUrlParameter=function(c,a){-1!=navigator.appVersion.indexOf("MSIE")&&-1<c.indexOf("#")&&(firstIndexPathUrl=c.split("#")[0],c=c.split("#")[1],-1<firstIndexPathUrl.indexOf("?")&&-1>=c.indexOf("?")&&(c=firstIndexPathUrl+c));c.indexOf("#")==c.length-1&&(c=c.substr(0,c.length-1));if(-1<c.indexOf("?")){var b=c.split("?")[1];if(void 0!=b&&(b=b.split("\x26"),void 0!=b))if("MAP"==a){var d=b.length,e={},f=!1;for(i=0;i<d;i++){var g=b[i].split("\x3d");"_suid"!=g[0]&&""!=g[0]&&(f=!0,e[$j.trim(b[i].split("\x3d")[0])]=.$j.trim(b[i].split("\x3d")[1]))}if(f)return e}else if("ARRAY"==a)return b}};BrowserState.getUrlParameterArray=function(c,a){var b=BrowserState.getUrlParameter(c,"ARRAY");if(void 0!=b){if(void 0==a\|\|""==a)return b;var d=b.length,e=[];for(i=0;i<d;i++)-1<b[i].inde

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (528)
Category:	dropped
Size (bytes):	7788
Entropy (8bit):	5.220554596844955
Encrypted:	false
SSDEEP:	192:6Jj+A4nFj2stpaj2j/YcCAGHMGQRTPx7BfwBu5QI:6J14nFjzpajg/BCUGQFZ7BfwBu5QI
MD5:	68425596EA84540ED58F06421A7DBB46
SHA1:	A768605A25882B2B82E04520A1BB9264ADD3F1EB
SHA-256:	3649CA3797FF3449B162F115054574535878BF91B449A95FDBB9EB245D5A60BB
SHA-512:	59568019169973E4B2B0DEE7F41EF9F42F53B964186701AE71D24546C6170F01C4756798189DE16953A191984A638A3967C35FCA25B9505A723B63775C4C03A2
Malicious:	false
Reputation:	low
Preview:	function FastClick(a,b){function c(a,b){return function(){return a.apply(b,arguments)}}var d;b=b\|\|{};this.trackingClick=!1;this.trackingClickStart=0;this.targetElement=null;this.lastTouchIdentifier=this.touchStartY=this.touchStartX=0;this.touchBoundary=b.touchBoundary\|\|10;this.layer=a;this.tapDelay=b.tapDelay\|\|200;if(!FastClick.notNeeded(a)){for(var g="onMouse onClick onTouchStart onTouchMove onTouchEnd onTouchCancel".split(" "),f=0,h=g.length;f<h;f++)this[g[f]]=c(this[g[f]],this);deviceIsAndroid&&.(a.addEventListener("mouseover",this.onMouse,!0),a.addEventListener("mousedown",this.onMouse,!0),a.addEventListener("mouseup",this.onMouse,!0));a.addEventListener("click",this.onClick,!0);a.addEventListener("touchstart",this.onTouchStart,!1);a.addEventListener("touchmove",this.onTouchMove,!1);a.addEventListener("touchend",this.onTouchEnd,!1);a.addEventListener("touchcancel",this.onTouchCancel,!1);Event.prototype.stopImmediatePropagation\|\|(a.removeEventListener=function(b,c,d){var e=Node.prot

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (64394), with CRLF line terminators
Category:	dropped
Size (bytes):	255084
Entropy (8bit):	5.160386686458492
Encrypted:	false
SSDEEP:	3072:UDa8LPLGI9fB8NnODpEujVHUc9koNRppuzGvStCAvuBFak8J3:eLjv9u4VxvLo1
MD5:	E1BF7600D8C5AC51C115D942BEB026F5
SHA1:	C2DF488EBEEAF00B1612C657025460362D429943
SHA-256:	1B4C820B2ACE35A7E3A10BEB67B98B9AFF7C6BB953D700DCEFDF2517232FF869
SHA-512:	AD0B3316B1D248926E7E12956690936A5CBF7B0671E0E01EEFF6D9D6909B372D4F9F174993F39A2A8C727A4F83AEDC7357A6131AE808ABF2531597D6FC803878
Malicious:	false
Reputation:	low
Preview:	/! jQuery UI - v1.13.2 - 2022-11-09.. http://jqueryui.com..* Includes: widget.js, position.js, data.js, disable-selection.js, focusable.js, form-reset-mixin.js, jquery-patch.js, keycode.js, labels.js, scroll-parent.js, tabbable.js, unique-id.js, widgets/draggable.js, widgets/droppable.js, widgets/resizable.js, widgets/selectable.js, widgets/sortable.js, widgets/accordion.js, widgets/autocomplete.js, widgets/button.js, widgets/checkboxradio.js, widgets/controlgroup.js, widgets/datepicker.js, widgets/dialog.js, widgets/menu.js, widgets/mouse.js, widgets/progressbar.js, widgets/selectmenu.js, widgets/slider.js, widgets/spinner.js, widgets/tabs.js, widgets/tooltip.js, effect.js, effects/effect-blind.js, effects/effect-bounce.js, effects/effect-clip.js, effects/effect-drop.js, effects/effect-explode.js, effects/effect-fade.js, effects/effect-fold.js, effects/effect-highlight.js, effects/effect-puff.js, effects/effect-pulsate.js, effects/effect-scale.js, effects/effect-shake.js, effects/ef

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (842)
Category:	dropped
Size (bytes):	91535
Entropy (8bit):	5.249360922341225
Encrypted:	false
SSDEEP:	768:VAmGqPrf7Kqcxqq8P5WqIqBk327WgW76LI2YgAULfU0UYG8u/oRZckBPN8a6ZOPA:VrRjAULy6ZcA0jdWduG6B3
MD5:	37FBEDBD27C033A0E884B69A9DD2AAF8
SHA1:	B5B65BC4FADC8C62CBBCF95FCD91AF324CE01074
SHA-256:	2E4F75F4C9D565F53638856ABF9F935E343EA0A5BD2BF92F44A727EC467708CD
SHA-512:	7129C658D31010A0541DEBE269463C2FFE2E3AFE99802D3CB923E311D122ADE65ED2DBE51ECF3BE43658D8C7A0F8C671D048E46A4CC4DBB8D6A43D74285770AA
Malicious:	false
Reputation:	low
Preview:	var $j=jQuery.noConflict(),windowWidth=$j(window).width(),windowHeight=window.innerHeight?window.innerHeight:$j(window).height(),is_touch_device=/android\|webos\|iphone\|ipad\|ipod\|blackberry\|iemobile\|opera mini/i.test(navigator.userAgent.toLowerCase()),is_ipad=/ipad/i.test(navigator.userAgent.toLowerCase()),is_iphone=/iphone/i.test(navigator.userAgent.toLowerCase());.function setWrapperSpaceminHeight(){var b=0,a=0;setTimeout(function(){a=$j(".breadCrumbNav").height()+$j(".header").outerHeight(!0)\|\|0;b=-1!=navigator.appVersion.indexOf("MSIE 8")?$j("body").hasClass("fullScreenMode")?$j(".header").outerHeight(!0)+$j(".footer").outerHeight(!0)+parseInt($j(".mainSection .container-fluid").css("padding-top"))+parseInt($j(".mainSection .container-fluid").css("padding-bottom")):a+$j(".footer").outerHeight(!0)+parseInt($j(".mainSection .container").css("padding-top"))+.parseInt($j(".mainSection .container").css("padding-bottom")):$j("body").hasClass("fullScreenMode")?$j(".header").outerHeight(!0)+

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
Category:	downloaded
Size (bytes):	18596
Entropy (8bit):	7.988788312296589
Encrypted:	false
SSDEEP:	384:h5D5WUhNanar/Z19V6iGCYIqoPfHwfr13GPgqbrxremyFKKWB:h/NaOrBGCYIBPfQD1xqPhl
MD5:	C83E4437A53D7F849F9D32DF3D6B68F3
SHA1:	FABEA5AD92ED3E2431659B02E7624DF30D0C6BBC
SHA-256:	D9BADA3A44BB2FFA66DEC5CC781CAFC9EF17ED876CD9B0C5F7EF18228B63CEBB
SHA-512:	C2CA1630F7229DD2DEC37E0722F769DD94FD115EEFA8EEBA40F9BB09E4FDAB7CC7D15F3DEEA23F50911FEAE22BAE96341A5BACA20B59C7982CAF7A91A51E152F
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Preview:	wOF2......H...........H=................................\|.`..J.H..<........>..Z...x.6.$..0. ..~. ..)...%.m..t.D<...U.c....D....@........@e..a..R./<...p..q..q....S<.nm...X..(ER....e.....O.?Q_..FYH......ml.E..?;X0>.f.Y.,.n.a...._h8c.006U.cS..3.m.Or..I9..5.;.=..'!..c.O...W.K..f....k..&Xq..Y?.r...%.S..y.:q.......uD.d.R..'..Q,L.... e`..=?.{...e%{.....3+$.....NkF2...... ._}..2]....,.F.u.S4O.~w).G..../]}6.nVwKj.h@........5.7P....i..r........U?.........q..Cm......g...\.zu.....P..\|....5G$...4k$..L..g..".y..?..6...O...e..@..0TYh..v........M.....#B...O.i.G$.Bq..m.A.s~...A...c.....25K.....B..<..w.A....G.O...A......A,y"q....q<....N..{Ta..!.\|vzo.;9.5>.>....7I.i.Ld.4..y...].g.....'m_(...O-..}.K.(....R..2.q.z9.D..]..$.#$.:x..:{..m.OF...K[J. ......lpH.#%V....4.;l.<..J.6.T..a...I..\|..zj.k.-...y...#..e.1,s....<.HX.....z{L....'.$. "..tY..m.<.\8P. a.......x.W\.b.%...RA.\.... M.......v1......#...............`.c..%.Nc.d.qP.68....$<.O.S_7...U.].jn>@.3.c..wO..>.>a.qg....\..kb.

Chrome Cache Entry: 169

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 350 x 97, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	14683
Entropy (8bit):	7.980524638471162
Encrypted:	false
SSDEEP:	384:X1aAbibmAE9VH3hP+JTil6m0Nb7jmc09JTJ:X1lbiNE9BYDmU/10HTJ
MD5:	64F4F3EA7E811F232FBDCD30D6C72A86
SHA1:	B107B2FC564F40BA25A8F870C0CABE416DE8DD87
SHA-256:	C8E02AB8522B91BD020AF019D716E1B617E89CB9DEDD9C1B1ED94B90F1D9562D
SHA-512:	E89082542F730520AA94E8A571E2E5D07FBB1C95060FD48973DB620257968A4810F32DCCAFAA1808CD0F7E295F4DF16D5D7E41CA431386E243D98DCC73E1E085
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...^...a.......^.....sRGB...,.....pHYs...t...t..f.x..9.IDATx..i...u&\..Ta..@....n...LY.lE..(vb...Nf2.g..-..H....9.....\|q2Y.q<..E..K.VR.DQ\{_.@7..P{..IQ...&.-.S..A.]xkA..}.}.}_b.!...6..J..'}.6l..aS...6Z....6l..M.6l.h...l...65.a..lj.a.F...`.........-`S...6Z....6l..M.6l.h...l...65.a..lj.a.F..c.`4=......z...6n...5$\..J..<'#:b...).DY..yH..>.p4L!.T......k......t....N....N^...V...j.'U.@h..9~.....DQ. d.U..Z.NLN..y.0p.T...0<....T...:...4[S.qs.E...@..4B.V...9.S..EV..!....:9Q.......PGWWW.3.t8q.kx.(......l&#..5.&........l.:!.....!v.D.&:t.7.[.....{.n..<A."`..qNU...........1...~._..a...\.....F.X...$.;.@)........v.\|>.".e...2..&W..\|....SK.l.<B ....{...ac=>IjPp......1.S.hW.x.W......i. .b.T..j/...P..J.J... .......@. %`c....PTU...B>.....-P."..@.@.3.,..?.mfs.S.N~..Y.Z.....Z.D...^..6.\|b.P&...8....}.G.x..P(.q\|.ZI.3.tzaa.T*...UU@..,..y....`.e..AuC.1..(..uQ.DI..\|....k.Z.X(,-.%.+........q.........ggfO...b!.gh... .84...&6l.=...A$.U..]._.].P.s{.....p.\)

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Algol 68 source, ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	180287
Entropy (8bit):	4.518005361688447
Encrypted:	false
SSDEEP:	1536:OMu76JH0L3byADfaecWDG4lp6gm8c7vWQ7ACuTT8F8fwMkAEpsI+l1pDu361PHQF:OMu76JYmOllp6gjkA0sI+l1plPHTIpb
MD5:	C4713DBA77CD859337023FA456E957DB
SHA1:	3793BEC9F3DE05162CDDE84A4839F9715D14B0D8
SHA-256:	954BD2F6BC7E7BC568875886DA054248861F6B2B61503C4BDE068C6FB86C35C9
SHA-512:	278B776257348625D709E623367D634D765A96117C7A6EF90F7D02C0CFB2C7138039EA7DDCAE29C86F33091BE8FDFA92CA6CC20650C06C6B055972458CA2B851
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/moment_new.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	//! moment.js..//! version : 2.29.4..//! authors : Tim Wood, Iskren Chernev, Moment.js contributors..//! license : MIT..//! momentjs.com....;(function (global, factory) {.. typeof exports === 'object' && typeof module !== 'undefined' ? module.exports = factory() :.. typeof define === 'function' && define.amd ? define(factory) :.. global.moment = factory()..}(this, (function () { 'use strict';.... var hookCallback;.... function hooks() {.. return hookCallback.apply(null, arguments);.. }.... // This is done to register the method called with moment().. // without creating circular dependencies... function setHookCallback(callback) {.. hookCallback = callback;.. }.... function isArray(input) {.. return (.. input instanceof Array \|\|.. Object.prototype.toString.call(input) === '[object Array]'.. );.. }.... function isObject(input) {.. // IE8 will treat undefined and null as object if it wasn't fo

Chrome Cache Entry: 171

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (576)
Category:	dropped
Size (bytes):	5748
Entropy (8bit):	5.441096209962554
Encrypted:	false
SSDEEP:	96:XhR/syc2UsOdczDNMFVnvZLoKPKolKPKkgZKgV77hGAHWBPXw:XhREyc/f5cAd3
MD5:	7F091B7127244E99D741FEA29F684FA4
SHA1:	83FB76B362BBA09B008CB25CA45D9129F3AFC58C
SHA-256:	4AC1978DBD194EAFD6449B8525810CC93165D8CB7E192AEEBA4691F7E647C5A7
SHA-512:	42A0B88A3E70A985BE9A2EC6B152354D1253097E8B8575499E18F841787FFA42FC379892E2FF28C38A578E130B273FDFCAA6279CBEADC64261B03F7165B91A7C
Malicious:	false
Reputation:	low
Preview:	if(!DragAndDropCommonCollection)var DragAndDropCommonCollection={};DragAndDropCommonCollection.moreLinkExpand=function(a,b,c){""!=a&&""!=b&&(document.getElementById(a).style.display="inline",document.getElementById(b).style.display="none");c&&CollaborateCommon.trackBehaviour(c,"Expansion of More");ModalCenterPosition()};.DragAndDropCommonCollection.unBindDragAndDropForActivity=function(a,b){if(-1==navigator.appVersion.indexOf("MSIE 9")&&-1==navigator.appVersion.indexOf("MSIE 8")){$j(document).off("keyup.mulSelComp");var c=$j("#"+a);$j("#"+b);c.off("dragenter.mulSelComp");c.off("dragover.mulSelComp");c.off("dragleave.mulSelComp");c.off("drop.mulSelComp")}};.DragAndDropCommonCollection.bindDragAndDropForActivity=function(a){var b=GriffinCommon.gethtml5uploadJsArray();b.push(GriffinCommon.getCanvasToBlobMinJsJson());b.push(GriffinCommon.getloadImageAllMinJsJson());b.push(GriffinCommon.getJqueryFileuploadImageJsJson());GriffinCommon.loadJsFilesSequentially(b,0,function(){if(-1==navigator.a

Chrome Cache Entry: 172

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (717)
Category:	dropped
Size (bytes):	13084
Entropy (8bit):	5.444958659979546
Encrypted:	false
SSDEEP:	384:AHO/tpTR+dw3uYEyk5WH+R5Y9faN8Mr3MZy9MtwKy8Nzz63b6KK79wY3Py8y+tKT:AHMtZgdw3nEymWeRO9faN8M3MZy9MtwN
MD5:	5DD3C189D32F6FB0F9A6C5E86A58F5D2
SHA1:	2B5AFAE8C036C7D4B5DF37363D58C8CA061206B9
SHA-256:	0F2FB428B2CAE9A1A7E0EADE62DD7B1998F7A2F58E0DFE09B5EFBA6F7F778510
SHA-512:	9FAB6DFCEE4C60EA83D3A7E4CA006C6D434185A2D3A68852A929376430E683D4E65A37C17CEB08D60FE3E774FA7075FA2410DF88E547DDE4B40E1B99E696646A
Malicious:	false
Reputation:	low
Preview:	if(!viewImageModalCollection)var viewImageModalCollection={};.viewImageModalCollection.getModalHtml=function(b,a,c){c='\x3cdiv class\x3d"pull-left visible-xs visible-sm margLeft12 margTop2 absoluteDiv"\x3e\x3cbutton data-toggle\x3d"dropdown" class\x3d"btn dropdown-toggle errorElement" type\x3d"button" aria-expanded\x3d"false"\x3e\x3cspan class\x3d"caret"\x3e\x3c/span\x3e\x3cspan class\x3d"TruncateTxt" id\x3d"selectDropdownForOverviewAndDetailID"\x3e'+GriffinCommon.getResourceBundledProperty("wiki.infomodal.overview")+'\x3c/span\x3e\x3c/button\x3e\x3cul class\x3d"dropdown-menu pull-left setHeightDrop"\x3e\x3cli\x3e\x3ca href\x3d"#" onclick\x3d"viewAdeptolModalCollection.showHideLeftRightPanel(this); return false;"\x3e'+.GriffinCommon.getResourceBundledProperty("wiki.infomodal.overview")+'\x3c/a\x3e\x3c/li\x3e\x3cli\x3e\x3ca href\x3d"#" onclick\x3d"viewAdeptolModalCollection.showHideLeftRightPanel(this); return false;"\x3e'+GriffinCommon.getResourceBundledProperty("qa.text.Details")+'\x3

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	dropped
Size (bytes):	1150
Entropy (8bit):	4.988986771587395
Encrypted:	false
SSDEEP:	24:m8Ywh/kZy5ztJ/SIQsvDqfgvP8/uUXN8oHaRODY2S:tkghY6D2gveVHaU
MD5:	5EB79603256264B91B42AC3EF9601DB6
SHA1:	B4C96EA71B41B51313596280BB9933C3FC2E5485
SHA-256:	6384E8CABA454356B07B87FFA8B5FED94D302126018EA8C0CECDDD560A99DF36
SHA-512:	D98B32C7CDCFD92579EC3C3EB306AF822E7FCC008DDFA6DE415B87E0CB7DFA05547B87F314D79F6255C5FEA8540F03A46045EF6A315C119B23506C96BE079195
Malicious:	false
Reputation:	low
Preview:	............ .h.......(....... ..... ..................................................................................................................................................................................................................................................................................................................................................................................~..}{..zw}.trx.gek.bag.........................................................................................................................d_b._\`.................................................................................................................................................................................................................................................LMX.........................................................................................................................................qot...........................................................

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (588)
Category:	dropped
Size (bytes):	224979
Entropy (8bit):	5.411360043971814
Encrypted:	false
SSDEEP:	1536:7tFhUhQhLIwVn0OO4esuCsGlsOngVBlMAlrAqMYmMOajnVCoC2:VRWan0OO4E3G5nkn1MYmMqoC2
MD5:	4C88E516AEC4E336FB47AA718B5892CE
SHA1:	016A2CDCAF0BFD56EAA3C7384EDD8CFC384D512C
SHA-256:	800EDBC40A6A4548922FE53CFDD48E24EF4D6A18663F519E7CAD358D2F863731
SHA-512:	D5F1FEF6AD2C12E678738A281CAA5E2659250D1A62C9A7A2596687EAED46C7748A4CECF4BAB6C23EE7975C5229380397E1917152988396B372E677D3E4E2572A
Malicious:	false
Reputation:	low
Preview:	if(!DocumentAnalysisCollection)var DocumentAnalysisCollection={};1>Object.keys(DocumentAnalysisCollection).length&&(DocumentAnalysisCollection={SYSTEM_SERVICE_CONFIGURE_MODAL_ID:"system_admin_document_analysis_service_configure_id",systemAdminManageClassifierVersion:[],saveSystemAdminManageClassifierVersion:[]});.DocumentAnalysisCollection.openEngineConfigurationModal=function(a,b){if("Microsoft"===a){var c=a+" Auto-suggest tags";DocumentAnalysisCollection.callFrom="Add";var d=[{ID:"close",TEXT:GriffinCommon.getResourceBundledProperty("ui.button.text.cancel",null),TYPE:"Cancel",FUNCTION:function(){DocumentAnalysisCollection.closeModal(DocumentAnalysisCollection.SYSTEM_SERVICE_CONFIGURE_MODAL_ID)}},{ID:"next",TEXT:GriffinCommon.getResourceBundledProperty("ui.button.text.test",null),TYPE:"PRIMARY",CLASS:"pull-right ",.FUNCTION:function(){DocumentAnalysisCollection.testConfigurationMicrosoftAI(a)}},{ID:"save",TEXT:GriffinCommon.getResourceBundledProperty("systemadmin.systemsettings.displa

Chrome Cache Entry: 175

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (552)
Category:	dropped
Size (bytes):	22379
Entropy (8bit):	5.360376748881115
Encrypted:	false
SSDEEP:	384:ubybynNjlSDJ18UsdQCOMtPhP22+NP0T03fn9fSdt4qPUbuVc:N+qj8UseMYJ0T03fn9fSdt4qPGF
MD5:	D0F0CF6A6011DA7DFACC3A2EE8761441
SHA1:	DA702E6FD7933BC242D0E5673BF45239BD8530A9
SHA-256:	584FA1A7A31CC6491BD14CDEA329B0E9CDB82E21F05AAE3D057C4A6E648690BC
SHA-512:	CB5046DB6BC8ABB7D721009F1E64A4E912BF09DD235F367B0DB8C5023C624386494576AAE1ABBB2EC9AC8515EAF94E9B9EBB638EB4DF43632D951880658660DA
Malicious:	false
Reputation:	low
Preview:	"object"!=typeof JSON&&(JSON={});.(function(){function c(b){return 10>b?"0"+b:b}function r(e){return b.lastIndex=0,b.test(e)?'"'+e.replace(b,function(b){var e=g[b];return"string"==typeof e?e:"\\u"+("0000"+b.charCodeAt(0).toString(16)).slice(-4)})+'"':'"'+e+'"'}function l(b,c){var m,a,g,h,k=e,f,d=c[b];d&&"object"==typeof d&&"function"==typeof d.toJSON&&(d=d.toJSON(b));"function"==typeof q&&(d=q.call(c,b,d));switch(typeof d){case "string":return r(d);case "number":return isFinite(d)?String(d):"null";case "boolean":case "null":return String(d);.case "object":if(!d)return"null";e+=p;f=[];if("[object Array]"===Object.prototype.toString.apply(d)){h=d.length;for(m=0;m<h;m+=1)f[m]=l(m,d)\|\|"null";return g=0===f.length?"[]":e?"[\n"+e+f.join(",\n"+e)+"\n"+k+"]":"["+f.join(",")+"]",e=k,g}if(q&&"object"==typeof q)for(h=q.length,m=0;m<h;m+=1)"string"==typeof q[m]&&(a=q[m],g=l(a,d),g&&f.push(r(a)+(e?": ":":")+g));else for(a in d)Object.prototype.hasOwnProperty.call(d,a)&&(g=l(a,d),g&&f.push(r(a)+(e?"

Chrome Cache Entry: 176

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2048), with CRLF line terminators
Category:	downloaded
Size (bytes):	42601
Entropy (8bit):	5.27741643358958
Encrypted:	false
SSDEEP:	768:hePfOzN9Jn7dQmaBKazh89J6rxtpZid+jh:TzN9l2BBKazh2UrbpZid2
MD5:	B50FA615AC8FE5621A82E223CC2CF99F
SHA1:	107FEE69A8C986C6C6DB98F975447BC73A71F601
SHA-256:	F96703A3B2EAAE5C460B18B19AE57AF29FD557DE3581A1A5DAE775B3EC6AF244
SHA-512:	B4A4754F58AE23DF408100EA9B6CD9D11B9D712FC38C15A45593A3B3665093A51DA99A5F3C8A7B375365443FFC8C4B59F775B1D9109904E26779B64224BA29BF
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/v4/datetime-autosuggest-tokenfield.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	..../obsidian.css ckeditor code formatting/../** * Obsidian style * ported by Alexander Marenin (http://github.com/ioncreature) */.hljs{ display:block;padding:0.5em; background:#282B2E}.hljs-keyword,.hljs-literal,.hljs-change,.hljs-winutils,.hljs-flow,.lisp .hljs-title,.clojure .hljs-built_in,.nginx .hljs-title,.css .hljs-id,.tex .hljs-special{ color:#93C763}.hljs-number{ color:#FFCD22}.hljs{ color:#E0E2E4}.css .hljs-tag,.css .hljs-pseudo{ color:#D0D2B5}.hljs-attribute,.hljs .hljs-constant{ color:#668BB0}.xml .hljs-attribute{ color:#B3B689}.xml .hljs-tag .hljs-value{ color:#E8E2B7}.hljs-code,.hljs-class .hljs-title,.hljs-header{ color:white}.hljs-class,.hljs-hexcolor{ color:#93C763}.hljs-regexp{ color:#D39745}.hljs-at_rule,.hljs-at_rule .hljs-keyword{ color:#A082BD}.hljs-doctype{ color:#557182}.hljs-link_url,.hljs-tag,.hljs-tag .hljs-title,.hljs-bullet,.hljs-subst,.hljs-emphasis,.haskell .hljs-type,.hljs-preprocessor,.hljs-pragma,.ruby .hljs-class .hljs-parent,.hljs-built_in,.sql .hl

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	32412
Entropy (8bit):	5.154917866834749
Encrypted:	false
SSDEEP:	768:0Q34lhN4r7Xy7xG0K88PD+X45FCOrmLZJnFS0iv6X7LRF:0QIlUr7ymPD+wFCOrGv1n
MD5:	2DE730D25D946D02526223EA678C7467
SHA1:	5C239B424415DA99FF40680141F3222A299003CB
SHA-256:	64C67A33C8E4002C793573C8D78C8914219A3E4DD54C098B93DB61A2B72AB71D
SHA-512:	10759419C3FD2523C9FCCFE7A1E83EB168C8AB534D38E79317D3D98D4B4EDD8AE14BAFF1D87A7F3CEC4DD25BFBBDA0F3A67F2F0BEEA81E0D1B755D2B1DC87B7A
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/jquery-migrate.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/!. jQuery Migrate. * Copyright OpenJS Foundation and other contributors. */.( function( factory ) {.."use strict";...if ( typeof define === "function" && define.amd ) {....// AMD. Register as an anonymous module....define( [ "jquery" ], function( jQuery ) {....return factory( jQuery, window );...} );..} else if ( typeof module === "object" && module.exports ) {....// Node/CommonJS...// eslint-disable-next-line no-undef...module.exports = factory( require( "jquery" ), window );..} else {....// Browser globals...factory( jQuery, window );..}.} )( function( jQuery, window ) {."use strict";..jQuery.migrateVersion = "3.5.2";..// Returns 0 if v1 == v2, -1 if v1 < v2, 1 if v1 > v2.function compareVersions( v1, v2 ) {..var i,...rVersionParts = /^(\d+)\.(\d+)\.(\d+)/,...v1p = rVersionParts.exec( v1 ) \|\| [ ],...v2p = rVersionParts.exec( v2 ) \|\| [ ];...for ( i = 1; i <= 3; i++ ) {...if ( +v1p[ i ] > +v2p[ i ] ) {....return 1;...}...if ( +v1p[ i ] < +v2p[ i ] ) {....return -1;...}..}..return 0

Chrome Cache Entry: 178

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (498)
Category:	downloaded
Size (bytes):	935
Entropy (8bit):	5.513990527184043
Encrypted:	false
SSDEEP:	24:Kqc/fO0fofO0bPetKq6U727eghhtp6oEU2be0ie:YOmQOoetH7KeghAob0ie
MD5:	3F6BBE9DCE3B1E832DBA294A09013DA4
SHA1:	851194F84AD0DF927F7AD498999DCB2A74561C86
SHA-256:	460DD47F9D09F9935EF74681260BEDD7A9CAE6D0A6EF9CBDA0057117EC090B32
SHA-512:	398C3ABA9187298F2A5CE6B493B3941BE61E2549FEE332F61EC820976B91A186F3DD711F10A4947A6FC3A846B9B24878AB200A711B56908BCF47317B19E954BB
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/footer.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	function callTermsCondition(){window.open("termsOfUse.action?timestamp\x3d"+(new Date).getMilliseconds(),"subWindow","height\x3d700,width\x3d900,resizable\x3dyes,scrollbars\x3dyes");return!1}function callPrivacyPolicy(){window.open("privacyPolicy.action?timestamp\x3d"+(new Date).getMilliseconds(),"subWindow","height\x3d700,width\x3d900,resizable\x3dyes,scrollbars\x3dyes");return!1}.function getContactUsAdminEmails(){GriffinCommon.customAjaxSubmit({REQUEST_TYPE:"POST",REQUEST_URL:"getContactUsAdminEmails.action?"+systemProperty.CSRF_TOKEN_NAME+"\x3d"+systemProperty.CSRF_TOKEN_VALUE,FORM_DATA:{"metaData.siteID":collaborateCommon.metaDataSiteID},CACHE:"false",DATA_TYPE:"html"},function(a){0!=a.length&&(0==a.indexOf("http")\|\|0==a.indexOf("https")\|\|0==a.indexOf("ftp")?window.open(a):-1==a.indexOf("@")?window.open("http://"+a):window.location.href="mailto:"+a);return!0},null)}.function helpClickedForFooter(a,b){window.open(b)};

Chrome Cache Entry: 179

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	51
Entropy (8bit):	4.297151508884876
Encrypted:	false
SSDEEP:	3:YWMmqetEEJtZlCn:YWMm9DJt6
MD5:	60595F7368129753FC4FF67AFAB54F4C
SHA1:	01DEA04FA3E44B20C6F534647E532C12606EAFEA
SHA-256:	A4EEC15E174C5160A0145BED0138CA95594B89F5697E4C1D26BB2D8AA45975D3
SHA-512:	00D083685A0CA9A0A0F07C2DECED05FD195122066325DF4E004D4F50E20A08B658BDA9A14213DB2041409BFE33B832216C07BE01C53E1AAE890100049B87A644
Malicious:	false
Reputation:	low
URL:	"https://c.go-mpulse.net/api/config.json?key=VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW&d=kubota.highq.com&t=5782137&v=1.720.0&sl=0&si=d0e37068-9d84-4ea9-abe6-4851aaf34519-sordjb&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=918031"
Preview:	{"site_domain":"arlid:918031","rate_limited":true}.

Chrome Cache Entry: 180

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1618)
Category:	downloaded
Size (bytes):	79013
Entropy (8bit):	5.593476809556987
Encrypted:	false
SSDEEP:	1536:TKntwg4WanJdfuwP20BPVKM6QU3J+PvuC3C6jVCfM07UqFvRBUep0uWxNhPFi+Mj:cgYwP20PQd3J+33C6jk7UqFvRBUJuwoj
MD5:	F4055DCD2CA4D400430F40B8387A817A
SHA1:	8F0520014BFFE270E60EC09FEF13474AEBE32955
SHA-256:	5A217482BC6553D2465083EE9A58BABC07B7B540BD20CDB07E4D8961EE4BF7C5
SHA-512:	52B6E75B9A2BBB65A48BF124029D316EB698E1C4CE3A788051D1D1C60BCB7337B839DBD33AF7741B1EF9D80D688DEC8BC74EDF3CD7EE5425DF206743C1BADD77
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/Griffin_common_updated.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if(!GriffinCommon)var GriffinCommon={};var griffinCommonJsJson={executeAjaxCompleteHandler:!0,DEFAULT_DATE_FORMAT_FOR_JQUERY:"dd M yy",DEFAULT_DATE_FORMAT_FOR_DATEPICKER:"dd MMM yyyy",MY_SITE:"My site",MODAL_ERROR_GENERAL:"GENERAL",ACTION_MAP:{},ALERT_MESSAGE_TYPE_SUCCESS:"SUCCESS",ALERT_MESSAGE_TYPE_DANGER:"DANGER",ALERT_MESSAGE_TYPE_INFO:"INFO"},ajaxProcessCounter=0;.GriffinCommon.customAjaxSubmit=function(a,b,c,d){var e=a.REQUEST_URL,f=a.ACTION_GROUP_ID,g=!0;void 0!=a.ASYNC&&0==a.ASYNC&&(g=!1);var h=!0;if(null!=a.checkAjaxCompleteHandler\|\|void 0!=a.checkAjaxCompleteHandler)h=a.checkAjaxCompleteHandler;griffinCommonJsJson.executeAjaxCompleteHandler&&h&&window.NotificationAlertCollection&&window.NotificationAlertCollection.ajaxCompleteHandler&&(griffinCommonJsJson.executeAjaxCompleteHandler=!1,NotificationAlertCollection.ajaxCompleteHandler());void 0!=c&&null!=.c&&BrowserState.isLocalStorageNameSupported()&&(ajaxProcessCounter+=1,sessionStorage.setItem("userChangeState","TRUE"),sessio

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (717)
Category:	downloaded
Size (bytes):	13084
Entropy (8bit):	5.444958659979546
Encrypted:	false
SSDEEP:	384:AHO/tpTR+dw3uYEyk5WH+R5Y9faN8Mr3MZy9MtwKy8Nzz63b6KK79wY3Py8y+tKT:AHMtZgdw3nEymWeRO9faN8M3MZy9MtwN
MD5:	5DD3C189D32F6FB0F9A6C5E86A58F5D2
SHA1:	2B5AFAE8C036C7D4B5DF37363D58C8CA061206B9
SHA-256:	0F2FB428B2CAE9A1A7E0EADE62DD7B1998F7A2F58E0DFE09B5EFBA6F7F778510
SHA-512:	9FAB6DFCEE4C60EA83D3A7E4CA006C6D434185A2D3A68852A929376430E683D4E65A37C17CEB08D60FE3E774FA7075FA2410DF88E547DDE4B40E1B99E696646A
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/viewImageModal.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if(!viewImageModalCollection)var viewImageModalCollection={};.viewImageModalCollection.getModalHtml=function(b,a,c){c='\x3cdiv class\x3d"pull-left visible-xs visible-sm margLeft12 margTop2 absoluteDiv"\x3e\x3cbutton data-toggle\x3d"dropdown" class\x3d"btn dropdown-toggle errorElement" type\x3d"button" aria-expanded\x3d"false"\x3e\x3cspan class\x3d"caret"\x3e\x3c/span\x3e\x3cspan class\x3d"TruncateTxt" id\x3d"selectDropdownForOverviewAndDetailID"\x3e'+GriffinCommon.getResourceBundledProperty("wiki.infomodal.overview")+'\x3c/span\x3e\x3c/button\x3e\x3cul class\x3d"dropdown-menu pull-left setHeightDrop"\x3e\x3cli\x3e\x3ca href\x3d"#" onclick\x3d"viewAdeptolModalCollection.showHideLeftRightPanel(this); return false;"\x3e'+.GriffinCommon.getResourceBundledProperty("wiki.infomodal.overview")+'\x3c/a\x3e\x3c/li\x3e\x3cli\x3e\x3ca href\x3d"#" onclick\x3d"viewAdeptolModalCollection.showHideLeftRightPanel(this); return false;"\x3e'+GriffinCommon.getResourceBundledProperty("qa.text.Details")+'\x3

Chrome Cache Entry: 182

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, CFF, length 36904, version 1.0
Category:	downloaded
Size (bytes):	36904
Entropy (8bit):	7.990913780363179
Encrypted:	true
SSDEEP:	768:l2s5MtL/ynGQH1VKb3P2BJBTwCvIEorrV0PL7lPPL7vVLkIh/iignyPL4:l4Lqnj1kbmJBTwCvIrRg7LVLrMxnkL4
MD5:	4AC1E8648A02EF812D17C1E43D5AADDF
SHA1:	EB79FF1C5CB30EC1AA510EEF0820DD62DF15CBB9
SHA-256:	71E21FCB1F19EF00BFD7C9E23C3C60BE674AD62C2688998012823C5E3FE5905A
SHA-512:	B901B77BA31061377E83D186E86ADAF35979BE153C0EE654FD62125405410FC422C127810FF3D62295D06EA83FA5750C158F8107F74948A3B956F0BEEB233A22
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/fonts/Icon/highq50.woff?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	wOFFOTTO...(...............................CFF .......L...-.Z.FFTM...T........\|A.jGDEF...p....... .$..OS/2.......I...`/.M\cmap...........,.l..head...........6.2..hhea...........$.A..hmtx................maxp...,..........P.name...4........<...post........... ....x...y`[.?n)..N.....B%....%...().#a.P.Y.[v..mI^.Kw.F..%.Kvg'.).@.....G...4.....-.:z......r..\|.....sg..9s........d2...-......d.2U...s..S;.\|~u.l.>{.>..RS..G?.W.O..ir.\,g./VU...g..\.<g.y..l.x1...i.5U.V.U]Pue.UwT...X.U5PU....Z...oW.Tu..x.M.Lg...d5]jZdZj.....S....g.L.i...t..m..7L?1.o.O....b.2..s.u...7.o5.a~......2...s.<m.c>l.........h~....W...?......w...}e.W..>.y..=1o..y.y.y..6..;..y...w..\|...n._.............V}O.....^_.\.....S...W..g..W..~....c..T.[...5...Z.g.`.f.`....;...UL...t3.L.Q.<3..f.c.2.e...%...W......u.....r.Av5..6.]......f....3...E.5.-.8.!.....-....q.p_.Vrk.........Mq{..c.O..p....L.A..9.\|t...-E........P.....[...M.....x~......v...W._9.y~.\|WS.s.zGCwS...d.v.mhu.........[}..

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Algol 68 source, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	180287
Entropy (8bit):	4.518005361688447
Encrypted:	false
SSDEEP:	1536:OMu76JH0L3byADfaecWDG4lp6gm8c7vWQ7ACuTT8F8fwMkAEpsI+l1pDu361PHQF:OMu76JYmOllp6gjkA0sI+l1plPHTIpb
MD5:	C4713DBA77CD859337023FA456E957DB
SHA1:	3793BEC9F3DE05162CDDE84A4839F9715D14B0D8
SHA-256:	954BD2F6BC7E7BC568875886DA054248861F6B2B61503C4BDE068C6FB86C35C9
SHA-512:	278B776257348625D709E623367D634D765A96117C7A6EF90F7D02C0CFB2C7138039EA7DDCAE29C86F33091BE8FDFA92CA6CC20650C06C6B055972458CA2B851
Malicious:	false
Reputation:	low
Preview:	//! moment.js..//! version : 2.29.4..//! authors : Tim Wood, Iskren Chernev, Moment.js contributors..//! license : MIT..//! momentjs.com....;(function (global, factory) {.. typeof exports === 'object' && typeof module !== 'undefined' ? module.exports = factory() :.. typeof define === 'function' && define.amd ? define(factory) :.. global.moment = factory()..}(this, (function () { 'use strict';.... var hookCallback;.... function hooks() {.. return hookCallback.apply(null, arguments);.. }.... // This is done to register the method called with moment().. // without creating circular dependencies... function setHookCallback(callback) {.. hookCallback = callback;.. }.... function isArray(input) {.. return (.. input instanceof Array \|\|.. Object.prototype.toString.call(input) === '[object Array]'.. );.. }.... function isObject(input) {.. // IE8 will treat undefined and null as object if it wasn't fo

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1618)
Category:	dropped
Size (bytes):	79013
Entropy (8bit):	5.593476809556987
Encrypted:	false
SSDEEP:	1536:TKntwg4WanJdfuwP20BPVKM6QU3J+PvuC3C6jVCfM07UqFvRBUep0uWxNhPFi+Mj:cgYwP20PQd3J+33C6jk7UqFvRBUJuwoj
MD5:	F4055DCD2CA4D400430F40B8387A817A
SHA1:	8F0520014BFFE270E60EC09FEF13474AEBE32955
SHA-256:	5A217482BC6553D2465083EE9A58BABC07B7B540BD20CDB07E4D8961EE4BF7C5
SHA-512:	52B6E75B9A2BBB65A48BF124029D316EB698E1C4CE3A788051D1D1C60BCB7337B839DBD33AF7741B1EF9D80D688DEC8BC74EDF3CD7EE5425DF206743C1BADD77
Malicious:	false
Reputation:	low
Preview:	if(!GriffinCommon)var GriffinCommon={};var griffinCommonJsJson={executeAjaxCompleteHandler:!0,DEFAULT_DATE_FORMAT_FOR_JQUERY:"dd M yy",DEFAULT_DATE_FORMAT_FOR_DATEPICKER:"dd MMM yyyy",MY_SITE:"My site",MODAL_ERROR_GENERAL:"GENERAL",ACTION_MAP:{},ALERT_MESSAGE_TYPE_SUCCESS:"SUCCESS",ALERT_MESSAGE_TYPE_DANGER:"DANGER",ALERT_MESSAGE_TYPE_INFO:"INFO"},ajaxProcessCounter=0;.GriffinCommon.customAjaxSubmit=function(a,b,c,d){var e=a.REQUEST_URL,f=a.ACTION_GROUP_ID,g=!0;void 0!=a.ASYNC&&0==a.ASYNC&&(g=!1);var h=!0;if(null!=a.checkAjaxCompleteHandler\|\|void 0!=a.checkAjaxCompleteHandler)h=a.checkAjaxCompleteHandler;griffinCommonJsJson.executeAjaxCompleteHandler&&h&&window.NotificationAlertCollection&&window.NotificationAlertCollection.ajaxCompleteHandler&&(griffinCommonJsJson.executeAjaxCompleteHandler=!1,NotificationAlertCollection.ajaxCompleteHandler());void 0!=c&&null!=.c&&BrowserState.isLocalStorageNameSupported()&&(ajaxProcessCounter+=1,sessionStorage.setItem("userChangeState","TRUE"),sessio

Chrome Cache Entry: 185

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (590)
Category:	downloaded
Size (bytes):	31223
Entropy (8bit):	5.462211993052096
Encrypted:	false
SSDEEP:	768:h79FEF1lLJ8F1Nwz0D7rI+UObWGXKN4audCON5T2R2gQTzlO6a0wogpyKVdYYfra:hCTLJ8LVb6Md3a0wrycdYY+
MD5:	90D195211ADD97BC73EB0AE1804EB7F5
SHA1:	ABD9150845236C594BCF60D8E5CC16E61A233847
SHA-256:	2B7DC62496843756AE923D71B36965FC46FE060D7ED526849036ADBF3DC79C2C
SHA-512:	6E07B1EECA42AA6926BAD63B9235D45B234FCCD26C27DC332780DFB5ACF36C310189CF6AF47F4CE73B4BFE43A120586EBC82C60046DA11FACC6BB3D2CAC93C81
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/griffin/CollaborateCommon_updated.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	var microblogImageUploadCounter=0,microblogTotalImages=0,collabCommon_userTimestampKey=collaborateCommon.userID+"_"+(new Date).getTime(),collaborateCommon_timerForNotificationFadeOut=0;if(!CollaborateCommon)var CollaborateCommon={};if(!SiteCommonCollection)var SiteCommonCollection={};CollaborateCommon.onload=function(){$j("#collaborateCustomMessageModal").on("shown.bs.modal",function(){$j("#collaborateMessageOkButton").focus()})};.CollaborateCommon.viewUserProfilePreview=function(a,b,c){var d=$j(a);$j("#msTeamStatusDivId").html("");0==$j("body div.userinfoDropdown").length&&$j('\x3cdiv class\x3d"userinfoDropdown" role\x3d"dialog" aria-labelledby\x3d"userNameFull'+b+'" tabindex\x3d"-1" /\x3e').appendTo("body");var e=$j(".userinfoDropdown");null!=e.attr("lastuser-id")&&e.attr("lastuser-id")==b\|\|e.html('\x3cdiv class\x3d"text-center" style\x3d"padding:72px 20px;"\x3e\x3cimg src\x3d"./images/gray-loaderbig.gif" alt\x3d"Loading..."/\x3e\x3c/div\x3e');.if(d.hasClass("active"))return $j("[dat

Chrome Cache Entry: 186

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (748)
Category:	dropped
Size (bytes):	36807
Entropy (8bit):	5.232706068105287
Encrypted:	false
SSDEEP:	384:ACRBjtvIid2F9n9tfMf2aij67ctzZriOMNa28y64Vg3q0EsFXtVLdn9p8PIgYhcV:1dIcAerX8B8own6O
MD5:	7F54B32A32DCE3EA29AE0D5AFF673B13
SHA1:	9BA89A46809981C52F3C6CBD86A7140523EFCA0A
SHA-256:	688688ADE3C9A689288A4B947C6183465187D53E5B86A8EB900345DDB8066100
SHA-512:	52657E29F8143BBBF5FD8B288169292F95A32C4429A226957D9AB37D427EE9219142AD4675F9BDB9AA53189D6903B909C321260973267974DB54981ABF7CD739
Malicious:	false
Reputation:	low
Preview:	(function(f,d){if("function"===typeof define&&define.amd)define(["jquery","moment"],d);else if("object"===typeof exports)d(require("jquery"),require("moment"));else{if(!jQuery)throw Error("bootstrap-datetimepicker requires jQuery to be loaded first");if(!moment)throw Error("bootstrap-datetimepicker requires moment.js to be loaded first");d(f.jQuery,moment)}})(this,function(f,d){if("undefined"===typeof d)throw Error("momentjs is required");var S=0,L=function(T,y){var L=f.fn.datetimepicker.defaults,.U={time:"icon icon-recent",date:"icon icon-calendar",up:"icon icon-chevron-up",down:"icon icon-chevron-down"},a=this,H,p=function(){var b;if(a.isInput)return a.element;b=a.element.find(".datepickerinput");if(0===b.length)b=a.element.find("input");else if(!b.is("input"))throw Error('CSS class "datepickerinput" cannot be applied to non input element');return b},V=function(){var b;b=a.element.is("input")?a.element.data():a.element.find("input").data();void 0!==b.dateFormat&&(a.options.format=b.d

Chrome Cache Entry: 187

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65261), with CRLF line terminators
Category:	downloaded
Size (bytes):	994410
Entropy (8bit):	4.738397453748755
Encrypted:	false
SSDEEP:	6144:XvLmWIFyZDWJwpKpvZY3DJttwZg2fqh/1HlfjizM+8J6FprVbdVWSs5lEDjLXV1Z:fK7qqVBgz6+91FldVgZ25+h+9SbxL
MD5:	48593F281783085DAC7BEA253E513AE7
SHA1:	147A22C0DA882EEA14771623624FF89B364D0822
SHA-256:	2D8EC80D9B2C2F473CF4410CD366EC0A6087B984DDC8F431720D2D96664439AB
SHA-512:	294BB917708C147A3F7CD0EB4FA96C3E4E08D98775640E00BB6B20DC963234E9708AE6AEAA7860977DEF4918B277094FC70F7287BA7B3FFA69088AAEBF5AAFD9
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/griffin/resourceBundleProperty.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267&tt=&mt=
Preview:	/******************************************************************************.. Copyright (c) 2018 or the year of first publication, if earlier, HighQ Solutions Limited or its licensors.. *******************************************************************************/..var json = '{"officeonline.fileVersion.upload.success":"Your changes have been saved and the document will be updated shortly.","thirdparty.service.document.action.receivecopy":"Receives a Copy","task.menu.label.low":"Low","linkModal.BrowseTab.systemPage.insertLinkMsg":"Click on the system dashboard list to insert a link","site.admin.users.addToGroup.selectAllBidders.label":"Select all bidders","lfs.shareditems.content.lastsharedate.title":"Last shared","document.addNewFileVersion.sql.error":"The request is not valid","userAvatar.upload.validationMessage.ypositionheight":"Please enter valid y position or height. The sum of y position and height should not exceed the actual height of an image.","template.dependency.c

Chrome Cache Entry: 188

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	610
Entropy (8bit):	5.236710524540651
Encrypted:	false
SSDEEP:	12:Y1Vn6Tt0G/OV+9Z/B0qT+FTFI8fYeW0T2EN6+JIxASkc1wX2PiID3:Y10TT/OlTpjnT2ENVJIYc1wGPiA3
MD5:	9862BDE79321CEF24763EB16E52B19B6
SHA1:	10979B087D839AE6DF4F0188F88F5EEA58C5AF6D
SHA-256:	5C699F98D716A465B35144318AFDD95CDEB6E78BFE64928A3C988BC3B98B184C
SHA-512:	4AF19E2F4D18AFD7B9CEB1DD8627764AF0A1C1D73BC601EA6D034B4ED4452FE1892AFBB3575DEA075A3A7239586E4148CDCEDA747FBE46FB3EB940F6EEDA3169
Malicious:	false
Reputation:	low
URL:	"https://c.go-mpulse.net/api/config.json?key=VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW&d=kubota.highq.com&t=5782137&v=1.720.0&sl=0&si=68e438bb-af8b-41b1-a1dc-18c076d5df97-sordiz&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=918031"
Preview:	{"h.key":"VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW","h.d":"arlid:918031","h.t":1734640959638,"h.cr":"181ce433e37a59afdc35d46d0aa2ec68bf25a676-2fa9630c-dcb5aba4","session_id":"2e16b5dd-9747-4a33-802c-9bb8f9a5937c","site_domain":"arlid:918031","beacon_url":"//0217991d.akstat.io/","autorun":true,"BW":{"enabled":false},"RT":{"cookie":null,"session_exp":1800},"ResourceTiming":{"enabled":true,"splitAtPath":true},"PageParams":{"xhr":"none","pageGroups":[],"customMetrics":[],"customTimers":[],"customDimensions":[],"urlPatterns":[],"params":true},"Akamai":{"enabled":true,"dns_prefetch_enabled":true},"user_ip":"8.46.123.0"}

Chrome Cache Entry: 189

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (386), with CRLF line terminators
Category:	downloaded
Size (bytes):	152915
Entropy (8bit):	5.071366791979467
Encrypted:	false
SSDEEP:	768:oy9zA5gDxBxOA23aTRHpD5e2omoMquiARNTNU44DMIMWTn5uBOiHcWgpAl7K2lY8:pJA5glBj24gpAccOsngRIn/J1Lenvq
MD5:	01850CF965E055481E2BD7CF9D532DA5
SHA1:	7EA2ED7CAE07CF3B3B8542DF83B026A609CECE58
SHA-256:	AEF7B89B7A63CA4A8385B05E8E575BBDD2D85EC87023A85CC4B31CF38C1DDF30
SHA-512:	E213B82013E6BA3A337680DFA62BFAD63C965697B6928457F135F43D2073A1FC1962131F6B8C7100505CB5122F6FF6575E6B733D1302820E3199D20D6539AC04
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/v4/bootstrap.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/!.. Bootstrap v3.4.1 (https://getbootstrap.com/).. * Copyright 2011-2019 Twitter, Inc... * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE).. /../! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normalize.css /..html {.. font-family: sans-serif;.. -ms-text-size-adjust: 100%;.. -webkit-text-size-adjust: 100%;..}..body {.. margin: 0;..}..article,..aside,..details,..figcaption,..figure,..footer,..header,..hgroup,..main,..menu,..nav,..section,..summary {.. display: block;..}..audio,..canvas,..progress,..video {.. display: inline-block;.. vertical-align: baseline;..}..audio:not([controls]) {.. display: none;.. height: 0;..}..[hidden],..template {.. display: none;..}..a {.. background-color: transparent;..}..a:active,..a:hover {.. / outline: 0; */..}..abbr[title] {.. border-bottom: none;.. text-decoration: underline;.. -webkit-text-decoration: underline dotted;.. -moz-text-decoration: underline dotted;.. text-decoration: underline d

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (570)
Category:	dropped
Size (bytes):	7285
Entropy (8bit):	5.336507920825121
Encrypted:	false
SSDEEP:	192:9yQNjNYve8+Yfhh5ZEAYS7LYxKCsa0gyOF:9FjNObYSncV0pS
MD5:	A37BC2F05AEEE40FE9B5E00E7AB69C4E
SHA1:	FE6347A753AC540646C57186B26DF20DCF12E76C
SHA-256:	4A6CEC5778258A2102177FFC44B3C95D2F49F069187594DEFCE2C0A5DCBF0B2B
SHA-512:	49E07ABBA8181E64AEE20E2AEB6D63BB4DD3FF2D2B94FFB529FE901DB87C616417EAF8DB30BA1DC4CE772BA438C19F0B3A1FB143FDB5DCFCB007AC59C8643605
Malicious:	false
Reputation:	low
Preview:	"undefined"!==typeof jQuery&&function(l){function A(a,b){this.defaults={maxLines:1,lineHeight:null,truncateString:"",truncateAfterLinks:!0,showText:"",hideText:"",showClass:"show",hideClass:"hide",collapsed:!0,debug:!1,contextParent:null,maxSteps:100,tooltip:!1,animate:!1,animateOptions:{complete:function(){}}};this.config=l.extend(!0,{},this.defaults,b);this.$el=l(a);if(null===this.config.lineHeight){var c=NaN,c="normal"===this.$el.css("line-height")?1.14parseFloat(this.$el.css("font-size")):-1===.this.$el.css("line-height").indexOf("px")?this.$el.css("line-height")parseFloat(this.$el.css("font-size")):parseFloat(this.$el.css("line-height"));if(isNaN(c))throw Error('No "lineHeight" parameter was specified and none could be calculated.');this.config.lineHeight=c}"inline"===this.$el.css("display")&&(null===this.config.contextParent?this.config.contextParent=B(this.$el):"inline"===this.config.contextParent.css("display")&&(this.config.contextParent=B(this.config.contextParent)));this.h

Chrome Cache Entry: 191

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	68
Entropy (8bit):	4.768483657842825
Encrypted:	false
SSDEEP:	3:tv0XCjWT3XWZNcA1MKsck9Uni:tDiXWWF9+i
MD5:	14C0E40A6E65903BF571DF0EA15AF0F8
SHA1:	BB37E002910918044C22379CED2C02AC6F6C14BD
SHA-256:	DE4EE84B155372134054BBD4A666D86C91739F47A643377D12C5F46FA6FA3534
SHA-512:	9DA9A30C3313FB4C8C4EA9DD831EA56A9B270FFFA314468AA718A77B7BD1109CA34458C8BC071C734669DE78DEDDFA8B67D390F174FED2CCE7E78D7B6DEFFBA0
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwl44CcB5Gi6WxIFDYOoWz0SBQ3OQUx6?alt=proto
Preview:	CjEKEQ2DqFs9GgQICRgBGgQIVhgCChwNzkFMehoECEsYAioPCApSCwoBIRABGP////8P

Chrome Cache Entry: 192

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (510)
Category:	dropped
Size (bytes):	941
Entropy (8bit):	5.5934011440403175
Encrypted:	false
SSDEEP:	24:qo/eK+C6uSWJju6peHSbxbkoq8wN/CPjXDTQAlG9A3ah/:l21CTTJ6LHSFbkoTwN/CPfc8g5h/
MD5:	2329E835B2F4F627A0068B1250FBB128
SHA1:	6C4CCCF50A283270095BC23310B6D1847FA2FE33
SHA-256:	ED3373C8A788A772F2A50D2BD5AA97F3DD1E3289F4454BE3837459030DCC13F8
SHA-512:	B7A36049BE902473FA85D60F855B69E4B5A6BB61B66ED809FB74C95E0C4EB8CD0DAD1B5C4507E46B56AD1B0DEC6C08814D91337001C3736C495E6429FECA47EB
Malicious:	false
Reputation:	low
Preview:	var Base64={code:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\x3d",encode:function(m,l){var e,g,f,c,h=[],k="",a,d,b=Base64.code;d=("undefined"==typeof l?0:l)?Utf8.encode(m):m;a=d.length%3;if(0<a)for(;3>a++;)k+="\x3d",d+="\x00";for(a=0;a<d.length;a+=3)e=d.charCodeAt(a),g=d.charCodeAt(a+1),f=d.charCodeAt(a+2),c=e<<16\|g<<8\|f,e=c>>18&63,g=c>>12&63,f=c>>6&63,c&=63,h[a/3]=b.charAt(e)+b.charAt(g)+b.charAt(f)+b.charAt(c);h=h.join("");return h=h.slice(0,h.length-k.length)+k},decode:function(m,.l){l="undefined"==typeof l?!1:l;var e,g,f,c,h,k=[],a,d=Base64.code;a=l?Utf8.decode(m):m;for(var b=0;b<a.length;b+=4)e=d.indexOf(a.charAt(b)),g=d.indexOf(a.charAt(b+1)),c=d.indexOf(a.charAt(b+2)),h=d.indexOf(a.charAt(b+3)),f=e<<18\|g<<12\|c<<6\|h,e=f>>>16&255,g=f>>>8&255,f&=255,k[b/4]=String.fromCharCode(e,g,f),64==h&&(k[b/4]=String.fromCharCode(e,g)),64==c&&(k[b/4]=String.fromCharCode(e));c=k.join("");return l?Utf8.decode(c):c}};

Chrome Cache Entry: 193

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (842)
Category:	downloaded
Size (bytes):	91535
Entropy (8bit):	5.249360922341225
Encrypted:	false
SSDEEP:	768:VAmGqPrf7Kqcxqq8P5WqIqBk327WgW76LI2YgAULfU0UYG8u/oRZckBPN8a6ZOPA:VrRjAULy6ZcA0jdWduG6B3
MD5:	37FBEDBD27C033A0E884B69A9DD2AAF8
SHA1:	B5B65BC4FADC8C62CBBCF95FCD91AF324CE01074
SHA-256:	2E4F75F4C9D565F53638856ABF9F935E343EA0A5BD2BF92F44A727EC467708CD
SHA-512:	7129C658D31010A0541DEBE269463C2FFE2E3AFE99802D3CB923E311D122ADE65ED2DBE51ECF3BE43658D8C7A0F8C671D048E46A4CC4DBB8D6A43D74285770AA
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/componentJS.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	var $j=jQuery.noConflict(),windowWidth=$j(window).width(),windowHeight=window.innerHeight?window.innerHeight:$j(window).height(),is_touch_device=/android\|webos\|iphone\|ipad\|ipod\|blackberry\|iemobile\|opera mini/i.test(navigator.userAgent.toLowerCase()),is_ipad=/ipad/i.test(navigator.userAgent.toLowerCase()),is_iphone=/iphone/i.test(navigator.userAgent.toLowerCase());.function setWrapperSpaceminHeight(){var b=0,a=0;setTimeout(function(){a=$j(".breadCrumbNav").height()+$j(".header").outerHeight(!0)\|\|0;b=-1!=navigator.appVersion.indexOf("MSIE 8")?$j("body").hasClass("fullScreenMode")?$j(".header").outerHeight(!0)+$j(".footer").outerHeight(!0)+parseInt($j(".mainSection .container-fluid").css("padding-top"))+parseInt($j(".mainSection .container-fluid").css("padding-bottom")):a+$j(".footer").outerHeight(!0)+parseInt($j(".mainSection .container").css("padding-top"))+.parseInt($j(".mainSection .container").css("padding-bottom")):$j("body").hasClass("fullScreenMode")?$j(".header").outerHeight(!0)+

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Dec 19, 2024 21:41:48.308170080 CET	49675	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:41:48.308274984 CET	49674	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:41:48.448759079 CET	49673	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:41:57.913157940 CET	49675	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:41:58.084971905 CET	49674	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:41:58.210001945 CET	49673	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:42:00.358454943 CET	49723	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:42:00.358486891 CET	443	49723	142.250.181.132	192.168.2.5
Dec 19, 2024 21:42:00.358678102 CET	49723	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:42:00.358906984 CET	49723	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:42:00.358920097 CET	443	49723	142.250.181.132	192.168.2.5
Dec 19, 2024 21:42:00.426850080 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:00.450345039 CET	443	49712	23.1.237.91	192.168.2.5
Dec 19, 2024 21:42:00.450520992 CET	49712	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:42:00.468653917 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:00.468708992 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:00.476047993 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:00.588335037 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:00.588387966 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:00.588557005 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:00.588567972 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:00.588704109 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:00.588736057 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:00.588886976 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:00.588932991 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:02.068115950 CET	443	49723	142.250.181.132	192.168.2.5
Dec 19, 2024 21:42:02.068479061 CET	49723	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:42:02.068490028 CET	443	49723	142.250.181.132	192.168.2.5
Dec 19, 2024 21:42:02.070135117 CET	443	49723	142.250.181.132	192.168.2.5
Dec 19, 2024 21:42:02.070202112 CET	49723	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:42:02.075093985 CET	49723	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:42:02.075180054 CET	443	49723	142.250.181.132	192.168.2.5
Dec 19, 2024 21:42:02.116149902 CET	49723	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:42:02.116164923 CET	443	49723	142.250.181.132	192.168.2.5
Dec 19, 2024 21:42:02.163003922 CET	49723	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:42:10.525732040 CET	49712	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:42:10.525820971 CET	49712	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:42:10.526237965 CET	49765	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:42:10.526288986 CET	443	49765	23.1.237.91	192.168.2.5
Dec 19, 2024 21:42:10.526391983 CET	49765	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:42:10.527292967 CET	49765	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:42:10.527309895 CET	443	49765	23.1.237.91	192.168.2.5
Dec 19, 2024 21:42:10.645473957 CET	443	49712	23.1.237.91	192.168.2.5
Dec 19, 2024 21:42:10.645523071 CET	443	49712	23.1.237.91	192.168.2.5
Dec 19, 2024 21:42:11.776869059 CET	443	49723	142.250.181.132	192.168.2.5
Dec 19, 2024 21:42:11.776937962 CET	443	49723	142.250.181.132	192.168.2.5
Dec 19, 2024 21:42:11.776999950 CET	49723	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:42:11.866503954 CET	443	49765	23.1.237.91	192.168.2.5
Dec 19, 2024 21:42:11.866589069 CET	49765	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:42:12.150331974 CET	49723	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:42:12.150351048 CET	443	49723	142.250.181.132	192.168.2.5
Dec 19, 2024 21:42:17.273833990 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:17.294369936 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:17.294466972 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:17.321042061 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:17.413961887 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:17.414124012 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:17.414218903 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:17.414285898 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:17.414359093 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:17.414491892 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:17.414520025 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:17.414551973 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.670408010 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.670469046 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.670485020 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.670519114 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.670526028 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:24.670557022 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:24.670649052 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.670665979 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.670711994 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:24.670802116 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.670818090 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.670835972 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.670856953 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:24.678967953 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.679018974 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:24.679048061 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.687339067 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.687391043 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:24.790188074 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.835561037 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:24.862978935 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.863029957 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.863091946 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:24.866791010 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:24.908015966 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:24.908046007 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:24.916109085 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:25.027643919 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.027728081 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.027889967 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.028012991 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.858442068 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.858454943 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.858532906 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:25.862274885 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.862385988 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.863369942 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:25.870671034 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.870817900 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.870899916 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:25.879367113 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.879431963 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.879497051 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:25.887537956 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.887550116 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:25.887608051 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.046286106 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.046325922 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.048646927 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.048686981 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.166012049 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.166028976 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.166042089 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.166055918 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.166070938 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.168162107 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.168294907 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.168399096 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.168514013 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.168525934 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.701277971 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.701358080 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.701423883 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.705081940 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.705219984 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.705274105 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.713030100 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.713049889 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.713094950 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.721121073 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.721286058 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.721343040 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.728976011 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.728998899 CET	443	49714	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.729042053 CET	49714	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.759650946 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.759761095 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.759816885 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.763804913 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.763904095 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.763948917 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.772237062 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.772403002 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.772449970 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.780616999 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.780772924 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.780819893 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.789099932 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.789243937 CET	443	49710	40.126.53.19	192.168.2.5
Dec 19, 2024 21:42:26.789299965 CET	49710	443	192.168.2.5	40.126.53.19
Dec 19, 2024 21:42:26.894227982 CET	49867	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:26.894257069 CET	49866	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:26.894289017 CET	443	49866	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:26.894298077 CET	443	49867	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:26.894417048 CET	49866	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:26.894417048 CET	49867	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:26.895441055 CET	49867	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:26.895457983 CET	443	49867	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:26.895487070 CET	49866	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:26.895503044 CET	443	49866	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.282232046 CET	443	49866	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.282366991 CET	49866	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.285439968 CET	49866	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.285449982 CET	443	49866	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.285689116 CET	443	49866	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.287144899 CET	49866	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.287228107 CET	49866	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.287233114 CET	443	49866	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.287508965 CET	49866	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.308173895 CET	443	49867	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.308285952 CET	49867	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.310030937 CET	49867	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.310036898 CET	443	49867	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.310372114 CET	443	49867	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.312695980 CET	49867	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.312761068 CET	49867	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.312767029 CET	443	49867	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.313066006 CET	49867	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.331343889 CET	443	49866	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.355321884 CET	443	49867	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.829603910 CET	443	49866	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.829679966 CET	443	49866	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.829770088 CET	49866	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.830044031 CET	49866	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.830058098 CET	443	49866	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.974808931 CET	443	49867	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.974916935 CET	443	49867	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.975225925 CET	49867	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.976195097 CET	49867	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:29.976212025 CET	443	49867	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:29.976224899 CET	49867	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:31.253431082 CET	443	49765	23.1.237.91	192.168.2.5
Dec 19, 2024 21:42:31.253535032 CET	49765	443	192.168.2.5	23.1.237.91
Dec 19, 2024 21:42:34.532742023 CET	49893	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:34.532782078 CET	443	49893	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:34.532886028 CET	49893	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:34.533508062 CET	49893	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:34.533523083 CET	443	49893	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:34.536314964 CET	49894	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:34.536351919 CET	443	49894	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:34.536415100 CET	49894	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:34.536928892 CET	49894	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:34.536942959 CET	443	49894	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:36.748450994 CET	443	49894	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:36.748586893 CET	49894	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:36.750983000 CET	49894	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:36.750998020 CET	443	49894	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:36.751347065 CET	443	49894	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:36.753144026 CET	443	49893	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:36.753246069 CET	49893	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:36.753458977 CET	49894	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:36.753515005 CET	49894	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:36.753520012 CET	443	49894	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:36.753640890 CET	49894	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:36.754848957 CET	49893	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:36.754864931 CET	443	49893	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:36.755589008 CET	443	49893	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:36.759813070 CET	49893	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:36.759875059 CET	49893	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:36.759881020 CET	443	49893	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:36.759996891 CET	49893	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:36.795368910 CET	443	49894	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:36.803333044 CET	443	49893	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:37.301991940 CET	443	49893	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:37.302077055 CET	443	49893	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:37.302148104 CET	49893	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:37.368340969 CET	49893	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:37.368354082 CET	443	49893	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:37.415004015 CET	443	49894	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:37.415105104 CET	443	49894	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:37.415273905 CET	49894	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:37.416594028 CET	49894	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:37.416613102 CET	443	49894	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:43.807202101 CET	49921	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:43.807239056 CET	443	49921	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:43.807324886 CET	49921	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:43.807967901 CET	49921	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:43.807985067 CET	443	49921	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:43.812026024 CET	49922	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:43.812057018 CET	443	49922	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:43.812130928 CET	49922	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:43.812699080 CET	49922	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:43.812715054 CET	443	49922	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.023241997 CET	443	49921	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.023400068 CET	49921	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.025362968 CET	49921	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.025372028 CET	443	49921	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.026134968 CET	443	49921	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.027576923 CET	49921	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.027632952 CET	49921	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.027638912 CET	443	49921	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.027723074 CET	49921	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.030591965 CET	443	49922	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.030669928 CET	49922	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.032053947 CET	49922	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.032066107 CET	443	49922	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.032391071 CET	443	49922	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.033916950 CET	49922	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.033993006 CET	49922	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.033999920 CET	443	49922	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.034096003 CET	49922	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.071336031 CET	443	49921	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.075365067 CET	443	49922	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.569996119 CET	443	49921	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.570177078 CET	443	49921	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.570276976 CET	49921	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.570477962 CET	49921	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.570489883 CET	443	49921	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.696069002 CET	443	49922	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.696235895 CET	443	49922	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:46.696309090 CET	49922	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.696652889 CET	49922	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:46.696670055 CET	443	49922	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:53.944816113 CET	49952	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:53.944844961 CET	443	49952	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:53.944911957 CET	49952	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:53.945914984 CET	49952	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:53.945930004 CET	443	49952	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:53.953566074 CET	49953	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:53.953612089 CET	443	49953	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:53.953716993 CET	49953	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:53.954621077 CET	49953	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:53.954639912 CET	443	49953	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.185595989 CET	443	49953	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.185756922 CET	49953	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.187694073 CET	49953	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.187702894 CET	443	49953	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.188468933 CET	443	49953	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.190541983 CET	49953	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.190541983 CET	49953	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.190561056 CET	443	49953	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.190764904 CET	49953	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.235332012 CET	443	49953	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.361166954 CET	443	49952	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.361263990 CET	49952	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.363248110 CET	49952	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.363256931 CET	443	49952	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.363600016 CET	443	49952	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.364995956 CET	49952	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.365057945 CET	49952	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.365063906 CET	443	49952	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.365163088 CET	49952	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.411344051 CET	443	49952	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.744338036 CET	443	49953	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.744550943 CET	443	49953	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.744672060 CET	49953	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.744817019 CET	49953	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.744832993 CET	443	49953	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.907949924 CET	443	49952	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.908096075 CET	443	49952	20.198.118.190	192.168.2.5
Dec 19, 2024 21:42:56.908273935 CET	49952	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.908297062 CET	49952	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:42:56.908310890 CET	443	49952	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:00.277055979 CET	49971	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:43:00.277097940 CET	443	49971	142.250.181.132	192.168.2.5
Dec 19, 2024 21:43:00.277204990 CET	49971	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:43:00.277481079 CET	49971	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:43:00.277499914 CET	443	49971	142.250.181.132	192.168.2.5
Dec 19, 2024 21:43:01.979429007 CET	443	49971	142.250.181.132	192.168.2.5
Dec 19, 2024 21:43:01.982240915 CET	49971	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:43:01.982254028 CET	443	49971	142.250.181.132	192.168.2.5
Dec 19, 2024 21:43:01.983374119 CET	443	49971	142.250.181.132	192.168.2.5
Dec 19, 2024 21:43:01.985155106 CET	49971	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:43:01.985239983 CET	443	49971	142.250.181.132	192.168.2.5
Dec 19, 2024 21:43:02.038773060 CET	49971	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:43:05.559762001 CET	49989	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:05.559778929 CET	443	49989	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:05.559887886 CET	49989	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:05.560461044 CET	49989	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:05.560477018 CET	443	49989	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:05.564850092 CET	49990	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:05.564867973 CET	443	49990	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:05.564971924 CET	49990	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:05.565509081 CET	49990	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:05.565522909 CET	443	49990	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:07.808192968 CET	443	49989	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:07.808325052 CET	49989	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:07.810306072 CET	49989	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:07.810314894 CET	443	49989	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:07.810609102 CET	443	49989	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:07.811995029 CET	49989	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:07.812062025 CET	49989	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:07.812067032 CET	443	49989	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:07.812167883 CET	49989	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:07.859355927 CET	443	49989	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:07.999999046 CET	443	49990	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:08.000216007 CET	49990	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:08.002563953 CET	49990	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:08.002571106 CET	443	49990	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:08.002896070 CET	443	49990	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:08.005002975 CET	49990	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:08.005075932 CET	49990	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:08.005081892 CET	443	49990	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:08.006079912 CET	49990	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:08.047338963 CET	443	49990	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:08.475426912 CET	443	49989	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:08.475508928 CET	443	49989	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:08.475578070 CET	49989	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:08.485918999 CET	49989	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:08.485940933 CET	443	49989	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:08.548003912 CET	443	49990	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:08.548201084 CET	443	49990	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:08.548305035 CET	49990	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:08.548438072 CET	49990	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:08.548450947 CET	443	49990	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:11.668216944 CET	443	49971	142.250.181.132	192.168.2.5
Dec 19, 2024 21:43:11.668386936 CET	443	49971	142.250.181.132	192.168.2.5
Dec 19, 2024 21:43:11.668441057 CET	49971	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:43:13.009273052 CET	49971	443	192.168.2.5	142.250.181.132
Dec 19, 2024 21:43:13.009306908 CET	443	49971	142.250.181.132	192.168.2.5
Dec 19, 2024 21:43:20.012192011 CET	50026	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:20.012243986 CET	443	50026	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:20.012326002 CET	50026	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:20.012974024 CET	50026	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:20.013022900 CET	443	50026	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:20.016565084 CET	50027	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:20.016644955 CET	443	50027	20.198.118.190	192.168.2.5
Dec 19, 2024 21:43:20.016721964 CET	50027	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:20.017219067 CET	50027	443	192.168.2.5	20.198.118.190
Dec 19, 2024 21:43:20.017254114 CET	443	50027	20.198.118.190	192.168.2.5

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Dec 19, 2024 21:41:56.798049927 CET	53	63452	1.1.1.1	192.168.2.5
Dec 19, 2024 21:41:56.803189039 CET	53	64478	1.1.1.1	192.168.2.5
Dec 19, 2024 21:41:59.544094086 CET	53	59327	1.1.1.1	192.168.2.5
Dec 19, 2024 21:42:00.219419003 CET	51695	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:00.219672918 CET	50818	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:00.356820107 CET	53	51695	1.1.1.1	192.168.2.5
Dec 19, 2024 21:42:00.357386112 CET	53	50818	1.1.1.1	192.168.2.5
Dec 19, 2024 21:42:02.195102930 CET	58999	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:02.195333004 CET	54689	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:09.505575895 CET	53	61892	1.1.1.1	192.168.2.5
Dec 19, 2024 21:42:14.067969084 CET	58373	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:14.068424940 CET	62915	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:16.568619967 CET	53	51437	1.1.1.1	192.168.2.5
Dec 19, 2024 21:42:22.089298964 CET	52170	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:22.089843035 CET	62978	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:22.366875887 CET	53	64013	1.1.1.1	192.168.2.5
Dec 19, 2024 21:42:25.631577969 CET	60906	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:25.631825924 CET	55748	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:25.657867908 CET	56212	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:25.658093929 CET	50437	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:28.070247889 CET	61366	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:28.070406914 CET	61626	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:28.070940971 CET	50389	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:28.071163893 CET	58014	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:28.098360062 CET	56701	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:28.098517895 CET	56064	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:28.900204897 CET	53	58014	1.1.1.1	192.168.2.5
Dec 19, 2024 21:42:35.395787954 CET	53	59736	1.1.1.1	192.168.2.5
Dec 19, 2024 21:42:40.039218903 CET	59446	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:40.039591074 CET	59244	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:40.040199041 CET	61665	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:40.040338993 CET	50530	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:42:40.714920998 CET	53	59244	1.1.1.1	192.168.2.5
Dec 19, 2024 21:42:56.538394928 CET	53	51156	1.1.1.1	192.168.2.5
Dec 19, 2024 21:42:58.227102995 CET	53	49394	1.1.1.1	192.168.2.5
Dec 19, 2024 21:43:04.832783937 CET	63147	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:43:04.832942963 CET	61817	53	192.168.2.5	1.1.1.1
Dec 19, 2024 21:43:13.853697062 CET	53	50913	1.1.1.1	192.168.2.5

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Dec 19, 2024 21:42:02.678605080 CET	192.168.2.5	1.1.1.1	c291	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Dec 19, 2024 21:42:00.219419003 CET	192.168.2.5	1.1.1.1	0xf59c	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:00.219672918 CET	192.168.2.5	1.1.1.1	0x42f3	Standard query (0)	www.google.com	65	IN (0x0001)	false
Dec 19, 2024 21:42:02.195102930 CET	192.168.2.5	1.1.1.1	0xb2a0	Standard query (0)	kubota.highq.com	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:02.195333004 CET	192.168.2.5	1.1.1.1	0x84b8	Standard query (0)	kubota.highq.com	65	IN (0x0001)	false
Dec 19, 2024 21:42:14.067969084 CET	192.168.2.5	1.1.1.1	0xee76	Standard query (0)	kubota.highq.com	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:14.068424940 CET	192.168.2.5	1.1.1.1	0x9ebe	Standard query (0)	kubota.highq.com	65	IN (0x0001)	false
Dec 19, 2024 21:42:22.089298964 CET	192.168.2.5	1.1.1.1	0x2c6b	Standard query (0)	s.go-mpulse.net	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:22.089843035 CET	192.168.2.5	1.1.1.1	0x2eb3	Standard query (0)	s.go-mpulse.net	65	IN (0x0001)	false
Dec 19, 2024 21:42:25.631577969 CET	192.168.2.5	1.1.1.1	0x90e1	Standard query (0)	c.go-mpulse.net	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:25.631825924 CET	192.168.2.5	1.1.1.1	0xf9e	Standard query (0)	c.go-mpulse.net	65	IN (0x0001)	false
Dec 19, 2024 21:42:25.657867908 CET	192.168.2.5	1.1.1.1	0xeee2	Standard query (0)	s.go-mpulse.net	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:25.658093929 CET	192.168.2.5	1.1.1.1	0x2f82	Standard query (0)	s.go-mpulse.net	65	IN (0x0001)	false
Dec 19, 2024 21:42:28.070247889 CET	192.168.2.5	1.1.1.1	0xa13a	Standard query (0)	684dd326.akstat.io	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:28.070406914 CET	192.168.2.5	1.1.1.1	0x7bd4	Standard query (0)	684dd326.akstat.io	65	IN (0x0001)	false
Dec 19, 2024 21:42:28.070940971 CET	192.168.2.5	1.1.1.1	0x8f65	Standard query (0)	baxhxpiccaazwz3equqa-f-7c69def10-clientnsv4-s.akamaihd.net	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:28.071163893 CET	192.168.2.5	1.1.1.1	0xd96b	Standard query (0)	baxhxpiccaazwz3equqa-f-7c69def10-clientnsv4-s.akamaihd.net	65	IN (0x0001)	false
Dec 19, 2024 21:42:28.098360062 CET	192.168.2.5	1.1.1.1	0x285d	Standard query (0)	c.go-mpulse.net	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:28.098517895 CET	192.168.2.5	1.1.1.1	0xc30d	Standard query (0)	c.go-mpulse.net	65	IN (0x0001)	false
Dec 19, 2024 21:42:40.039218903 CET	192.168.2.5	1.1.1.1	0x131d	Standard query (0)	baxhxpiccaazwz3equ7a-f-45da9a0ab-clientnsv4-s.akamaihd.net	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:40.039591074 CET	192.168.2.5	1.1.1.1	0x2dba	Standard query (0)	baxhxpiccaazwz3equ7a-f-45da9a0ab-clientnsv4-s.akamaihd.net	65	IN (0x0001)	false
Dec 19, 2024 21:42:40.040199041 CET	192.168.2.5	1.1.1.1	0x33d	Standard query (0)	0217991d.akstat.io	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:40.040338993 CET	192.168.2.5	1.1.1.1	0xe4c2	Standard query (0)	0217991d.akstat.io	65	IN (0x0001)	false
Dec 19, 2024 21:43:04.832783937 CET	192.168.2.5	1.1.1.1	0xd6db	Standard query (0)	kubota.highq.com	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:43:04.832942963 CET	192.168.2.5	1.1.1.1	0xa420	Standard query (0)	kubota.highq.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Dec 19, 2024 21:42:00.356820107 CET	1.1.1.1	192.168.2.5	0xf59c	No error (0)	www.google.com		142.250.181.132	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:00.357386112 CET	1.1.1.1	192.168.2.5	0x42f3	No error (0)	www.google.com			65	IN (0x0001)	false
Dec 19, 2024 21:42:02.334312916 CET	1.1.1.1	192.168.2.5	0xb2a0	No error (0)	kubota.highq.com	kubota.highq.com.cn.highq.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:02.334312916 CET	1.1.1.1	192.168.2.5	0xb2a0	No error (0)	kubota.highq.com.cn.highq.com	hqacc16.highq.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:02.678519964 CET	1.1.1.1	192.168.2.5	0x84b8	No error (0)	kubota.highq.com	kubota.highq.com.cn.highq.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:02.678519964 CET	1.1.1.1	192.168.2.5	0x84b8	No error (0)	kubota.highq.com.cn.highq.com	hqacc16.highq.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:14.205487013 CET	1.1.1.1	192.168.2.5	0x9ebe	No error (0)	kubota.highq.com	kubota.highq.com.cn.highq.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:14.205487013 CET	1.1.1.1	192.168.2.5	0x9ebe	No error (0)	kubota.highq.com.cn.highq.com	hqacc16.highq.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:14.289885998 CET	1.1.1.1	192.168.2.5	0xee76	No error (0)	kubota.highq.com	kubota.highq.com.cn.highq.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:14.289885998 CET	1.1.1.1	192.168.2.5	0xee76	No error (0)	kubota.highq.com.cn.highq.com	hqacc16.highq.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:22.228590012 CET	1.1.1.1	192.168.2.5	0x2eb3	No error (0)	s.go-mpulse.net	ip46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:22.317735910 CET	1.1.1.1	192.168.2.5	0x2c6b	No error (0)	s.go-mpulse.net	ip46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:25.769079924 CET	1.1.1.1	192.168.2.5	0x90e1	No error (0)	c.go-mpulse.net	wildcard46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:25.769787073 CET	1.1.1.1	192.168.2.5	0xf9e	No error (0)	c.go-mpulse.net	wildcard46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:25.858589888 CET	1.1.1.1	192.168.2.5	0x2f82	No error (0)	s.go-mpulse.net	ip46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:25.860011101 CET	1.1.1.1	192.168.2.5	0xeee2	No error (0)	s.go-mpulse.net	ip46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:28.235567093 CET	1.1.1.1	192.168.2.5	0xc30d	No error (0)	c.go-mpulse.net	wildcard46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:28.242347956 CET	1.1.1.1	192.168.2.5	0x285d	No error (0)	c.go-mpulse.net	wildcard46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:28.284883976 CET	1.1.1.1	192.168.2.5	0xa13a	No error (0)	684dd326.akstat.io	wildcard46.akstat.io.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:28.299648046 CET	1.1.1.1	192.168.2.5	0x7bd4	No error (0)	684dd326.akstat.io	wildcard46.akstat.io.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:28.900204897 CET	1.1.1.1	192.168.2.5	0xd96b	No error (0)	baxhxpiccaazwz3equqa-f-7c69def10-clientnsv4-s.akamaihd.net	baxhxpiccaazwz3equqa-f-7c69def10.ipv4-only.cname.clienttons.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:28.900204897 CET	1.1.1.1	192.168.2.5	0xd96b	No error (0)	baxhxpiccaazwz3equqa-f-7c69def10.ipv4-only.cname.clienttons.com	a248.b.akamai.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:28.900463104 CET	1.1.1.1	192.168.2.5	0x8f65	No error (0)	baxhxpiccaazwz3equqa-f-7c69def10-clientnsv4-s.akamaihd.net	baxhxpiccaazwz3equqa-f-7c69def10.ipv4-only.cname.clienttons.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:28.900463104 CET	1.1.1.1	192.168.2.5	0x8f65	No error (0)	baxhxpiccaazwz3equqa-f-7c69def10.ipv4-only.cname.clienttons.com	a248.b.akamai.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:40.266943932 CET	1.1.1.1	192.168.2.5	0xe4c2	No error (0)	0217991d.akstat.io	wildcard46.akstat.io.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:40.274028063 CET	1.1.1.1	192.168.2.5	0x33d	No error (0)	0217991d.akstat.io	wildcard46.akstat.io.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:40.714885950 CET	1.1.1.1	192.168.2.5	0x131d	No error (0)	baxhxpiccaazwz3equ7a-f-45da9a0ab-clientnsv4-s.akamaihd.net	baxhxpiccaazwz3equ7a-f-45da9a0ab.ipv4-only.cname.clienttons.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:40.714885950 CET	1.1.1.1	192.168.2.5	0x131d	No error (0)	baxhxpiccaazwz3equ7a-f-45da9a0ab.ipv4-only.cname.clienttons.com	a248.b.akamai.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:40.714920998 CET	1.1.1.1	192.168.2.5	0x2dba	No error (0)	baxhxpiccaazwz3equ7a-f-45da9a0ab-clientnsv4-s.akamaihd.net	baxhxpiccaazwz3equ7a-f-45da9a0ab.ipv4-only.cname.clienttons.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:40.714920998 CET	1.1.1.1	192.168.2.5	0x2dba	No error (0)	baxhxpiccaazwz3equ7a-f-45da9a0ab.ipv4-only.cname.clienttons.com	a248.b.akamai.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:43:05.310786009 CET	1.1.1.1	192.168.2.5	0xa420	No error (0)	kubota.highq.com	kubota.highq.com.cn.highq.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:43:05.310786009 CET	1.1.1.1	192.168.2.5	0xa420	No error (0)	kubota.highq.com.cn.highq.com	hqacc16.highq.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:43:05.335285902 CET	1.1.1.1	192.168.2.5	0xd6db	No error (0)	kubota.highq.com	kubota.highq.com.cn.highq.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:43:05.335285902 CET	1.1.1.1	192.168.2.5	0xd6db	No error (0)	kubota.highq.com.cn.highq.com	hqacc16.highq.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port
0	192.168.2.5	49866	20.198.118.190	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:42:29 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 33 4c 49 6e 66 70 43 54 35 30 4f 4a 7a 75 46 45 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 61 63 61 64 34 65 33 38 66 64 63 63 35 30 37 30 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: 3LInfpCT50OJzuFE.1Context: acad4e38fdcc5070
2024-12-19 20:42:29 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:42:29 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 33 4c 49 6e 66 70 43 54 35 30 4f 4a 7a 75 46 45 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 61 63 61 64 34 65 33 38 66 64 63 63 35 30 37 30 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 54 56 71 2f 53 30 6a 39 73 4c 49 6f 61 74 68 4f 69 4b 6b 38 5a 4a 65 72 55 68 33 55 41 42 59 75 5a 50 38 76 6b 6c 69 36 57 32 62 6d 73 33 58 6c 73 4c 36 77 6e 43 61 2b 74 76 52 49 35 2b 2f 65 74 73 34 70 6d 33 77 66 43 33 6e 32 73 37 34 5a 58 79 68 37 49 34 31 4b 36 4c 4a 75 41 72 69 77 42 4f 63 6c 66 30 6f 4c 6f 52 35 51 31 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: 3LInfpCT50OJzuFE.2Context: acad4e38fdcc5070<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAATVq/S0j9sLIoathOiKk8ZJerUh3UABYuZP8vkli6W2bms3XlsL6wnCa+tvRI5+/ets4pm3wfC3n2s74ZXyh7I41K6LJuAriwBOclf0oLoR5Q1
2024-12-19 20:42:29 UTC	74	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 33 4c 49 6e 66 70 43 54 35 30 4f 4a 7a 75 46 45 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 61 63 61 64 34 65 33 38 66 64 63 63 35 30 37 30 0d 0a 0d 0a Data Ascii: BND 3 CON\QOS 56MS-CV: 3LInfpCT50OJzuFE.3Context: acad4e38fdcc5070
2024-12-19 20:42:29 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:42:29 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 45 62 56 4b 46 50 6e 73 5a 30 43 6b 78 37 43 34 61 36 52 39 69 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: EbVKFPnsZ0Ckx7C4a6R9iQ.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
1	192.168.2.5	49867	20.198.118.190	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:42:29 UTC	70	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 34 0d 0a 4d 53 2d 43 56 3a 20 57 43 43 75 4e 56 32 6d 76 30 53 69 7a 56 6b 6d 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 61 30 65 64 34 39 36 35 65 33 37 33 37 31 0d 0a 0d 0a Data Ascii: CNT 1 CON 304MS-CV: WCCuNV2mv0SizVkm.1Context: 5a0ed4965e37371
2024-12-19 20:42:29 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:42:29 UTC	1083	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 30 0d 0a 4d 53 2d 43 56 3a 20 57 43 43 75 4e 56 32 6d 76 30 53 69 7a 56 6b 6d 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 61 30 65 64 34 39 36 35 65 33 37 33 37 31 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 66 48 52 4a 4b 39 55 6f 6f 4a 62 2f 55 2b 67 35 73 52 30 4b 31 77 30 65 6b 53 55 49 2b 30 6d 36 44 41 30 52 63 2f 78 41 73 51 67 30 4a 59 77 43 51 44 39 4e 31 76 77 7a 41 65 35 64 6c 75 73 41 4e 62 78 2b 63 6c 76 68 52 64 65 56 50 55 49 58 5a 38 37 76 73 55 38 69 6e 77 7a 53 59 7a 45 55 64 31 6b 42 41 43 50 2b 55 64 6f 59 4c 32 Data Ascii: ATH 2 CON\DEVICE 1060MS-CV: WCCuNV2mv0SizVkm.2Context: 5a0ed4965e37371<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAfHRJK9UooJb/U+g5sR0K1w0ekSUI+0m6DA0Rc/xAsQg0JYwCQD9N1vwzAe5dlusANbx+clvhRdeVPUIXZ87vsU8inwzSYzEUd1kBACP+UdoYL2
2024-12-19 20:42:29 UTC	217	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 36 0d 0a 4d 53 2d 43 56 3a 20 57 43 43 75 4e 56 32 6d 76 30 53 69 7a 56 6b 6d 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 61 30 65 64 34 39 36 35 65 33 37 33 37 31 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 196MS-CV: WCCuNV2mv0SizVkm.3Context: 5a0ed4965e37371<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-12-19 20:42:29 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:42:29 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 36 77 7a 43 64 7a 61 77 6a 30 6d 64 53 2b 77 66 30 4a 75 65 6a 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: 6wzCdzawj0mdS+wf0JuejA.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
2	192.168.2.5	49894	20.198.118.190	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:42:36 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 32 33 58 67 59 6f 6d 44 6c 6b 47 6f 45 5a 55 73 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 61 33 62 36 30 62 34 36 33 38 38 32 34 39 38 38 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: 23XgYomDlkGoEZUs.1Context: a3b60b4638824988
2024-12-19 20:42:36 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:42:36 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 32 33 58 67 59 6f 6d 44 6c 6b 47 6f 45 5a 55 73 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 61 33 62 36 30 62 34 36 33 38 38 32 34 39 38 38 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 66 48 52 4a 4b 39 55 6f 6f 4a 62 2f 55 2b 67 35 73 52 30 4b 31 77 30 65 6b 53 55 49 2b 30 6d 36 44 41 30 52 63 2f 78 41 73 51 67 30 4a 59 77 43 51 44 39 4e 31 76 77 7a 41 65 35 64 6c 75 73 41 4e 62 78 2b 63 6c 76 68 52 64 65 56 50 55 49 58 5a 38 37 76 73 55 38 69 6e 77 7a 53 59 7a 45 55 64 31 6b 42 41 43 50 2b 55 64 6f 59 4c Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: 23XgYomDlkGoEZUs.2Context: a3b60b4638824988<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAfHRJK9UooJb/U+g5sR0K1w0ekSUI+0m6DA0Rc/xAsQg0JYwCQD9N1vwzAe5dlusANbx+clvhRdeVPUIXZ87vsU8inwzSYzEUd1kBACP+UdoYL
2024-12-19 20:42:36 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 32 33 58 67 59 6f 6d 44 6c 6b 47 6f 45 5a 55 73 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 61 33 62 36 30 62 34 36 33 38 38 32 34 39 38 38 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: 23XgYomDlkGoEZUs.3Context: a3b60b4638824988<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-12-19 20:42:37 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:42:37 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 57 2b 74 30 44 61 34 77 2b 6b 47 64 56 6d 2b 42 4a 65 77 6a 51 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: W+t0Da4w+kGdVm+BJewjQw.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
3	192.168.2.5	49893	20.198.118.190	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:42:36 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 5a 61 44 68 48 44 36 41 50 6b 65 66 6e 54 4b 5a 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 38 38 33 30 35 65 64 37 39 39 38 63 37 66 34 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: ZaDhHD6APkefnTKZ.1Context: d88305ed7998c7f4
2024-12-19 20:42:36 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:42:36 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 5a 61 44 68 48 44 36 41 50 6b 65 66 6e 54 4b 5a 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 38 38 33 30 35 65 64 37 39 39 38 63 37 66 34 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 54 56 71 2f 53 30 6a 39 73 4c 49 6f 61 74 68 4f 69 4b 6b 38 5a 4a 65 72 55 68 33 55 41 42 59 75 5a 50 38 76 6b 6c 69 36 57 32 62 6d 73 33 58 6c 73 4c 36 77 6e 43 61 2b 74 76 52 49 35 2b 2f 65 74 73 34 70 6d 33 77 66 43 33 6e 32 73 37 34 5a 58 79 68 37 49 34 31 4b 36 4c 4a 75 41 72 69 77 42 4f 63 6c 66 30 6f 4c 6f 52 35 51 31 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: ZaDhHD6APkefnTKZ.2Context: d88305ed7998c7f4<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAATVq/S0j9sLIoathOiKk8ZJerUh3UABYuZP8vkli6W2bms3XlsL6wnCa+tvRI5+/ets4pm3wfC3n2s74ZXyh7I41K6LJuAriwBOclf0oLoR5Q1
2024-12-19 20:42:36 UTC	74	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 5a 61 44 68 48 44 36 41 50 6b 65 66 6e 54 4b 5a 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 38 38 33 30 35 65 64 37 39 39 38 63 37 66 34 0d 0a 0d 0a Data Ascii: BND 3 CON\QOS 56MS-CV: ZaDhHD6APkefnTKZ.3Context: d88305ed7998c7f4
2024-12-19 20:42:37 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:42:37 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 6e 4b 34 68 71 59 38 4a 56 30 61 33 35 48 69 77 63 78 4c 46 6c 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: nK4hqY8JV0a35HiwcxLFlQ.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
4	192.168.2.5	49921	20.198.118.190	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:42:46 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 62 6f 32 4c 74 6c 6f 6e 75 45 32 54 67 58 6e 62 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 31 36 63 61 38 62 61 30 30 39 65 62 63 38 65 62 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: bo2LtlonuE2TgXnb.1Context: 16ca8ba009ebc8eb
2024-12-19 20:42:46 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:42:46 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 62 6f 32 4c 74 6c 6f 6e 75 45 32 54 67 58 6e 62 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 31 36 63 61 38 62 61 30 30 39 65 62 63 38 65 62 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 54 56 71 2f 53 30 6a 39 73 4c 49 6f 61 74 68 4f 69 4b 6b 38 5a 4a 65 72 55 68 33 55 41 42 59 75 5a 50 38 76 6b 6c 69 36 57 32 62 6d 73 33 58 6c 73 4c 36 77 6e 43 61 2b 74 76 52 49 35 2b 2f 65 74 73 34 70 6d 33 77 66 43 33 6e 32 73 37 34 5a 58 79 68 37 49 34 31 4b 36 4c 4a 75 41 72 69 77 42 4f 63 6c 66 30 6f 4c 6f 52 35 51 31 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: bo2LtlonuE2TgXnb.2Context: 16ca8ba009ebc8eb<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAATVq/S0j9sLIoathOiKk8ZJerUh3UABYuZP8vkli6W2bms3XlsL6wnCa+tvRI5+/ets4pm3wfC3n2s74ZXyh7I41K6LJuAriwBOclf0oLoR5Q1
2024-12-19 20:42:46 UTC	74	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 62 6f 32 4c 74 6c 6f 6e 75 45 32 54 67 58 6e 62 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 31 36 63 61 38 62 61 30 30 39 65 62 63 38 65 62 0d 0a 0d 0a Data Ascii: BND 3 CON\QOS 56MS-CV: bo2LtlonuE2TgXnb.3Context: 16ca8ba009ebc8eb
2024-12-19 20:42:46 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:42:46 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 63 2b 65 35 42 4f 46 50 64 45 75 64 7a 70 32 68 74 61 65 66 44 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: c+e5BOFPdEudzp2htaefDg.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
5	192.168.2.5	49922	20.198.118.190	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:42:46 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 57 64 66 68 6a 7a 43 43 73 55 57 4f 33 2b 54 45 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 39 31 30 62 62 32 66 61 31 33 61 35 38 64 36 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: WdfhjzCCsUWO3+TE.1Context: 4910bb2fa13a58d6
2024-12-19 20:42:46 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:42:46 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 57 64 66 68 6a 7a 43 43 73 55 57 4f 33 2b 54 45 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 39 31 30 62 62 32 66 61 31 33 61 35 38 64 36 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 66 48 52 4a 4b 39 55 6f 6f 4a 62 2f 55 2b 67 35 73 52 30 4b 31 77 30 65 6b 53 55 49 2b 30 6d 36 44 41 30 52 63 2f 78 41 73 51 67 30 4a 59 77 43 51 44 39 4e 31 76 77 7a 41 65 35 64 6c 75 73 41 4e 62 78 2b 63 6c 76 68 52 64 65 56 50 55 49 58 5a 38 37 76 73 55 38 69 6e 77 7a 53 59 7a 45 55 64 31 6b 42 41 43 50 2b 55 64 6f 59 4c Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: WdfhjzCCsUWO3+TE.2Context: 4910bb2fa13a58d6<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAfHRJK9UooJb/U+g5sR0K1w0ekSUI+0m6DA0Rc/xAsQg0JYwCQD9N1vwzAe5dlusANbx+clvhRdeVPUIXZ87vsU8inwzSYzEUd1kBACP+UdoYL
2024-12-19 20:42:46 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 57 64 66 68 6a 7a 43 43 73 55 57 4f 33 2b 54 45 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 39 31 30 62 62 32 66 61 31 33 61 35 38 64 36 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: WdfhjzCCsUWO3+TE.3Context: 4910bb2fa13a58d6<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-12-19 20:42:46 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:42:46 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 34 45 35 36 53 52 54 69 71 55 2b 39 46 59 43 70 35 30 73 69 63 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: 4E56SRTiqU+9FYCp50sicg.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
6	192.168.2.5	49953	20.198.118.190	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:42:56 UTC	70	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 34 0d 0a 4d 53 2d 43 56 3a 20 52 66 70 65 4c 65 38 2b 42 30 65 41 6a 36 76 45 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 34 65 38 64 30 37 62 65 66 35 63 38 35 65 0d 0a 0d 0a Data Ascii: CNT 1 CON 304MS-CV: RfpeLe8+B0eAj6vE.1Context: 64e8d07bef5c85e
2024-12-19 20:42:56 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:42:56 UTC	1083	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 30 0d 0a 4d 53 2d 43 56 3a 20 52 66 70 65 4c 65 38 2b 42 30 65 41 6a 36 76 45 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 34 65 38 64 30 37 62 65 66 35 63 38 35 65 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 66 48 52 4a 4b 39 55 6f 6f 4a 62 2f 55 2b 67 35 73 52 30 4b 31 77 30 65 6b 53 55 49 2b 30 6d 36 44 41 30 52 63 2f 78 41 73 51 67 30 4a 59 77 43 51 44 39 4e 31 76 77 7a 41 65 35 64 6c 75 73 41 4e 62 78 2b 63 6c 76 68 52 64 65 56 50 55 49 58 5a 38 37 76 73 55 38 69 6e 77 7a 53 59 7a 45 55 64 31 6b 42 41 43 50 2b 55 64 6f 59 4c 32 Data Ascii: ATH 2 CON\DEVICE 1060MS-CV: RfpeLe8+B0eAj6vE.2Context: 64e8d07bef5c85e<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAfHRJK9UooJb/U+g5sR0K1w0ekSUI+0m6DA0Rc/xAsQg0JYwCQD9N1vwzAe5dlusANbx+clvhRdeVPUIXZ87vsU8inwzSYzEUd1kBACP+UdoYL2
2024-12-19 20:42:56 UTC	217	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 36 0d 0a 4d 53 2d 43 56 3a 20 52 66 70 65 4c 65 38 2b 42 30 65 41 6a 36 76 45 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 34 65 38 64 30 37 62 65 66 35 63 38 35 65 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 196MS-CV: RfpeLe8+B0eAj6vE.3Context: 64e8d07bef5c85e<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-12-19 20:42:56 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:42:56 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 32 70 37 73 48 36 6d 4d 4d 45 69 33 61 61 4b 41 4c 79 42 52 58 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: 2p7sH6mMMEi3aaKALyBRXQ.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
7	192.168.2.5	49952	20.198.118.190	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:42:56 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 32 35 67 4e 2b 62 2b 4b 4f 55 71 38 50 4a 6a 36 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 31 38 31 65 63 34 31 65 31 36 32 33 32 33 61 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: 25gN+b+KOUq8PJj6.1Context: d181ec41e162323a
2024-12-19 20:42:56 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:42:56 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 32 35 67 4e 2b 62 2b 4b 4f 55 71 38 50 4a 6a 36 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 31 38 31 65 63 34 31 65 31 36 32 33 32 33 61 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 54 56 71 2f 53 30 6a 39 73 4c 49 6f 61 74 68 4f 69 4b 6b 38 5a 4a 65 72 55 68 33 55 41 42 59 75 5a 50 38 76 6b 6c 69 36 57 32 62 6d 73 33 58 6c 73 4c 36 77 6e 43 61 2b 74 76 52 49 35 2b 2f 65 74 73 34 70 6d 33 77 66 43 33 6e 32 73 37 34 5a 58 79 68 37 49 34 31 4b 36 4c 4a 75 41 72 69 77 42 4f 63 6c 66 30 6f 4c 6f 52 35 51 31 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: 25gN+b+KOUq8PJj6.2Context: d181ec41e162323a<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAATVq/S0j9sLIoathOiKk8ZJerUh3UABYuZP8vkli6W2bms3XlsL6wnCa+tvRI5+/ets4pm3wfC3n2s74ZXyh7I41K6LJuAriwBOclf0oLoR5Q1
2024-12-19 20:42:56 UTC	74	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 32 35 67 4e 2b 62 2b 4b 4f 55 71 38 50 4a 6a 36 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 31 38 31 65 63 34 31 65 31 36 32 33 32 33 61 0d 0a 0d 0a Data Ascii: BND 3 CON\QOS 56MS-CV: 25gN+b+KOUq8PJj6.3Context: d181ec41e162323a
2024-12-19 20:42:56 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:42:56 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 66 39 56 78 79 71 4f 56 2f 45 71 33 46 36 70 31 68 6e 4c 61 69 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: f9VxyqOV/Eq3F6p1hnLaig.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
8	192.168.2.5	49989	20.198.118.190	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:43:07 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 69 76 48 41 61 79 33 4b 7a 45 53 6f 73 6f 49 49 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 31 31 64 37 31 30 37 35 37 64 66 37 35 35 65 37 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: ivHAay3KzESosoII.1Context: 11d710757df755e7
2024-12-19 20:43:07 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:43:07 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 69 76 48 41 61 79 33 4b 7a 45 53 6f 73 6f 49 49 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 31 31 64 37 31 30 37 35 37 64 66 37 35 35 65 37 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 54 56 71 2f 53 30 6a 39 73 4c 49 6f 61 74 68 4f 69 4b 6b 38 5a 4a 65 72 55 68 33 55 41 42 59 75 5a 50 38 76 6b 6c 69 36 57 32 62 6d 73 33 58 6c 73 4c 36 77 6e 43 61 2b 74 76 52 49 35 2b 2f 65 74 73 34 70 6d 33 77 66 43 33 6e 32 73 37 34 5a 58 79 68 37 49 34 31 4b 36 4c 4a 75 41 72 69 77 42 4f 63 6c 66 30 6f 4c 6f 52 35 51 31 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: ivHAay3KzESosoII.2Context: 11d710757df755e7<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAATVq/S0j9sLIoathOiKk8ZJerUh3UABYuZP8vkli6W2bms3XlsL6wnCa+tvRI5+/ets4pm3wfC3n2s74ZXyh7I41K6LJuAriwBOclf0oLoR5Q1
2024-12-19 20:43:07 UTC	74	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 69 76 48 41 61 79 33 4b 7a 45 53 6f 73 6f 49 49 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 31 31 64 37 31 30 37 35 37 64 66 37 35 35 65 37 0d 0a 0d 0a Data Ascii: BND 3 CON\QOS 56MS-CV: ivHAay3KzESosoII.3Context: 11d710757df755e7
2024-12-19 20:43:08 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:43:08 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 62 32 66 76 50 61 34 4c 47 30 2b 6a 5a 35 7a 6d 47 78 62 2f 34 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: b2fvPa4LG0+jZ5zmGxb/4g.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
9	192.168.2.5	49990	20.198.118.190	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:43:08 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 4c 67 51 6f 71 55 46 70 56 6b 47 31 67 4c 73 45 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 31 63 61 62 61 63 32 33 33 35 34 64 34 62 35 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: LgQoqUFpVkG1gLsE.1Context: 21cabac23354d4b5
2024-12-19 20:43:08 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:43:08 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 4c 67 51 6f 71 55 46 70 56 6b 47 31 67 4c 73 45 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 31 63 61 62 61 63 32 33 33 35 34 64 34 62 35 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 66 48 52 4a 4b 39 55 6f 6f 4a 62 2f 55 2b 67 35 73 52 30 4b 31 77 30 65 6b 53 55 49 2b 30 6d 36 44 41 30 52 63 2f 78 41 73 51 67 30 4a 59 77 43 51 44 39 4e 31 76 77 7a 41 65 35 64 6c 75 73 41 4e 62 78 2b 63 6c 76 68 52 64 65 56 50 55 49 58 5a 38 37 76 73 55 38 69 6e 77 7a 53 59 7a 45 55 64 31 6b 42 41 43 50 2b 55 64 6f 59 4c Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: LgQoqUFpVkG1gLsE.2Context: 21cabac23354d4b5<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAfHRJK9UooJb/U+g5sR0K1w0ekSUI+0m6DA0Rc/xAsQg0JYwCQD9N1vwzAe5dlusANbx+clvhRdeVPUIXZ87vsU8inwzSYzEUd1kBACP+UdoYL
2024-12-19 20:43:08 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 4c 67 51 6f 71 55 46 70 56 6b 47 31 67 4c 73 45 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 31 63 61 62 61 63 32 33 33 35 34 64 34 62 35 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: LgQoqUFpVkG1gLsE.3Context: 21cabac23354d4b5<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-12-19 20:43:08 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:43:08 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 49 70 4e 49 68 56 65 5a 55 55 75 36 71 35 4c 53 38 71 61 75 52 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: IpNIhVeZUUu6q5LS8qauRQ.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
10	192.168.2.5	50026	20.198.118.190	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:43:22 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 43 58 64 78 77 51 68 4b 75 30 75 70 5a 67 69 56 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 33 32 37 31 62 37 35 64 39 38 31 38 38 63 34 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: CXdxwQhKu0upZgiV.1Context: 53271b75d98188c4
2024-12-19 20:43:22 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:43:22 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 43 58 64 78 77 51 68 4b 75 30 75 70 5a 67 69 56 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 33 32 37 31 62 37 35 64 39 38 31 38 38 63 34 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 54 56 71 2f 53 30 6a 39 73 4c 49 6f 61 74 68 4f 69 4b 6b 38 5a 4a 65 72 55 68 33 55 41 42 59 75 5a 50 38 76 6b 6c 69 36 57 32 62 6d 73 33 58 6c 73 4c 36 77 6e 43 61 2b 74 76 52 49 35 2b 2f 65 74 73 34 70 6d 33 77 66 43 33 6e 32 73 37 34 5a 58 79 68 37 49 34 31 4b 36 4c 4a 75 41 72 69 77 42 4f 63 6c 66 30 6f 4c 6f 52 35 51 31 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: CXdxwQhKu0upZgiV.2Context: 53271b75d98188c4<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAATVq/S0j9sLIoathOiKk8ZJerUh3UABYuZP8vkli6W2bms3XlsL6wnCa+tvRI5+/ets4pm3wfC3n2s74ZXyh7I41K6LJuAriwBOclf0oLoR5Q1
2024-12-19 20:43:22 UTC	74	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 43 58 64 78 77 51 68 4b 75 30 75 70 5a 67 69 56 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 33 32 37 31 62 37 35 64 39 38 31 38 38 63 34 0d 0a 0d 0a Data Ascii: BND 3 CON\QOS 56MS-CV: CXdxwQhKu0upZgiV.3Context: 53271b75d98188c4
2024-12-19 20:43:22 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:43:22 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 44 62 30 2f 6a 32 68 34 50 6b 4f 47 2f 73 61 2f 6e 72 37 44 64 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: Db0/j2h4PkOG/sa/nr7DdQ.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
11	192.168.2.5	50027	20.198.118.190	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:43:22 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 61 49 72 72 5a 63 49 59 2f 6b 75 6c 72 42 6c 4b 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 33 34 65 35 62 63 38 63 34 64 34 36 35 34 66 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: aIrrZcIY/kulrBlK.1Context: e34e5bc8c4d4654f
2024-12-19 20:43:22 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:43:22 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 61 49 72 72 5a 63 49 59 2f 6b 75 6c 72 42 6c 4b 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 33 34 65 35 62 63 38 63 34 64 34 36 35 34 66 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 66 48 52 4a 4b 39 55 6f 6f 4a 62 2f 55 2b 67 35 73 52 30 4b 31 77 30 65 6b 53 55 49 2b 30 6d 36 44 41 30 52 63 2f 78 41 73 51 67 30 4a 59 77 43 51 44 39 4e 31 76 77 7a 41 65 35 64 6c 75 73 41 4e 62 78 2b 63 6c 76 68 52 64 65 56 50 55 49 58 5a 38 37 76 73 55 38 69 6e 77 7a 53 59 7a 45 55 64 31 6b 42 41 43 50 2b 55 64 6f 59 4c Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: aIrrZcIY/kulrBlK.2Context: e34e5bc8c4d4654f<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAfHRJK9UooJb/U+g5sR0K1w0ekSUI+0m6DA0Rc/xAsQg0JYwCQD9N1vwzAe5dlusANbx+clvhRdeVPUIXZ87vsU8inwzSYzEUd1kBACP+UdoYL
2024-12-19 20:43:22 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 61 49 72 72 5a 63 49 59 2f 6b 75 6c 72 42 6c 4b 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 33 34 65 35 62 63 38 63 34 64 34 36 35 34 66 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: aIrrZcIY/kulrBlK.3Context: e34e5bc8c4d4654f<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-12-19 20:43:22 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:43:22 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 6f 51 48 77 6b 4d 41 41 73 55 2b 33 50 73 68 30 53 62 41 52 7a 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: oQHwkMAAsU+3Psh0SbARzg.0Payload parsing failed.

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 3552, Parent PID: 4668

General

Target ID:	0
Start time:	15:41:48
Start date:	19/12/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 4768, Parent PID: 3552

General

Target ID:	2
Start time:	15:41:54
Start date:	19/12/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=2032,i,8836023938817567272,6358166955718723625,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 7064, Parent PID: 4668

General

Target ID:	3
Start time:	15:42:00
Start date:	19/12/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kubota.highq.com/kubota/viewUserProfile.action?metaData.encryptTargetUserID=D1l4_GI3rHw=&metaData.updateUserProfileProcess=true"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://kubota.highq.com/kubota/viewUserProfile.action?metaData.encryptTargetUserID=D1l4_GI3rHw=&metaData.updateUserProfileProcess=true

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Chrome Cache Entry: 130

Chrome Cache Entry: 131

Chrome Cache Entry: 132

Chrome Cache Entry: 133

Chrome Cache Entry: 134

Chrome Cache Entry: 135

Chrome Cache Entry: 136

Chrome Cache Entry: 137

Chrome Cache Entry: 138

Chrome Cache Entry: 139

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 143

Chrome Cache Entry: 144

Windows Analysis Report
https://kubota.highq.com/kubota/viewUserProfile.action?metaData.encryptTargetUserID=D1l4_GI3rHw=&metaData.updateUserProfileProcess=true