Edit tour

Windows Analysis Report
https://kubota.highq.com/kubota/externalAccess.action?linkParam=248Md4JKaxiIU4vwlQaNq5FLgPVNq03doY6pcXaLJD4%3D&documentDownload=link

Overview

General Information

Sample URL:	https://kubota.highq.com/kubota/externalAccess.action?linkParam=248Md4JKaxiIU4vwlQaNq5FLgPVNq03doY6pcXaLJD4%3D&documentDownload=link
Analysis ID:	1578543
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

HTML body contains low number of good links

Invalid T&C link found

Classification

Process Tree

System is w10x64

chrome.exe (PID: 3576 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 2580 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2492 --field-trial-handle=2436,i,558788676995719332,6940841824246096721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 4856 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kubota.highq.com/kubota/externalAccess.action?linkParam=248Md4JKaxiIU4vwlQaNq5FLgPVNq03doY6pcXaLJD4%3D&documentDownload=link" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

AI detected phishing page

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	Joe Sandbox AI: Score: 7 Reasons: The brand 'Kubota' is a known brand, primarily associated with manufacturing equipment., The URL 'kubota.highq.com' does not match the legitimate domain 'kubota.com'., The domain 'highq.com' is not directly associated with Kubota, which raises suspicion., The presence of a subdomain 'kubota' on 'highq.com' could indicate a third-party service or a phishing attempt., The email input field '50jgbu@jvhvcp.com' does not appear to be associated with Kubota, which is suspicious. DOM: 1.1.pages.csv
Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	Joe Sandbox AI: Score: 7 Reasons: The brand 'Kubota' is a known brand, primarily associated with manufacturing equipment., The URL 'kubota.highq.com' does not match the legitimate domain 'kubota.com'., The domain 'highq.com' is not directly associated with Kubota, which raises suspicion., The presence of a subdomain 'kubota' on 'highq.com' could indicate a third-party service or a phishing attempt., The email input field '50jgbu@jvhvcp.com' does not provide any additional context to verify legitimacy. DOM: 1.3.pages.csv
Source: https://kubota.highq.com/kubota/Login_input.action	Joe Sandbox AI: Score: 7 Reasons: The brand 'Kubota' is a known brand, primarily associated with manufacturing equipment., The URL 'kubota.highq.com' does not match the legitimate domain 'kubota.com'., The domain 'highq.com' is not directly associated with Kubota, which raises suspicion., The presence of a subdomain 'kubota' on 'highq.com' could indicate a third-party service or a phishing attempt., The email input field '50jdbu@jhvcp.com' appears random and not associated with Kubota, which is suspicious. DOM: 2.5.pages.csv

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: Number of links: 1
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Number of links: 1

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: Invalid link: Helpopens in a new tab

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: <input type="password" .../> found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: <input type="password" .../> found

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action

HTTP Parser: No favicon

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="author".. found

Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/LoginRequiredPage.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found
Source: https://kubota.highq.com/kubota/Login_input.action	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.119.143:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.119.143:443 -> 192.168.2.6:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.119.143:443 -> 192.168.2.6:49886 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.119.143:443 -> 192.168.2.6:49955 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.21
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.21
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.21
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.21
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.21
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.21
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.21
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.84
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.84
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.84
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.21
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.21
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.21
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.21
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.118.190
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.118.190
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.118.190
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.84
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.84
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.84
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.84
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.118.190
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.118.190
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.118.190
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.118.190
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.118.190
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.118.190
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.118.190
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143
Source: unknown	TCP traffic detected without corresponding DNS query: 20.198.119.143

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: kubota.highq.com
Source: global traffic	DNS traffic detected: DNS query: s.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: c.go-mpulse.net

Source: chromecache_152.3.dr, chromecache_130.3.dr	String found in binary or memory: http://bugs.jquery.com/ticket/11820
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html
Source: chromecache_151.3.dr	String found in binary or memory: http://github.com/ioncreature)
Source: chromecache_141.3.dr, chromecache_116.3.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/add-inverted-param/
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/define-locale/
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/dst-shifted/
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/js-date/
Source: chromecache_157.3.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/min-max/
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/zone/
Source: chromecache_151.3.dr	String found in binary or memory: http://silviomoreto.github.io/bootstrap-select)
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: http://stackoverflow.com/questions/3561493/is-there-a-regexp-escape-function-in-javascript
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_138.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_164.3.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_151.3.dr	String found in binary or memory: https://github.com/Eonasdan/bootstrap-datetimepicker/
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: https://github.com/dordille/moment-isoduration/blob/master/moment.isoduration.js
Source: chromecache_164.3.dr	String found in binary or memory: https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css
Source: chromecache_152.3.dr, chromecache_130.3.dr	String found in binary or memory: https://github.com/jquery/jquery/blob/3.7.1/src/css.js#L216-L246
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: https://github.com/moment/moment/issues/1423
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: https://github.com/moment/moment/issues/2166
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: https://github.com/moment/moment/issues/2978
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: https://github.com/moment/moment/pull/1871
Source: chromecache_151.3.dr	String found in binary or memory: https://github.com/silviomoreto/bootstrap-select/blob/master/LICENSE)
Source: chromecache_151.3.dr	String found in binary or memory: https://github.com/sliptree/bootstrap-tokenfield
Source: chromecache_164.3.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: https://nodejs.org/dist/latest/docs/api/util.html#util_custom_inspect_function_on_objects
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: https://stackoverflow.com/q/181348
Source: chromecache_145.3.dr, chromecache_157.3.dr	String found in binary or memory: https://tools.ietf.org/html/rfc2822#section-3.3
Source: chromecache_109.3.dr	String found in binary or memory: https://tr-legal.visualstudio.com/HighQ%20Tech/_workitems/edit/263615/?view=edit

Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443

Source: unknown	HTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.119.143:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.119.143:443 -> 192.168.2.6:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.119.143:443 -> 192.168.2.6:49886 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.198.119.143:443 -> 192.168.2.6:49955 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@16/106@16/4

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2492 --field-trial-handle=2436,i,558788676995719332,6940841824246096721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kubota.highq.com/kubota/externalAccess.action?linkParam=248Md4JKaxiIU4vwlQaNq5FLgPVNq03doY6pcXaLJD4%3D&documentDownload=link"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2492 --field-trial-handle=2436,i,558788676995719332,6940841824246096721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	2 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
www.google.com	142.250.181.132	true	false	high
s.go-mpulse.net	unknown	unknown	false	high
kubota.highq.com	unknown	unknown	false	high
c.go-mpulse.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://kubota.highq.com/kubota/Login_input.action	true		unknown
https://kubota.highq.com/kubota/LoginRequiredPage.action	true		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Reputation
http://momentjs.com/guides/#/warnings/zone/	chromecache_145.3.dr, chromecache_157.3.dr	false	high
http://bugs.jquery.com/ticket/11820	chromecache_152.3.dr, chromecache_130.3.dr	false	unknown
https://github.com/moment/moment/issues/1423	chromecache_145.3.dr, chromecache_157.3.dr	false	high
http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html	chromecache_145.3.dr, chromecache_157.3.dr	false	high
https://github.com/sliptree/bootstrap-tokenfield	chromecache_151.3.dr	false	high
https://github.com/jquery/jquery/blob/3.7.1/src/css.js#L216-L246	chromecache_152.3.dr, chromecache_130.3.dr	false	high
http://jqueryui.com	chromecache_141.3.dr, chromecache_116.3.dr	false	high
https://github.com/silviomoreto/bootstrap-select/blob/master/LICENSE)	chromecache_151.3.dr	false	high
http://momentjs.com/guides/#/warnings/add-inverted-param/	chromecache_145.3.dr, chromecache_157.3.dr	false	high
https://getbootstrap.com/)	chromecache_164.3.dr	false	high
https://github.com/moment/moment/issues/2978	chromecache_145.3.dr, chromecache_157.3.dr	false	high
http://momentjs.com/guides/#/warnings/dst-shifted/	chromecache_145.3.dr, chromecache_157.3.dr	false	high
https://tools.ietf.org/html/rfc2822#section-3.3	chromecache_145.3.dr, chromecache_157.3.dr	false	high
https://tr-legal.visualstudio.com/HighQ%20Tech/_workitems/edit/263615/?view=edit	chromecache_109.3.dr	false	unknown
https://stackoverflow.com/q/181348	chromecache_145.3.dr, chromecache_157.3.dr	false	high
https://github.com/moment/moment/pull/1871	chromecache_145.3.dr, chromecache_157.3.dr	false	high
https://github.com/moment/moment/issues/2166	chromecache_145.3.dr, chromecache_157.3.dr	false	high
http://momentjs.com/guides/#/warnings/js-date/	chromecache_145.3.dr, chromecache_157.3.dr	false	high
http://momentjs.com/guides/#/warnings/define-locale/	chromecache_145.3.dr, chromecache_157.3.dr	false	high
https://github.com/dordille/moment-isoduration/blob/master/moment.isoduration.js	chromecache_145.3.dr, chromecache_157.3.dr	false	high
https://github.com/twbs/bootstrap/blob/master/LICENSE)	chromecache_164.3.dr	false	high
https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css	chromecache_164.3.dr	false	high
https://github.com/Eonasdan/bootstrap-datetimepicker/	chromecache_151.3.dr	false	high
http://silviomoreto.github.io/bootstrap-select)	chromecache_151.3.dr	false	unknown
http://github.com/ioncreature)	chromecache_151.3.dr	false	high
https://nodejs.org/dist/latest/docs/api/util.html#util_custom_inspect_function_on_objects	chromecache_145.3.dr, chromecache_157.3.dr	false	high
http://momentjs.com/guides/#/warnings/min-max/	chromecache_157.3.dr	false	high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
142.250.181.132	www.google.com	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false

Private

IP
192.168.2.6
192.168.2.23

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1578543
Start date and time:	2024-12-19 21:40:48 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 18s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://kubota.highq.com/kubota/externalAccess.action?linkParam=248Md4JKaxiIU4vwlQaNq5FLgPVNq03doY6pcXaLJD4%3D&documentDownload=link
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.phis.win@16/106@16/4

Warnings

Exclude process from analysis (whitelisted): WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.21.35, 172.217.17.78, 64.233.162.84, 142.250.181.142, 2.16.1.155, 2.16.1.234, 23.193.114.26, 172.217.17.42, 192.229.221.95, 142.250.181.67, 172.217.17.46, 23.195.38.175, 172.217.19.10, 172.217.21.42, 142.250.181.42, 142.250.181.74, 142.250.181.106, 142.250.181.138, 172.217.17.74, 172.217.19.202, 216.58.208.234, 172.217.19.234, 172.217.19.170, 23.204.128.170, 172.217.17.35, 13.107.246.63, 23.218.208.109, 52.149.20.212
Excluded domains from analysis (whitelisted): ip46.go-mpulse.net.edgekey.net, client.wns.windows.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, slscr.update.microsoft.com, fonts.gstatic.com, hqacc16.highq.com.edgekey.net, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, e4518.dscapi7.akamaiedge.net, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, e104654.a.akamaiedge.net, wildcard46.go-mpulse.net.edgekey.net, update.googleapis.com, clients.l.google.com, e4518.dscx.akamaiedge.net
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://kubota.highq.com/kubota/externalAccess.action?linkParam=248Md4JKaxiIU4vwlQaNq5FLgPVNq03doY6pcXaLJD4%3D&documentDownload=link

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: https://kubota.highq.com Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": true }
URL: https://kubota.highq.com
URL: https://kubota.highq.com/kubota/LoginRequiredPage.... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "The script demonstrates moderate-risk behavior by aggressively manipulating the DOM through repeated clearing of the document body's innerHTML. This could potentially be used to disrupt the user experience or hide malicious content. Additionally, the use of a setInterval function to continuously execute the DOM manipulation function is concerning. While the intent is not entirely clear, the aggressive nature of the script warrants further investigation." }
try { top.document.domain } catch ( e ) { var f = function() { document.body.innerHTML = ''; } setInterval(f, 1); if (document.body) document.body.onload = f; }
URL: https://kubota.highq.com/kubota/LoginRequiredPage.... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided code appears to be a legitimate fix for a known issue with the viewport width on Windows Phone 8 and Internet Explorer 10 devices. It does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or suspicious redirects. The code is simply modifying the viewport settings to ensure proper rendering on the affected devices, which is a common practice. Overall, this script is considered low-risk." }
// Windows Phone 8 & Internet Explorer 10 in Windows 8 device width from viewport width issue fix by bootstrap if(navigator.userAgent.match(/IEMobile\/10\.0/)) { var msViewportStyle = document.createElement('style') msViewportStyle.appendChild( document.createTextNode( '@-ms-viewport{width:auto!important}' ) ) document.querySelector('head').appendChild(msViewportStyle) }
URL: https://kubota.highq.com/kubota/Login_input.action... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a boomerang script, which is a common analytics and performance monitoring tool used by many reputable websites. While it uses some legacy APIs like XDomainRequest, the overall behavior is consistent with typical analytics functionality and does not exhibit any high-risk indicators. The script is likely legitimate, but could be improved by using more modern APIs." }
!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config\|\|{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams\|\|{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n\|\|"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e\|\|d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement\|\|a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp\|\|(new Date).getTime()}if(!window.BOOMR\|\|!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR\|\|{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW";var i=document.currentScript\|\|document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR\|\|{},BOOMR.plugins=BOOMR.plugins\|\|{},!BOOMR.plugins.AK){var n="true"=="true"?1:0,t="cookiepresent",a="baxhxpiccaazwz3eqvaa-f-be324c675-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"1566588","ak.ai":parseInt("918031",10),"ak.ol":"0","ak.cr":87,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"69d296a","ak.r":47647,"ak.a2":n,"ak.m":"a","ak.n":"essl","ak.bpcip":"8.46.123.0","ak.cport":55412,"ak.gh":"2.16.1.230","ak.quicv":"","ak.tlsv":"tls1.3","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1734640960","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==jBJ/iIoTTZt+I3VFl7jJS6NyXjUrTcNxLF+iohzAVR13WUbQb6h9XuQJuCOhtPnBjmDoCF1p+TeAccliDT+laGYR0QMQ64Q5VcHKcZqfaLOYocgT6xOdr+m2frR1qiAgDuJE/FVWATC1fWzzJ1Z6S3HGLW34RU86EztBqeBWtTRdwXf/ClLe/r5o8Th+Ca16J7KLxRwlhrHv1Dcr2azwr1hPRTmOqNIGXsVTg/cTLcCRYUvEsjh4sVZrmODf2E4RMcYYiA4RQRhcStrxhMEX11G0l7mrv/9sycMazkAYyFHeL6j/hvqQBKD9c5060bzXrg1BpAD/GSUNTW7X68EipAvLbdm4/O45YwIkrpRQSGVXOLtjtptiaHSXusbvzYjLaUchIW9l9kw3MI2patpaC0D68jhJiYDsTyEU429wlps=","ak.pv":"75","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]\|\|"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc"
URL: https://kubota.highq.com/kubota/js/v4/bootstrap.js... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a part of the Bootstrap library, which is a popular and widely-used front-end framework. The code is responsible for handling various UI components and interactions, such as alert boxes and button states. While the code uses some legacy APIs like `XDomainRequest`, it does not exhibit any high-risk behaviors like dynamic code execution, data exfiltration, or suspicious redirects. The code is primarily focused on enhancing the user experience and functionality of web applications, which is a legitimate use case. Therefore, the overall risk score is low." }
if("undefined"===typeof jQuery)throw Error("Bootstrap's JavaScript requires jQuery");+function(a){a=a.fn.jquery.split(" ")[0].split(".");if(2>a[0]&&9>a[1]\|\|1==a[0]&&9==a[1]&&1>a[2]\|\|3<a[0])throw Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher, but lower than version 4");}(jQuery); +function(a){function g(){var a=document.createElement("bootstrap"),h={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"},d;for(d in h)if(void 0!==a.style[d])return{end:h[d]};return!1}a.fn.emulateTransitionEnd=function(f){var h=!1,d=this;a(this).one("bsTransitionEnd",function(){h=!0});setTimeout(function(){h\|\|a(d).trigger(a.support.transition.end)},f);return this};a(function(){a.support.transition=g();a.support.transition&& (a.event.special.bsTransitionEnd={bindType:a.support.transition.end,delegateType:a.support.transition.end,handle:function(f){if(a(f.target).is(this))return f.handleObj.handler.apply(this,arguments)}})})}(jQuery); +function(a){var g=function(f){a(f).on("click",'[data-dismiss\x3d"alert"]',this.close)};g.VERSION="3.4.1";g.TRANSITION_DURATION=150;g.prototype.close=function(f){function d(){c.detach().trigger("closed.bs.alert").remove()}var b=a(this),e=b.attr("data-target");e\|\|(e=(e=b.attr("href"))&&e.replace(/.(?=#[^\s]$)/,""));var e="#"===e?[]:e,c=a(document).find(e);f&&f.preventDefault();c.length\|\|(c=b.closest(".alert"));c.trigger(f=a.Event("close.bs.alert"));f.isDefaultPrevented()\|\|(c.removeClass("in"),a.support.transition&& c.hasClass("fade")?c.one("bsTransitionEnd",d).emulateTransitionEnd(g.TRANSITION_DURATION):d())};var f=a.fn.alert;a.fn.alert=function(f){return this.each(function(){var d=a(this),b=d.data("bs.alert");b\|\|d.data("bs.alert",b=new g(this));"string"==typeof f&&b[f].call(d)})};a.fn.alert.Constructor=g;a.fn.alert.noConflict=function(){a.fn.alert=f;return this};a(document).on("click.bs.alert.data-api",'[data-dismiss\x3d"alert"]',g.prototype.close)}(jQuery); +function(a){function g(d){return this.each(function(){var b=a(this),e=b.data("bs.button"),c="object"==typeof d&&d;e\|\|b.data("bs.button",e=new f(this,c));"toggle"==d?e.toggle():d&&e.setState(d)})}var f=function(d,b){this.$element=a(d);this.options=a.extend({},f.DEFAULTS,b);this.isLoading=!1};f.VERSION="3.4.1";f.DEFAULTS={loadingText:"loading..."};f.prototype.setState=function(d){var b=this.$element,e=b.is("input")?"val":"html",c=b.data();d+="Text";null==c.resetText&&b.data("resetText",b[e]());setTimeout(a.proxy(function(){b[e](null== c[d]?this.options[d]:c[d]);"loadingText"==d?(this.isLoading=!0,b.addClass("disabled").attr("disabled","disabled").prop("disabled",!0)):this.isLoading&&(this.isLoading=!1,b.removeClass("disabled").removeAttr("disabled").prop("disabled",!1))},this),0)};f.prototype.toggle=function(){var a=!0,b=this.$element.closest('[data-toggle\x3d"buttons"]');if(b.length){var e=this.$element.find("input");"radio"==e.prop("type")?(e.prop("checked")&&(a=!1),b.find(".active").removeClass("active"),this.$element.addClass("active")): "checkbox"==e.prop("type")&&(e.prop("checked")!==this.$element.hasClass("active")&&(a=!1),this.$element.toggleClass("active"));e.prop("checked",this.$element.hasClass("active"));a&&e.trigger("change")}else this.$element.attr("aria-pressed",!this.$element.hasClass("active")),this.$element.toggleClass("active")};var h=a.fn.button;a.fn.button=g;a.fn.button.Constructor=f;a.fn.button.noConflict=function(){a.fn.button=h;return this};a(document).on("click.bs.button.data-api",'[data-toggle^\x3d"button"]', function(d){var b=a(d.target).closest(".btn");g.call(b,"toggle");a(d.target).is('input[type\x3d"radio"], input[type\x3d"checkbox"]')\|\|(d.preventDefault(),b.is("input,button")?b.trigger("focus"):b.find("input:visible,button:visible").first().trigger("focus"))}).on("focus.bs.button.data-api blur.bs.button.data-api",'[data-toggle^\x3d"button"]',function(d){a(d.target).closest(".btn").toggleClass("focus",/^focus(in)?$/.test(d.type))})
URL: https://kubota.highq.com/kubota/Login_input.action... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a boomerang script, which is a common analytics and performance monitoring tool used by many reputable websites. While it uses some legacy APIs like XDomainRequest, the overall behavior is consistent with typical analytics functionality and does not exhibit any high-risk indicators. The script is likely legitimate, with some minor outdated practices that pose a low risk." }
!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config\|\|{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams\|\|{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n\|\|"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e\|\|d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement\|\|a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp\|\|(new Date).getTime()}if(!window.BOOMR\|\|!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR\|\|{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW";var i=document.currentScript\|\|document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR\|\|{},BOOMR.plugins=BOOMR.plugins\|\|{},!BOOMR.plugins.AK){var n="true"=="true"?1:0,t="cookiepresent",a="baxhxpiccaazwz3eqvka-f-d01ed964b-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"1566588","ak.ai":parseInt("918031",10),"ak.ol":"0","ak.cr":85,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"24d9cd3","ak.r":47647,"ak.a2":n,"ak.m":"a","ak.n":"essl","ak.bpcip":"8.46.123.0","ak.cport":55939,"ak.gh":"2.16.1.151","ak.quicv":"","ak.tlsv":"tls1.3","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1734640980","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==3OC3kkCdgnvQRUFdu8QdrjJ7UAZUj2UIw/Ezhc62RWz2WZLTh5d8WFDrjAnswnfU0BgSOnOOYZszj2QrOpzYGoJJILCUoe7W1I5EYorLwADRINnYFmyjAhhQfAstpMG7VQ52Lzce/ZkC6F9mJYfQKBF3WAn3T485R+57+akw/AayT/1UiDXydr1GCLaNM9pHm4JuLzU9z7ALBdFv1CHaPVuZIQvD5Pk9hum1JfK8osEC03KC08nqhVAlKlVyOjwcAHlNZk0kJjCI3aat/yOQ6aL42ugiM9XZBznokMjzdGGkkaMlZibYOEhCa3SLZGSHw9k7XD3A/PhRtHb2CNpzPluEIvob9zma+cTAh4wwtcPrNjE+c874IAOASXcsWvTuTHgRERu7bwTsUl5Cpz2uPJRYwGCM85CWR76w3TFVTMM=","ak.pv":"75","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]\|\|"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc"
URL: https://kubota.highq.com/kubota/Login_input.action... Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "The provided JavaScript snippet appears to be a boomerang script, which is a common analytics and performance monitoring tool. While it exhibits some moderate-risk indicators, such as external data transmission and the use of legacy APIs, the overall behavior seems to be aligned with typical analytics functionality. The script interacts with known, reputable domains like 'go-mpulse.net' and 'akamaihd.net', which suggests a legitimate purpose. However, the script could potentially be improved by using more modern APIs and reducing the amount of data transmitted to external domains. Overall, the risk score is in the medium range, and further review may be warranted to ensure the script is not being used for any malicious purposes." }
!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config\|\|{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams\|\|{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n\|\|"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e\|\|d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement\|\|a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp\|\|(new Date).getTime()}if(!window.BOOMR\|\|!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR\|\|{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW";var i=document.currentScript\|\|document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR\|\|{},BOOMR.plugins=BOOMR.plugins\|\|{},!BOOMR.plugins.AK){var n="true"=="true"?1:0,t="cookiepresent",a="baxhxpiccaa6uz3eqvoa-f-999d7f48f-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"1566588","ak.ai":parseInt("918031",10),"ak.ol":"0","ak.cr":92,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"24dc27e","ak.r":47647,"ak.a2":n,"ak.m":"a","ak.n":"essl","ak.bpcip":"8.46.123.0","ak.cport":56090,"ak.gh":"2.16.1.151","ak.quicv":"","ak.tlsv":"tls1.3","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1734640988","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==VZGB6paon0ljTybSOuGt7VX+TIiqglpeUrteEU+ubHeC1lmTDSommyUdwNRcrA+BvGEFe0pVPnSJA2PVFP4eCBYrhxU00WHITodfDpUoPf2y9T1C1/O/V88SKSy6RpneSGuF8qrBjNyFEjrEOuDS/pttSPEMzMW+WgOMJNXxv+PtSi9ztb2kOpwPAbatTI6jxENw9ufwrulV5404upFaBgtZHQQzWIPusDSsj5XPI2qhmRpeKarU9F5cRsDnx+rNlMs1Cf0NZgmca1TXEUxdx84/A5QB4ReIZ0NzRgU95hiDCtrDk0LaPNNRXp0dt/HfcbFH9RW1L8iSaAvJzVguDyhNnVtd2tVNb8+5Pd/r9nlsV701a0dyBQHs5+swP9dztVX1u2q1zBXdgiT6ogY8wiWPk2Y4S4SAk1hCOiEreHA=","ak.pv":"75","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]\|\|"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc"
URL: https://kubota.highq.com/kubota/js/v4/fastclick.js... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a part of the 'FastClick' library, which is a common library used to improve touch responsiveness on mobile devices. The code does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. The behaviors observed, such as event handling and DOM manipulation, are typical for a library of this nature. While the code uses some legacy practices like `XDomainRequest`, these pose minor risks and are not inherently malicious. Overall, the script seems to be a legitimate implementation of a common mobile optimization library, and the risk score is low." }
function FastClick(a,b){function c(a,b){return function(){return a.apply(b,arguments)}}var d;b=b\|\|{};this.trackingClick=!1;this.trackingClickStart=0;this.targetElement=null;this.lastTouchIdentifier=this.touchStartY=this.touchStartX=0;this.touchBoundary=b.touchBoundary\|\|10;this.layer=a;this.tapDelay=b.tapDelay\|\|200;if(!FastClick.notNeeded(a)){for(var g="onMouse onClick onTouchStart onTouchMove onTouchEnd onTouchCancel".split(" "),f=0,h=g.length;f<h;f++)this[g[f]]=c(this[g[f]],this);deviceIsAndroid&& (a.addEventListener("mouseover",this.onMouse,!0),a.addEventListener("mousedown",this.onMouse,!0),a.addEventListener("mouseup",this.onMouse,!0));a.addEventListener("click",this.onClick,!0);a.addEventListener("touchstart",this.onTouchStart,!1);a.addEventListener("touchmove",this.onTouchMove,!1);a.addEventListener("touchend",this.onTouchEnd,!1);a.addEventListener("touchcancel",this.onTouchCancel,!1);Event.prototype.stopImmediatePropagation\|\|(a.removeEventListener=function(b,c,d){var e=Node.prototype.removeEventListener; "click"===b?e.call(a,b,c.hijacked\|\|c,d):e.call(a,b,c,d)},a.addEventListener=function(b,c,d){var e=Node.prototype.addEventListener;"click"===b?e.call(a,b,c.hijacked\|\|(c.hijacked=function(a){a.propagationStopped\|\|c(a)}),d):e.call(a,b,c,d)});"function"===typeof a.onclick&&(d=a.onclick,a.addEventListener("click",function(a){d(a)},!1),a.onclick=null)}} var deviceIsAndroid=0<navigator.userAgent.indexOf("Android"),deviceIsIOS=/iP(ad\|hone\|od)/.test(navigator.userAgent),deviceIsIOS4=deviceIsIOS&&/OS 4_\d(_\d)?/.test(navigator.userAgent),deviceIsIOSWithBadTarget=deviceIsIOS&&/OS ([6-9]\|\d{2})_\d/.test(navigator.userAgent),deviceIsBlackBerry10=0<navigator.userAgent.indexOf("BB10"); FastClick.prototype.needsClick=function(a){switch(a.nodeName.toLowerCase()){case "button":case "select":case "textarea":if(a.disabled)return!0;break;case "input":if(deviceIsIOS&&"file"===a.type\|\|a.disabled)return!0;break;case "label":case "video":case "path":return!0}return/\bneedsclick\b/.test(a.className)}; FastClick.prototype.needsFocus=function(a){switch(a.nodeName.toLowerCase()){case "textarea":return!0;case "select":return!deviceIsAndroid;case "input":switch(a.type){case "button":case "checkbox":case "file":case "image":case "radio":case "submit":return!1}return!a.disabled&&!a.readOnly;default:return/\bneedsfocus\b/.test(a.className)}}; FastClick.prototype.sendClick=function(a,b){var c,d;document.activeElement&&document.activeElement!==a&&document.activeElement.blur();d=b.changedTouches[0];c=document.createEvent("MouseEvents");c.initMouseEvent(this.determineEventType(a),!0,!0,window,1,d.screenX,d.screenY,d.clientX,d.clientY,!1,!1,!1,!1,0,null);c.forwardedTouchEvent=!0;a.dispatchEvent(c)};FastClick.prototype.determineEventType=function(a){return deviceIsAndroid&&"select"===a.tagName.toLowerCase()?"mousedown":"click"}; FastClick.prototype.focus=function(a){var b;deviceIsIOS&&a.setSelectionRange&&0!==a.type.indexOf("date")&&"time"!==a.type?(b=a.value.length,a.setSelectionRange(b,b)):a.focus()};FastClick.prototype.updateScrollParent=function(a){var b,c;b=a.fastClickScrollParent;if(!b\|\|!b.contains(a)){c=a;do{if(c.scrollHeight>c.offsetHeight){b=c;a.fastClickScrollParent=c;break}c=c.parentElement}while(c)}b&&(b.fastClickLastScrollTop=b.scrollTop)}; FastClick.prototype.getTargetElementFromEventTarget=function(a){return a.nodeType===Node.TEXT_NODE?a.parentNode:a}; FastClick.prototype.onTouchStart=function(a){var b,c,d;if(1<a.targetTouches.length)return!0;b=this.getTargetElementFromEventTarget(a.target);c=a.targetTouches[0];if(deviceIsIOS){d=window.getSelection();if(d.rangeCount&&!d.isCollapsed)return!0;if(!deviceIsIOS4){if(c.identifier===this.lastTouchIdentifier)return a.preventDefault(),!1;this.lastTouchIdentifier=c.identifier;this.updateScrollParent(b)}}this.trackingClick=!0;this.trackingClickStart=a.timeStamp;this.targetElement=b;this.touchStartX=c.pageX; this.touchStartY=c.pageY;a.timeStamp-this.lastClickTime<this.tapDelay&&a.preventDefault();return!0};Fas
URL: https://kubota.highq.com/kubota/Login_input.action... Model: Joe Sandbox AI	```json { "risk_score": 2, "reasoning": "The script is loading an external script from a known domain (go-mpulse.net) which is associated with performance monitoring (Boomerang). It uses dynamic script loading but does not exhibit high-risk behaviors like data exfiltration or obfuscation. The domain is reputable, suggesting a legitimate use case, likely for analytics or performance monitoring." }
!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config\|\|{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams\|\|{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n\|\|"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e\|\|d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement\|\|a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp\|\|(new Date).getTime()}if(!window.BOOMR\|\|!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR\|\|{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW";var i=document.currentScript\|\|document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR\|\|{},BOOMR.plugins=BOOMR.plugins\|\|{},!BOOMR.plugins.AK){var n="true"=="true"?1:0,t="cookiepresent",a="baxhxpiccaazwz3eqvfq-f-c5e879908-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"1566588","ak.ai":parseInt("918031",10),"ak.ol":"0","ak.cr":86,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"69d5175","ak.r":47647,"ak.a2":n,"ak.m":"a","ak.n":"essl","ak.bpcip":"8.46.123.0","ak.cport":55724,"ak.gh":"2.16.1.230","ak.quicv":"","ak.tlsv":"tls1.3","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1734640971","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==g/XYZ9byIda6N4drIsxMKgrE4fKB9B8WydWR2a6HYT6gEiv7qfm0WpAMt+FmpXG5KqNdJT8rGRKMCIxk49+mEB29pGveAWOrdDN/k7dl5ghhNrXuHkeypjx1eTaEY+z76jyxaxr3hJASBtMgvUocVwA3qpA9HBdIuiXIbcBptGfxMFT2L2/eje1mfsrjqEU5NA05940I1XQYN2erODFOd42/gFG2Xwyy441LaEn80dXigVbMefKfJR1P7ga2YnPRHouVCqfbHNTrd++6MmbnXIG5GQENGHJ70pUVnrkkr1ouTWIsarZ0U5W+GGImAoJi6wEg20WA0gEIMBUEof3+bAQ3C/friPgo/l++C6dtoTABNksroqyYaGT7vniE++qHaPI5t5dJW4HJQJP2clx0K/VNyBXyTfRpegXwqUsB03Q=","ak.pv":"75","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]\|\|"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc"
URL: https://kubota.highq.com/kubota/LoginRequiredPage.... Model: Joe Sandbox AI	```json { "risk_score": 2, "reasoning": "The script primarily interacts with a known domain (go-mpulse.net) for performance monitoring, which is a legitimate use case. It does not exhibit high-risk behaviors like dynamic code execution or data exfiltration. The use of external data transmission is present but aligns with typical analytics functionality, warranting a low risk score." }
!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config\|\|{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams\|\|{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n\|\|"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e\|\|d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement\|\|a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp\|\|(new Date).getTime()}if(!window.BOOMR\|\|!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR\|\|{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW";var i=document.currentScript\|\|document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR\|\|{},BOOMR.plugins=BOOMR.plugins\|\|{},!BOOMR.plugins.AK){var n="true"=="true"?1:0,t="cookiepresent",a="baxhxpiccaazwz3equsa-f-57428bce2-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"1566588","ak.ai":parseInt("918031",10),"ak.ol":"0","ak.cr":84,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"24ceac5","ak.r":47647,"ak.a2":n,"ak.m":"a","ak.n":"essl","ak.bpcip":"8.46.123.0","ak.cport":54894,"ak.gh":"2.16.1.151","ak.quicv":"","ak.tlsv":"tls1.3","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1734640932","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==sWaErbZZYUfNZa91psXvvKv6ux3P/ZhfDgsBhTrAuodyGcK7FeBYfPe0GoNS+hyqBfVhdQimZzyRTKcJuSyc1bvAupNkJr0S04qJyNEovHIHuP7o1s5dc1lRVt3RQAeXnHWEIBbzpmgG7T6WIATagqSDbxwNW8MPpgrl5brSx/4ScMQVTDCDLX51896WokE3u7d0YhsuBaMbzcNZ62ONmLbVCCgqCATJvXAjr2spptnaGh+GvZqo0vwG4pSXUZuHPh+tbBd5wJpQ2Zw5cjRwPgDqgNt5kW+Ze++TsUEDyzjkTY61Gis/wpjpmcRCBiaABdKSCz6rlL1C7X4nu06bGvi0lPioNfkCvjkhJkxkzQmFYb4Cx26QqM24UQrt9I7kcb4u/zC3ELgZf5E/citLIwrPk2NXSH52RhdwKACb6Ac=","ak.pv":"75","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]\|\|"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc"
URL: https://kubota.highq.com/kubota/js/v4/jquery.js?bt... Model: Joe Sandbox AI	```json { "risk_score": 1, "reasoning": "The provided JavaScript snippet is a part of the jQuery library, which is a widely used and reputable open-source library. The code does not exhibit any high-risk or moderate-risk behaviors such as dynamic code execution, data exfiltration, or redirects to suspicious domains. It primarily consists of utility functions and object manipulations typical of a library. There are no interactions with external domains or aggressive DOM manipulations. Therefore, it is considered low risk." }
/! jQuery \| (c) OpenJS Foundation and other contributors \| jquery.org/license / !function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function x(e){return null==e?e+"":"object"==typeof e\|\|"function"==typeof e?n[i.call(e)]\|\|"object":typeof e}var t="3.7.1",l=/HTML$/i,ce=function(e,t){return new ce.fn.init(e,t)};function c(e){var t=!!e&&"length"in e&&e.length,n=x(e);return!v(e)&&!y(e)&&("array"===n\|\|0===t\|\|"number"==typeof t&&0<t&&t-1 in e)}function fe(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()}ce.fn=ce.prototype={jquery:t,constructor:ce,length:0,toArray:function(){return ae.call(this)},get:function(e){return null==e?ae.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=ce.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return ce.each(this,e)},map:function(n){return this.pushStack(ce.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(ae.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(ce.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(ce.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject\|\|this.constructor()},push:s,sort:oe.sort,splice:oe.splice},ce.extend=ce.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]\|\|{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]\|\|{},s++),"object"==typeof a\|\|v(a)\|\|(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(ce.isPlainObject(r)\|\|(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i\|\|ce.isPlainObject(n)?n:{},i=!1,a[t]=ce.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},ce.extend({expando:"jQuery"+(t+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e\|\|"[object Object]"!==i.call(e))&&(!(t=r(e))\|\|"function"==typeof(n=ue.call(t,"constructor")&&t.constructor)&&o.call(n)===a)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){m(e,{nonce:t&&t.nonce},n)},each:function(e,t){var n,r=0;if(c(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},text:function(e){var t,n="",r=0,i=e.nodeType;if(!i)while(t=e[r++])n+=ce.text(t);return 1===i\|\|11===i?e.textContent:9===i?e.documentElement.textContent:3===i\|\|4===i?e.nodeValue:n},makeArray:function(e,t){var n=t\|\|[];return null!=e&&(c(Object(e))?ce.merge(n,"string"==typeof e?[e]:e):s.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:se.call(t,e,n)},isXMLDoc:function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument\|\|e).documentElement;return!l.test(t\|\|n&&n.nodeName\|\|"HTML")},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){var r,i,o
URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "If you need technical support, please email ktc_g.vendormanagement@kubota.com", "prominent_button_name": "Sign in", "text_input_field_labels": [ "Email", "Password" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	{ "brands": [ "Thomson Reuters" ] }
	{ "brands": [ "Thomson Reuters" ] }
URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Welcome to Collaborate", "prominent_button_name": "Sign in", "text_input_field_labels": [ "50jgbu@jvhvcp.com", "**************" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	{ "brands": [ "Kubota" ] }
	{ "brands": [ "Kubota" ] }
URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	```json{ "legit_domain": "kubota.com", "classification": "known", "reasons": [ "The brand 'Kubota' is a known brand, primarily associated with manufacturing equipment.", "The URL 'kubota.highq.com' does not match the legitimate domain 'kubota.com'.", "The domain 'highq.com' is not directly associated with Kubota, which raises suspicion.", "The presence of a subdomain 'kubota' on 'highq.com' could indicate a third-party service or a phishing attempt.", "The email input field '50jgbu@jvhvcp.com' does not appear to be associated with Kubota, which is suspicious." ], "riskscore": 7} Google indexed: False
URL: kubota.highq.com Brands: Kubota Input Fields: 50jgbu@jvhvcp.com, **************
URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Welcome to Collaborate", "prominent_button_name": "Sign in", "text_input_field_labels": [ "50jgbu@jvhvcp.com" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	{ "brands": [ "Kubota" ] }
	{ "brands": [ "Kubota" ] }
URL: https://kubota.highq.com/kubota/Login_input.action Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Sign in", "text_input_field_labels": [ "Email address or password." ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://kubota.highq.com/kubota/LoginRequiredPage.action Model: Joe Sandbox AI	```json{ "legit_domain": "kubota.com", "classification": "known", "reasons": [ "The brand 'Kubota' is a known brand, primarily associated with manufacturing equipment.", "The URL 'kubota.highq.com' does not match the legitimate domain 'kubota.com'.", "The domain 'highq.com' is not directly associated with Kubota, which raises suspicion.", "The presence of a subdomain 'kubota' on 'highq.com' could indicate a third-party service or a phishing attempt.", "The email input field '50jgbu@jvhvcp.com' does not provide any additional context to verify legitimacy." ], "riskscore": 7} Google indexed: False
URL: kubota.highq.com Brands: Kubota Input Fields: 50jgbu@jvhvcp.com
URL: https://kubota.highq.com/kubota/Login_input.action Model: Joe Sandbox AI	{ "brands": [ "Kubota" ] }
	{ "brands": [ "Kubota" ] }
URL: https://kubota.highq.com/kubota/Login_input.action Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Sign in", "text_input_field_labels": [ "50jdbu@jhvcp.com", "password" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://kubota.highq.com/kubota/Login_input.action Model: Joe Sandbox AI	{ "brands": [ "Kubota" ] }
	{ "brands": [ "Kubota" ] }
URL: https://kubota.highq.com/kubota/Login_input.action Model: Joe Sandbox AI	```json{ "legit_domain": "kubota.com", "classification": "known", "reasons": [ "The brand 'Kubota' is a known brand, primarily associated with manufacturing equipment.", "The URL 'kubota.highq.com' does not match the legitimate domain 'kubota.com'.", "The domain 'highq.com' is not directly associated with Kubota, which raises suspicion.", "The presence of a subdomain 'kubota' on 'highq.com' could indicate a third-party service or a phishing attempt.", "The email input field '50jdbu@jhvcp.com' appears random and not associated with Kubota, which is suspicious." ], "riskscore": 7} Google indexed: False
URL: kubota.highq.com Brands: Kubota Input Fields: 50jdbu@jhvcp.com, password

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (5844), with CRLF line terminators
Category:	downloaded
Size (bytes):	46956
Entropy (8bit):	5.373324507128294
Encrypted:	false
SSDEEP:	384:oBN3kQxNYkRZG8o06UF4boVR1UiJENay8pSmZ/5VuWD:oBN32y/14QR1UiJENay8pSmZ/50O
MD5:	CAD73836C17F94293A85B2DB67E46DC0
SHA1:	B7D4633F1C4418CE60F7CBFC31F3F533BF0B4CA5
SHA-256:	1B3ABE92B8F227F459C3171885272C240D21F388673C13A85A5FD50A8A37541F
SHA-512:	EBDBBB3F07DFDEC81F19D50010A80108009F9EB399F9A36A085782DDCB8CB25230B31C2D0789BB211EDCEEE0D281CF85D3AE7ED1CDC63D4BFD44BCC4A5C0E74E
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/videojs/video-js.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	@charset "UTF-8";...vjs-modal-dialog .vjs-modal-dialog-content, .video-js .vjs-modal-dialog, .vjs-button > .vjs-icon-placeholder:before, .video-js .vjs-big-play-button .vjs-icon-placeholder:before {.. position: absolute;.. top: 0;.. left: 0;.. width: 100%;.. height: 100%;..}.....vjs-button > .vjs-icon-placeholder:before, .video-js .vjs-big-play-button .vjs-icon-placeholder:before {.. text-align: center;..}....@font-face {.. font-family: VideoJS;.. src: url(data:application/font-woff;charset=utf-8;base64,d09GRgABAAAAABDkAAsAAAAAG6gAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABHU1VCAAABCAAAADsAAABUIIslek9TLzIAAAFEAAAAPgAAAFZRiV3hY21hcAAAAYQAAADaAAADPv749/pnbHlmAAACYAAAC3AAABHQZg6OcWhlYWQAAA3QAAAAKwAAADYZw251aGhlYQAADfwAAAAdAAAAJA+RCLFobXR4AAAOHAAAABMAAACM744AAGxvY2EAAA4wAAAASAAAAEhF6kqubWF4cAAADngAAAAfAAAAIAE0AIFuYW1lAAAOmAAAASUAAAIK1cf1oHBvc3QAAA/AAAABJAAAAdPExYuNeJxjYGRgYOBiMGCwY2BycfMJYeDLSSzJY5BiYGGAAJA8MpsxJzM9kYEDxgPKsYBpDiBmg4gCACY7BUgAeJxjYGS7wTiBgZWBgaWQ5RkDA8MvCM0cwxDOeI6BgYmBlZkBKwh

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (409), with CRLF line terminators
Category:	downloaded
Size (bytes):	150481
Entropy (8bit):	5.287645425611689
Encrypted:	false
SSDEEP:	3072:+sISSx9YLMONqq1QjbbyhuJal0YphEVHHs0FfNw/C5mJeKkx:+sISSx9YLMONqq1QjbbyhuJal7phEVH5
MD5:	6A81A54E448690F8B87BB0E063DBCD82
SHA1:	EDE5574FBAD6EE4D069704E4E4D23CC6E2AE1706
SHA-256:	32D36D6567E1675C40AE6B4CD82F1C9144A240FE0237886576AF427D931ABC69
SHA-512:	D192D3C9FF9D031C81E50E12FA26AAA38F9D22EFC214036F235054E58BDBEF47541BCE3EAD04EF386C3C6D69D9D83B90B7ACEA991F91B9B4EA37CBC8A2ED9BCD
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/v4/modules.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/******************************************************************************.. Copyright (c) 2018 or the year of first publication, if earlier, HighQ Solutions Limited or its licensors.. ******************************************************************************/.. /Dashboard Title/...dashTitle {margin-bottom:15px; padding-bottom:5px; font-size:20px; min-height:30px; /border-bottom: 1px solid #e84e0e;/}...dashTitle .icon {font-size:18px;}..../Dashboard Left Panel*/...siteList li{padding:9px 30px 9px 0; display: flex; align-content: space-between; justify-content: space-between; }...siteList li.noResultFound{display: block;}...siteList a.icon{margin-right:-30px; float:right;}...siteCategoryFilter ul.dropdown-menu{max-width:230px;}...dashLeft .moremenu{position: relative;}...dashLeft .moremenu li.dropdown{position: relative;}...dashLeft .moremenu > li.dropdown > .dropdown-menu{ width: 100%; min-width:250px;}...dashLeft .moremenu.nav-pills > li > a{max-width: 150px;}...Trun

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (510)
Category:	downloaded
Size (bytes):	941
Entropy (8bit):	5.5934011440403175
Encrypted:	false
SSDEEP:	24:qo/eK+C6uSWJju6peHSbxbkoq8wN/CPjXDTQAlG9A3ah/:l21CTTJ6LHSFbkoTwN/CPfc8g5h/
MD5:	2329E835B2F4F627A0068B1250FBB128
SHA1:	6C4CCCF50A283270095BC23310B6D1847FA2FE33
SHA-256:	ED3373C8A788A772F2A50D2BD5AA97F3DD1E3289F4454BE3837459030DCC13F8
SHA-512:	B7A36049BE902473FA85D60F855B69E4B5A6BB61B66ED809FB74C95E0C4EB8CD0DAD1B5C4507E46B56AD1B0DEC6C08814D91337001C3736C495E6429FECA47EB
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/base64.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	var Base64={code:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\x3d",encode:function(m,l){var e,g,f,c,h=[],k="",a,d,b=Base64.code;d=("undefined"==typeof l?0:l)?Utf8.encode(m):m;a=d.length%3;if(0<a)for(;3>a++;)k+="\x3d",d+="\x00";for(a=0;a<d.length;a+=3)e=d.charCodeAt(a),g=d.charCodeAt(a+1),f=d.charCodeAt(a+2),c=e<<16\|g<<8\|f,e=c>>18&63,g=c>>12&63,f=c>>6&63,c&=63,h[a/3]=b.charAt(e)+b.charAt(g)+b.charAt(f)+b.charAt(c);h=h.join("");return h=h.slice(0,h.length-k.length)+k},decode:function(m,.l){l="undefined"==typeof l?!1:l;var e,g,f,c,h,k=[],a,d=Base64.code;a=l?Utf8.decode(m):m;for(var b=0;b<a.length;b+=4)e=d.indexOf(a.charAt(b)),g=d.indexOf(a.charAt(b+1)),c=d.indexOf(a.charAt(b+2)),h=d.indexOf(a.charAt(b+3)),f=e<<18\|g<<12\|c<<6\|h,e=f>>>16&255,g=f>>>8&255,f&=255,k[b/4]=String.fromCharCode(e,g,f),64==h&&(k[b/4]=String.fromCharCode(e,g)),64==c&&(k[b/4]=String.fromCharCode(e));c=k.join("");return l?Utf8.decode(c):c}};

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 170 x 30, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1956
Entropy (8bit):	7.864738545255335
Encrypted:	false
SSDEEP:	24:a/MCZDSvcBs9guMF2G1nyLPaS/uUsAnmFyJDqCCPFlGGIkHY1yt/+zMpCZ3lXXqk:yMC2N9gELP00AyRqZFYsHV2zYgbzj
MD5:	84C68FA0BDA6FE693B3D3BEE08EC8E9B
SHA1:	47CB793B8F62B12C7F54BEEA3AA3965447AC2208
SHA-256:	4A5E005B7FD82E80EFD68881A25B0BDDF449B402B277BA47C70A7F365355D961
SHA-512:	DBF407F697751A835E67879CCA4161F7B5142735DE3D3CC389203600A9AE5298BAF0E4EAF7BEEA2CC3EFA643D4065A27160AE93FC60B396C193D51308F486750
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/images/v3/footer_logo_tr.png
Preview:	.PNG........IHDR..............-......tEXtSoftware.Adobe ImageReadyq.e<...FIDATx..[KR.H....lG....lN.\|...`"f.u.....w...6'.8...V....MO..%.(J.`.7S.Q.\..(+..... A....$..HN........I.....#.H.@.......S.ma.K.d".RJ-....;....EPg.?..bt...R2)C)...s.%0.X.K}%u}...3.~.e..RN...P.R&bp70...n......+)z_.}..C.r.D.1..B...._.]#CJ k..U...k?...!q. .4._....qN.:.{.2.{`..h_.I3P.{.Z... .v..(........g@... ..?J.......9(......P7@p.F8..s...'4...<u..s...B.2.TD........m...\.9._u}R.Buw.....A.C......!..3.3.k...#@.;k...i..3...i....yU.R..3.z]O........}7.......3w....f?:..........iW}d..6..:..t.}.,....../..P..0A...G. .b.0.9....,.7E]...5....{.{cO...........m.'...gb.'#.i....0...w.:.FE.55=#...3...fD.\x..7......a..u.._....kH.^;.F.?=...o.....=.".....M;.&.R......P..v)ugh.j..5P.G..'.zt..u.K.......y#cL..Q.8..R...^7d@"...3o.w.=.n.g.=...A/2.mt..q(b._q..u....z;...x.x..r_.uM.=w.KsTv.).......obp.\.D.z..@.U...J0.O.M(.N...^...$.....k.6.@..m...i..M..1\)+..{....BYg.IZ...k.j.o;j.j....s.......(;q

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C source, ASCII text, with very long lines (65103)
Category:	dropped
Size (bytes):	209939
Entropy (8bit):	5.366006952026174
Encrypted:	false
SSDEEP:	3072:1P6RsHIwj0PdUgdbs8kvdYkODdlm9AZoZXs+eSc:1msHIxHMvd8dtZoZDc
MD5:	FA4C76A7FDE62B18054CF7EB8E946012
SHA1:	B20150066A879D2B78DD3D4908F4ACD148EE66F8
SHA-256:	09EBD7F407439990AAC227E70DA23E1A819E8E30282928E324370805F480BEC4
SHA-512:	D72F5D078675C7ADBF6BFC1980712542A10668AEC9163137A2EC70A5E117F8FFDD0F06A6C4C6636E35C04F2754F33D40C65C59D452AFAA8EA4A382F24F200ABD
Malicious:	false
Reputation:	low
Preview:	/. Copyright (c) 2011, Yahoo! Inc. All rights reserved.. * Copyright (c) 2011-2012, Log-Normal, Inc. All rights reserved.. * Copyright (c) 2012-2017, SOASTA, Inc. All rights reserved.. * Copyright (c) 2017, Akamai Technologies, Inc. All rights reserved.. * Copyrights licensed under the BSD License. See the accompanying LICENSE.txt file for terms.. /./ Boomerang Version: 1.720.0 b17966bb92f8ac2ddcda4ac1d9c0aaea6d2eda7b */..BOOMR_start=(new Date).getTime();function BOOMR_check_doc_domain(e){if(window){if(!e){if(window.parent===window\|\|!document.getElementById("boomr-if-as"))return;if(window.BOOMR&&BOOMR.boomerang_frame&&BOOMR.window)try{BOOMR.boomerang_frame.document.domain!==BOOMR.window.document.domain&&(BOOMR.boomerang_frame.document.domain=BOOMR.window.document.domain)}catch(t){BOOMR.isCrossOriginError(t)\|\|BOOMR.addError(t,"BOOMR_check_doc_domain.domainFix")}e=document.domain}if(e&&-1!==e.indexOf(".")&&window.parent){try{window.parent.document;return}catch(t){try{document.doma

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	downloaded
Size (bytes):	1150
Entropy (8bit):	4.988986771587395
Encrypted:	false
SSDEEP:	24:m8Ywh/kZy5ztJ/SIQsvDqfgvP8/uUXN8oHaRODY2S:tkghY6D2gveVHaU
MD5:	5EB79603256264B91B42AC3EF9601DB6
SHA1:	B4C96EA71B41B51313596280BB9933C3FC2E5485
SHA-256:	6384E8CABA454356B07B87FFA8B5FED94D302126018EA8C0CECDDD560A99DF36
SHA-512:	D98B32C7CDCFD92579EC3C3EB306AF822E7FCC008DDFA6DE415B87E0CB7DFA05547B87F314D79F6255C5FEA8540F03A46045EF6A315C119B23506C96BE079195
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/flag/flag_1003.gif?refreshCacheKey=20240515T111123267
Preview:	............ .h.......(....... ..... ..................................................................................................................................................................................................................................................................................................................................................................................~..}{..zw}.trx.gek.bag.........................................................................................................................d_b._\`.................................................................................................................................................................................................................................................LMX.........................................................................................................................................qot...........................................................

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (579)
Category:	downloaded
Size (bytes):	40183
Entropy (8bit):	5.220033123754301
Encrypted:	false
SSDEEP:	768:kWlzx+CICJkMMNEeQn8GOswHFWm810jJVTZlMHFw:yAvjgZ3
MD5:	AD882BD4C7FBA2404F6C56EC06C367A7
SHA1:	BB224BC7FABC3C89D1858E93BF9FBA0CF323A680
SHA-256:	09A7ED2F0680E162A5E4497F6E42FB8E39648EEA6D556048802C5C607D0ABD71
SHA-512:	6DFB6030C67206DE390768EB42E9A022121848539CF9C346ECD41E97A589F7CE62F2E1897D7498C9E3C3EDF1ACE617D27C9A329FAD59042B995E942F6E18E5F9
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/bootstrap.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if("undefined"===typeof jQuery)throw Error("Bootstrap's JavaScript requires jQuery");+function(a){a=a.fn.jquery.split(" ")[0].split(".");if(2>a[0]&&9>a[1]\|\|1==a[0]&&9==a[1]&&1>a[2]\|\|3<a[0])throw Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher, but lower than version 4");}(jQuery);.+function(a){function g(){var a=document.createElement("bootstrap"),h={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"},d;for(d in h)if(void 0!==a.style[d])return{end:h[d]};return!1}a.fn.emulateTransitionEnd=function(f){var h=!1,d=this;a(this).one("bsTransitionEnd",function(){h=!0});setTimeout(function(){h\|\|a(d).trigger(a.support.transition.end)},f);return this};a(function(){a.support.transition=g();a.support.transition&&.(a.event.special.bsTransitionEnd={bindType:a.support.transition.end,delegateType:a.support.transition.end,handle:function(f){if(a(f.target).is(this))return f.handleObj.handler.ap

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1768)
Category:	downloaded
Size (bytes):	124779
Entropy (8bit):	5.353584950406699
Encrypted:	false
SSDEEP:	1536:H+Fub87YDNpfU5bSzk4Tv2g/boa5ia1Xk00ff1KUrId5NBEmwFWt00ozocdAiTz3:eAf4W20y
MD5:	8E4EA7F1ED0D0B352AC69214358462D8
SHA1:	18852AE9509936A246F4EBF3523205396BFD6175
SHA-256:	20623A1A5E5B4CE39EDE99C54F7C107DD9DAB021ED0E9BC8585540BA19FDD2AD
SHA-512:	C05EF8ABD11F0FD2B72B99478A502B4E85EAC1D95FB4D897AA1A970C8D387C6CB750BDD12D263FE84CD153198025B59D4C53C3C855B4F254DE7B08AC680E73A2
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/v4/common.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/******************************************************************************. Copyright (c) 2018 or the year of first publication, if earlier, HighQ Solutions Limited or its licensors. ******************************************************************************/. body...{font-family: 'Roboto', sans-serif, Arial; font-weight:400; font-size: 14px; line-height:20px; -webkit-font-smoothing: subpixel-antialiased; -ms-overflow-style:scrollbar !important; background:#FCFCFC; color:#404040;}.body, html..{height:100%}/COL-32340/./==================.Other common css.====================/./.siteDropdown .dropdown-menu, .mainMenu li.hideshow .dropdown-menu{max-height: calc(100vh - 160px);}/../ Bootstrap Overwrite */..caret {border-top: 4px solid;}..dropdown-header {font-size:14px; color: #707070;}..dropdown-menu.dropdownMaxWidth {max-width:280px;}..dropdown-menu li a{display: block; text-decoration: none; color:#404040;}..dropdown-menu li a:hover, .dropdown-menu li a[aria-selected=

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (590)
Category:	dropped
Size (bytes):	31223
Entropy (8bit):	5.462211993052096
Encrypted:	false
SSDEEP:	768:h79FEF1lLJ8F1Nwz0D7rI+UObWGXKN4audCON5T2R2gQTzlO6a0wogpyKVdYYfra:hCTLJ8LVb6Md3a0wrycdYY+
MD5:	90D195211ADD97BC73EB0AE1804EB7F5
SHA1:	ABD9150845236C594BCF60D8E5CC16E61A233847
SHA-256:	2B7DC62496843756AE923D71B36965FC46FE060D7ED526849036ADBF3DC79C2C
SHA-512:	6E07B1EECA42AA6926BAD63B9235D45B234FCCD26C27DC332780DFB5ACF36C310189CF6AF47F4CE73B4BFE43A120586EBC82C60046DA11FACC6BB3D2CAC93C81
Malicious:	false
Reputation:	low
Preview:	var microblogImageUploadCounter=0,microblogTotalImages=0,collabCommon_userTimestampKey=collaborateCommon.userID+"_"+(new Date).getTime(),collaborateCommon_timerForNotificationFadeOut=0;if(!CollaborateCommon)var CollaborateCommon={};if(!SiteCommonCollection)var SiteCommonCollection={};CollaborateCommon.onload=function(){$j("#collaborateCustomMessageModal").on("shown.bs.modal",function(){$j("#collaborateMessageOkButton").focus()})};.CollaborateCommon.viewUserProfilePreview=function(a,b,c){var d=$j(a);$j("#msTeamStatusDivId").html("");0==$j("body div.userinfoDropdown").length&&$j('\x3cdiv class\x3d"userinfoDropdown" role\x3d"dialog" aria-labelledby\x3d"userNameFull'+b+'" tabindex\x3d"-1" /\x3e').appendTo("body");var e=$j(".userinfoDropdown");null!=e.attr("lastuser-id")&&e.attr("lastuser-id")==b\|\|e.html('\x3cdiv class\x3d"text-center" style\x3d"padding:72px 20px;"\x3e\x3cimg src\x3d"./images/gray-loaderbig.gif" alt\x3d"Loading..."/\x3e\x3c/div\x3e');.if(d.hasClass("active"))return $j("[dat

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (528)
Category:	downloaded
Size (bytes):	7788
Entropy (8bit):	5.220554596844955
Encrypted:	false
SSDEEP:	192:6Jj+A4nFj2stpaj2j/YcCAGHMGQRTPx7BfwBu5QI:6J14nFjzpajg/BCUGQFZ7BfwBu5QI
MD5:	68425596EA84540ED58F06421A7DBB46
SHA1:	A768605A25882B2B82E04520A1BB9264ADD3F1EB
SHA-256:	3649CA3797FF3449B162F115054574535878BF91B449A95FDBB9EB245D5A60BB
SHA-512:	59568019169973E4B2B0DEE7F41EF9F42F53B964186701AE71D24546C6170F01C4756798189DE16953A191984A638A3967C35FCA25B9505A723B63775C4C03A2
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/fastclick.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	function FastClick(a,b){function c(a,b){return function(){return a.apply(b,arguments)}}var d;b=b\|\|{};this.trackingClick=!1;this.trackingClickStart=0;this.targetElement=null;this.lastTouchIdentifier=this.touchStartY=this.touchStartX=0;this.touchBoundary=b.touchBoundary\|\|10;this.layer=a;this.tapDelay=b.tapDelay\|\|200;if(!FastClick.notNeeded(a)){for(var g="onMouse onClick onTouchStart onTouchMove onTouchEnd onTouchCancel".split(" "),f=0,h=g.length;f<h;f++)this[g[f]]=c(this[g[f]],this);deviceIsAndroid&&.(a.addEventListener("mouseover",this.onMouse,!0),a.addEventListener("mousedown",this.onMouse,!0),a.addEventListener("mouseup",this.onMouse,!0));a.addEventListener("click",this.onClick,!0);a.addEventListener("touchstart",this.onTouchStart,!1);a.addEventListener("touchmove",this.onTouchMove,!1);a.addEventListener("touchend",this.onTouchEnd,!1);a.addEventListener("touchcancel",this.onTouchCancel,!1);Event.prototype.stopImmediatePropagation\|\|(a.removeEventListener=function(b,c,d){var e=Node.prot

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65261), with CRLF line terminators
Category:	dropped
Size (bytes):	994410
Entropy (8bit):	4.738397453748755
Encrypted:	false
SSDEEP:	6144:XvLmWIFyZDWJwpKpvZY3DJttwZg2fqh/1HlfjizM+8J6FprVbdVWSs5lEDjLXV1Z:fK7qqVBgz6+91FldVgZ25+h+9SbxL
MD5:	48593F281783085DAC7BEA253E513AE7
SHA1:	147A22C0DA882EEA14771623624FF89B364D0822
SHA-256:	2D8EC80D9B2C2F473CF4410CD366EC0A6087B984DDC8F431720D2D96664439AB
SHA-512:	294BB917708C147A3F7CD0EB4FA96C3E4E08D98775640E00BB6B20DC963234E9708AE6AEAA7860977DEF4918B277094FC70F7287BA7B3FFA69088AAEBF5AAFD9
Malicious:	false
Reputation:	low
Preview:	/******************************************************************************.. Copyright (c) 2018 or the year of first publication, if earlier, HighQ Solutions Limited or its licensors.. *******************************************************************************/..var json = '{"officeonline.fileVersion.upload.success":"Your changes have been saved and the document will be updated shortly.","thirdparty.service.document.action.receivecopy":"Receives a Copy","task.menu.label.low":"Low","linkModal.BrowseTab.systemPage.insertLinkMsg":"Click on the system dashboard list to insert a link","site.admin.users.addToGroup.selectAllBidders.label":"Select all bidders","lfs.shareditems.content.lastsharedate.title":"Last shared","document.addNewFileVersion.sql.error":"The request is not valid","userAvatar.upload.validationMessage.ypositionheight":"Please enter valid y position or height. The sum of y position and height should not exceed the actual height of an image.","template.dependency.c

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 170 x 30, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1956
Entropy (8bit):	7.864738545255335
Encrypted:	false
SSDEEP:	24:a/MCZDSvcBs9guMF2G1nyLPaS/uUsAnmFyJDqCCPFlGGIkHY1yt/+zMpCZ3lXXqk:yMC2N9gELP00AyRqZFYsHV2zYgbzj
MD5:	84C68FA0BDA6FE693B3D3BEE08EC8E9B
SHA1:	47CB793B8F62B12C7F54BEEA3AA3965447AC2208
SHA-256:	4A5E005B7FD82E80EFD68881A25B0BDDF449B402B277BA47C70A7F365355D961
SHA-512:	DBF407F697751A835E67879CCA4161F7B5142735DE3D3CC389203600A9AE5298BAF0E4EAF7BEEA2CC3EFA643D4065A27160AE93FC60B396C193D51308F486750
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............-......tEXtSoftware.Adobe ImageReadyq.e<...FIDATx..[KR.H....lG....lN.\|...`"f.u.....w...6'.8...V....MO..%.(J.`.7S.Q.\..(+..... A....$..HN........I.....#.H.@.......S.ma.K.d".RJ-....;....EPg.?..bt...R2)C)...s.%0.X.K}%u}...3.~.e..RN...P.R&bp70...n......+)z_.}..C.r.D.1..B...._.]#CJ k..U...k?...!q. .4._....qN.:.{.2.{`..h_.I3P.{.Z... .v..(........g@... ..?J.......9(......P7@p.F8..s...'4...<u..s...B.2.TD........m...\.9._u}R.Buw.....A.C......!..3.3.k...#@.;k...i..3...i....yU.R..3.z]O........}7.......3w....f?:..........iW}d..6..:..t.}.,....../..P..0A...G. .b.0.9....,.7E]...5....{.{cO...........m.'...gb.'#.i....0...w.:.FE.55=#...3...fD.\x..7......a..u.._....kH.^;.F.?=...o.....=.".....M;.&.R......P..v)ugh.j..5P.G..'.zt..u.K.......y#cL..Q.8..R...^7d@"...3o.w.=.n.g.=...A/2.mt..q(b._q..u....z;...x.x..r_.uM.=w.KsTv.).......obp.\.D.z..@.U...J0.O.M(.N...^...$.....k.6.@..m...i..M..1\)+..{....BYg.IZ...k.j.o;j.j....s.......(;q

Chrome Cache Entry: 114

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	20559
Entropy (8bit):	5.013492216096953
Encrypted:	false
SSDEEP:	192:YLbUZfGwN3513v8/PeePQ4dsCyYE6d2jDB1glJ3eIvI/gcsMUM11Fse//hbfAu1O:n3v35C75LXqNuwgBHK8+kJ
MD5:	225EDC91B9212A2FDBC00C4C3F5F6197
SHA1:	20E9B55B6186DAA5E89FF736C4A123826570C79C
SHA-256:	83B0A2F81D8780B2EE31F5B85FB7290A5BB1D6EE28178A507ACF8301C00F5B58
SHA-512:	7242C57E5FC3DAE07820F7BB4EA8F2FA8F689D21CAB4C6573ABCA55034DD578C5EB623A7EE77A20B39EA184CEEDA35ED50755C8E885B72B7C406937C9F1E45F1
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/v4/fonticon.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/******************************************************************************.. Copyright (c) 2018 or the year of first publication, if earlier, HighQ Solutions Limited or its licensors.. *******************************************************************************/.. @charset "UTF-8";....@font-face {.. font-family: "highq50";.. src:url("../fonts/Icon/highq50.eot?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267");.. src:url("../fonts/Icon/highq50.eot?#iefix?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267") format("embedded-opentype"),.. url("../fonts/Icon/highq50.woff?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267") format("woff"),.. url("../fonts/Icon/highq50.ttf?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267") format("truetype"),.. url("../fonts/Icon/highq50.svg#highq50?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267") format("svg");.. font-weight: normal;.. font-style: normal;....}....[data-icon]:before {.. fon

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 350 x 97, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	14683
Entropy (8bit):	7.980524638471162
Encrypted:	false
SSDEEP:	384:X1aAbibmAE9VH3hP+JTil6m0Nb7jmc09JTJ:X1lbiNE9BYDmU/10HTJ
MD5:	64F4F3EA7E811F232FBDCD30D6C72A86
SHA1:	B107B2FC564F40BA25A8F870C0CABE416DE8DD87
SHA-256:	C8E02AB8522B91BD020AF019D716E1B617E89CB9DEDD9C1B1ED94B90F1D9562D
SHA-512:	E89082542F730520AA94E8A571E2E5D07FBB1C95060FD48973DB620257968A4810F32DCCAFAA1808CD0F7E295F4DF16D5D7E41CA431386E243D98DCC73E1E085
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/flag/flag_mailLogo.gif?refreshCacheKey=20240515T111123267
Preview:	.PNG........IHDR...^...a.......^.....sRGB...,.....pHYs...t...t..f.x..9.IDATx..i...u&\..Ta..@....n...LY.lE..(vb...Nf2.g..-..H....9.....\|q2Y.q<..E..K.VR.DQ\{_.@7..P{..IQ...&.-.S..A.]xkA..}.}.}_b.!...6..J..'}.6l..aS...6Z....6l..M.6l.h...l...65.a..lj.a.F...`.........-`S...6Z....6l..M.6l.h...l...65.a..lj.a.F..c.`4=......z...6n...5$\..J..<'#:b...).DY..yH..>.p4L!.T......k......t....N....N^...V...j.'U.@h..9~.....DQ. d.U..Z.NLN..y.0p.T...0<....T...:...4[S.qs.E...@..4B.V...9.S..EV..!....:9Q.......PGWWW.3.t8q.kx.(......l&#..5.&........l.:!.....!v.D.&:t.7.[.....{.n..<A."`..qNU...........1...~._..a...\.....F.X...$.;.@)........v.\|>.".e...2..&W..\|....SK.l.<B ....{...ac=>IjPp......1.S.hW.x.W......i. .b.T..j/...P..J.J... .......@. %`c....PTU...B>.....-P."..@.@.3.,..?.mfs.S.N~..Y.Z.....Z.D...^..6.\|b.P&...8....}.G.x..P(.q\|.ZI.3.tzaa.T*...UU@..,..y....`.e..AuC.1..(..uQ.DI..\|....k.Z.X(,-.%.+........q.........ggfO...b!.gh... .84...&6l.=...A$.U..]._.].P.s{.....p.\)

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (64394), with CRLF line terminators
Category:	downloaded
Size (bytes):	255084
Entropy (8bit):	5.160386686458492
Encrypted:	false
SSDEEP:	3072:UDa8LPLGI9fB8NnODpEujVHUc9koNRppuzGvStCAvuBFak8J3:eLjv9u4VxvLo1
MD5:	E1BF7600D8C5AC51C115D942BEB026F5
SHA1:	C2DF488EBEEAF00B1612C657025460362D429943
SHA-256:	1B4C820B2ACE35A7E3A10BEB67B98B9AFF7C6BB953D700DCEFDF2517232FF869
SHA-512:	AD0B3316B1D248926E7E12956690936A5CBF7B0671E0E01EEFF6D9D6909B372D4F9F174993F39A2A8C727A4F83AEDC7357A6131AE808ABF2531597D6FC803878
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/jquery-ui.min.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/! jQuery UI - v1.13.2 - 2022-11-09.. http://jqueryui.com..* Includes: widget.js, position.js, data.js, disable-selection.js, focusable.js, form-reset-mixin.js, jquery-patch.js, keycode.js, labels.js, scroll-parent.js, tabbable.js, unique-id.js, widgets/draggable.js, widgets/droppable.js, widgets/resizable.js, widgets/selectable.js, widgets/sortable.js, widgets/accordion.js, widgets/autocomplete.js, widgets/button.js, widgets/checkboxradio.js, widgets/controlgroup.js, widgets/datepicker.js, widgets/dialog.js, widgets/menu.js, widgets/mouse.js, widgets/progressbar.js, widgets/selectmenu.js, widgets/slider.js, widgets/spinner.js, widgets/tabs.js, widgets/tooltip.js, effect.js, effects/effect-blind.js, effects/effect-bounce.js, effects/effect-clip.js, effects/effect-drop.js, effects/effect-explode.js, effects/effect-fade.js, effects/effect-fold.js, effects/effect-highlight.js, effects/effect-puff.js, effects/effect-pulsate.js, effects/effect-scale.js, effects/effect-shake.js, effects/ef

Chrome Cache Entry: 117

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	68
Entropy (8bit):	4.768483657842825
Encrypted:	false
SSDEEP:	3:tv0XCjWT3XWZNcA1MKsck9Uni:tDiXWWF9+i
MD5:	14C0E40A6E65903BF571DF0EA15AF0F8
SHA1:	BB37E002910918044C22379CED2C02AC6F6C14BD
SHA-256:	DE4EE84B155372134054BBD4A666D86C91739F47A643377D12C5F46FA6FA3534
SHA-512:	9DA9A30C3313FB4C8C4EA9DD831EA56A9B270FFFA314468AA718A77B7BD1109CA34458C8BC071C734669DE78DEDDFA8B67D390F174FED2CCE7E78D7B6DEFFBA0
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSFwl44CcB5Gi6WxIFDYOoWz0SBQ3OQUx6?alt=proto
Preview:	CjEKEQ2DqFs9GgQICRgBGgQIVhgCChwNzkFMehoECEsYAioPCApSCwoBIRABGP////8P

Chrome Cache Entry: 118

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65454)
Category:	dropped
Size (bytes):	87526
Entropy (8bit):	5.262323997449038
Encrypted:	false
SSDEEP:	1536:NRUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:VHNwcv9VBQpLl88SMBQ47GKr
MD5:	6FB8B4AD2038E5896AB9FD78D041FB7E
SHA1:	3DB2127019FF6CC562D47B0EFD4A8E78560C63C3
SHA-256:	5AA8EBCF65C11F120CD1177294D524CE4580196290DEC56FE4F2AB1995CF1098
SHA-512:	D26FE040FAD4C6F56AFEF0D14036637385F8AF4E9B5CA372555E94046F2DFBCFB21F8D4CE0DECE6A56C955CA9FBFB67527DF83BBF3E24D80B7B3FDB920BBC107
Malicious:	false
Reputation:	low
Preview:	/! jQuery \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (570)
Category:	downloaded
Size (bytes):	7285
Entropy (8bit):	5.336507920825121
Encrypted:	false
SSDEEP:	192:9yQNjNYve8+Yfhh5ZEAYS7LYxKCsa0gyOF:9FjNObYSncV0pS
MD5:	A37BC2F05AEEE40FE9B5E00E7AB69C4E
SHA1:	FE6347A753AC540646C57186B26DF20DCF12E76C
SHA-256:	4A6CEC5778258A2102177FFC44B3C95D2F49F069187594DEFCE2C0A5DCBF0B2B
SHA-512:	49E07ABBA8181E64AEE20E2AEB6D63BB4DD3FF2D2B94FFB529FE901DB87C616417EAF8DB30BA1DC4CE772BA438C19F0B3A1FB143FDB5DCFCB007AC59C8643605
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/jquery.truncate.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	"undefined"!==typeof jQuery&&function(l){function A(a,b){this.defaults={maxLines:1,lineHeight:null,truncateString:"",truncateAfterLinks:!0,showText:"",hideText:"",showClass:"show",hideClass:"hide",collapsed:!0,debug:!1,contextParent:null,maxSteps:100,tooltip:!1,animate:!1,animateOptions:{complete:function(){}}};this.config=l.extend(!0,{},this.defaults,b);this.$el=l(a);if(null===this.config.lineHeight){var c=NaN,c="normal"===this.$el.css("line-height")?1.14parseFloat(this.$el.css("font-size")):-1===.this.$el.css("line-height").indexOf("px")?this.$el.css("line-height")parseFloat(this.$el.css("font-size")):parseFloat(this.$el.css("line-height"));if(isNaN(c))throw Error('No "lineHeight" parameter was specified and none could be calculated.');this.config.lineHeight=c}"inline"===this.$el.css("display")&&(null===this.config.contextParent?this.config.contextParent=B(this.$el):"inline"===this.config.contextParent.css("display")&&(this.config.contextParent=B(this.config.contextParent)));this.h

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (498)
Category:	dropped
Size (bytes):	935
Entropy (8bit):	5.513990527184043
Encrypted:	false
SSDEEP:	24:Kqc/fO0fofO0bPetKq6U727eghhtp6oEU2be0ie:YOmQOoetH7KeghAob0ie
MD5:	3F6BBE9DCE3B1E832DBA294A09013DA4
SHA1:	851194F84AD0DF927F7AD498999DCB2A74561C86
SHA-256:	460DD47F9D09F9935EF74681260BEDD7A9CAE6D0A6EF9CBDA0057117EC090B32
SHA-512:	398C3ABA9187298F2A5CE6B493B3941BE61E2549FEE332F61EC820976B91A186F3DD711F10A4947A6FC3A846B9B24878AB200A711B56908BCF47317B19E954BB
Malicious:	false
Reputation:	low
Preview:	function callTermsCondition(){window.open("termsOfUse.action?timestamp\x3d"+(new Date).getMilliseconds(),"subWindow","height\x3d700,width\x3d900,resizable\x3dyes,scrollbars\x3dyes");return!1}function callPrivacyPolicy(){window.open("privacyPolicy.action?timestamp\x3d"+(new Date).getMilliseconds(),"subWindow","height\x3d700,width\x3d900,resizable\x3dyes,scrollbars\x3dyes");return!1}.function getContactUsAdminEmails(){GriffinCommon.customAjaxSubmit({REQUEST_TYPE:"POST",REQUEST_URL:"getContactUsAdminEmails.action?"+systemProperty.CSRF_TOKEN_NAME+"\x3d"+systemProperty.CSRF_TOKEN_VALUE,FORM_DATA:{"metaData.siteID":collaborateCommon.metaDataSiteID},CACHE:"false",DATA_TYPE:"html"},function(a){0!=a.length&&(0==a.indexOf("http")\|\|0==a.indexOf("https")\|\|0==a.indexOf("ftp")?window.open(a):-1==a.indexOf("@")?window.open("http://"+a):window.location.href="mailto:"+a);return!0},null)}.function helpClickedForFooter(a,b){window.open(b)};

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65454)
Category:	downloaded
Size (bytes):	87526
Entropy (8bit):	5.262323997449038
Encrypted:	false
SSDEEP:	1536:NRUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:VHNwcv9VBQpLl88SMBQ47GKr
MD5:	6FB8B4AD2038E5896AB9FD78D041FB7E
SHA1:	3DB2127019FF6CC562D47B0EFD4A8E78560C63C3
SHA-256:	5AA8EBCF65C11F120CD1177294D524CE4580196290DEC56FE4F2AB1995CF1098
SHA-512:	D26FE040FAD4C6F56AFEF0D14036637385F8AF4E9B5CA372555E94046F2DFBCFB21F8D4CE0DECE6A56C955CA9FBFB67527DF83BBF3E24D80B7B3FDB920BBC107
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/jquery.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/! jQuery \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (602)
Category:	dropped
Size (bytes):	9025
Entropy (8bit):	5.340472797072539
Encrypted:	false
SSDEEP:	192:/yBVKV6o7kKVpTn9mX8GSLA8vKX+8vKVBEiAp6TKz:roIvzQ8G84+8i72Fz
MD5:	7D762B7F02C0FC5B2681DF4BDDA7298D
SHA1:	54C72BC60F55DE2401D300A733ECF9C6832EA66C
SHA-256:	B8B0CF93FD0135713A27C5C0CA9C0ABC2DDA5C88FBEDF93956B4475901119DD5
SHA-512:	66EBA83CDEAB6E5F8F34C2BC79DE15BCFF4D931566026238069D724DBF701AA6792D048F9383CB756DD15235D5E4AC3F08B31F06CDAEEA6A07E77F123EE68BEA
Malicious:	false
Reputation:	low
Preview:	if(!Navigations)var Navigations={};var navigations_isIE8OR9=-1!=navigator.appVersion.indexOf("MSIE 9")\|\|-1!=navigator.appVersion.indexOf("MSIE 8");$j(window).on("statechange",function(a){navigations_isIE8OR9?("TRUE"!=sessionStorage.getItem("unLoadWindowEvent")&&BrowserState.executeHistoryStateFunction(),sessionStorage.setItem("unLoadWindowEvent","FALSE")):BrowserState.executeHistoryStateFunction()});.if(navigations_isIE8OR9)$j(window).on("unload",function(a){sessionStorage.setItem("unLoadWindowEvent","TRUE")});.Navigations.Dashboard=function(a){if(a&&a.ctrlKey)return!0;$j("#collaborateMainContainer").html('\x3cdiv class\x3d"text-center padd20"\x3e\x3cimg src\x3d"./images/gray-loaderbig.gif"\x3e\x3c/div\x3e');GriffinCommon.customAjaxSubmit({REQUEST_TYPE:"GET",REQUEST_URL:"dashboardContent.action",FORM_DATA:{"metaData.systemPageID":DashboardCollectionVar.metaDataSystemPageID,classicDashboard:DashboardCollectionVar.isClassicDashboardRedirect,callFrom:DashboardCollectionVar.callFrom},CACHE

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (649)
Category:	downloaded
Size (bytes):	35621
Entropy (8bit):	5.295509211639803
Encrypted:	false
SSDEEP:	768:YpoGP8fyk6qp0G9Pw6i6e/I93mobSy2HO:TFf95pP3e/I9mobEO
MD5:	9796344F4E37235E2F8488CAFC180596
SHA1:	09D558DAD176369D61BA50B194076F50234A00E4
SHA-256:	3121C235AA8C80FEED4397B14B88C1FFFC6B235F202A2589BB14A935083B28E1
SHA-512:	3D29606FE7B32E09A8DC22444DFD7CFC9BB9D5A47A2FDAF3050550A4DD95E68B112C9BEC1D95FBDE086250BFD7FCC696C6DFF4BBFD7A618A84C3D1C3CEB828C6
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/bootstrap-select.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	(function(p,f){"function"===typeof define&&define.amd?define(["jquery"],function(z){return f(z)}):"object"===typeof module&&module.exports?module.exports=f(require("jquery")):f(p.jQuery)})(this,function(p){(function(f){function z(a){f.each([{re:/[\xC0-\xC6]/g,ch:"A"},{re:/[\xE0-\xE6]/g,ch:"a"},{re:/[\xC8-\xCB]/g,ch:"E"},{re:/[\xE8-\xEB]/g,ch:"e"},{re:/[\xCC-\xCF]/g,ch:"I"},{re:/[\xEC-\xEF]/g,ch:"i"},{re:/[\xD2-\xD6]/g,ch:"O"},{re:/[\xF2-\xF6]/g,ch:"o"},{re:/[\xD9-\xDC]/g,ch:"U"},{re:/[\xF9-\xFC]/g,.ch:"u"},{re:/[\xC7-\xE7]/g,ch:"c"},{re:/[\xD1]/g,ch:"N"},{re:/[\xF1]/g,ch:"n"}],function(){a=a?a.replace(this.re,this.ch):""});return a}function p(a){var c=arguments,b=a;[].shift.apply(c);var e,d=this.each(function(){var a=f(this);if(a.is("select")){var d=a.data("selectpicker"),k="object"==typeof b&&b;if(!d)d=f.extend({},l.DEFAULTS,f.fn.selectpicker.defaults\|\|{},a.data(),k),d.template=f.extend({},l.DEFAULTS.template,f.fn.selectpicker.defaults?f.fn.selectpicker.defaults.template:{},a.data().t

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18588, version 1.0
Category:	downloaded
Size (bytes):	18588
Entropy (8bit):	7.988601596032928
Encrypted:	false
SSDEEP:	384:WF9srt3EJfKy7iOpqErJeqQhzsaZqPTPabcoqYdBTKYPvS9BlTf:Wn6UhKYieqAiPQTwclYQLlTf
MD5:	115C2D84727B41DA5E9B4394887A8C40
SHA1:	44F495A7F32620E51ACCA2E78F7E0615CB305781
SHA-256:	AE0E442895406E9922237108496C2CD60F4947649A826463E2DA9860B5C25DD6
SHA-512:	00402945111722B041F317B082B7103BCC470C2112D86847EAC44674053FC0642C5DF72015DCB57C65C4FFABB7B03ECE7E5F889190F09A45CEF1F3E35F830F45
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Preview:	wOF2......H........ ..H8................................\|.`..J.\..<........-..Z...x.6.$..0. .... ..S.7.5..K!.;..../.`..Sn.J.e.52P.(.....=9....f.....$....fZ.p...N...t....6.lfS.Ju.i.o.g..<....T"O.o..4..4....M/N.>.K..."[.P...W.u.>]................A.9z....IN^....z..Y.{....m=...+X9<?.......(IAG8rD....52L0.p .EJ..p....=.......[U...pz..g...../L.U.......P..W.U..q$L..6......C.M.0..R..........D(.ilX.Y..SZ.R...Q..j.6.@\."\|.l......3....,.T.....L...ap0......6.j.\&O.z`.$._+vwnr...,....?W.T....!.J...L#%.......A}........\.....l...:....U..u.J.0....O......&.!.)4.V..:.}.0f....:W......?U.....%...b...!....yA.sw.....5..T .}{.t!F.G....{"..pQ.S.v.S....t......U.Y\|.v.@....\|..(..V.........^....../.7......K......J.Uq/L.T-.`.O........;........';vWq.+....J...J..p.....sB`(1LC.k....?Z{...v>dS....F..........\.....UetU........6.V...vE....._.../...%.q...^.l...>^.z..l..p....j..@H...`X.p...KQ. .<@...I...BF.......L..6...y.2=.P....8;..@`.m.....R.B.L.r.*T.T..l@.6.Y....}g.....F.n...

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (576)
Category:	downloaded
Size (bytes):	5748
Entropy (8bit):	5.441096209962554
Encrypted:	false
SSDEEP:	96:XhR/syc2UsOdczDNMFVnvZLoKPKolKPKkgZKgV77hGAHWBPXw:XhREyc/f5cAd3
MD5:	7F091B7127244E99D741FEA29F684FA4
SHA1:	83FB76B362BBA09B008CB25CA45D9129F3AFC58C
SHA-256:	4AC1978DBD194EAFD6449B8525810CC93165D8CB7E192AEEBA4691F7E647C5A7
SHA-512:	42A0B88A3E70A985BE9A2EC6B152354D1253097E8B8575499E18F841787FFA42FC379892E2FF28C38A578E130B273FDFCAA6279CBEADC64261B03F7165B91A7C
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/griffin/dragAndDropCommon.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if(!DragAndDropCommonCollection)var DragAndDropCommonCollection={};DragAndDropCommonCollection.moreLinkExpand=function(a,b,c){""!=a&&""!=b&&(document.getElementById(a).style.display="inline",document.getElementById(b).style.display="none");c&&CollaborateCommon.trackBehaviour(c,"Expansion of More");ModalCenterPosition()};.DragAndDropCommonCollection.unBindDragAndDropForActivity=function(a,b){if(-1==navigator.appVersion.indexOf("MSIE 9")&&-1==navigator.appVersion.indexOf("MSIE 8")){$j(document).off("keyup.mulSelComp");var c=$j("#"+a);$j("#"+b);c.off("dragenter.mulSelComp");c.off("dragover.mulSelComp");c.off("dragleave.mulSelComp");c.off("drop.mulSelComp")}};.DragAndDropCommonCollection.bindDragAndDropForActivity=function(a){var b=GriffinCommon.gethtml5uploadJsArray();b.push(GriffinCommon.getCanvasToBlobMinJsJson());b.push(GriffinCommon.getloadImageAllMinJsJson());b.push(GriffinCommon.getJqueryFileuploadImageJsJson());GriffinCommon.loadJsFilesSequentially(b,0,function(){if(-1==navigator.a

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (602)
Category:	downloaded
Size (bytes):	9025
Entropy (8bit):	5.340472797072539
Encrypted:	false
SSDEEP:	192:/yBVKV6o7kKVpTn9mX8GSLA8vKX+8vKVBEiAp6TKz:roIvzQ8G84+8i72Fz
MD5:	7D762B7F02C0FC5B2681DF4BDDA7298D
SHA1:	54C72BC60F55DE2401D300A733ECF9C6832EA66C
SHA-256:	B8B0CF93FD0135713A27C5C0CA9C0ABC2DDA5C88FBEDF93956B4475901119DD5
SHA-512:	66EBA83CDEAB6E5F8F34C2BC79DE15BCFF4D931566026238069D724DBF701AA6792D048F9383CB756DD15235D5E4AC3F08B31F06CDAEEA6A07E77F123EE68BEA
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/griffin/navigation.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if(!Navigations)var Navigations={};var navigations_isIE8OR9=-1!=navigator.appVersion.indexOf("MSIE 9")\|\|-1!=navigator.appVersion.indexOf("MSIE 8");$j(window).on("statechange",function(a){navigations_isIE8OR9?("TRUE"!=sessionStorage.getItem("unLoadWindowEvent")&&BrowserState.executeHistoryStateFunction(),sessionStorage.setItem("unLoadWindowEvent","FALSE")):BrowserState.executeHistoryStateFunction()});.if(navigations_isIE8OR9)$j(window).on("unload",function(a){sessionStorage.setItem("unLoadWindowEvent","TRUE")});.Navigations.Dashboard=function(a){if(a&&a.ctrlKey)return!0;$j("#collaborateMainContainer").html('\x3cdiv class\x3d"text-center padd20"\x3e\x3cimg src\x3d"./images/gray-loaderbig.gif"\x3e\x3c/div\x3e');GriffinCommon.customAjaxSubmit({REQUEST_TYPE:"GET",REQUEST_URL:"dashboardContent.action",FORM_DATA:{"metaData.systemPageID":DashboardCollectionVar.metaDataSystemPageID,classicDashboard:DashboardCollectionVar.isClassicDashboardRedirect,callFrom:DashboardCollectionVar.callFrom},CACHE

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (588)
Category:	downloaded
Size (bytes):	224979
Entropy (8bit):	5.411360043971814
Encrypted:	false
SSDEEP:	1536:7tFhUhQhLIwVn0OO4esuCsGlsOngVBlMAlrAqMYmMOajnVCoC2:VRWan0OO4E3G5nkn1MYmMqoC2
MD5:	4C88E516AEC4E336FB47AA718B5892CE
SHA1:	016A2CDCAF0BFD56EAA3C7384EDD8CFC384D512C
SHA-256:	800EDBC40A6A4548922FE53CFDD48E24EF4D6A18663F519E7CAD358D2F863731
SHA-512:	D5F1FEF6AD2C12E678738A281CAA5E2659250D1A62C9A7A2596687EAED46C7748A4CECF4BAB6C23EE7975C5229380397E1917152988396B372E677D3E4E2572A
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/griffin/documentAnalysis.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if(!DocumentAnalysisCollection)var DocumentAnalysisCollection={};1>Object.keys(DocumentAnalysisCollection).length&&(DocumentAnalysisCollection={SYSTEM_SERVICE_CONFIGURE_MODAL_ID:"system_admin_document_analysis_service_configure_id",systemAdminManageClassifierVersion:[],saveSystemAdminManageClassifierVersion:[]});.DocumentAnalysisCollection.openuserConfigurationModal=function(a,b){if("Microsoft"===a){var c=a+" Auto-suggest tags";DocumentAnalysisCollection.callFrom="Add";var d=[{ID:"close",TEXT:GriffinCommon.getResourceBundledProperty("ui.button.text.cancel",null),TYPE:"Cancel",FUNCTION:function(){DocumentAnalysisCollection.closeModal(DocumentAnalysisCollection.SYSTEM_SERVICE_CONFIGURE_MODAL_ID)}},{ID:"next",TEXT:GriffinCommon.getResourceBundledProperty("ui.button.text.test",null),TYPE:"PRIMARY",CLASS:"pull-right ",.FUNCTION:function(){DocumentAnalysisCollection.testConfigurationMicrosoftAI(a)}},{ID:"save",TEXT:GriffinCommon.getResourceBundledProperty("systemadmin.systemsettings.displa

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Nim source code, ASCII text
Category:	downloaded
Size (bytes):	56723
Entropy (8bit):	5.283110334599086
Encrypted:	false
SSDEEP:	1536:Vpszkivw46GcVBeX8XL9r/FppH4gdADaXlbeYZ8Fw:VbL9r/FppHwaXlbX
MD5:	93EC8DEE4FF22A2BFEBFE53A0F7C21E4
SHA1:	DE7FCC96B68EA5233DE6B07ED7C4F8A2DCA0B650
SHA-256:	10DC1F46E8DE33F244DF4F39F2E499A4B54886E8476AD00C26624E1176F86686
SHA-512:	45DCA144AA3D096BFBCC7FD42252D6BDDA7C2F5AFFB612ED6F0F6483707B8CAA0C46A6CA00657ED5B880B7077DC0D9D0E4170D094057A97021D7A1F6928BD7F8
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/v4/mediascreen.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/******************************************************************************. Copyright (c) 2018 or the year of first publication, if earlier, HighQ Solutions Limited or its licensors. ******************************************************************************/. / Media Query /../ only in tablet/mobile device (COL-19770 - iOS: checkboxes do not align with labels)/..@media (max-device-width: 1024px) {..input[type=checkbox], input[type=radio] {margin-top:1px;}...withoutTitle .fixedContent{visibility: visible;}.....}../ case upto 1024 resolution only /.@media (max-width: 1024px){..body:not(.bodyLang-en):not(.bodyLang-fr) #lookUpParentDiv .col-lg-9.col-sm-8, body.bodyLang-fr #lookUpParentDiv .col-lg-9.col-sm-8{width:48%;}..body:not(.bodyLang-en) #fillterDivID+div button#addToGrid{margin-left:15px;}..../ left panel height on scroll */...tabletScreenMode.myFiles .leftPanelSection, .tabletScreenMode.files .leftPanelSection, .tabletScreenMode.event .leftPanelSection{height:aut

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (579)
Category:	dropped
Size (bytes):	40183
Entropy (8bit):	5.220033123754301
Encrypted:	false
SSDEEP:	768:kWlzx+CICJkMMNEeQn8GOswHFWm810jJVTZlMHFw:yAvjgZ3
MD5:	AD882BD4C7FBA2404F6C56EC06C367A7
SHA1:	BB224BC7FABC3C89D1858E93BF9FBA0CF323A680
SHA-256:	09A7ED2F0680E162A5E4497F6E42FB8E39648EEA6D556048802C5C607D0ABD71
SHA-512:	6DFB6030C67206DE390768EB42E9A022121848539CF9C346ECD41E97A589F7CE62F2E1897D7498C9E3C3EDF1ACE617D27C9A329FAD59042B995E942F6E18E5F9
Malicious:	false
Reputation:	low
Preview:	if("undefined"===typeof jQuery)throw Error("Bootstrap's JavaScript requires jQuery");+function(a){a=a.fn.jquery.split(" ")[0].split(".");if(2>a[0]&&9>a[1]\|\|1==a[0]&&9==a[1]&&1>a[2]\|\|3<a[0])throw Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher, but lower than version 4");}(jQuery);.+function(a){function g(){var a=document.createElement("bootstrap"),h={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"},d;for(d in h)if(void 0!==a.style[d])return{end:h[d]};return!1}a.fn.emulateTransitionEnd=function(f){var h=!1,d=this;a(this).one("bsTransitionEnd",function(){h=!0});setTimeout(function(){h\|\|a(d).trigger(a.support.transition.end)},f);return this};a(function(){a.support.transition=g();a.support.transition&&.(a.event.special.bsTransitionEnd={bindType:a.support.transition.end,delegateType:a.support.transition.end,handle:function(f){if(a(f.target).is(this))return f.handleObj.handler.ap

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	32412
Entropy (8bit):	5.154917866834749
Encrypted:	false
SSDEEP:	768:0Q34lhN4r7Xy7xG0K88PD+X45FCOrmLZJnFS0iv6X7LRF:0QIlUr7ymPD+wFCOrGv1n
MD5:	2DE730D25D946D02526223EA678C7467
SHA1:	5C239B424415DA99FF40680141F3222A299003CB
SHA-256:	64C67A33C8E4002C793573C8D78C8914219A3E4DD54C098B93DB61A2B72AB71D
SHA-512:	10759419C3FD2523C9FCCFE7A1E83EB168C8AB534D38E79317D3D98D4B4EDD8AE14BAFF1D87A7F3CEC4DD25BFBBDA0F3A67F2F0BEEA81E0D1B755D2B1DC87B7A
Malicious:	false
Reputation:	low
Preview:	/!. jQuery Migrate. * Copyright OpenJS Foundation and other contributors. */.( function( factory ) {.."use strict";...if ( typeof define === "function" && define.amd ) {....// AMD. Register as an anonymous module....define( [ "jquery" ], function( jQuery ) {....return factory( jQuery, window );...} );..} else if ( typeof module === "object" && module.exports ) {....// Node/CommonJS...// eslint-disable-next-line no-undef...module.exports = factory( require( "jquery" ), window );..} else {....// Browser globals...factory( jQuery, window );..}.} )( function( jQuery, window ) {."use strict";..jQuery.migrateVersion = "3.5.2";..// Returns 0 if v1 == v2, -1 if v1 < v2, 1 if v1 > v2.function compareVersions( v1, v2 ) {..var i,...rVersionParts = /^(\d+)\.(\d+)\.(\d+)/,...v1p = rVersionParts.exec( v1 ) \|\| [ ],...v2p = rVersionParts.exec( v2 ) \|\| [ ];...for ( i = 1; i <= 3; i++ ) {...if ( +v1p[ i ] > +v2p[ i ] ) {....return 1;...}...if ( +v1p[ i ] < +v2p[ i ] ) {....return -1;...}..}..return 0

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (525)
Category:	dropped
Size (bytes):	4165
Entropy (8bit):	5.458306566929322
Encrypted:	false
SSDEEP:	96:OV2oYAnXeEASj8RmIIbK2EDlqCSPsLNdNNT7NJBbMB:OEk9j8RmlbK2UlqxkhbNPpbMB
MD5:	618BF62B3A337A3BDF1A23F76F9EB710
SHA1:	EA45F54D607029B2641AB3599569F3528699F56D
SHA-256:	690DDD7106974D6BA2B85946981EE7E0791EA4E8979A592BCB99CBB3F94839D9
SHA-512:	3649A8B04167DD6354649B31211A02782483CD3B5A55EAED0A08B8E91D63051E712EB10F3E0A909BF5FFE4A0DBEB5083AF8DE95DB9342C39AB35495EA61A4502
Malicious:	false
Reputation:	low
Preview:	if(!BrowserState)var BrowserState={};BrowserState.isLocalStorageNameSupported=function(){var c=window.sessionStorage;try{return c.setItem("test","1"),c.getItem("test"),c.removeItem("test"),!0}catch(a){return!1}};.BrowserState.getUrlParameter=function(c,a){-1!=navigator.appVersion.indexOf("MSIE")&&-1<c.indexOf("#")&&(firstIndexPathUrl=c.split("#")[0],c=c.split("#")[1],-1<firstIndexPathUrl.indexOf("?")&&-1>=c.indexOf("?")&&(c=firstIndexPathUrl+c));c.indexOf("#")==c.length-1&&(c=c.substr(0,c.length-1));if(-1<c.indexOf("?")){var b=c.split("?")[1];if(void 0!=b&&(b=b.split("\x26"),void 0!=b))if("MAP"==a){var d=b.length,e={},f=!1;for(i=0;i<d;i++){var g=b[i].split("\x3d");"_suid"!=g[0]&&""!=g[0]&&(f=!0,e[$j.trim(b[i].split("\x3d")[0])]=.$j.trim(b[i].split("\x3d")[1]))}if(f)return e}else if("ARRAY"==a)return b}};BrowserState.getUrlParameterArray=function(c,a){var b=BrowserState.getUrlParameter(c,"ARRAY");if(void 0!=b){if(void 0==a\|\|""==a)return b;var d=b.length,e=[];for(i=0;i<d;i++)-1<b[i].inde

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	189
Entropy (8bit):	4.979360582739764
Encrypted:	false
SSDEEP:	3:U6rlwNJCCRIsjPd9lTyWLxLxvPcK2HXVFdCToFOMgxZKIpvdJMG7yyLTNSPW8CC+:U6rlweCRVWWNdPcyx0IpvdCkyyLTNSu7
MD5:	58CDE540E2720C7FC74D7BDFDF9A66CA
SHA1:	C63287ECE92ED6AD2AB977730F602CF2FC8BDCCB
SHA-256:	193D2EE54C544E8C35DD74DC2AD1FFCAEEA4C9FA27DBB7DBEF005092241880AD
SHA-512:	3246AA49A35FF3950548E89CECD95B867A6825018208483688FA8C9B4FDB8EB05380B4E3D3538DA0C2D1BD2C44D6F26E347B2AC502F874B068C618AE22ADD929
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/videojs/videojs-hls-quality-selector.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/*.. videojs-hls-quality-selector.. * @version 1.1.1.. * @copyright 2020 Chris Boustead (chris@forgemotion.com).. * @license MIT.. */...video-js.vjs-hls-quality-selector{display:block}..

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Category:	downloaded
Size (bytes):	18536
Entropy (8bit):	7.986571198050597
Encrypted:	false
SSDEEP:	384:IhocXmE6eM871P7td/mcOKA454H2orQEONKrOqxw:f6WeL1P//9D54WCCKc
MD5:	8EFF0B8045FD1959E117F85654AE7770
SHA1:	227FEE13CEB7C410B5C0BB8000258B6643CB6255
SHA-256:	89978E658E840B927DDDB5CB3A835C7D8526ECE79933BD9F3096B301FE1A8571
SHA-512:	2E4FB65CAAB06F02E341E9BA4FB217D682338881DABA3518A0DF8DF724E0496E1AF613DB8E2F65B42B9E82703BA58916B5F5ABB68C807C78A88577030A6C2058
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......Hh..........H..............................Z..\|.`..J.T..<.....H..U..Z...x.6.$..0. ..t. ..I....p.0.VU.......1....AQ...d..x.....R..4.-.c..C$fUc.c..IX..@..~g.xs.....%...O...eJ.w..U.\|.......%..{.......U+..T#.S......`.n.....V.w.4..~P"..zk.%..../........=3...F.........V.FL..;Bc.........A.Uk.U1.b!Y.BH.DL...s.s...F.m.9a..GJ..1..#.`m5..DI..X5#.........B.Akm.....&..0...{.L.....G......-(.......O4.@3....=......f..l...$.....j..NO...e.Y.tJ2J>F.(.c....08..e...~....D2S7s:.G'Gm........!.7.........r.c.`,.....~.).......c>1.......Y.g2^...T-1.7./r./....>...g.ov@u.?.U.+._...'M..,.,g....!g..9."..yBF.#r+.Ps...%.d=....U...5.b.$:`.4R.II.<A....Q)....e...k.....M.8.z....+.....5}..F........F.d._...].~-](.Lf....Y..W....;-z...;. .@x._v../.%UIm....=s...P.C....G...^..Q.!g.!b._.P....at..?.}....t.z...O(..Y6..R.2.X....k.R..K.gw(.F.K?m..R...7....dj..7. .r.U..be.4......8.].w.B..B......Y..:..8.N..U...NEm...\.^q..f}.......{..6.". ...y-.Y...N.+.M E..`......R.$T

Chrome Cache Entry: 134

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C source, ASCII text, with very long lines (65103)
Category:	downloaded
Size (bytes):	209939
Entropy (8bit):	5.366006952026174
Encrypted:	false
SSDEEP:	3072:1P6RsHIwj0PdUgdbs8kvdYkODdlm9AZoZXs+eSc:1msHIxHMvd8dtZoZDc
MD5:	FA4C76A7FDE62B18054CF7EB8E946012
SHA1:	B20150066A879D2B78DD3D4908F4ACD148EE66F8
SHA-256:	09EBD7F407439990AAC227E70DA23E1A819E8E30282928E324370805F480BEC4
SHA-512:	D72F5D078675C7ADBF6BFC1980712542A10668AEC9163137A2EC70A5E117F8FFDD0F06A6C4C6636E35C04F2754F33D40C65C59D452AFAA8EA4A382F24F200ABD
Malicious:	false
Reputation:	low
URL:	https://s.go-mpulse.net/boomerang/VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW
Preview:	/. Copyright (c) 2011, Yahoo! Inc. All rights reserved.. * Copyright (c) 2011-2012, Log-Normal, Inc. All rights reserved.. * Copyright (c) 2012-2017, SOASTA, Inc. All rights reserved.. * Copyright (c) 2017, Akamai Technologies, Inc. All rights reserved.. * Copyrights licensed under the BSD License. See the accompanying LICENSE.txt file for terms.. /./ Boomerang Version: 1.720.0 b17966bb92f8ac2ddcda4ac1d9c0aaea6d2eda7b */..BOOMR_start=(new Date).getTime();function BOOMR_check_doc_domain(e){if(window){if(!e){if(window.parent===window\|\|!document.getElementById("boomr-if-as"))return;if(window.BOOMR&&BOOMR.boomerang_frame&&BOOMR.window)try{BOOMR.boomerang_frame.document.domain!==BOOMR.window.document.domain&&(BOOMR.boomerang_frame.document.domain=BOOMR.window.document.domain)}catch(t){BOOMR.isCrossOriginError(t)\|\|BOOMR.addError(t,"BOOMR_check_doc_domain.domainFix")}e=document.domain}if(e&&-1!==e.indexOf(".")&&window.parent){try{window.parent.document;return}catch(t){try{document.doma

Chrome Cache Entry: 135

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (649)
Category:	dropped
Size (bytes):	35621
Entropy (8bit):	5.295509211639803
Encrypted:	false
SSDEEP:	768:YpoGP8fyk6qp0G9Pw6i6e/I93mobSy2HO:TFf95pP3e/I9mobEO
MD5:	9796344F4E37235E2F8488CAFC180596
SHA1:	09D558DAD176369D61BA50B194076F50234A00E4
SHA-256:	3121C235AA8C80FEED4397B14B88C1FFFC6B235F202A2589BB14A935083B28E1
SHA-512:	3D29606FE7B32E09A8DC22444DFD7CFC9BB9D5A47A2FDAF3050550A4DD95E68B112C9BEC1D95FBDE086250BFD7FCC696C6DFF4BBFD7A618A84C3D1C3CEB828C6
Malicious:	false
Reputation:	low
Preview:	(function(p,f){"function"===typeof define&&define.amd?define(["jquery"],function(z){return f(z)}):"object"===typeof module&&module.exports?module.exports=f(require("jquery")):f(p.jQuery)})(this,function(p){(function(f){function z(a){f.each([{re:/[\xC0-\xC6]/g,ch:"A"},{re:/[\xE0-\xE6]/g,ch:"a"},{re:/[\xC8-\xCB]/g,ch:"E"},{re:/[\xE8-\xEB]/g,ch:"e"},{re:/[\xCC-\xCF]/g,ch:"I"},{re:/[\xEC-\xEF]/g,ch:"i"},{re:/[\xD2-\xD6]/g,ch:"O"},{re:/[\xF2-\xF6]/g,ch:"o"},{re:/[\xD9-\xDC]/g,ch:"U"},{re:/[\xF9-\xFC]/g,.ch:"u"},{re:/[\xC7-\xE7]/g,ch:"c"},{re:/[\xD1]/g,ch:"N"},{re:/[\xF1]/g,ch:"n"}],function(){a=a?a.replace(this.re,this.ch):""});return a}function p(a){var c=arguments,b=a;[].shift.apply(c);var e,d=this.each(function(){var a=f(this);if(a.is("select")){var d=a.data("selectpicker"),k="object"==typeof b&&b;if(!d)d=f.extend({},l.DEFAULTS,f.fn.selectpicker.defaults\|\|{},a.data(),k),d.template=f.extend({},l.DEFAULTS.template,f.fn.selectpicker.defaults?f.fn.selectpicker.defaults.template:{},a.data().t

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (748)
Category:	downloaded
Size (bytes):	36807
Entropy (8bit):	5.232706068105287
Encrypted:	false
SSDEEP:	384:ACRBjtvIid2F9n9tfMf2aij67ctzZriOMNa28y64Vg3q0EsFXtVLdn9p8PIgYhcV:1dIcAerX8B8own6O
MD5:	7F54B32A32DCE3EA29AE0D5AFF673B13
SHA1:	9BA89A46809981C52F3C6CBD86A7140523EFCA0A
SHA-256:	688688ADE3C9A689288A4B947C6183465187D53E5B86A8EB900345DDB8066100
SHA-512:	52657E29F8143BBBF5FD8B288169292F95A32C4429A226957D9AB37D427EE9219142AD4675F9BDB9AA53189D6903B909C321260973267974DB54981ABF7CD739
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/bootstrap-datetimepicker.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	(function(f,d){if("function"===typeof define&&define.amd)define(["jquery","moment"],d);else if("object"===typeof exports)d(require("jquery"),require("moment"));else{if(!jQuery)throw Error("bootstrap-datetimepicker requires jQuery to be loaded first");if(!moment)throw Error("bootstrap-datetimepicker requires moment.js to be loaded first");d(f.jQuery,moment)}})(this,function(f,d){if("undefined"===typeof d)throw Error("momentjs is required");var S=0,L=function(T,y){var L=f.fn.datetimepicker.defaults,.U={time:"icon icon-recent",date:"icon icon-calendar",up:"icon icon-chevron-up",down:"icon icon-chevron-down"},a=this,H,p=function(){var b;if(a.isInput)return a.element;b=a.element.find(".datepickerinput");if(0===b.length)b=a.element.find("input");else if(!b.is("input"))throw Error('CSS class "datepickerinput" cannot be applied to non input element');return b},V=function(){var b;b=a.element.is("input")?a.element.data():a.element.find("input").data();void 0!==b.dateFormat&&(a.options.format=b.d

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (552)
Category:	downloaded
Size (bytes):	22379
Entropy (8bit):	5.360376748881115
Encrypted:	false
SSDEEP:	384:ubybynNjlSDJ18UsdQCOMtPhP22+NP0T03fn9fSdt4qPUbuVc:N+qj8UseMYJ0T03fn9fSdt4qPGF
MD5:	D0F0CF6A6011DA7DFACC3A2EE8761441
SHA1:	DA702E6FD7933BC242D0E5673BF45239BD8530A9
SHA-256:	584FA1A7A31CC6491BD14CDEA329B0E9CDB82E21F05AAE3D057C4A6E648690BC
SHA-512:	CB5046DB6BC8ABB7D721009F1E64A4E912BF09DD235F367B0DB8C5023C624386494576AAE1ABBB2EC9AC8515EAF94E9B9EBB638EB4DF43632D951880658660DA
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/jquery.history.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	"object"!=typeof JSON&&(JSON={});.(function(){function c(b){return 10>b?"0"+b:b}function r(e){return b.lastIndex=0,b.test(e)?'"'+e.replace(b,function(b){var e=g[b];return"string"==typeof e?e:"\\u"+("0000"+b.charCodeAt(0).toString(16)).slice(-4)})+'"':'"'+e+'"'}function l(b,c){var m,a,g,h,k=e,f,d=c[b];d&&"object"==typeof d&&"function"==typeof d.toJSON&&(d=d.toJSON(b));"function"==typeof q&&(d=q.call(c,b,d));switch(typeof d){case "string":return r(d);case "number":return isFinite(d)?String(d):"null";case "boolean":case "null":return String(d);.case "object":if(!d)return"null";e+=p;f=[];if("[object Array]"===Object.prototype.toString.apply(d)){h=d.length;for(m=0;m<h;m+=1)f[m]=l(m,d)\|\|"null";return g=0===f.length?"[]":e?"[\n"+e+f.join(",\n"+e)+"\n"+k+"]":"["+f.join(",")+"]",e=k,g}if(q&&"object"==typeof q)for(h=q.length,m=0;m<h;m+=1)"string"==typeof q[m]&&(a=q[m],g=l(a,d),g&&f.push(r(a)+(e?": ":":")+g));else for(a in d)Object.prototype.hasOwnProperty.call(d,a)&&(g=l(a,d),g&&f.push(r(a)+(e?"

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	6713
Entropy (8bit):	5.395631992451415
Encrypted:	false
SSDEEP:	192:ANOQNNNiNk3XNPN4qNY4NX7NCNRNS3sNEN4NNiNU1NHNUN13eN/NDTNl:uOeD4CdFRPXBYHAaCu4U7tyF0VVl
MD5:	D0042E52F385FB97BCC74CBC95FE2C9D
SHA1:	DD5809C7F7B9FADC5A1B417C5517519F858BBEB2
SHA-256:	6064383CB1F63B285D9A999140DF0B97D3B05ECEE7E5728905B751F1C99AEC0F
SHA-512:	7B936AB6FCF47B031A00EAF62B5D9CBB292DDA63D40456B5EFB6EC2030B1E0AAF9B1F41B50F65DC335DC1A6A8D2E4779C57A898E5092EC46D612B4CD21B171E9
Malicious:	false
Reputation:	low
URL:	"https://fonts.googleapis.com/css?family=Roboto:400,500,700"
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu72xKOzY.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7mxKOzY.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2) format('woff2');. unicode-range: U+0370-0377

Chrome Cache Entry: 139

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (525)
Category:	downloaded
Size (bytes):	4165
Entropy (8bit):	5.458306566929322
Encrypted:	false
SSDEEP:	96:OV2oYAnXeEASj8RmIIbK2EDlqCSPsLNdNNT7NJBbMB:OEk9j8RmlbK2UlqxkhbNPpbMB
MD5:	618BF62B3A337A3BDF1A23F76F9EB710
SHA1:	EA45F54D607029B2641AB3599569F3528699F56D
SHA-256:	690DDD7106974D6BA2B85946981EE7E0791EA4E8979A592BCB99CBB3F94839D9
SHA-512:	3649A8B04167DD6354649B31211A02782483CD3B5A55EAED0A08B8E91D63051E712EB10F3E0A909BF5FFE4A0DBEB5083AF8DE95DB9342C39AB35495EA61A4502
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/browserState.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if(!BrowserState)var BrowserState={};BrowserState.isLocalStorageNameSupported=function(){var c=window.sessionStorage;try{return c.setItem("test","1"),c.getItem("test"),c.removeItem("test"),!0}catch(a){return!1}};.BrowserState.getUrlParameter=function(c,a){-1!=navigator.appVersion.indexOf("MSIE")&&-1<c.indexOf("#")&&(firstIndexPathUrl=c.split("#")[0],c=c.split("#")[1],-1<firstIndexPathUrl.indexOf("?")&&-1>=c.indexOf("?")&&(c=firstIndexPathUrl+c));c.indexOf("#")==c.length-1&&(c=c.substr(0,c.length-1));if(-1<c.indexOf("?")){var b=c.split("?")[1];if(void 0!=b&&(b=b.split("\x26"),void 0!=b))if("MAP"==a){var d=b.length,e={},f=!1;for(i=0;i<d;i++){var g=b[i].split("\x3d");"_suid"!=g[0]&&""!=g[0]&&(f=!0,e[$j.trim(b[i].split("\x3d")[0])]=.$j.trim(b[i].split("\x3d")[1]))}if(f)return e}else if("ARRAY"==a)return b}};BrowserState.getUrlParameterArray=function(c,a){var b=BrowserState.getUrlParameter(c,"ARRAY");if(void 0!=b){if(void 0==a\|\|""==a)return b;var d=b.length,e=[];for(i=0;i<d;i++)-1<b[i].inde

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (528)
Category:	dropped
Size (bytes):	7788
Entropy (8bit):	5.220554596844955
Encrypted:	false
SSDEEP:	192:6Jj+A4nFj2stpaj2j/YcCAGHMGQRTPx7BfwBu5QI:6J14nFjzpajg/BCUGQFZ7BfwBu5QI
MD5:	68425596EA84540ED58F06421A7DBB46
SHA1:	A768605A25882B2B82E04520A1BB9264ADD3F1EB
SHA-256:	3649CA3797FF3449B162F115054574535878BF91B449A95FDBB9EB245D5A60BB
SHA-512:	59568019169973E4B2B0DEE7F41EF9F42F53B964186701AE71D24546C6170F01C4756798189DE16953A191984A638A3967C35FCA25B9505A723B63775C4C03A2
Malicious:	false
Reputation:	low
Preview:	function FastClick(a,b){function c(a,b){return function(){return a.apply(b,arguments)}}var d;b=b\|\|{};this.trackingClick=!1;this.trackingClickStart=0;this.targetElement=null;this.lastTouchIdentifier=this.touchStartY=this.touchStartX=0;this.touchBoundary=b.touchBoundary\|\|10;this.layer=a;this.tapDelay=b.tapDelay\|\|200;if(!FastClick.notNeeded(a)){for(var g="onMouse onClick onTouchStart onTouchMove onTouchEnd onTouchCancel".split(" "),f=0,h=g.length;f<h;f++)this[g[f]]=c(this[g[f]],this);deviceIsAndroid&&.(a.addEventListener("mouseover",this.onMouse,!0),a.addEventListener("mousedown",this.onMouse,!0),a.addEventListener("mouseup",this.onMouse,!0));a.addEventListener("click",this.onClick,!0);a.addEventListener("touchstart",this.onTouchStart,!1);a.addEventListener("touchmove",this.onTouchMove,!1);a.addEventListener("touchend",this.onTouchEnd,!1);a.addEventListener("touchcancel",this.onTouchCancel,!1);Event.prototype.stopImmediatePropagation\|\|(a.removeEventListener=function(b,c,d){var e=Node.prot

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (64394), with CRLF line terminators
Category:	dropped
Size (bytes):	255084
Entropy (8bit):	5.160386686458492
Encrypted:	false
SSDEEP:	3072:UDa8LPLGI9fB8NnODpEujVHUc9koNRppuzGvStCAvuBFak8J3:eLjv9u4VxvLo1
MD5:	E1BF7600D8C5AC51C115D942BEB026F5
SHA1:	C2DF488EBEEAF00B1612C657025460362D429943
SHA-256:	1B4C820B2ACE35A7E3A10BEB67B98B9AFF7C6BB953D700DCEFDF2517232FF869
SHA-512:	AD0B3316B1D248926E7E12956690936A5CBF7B0671E0E01EEFF6D9D6909B372D4F9F174993F39A2A8C727A4F83AEDC7357A6131AE808ABF2531597D6FC803878
Malicious:	false
Reputation:	low
Preview:	/! jQuery UI - v1.13.2 - 2022-11-09.. http://jqueryui.com..* Includes: widget.js, position.js, data.js, disable-selection.js, focusable.js, form-reset-mixin.js, jquery-patch.js, keycode.js, labels.js, scroll-parent.js, tabbable.js, unique-id.js, widgets/draggable.js, widgets/droppable.js, widgets/resizable.js, widgets/selectable.js, widgets/sortable.js, widgets/accordion.js, widgets/autocomplete.js, widgets/button.js, widgets/checkboxradio.js, widgets/controlgroup.js, widgets/datepicker.js, widgets/dialog.js, widgets/menu.js, widgets/mouse.js, widgets/progressbar.js, widgets/selectmenu.js, widgets/slider.js, widgets/spinner.js, widgets/tabs.js, widgets/tooltip.js, effect.js, effects/effect-blind.js, effects/effect-bounce.js, effects/effect-clip.js, effects/effect-drop.js, effects/effect-explode.js, effects/effect-fade.js, effects/effect-fold.js, effects/effect-highlight.js, effects/effect-puff.js, effects/effect-pulsate.js, effects/effect-scale.js, effects/effect-shake.js, effects/ef

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (842)
Category:	dropped
Size (bytes):	91535
Entropy (8bit):	5.249360922341225
Encrypted:	false
SSDEEP:	768:VAmGqPrf7Kqcxqq8P5WqIqBk327WgW76LI2YgAULfU0UYG8u/oRZckBPN8a6ZOPA:VrRjAULy6ZcA0jdWduG6B3
MD5:	37FBEDBD27C033A0E884B69A9DD2AAF8
SHA1:	B5B65BC4FADC8C62CBBCF95FCD91AF324CE01074
SHA-256:	2E4F75F4C9D565F53638856ABF9F935E343EA0A5BD2BF92F44A727EC467708CD
SHA-512:	7129C658D31010A0541DEBE269463C2FFE2E3AFE99802D3CB923E311D122ADE65ED2DBE51ECF3BE43658D8C7A0F8C671D048E46A4CC4DBB8D6A43D74285770AA
Malicious:	false
Reputation:	low
Preview:	var $j=jQuery.noConflict(),windowWidth=$j(window).width(),windowHeight=window.innerHeight?window.innerHeight:$j(window).height(),is_touch_device=/android\|webos\|iphone\|ipad\|ipod\|blackberry\|iemobile\|opera mini/i.test(navigator.userAgent.toLowerCase()),is_ipad=/ipad/i.test(navigator.userAgent.toLowerCase()),is_iphone=/iphone/i.test(navigator.userAgent.toLowerCase());.function setWrapperSpaceminHeight(){var b=0,a=0;setTimeout(function(){a=$j(".breadCrumbNav").height()+$j(".header").outerHeight(!0)\|\|0;b=-1!=navigator.appVersion.indexOf("MSIE 8")?$j("body").hasClass("fullScreenMode")?$j(".header").outerHeight(!0)+$j(".footer").outerHeight(!0)+parseInt($j(".mainSection .container-fluid").css("padding-top"))+parseInt($j(".mainSection .container-fluid").css("padding-bottom")):a+$j(".footer").outerHeight(!0)+parseInt($j(".mainSection .container").css("padding-top"))+.parseInt($j(".mainSection .container").css("padding-bottom")):$j("body").hasClass("fullScreenMode")?$j(".header").outerHeight(!0)+

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
Category:	downloaded
Size (bytes):	18596
Entropy (8bit):	7.988788312296589
Encrypted:	false
SSDEEP:	384:h5D5WUhNanar/Z19V6iGCYIqoPfHwfr13GPgqbrxremyFKKWB:h/NaOrBGCYIBPfQD1xqPhl
MD5:	C83E4437A53D7F849F9D32DF3D6B68F3
SHA1:	FABEA5AD92ED3E2431659B02E7624DF30D0C6BBC
SHA-256:	D9BADA3A44BB2FFA66DEC5CC781CAFC9EF17ED876CD9B0C5F7EF18228B63CEBB
SHA-512:	C2CA1630F7229DD2DEC37E0722F769DD94FD115EEFA8EEBA40F9BB09E4FDAB7CC7D15F3DEEA23F50911FEAE22BAE96341A5BACA20B59C7982CAF7A91A51E152F
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Preview:	wOF2......H...........H=................................\|.`..J.H..<........>..Z...x.6.$..0. ..~. ..)...%.m..t.D<...U.c....D....@........@e..a..R./<...p..q..q....S<.nm...X..(ER....e.....O.?Q_..FYH......ml.E..?;X0>.f.Y.,.n.a...._h8c.006U.cS..3.m.Or..I9..5.;.=..'!..c.O...W.K..f....k..&Xq..Y?.r...%.S..y.:q.......uD.d.R..'..Q,L.... e`..=?.{...e%{.....3+$.....NkF2...... ._}..2]....,.F.u.S4O.~w).G..../]}6.nVwKj.h@........5.7P....i..r........U?.........q..Cm......g...\.zu.....P..\|....5G$...4k$..L..g..".y..?..6...O...e..@..0TYh..v........M.....#B...O.i.G$.Bq..m.A.s~...A...c.....25K.....B..<..w.A....G.O...A......A,y"q....q<....N..{Ta..!.\|vzo.;9.5>.>....7I.i.Ld.4..y...].g.....'m_(...O-..}.K.(....R..2.q.z9.D..]..$.#$.:x..:{..m.OF...K[J. ......lpH.#%V....4.;l.<..J.6.T..a...I..\|..zj.k.-...y...#..e.1,s....<.HX.....z{L....'.$. "..tY..m.<.\8P. a.......x.W\.b.%...RA.\.... M.......v1......#...............`.c..%.Nc.d.qP.68....$<.O.S_7...U.].jn>@.3.c..wO..>.>a.qg....\..kb.

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 350 x 97, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	14683
Entropy (8bit):	7.980524638471162
Encrypted:	false
SSDEEP:	384:X1aAbibmAE9VH3hP+JTil6m0Nb7jmc09JTJ:X1lbiNE9BYDmU/10HTJ
MD5:	64F4F3EA7E811F232FBDCD30D6C72A86
SHA1:	B107B2FC564F40BA25A8F870C0CABE416DE8DD87
SHA-256:	C8E02AB8522B91BD020AF019D716E1B617E89CB9DEDD9C1B1ED94B90F1D9562D
SHA-512:	E89082542F730520AA94E8A571E2E5D07FBB1C95060FD48973DB620257968A4810F32DCCAFAA1808CD0F7E295F4DF16D5D7E41CA431386E243D98DCC73E1E085
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...^...a.......^.....sRGB...,.....pHYs...t...t..f.x..9.IDATx..i...u&\..Ta..@....n...LY.lE..(vb...Nf2.g..-..H....9.....\|q2Y.q<..E..K.VR.DQ\{_.@7..P{..IQ...&.-.S..A.]xkA..}.}.}_b.!...6..J..'}.6l..aS...6Z....6l..M.6l.h...l...65.a..lj.a.F...`.........-`S...6Z....6l..M.6l.h...l...65.a..lj.a.F..c.`4=......z...6n...5$\..J..<'#:b...).DY..yH..>.p4L!.T......k......t....N....N^...V...j.'U.@h..9~.....DQ. d.U..Z.NLN..y.0p.T...0<....T...:...4[S.qs.E...@..4B.V...9.S..EV..!....:9Q.......PGWWW.3.t8q.kx.(......l&#..5.&........l.:!.....!v.D.&:t.7.[.....{.n..<A."`..qNU...........1...~._..a...\.....F.X...$.;.@)........v.\|>.".e...2..&W..\|....SK.l.<B ....{...ac=>IjPp......1.S.hW.x.W......i. .b.T..j/...P..J.J... .......@. %`c....PTU...B>.....-P."..@.@.3.,..?.mfs.S.N~..Y.Z.....Z.D...^..6.\|b.P&...8....}.G.x..P(.q\|.ZI.3.tzaa.T*...UU@..,..y....`.e..AuC.1..(..uQ.DI..\|....k.Z.X(,-.%.+........q.........ggfO...b!.gh... .84...&6l.=...A$.U..]._.].P.s{.....p.\)

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Algol 68 source, ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	180287
Entropy (8bit):	4.518005361688447
Encrypted:	false
SSDEEP:	1536:OMu76JH0L3byADfaecWDG4lp6gm8c7vWQ7ACuTT8F8fwMkAEpsI+l1pDu361PHQF:OMu76JYmOllp6gjkA0sI+l1plPHTIpb
MD5:	C4713DBA77CD859337023FA456E957DB
SHA1:	3793BEC9F3DE05162CDDE84A4839F9715D14B0D8
SHA-256:	954BD2F6BC7E7BC568875886DA054248861F6B2B61503C4BDE068C6FB86C35C9
SHA-512:	278B776257348625D709E623367D634D765A96117C7A6EF90F7D02C0CFB2C7138039EA7DDCAE29C86F33091BE8FDFA92CA6CC20650C06C6B055972458CA2B851
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/moment_new.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	//! moment.js..//! version : 2.29.4..//! authors : Tim Wood, Iskren Chernev, Moment.js contributors..//! license : MIT..//! momentjs.com....;(function (global, factory) {.. typeof exports === 'object' && typeof module !== 'undefined' ? module.exports = factory() :.. typeof define === 'function' && define.amd ? define(factory) :.. global.moment = factory()..}(this, (function () { 'use strict';.... var hookCallback;.... function hooks() {.. return hookCallback.apply(null, arguments);.. }.... // This is done to register the method called with moment().. // without creating circular dependencies... function setHookCallback(callback) {.. hookCallback = callback;.. }.... function isArray(input) {.. return (.. input instanceof Array \|\|.. Object.prototype.toString.call(input) === '[object Array]'.. );.. }.... function isObject(input) {.. // IE8 will treat undefined and null as object if it wasn't fo

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (576)
Category:	dropped
Size (bytes):	5748
Entropy (8bit):	5.441096209962554
Encrypted:	false
SSDEEP:	96:XhR/syc2UsOdczDNMFVnvZLoKPKolKPKkgZKgV77hGAHWBPXw:XhREyc/f5cAd3
MD5:	7F091B7127244E99D741FEA29F684FA4
SHA1:	83FB76B362BBA09B008CB25CA45D9129F3AFC58C
SHA-256:	4AC1978DBD194EAFD6449B8525810CC93165D8CB7E192AEEBA4691F7E647C5A7
SHA-512:	42A0B88A3E70A985BE9A2EC6B152354D1253097E8B8575499E18F841787FFA42FC379892E2FF28C38A578E130B273FDFCAA6279CBEADC64261B03F7165B91A7C
Malicious:	false
Reputation:	low
Preview:	if(!DragAndDropCommonCollection)var DragAndDropCommonCollection={};DragAndDropCommonCollection.moreLinkExpand=function(a,b,c){""!=a&&""!=b&&(document.getElementById(a).style.display="inline",document.getElementById(b).style.display="none");c&&CollaborateCommon.trackBehaviour(c,"Expansion of More");ModalCenterPosition()};.DragAndDropCommonCollection.unBindDragAndDropForActivity=function(a,b){if(-1==navigator.appVersion.indexOf("MSIE 9")&&-1==navigator.appVersion.indexOf("MSIE 8")){$j(document).off("keyup.mulSelComp");var c=$j("#"+a);$j("#"+b);c.off("dragenter.mulSelComp");c.off("dragover.mulSelComp");c.off("dragleave.mulSelComp");c.off("drop.mulSelComp")}};.DragAndDropCommonCollection.bindDragAndDropForActivity=function(a){var b=GriffinCommon.gethtml5uploadJsArray();b.push(GriffinCommon.getCanvasToBlobMinJsJson());b.push(GriffinCommon.getloadImageAllMinJsJson());b.push(GriffinCommon.getJqueryFileuploadImageJsJson());GriffinCommon.loadJsFilesSequentially(b,0,function(){if(-1==navigator.a

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (717)
Category:	dropped
Size (bytes):	13084
Entropy (8bit):	5.444958659979546
Encrypted:	false
SSDEEP:	384:AHO/tpTR+dw3uYEyk5WH+R5Y9faN8Mr3MZy9MtwKy8Nzz63b6KK79wY3Py8y+tKT:AHMtZgdw3nEymWeRO9faN8M3MZy9MtwN
MD5:	5DD3C189D32F6FB0F9A6C5E86A58F5D2
SHA1:	2B5AFAE8C036C7D4B5DF37363D58C8CA061206B9
SHA-256:	0F2FB428B2CAE9A1A7E0EADE62DD7B1998F7A2F58E0DFE09B5EFBA6F7F778510
SHA-512:	9FAB6DFCEE4C60EA83D3A7E4CA006C6D434185A2D3A68852A929376430E683D4E65A37C17CEB08D60FE3E774FA7075FA2410DF88E547DDE4B40E1B99E696646A
Malicious:	false
Reputation:	low
Preview:	if(!viewImageModalCollection)var viewImageModalCollection={};.viewImageModalCollection.getModalHtml=function(b,a,c){c='\x3cdiv class\x3d"pull-left visible-xs visible-sm margLeft12 margTop2 absoluteDiv"\x3e\x3cbutton data-toggle\x3d"dropdown" class\x3d"btn dropdown-toggle errorElement" type\x3d"button" aria-expanded\x3d"false"\x3e\x3cspan class\x3d"caret"\x3e\x3c/span\x3e\x3cspan class\x3d"TruncateTxt" id\x3d"selectDropdownForOverviewAndDetailID"\x3e'+GriffinCommon.getResourceBundledProperty("wiki.infomodal.overview")+'\x3c/span\x3e\x3c/button\x3e\x3cul class\x3d"dropdown-menu pull-left setHeightDrop"\x3e\x3cli\x3e\x3ca href\x3d"#" onclick\x3d"viewAdeptolModalCollection.showHideLeftRightPanel(this); return false;"\x3e'+.GriffinCommon.getResourceBundledProperty("wiki.infomodal.overview")+'\x3c/a\x3e\x3c/li\x3e\x3cli\x3e\x3ca href\x3d"#" onclick\x3d"viewAdeptolModalCollection.showHideLeftRightPanel(this); return false;"\x3e'+GriffinCommon.getResourceBundledProperty("qa.text.Details")+'\x3

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	dropped
Size (bytes):	1150
Entropy (8bit):	4.988986771587395
Encrypted:	false
SSDEEP:	24:m8Ywh/kZy5ztJ/SIQsvDqfgvP8/uUXN8oHaRODY2S:tkghY6D2gveVHaU
MD5:	5EB79603256264B91B42AC3EF9601DB6
SHA1:	B4C96EA71B41B51313596280BB9933C3FC2E5485
SHA-256:	6384E8CABA454356B07B87FFA8B5FED94D302126018EA8C0CECDDD560A99DF36
SHA-512:	D98B32C7CDCFD92579EC3C3EB306AF822E7FCC008DDFA6DE415B87E0CB7DFA05547B87F314D79F6255C5FEA8540F03A46045EF6A315C119B23506C96BE079195
Malicious:	false
Reputation:	low
Preview:	............ .h.......(....... ..... ..................................................................................................................................................................................................................................................................................................................................................................................~..}{..zw}.trx.gek.bag.........................................................................................................................d_b._\`.................................................................................................................................................................................................................................................LMX.........................................................................................................................................qot...........................................................

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (588)
Category:	dropped
Size (bytes):	224979
Entropy (8bit):	5.411360043971814
Encrypted:	false
SSDEEP:	1536:7tFhUhQhLIwVn0OO4esuCsGlsOngVBlMAlrAqMYmMOajnVCoC2:VRWan0OO4E3G5nkn1MYmMqoC2
MD5:	4C88E516AEC4E336FB47AA718B5892CE
SHA1:	016A2CDCAF0BFD56EAA3C7384EDD8CFC384D512C
SHA-256:	800EDBC40A6A4548922FE53CFDD48E24EF4D6A18663F519E7CAD358D2F863731
SHA-512:	D5F1FEF6AD2C12E678738A281CAA5E2659250D1A62C9A7A2596687EAED46C7748A4CECF4BAB6C23EE7975C5229380397E1917152988396B372E677D3E4E2572A
Malicious:	false
Reputation:	low
Preview:	if(!DocumentAnalysisCollection)var DocumentAnalysisCollection={};1>Object.keys(DocumentAnalysisCollection).length&&(DocumentAnalysisCollection={SYSTEM_SERVICE_CONFIGURE_MODAL_ID:"system_admin_document_analysis_service_configure_id",systemAdminManageClassifierVersion:[],saveSystemAdminManageClassifierVersion:[]});.DocumentAnalysisCollection.openuserConfigurationModal=function(a,b){if("Microsoft"===a){var c=a+" Auto-suggest tags";DocumentAnalysisCollection.callFrom="Add";var d=[{ID:"close",TEXT:GriffinCommon.getResourceBundledProperty("ui.button.text.cancel",null),TYPE:"Cancel",FUNCTION:function(){DocumentAnalysisCollection.closeModal(DocumentAnalysisCollection.SYSTEM_SERVICE_CONFIGURE_MODAL_ID)}},{ID:"next",TEXT:GriffinCommon.getResourceBundledProperty("ui.button.text.test",null),TYPE:"PRIMARY",CLASS:"pull-right ",.FUNCTION:function(){DocumentAnalysisCollection.testConfigurationMicrosoftAI(a)}},{ID:"save",TEXT:GriffinCommon.getResourceBundledProperty("systemadmin.systemsettings.displa

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (552)
Category:	dropped
Size (bytes):	22379
Entropy (8bit):	5.360376748881115
Encrypted:	false
SSDEEP:	384:ubybynNjlSDJ18UsdQCOMtPhP22+NP0T03fn9fSdt4qPUbuVc:N+qj8UseMYJ0T03fn9fSdt4qPGF
MD5:	D0F0CF6A6011DA7DFACC3A2EE8761441
SHA1:	DA702E6FD7933BC242D0E5673BF45239BD8530A9
SHA-256:	584FA1A7A31CC6491BD14CDEA329B0E9CDB82E21F05AAE3D057C4A6E648690BC
SHA-512:	CB5046DB6BC8ABB7D721009F1E64A4E912BF09DD235F367B0DB8C5023C624386494576AAE1ABBB2EC9AC8515EAF94E9B9EBB638EB4DF43632D951880658660DA
Malicious:	false
Reputation:	low
Preview:	"object"!=typeof JSON&&(JSON={});.(function(){function c(b){return 10>b?"0"+b:b}function r(e){return b.lastIndex=0,b.test(e)?'"'+e.replace(b,function(b){var e=g[b];return"string"==typeof e?e:"\\u"+("0000"+b.charCodeAt(0).toString(16)).slice(-4)})+'"':'"'+e+'"'}function l(b,c){var m,a,g,h,k=e,f,d=c[b];d&&"object"==typeof d&&"function"==typeof d.toJSON&&(d=d.toJSON(b));"function"==typeof q&&(d=q.call(c,b,d));switch(typeof d){case "string":return r(d);case "number":return isFinite(d)?String(d):"null";case "boolean":case "null":return String(d);.case "object":if(!d)return"null";e+=p;f=[];if("[object Array]"===Object.prototype.toString.apply(d)){h=d.length;for(m=0;m<h;m+=1)f[m]=l(m,d)\|\|"null";return g=0===f.length?"[]":e?"[\n"+e+f.join(",\n"+e)+"\n"+k+"]":"["+f.join(",")+"]",e=k,g}if(q&&"object"==typeof q)for(h=q.length,m=0;m<h;m+=1)"string"==typeof q[m]&&(a=q[m],g=l(a,d),g&&f.push(r(a)+(e?": ":":")+g));else for(a in d)Object.prototype.hasOwnProperty.call(d,a)&&(g=l(a,d),g&&f.push(r(a)+(e?"

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2048), with CRLF line terminators
Category:	downloaded
Size (bytes):	42601
Entropy (8bit):	5.27741643358958
Encrypted:	false
SSDEEP:	768:hePfOzN9Jn7dQmaBKazh89J6rxtpZid+jh:TzN9l2BBKazh2UrbpZid2
MD5:	B50FA615AC8FE5621A82E223CC2CF99F
SHA1:	107FEE69A8C986C6C6DB98F975447BC73A71F601
SHA-256:	F96703A3B2EAAE5C460B18B19AE57AF29FD557DE3581A1A5DAE775B3EC6AF244
SHA-512:	B4A4754F58AE23DF408100EA9B6CD9D11B9D712FC38C15A45593A3B3665093A51DA99A5F3C8A7B375365443FFC8C4B59F775B1D9109904E26779B64224BA29BF
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/v4/datetime-autosuggest-tokenfield.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	..../obsidian.css ckeditor code formatting/../** * Obsidian style * ported by Alexander Marenin (http://github.com/ioncreature) */.hljs{ display:block;padding:0.5em; background:#282B2E}.hljs-keyword,.hljs-literal,.hljs-change,.hljs-winutils,.hljs-flow,.lisp .hljs-title,.clojure .hljs-built_in,.nginx .hljs-title,.css .hljs-id,.tex .hljs-special{ color:#93C763}.hljs-number{ color:#FFCD22}.hljs{ color:#E0E2E4}.css .hljs-tag,.css .hljs-pseudo{ color:#D0D2B5}.hljs-attribute,.hljs .hljs-constant{ color:#668BB0}.xml .hljs-attribute{ color:#B3B689}.xml .hljs-tag .hljs-value{ color:#E8E2B7}.hljs-code,.hljs-class .hljs-title,.hljs-header{ color:white}.hljs-class,.hljs-hexcolor{ color:#93C763}.hljs-regexp{ color:#D39745}.hljs-at_rule,.hljs-at_rule .hljs-keyword{ color:#A082BD}.hljs-doctype{ color:#557182}.hljs-link_url,.hljs-tag,.hljs-tag .hljs-title,.hljs-bullet,.hljs-subst,.hljs-emphasis,.haskell .hljs-type,.hljs-preprocessor,.hljs-pragma,.ruby .hljs-class .hljs-parent,.hljs-built_in,.sql .hl

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	32412
Entropy (8bit):	5.154917866834749
Encrypted:	false
SSDEEP:	768:0Q34lhN4r7Xy7xG0K88PD+X45FCOrmLZJnFS0iv6X7LRF:0QIlUr7ymPD+wFCOrGv1n
MD5:	2DE730D25D946D02526223EA678C7467
SHA1:	5C239B424415DA99FF40680141F3222A299003CB
SHA-256:	64C67A33C8E4002C793573C8D78C8914219A3E4DD54C098B93DB61A2B72AB71D
SHA-512:	10759419C3FD2523C9FCCFE7A1E83EB168C8AB534D38E79317D3D98D4B4EDD8AE14BAFF1D87A7F3CEC4DD25BFBBDA0F3A67F2F0BEEA81E0D1B755D2B1DC87B7A
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/jquery-migrate.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/!. jQuery Migrate. * Copyright OpenJS Foundation and other contributors. */.( function( factory ) {.."use strict";...if ( typeof define === "function" && define.amd ) {....// AMD. Register as an anonymous module....define( [ "jquery" ], function( jQuery ) {....return factory( jQuery, window );...} );..} else if ( typeof module === "object" && module.exports ) {....// Node/CommonJS...// eslint-disable-next-line no-undef...module.exports = factory( require( "jquery" ), window );..} else {....// Browser globals...factory( jQuery, window );..}.} )( function( jQuery, window ) {."use strict";..jQuery.migrateVersion = "3.5.2";..// Returns 0 if v1 == v2, -1 if v1 < v2, 1 if v1 > v2.function compareVersions( v1, v2 ) {..var i,...rVersionParts = /^(\d+)\.(\d+)\.(\d+)/,...v1p = rVersionParts.exec( v1 ) \|\| [ ],...v2p = rVersionParts.exec( v2 ) \|\| [ ];...for ( i = 1; i <= 3; i++ ) {...if ( +v1p[ i ] > +v2p[ i ] ) {....return 1;...}...if ( +v1p[ i ] < +v2p[ i ] ) {....return -1;...}..}..return 0

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (498)
Category:	downloaded
Size (bytes):	935
Entropy (8bit):	5.513990527184043
Encrypted:	false
SSDEEP:	24:Kqc/fO0fofO0bPetKq6U727eghhtp6oEU2be0ie:YOmQOoetH7KeghAob0ie
MD5:	3F6BBE9DCE3B1E832DBA294A09013DA4
SHA1:	851194F84AD0DF927F7AD498999DCB2A74561C86
SHA-256:	460DD47F9D09F9935EF74681260BEDD7A9CAE6D0A6EF9CBDA0057117EC090B32
SHA-512:	398C3ABA9187298F2A5CE6B493B3941BE61E2549FEE332F61EC820976B91A186F3DD711F10A4947A6FC3A846B9B24878AB200A711B56908BCF47317B19E954BB
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/footer.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	function callTermsCondition(){window.open("termsOfUse.action?timestamp\x3d"+(new Date).getMilliseconds(),"subWindow","height\x3d700,width\x3d900,resizable\x3dyes,scrollbars\x3dyes");return!1}function callPrivacyPolicy(){window.open("privacyPolicy.action?timestamp\x3d"+(new Date).getMilliseconds(),"subWindow","height\x3d700,width\x3d900,resizable\x3dyes,scrollbars\x3dyes");return!1}.function getContactUsAdminEmails(){GriffinCommon.customAjaxSubmit({REQUEST_TYPE:"POST",REQUEST_URL:"getContactUsAdminEmails.action?"+systemProperty.CSRF_TOKEN_NAME+"\x3d"+systemProperty.CSRF_TOKEN_VALUE,FORM_DATA:{"metaData.siteID":collaborateCommon.metaDataSiteID},CACHE:"false",DATA_TYPE:"html"},function(a){0!=a.length&&(0==a.indexOf("http")\|\|0==a.indexOf("https")\|\|0==a.indexOf("ftp")?window.open(a):-1==a.indexOf("@")?window.open("http://"+a):window.location.href="mailto:"+a);return!0},null)}.function helpClickedForFooter(a,b){window.open(b)};

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1618)
Category:	downloaded
Size (bytes):	79013
Entropy (8bit):	5.593476809556987
Encrypted:	false
SSDEEP:	1536:TKntwg4WanJdfuwP20BPVKM6QU3J+PvuC3C6jVCfM07UqFvRBUep0uWxNhPFi+Mj:cgYwP20PQd3J+33C6jk7UqFvRBUJuwoj
MD5:	F4055DCD2CA4D400430F40B8387A817A
SHA1:	8F0520014BFFE270E60EC09FEF13474AEBE32955
SHA-256:	5A217482BC6553D2465083EE9A58BABC07B7B540BD20CDB07E4D8961EE4BF7C5
SHA-512:	52B6E75B9A2BBB65A48BF124029D316EB698E1C4CE3A788051D1D1C60BCB7337B839DBD33AF7741B1EF9D80D688DEC8BC74EDF3CD7EE5425DF206743C1BADD77
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/Griffin_common_updated.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if(!GriffinCommon)var GriffinCommon={};var griffinCommonJsJson={executeAjaxCompleteHandler:!0,DEFAULT_DATE_FORMAT_FOR_JQUERY:"dd M yy",DEFAULT_DATE_FORMAT_FOR_DATEPICKER:"dd MMM yyyy",MY_SITE:"My site",MODAL_ERROR_GENERAL:"GENERAL",ACTION_MAP:{},ALERT_MESSAGE_TYPE_SUCCESS:"SUCCESS",ALERT_MESSAGE_TYPE_DANGER:"DANGER",ALERT_MESSAGE_TYPE_INFO:"INFO"},ajaxProcessCounter=0;.GriffinCommon.customAjaxSubmit=function(a,b,c,d){var e=a.REQUEST_URL,f=a.ACTION_GROUP_ID,g=!0;void 0!=a.ASYNC&&0==a.ASYNC&&(g=!1);var h=!0;if(null!=a.checkAjaxCompleteHandler\|\|void 0!=a.checkAjaxCompleteHandler)h=a.checkAjaxCompleteHandler;griffinCommonJsJson.executeAjaxCompleteHandler&&h&&window.NotificationAlertCollection&&window.NotificationAlertCollection.ajaxCompleteHandler&&(griffinCommonJsJson.executeAjaxCompleteHandler=!1,NotificationAlertCollection.ajaxCompleteHandler());void 0!=c&&null!=.c&&BrowserState.isLocalStorageNameSupported()&&(ajaxProcessCounter+=1,sessionStorage.setItem("userChangeState","TRUE"),sessio

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (717)
Category:	downloaded
Size (bytes):	13084
Entropy (8bit):	5.444958659979546
Encrypted:	false
SSDEEP:	384:AHO/tpTR+dw3uYEyk5WH+R5Y9faN8Mr3MZy9MtwKy8Nzz63b6KK79wY3Py8y+tKT:AHMtZgdw3nEymWeRO9faN8M3MZy9MtwN
MD5:	5DD3C189D32F6FB0F9A6C5E86A58F5D2
SHA1:	2B5AFAE8C036C7D4B5DF37363D58C8CA061206B9
SHA-256:	0F2FB428B2CAE9A1A7E0EADE62DD7B1998F7A2F58E0DFE09B5EFBA6F7F778510
SHA-512:	9FAB6DFCEE4C60EA83D3A7E4CA006C6D434185A2D3A68852A929376430E683D4E65A37C17CEB08D60FE3E774FA7075FA2410DF88E547DDE4B40E1B99E696646A
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/viewImageModal.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	if(!viewImageModalCollection)var viewImageModalCollection={};.viewImageModalCollection.getModalHtml=function(b,a,c){c='\x3cdiv class\x3d"pull-left visible-xs visible-sm margLeft12 margTop2 absoluteDiv"\x3e\x3cbutton data-toggle\x3d"dropdown" class\x3d"btn dropdown-toggle errorElement" type\x3d"button" aria-expanded\x3d"false"\x3e\x3cspan class\x3d"caret"\x3e\x3c/span\x3e\x3cspan class\x3d"TruncateTxt" id\x3d"selectDropdownForOverviewAndDetailID"\x3e'+GriffinCommon.getResourceBundledProperty("wiki.infomodal.overview")+'\x3c/span\x3e\x3c/button\x3e\x3cul class\x3d"dropdown-menu pull-left setHeightDrop"\x3e\x3cli\x3e\x3ca href\x3d"#" onclick\x3d"viewAdeptolModalCollection.showHideLeftRightPanel(this); return false;"\x3e'+.GriffinCommon.getResourceBundledProperty("wiki.infomodal.overview")+'\x3c/a\x3e\x3c/li\x3e\x3cli\x3e\x3ca href\x3d"#" onclick\x3d"viewAdeptolModalCollection.showHideLeftRightPanel(this); return false;"\x3e'+GriffinCommon.getResourceBundledProperty("qa.text.Details")+'\x3

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, CFF, length 36904, version 1.0
Category:	downloaded
Size (bytes):	36904
Entropy (8bit):	7.990913780363179
Encrypted:	true
SSDEEP:	768:l2s5MtL/ynGQH1VKb3P2BJBTwCvIEorrV0PL7lPPL7vVLkIh/iignyPL4:l4Lqnj1kbmJBTwCvIrRg7LVLrMxnkL4
MD5:	4AC1E8648A02EF812D17C1E43D5AADDF
SHA1:	EB79FF1C5CB30EC1AA510EEF0820DD62DF15CBB9
SHA-256:	71E21FCB1F19EF00BFD7C9E23C3C60BE674AD62C2688998012823C5E3FE5905A
SHA-512:	B901B77BA31061377E83D186E86ADAF35979BE153C0EE654FD62125405410FC422C127810FF3D62295D06EA83FA5750C158F8107F74948A3B956F0BEEB233A22
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/fonts/Icon/highq50.woff?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	wOFFOTTO...(...............................CFF .......L...-.Z.FFTM...T........\|A.jGDEF...p....... .$..OS/2.......I...`/.M\cmap...........,.l..head...........6.2..hhea...........$.A..hmtx................maxp...,..........P.name...4........<...post........... ....x...y`[.?n)..N.....B%....%...().#a.P.Y.[v..mI^.Kw.F..%.Kvg'.).@.....G...4.....-.:z......r..\|.....sg..9s........d2...-......d.2U...s..S;.\|~u.l.>{.>..RS..G?.W.O..ir.\,g./VU...g..\.<g.y..l.x1...i.5U.V.U]Pue.UwT...X.U5PU....Z...oW.Tu..x.M.Lg...d5]jZdZj.....S....g.L.i...t..m..7L?1.o.O....b.2..s.u...7.o5.a~......2...s.<m.c>l.........h~....W...?......w...}e.W..>.y..=1o..y.y.y..6..;..y...w..\|...n._.............V}O.....^_.\.....S...W..g..W..~....c..T.[...5...Z.g.`.f.`....;...UL...t3.L.Q.<3..f.c.2.e...%...W......u.....r.Av5..6.]......f....3...E.5.-.8.!.....-....q.p_.Vrk.........Mq{..c.O..p....L.A..9.\|t...-E........P.....[...M.....x~......v...W._9.y~.\|WS.s.zGCwS...d.v.mhu.........[}..

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Algol 68 source, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	180287
Entropy (8bit):	4.518005361688447
Encrypted:	false
SSDEEP:	1536:OMu76JH0L3byADfaecWDG4lp6gm8c7vWQ7ACuTT8F8fwMkAEpsI+l1pDu361PHQF:OMu76JYmOllp6gjkA0sI+l1plPHTIpb
MD5:	C4713DBA77CD859337023FA456E957DB
SHA1:	3793BEC9F3DE05162CDDE84A4839F9715D14B0D8
SHA-256:	954BD2F6BC7E7BC568875886DA054248861F6B2B61503C4BDE068C6FB86C35C9
SHA-512:	278B776257348625D709E623367D634D765A96117C7A6EF90F7D02C0CFB2C7138039EA7DDCAE29C86F33091BE8FDFA92CA6CC20650C06C6B055972458CA2B851
Malicious:	false
Reputation:	low
Preview:	//! moment.js..//! version : 2.29.4..//! authors : Tim Wood, Iskren Chernev, Moment.js contributors..//! license : MIT..//! momentjs.com....;(function (global, factory) {.. typeof exports === 'object' && typeof module !== 'undefined' ? module.exports = factory() :.. typeof define === 'function' && define.amd ? define(factory) :.. global.moment = factory()..}(this, (function () { 'use strict';.... var hookCallback;.... function hooks() {.. return hookCallback.apply(null, arguments);.. }.... // This is done to register the method called with moment().. // without creating circular dependencies... function setHookCallback(callback) {.. hookCallback = callback;.. }.... function isArray(input) {.. return (.. input instanceof Array \|\|.. Object.prototype.toString.call(input) === '[object Array]'.. );.. }.... function isObject(input) {.. // IE8 will treat undefined and null as object if it wasn't fo

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1618)
Category:	dropped
Size (bytes):	79013
Entropy (8bit):	5.593476809556987
Encrypted:	false
SSDEEP:	1536:TKntwg4WanJdfuwP20BPVKM6QU3J+PvuC3C6jVCfM07UqFvRBUep0uWxNhPFi+Mj:cgYwP20PQd3J+33C6jk7UqFvRBUJuwoj
MD5:	F4055DCD2CA4D400430F40B8387A817A
SHA1:	8F0520014BFFE270E60EC09FEF13474AEBE32955
SHA-256:	5A217482BC6553D2465083EE9A58BABC07B7B540BD20CDB07E4D8961EE4BF7C5
SHA-512:	52B6E75B9A2BBB65A48BF124029D316EB698E1C4CE3A788051D1D1C60BCB7337B839DBD33AF7741B1EF9D80D688DEC8BC74EDF3CD7EE5425DF206743C1BADD77
Malicious:	false
Reputation:	low
Preview:	if(!GriffinCommon)var GriffinCommon={};var griffinCommonJsJson={executeAjaxCompleteHandler:!0,DEFAULT_DATE_FORMAT_FOR_JQUERY:"dd M yy",DEFAULT_DATE_FORMAT_FOR_DATEPICKER:"dd MMM yyyy",MY_SITE:"My site",MODAL_ERROR_GENERAL:"GENERAL",ACTION_MAP:{},ALERT_MESSAGE_TYPE_SUCCESS:"SUCCESS",ALERT_MESSAGE_TYPE_DANGER:"DANGER",ALERT_MESSAGE_TYPE_INFO:"INFO"},ajaxProcessCounter=0;.GriffinCommon.customAjaxSubmit=function(a,b,c,d){var e=a.REQUEST_URL,f=a.ACTION_GROUP_ID,g=!0;void 0!=a.ASYNC&&0==a.ASYNC&&(g=!1);var h=!0;if(null!=a.checkAjaxCompleteHandler\|\|void 0!=a.checkAjaxCompleteHandler)h=a.checkAjaxCompleteHandler;griffinCommonJsJson.executeAjaxCompleteHandler&&h&&window.NotificationAlertCollection&&window.NotificationAlertCollection.ajaxCompleteHandler&&(griffinCommonJsJson.executeAjaxCompleteHandler=!1,NotificationAlertCollection.ajaxCompleteHandler());void 0!=c&&null!=.c&&BrowserState.isLocalStorageNameSupported()&&(ajaxProcessCounter+=1,sessionStorage.setItem("userChangeState","TRUE"),sessio

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (590)
Category:	downloaded
Size (bytes):	31223
Entropy (8bit):	5.462211993052096
Encrypted:	false
SSDEEP:	768:h79FEF1lLJ8F1Nwz0D7rI+UObWGXKN4audCON5T2R2gQTzlO6a0wogpyKVdYYfra:hCTLJ8LVb6Md3a0wrycdYY+
MD5:	90D195211ADD97BC73EB0AE1804EB7F5
SHA1:	ABD9150845236C594BCF60D8E5CC16E61A233847
SHA-256:	2B7DC62496843756AE923D71B36965FC46FE060D7ED526849036ADBF3DC79C2C
SHA-512:	6E07B1EECA42AA6926BAD63B9235D45B234FCCD26C27DC332780DFB5ACF36C310189CF6AF47F4CE73B4BFE43A120586EBC82C60046DA11FACC6BB3D2CAC93C81
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/griffin/CollaborateCommon_updated.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	var microblogImageUploadCounter=0,microblogTotalImages=0,collabCommon_userTimestampKey=collaborateCommon.userID+"_"+(new Date).getTime(),collaborateCommon_timerForNotificationFadeOut=0;if(!CollaborateCommon)var CollaborateCommon={};if(!SiteCommonCollection)var SiteCommonCollection={};CollaborateCommon.onload=function(){$j("#collaborateCustomMessageModal").on("shown.bs.modal",function(){$j("#collaborateMessageOkButton").focus()})};.CollaborateCommon.viewUserProfilePreview=function(a,b,c){var d=$j(a);$j("#msTeamStatusDivId").html("");0==$j("body div.userinfoDropdown").length&&$j('\x3cdiv class\x3d"userinfoDropdown" role\x3d"dialog" aria-labelledby\x3d"userNameFull'+b+'" tabindex\x3d"-1" /\x3e').appendTo("body");var e=$j(".userinfoDropdown");null!=e.attr("lastuser-id")&&e.attr("lastuser-id")==b\|\|e.html('\x3cdiv class\x3d"text-center" style\x3d"padding:72px 20px;"\x3e\x3cimg src\x3d"./images/gray-loaderbig.gif" alt\x3d"Loading..."/\x3e\x3c/div\x3e');.if(d.hasClass("active"))return $j("[dat

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	51
Entropy (8bit):	4.297151508884876
Encrypted:	false
SSDEEP:	3:YWMmqetEEJtZlCn:YWMm9DJt6
MD5:	60595F7368129753FC4FF67AFAB54F4C
SHA1:	01DEA04FA3E44B20C6F534647E532C12606EAFEA
SHA-256:	A4EEC15E174C5160A0145BED0138CA95594B89F5697E4C1D26BB2D8AA45975D3
SHA-512:	00D083685A0CA9A0A0F07C2DECED05FD195122066325DF4E004D4F50E20A08B658BDA9A14213DB2041409BFE33B832216C07BE01C53E1AAE890100049B87A644
Malicious:	false
Reputation:	low
URL:	"https://c.go-mpulse.net/api/config.json?key=VGB5N-JKHTN-ADEL6-4VVQZ-Y23KW&d=kubota.highq.com&t=5782136&v=1.720.0&if=&sl=0&si=1053a044-ce07-4f4c-9d3e-580463074be5-sordi6&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=918031"
Preview:	{"site_domain":"arlid:918031","rate_limited":true}.

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (748)
Category:	dropped
Size (bytes):	36807
Entropy (8bit):	5.232706068105287
Encrypted:	false
SSDEEP:	384:ACRBjtvIid2F9n9tfMf2aij67ctzZriOMNa28y64Vg3q0EsFXtVLdn9p8PIgYhcV:1dIcAerX8B8own6O
MD5:	7F54B32A32DCE3EA29AE0D5AFF673B13
SHA1:	9BA89A46809981C52F3C6CBD86A7140523EFCA0A
SHA-256:	688688ADE3C9A689288A4B947C6183465187D53E5B86A8EB900345DDB8066100
SHA-512:	52657E29F8143BBBF5FD8B288169292F95A32C4429A226957D9AB37D427EE9219142AD4675F9BDB9AA53189D6903B909C321260973267974DB54981ABF7CD739
Malicious:	false
Reputation:	low
Preview:	(function(f,d){if("function"===typeof define&&define.amd)define(["jquery","moment"],d);else if("object"===typeof exports)d(require("jquery"),require("moment"));else{if(!jQuery)throw Error("bootstrap-datetimepicker requires jQuery to be loaded first");if(!moment)throw Error("bootstrap-datetimepicker requires moment.js to be loaded first");d(f.jQuery,moment)}})(this,function(f,d){if("undefined"===typeof d)throw Error("momentjs is required");var S=0,L=function(T,y){var L=f.fn.datetimepicker.defaults,.U={time:"icon icon-recent",date:"icon icon-calendar",up:"icon icon-chevron-up",down:"icon icon-chevron-down"},a=this,H,p=function(){var b;if(a.isInput)return a.element;b=a.element.find(".datepickerinput");if(0===b.length)b=a.element.find("input");else if(!b.is("input"))throw Error('CSS class "datepickerinput" cannot be applied to non input element');return b},V=function(){var b;b=a.element.is("input")?a.element.data():a.element.find("input").data();void 0!==b.dateFormat&&(a.options.format=b.d

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	51
Entropy (8bit):	4.297151508884876
Encrypted:	false
SSDEEP:	3:YWMmqetEEJtZlCn:YWMm9DJt6
MD5:	60595F7368129753FC4FF67AFAB54F4C
SHA1:	01DEA04FA3E44B20C6F534647E532C12606EAFEA
SHA-256:	A4EEC15E174C5160A0145BED0138CA95594B89F5697E4C1D26BB2D8AA45975D3
SHA-512:	00D083685A0CA9A0A0F07C2DECED05FD195122066325DF4E004D4F50E20A08B658BDA9A14213DB2041409BFE33B832216C07BE01C53E1AAE890100049B87A644
Malicious:	false
Reputation:	low
Preview:	{"site_domain":"arlid:918031","rate_limited":true}.

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65261), with CRLF line terminators
Category:	downloaded
Size (bytes):	994410
Entropy (8bit):	4.738397453748755
Encrypted:	false
SSDEEP:	6144:XvLmWIFyZDWJwpKpvZY3DJttwZg2fqh/1HlfjizM+8J6FprVbdVWSs5lEDjLXV1Z:fK7qqVBgz6+91FldVgZ25+h+9SbxL
MD5:	48593F281783085DAC7BEA253E513AE7
SHA1:	147A22C0DA882EEA14771623624FF89B364D0822
SHA-256:	2D8EC80D9B2C2F473CF4410CD366EC0A6087B984DDC8F431720D2D96664439AB
SHA-512:	294BB917708C147A3F7CD0EB4FA96C3E4E08D98775640E00BB6B20DC963234E9708AE6AEAA7860977DEF4918B277094FC70F7287BA7B3FFA69088AAEBF5AAFD9
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/griffin/resourceBundleProperty.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267&tt=&mt=
Preview:	/******************************************************************************.. Copyright (c) 2018 or the year of first publication, if earlier, HighQ Solutions Limited or its licensors.. *******************************************************************************/..var json = '{"officeonline.fileVersion.upload.success":"Your changes have been saved and the document will be updated shortly.","thirdparty.service.document.action.receivecopy":"Receives a Copy","task.menu.label.low":"Low","linkModal.BrowseTab.systemPage.insertLinkMsg":"Click on the system dashboard list to insert a link","site.admin.users.addToGroup.selectAllBidders.label":"Select all bidders","lfs.shareditems.content.lastsharedate.title":"Last shared","document.addNewFileVersion.sql.error":"The request is not valid","userAvatar.upload.validationMessage.ypositionheight":"Please enter valid y position or height. The sum of y position and height should not exceed the actual height of an image.","template.dependency.c

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (386), with CRLF line terminators
Category:	downloaded
Size (bytes):	152915
Entropy (8bit):	5.071366791979467
Encrypted:	false
SSDEEP:	768:oy9zA5gDxBxOA23aTRHpD5e2omoMquiARNTNU44DMIMWTn5uBOiHcWgpAl7K2lY8:pJA5glBj24gpAccOsngRIn/J1Lenvq
MD5:	01850CF965E055481E2BD7CF9D532DA5
SHA1:	7EA2ED7CAE07CF3B3B8542DF83B026A609CECE58
SHA-256:	AEF7B89B7A63CA4A8385B05E8E575BBDD2D85EC87023A85CC4B31CF38C1DDF30
SHA-512:	E213B82013E6BA3A337680DFA62BFAD63C965697B6928457F135F43D2073A1FC1962131F6B8C7100505CB5122F6FF6575E6B733D1302820E3199D20D6539AC04
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/css/v4/bootstrap.css?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	/!.. Bootstrap v3.4.1 (https://getbootstrap.com/).. * Copyright 2011-2019 Twitter, Inc... * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE).. /../! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normalize.css /..html {.. font-family: sans-serif;.. -ms-text-size-adjust: 100%;.. -webkit-text-size-adjust: 100%;..}..body {.. margin: 0;..}..article,..aside,..details,..figcaption,..figure,..footer,..header,..hgroup,..main,..menu,..nav,..section,..summary {.. display: block;..}..audio,..canvas,..progress,..video {.. display: inline-block;.. vertical-align: baseline;..}..audio:not([controls]) {.. display: none;.. height: 0;..}..[hidden],..template {.. display: none;..}..a {.. background-color: transparent;..}..a:active,..a:hover {.. / outline: 0; */..}..abbr[title] {.. border-bottom: none;.. text-decoration: underline;.. -webkit-text-decoration: underline dotted;.. -moz-text-decoration: underline dotted;.. text-decoration: underline d

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (570)
Category:	dropped
Size (bytes):	7285
Entropy (8bit):	5.336507920825121
Encrypted:	false
SSDEEP:	192:9yQNjNYve8+Yfhh5ZEAYS7LYxKCsa0gyOF:9FjNObYSncV0pS
MD5:	A37BC2F05AEEE40FE9B5E00E7AB69C4E
SHA1:	FE6347A753AC540646C57186B26DF20DCF12E76C
SHA-256:	4A6CEC5778258A2102177FFC44B3C95D2F49F069187594DEFCE2C0A5DCBF0B2B
SHA-512:	49E07ABBA8181E64AEE20E2AEB6D63BB4DD3FF2D2B94FFB529FE901DB87C616417EAF8DB30BA1DC4CE772BA438C19F0B3A1FB143FDB5DCFCB007AC59C8643605
Malicious:	false
Reputation:	low
Preview:	"undefined"!==typeof jQuery&&function(l){function A(a,b){this.defaults={maxLines:1,lineHeight:null,truncateString:"",truncateAfterLinks:!0,showText:"",hideText:"",showClass:"show",hideClass:"hide",collapsed:!0,debug:!1,contextParent:null,maxSteps:100,tooltip:!1,animate:!1,animateOptions:{complete:function(){}}};this.config=l.extend(!0,{},this.defaults,b);this.$el=l(a);if(null===this.config.lineHeight){var c=NaN,c="normal"===this.$el.css("line-height")?1.14parseFloat(this.$el.css("font-size")):-1===.this.$el.css("line-height").indexOf("px")?this.$el.css("line-height")parseFloat(this.$el.css("font-size")):parseFloat(this.$el.css("line-height"));if(isNaN(c))throw Error('No "lineHeight" parameter was specified and none could be calculated.');this.config.lineHeight=c}"inline"===this.$el.css("display")&&(null===this.config.contextParent?this.config.contextParent=B(this.$el):"inline"===this.config.contextParent.css("display")&&(this.config.contextParent=B(this.config.contextParent)));this.h

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (510)
Category:	dropped
Size (bytes):	941
Entropy (8bit):	5.5934011440403175
Encrypted:	false
SSDEEP:	24:qo/eK+C6uSWJju6peHSbxbkoq8wN/CPjXDTQAlG9A3ah/:l21CTTJ6LHSFbkoTwN/CPfc8g5h/
MD5:	2329E835B2F4F627A0068B1250FBB128
SHA1:	6C4CCCF50A283270095BC23310B6D1847FA2FE33
SHA-256:	ED3373C8A788A772F2A50D2BD5AA97F3DD1E3289F4454BE3837459030DCC13F8
SHA-512:	B7A36049BE902473FA85D60F855B69E4B5A6BB61B66ED809FB74C95E0C4EB8CD0DAD1B5C4507E46B56AD1B0DEC6C08814D91337001C3736C495E6429FECA47EB
Malicious:	false
Reputation:	low
Preview:	var Base64={code:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\x3d",encode:function(m,l){var e,g,f,c,h=[],k="",a,d,b=Base64.code;d=("undefined"==typeof l?0:l)?Utf8.encode(m):m;a=d.length%3;if(0<a)for(;3>a++;)k+="\x3d",d+="\x00";for(a=0;a<d.length;a+=3)e=d.charCodeAt(a),g=d.charCodeAt(a+1),f=d.charCodeAt(a+2),c=e<<16\|g<<8\|f,e=c>>18&63,g=c>>12&63,f=c>>6&63,c&=63,h[a/3]=b.charAt(e)+b.charAt(g)+b.charAt(f)+b.charAt(c);h=h.join("");return h=h.slice(0,h.length-k.length)+k},decode:function(m,.l){l="undefined"==typeof l?!1:l;var e,g,f,c,h,k=[],a,d=Base64.code;a=l?Utf8.decode(m):m;for(var b=0;b<a.length;b+=4)e=d.indexOf(a.charAt(b)),g=d.indexOf(a.charAt(b+1)),c=d.indexOf(a.charAt(b+2)),h=d.indexOf(a.charAt(b+3)),f=e<<18\|g<<12\|c<<6\|h,e=f>>>16&255,g=f>>>8&255,f&=255,k[b/4]=String.fromCharCode(e,g,f),64==h&&(k[b/4]=String.fromCharCode(e,g)),64==c&&(k[b/4]=String.fromCharCode(e));c=k.join("");return l?Utf8.decode(c):c}};

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (842)
Category:	downloaded
Size (bytes):	91535
Entropy (8bit):	5.249360922341225
Encrypted:	false
SSDEEP:	768:VAmGqPrf7Kqcxqq8P5WqIqBk327WgW76LI2YgAULfU0UYG8u/oRZckBPN8a6ZOPA:VrRjAULy6ZcA0jdWduG6B3
MD5:	37FBEDBD27C033A0E884B69A9DD2AAF8
SHA1:	B5B65BC4FADC8C62CBBCF95FCD91AF324CE01074
SHA-256:	2E4F75F4C9D565F53638856ABF9F935E343EA0A5BD2BF92F44A727EC467708CD
SHA-512:	7129C658D31010A0541DEBE269463C2FFE2E3AFE99802D3CB923E311D122ADE65ED2DBE51ECF3BE43658D8C7A0F8C671D048E46A4CC4DBB8D6A43D74285770AA
Malicious:	false
Reputation:	low
URL:	https://kubota.highq.com/kubota/js/v4/componentJS.js?bt=2024_11_27_13_46_25&refreshCacheKey=20240515T111123267
Preview:	var $j=jQuery.noConflict(),windowWidth=$j(window).width(),windowHeight=window.innerHeight?window.innerHeight:$j(window).height(),is_touch_device=/android\|webos\|iphone\|ipad\|ipod\|blackberry\|iemobile\|opera mini/i.test(navigator.userAgent.toLowerCase()),is_ipad=/ipad/i.test(navigator.userAgent.toLowerCase()),is_iphone=/iphone/i.test(navigator.userAgent.toLowerCase());.function setWrapperSpaceminHeight(){var b=0,a=0;setTimeout(function(){a=$j(".breadCrumbNav").height()+$j(".header").outerHeight(!0)\|\|0;b=-1!=navigator.appVersion.indexOf("MSIE 8")?$j("body").hasClass("fullScreenMode")?$j(".header").outerHeight(!0)+$j(".footer").outerHeight(!0)+parseInt($j(".mainSection .container-fluid").css("padding-top"))+parseInt($j(".mainSection .container-fluid").css("padding-bottom")):a+$j(".footer").outerHeight(!0)+parseInt($j(".mainSection .container").css("padding-top"))+.parseInt($j(".mainSection .container").css("padding-bottom")):$j("body").hasClass("fullScreenMode")?$j(".header").outerHeight(!0)+

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Dec 19, 2024 21:41:47.878277063 CET	443	49710	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:47.878334045 CET	443	49710	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:47.878393888 CET	443	49710	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:47.878427982 CET	49710	443	192.168.2.6	40.126.53.21
Dec 19, 2024 21:41:47.878474951 CET	443	49710	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:47.878509998 CET	443	49710	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:47.878534079 CET	49710	443	192.168.2.6	40.126.53.21
Dec 19, 2024 21:41:47.878570080 CET	443	49710	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:47.878622055 CET	49710	443	192.168.2.6	40.126.53.21
Dec 19, 2024 21:41:47.886903048 CET	443	49710	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:47.886976004 CET	443	49710	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:47.887039900 CET	49710	443	192.168.2.6	40.126.53.21
Dec 19, 2024 21:41:47.895059109 CET	443	49710	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:47.895153046 CET	443	49710	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:47.895231009 CET	49710	443	192.168.2.6	40.126.53.21
Dec 19, 2024 21:41:47.922771931 CET	443	49712	20.198.119.84	192.168.2.6
Dec 19, 2024 21:41:47.945631981 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:47.946265936 CET	49711	443	192.168.2.6	40.126.53.21
Dec 19, 2024 21:41:47.946379900 CET	49711	443	192.168.2.6	40.126.53.21
Dec 19, 2024 21:41:48.066396952 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.066447020 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.066503048 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.066539049 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.066569090 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.346965075 CET	443	49712	20.198.119.84	192.168.2.6
Dec 19, 2024 21:41:48.348588943 CET	49712	443	192.168.2.6	20.198.119.84
Dec 19, 2024 21:41:48.348660946 CET	49712	443	192.168.2.6	20.198.119.84
Dec 19, 2024 21:41:48.348792076 CET	49712	443	192.168.2.6	20.198.119.84
Dec 19, 2024 21:41:48.468180895 CET	443	49712	20.198.119.84	192.168.2.6
Dec 19, 2024 21:41:48.468199968 CET	443	49712	20.198.119.84	192.168.2.6
Dec 19, 2024 21:41:48.468261003 CET	443	49712	20.198.119.84	192.168.2.6
Dec 19, 2024 21:41:48.589390993 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.589421034 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.589431047 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.589440107 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.589449883 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.589466095 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.589550972 CET	49711	443	192.168.2.6	40.126.53.21
Dec 19, 2024 21:41:48.589612961 CET	49711	443	192.168.2.6	40.126.53.21
Dec 19, 2024 21:41:48.597615957 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.597719908 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.597824097 CET	49711	443	192.168.2.6	40.126.53.21
Dec 19, 2024 21:41:48.606334925 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.606360912 CET	443	49711	40.126.53.21	192.168.2.6
Dec 19, 2024 21:41:48.606605053 CET	49711	443	192.168.2.6	40.126.53.21
Dec 19, 2024 21:41:48.765559912 CET	49713	443	192.168.2.6	20.198.118.190
Dec 19, 2024 21:41:48.765599012 CET	443	49713	20.198.118.190	192.168.2.6
Dec 19, 2024 21:41:48.765692949 CET	49713	443	192.168.2.6	20.198.118.190
Dec 19, 2024 21:41:48.766259909 CET	49713	443	192.168.2.6	20.198.118.190
Dec 19, 2024 21:41:48.766268015 CET	443	49713	20.198.118.190	192.168.2.6
Dec 19, 2024 21:41:48.890523911 CET	443	49712	20.198.119.84	192.168.2.6
Dec 19, 2024 21:41:48.939366102 CET	49712	443	192.168.2.6	20.198.119.84
Dec 19, 2024 21:41:49.082814932 CET	443	49712	20.198.119.84	192.168.2.6
Dec 19, 2024 21:41:49.126941919 CET	49712	443	192.168.2.6	20.198.119.84
Dec 19, 2024 21:41:49.274454117 CET	443	49712	20.198.119.84	192.168.2.6
Dec 19, 2024 21:41:49.275538921 CET	49712	443	192.168.2.6	20.198.119.84
Dec 19, 2024 21:41:49.395967007 CET	443	49712	20.198.119.84	192.168.2.6
Dec 19, 2024 21:41:49.817775011 CET	443	49712	20.198.119.84	192.168.2.6
Dec 19, 2024 21:41:49.861241102 CET	49712	443	192.168.2.6	20.198.119.84
Dec 19, 2024 21:41:50.990021944 CET	443	49713	20.198.118.190	192.168.2.6
Dec 19, 2024 21:41:50.990259886 CET	49713	443	192.168.2.6	20.198.118.190
Dec 19, 2024 21:41:50.997086048 CET	49713	443	192.168.2.6	20.198.118.190
Dec 19, 2024 21:41:50.997102976 CET	443	49713	20.198.118.190	192.168.2.6
Dec 19, 2024 21:41:50.997502089 CET	443	49713	20.198.118.190	192.168.2.6
Dec 19, 2024 21:41:51.000010967 CET	49713	443	192.168.2.6	20.198.118.190
Dec 19, 2024 21:41:51.000010967 CET	49713	443	192.168.2.6	20.198.118.190
Dec 19, 2024 21:41:51.000029087 CET	443	49713	20.198.118.190	192.168.2.6
Dec 19, 2024 21:41:51.000200033 CET	49713	443	192.168.2.6	20.198.118.190
Dec 19, 2024 21:41:51.043379068 CET	443	49713	20.198.118.190	192.168.2.6
Dec 19, 2024 21:41:51.080007076 CET	49673	443	192.168.2.6	173.222.162.64
Dec 19, 2024 21:41:51.080008984 CET	49674	443	192.168.2.6	173.222.162.64
Dec 19, 2024 21:41:51.392677069 CET	49672	443	192.168.2.6	173.222.162.64
Dec 19, 2024 21:41:51.543107033 CET	443	49713	20.198.118.190	192.168.2.6
Dec 19, 2024 21:41:51.543203115 CET	443	49713	20.198.118.190	192.168.2.6
Dec 19, 2024 21:41:51.543308020 CET	49713	443	192.168.2.6	20.198.118.190
Dec 19, 2024 21:41:51.543580055 CET	49713	443	192.168.2.6	20.198.118.190
Dec 19, 2024 21:41:51.543595076 CET	443	49713	20.198.118.190	192.168.2.6
Dec 19, 2024 21:41:57.020375967 CET	49719	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:41:57.020435095 CET	443	49719	20.198.119.143	192.168.2.6
Dec 19, 2024 21:41:57.020509958 CET	49719	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:41:57.021595955 CET	49719	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:41:57.021634102 CET	443	49719	20.198.119.143	192.168.2.6
Dec 19, 2024 21:41:59.239582062 CET	443	49719	20.198.119.143	192.168.2.6
Dec 19, 2024 21:41:59.239658117 CET	49719	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:41:59.241542101 CET	49719	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:41:59.241549015 CET	443	49719	20.198.119.143	192.168.2.6
Dec 19, 2024 21:41:59.241887093 CET	443	49719	20.198.119.143	192.168.2.6
Dec 19, 2024 21:41:59.243823051 CET	49719	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:41:59.243889093 CET	49719	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:41:59.243900061 CET	443	49719	20.198.119.143	192.168.2.6
Dec 19, 2024 21:41:59.244060040 CET	49719	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:41:59.291342974 CET	443	49719	20.198.119.143	192.168.2.6
Dec 19, 2024 21:41:59.905659914 CET	443	49719	20.198.119.143	192.168.2.6
Dec 19, 2024 21:41:59.905980110 CET	443	49719	20.198.119.143	192.168.2.6
Dec 19, 2024 21:41:59.906061888 CET	49719	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:41:59.906939030 CET	49719	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:41:59.906979084 CET	443	49719	20.198.119.143	192.168.2.6
Dec 19, 2024 21:41:59.907022953 CET	49719	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:00.687261105 CET	49673	443	192.168.2.6	173.222.162.64
Dec 19, 2024 21:42:00.687266111 CET	49674	443	192.168.2.6	173.222.162.64
Dec 19, 2024 21:42:00.999744892 CET	49672	443	192.168.2.6	173.222.162.64
Dec 19, 2024 21:42:01.913269997 CET	49738	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:42:01.913350105 CET	443	49738	142.250.181.132	192.168.2.6
Dec 19, 2024 21:42:01.913445950 CET	49738	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:42:01.913686037 CET	49738	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:42:01.913718939 CET	443	49738	142.250.181.132	192.168.2.6
Dec 19, 2024 21:42:03.392477989 CET	443	49708	173.222.162.64	192.168.2.6
Dec 19, 2024 21:42:03.392580032 CET	49708	443	192.168.2.6	173.222.162.64
Dec 19, 2024 21:42:03.609136105 CET	443	49738	142.250.181.132	192.168.2.6
Dec 19, 2024 21:42:03.611390114 CET	49738	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:42:03.611412048 CET	443	49738	142.250.181.132	192.168.2.6
Dec 19, 2024 21:42:03.612447023 CET	443	49738	142.250.181.132	192.168.2.6
Dec 19, 2024 21:42:03.612518072 CET	49738	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:42:03.613884926 CET	49738	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:42:03.613951921 CET	443	49738	142.250.181.132	192.168.2.6
Dec 19, 2024 21:42:03.659372091 CET	49738	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:42:03.659398079 CET	443	49738	142.250.181.132	192.168.2.6
Dec 19, 2024 21:42:03.699434996 CET	49738	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:42:12.729618073 CET	49772	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:12.729655981 CET	443	49772	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:12.729748964 CET	49772	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:12.730530024 CET	49772	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:12.730544090 CET	443	49772	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:13.328918934 CET	443	49738	142.250.181.132	192.168.2.6
Dec 19, 2024 21:42:13.329076052 CET	443	49738	142.250.181.132	192.168.2.6
Dec 19, 2024 21:42:13.329179049 CET	49738	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:42:13.928900957 CET	49738	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:42:13.928935051 CET	443	49738	142.250.181.132	192.168.2.6
Dec 19, 2024 21:42:14.943671942 CET	443	49772	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:14.943892956 CET	49772	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:15.046010017 CET	49772	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:15.046037912 CET	443	49772	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:15.046478987 CET	443	49772	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:15.051282883 CET	49772	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:15.051347971 CET	49772	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:15.051353931 CET	443	49772	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:15.051516056 CET	49772	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:15.099335909 CET	443	49772	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:15.593595982 CET	443	49772	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:15.593694925 CET	443	49772	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:15.593872070 CET	49772	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:15.594347000 CET	49772	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:15.594360113 CET	443	49772	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:33.133855104 CET	49886	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:33.133899927 CET	443	49886	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:33.134015083 CET	49886	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:33.134777069 CET	49886	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:33.134795904 CET	443	49886	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:35.352283001 CET	443	49886	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:35.352369070 CET	49886	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:35.358203888 CET	49886	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:35.358217955 CET	443	49886	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:35.358700991 CET	443	49886	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:35.360718966 CET	49886	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:35.360804081 CET	49886	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:35.360810041 CET	443	49886	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:35.360990047 CET	49886	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:35.403374910 CET	443	49886	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:35.903459072 CET	443	49886	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:35.903620005 CET	443	49886	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:35.903688908 CET	49886	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:35.903911114 CET	49886	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:35.903922081 CET	443	49886	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:58.587311029 CET	49955	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:58.587362051 CET	443	49955	20.198.119.143	192.168.2.6
Dec 19, 2024 21:42:58.587483883 CET	49955	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:58.588155985 CET	49955	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:42:58.588175058 CET	443	49955	20.198.119.143	192.168.2.6
Dec 19, 2024 21:43:00.997499943 CET	443	49955	20.198.119.143	192.168.2.6
Dec 19, 2024 21:43:00.997623920 CET	49955	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:43:01.000164032 CET	49955	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:43:01.000173092 CET	443	49955	20.198.119.143	192.168.2.6
Dec 19, 2024 21:43:01.000956059 CET	443	49955	20.198.119.143	192.168.2.6
Dec 19, 2024 21:43:01.003599882 CET	49955	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:43:01.003690958 CET	49955	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:43:01.003696918 CET	443	49955	20.198.119.143	192.168.2.6
Dec 19, 2024 21:43:01.003889084 CET	49955	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:43:01.047369003 CET	443	49955	20.198.119.143	192.168.2.6
Dec 19, 2024 21:43:01.547537088 CET	443	49955	20.198.119.143	192.168.2.6
Dec 19, 2024 21:43:01.547736883 CET	443	49955	20.198.119.143	192.168.2.6
Dec 19, 2024 21:43:01.547849894 CET	49955	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:43:01.548337936 CET	49955	443	192.168.2.6	20.198.119.143
Dec 19, 2024 21:43:01.548352003 CET	443	49955	20.198.119.143	192.168.2.6
Dec 19, 2024 21:43:01.830182076 CET	49962	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:43:01.830219030 CET	443	49962	142.250.181.132	192.168.2.6
Dec 19, 2024 21:43:01.830321074 CET	49962	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:43:01.830679893 CET	49962	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:43:01.830698013 CET	443	49962	142.250.181.132	192.168.2.6
Dec 19, 2024 21:43:03.525124073 CET	443	49962	142.250.181.132	192.168.2.6
Dec 19, 2024 21:43:03.525499105 CET	49962	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:43:03.525513887 CET	443	49962	142.250.181.132	192.168.2.6
Dec 19, 2024 21:43:03.525897980 CET	443	49962	142.250.181.132	192.168.2.6
Dec 19, 2024 21:43:03.526325941 CET	49962	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:43:03.526411057 CET	443	49962	142.250.181.132	192.168.2.6
Dec 19, 2024 21:43:03.578480005 CET	49962	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:43:13.242412090 CET	443	49962	142.250.181.132	192.168.2.6
Dec 19, 2024 21:43:13.242501974 CET	443	49962	142.250.181.132	192.168.2.6
Dec 19, 2024 21:43:13.242600918 CET	49962	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:43:13.924295902 CET	49962	443	192.168.2.6	142.250.181.132
Dec 19, 2024 21:43:13.924321890 CET	443	49962	142.250.181.132	192.168.2.6

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Dec 19, 2024 21:41:57.643415928 CET	53	57159	1.1.1.1	192.168.2.6
Dec 19, 2024 21:41:57.759140968 CET	53	60629	1.1.1.1	192.168.2.6
Dec 19, 2024 21:42:00.461699963 CET	53	52823	1.1.1.1	192.168.2.6
Dec 19, 2024 21:42:01.767152071 CET	50672	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:01.767472982 CET	51876	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:01.904813051 CET	53	50672	1.1.1.1	192.168.2.6
Dec 19, 2024 21:42:01.912117004 CET	53	51876	1.1.1.1	192.168.2.6
Dec 19, 2024 21:42:03.665256977 CET	65062	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:03.665416002 CET	61607	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:12.997802973 CET	53	58022	1.1.1.1	192.168.2.6
Dec 19, 2024 21:42:17.322300911 CET	56997	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:17.322518110 CET	64238	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:17.498434067 CET	53	52696	1.1.1.1	192.168.2.6
Dec 19, 2024 21:42:25.560537100 CET	61104	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:25.560936928 CET	55930	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:25.859998941 CET	53	60071	1.1.1.1	192.168.2.6
Dec 19, 2024 21:42:28.992923975 CET	64071	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:28.993088007 CET	60443	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:28.994613886 CET	63795	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:28.994846106 CET	54184	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:29.128560066 CET	53	65163	1.1.1.1	192.168.2.6
Dec 19, 2024 21:42:31.502321005 CET	57519	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:31.502501965 CET	54926	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:42:36.591841936 CET	53	50136	1.1.1.1	192.168.2.6
Dec 19, 2024 21:42:57.247745991 CET	53	52249	1.1.1.1	192.168.2.6
Dec 19, 2024 21:42:58.921632051 CET	53	59314	1.1.1.1	192.168.2.6
Dec 19, 2024 21:43:06.199676037 CET	54320	53	192.168.2.6	1.1.1.1
Dec 19, 2024 21:43:06.199863911 CET	54553	53	192.168.2.6	1.1.1.1

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Dec 19, 2024 21:42:25.860083103 CET	192.168.2.6	1.1.1.1	c230	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Dec 19, 2024 21:42:01.767152071 CET	192.168.2.6	1.1.1.1	0x6094	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:01.767472982 CET	192.168.2.6	1.1.1.1	0x7427	Standard query (0)	www.google.com	65	IN (0x0001)	false
Dec 19, 2024 21:42:03.665256977 CET	192.168.2.6	1.1.1.1	0x4429	Standard query (0)	kubota.highq.com	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:03.665416002 CET	192.168.2.6	1.1.1.1	0x5bab	Standard query (0)	kubota.highq.com	65	IN (0x0001)	false
Dec 19, 2024 21:42:17.322300911 CET	192.168.2.6	1.1.1.1	0xaea2	Standard query (0)	kubota.highq.com	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:17.322518110 CET	192.168.2.6	1.1.1.1	0x7828	Standard query (0)	kubota.highq.com	65	IN (0x0001)	false
Dec 19, 2024 21:42:25.560537100 CET	192.168.2.6	1.1.1.1	0x99f9	Standard query (0)	s.go-mpulse.net	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:25.560936928 CET	192.168.2.6	1.1.1.1	0xb16b	Standard query (0)	s.go-mpulse.net	65	IN (0x0001)	false
Dec 19, 2024 21:42:28.992923975 CET	192.168.2.6	1.1.1.1	0xf3e5	Standard query (0)	c.go-mpulse.net	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:28.993088007 CET	192.168.2.6	1.1.1.1	0x7469	Standard query (0)	c.go-mpulse.net	65	IN (0x0001)	false
Dec 19, 2024 21:42:28.994613886 CET	192.168.2.6	1.1.1.1	0xf0eb	Standard query (0)	s.go-mpulse.net	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:28.994846106 CET	192.168.2.6	1.1.1.1	0xb995	Standard query (0)	s.go-mpulse.net	65	IN (0x0001)	false
Dec 19, 2024 21:42:31.502321005 CET	192.168.2.6	1.1.1.1	0xc292	Standard query (0)	c.go-mpulse.net	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:31.502501965 CET	192.168.2.6	1.1.1.1	0x2959	Standard query (0)	c.go-mpulse.net	65	IN (0x0001)	false
Dec 19, 2024 21:43:06.199676037 CET	192.168.2.6	1.1.1.1	0x65af	Standard query (0)	kubota.highq.com	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:43:06.199863911 CET	192.168.2.6	1.1.1.1	0xd9e1	Standard query (0)	kubota.highq.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Dec 19, 2024 21:42:01.904813051 CET	1.1.1.1	192.168.2.6	0x6094	No error (0)	www.google.com		142.250.181.132	A (IP address)	IN (0x0001)	false
Dec 19, 2024 21:42:01.912117004 CET	1.1.1.1	192.168.2.6	0x7427	No error (0)	www.google.com			65	IN (0x0001)	false
Dec 19, 2024 21:42:03.802895069 CET	1.1.1.1	192.168.2.6	0x4429	No error (0)	kubota.highq.com	kubota.highq.com.cn.highq.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:03.802895069 CET	1.1.1.1	192.168.2.6	0x4429	No error (0)	kubota.highq.com.cn.highq.com	hqacc16.highq.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:03.802928925 CET	1.1.1.1	192.168.2.6	0x5bab	No error (0)	kubota.highq.com	kubota.highq.com.cn.highq.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:03.802928925 CET	1.1.1.1	192.168.2.6	0x5bab	No error (0)	kubota.highq.com.cn.highq.com	hqacc16.highq.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:17.459089041 CET	1.1.1.1	192.168.2.6	0xaea2	No error (0)	kubota.highq.com	kubota.highq.com.cn.highq.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:17.459089041 CET	1.1.1.1	192.168.2.6	0xaea2	No error (0)	kubota.highq.com.cn.highq.com	hqacc16.highq.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:17.460207939 CET	1.1.1.1	192.168.2.6	0x7828	No error (0)	kubota.highq.com	kubota.highq.com.cn.highq.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:17.460207939 CET	1.1.1.1	192.168.2.6	0x7828	No error (0)	kubota.highq.com.cn.highq.com	hqacc16.highq.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:25.697205067 CET	1.1.1.1	192.168.2.6	0x99f9	No error (0)	s.go-mpulse.net	ip46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:25.698287010 CET	1.1.1.1	192.168.2.6	0xb16b	No error (0)	s.go-mpulse.net	ip46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:29.130191088 CET	1.1.1.1	192.168.2.6	0x7469	No error (0)	c.go-mpulse.net	wildcard46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:29.131021976 CET	1.1.1.1	192.168.2.6	0xf3e5	No error (0)	c.go-mpulse.net	wildcard46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:29.131964922 CET	1.1.1.1	192.168.2.6	0xb995	No error (0)	s.go-mpulse.net	ip46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:29.132761955 CET	1.1.1.1	192.168.2.6	0xf0eb	No error (0)	s.go-mpulse.net	ip46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:31.639287949 CET	1.1.1.1	192.168.2.6	0xc292	No error (0)	c.go-mpulse.net	wildcard46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:42:31.639518023 CET	1.1.1.1	192.168.2.6	0x2959	No error (0)	c.go-mpulse.net	wildcard46.go-mpulse.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:43:06.338495970 CET	1.1.1.1	192.168.2.6	0xd9e1	No error (0)	kubota.highq.com	kubota.highq.com.cn.highq.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:43:06.338495970 CET	1.1.1.1	192.168.2.6	0xd9e1	No error (0)	kubota.highq.com.cn.highq.com	hqacc16.highq.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:43:06.338538885 CET	1.1.1.1	192.168.2.6	0x65af	No error (0)	kubota.highq.com	kubota.highq.com.cn.highq.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 19, 2024 21:43:06.338538885 CET	1.1.1.1	192.168.2.6	0x65af	No error (0)	kubota.highq.com.cn.highq.com	hqacc16.highq.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port
0	192.168.2.6	49713	20.198.118.190	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:41:50 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 65 68 56 58 48 69 75 4c 31 55 61 4a 78 45 44 32 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 38 62 61 37 66 34 35 34 36 64 62 65 66 32 65 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: ehVXHiuL1UaJxED2.1Context: 78ba7f4546dbef2e
2024-12-19 20:41:50 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:41:50 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 65 68 56 58 48 69 75 4c 31 55 61 4a 78 45 44 32 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 38 62 61 37 66 34 35 34 36 64 62 65 66 32 65 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 63 4c 35 72 65 4e 45 4c 48 77 54 6d 2b 42 31 4f 2b 6e 41 61 4e 75 35 49 74 5a 66 6f 4f 30 5a 68 46 7a 36 48 54 32 51 50 52 6b 5a 59 65 52 35 6e 41 66 6d 43 6f 46 62 34 36 46 50 49 72 73 76 30 64 5a 73 73 57 58 41 4b 76 43 33 6c 49 62 4c 39 79 73 34 39 31 37 6d 51 5a 71 56 59 37 70 6e 32 41 48 39 51 70 70 37 61 7a 6a 78 52 51 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: ehVXHiuL1UaJxED2.2Context: 78ba7f4546dbef2e<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAcL5reNELHwTm+B1O+nAaNu5ItZfoO0ZhFz6HT2QPRkZYeR5nAfmCoFb46FPIrsv0dZssWXAKvC3lIbL9ys4917mQZqVY7pn2AH9Qpp7azjxRQ
2024-12-19 20:41:50 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 65 68 56 58 48 69 75 4c 31 55 61 4a 78 45 44 32 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 38 62 61 37 66 34 35 34 36 64 62 65 66 32 65 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: ehVXHiuL1UaJxED2.3Context: 78ba7f4546dbef2e<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-12-19 20:41:51 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:41:51 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 77 36 34 62 56 4f 36 4c 76 6b 6d 73 65 53 7a 79 32 42 71 49 36 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: w64bVO6LvkmseSzy2BqI6g.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
1	192.168.2.6	49719	20.198.119.143	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:41:59 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 56 39 58 41 36 66 68 6b 74 30 69 72 36 67 70 34 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 30 63 62 35 36 35 36 35 32 33 65 35 63 32 65 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: V9XA6fhkt0ir6gp4.1Context: 90cb5656523e5c2e
2024-12-19 20:41:59 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:41:59 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 56 39 58 41 36 66 68 6b 74 30 69 72 36 67 70 34 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 30 63 62 35 36 35 36 35 32 33 65 35 63 32 65 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 63 4c 35 72 65 4e 45 4c 48 77 54 6d 2b 42 31 4f 2b 6e 41 61 4e 75 35 49 74 5a 66 6f 4f 30 5a 68 46 7a 36 48 54 32 51 50 52 6b 5a 59 65 52 35 6e 41 66 6d 43 6f 46 62 34 36 46 50 49 72 73 76 30 64 5a 73 73 57 58 41 4b 76 43 33 6c 49 62 4c 39 79 73 34 39 31 37 6d 51 5a 71 56 59 37 70 6e 32 41 48 39 51 70 70 37 61 7a 6a 78 52 51 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: V9XA6fhkt0ir6gp4.2Context: 90cb5656523e5c2e<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAcL5reNELHwTm+B1O+nAaNu5ItZfoO0ZhFz6HT2QPRkZYeR5nAfmCoFb46FPIrsv0dZssWXAKvC3lIbL9ys4917mQZqVY7pn2AH9Qpp7azjxRQ
2024-12-19 20:41:59 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 56 39 58 41 36 66 68 6b 74 30 69 72 36 67 70 34 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 30 63 62 35 36 35 36 35 32 33 65 35 63 32 65 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: V9XA6fhkt0ir6gp4.3Context: 90cb5656523e5c2e<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-12-19 20:41:59 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:41:59 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 70 6b 31 59 61 34 43 65 64 45 71 51 77 57 73 72 4d 66 45 61 77 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: pk1Ya4CedEqQwWsrMfEawA.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
2	192.168.2.6	49772	20.198.119.143	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:42:15 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 58 46 31 46 6c 69 50 6e 64 55 71 4a 52 36 71 4b 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 35 34 33 39 64 65 35 61 65 32 36 39 33 37 33 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: XF1FliPndUqJR6qK.1Context: 75439de5ae269373
2024-12-19 20:42:15 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:42:15 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 58 46 31 46 6c 69 50 6e 64 55 71 4a 52 36 71 4b 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 35 34 33 39 64 65 35 61 65 32 36 39 33 37 33 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 63 4c 35 72 65 4e 45 4c 48 77 54 6d 2b 42 31 4f 2b 6e 41 61 4e 75 35 49 74 5a 66 6f 4f 30 5a 68 46 7a 36 48 54 32 51 50 52 6b 5a 59 65 52 35 6e 41 66 6d 43 6f 46 62 34 36 46 50 49 72 73 76 30 64 5a 73 73 57 58 41 4b 76 43 33 6c 49 62 4c 39 79 73 34 39 31 37 6d 51 5a 71 56 59 37 70 6e 32 41 48 39 51 70 70 37 61 7a 6a 78 52 51 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: XF1FliPndUqJR6qK.2Context: 75439de5ae269373<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAcL5reNELHwTm+B1O+nAaNu5ItZfoO0ZhFz6HT2QPRkZYeR5nAfmCoFb46FPIrsv0dZssWXAKvC3lIbL9ys4917mQZqVY7pn2AH9Qpp7azjxRQ
2024-12-19 20:42:15 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 58 46 31 46 6c 69 50 6e 64 55 71 4a 52 36 71 4b 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 35 34 33 39 64 65 35 61 65 32 36 39 33 37 33 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: XF1FliPndUqJR6qK.3Context: 75439de5ae269373<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-12-19 20:42:15 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:42:15 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 74 6a 42 58 77 45 54 6a 66 55 32 37 51 34 61 72 43 54 6a 56 49 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: tjBXwETjfU27Q4arCTjVIw.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
3	192.168.2.6	49886	20.198.119.143	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:42:35 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 68 31 75 67 7a 6b 6e 61 78 6b 2b 7a 52 52 4b 75 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 64 61 65 66 33 34 33 62 32 62 35 39 32 31 36 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: h1ugzknaxk+zRRKu.1Context: 5daef343b2b59216
2024-12-19 20:42:35 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:42:35 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 68 31 75 67 7a 6b 6e 61 78 6b 2b 7a 52 52 4b 75 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 64 61 65 66 33 34 33 62 32 62 35 39 32 31 36 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 63 4c 35 72 65 4e 45 4c 48 77 54 6d 2b 42 31 4f 2b 6e 41 61 4e 75 35 49 74 5a 66 6f 4f 30 5a 68 46 7a 36 48 54 32 51 50 52 6b 5a 59 65 52 35 6e 41 66 6d 43 6f 46 62 34 36 46 50 49 72 73 76 30 64 5a 73 73 57 58 41 4b 76 43 33 6c 49 62 4c 39 79 73 34 39 31 37 6d 51 5a 71 56 59 37 70 6e 32 41 48 39 51 70 70 37 61 7a 6a 78 52 51 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: h1ugzknaxk+zRRKu.2Context: 5daef343b2b59216<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAcL5reNELHwTm+B1O+nAaNu5ItZfoO0ZhFz6HT2QPRkZYeR5nAfmCoFb46FPIrsv0dZssWXAKvC3lIbL9ys4917mQZqVY7pn2AH9Qpp7azjxRQ
2024-12-19 20:42:35 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 68 31 75 67 7a 6b 6e 61 78 6b 2b 7a 52 52 4b 75 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 64 61 65 66 33 34 33 62 32 62 35 39 32 31 36 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: h1ugzknaxk+zRRKu.3Context: 5daef343b2b59216<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-12-19 20:42:35 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:42:35 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 48 48 74 4f 30 77 50 62 50 6b 2b 2b 4f 45 57 31 46 38 63 6b 5a 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: HHtO0wPbPk++OEW1F8ckZQ.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
4	192.168.2.6	49955	20.198.119.143	443

Timestamp	Bytes transferred	Direction	Data
2024-12-19 20:43:01 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 4b 4d 4a 6f 6d 78 4d 53 53 30 79 77 4c 66 71 37 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 63 65 30 62 32 66 33 37 61 35 65 64 31 37 35 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: KMJomxMSS0ywLfq7.1Context: bce0b2f37a5ed175
2024-12-19 20:43:01 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-12-19 20:43:01 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 4b 4d 4a 6f 6d 78 4d 53 53 30 79 77 4c 66 71 37 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 63 65 30 62 32 66 33 37 61 35 65 64 31 37 35 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 63 4c 35 72 65 4e 45 4c 48 77 54 6d 2b 42 31 4f 2b 6e 41 61 4e 75 35 49 74 5a 66 6f 4f 30 5a 68 46 7a 36 48 54 32 51 50 52 6b 5a 59 65 52 35 6e 41 66 6d 43 6f 46 62 34 36 46 50 49 72 73 76 30 64 5a 73 73 57 58 41 4b 76 43 33 6c 49 62 4c 39 79 73 34 39 31 37 6d 51 5a 71 56 59 37 70 6e 32 41 48 39 51 70 70 37 61 7a 6a 78 52 51 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: KMJomxMSS0ywLfq7.2Context: bce0b2f37a5ed175<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAcL5reNELHwTm+B1O+nAaNu5ItZfoO0ZhFz6HT2QPRkZYeR5nAfmCoFb46FPIrsv0dZssWXAKvC3lIbL9ys4917mQZqVY7pn2AH9Qpp7azjxRQ
2024-12-19 20:43:01 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 4b 4d 4a 6f 6d 78 4d 53 53 30 79 77 4c 66 71 37 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 63 65 30 62 32 66 33 37 61 35 65 64 31 37 35 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: KMJomxMSS0ywLfq7.3Context: bce0b2f37a5ed175<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-12-19 20:43:01 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-12-19 20:43:01 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 67 4b 6c 38 38 7a 49 49 69 6b 57 30 7a 39 41 69 59 54 7a 30 73 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: gKl88zIIikW0z9AiYTz0sg.0Payload parsing failed.

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 3576, Parent PID: 3392

General

Target ID:	1
Start time:	15:41:52
Start date:	19/12/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 2580, Parent PID: 3576

General

Target ID:	3
Start time:	15:41:56
Start date:	19/12/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2492 --field-trial-handle=2436,i,558788676995719332,6940841824246096721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 4856, Parent PID: 3392

General

Target ID:	4
Start time:	15:42:03
Start date:	19/12/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kubota.highq.com/kubota/externalAccess.action?linkParam=248Md4JKaxiIU4vwlQaNq5FLgPVNq03doY6pcXaLJD4%3D&documentDownload=link"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://kubota.highq.com/kubota/externalAccess.action?linkParam=248Md4JKaxiIU4vwlQaNq5FLgPVNq03doY6pcXaLJD4%3D&documentDownload=link

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Windows Analysis Report
https://kubota.highq.com/kubota/externalAccess.action?linkParam=248Md4JKaxiIU4vwlQaNq5FLgPVNq03doY6pcXaLJD4%3D&documentDownload=link