Edit tour

Windows Analysis Report
http://metamssk-luggiinn.godaddysites.com/

Overview

General Information

Sample URL:	http://metamssk-luggiinn.godaddysites.com/
Analysis ID:	1589358
Infos:

Detection

HTMLPhisher

Score:	76
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Yara detected HtmlPhish64

AI detected suspicious URL

HTML title does not match URL

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5324 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 1352 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2572 --field-trial-handle=2424,i,18189076913938515598,7757017181598413240,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6592 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://metamssk-luggiinn.godaddysites.com/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

HTML

Source	Rule	Description	Author
2.2.pages.csv	JoeSecurity_HtmlPhish_64	Yara detected HtmlPhish_64	Joe Security
2.4.pages.csv	JoeSecurity_HtmlPhish_64	Yara detected HtmlPhish_64	Joe Security
2.3.pages.csv	JoeSecurity_HtmlPhish_64	Yara detected HtmlPhish_64	Joe Security
2.7.pages.csv	JoeSecurity_HtmlPhish_64	Yara detected HtmlPhish_64	Joe Security

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://metamssk-luggiinn.godaddysites.com/

Avira URL Cloud: detection malicious, Label: phishing

Antivirus detection for URL or domain

Source: https://metamssk-luggiinn.godaddysites.com/contact	Avira URL Cloud: Label: phishing
Source: https://metamssk-luggiinn.godaddysites.com/projects	Avira URL Cloud: Label: phishing
Source: https://metamssk-luggiinn.godaddysites.com/sw.js	Avira URL Cloud: Label: phishing
Source: https://metamssk-luggiinn.godaddysites.com/about	Avira URL Cloud: Label: phishing
Source: https://metamssk-luggiinn.godaddysites.com/manifest.webmanifest	Avira URL Cloud: Label: phishing

Phishing

AI detected phishing page

Source: https://metamssk-luggiinn.godaddysites.com/contact#46f78e66-2577-4889-ab9f-b1701f6a0b42

Joe Sandbox AI: Score: 9 Reasons: The brand name 'Metamssk-luggiinn' is a misspelling of 'MetaMask', which is a well-known cryptocurrency wallet service., The URL 'metamssk-luggiinn.godaddysites.com' contains a misspelling of 'MetaMask' and uses 'godaddysites.com', which is a free website hosting service, not associated with the official MetaMask domain., The legitimate domain for MetaMask is 'metamask.io'., The use of a free hosting service and misspelled brand name are common indicators of phishing attempts. DOM: 2.7.pages.csv

Yara detected HtmlPhish64

Source: Yara match	File source: 2.2.pages.csv, type: HTML
Source: Yara match	File source: 2.4.pages.csv, type: HTML
Source: Yara match	File source: 2.3.pages.csv, type: HTML
Source: Yara match	File source: 2.7.pages.csv, type: HTML

AI detected suspicious URL

Source: URL	Joe Sandbox AI: AI detected Brand spoofing attempt in URL: http://metamssk-luggiinn.godaddysites.com
Source: URL	Joe Sandbox AI: AI detected Typosquatting in URL: http://metamssk-luggiinn.godaddysites.com

Source: https://metamssk-luggiinn.godaddysites.com/

HTTP Parser: Title: Metmask | Login does not match URL

Source: https://metamssk-luggiinn.godaddysites.com/contact#46f78e66-2577-4889-ab9f-b1701f6a0b42

HTTP Parser: No favicon

Source: https://metamssk-luggiinn.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://metamssk-luggiinn.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: metamssk-luggiinn.godaddysites.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: metamssk-luggiinn.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://metamssk-luggiinn.godaddysites.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=8e2eea78-b987-48bd-9647-e29446fa10a3; _tccl_visit=8e2eea78-b987-48bd-9647-e29446fa10a3; _scc_session=pc=1&C_TOUCH=2025-01-12T00:41:10.445Z
Source: global traffic	HTTP traffic detected: GET /accounts/7d215ab1-2922-48c1-9069-21700b4c4424/config?fields[]=cart HTTP/1.1Host: api.ola.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://metamssk-luggiinn.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metamssk-luggiinn.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /contact HTTP/1.1Host: metamssk-luggiinn.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metamssk-luggiinn.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=8e2eea78-b987-48bd-9647-e29446fa10a3; _tccl_visit=8e2eea78-b987-48bd-9647-e29446fa10a3; _scc_session=pc=1&C_TOUCH=2025-01-12T00:41:10.445Z
Source: global traffic	HTTP traffic detected: GET /about HTTP/1.1Host: metamssk-luggiinn.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metamssk-luggiinn.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=8e2eea78-b987-48bd-9647-e29446fa10a3; _tccl_visit=8e2eea78-b987-48bd-9647-e29446fa10a3; _scc_session=pc=1&C_TOUCH=2025-01-12T00:41:10.445Z
Source: global traffic	HTTP traffic detected: GET /manifest.webmanifest HTTP/1.1Host: metamssk-luggiinn.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://metamssk-luggiinn.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: metamssk-luggiinn.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metamssk-luggiinn.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=8e2eea78-b987-48bd-9647-e29446fa10a3; _tccl_visit=8e2eea78-b987-48bd-9647-e29446fa10a3; _scc_session=pc=1&C_TOUCH=2025-01-12T00:41:10.445Z
Source: global traffic	HTTP traffic detected: GET /projects HTTP/1.1Host: metamssk-luggiinn.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metamssk-luggiinn.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=8e2eea78-b987-48bd-9647-e29446fa10a3; _tccl_visit=8e2eea78-b987-48bd-9647-e29446fa10a3; _scc_session=pc=1&C_TOUCH=2025-01-12T00:41:10.445Z
Source: global traffic	HTTP traffic detected: GET /accounts/7d215ab1-2922-48c1-9069-21700b4c4424/config HTTP/1.1Host: api.ola.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json;charset=UTF-8Origin: https://metamssk-luggiinn.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metamssk-luggiinn.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: metamssk-luggiinn.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://metamssk-luggiinn.godaddysites.com/sw.jsUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=8e2eea78-b987-48bd-9647-e29446fa10a3; _tccl_visit=8e2eea78-b987-48bd-9647-e29446fa10a3; _scc_session=pc=2&C_TOUCH=2025-01-12T00:41:21.779ZIf-None-Match: 8f7ba6e682eb5b2e21e0e15aaac4ae94
Source: global traffic	HTTP traffic detected: GET /v2/accounts/7d215ab1-2922-48c1-9069-21700b4c4424/categories HTTP/1.1Host: api.ola.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json;charset=UTF-8Origin: https://metamssk-luggiinn.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metamssk-luggiinn.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v3/recaptcha HTTP/1.1Host: contact.apps-api.instantpage.secureserver.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://metamssk-luggiinn.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metamssk-luggiinn.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v3/recaptcha HTTP/1.1Host: contact.apps-api.instantpage.secureserver.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_ HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://metamssk-luggiinn.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRhbXNzay1sdWdnaWlubi5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=nh09mt5duhvh HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://metamssk-luggiinn.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRhbXNzay1sdWdnaWlubi5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=nh09mt5duhvhAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/97uzgHxzdqXefmTg8wPeKCy4kla86q4zhj2nq_yidw0.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRhbXNzay1sdWdnaWlubi5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=nh09mt5duhvhAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/97uzgHxzdqXefmTg8wPeKCy4kla86q4zhj2nq_yidw0.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: metamssk-luggiinn.godaddysites.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: metamssk-luggiinn.godaddysites.com
Source: global traffic	DNS traffic detected: DNS query: img1.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: isteam.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: api.ola.godaddy.com
Source: global traffic	DNS traffic detected: DNS query: events.api.secureserver.net
Source: global traffic	DNS traffic detected: DNS query: csp.secureserver.net
Source: global traffic	DNS traffic detected: DNS query: contact.apps-api.instantpage.secureserver.net

Source: unknown

HTTP traffic detected: POST /accounts HTTP/1.1Host: api.ola.godaddy.comConnection: keep-aliveContent-Length: 54sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: */*Content-Type: application/json;charset=UTF-8sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://metamssk-luggiinn.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metamssk-luggiinn.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 12 Jan 2025 00:41:15 GMTContent-Type: application/json; charset=utf-8Content-Length: 29Connection: closeaccess-control-allow-origin: https://metamssk-luggiinn.godaddysites.comaccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEADaccess-control-expose-headers: access-control-max-age: 7200access-control-allow-credentials: truex-frame-options: SAMEORIGINx-xss-protection: 0x-content-type-options: nosniffx-permitted-cross-domain-policies: nonereferrer-policy: strict-origin-when-cross-originvary: Accept, Origincache-control: no-cachex-request-id: ef5298cd4c16f6016f9e00505411a384x-runtime: 0.004256Strict-Transport-Security: max-age=15724800; includeSubDomains
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 12 Jan 2025 00:41:25 GMTContent-Type: application/json; charset=utf-8Content-Length: 29Connection: closeaccess-control-allow-origin: https://metamssk-luggiinn.godaddysites.comaccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEADaccess-control-expose-headers: access-control-max-age: 7200access-control-allow-credentials: truex-frame-options: SAMEORIGINx-xss-protection: 0x-content-type-options: nosniffx-permitted-cross-domain-policies: nonereferrer-policy: strict-origin-when-cross-originvary: Accept, Origincache-control: no-cachex-request-id: 931377603c75cc4cf32c73ebf813288ax-runtime: 0.003928Strict-Transport-Security: max-age=15724800; includeSubDomains
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 12 Jan 2025 00:41:28 GMTContent-Type: application/json; charset=utf-8Content-Length: 29Connection: closeaccess-control-allow-origin: https://metamssk-luggiinn.godaddysites.comaccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEADaccess-control-expose-headers: access-control-max-age: 7200access-control-allow-credentials: truex-frame-options: SAMEORIGINx-xss-protection: 0x-content-type-options: nosniffx-permitted-cross-domain-policies: nonereferrer-policy: strict-origin-when-cross-originvary: Accept, Origincache-control: no-cachex-request-id: c54d568465501874cd0ef9f35e63543ax-runtime: 0.004814Strict-Transport-Security: max-age=15724800; includeSubDomains

Source: chromecache_303.2.dr, chromecache_234.2.dr, chromecache_220.2.dr, chromecache_304.2.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_292.2.dr, chromecache_317.2.dr	String found in binary or memory: http://scripts.sil.org/OFL
Source: chromecache_334.2.dr, chromecache_294.2.dr	String found in binary or memory: https://api.ola.$
Source: chromecache_334.2.dr, chromecache_294.2.dr	String found in binary or memory: https://cart-checkout.dev-secureserver.net
Source: chromecache_334.2.dr, chromecache_294.2.dr	String found in binary or memory: https://cart-checkout.secureserver.net
Source: chromecache_334.2.dr, chromecache_294.2.dr	String found in binary or memory: https://cart-checkout.test-secureserver.net
Source: chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_204.2.dr	String found in binary or memory: https://contact.apps-api.instantpage.secureserver.net
Source: chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_278.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/gudea/v15/neIFzCqgsI0mp9CG_oC-Nw.woff2)
Source: chromecache_278.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2)
Source: chromecache_278.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2)
Source: chromecache_278.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/gudea/v15/neIIzCqgsI0mp9gz25WPFqwKUQ.woff2)
Source: chromecache_278.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2)
Source: chromecache_278.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/gudea/v15/neILzCqgsI0mp9CNzoymM5Ez.woff2)
Source: chromecache_194.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNXaxMICA.woff2)
Source: chromecache_194.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2)
Source: chromecache_184.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2)
Source: chromecache_184.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2)
Source: chromecache_184.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgFE_.woff2)
Source: chromecache_184.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2)
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_292.2.dr, chromecache_317.2.dr	String found in binary or memory: https://github.com/clauseggers/Playfair-Display)
Source: chromecache_285.2.dr	String found in binary or memory: https://github.com/lancedikson/bowser
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CG_oC-Nw.woff2)
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2)
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2)
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WPFqwKUQ.woff2)
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2)
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoymM5Ez.woff2)
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNXaxMICA.woff2)
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2)
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2)
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2)
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgFE_.woff2)
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2)
Source: chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/isteam/ip/d259ecf2-ac02-4260-94af-4f91e605cf8e/architecture-chair-color-10806
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_292.2.dr, chromecache_317.2.dr	String found in binary or memory: https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc
Source: chromecache_317.2.dr	String found in binary or memory: https://metamssk-luggiinn.godaddysites.com/
Source: chromecache_218.2.dr	String found in binary or memory: https://metamssk-luggiinn.godaddysites.com/about
Source: chromecache_292.2.dr	String found in binary or memory: https://metamssk-luggiinn.godaddysites.com/contact
Source: chromecache_185.2.dr	String found in binary or memory: https://metamssk-luggiinn.godaddysites.com/projects
Source: chromecache_231.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_204.2.dr	String found in binary or memory: https://policies.google.com/privacy
Source: chromecache_204.2.dr	String found in binary or memory: https://policies.google.com/terms
Source: chromecache_231.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_218.2.dr, chromecache_185.2.dr, chromecache_292.2.dr, chromecache_317.2.dr	String found in binary or memory: https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applica
Source: chromecache_279.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?render=$
Source: chromecache_286.2.dr, chromecache_213.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__.
Source: chromecache_252.2.dr, chromecache_213.2.dr, chromecache_280.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866

Source: classification engine

Classification label: mal76.phis.win@18/256@30/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2572 --field-trial-handle=2424,i,18189076913938515598,7757017181598413240,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://metamssk-luggiinn.godaddysites.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2572 --field-trial-handle=2424,i,18189076913938515598,7757017181598413240,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
http://metamssk-luggiinn.godaddysites.com/	100%	Avira URL Cloud	phishing

Source	Detection	Scanner	Label
https://cart-checkout.dev-secureserver.net	0%	Avira URL Cloud	safe
https://metamssk-luggiinn.godaddysites.com/contact	100%	Avira URL Cloud	phishing
https://metamssk-luggiinn.godaddysites.com/projects	100%	Avira URL Cloud	phishing
https://api.ola.$	0%	Avira URL Cloud	safe
https://cart-checkout.test-secureserver.net	0%	Avira URL Cloud	safe
https://metamssk-luggiinn.godaddysites.com/sw.js	100%	Avira URL Cloud	phishing
https://metamssk-luggiinn.godaddysites.com/about	100%	Avira URL Cloud	phishing
https://metamssk-luggiinn.godaddysites.com/manifest.webmanifest	100%	Avira URL Cloud	phishing

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
proxy.k8s.pnc.phx.secureserver.net	45.40.130.49	true	false	high
www.google.com	142.250.185.100	true	false	high
isteam.wsimg.com	18.197.103.231	true	false	high
metamssk-luggiinn.godaddysites.com	13.248.243.5	true	true	unknown
proxy.k8s.pnc.iad.secureserver.net	198.71.248.123	true	false	high
img1.wsimg.com	unknown	unknown	false	high
csp.secureserver.net	unknown	unknown	false	high
events.api.secureserver.net	unknown	unknown	false	high
api.ola.godaddy.com	unknown	unknown	false	high
contact.apps-api.instantpage.secureserver.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://api.ola.godaddy.com/v2/accounts/7d215ab1-2922-48c1-9069-21700b4c4424/categories	false		high
https://www.google.com/js/bg/97uzgHxzdqXefmTg8wPeKCy4kla86q4zhj2nq_yidw0.js	false		high
https://metamssk-luggiinn.godaddysites.com/	false		unknown
https://metamssk-luggiinn.godaddysites.com/contact#46f78e66-2577-4889-ab9f-b1701f6a0b42	true		unknown
https://metamssk-luggiinn.godaddysites.com/contact	false	Avira URL Cloud: phishing	unknown
https://metamssk-luggiinn.godaddysites.com/sw.js	false	Avira URL Cloud: phishing	unknown
https://metamssk-luggiinn.godaddysites.com/about	false	Avira URL Cloud: phishing	unknown
https://api.ola.godaddy.com/accounts/7d215ab1-2922-48c1-9069-21700b4c4424/config	false		high
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF	false		high
https://api.ola.godaddy.com/accounts/7d215ab1-2922-48c1-9069-21700b4c4424/config?fields[]=cart	false		high
https://metamssk-luggiinn.godaddysites.com/projects	false	Avira URL Cloud: phishing	unknown
https://contact.apps-api.instantpage.secureserver.net/v3/recaptcha	false		high
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRhbXNzay1sdWdnaWlubi5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=nh09mt5duhvh	false		high
https://metamssk-luggiinn.godaddysites.com/manifest.webmanifest	false	Avira URL Cloud: phishing	unknown
http://metamssk-luggiinn.godaddysites.com/	true		unknown
https://www.google.com/recaptcha/api.js?render=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_	false		high
https://api.ola.godaddy.com/accounts	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://developers.google.com/recaptcha/docs/faq#localhost_support	chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	false		high
https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CG_oC-Nw.woff2)	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	false		high
https://support.google.com/recaptcha#6262736	chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	false		high
https://cart-checkout.dev-secureserver.net	chromecache_334.2.dr, chromecache_294.2.dr	false	Avira URL Cloud: safe	unknown
https://img1.wsimg.com/gfonts/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNXaxMICA.woff2)	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	false		high
https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgFE_.woff2)	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	false		high
https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2)	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	false		high
https://support.google.com/recaptcha/?hl=en#6223828	chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	false		high
https://cloud.google.com/contact	chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	false		high
https://policies.google.com/terms	chromecache_204.2.dr	false		high
https://www.gstatic.c..?/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__.	chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	false		high
https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoymM5Ez.woff2)	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	false		high
https://support.google.com/recaptcha/#6175971	chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	false		high
https://cart-checkout.secureserver.net	chromecache_334.2.dr, chromecache_294.2.dr	false		high
https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2)	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	false		high
https://img1.wsimg.com/gfonts/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2)	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	false		high
https://www.google.com/recaptcha/api2/	chromecache_286.2.dr, chromecache_213.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	false		high
https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WPFqwKUQ.woff2)	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	false		high
https://cart-checkout.test-secureserver.net	chromecache_334.2.dr, chromecache_294.2.dr	false	Avira URL Cloud: safe	unknown
https://support.google.com/recaptcha	chromecache_231.2.dr	false		high
http://jedwatson.github.io/classnames	chromecache_303.2.dr, chromecache_234.2.dr, chromecache_220.2.dr, chromecache_304.2.dr	false		high
https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2)	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	false		high
https://github.com/clauseggers/Playfair-Display)	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_292.2.dr, chromecache_317.2.dr	false		high
https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2)	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	false		high
https://contact.apps-api.instantpage.secureserver.net	chromecache_204.2.dr	false		high
https://api.ola.$	chromecache_334.2.dr, chromecache_294.2.dr	false	Avira URL Cloud: safe	unknown
https://cloud.google.com/recaptcha-enterprise/billing-information	chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	false		high
https://www.google.com/recaptcha/api.js?render=$	chromecache_279.2.dr	false		high
https://img1.wsimg.com/isteam/ip/d259ecf2-ac02-4260-94af-4f91e605cf8e/architecture-chair-color-10806	chromecache_317.2.dr	false		high
https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applica	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_292.2.dr, chromecache_317.2.dr	false		high
https://github.com/lancedikson/bowser	chromecache_285.2.dr	false		high
https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2)	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	false		high
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que	chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	false		high
https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2)	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_317.2.dr	false		high
https://play.google.com/log?format=json&hasfast=true	chromecache_231.2.dr	false		high
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca	chromecache_286.2.dr, chromecache_191.2.dr, chromecache_231.2.dr	false		high
https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_292.2.dr, chromecache_317.2.dr	false		high
https://policies.google.com/privacy	chromecache_204.2.dr	false		high
http://scripts.sil.org/OFL	chromecache_218.2.dr, chromecache_185.2.dr, chromecache_292.2.dr, chromecache_317.2.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
18.197.103.231	isteam.wsimg.com	United States	16509	AMAZON-02US	false
142.250.185.100	www.google.com	United States	15169	GOOGLEUS	false
45.40.130.49	proxy.k8s.pnc.phx.secureserver.net	United States	26496	AS-26496-GO-DADDY-COM-LLCUS	false
198.71.248.123	proxy.k8s.pnc.iad.secureserver.net	United States	26496	AS-26496-GO-DADDY-COM-LLCUS	false
13.248.243.5	metamssk-luggiinn.godaddysites.com	United States	16509	AMAZON-02US	true
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.217.23.100	unknown	United States	15169	GOOGLEUS	false
172.217.18.100	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4
192.168.2.5

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1589358
Start date and time:	2025-01-12 01:40:02 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 30s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://metamssk-luggiinn.godaddysites.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal76.phis.win@18/256@30/10
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.163, 142.250.186.78, 142.251.168.84, 142.250.185.206, 142.250.186.174, 172.217.18.14, 142.250.184.202, 216.58.212.163, 95.100.110.86, 95.100.110.77, 23.38.98.114, 23.38.98.78, 199.232.210.172, 192.229.221.95, 2.23.227.198, 2.23.227.202, 104.102.33.222, 2.18.64.27, 2.18.64.8, 142.250.184.206, 142.250.184.234, 142.250.185.74, 172.217.16.202, 142.250.185.170, 216.58.206.74, 142.250.185.138, 142.250.186.74, 142.250.185.202, 172.217.18.10, 172.217.23.106, 216.58.212.170, 142.250.186.138, 142.250.74.202, 142.250.186.42, 142.250.185.106, 142.250.184.195, 216.58.206.67, 216.58.206.35, 142.250.181.227, 142.250.186.110, 142.250.185.99, 142.250.185.142, 172.217.16.206, 142.250.74.206, 2.23.242.162, 20.12.23.50, 13.107.246.45
Excluded domains from analysis (whitelisted): e8843.dsca.akamaiedge.net, fonts.googleapis.com, e40258.g.akamaiedge.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, otelrules.azureedge.net, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, wildcard-sni-only.api.secureserver.net.edgekey.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, e64861.dsca.akamaiedge.net, clients.l.google.com, www.gstatic.com, global-wildcard.wsimg.com.sni-only.edgekey.net, csp.secureserver.net.edgekey.net
Not all processes where analyzed, report is missing behavior information
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://metamssk-luggiinn.godaddysites.com/

Input	Output
URL: http://metamssk-luggiinn.godaddysites.com Model: Joe Sandbox AI	{ "typosquatting": true, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": true, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": false, "brand_spoofing_attempt": true, "third_party_hosting": true }
URL: http://metamssk-luggiinn.godaddysites.com
URL: https://metamssk-luggiinn.godaddysites.com/... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The script checks for the presence of certain browser features and, if they are not available, loads a polyfill script from a third-party domain. This is a common practice to ensure compatibility across different browsers and is not inherently malicious. However, the use of `document.write()` to inject the script is considered a legacy practice and could potentially cause issues in some cases." }
"IntersectionObserver"in window&&"Intl"in window&&"Locale"in window.Intl\|\|document.write(`\x3Cscript src="https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~locale.en-US">\x3C/script>`)
URL: https://metamssk-luggiinn.godaddysites.com/ Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Interior design help reimagine your home.", "prominent_button_name": "BOOK NOW", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://metamssk-luggiinn.godaddysites.com/ Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://metamssk-luggiinn.godaddysites.com/contact#46f78e66-2577-4889-ab9f-b1701f6a0b42 Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://metamssk-luggiinn.godaddysites.com/contact#46f78e66-2577-4889-ab9f-b1701f6a0b42 Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": [ "Name", "Email", "Tell us more about your project and timeline" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://metamssk-luggiinn.godaddysites.com/contact#46f78e66-2577-4889-ab9f-b1701f6a0b42 Model: Joe Sandbox AI	{ "brands": [ "Metamssk-luggiinn" ] }
	{ "brands": [ "Metamssk-luggiinn" ] }
URL: https://metamssk-luggiinn.godaddysites.com/contact#46f78e66-2577-4889-ab9f-b1701f6a0b42 Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://metamssk-luggiinn.godaddysites.com/contact#46f78e66-2577-4889-ab9f-b1701f6a0b42 Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": [ "Name", "Email", "Tell us more about your project and timeline" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://metamssk-luggiinn.godaddysites.com/contact#46f78e66-2577-4889-ab9f-b1701f6a0b42 Model: Joe Sandbox AI	{ "brands": [ "Metamssk-luggiinn" ] }
	{ "brands": [ "Metamssk-luggiinn" ] }
URL: https://metamssk-luggiinn.godaddysites.com/contact#46f78e66-2577-4889-ab9f-b1701f6a0b42 Model: Joe Sandbox AI	```json{ "legit_domain": "metamask.io", "classification": "wellknown", "reasons": [ "The brand name 'Metamssk-luggiinn' is a misspelling of 'MetaMask', which is a well-known cryptocurrency wallet service.", "The URL 'metamssk-luggiinn.godaddysites.com' contains a misspelling of 'MetaMask' and uses 'godaddysites.com', which is a free website hosting service, not associated with the official MetaMask domain.", "The legitimate domain for MetaMask is 'metamask.io'.", "The use of a free hosting service and misspelled brand name are common indicators of phishing attempts." ], "riskscore": 9} Google indexed: False
URL: metamssk-luggiinn.godaddysites.com Brands: Metamssk-luggiinn Input Fields: Name, Email, Tell us more about your project and timeline

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	4917
Entropy (8bit):	5.429110578417573
Encrypted:	false
SSDEEP:	96:JIOEaN2om6FZOjOEaN2vEOEaN2bFJc+uHOEaN2fNMIOpaN2om6FZOjOpaN2vEOp+:JHN2om/UN2vrN2btVN26qN2om/dN2vOz
MD5:	E9AEBBFE9588BFC18C7B5A652C965376
SHA1:	ABEB4D8915C6BA63D23A12D03C456E4E5E74152C
SHA-256:	D1D23349E45F96380AAB15D6551C629F60F42C5E79EBC24C37E4F9424D6B6E1F
SHA-512:	A847571DD6AAA6FEB69CEC586965FA610B141540AFF9E73F14E772CA5997C690D4E335F2EB4A19A34F01345FFE8280DC42D76AD414C6A1FDB08B6C85DF1449E0
Malicious:	false
Reputation:	low
URL:	"https://fonts.googleapis.com/css?family=Playfair+Display:400,700,900&display=swap"
Preview:	/* cyrillic /.@font-face {. font-family: 'Playfair Display';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgFE_.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ vietnamese /.@font-face {. font-family: 'Playfair Display';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;.}./ latin-ext */.@font-face {. font-family: 'Playfair Display';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2) format('woff2');. unicode

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 12, 2025 01:40:59.073744059 CET	53	52369	1.1.1.1	192.168.2.4
Jan 12, 2025 01:40:59.157993078 CET	53	49972	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:00.184444904 CET	53	61515	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:02.711554050 CET	59794	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:02.711697102 CET	60299	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:02.825265884 CET	53	59794	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:02.825314045 CET	53	60299	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:04.811934948 CET	56199	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:04.812082052 CET	54163	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:04.821285963 CET	53	54163	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:04.849482059 CET	53	56199	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:05.328949928 CET	64602	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:05.328949928 CET	61370	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:05.336884022 CET	53	64602	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:05.338717937 CET	53	61370	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:06.002712965 CET	57946	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:06.002712965 CET	64901	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:06.007657051 CET	53	62374	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:06.045615911 CET	63526	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:06.045615911 CET	53056	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:06.052865982 CET	53	53056	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:06.054727077 CET	53	63526	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:07.465445995 CET	49471	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:07.465581894 CET	53299	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:14.981606960 CET	59709	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:14.982131958 CET	51858	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:14.991944075 CET	53	59709	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:14.992307901 CET	53	51858	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:15.001969099 CET	59511	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:15.002182961 CET	50315	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:15.252113104 CET	56819	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:15.252496958 CET	65023	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:15.654407978 CET	138	138	192.168.2.4	192.168.2.255
Jan 12, 2025 01:41:16.310266972 CET	60233	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:16.310420036 CET	51893	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:17.204035044 CET	53	52532	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:22.642429113 CET	53	57722	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:29.760179043 CET	61009	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:29.760643005 CET	62123	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:29.773345947 CET	53	61009	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:29.773364067 CET	53	62123	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:30.598998070 CET	56629	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:30.599186897 CET	60758	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:30.600173950 CET	58163	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:30.600362062 CET	54939	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:30.605848074 CET	53	56629	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:30.605878115 CET	53	60758	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:30.610223055 CET	53	58163	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:30.611268997 CET	53	54939	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:31.560689926 CET	53	63098	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:33.105098963 CET	53359	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:33.105218887 CET	58793	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:33.111865997 CET	53	53359	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:33.111880064 CET	53	58793	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:34.078923941 CET	53	53198	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:35.602874994 CET	53	58653	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:36.203970909 CET	53	53952	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:36.570882082 CET	62902	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:36.573271990 CET	62078	53	192.168.2.4	1.1.1.1
Jan 12, 2025 01:41:36.577626944 CET	53	62902	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:36.579838037 CET	53	62078	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:58.079643011 CET	53	53658	1.1.1.1	192.168.2.4
Jan 12, 2025 01:41:58.640578985 CET	53	57063	1.1.1.1	192.168.2.4

Timestamp	Bytes transferred	Direction	Data
Jan 12, 2025 01:41:04.856276035 CET	449	OUT	GET / HTTP/1.1 Host: metamssk-luggiinn.godaddysites.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 12, 2025 01:41:05.326185942 CET	360	IN	HTTP/1.1 301 Moved Permanently location: https://metamssk-luggiinn.godaddysites.com/ vary: Accept-Encoding server: DPS/2.0.0+sha-fcac51d x-version: fcac51d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ etag: a36854d001a40befab7f03475d415bc2 date: Sun, 12 Jan 2025 00:41:05 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:05 UTC	708	OUT	GET / HTTP/1.1 Host: metamssk-luggiinn.godaddysites.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1
2025-01-12 00:41:05 UTC	1443	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-fcac51d X-Version: fcac51d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: a36854d001a40befab7f03475d415bc2 Date: Sun, 12 Jan 2025 00:41:05 GMT Connection: close Transfer-Encoding: chunked
2025-01-12 00:41:05 UTC	14941	IN	Data Raw: 31 31 66 33 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 37 64 32 31 35 61 62 31 2d 32 39 32 32 2d 34 38 63 31 2d 39 30 36 39 2d 32 31 37 30 30 62 34 63 34 34 32 34 2f 66 61 76 69 63 6f 6e 2f 33 32 39 33 64 63 62 62 2d 39 39 64 31 2d 34 31 37 61 2d 39 31 30 35 2d 39 32 66 34 38 33 35 33 36 62 33 62 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d Data Ascii: 11f31<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/7d215ab1-2922-48c1-9069-21700b4c4424/favicon/3293dcbb-99d1-417a-9105-92f483536b3b.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com
2025-01-12 00:41:06 UTC	16384	IN	Data Raw: 2d 6e 6f 6e 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 73 69 64 65 6c 69 6e 65 2d 66 6f 6f 74 65 72 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 61 75 74 6f 7d 2e 64 69 73 61 62 6c 65 2d 73 63 72 6f 6c 6c 7b 74 6f 75 63 68 2d 61 63 74 69 6f 6e 3a 6e 6f 6e 65 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 76 77 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 6c 6f 61 64 65 72 73 63 61 6c 65 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 3b 6f 70 61 63 69 74 79 3a 31 7d 34 35 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 2e 31 29 3b 6f 70 61 63 69 74 79 3a 2e 37 7d 38 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a Data Ascii: -none{display:none!important}.sideline-footer{margin-top:auto}.disable-scroll{touch-action:none;overflow:hidden;position:fixed;max-width:100vw}@-webkit-keyframes loaderscale{0%{transform:scale(1);opacity:1}45%{transform:scale(.1);opacity:.7}80%{transform:
2025-01-12 00:41:06 UTC	16384	IN	Data Raw: 38 30 70 78 29 7b 2e 78 20 2e 63 31 2d 34 36 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 32 38 30 70 78 29 7b 2e 78 20 2e 63 31 2d 35 6c 7b 77 69 64 74 68 3a 31 31 36 30 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 32 38 30 70 78 29 7b 2e 78 20 2e 63 31 2d 36 70 7b 66 6f 6e 74 2d 73 69 7a 65 3a 36 32 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 32 38 30 70 78 29 7b 2e 78 20 2e 63 31 2d 39 7a 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 7d 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 64 61 74 61 2d 67 6c 61 6d 6f 72 3d 22 63 78 73 2d 78 6c 2d 73 68 65 65 74 22 3e 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 35 33 36 Data Ascii: 80px){.x .c1-46{font-size:14px}}@media (min-width: 1280px){.x .c1-5l{width:1160px}}@media (min-width: 1280px){.x .c1-6p{font-size:62px}}@media (min-width: 1280px){.x .c1-9z{font-size:12px}}</style><style data-glamor="cxs-xl-sheet">@media (min-width: 1536
2025-01-12 00:41:06 UTC	16384	IN	Data Raw: 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 42 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 76 20 63 31 2d 77 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 73 76 67 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 32 34 20 32 34 22 20 66 69 6c 6c 3d 22 63 75 72 72 65 6e 74 43 6f 6c 6f 72 22 20 77 69 64 74 68 3d 22 34 30 70 78 22 20 68 65 69 67 68 74 3d 22 34 30 70 78 22 20 64 61 74 61 2d 75 78 3d 22 43 6c 6f 73 65 49 63 6f 6e 22 20 64 61 74 61 2d 65 64 69 74 2d 69 6e 74 65 72 61 63 74 69 76 65 3d 22 74 72 75 65 22 20 64 61 74 61 2d 63 6c 6f 73 65 3d 22 74 72 75 65 22 20 63 6c 61 73 73 3d 22 Data Ascii: c1-e c1-f c1-g"><div data-ux="Block" class="x-el x-el-div c1-1 c1-2 c1-v c1-w c1-b c1-c c1-d c1-e c1-f c1-g"><svg viewBox="0 0 24 24" fill="currentColor" width="40px" height="40px" data-ux="CloseIcon" data-edit-interactive="true" data-close="true" class="
2025-01-12 00:41:06 UTC	9442	IN	Data Raw: 65 2f 65 6c 65 6d 65 6e 74 35 2d 64 69 67 69 74 61 6c 2d 36 38 35 32 30 32 2d 75 6e 73 70 6c 61 73 68 2e 6a 70 67 2f 3a 2f 72 73 3d 77 3a 37 34 30 2c 63 67 3a 74 72 75 65 2c 6d 20 32 78 2c 20 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 64 32 35 39 65 63 66 32 2d 61 63 30 32 2d 34 32 36 30 2d 39 34 61 66 2d 34 66 39 31 65 36 30 35 63 66 38 65 2f 65 6c 65 6d 65 6e 74 35 2d 64 69 67 69 74 61 6c 2d 36 38 35 32 30 32 2d 75 6e 73 70 6c 61 73 68 2e 6a 70 67 2f 3a 2f 72 73 3d 77 3a 31 31 31 30 2c 63 67 3a 74 72 75 65 2c 6d 20 33 78 22 20 64 61 74 61 2d 75 78 3d 22 49 6d 61 67 65 22 20 64 61 74 61 2d 61 69 64 3d 22 47 41 4c 4c 45 52 59 5f 49 4d 41 47 45 35 5f 52 45 4e 44 45 52 45 44 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 Data Ascii: e/element5-digital-685202-unsplash.jpg/:/rs=w:740,cg:true,m 2x, //img1.wsimg.com/isteam/ip/d259ecf2-ac02-4260-94af-4f91e605cf8e/element5-digital-685202-unsplash.jpg/:/rs=w:1110,cg:true,m 3x" data-ux="Image" data-aid="GALLERY_IMAGE5_RENDERED" class="x-el x

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:15 UTC	674	OUT	GET /sw.js HTTP/1.1 Host: metamssk-luggiinn.godaddysites.com Connection: keep-alive Cache-Control: max-age=0 Accept: / Service-Worker: script Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: serviceworker Referer: https://metamssk-luggiinn.godaddysites.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=8e2eea78-b987-48bd-9647-e29446fa10a3; _tccl_visit=8e2eea78-b987-48bd-9647-e29446fa10a3; _scc_session=pc=1&C_TOUCH=2025-01-12T00:41:10.445Z
2025-01-12 00:41:15 UTC	736	IN	HTTP/1.1 200 OK Link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: application/javascript Vary: Accept-Encoding Server: DPS/2.0.0+sha-fcac51d X-Version: fcac51d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 8f7ba6e682eb5b2e21e0e15aaac4ae94 Date: Sun, 12 Jan 2025 00:41:15 GMT Connection: close Transfer-Encoding: chunked
2025-01-12 00:41:15 UTC	15648	IN	Data Raw: 38 30 65 36 0d 0a 28 28 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 3d 7b 38 39 35 3a 28 29 3d 3e 7b 74 72 79 7b 73 65 6c 66 5b 22 77 6f 72 6b 62 6f 78 3a 63 61 63 68 65 61 62 6c 65 2d 72 65 73 70 6f 6e 73 65 3a 36 2e 34 2e 31 22 5d 26 26 5f 28 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 2c 32 35 39 3a 28 65 2c 74 2c 73 29 3d 3e 7b 73 2e 64 28 74 2c 7b 42 3a 28 29 3d 3e 61 7d 29 2c 73 28 39 31 33 29 3b 63 6c 61 73 73 20 61 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 7b 74 68 69 73 2e 70 72 6f 6d 69 73 65 3d 6e 65 77 20 50 72 6f 6d 69 73 65 28 28 28 65 2c 74 29 3d 3e 7b 74 68 69 73 2e 72 65 73 6f 6c 76 65 3d 65 2c 74 68 69 73 2e 72 65 6a 65 63 74 3d 74 7d 29 29 7d 7d 7d 2c 31 32 35 3a 28 65 2c 74 2c 73 29 3d 3e 7b 73 2e 64 28 74 2c 7b 56 3a Data Ascii: 80e6(()=>{"use strict";var e={895:()=>{try{self["workbox:cacheable-response:6.4.1"]&&_()}catch(e){}},259:(e,t,s)=>{s.d(t,{B:()=>a}),s(913);class a{constructor(){this.promise=new Promise(((e,t)=>{this.resolve=e,this.reject=t}))}}},125:(e,t,s)=>{s.d(t,{V:
2025-01-12 00:41:15 UTC	16384	IN	Data Raw: 2c 72 29 2c 72 7d 76 61 72 20 52 3b 52 3d 64 2c 64 3d 7b 2e 2e 2e 52 2c 67 65 74 3a 28 65 2c 74 2c 73 29 3d 3e 5f 28 65 2c 74 29 7c 7c 52 2e 67 65 74 28 65 2c 74 2c 73 29 2c 68 61 73 3a 28 65 2c 74 29 3d 3e 21 21 5f 28 65 2c 74 29 7c 7c 52 2e 68 61 73 28 65 2c 74 29 7d 2c 73 28 35 35 30 29 3b 63 6f 6e 73 74 20 76 3d 22 63 61 63 68 65 2d 65 6e 74 72 69 65 73 22 2c 62 3d 65 3d 3e 7b 63 6f 6e 73 74 20 74 3d 6e 65 77 20 55 52 4c 28 65 2c 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 29 3b 72 65 74 75 72 6e 20 74 2e 68 61 73 68 3d 22 22 2c 74 2e 68 72 65 66 7d 3b 63 6c 61 73 73 20 78 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 65 29 7b 74 68 69 73 2e 5f 64 62 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 63 61 63 68 65 4e 61 6d 65 3d 65 7d 5f 75 70 67 72 61 64 65 44 62 28 65 29 7b Data Ascii: ,r),r}var R;R=d,d={...R,get:(e,t,s)=>_(e,t)\|\|R.get(e,t,s),has:(e,t)=>!!_(e,t)\|\|R.has(e,t)},s(550);const v="cache-entries",b=e=>{const t=new URL(e,location.href);return t.hash="",t.href};class x{constructor(e){this._db=null,this._cacheName=e}_upgradeDb(e){
2025-01-12 00:41:15 UTC	979	IN	Data Raw: 6b 46 69 72 73 74 28 7b 63 61 63 68 65 4e 61 6d 65 3a 22 6e 65 74 77 6f 72 6b 2d 66 69 72 73 74 22 2c 70 6c 75 67 69 6e 73 3a 5b 6e 65 77 20 61 2e 43 61 63 68 65 61 62 6c 65 52 65 73 70 6f 6e 73 65 50 6c 75 67 69 6e 28 7b 73 74 61 74 75 73 65 73 3a 5b 32 30 30 5d 7d 29 5d 7d 29 29 2c 28 30 2c 65 2e 72 65 67 69 73 74 65 72 52 6f 75 74 65 29 28 28 28 7b 72 65 71 75 65 73 74 3a 65 7d 29 3d 3e 22 73 74 79 6c 65 22 3d 3d 3d 65 2e 64 65 73 74 69 6e 61 74 69 6f 6e 7c 7c 22 73 63 72 69 70 74 22 3d 3d 3d 65 2e 64 65 73 74 69 6e 61 74 69 6f 6e 29 2c 6e 65 77 20 74 2e 53 74 61 6c 65 57 68 69 6c 65 52 65 76 61 6c 69 64 61 74 65 28 7b 63 61 63 68 65 4e 61 6d 65 3a 22 73 74 61 74 69 63 2d 72 65 73 6f 75 72 63 65 73 22 2c 70 6c 75 67 69 6e 73 3a 5b 6e 65 77 20 61 2e 43 Data Ascii: kFirst({cacheName:"network-first",plugins:[new a.CacheableResponsePlugin({statuses:[200]})]})),(0,e.registerRoute)((({request:e})=>"style"===e.destination\|\|"script"===e.destination),new t.StaleWhileRevalidate({cacheName:"static-resources",plugins:[new a.C

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:15 UTC	651	OUT	GET /accounts/7d215ab1-2922-48c1-9069-21700b4c4424/config?fields[]=cart HTTP/1.1 Host: api.ola.godaddy.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://metamssk-luggiinn.godaddysites.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metamssk-luggiinn.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:15 UTC	755	IN	HTTP/1.1 404 Not Found Date: Sun, 12 Jan 2025 00:41:15 GMT Content-Type: application/json; charset=utf-8 Content-Length: 29 Connection: close access-control-allow-origin: https://metamssk-luggiinn.godaddysites.com access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers: access-control-max-age: 7200 access-control-allow-credentials: true x-frame-options: SAMEORIGIN x-xss-protection: 0 x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin vary: Accept, Origin cache-control: no-cache x-request-id: ef5298cd4c16f6016f9e00505411a384 x-runtime: 0.004256 Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-12 00:41:15 UTC	29	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 22 41 63 63 6f 75 6e 74 20 6e 6f 74 20 66 6f 75 6e 64 22 7d Data Ascii: {"error":"Account not found"}

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:16 UTC	659	OUT	GET /contact HTTP/1.1 Host: metamssk-luggiinn.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metamssk-luggiinn.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=8e2eea78-b987-48bd-9647-e29446fa10a3; _tccl_visit=8e2eea78-b987-48bd-9647-e29446fa10a3; _scc_session=pc=1&C_TOUCH=2025-01-12T00:41:10.445Z
2025-01-12 00:41:16 UTC	918	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin,<https://api.ola.godaddy.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-fcac51d X-Version: fcac51d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 43cbf726e5b00409cf3c8240b1a22284 Date: Sun, 12 Jan 2025 00:41:16 GMT Connection: close Transfer-Encoding: chunked
2025-01-12 00:41:16 UTC	15466	IN	Data Raw: 31 31 35 61 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 37 64 32 31 35 61 62 31 2d 32 39 32 32 2d 34 38 63 31 2d 39 30 36 39 2d 32 31 37 30 30 62 34 63 34 34 32 34 2f 66 61 76 69 63 6f 6e 2f 33 32 39 33 64 63 62 62 2d 39 39 64 31 2d 34 31 37 61 2d 39 31 30 35 2d 39 32 66 34 38 33 35 33 36 62 33 62 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d Data Ascii: 115a4<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/7d215ab1-2922-48c1-9069-21700b4c4424/favicon/3293dcbb-99d1-417a-9105-92f483536b3b.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com
2025-01-12 00:41:16 UTC	16384	IN	Data Raw: 3a 6e 6f 2d 72 65 70 65 61 74 7d 2e 78 20 2e 63 31 2d 36 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 78 20 2e 63 31 2d 36 6f 7b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 7d 2e 78 20 2e 63 31 2d 36 70 20 3e 20 64 69 76 3a 6e 74 68 2d 63 68 69 6c 64 28 32 29 7b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 32 34 70 78 7d 2e 78 20 2e 63 31 2d 37 34 7b 66 6c 65 78 2d 67 72 6f 77 3a 31 7d 2e 78 20 2e 63 31 2d 37 35 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 78 20 2e 63 31 2d 37 37 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 31 32 35 7d 2e 78 20 2e 63 31 2d 37 38 7b 63 6f 6c 6f 72 3a 72 67 62 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 29 7d 2e 78 20 2e 63 31 2d 37 39 7b 62 61 63 Data Ascii: :no-repeat}.x .c1-6n{background-color:transparent}.x .c1-6o{justify-content:center}.x .c1-6p > div:nth-child(2){padding-top:24px}.x .c1-74{flex-grow:1}.x .c1-75{text-align:center}.x .c1-77{line-height:1.125}.x .c1-78{color:rgb(255, 255, 255)}.x .c1-79{bac
2025-01-12 00:41:16 UTC	16384	IN	Data Raw: 74 68 3a 20 31 30 32 34 70 78 29 7b 2e 78 20 2e 63 31 2d 37 33 20 3e 20 64 69 76 3a 6e 74 68 2d 63 68 69 6c 64 28 32 29 7b 6d 61 78 2d 77 69 64 74 68 3a 35 30 25 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 30 32 34 70 78 29 7b 2e 78 20 2e 63 31 2d 37 36 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 30 32 34 70 78 29 7b 2e 78 20 2e 63 31 2d 37 65 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 30 32 34 70 78 29 7b 2e 78 20 2e 63 31 2d 37 66 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 61 75 74 6f 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 30 32 34 70 78 29 7b 2e 78 20 2e 63 31 2d Data Ascii: th: 1024px){.x .c1-73 > div:nth-child(2){max-width:50%}}@media (min-width: 1024px){.x .c1-76{text-align:left}}@media (min-width: 1024px){.x .c1-7e{text-align:center}}@media (min-width: 1024px){.x .c1-7f{margin-left:auto}}@media (min-width: 1024px){.x .c1-
2025-01-12 00:41:16 UTC	16384	IN	Data Raw: 75 6c 3e 3c 2f 6e 61 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 42 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 31 34 20 63 31 2d 72 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 55 74 69 6c 69 74 69 65 73 4d 65 6e 75 22 20 69 64 3d 22 6e 2d 34 33 30 32 34 39 34 33 30 32 37 35 2d 75 74 69 6c 69 74 79 2d 6d 65 6e 75 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 31 34 20 63 31 2d 31 32 20 63 31 2d 32 77 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 32 76 20 63 31 2d 64 20 63 31 2d 32 78 20 63 31 2d 32 79 20 63 31 Data Ascii: ul></nav></div><div data-ux="Block" class="x-el x-el-div c1-1 c1-2 c1-14 c1-r c1-b c1-c c1-d c1-e c1-f c1-g"><div data-ux="UtilitiesMenu" id="n-430249430275-utility-menu" class="x-el x-el-div c1-1 c1-2 c1-14 c1-12 c1-2w c1-b c1-c c1-2v c1-d c1-2x c1-2y c1
2025-01-12 00:41:16 UTC	6472	IN	Data Raw: 31 2d 31 78 20 63 31 2d 63 20 63 31 2d 31 79 20 63 31 2d 31 7a 20 63 31 2d 32 30 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 20 64 61 74 61 2d 74 63 63 6c 3d 22 75 78 32 2e 43 4f 4e 54 41 43 54 2e 63 6f 6e 74 61 63 74 32 2e 43 6f 6e 74 65 6e 74 2e 44 65 66 61 75 6c 74 2e 4c 69 6e 6b 2e 44 65 66 61 75 6c 74 2e 34 33 30 32 38 34 2e 63 6c 69 63 6b 2c 63 6c 69 63 6b 22 3e 39 37 33 2d 38 32 35 2d 35 30 38 38 3c 2f 61 3e 3c 2f 70 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 47 72 69 64 43 65 6c 6c 22 20 64 61 74 61 2d 61 69 64 3d 22 43 4f 4e 54 41 43 54 5f 53 45 43 54 49 4f 4e 5f 48 4f 55 52 53 5f 52 45 4e 44 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 37 71 20 Data Ascii: 1-1x c1-c c1-1y c1-1z c1-20 c1-d c1-e c1-f c1-g" data-tccl="ux2.CONTACT.contact2.Content.Default.Link.Default.430284.click,click">973-825-5088</a></p></div><div data-ux="GridCell" data-aid="CONTACT_SECTION_HOURS_REND" class="x-el x-el-div c1-1 c1-2 c1-7q

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:17 UTC	657	OUT	GET /about HTTP/1.1 Host: metamssk-luggiinn.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metamssk-luggiinn.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=8e2eea78-b987-48bd-9647-e29446fa10a3; _tccl_visit=8e2eea78-b987-48bd-9647-e29446fa10a3; _scc_session=pc=1&C_TOUCH=2025-01-12T00:41:10.445Z
2025-01-12 00:41:17 UTC	1443	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-fcac51d X-Version: fcac51d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: c1c39cea2527816bdb7a5be4d2bdf348 Date: Sun, 12 Jan 2025 00:41:17 GMT Connection: close Transfer-Encoding: chunked
2025-01-12 00:41:17 UTC	14941	IN	Data Raw: 31 32 31 62 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 37 64 32 31 35 61 62 31 2d 32 39 32 32 2d 34 38 63 31 2d 39 30 36 39 2d 32 31 37 30 30 62 34 63 34 34 32 34 2f 66 61 76 69 63 6f 6e 2f 33 32 39 33 64 63 62 62 2d 39 39 64 31 2d 34 31 37 61 2d 39 31 30 35 2d 39 32 66 34 38 33 35 33 36 62 33 62 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d Data Ascii: 121b2<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/7d215ab1-2922-48c1-9069-21700b4c4424/favicon/3293dcbb-99d1-417a-9105-92f483536b3b.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com
2025-01-12 00:41:17 UTC	16384	IN	Data Raw: 6c 2e 64 2d 6e 6f 6e 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 73 69 64 65 6c 69 6e 65 2d 66 6f 6f 74 65 72 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 61 75 74 6f 7d 2e 64 69 73 61 62 6c 65 2d 73 63 72 6f 6c 6c 7b 74 6f 75 63 68 2d 61 63 74 69 6f 6e 3a 6e 6f 6e 65 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 76 77 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 6c 6f 61 64 65 72 73 63 61 6c 65 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 3b 6f 70 61 63 69 74 79 3a 31 7d 34 35 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 2e 31 29 3b 6f 70 61 63 69 74 79 3a 2e 37 7d 38 30 25 7b 74 72 61 6e 73 66 6f Data Ascii: l.d-none{display:none!important}.sideline-footer{margin-top:auto}.disable-scroll{touch-action:none;overflow:hidden;position:fixed;max-width:100vw}@-webkit-keyframes loaderscale{0%{transform:scale(1);opacity:1}45%{transform:scale(.1);opacity:.7}80%{transfo
2025-01-12 00:41:17 UTC	16384	IN	Data Raw: 69 70 2f 64 32 35 39 65 63 66 32 2d 61 63 30 32 2d 34 32 36 30 2d 39 34 61 66 2d 34 66 39 31 65 36 30 35 63 66 38 65 2f 61 6c 65 78 2d 6c 6f 75 70 2d 34 34 30 37 36 31 2d 75 6e 73 70 6c 61 73 68 2e 6a 70 67 2f 3a 2f 63 72 3d 74 3a 30 25 32 35 2c 6c 3a 30 25 32 35 2c 77 3a 31 30 30 25 32 35 2c 68 3a 31 30 30 25 32 35 2f 72 73 3d 77 3a 33 38 33 37 2c 6d 22 29 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 32 38 30 70 78 29 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 31 35 33 35 70 78 29 7b 2e 78 20 2e 63 31 2d 38 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 30 32 29 20 30 25 2c 20 72 67 62 61 Data Ascii: ip/d259ecf2-ac02-4260-94af-4f91e605cf8e/alex-loup-440761-unsplash.jpg/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:3837,m")}}@media (min-width: 1280px) and (max-width: 1535px){.x .c1-8r{background-image:linear-gradient(to bottom, rgba(0, 0, 0, 0.02) 0%, rgba
2025-01-12 00:41:17 UTC	16384	IN	Data Raw: 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 42 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 31 34 20 63 31 2d 33 69 20 63 31 2d 31 32 20 63 31 2d 33 6a 20 63 31 2d 32 76 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 42 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 31 34 20 63 31 2d 72 20 63 31 2d 33 6b 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 6e 61 76 20 64 61 74 61 2d 75 78 3d 22 4e 61 76 22 20 64 61 74 61 2d 61 69 64 3d 22 48 Data Ascii: </div></div><div data-ux="Block" class="x-el x-el-div c1-1 c1-2 c1-14 c1-3i c1-12 c1-3j c1-2v c1-b c1-c c1-d c1-e c1-f c1-g"><div data-ux="Block" class="x-el x-el-div c1-1 c1-2 c1-14 c1-r c1-3k c1-b c1-c c1-d c1-e c1-f c1-g"><nav data-ux="Nav" data-aid="H
2025-01-12 00:41:17 UTC	10083	IN	Data Raw: 64 3d 22 43 4f 4e 54 45 4e 54 5f 44 45 53 43 52 49 50 54 49 4f 4e 32 5f 52 45 4e 44 45 52 45 44 22 20 64 61 74 61 2d 74 79 70 6f 67 72 61 70 68 79 3d 22 42 6f 64 79 41 6c 70 68 61 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 31 71 20 63 31 2d 31 65 20 63 31 2d 34 75 20 63 31 2d 31 35 20 63 31 2d 31 37 20 63 31 2d 37 39 20 63 31 2d 37 61 20 63 31 2d 37 62 20 63 31 2d 37 63 20 63 31 2d 37 64 20 63 31 2d 37 65 20 63 31 2d 37 66 20 63 31 2d 37 67 20 63 31 2d 37 68 20 63 31 2d 37 69 20 63 31 2d 37 6a 20 63 31 2d 37 6b 20 63 31 2d 37 6c 20 63 31 2d 37 6d 20 63 31 2d 37 6e 20 63 31 2d 37 6f 20 63 31 2d 37 70 20 63 31 2d 37 71 20 63 31 2d 37 72 20 63 31 2d 37 73 20 63 31 2d 37 74 20 63 31 2d 37 75 20 63 31 2d 37 76 20 63 31 2d Data Ascii: d="CONTENT_DESCRIPTION2_RENDERED" data-typography="BodyAlpha" class="x-el c1-1 c1-2 c1-1q c1-1e c1-4u c1-15 c1-17 c1-79 c1-7a c1-7b c1-7c c1-7d c1-7e c1-7f c1-7g c1-7h c1-7i c1-7j c1-7k c1-7l c1-7m c1-7n c1-7o c1-7p c1-7q c1-7r c1-7s c1-7t c1-7u c1-7v c1-

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:17 UTC	572	OUT	GET /manifest.webmanifest HTTP/1.1 Host: metamssk-luggiinn.godaddysites.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: manifest Referer: https://metamssk-luggiinn.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:17 UTC	739	IN	HTTP/1.1 200 OK Link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: application/manifest+json Vary: Accept-Encoding Server: DPS/2.0.0+sha-fcac51d X-Version: fcac51d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 30b5449518928d83494dc39b495cf6d7 Date: Sun, 12 Jan 2025 00:41:17 GMT Connection: close Transfer-Encoding: chunked
2025-01-12 00:41:17 UTC	545	IN	Data Raw: 32 31 35 0d 0a 7b 22 73 63 6f 70 65 22 3a 22 2f 22 2c 22 73 74 61 72 74 5f 75 72 6c 22 3a 22 2f 22 2c 22 64 69 73 70 6c 61 79 22 3a 22 73 74 61 6e 64 61 6c 6f 6e 65 22 2c 22 69 63 6f 6e 73 22 3a 5b 7b 22 73 69 7a 65 73 22 3a 22 31 39 32 78 31 39 32 22 2c 22 74 79 70 65 22 3a 22 69 6d 61 67 65 2f 70 6e 67 22 2c 22 73 72 63 22 3a 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 37 64 32 31 35 61 62 31 2d 32 39 32 32 2d 34 38 63 31 2d 39 30 36 39 2d 32 31 37 30 30 62 34 63 34 34 32 34 2f 66 61 76 69 63 6f 6e 2f 33 32 39 33 64 63 62 62 2d 39 39 64 31 2d 34 31 37 61 2d 39 31 30 35 2d 39 32 66 34 38 33 35 33 36 62 33 62 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 39 32 2c 68 3a 31 39 32 2c 6d 22 7d 2c 7b 22 73 69 7a 65 73 22 3a 22 Data Ascii: 215{"scope":"/","start_url":"/","display":"standalone","icons":[{"sizes":"192x192","type":"image/png","src":"//img1.wsimg.com/isteam/ip/7d215ab1-2922-48c1-9069-21700b4c4424/favicon/3293dcbb-99d1-417a-9105-92f483536b3b.png/:/rs=w:192,h:192,m"},{"sizes":"

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:18 UTC	660	OUT	GET /projects HTTP/1.1 Host: metamssk-luggiinn.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metamssk-luggiinn.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=8e2eea78-b987-48bd-9647-e29446fa10a3; _tccl_visit=8e2eea78-b987-48bd-9647-e29446fa10a3; _scc_session=pc=1&C_TOUCH=2025-01-12T00:41:10.445Z
2025-01-12 00:41:18 UTC	1443	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neILzCqgsI0mp9CNzoKmMw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-fcac51d X-Version: fcac51d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 4b59f2aeabd9f2179aa554b224026228 Date: Sun, 12 Jan 2025 00:41:18 GMT Connection: close Transfer-Encoding: chunked
2025-01-12 00:41:18 UTC	14941	IN	Data Raw: 31 30 62 62 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 37 64 32 31 35 61 62 31 2d 32 39 32 32 2d 34 38 63 31 2d 39 30 36 39 2d 32 31 37 30 30 62 34 63 34 34 32 34 2f 66 61 76 69 63 6f 6e 2f 33 32 39 33 64 63 62 62 2d 39 39 64 31 2d 34 31 37 61 2d 39 31 30 35 2d 39 32 66 34 38 33 35 33 36 62 33 62 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d Data Ascii: 10bbc<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/7d215ab1-2922-48c1-9069-21700b4c4424/favicon/3293dcbb-99d1-417a-9105-92f483536b3b.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com
2025-01-12 00:41:18 UTC	16384	IN	Data Raw: 78 2d 65 6c 2e 64 2d 6e 6f 6e 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 73 69 64 65 6c 69 6e 65 2d 66 6f 6f 74 65 72 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 61 75 74 6f 7d 2e 64 69 73 61 62 6c 65 2d 73 63 72 6f 6c 6c 7b 74 6f 75 63 68 2d 61 63 74 69 6f 6e 3a 6e 6f 6e 65 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 76 77 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 6c 6f 61 64 65 72 73 63 61 6c 65 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 3b 6f 70 61 63 69 74 79 3a 31 7d 34 35 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 2e 31 29 3b 6f 70 61 63 69 74 79 3a 2e 37 7d 38 30 25 7b 74 72 61 6e Data Ascii: x-el.d-none{display:none!important}.sideline-footer{margin-top:auto}.disable-scroll{touch-action:none;overflow:hidden;position:fixed;max-width:100vw}@-webkit-keyframes loaderscale{0%{transform:scale(1);opacity:1}45%{transform:scale(.1);opacity:.7}80%{tran
2025-01-12 00:41:18 UTC	16384	IN	Data Raw: 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 32 38 30 70 78 29 7b 2e 78 20 2e 63 31 2d 34 38 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 32 38 30 70 78 29 7b 2e 78 20 2e 63 31 2d 35 6c 7b 77 69 64 74 68 3a 31 31 36 30 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 32 38 30 70 78 29 7b 2e 78 20 2e 63 31 2d 61 34 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 7d 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 64 61 74 61 2d 67 6c 61 6d 6f 72 3d 22 63 78 73 2d 78 6c 2d 73 68 65 65 74 22 3e 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 35 33 36 70 78 29 7b 2e 78 20 2e 63 31 2d 67 7b 66 6f 6e 74 Data Ascii: ont-size:22px}}@media (min-width: 1280px){.x .c1-48{font-size:14px}}@media (min-width: 1280px){.x .c1-5l{width:1160px}}@media (min-width: 1280px){.x .c1-a4{font-size:12px}}</style><style data-glamor="cxs-xl-sheet">@media (min-width: 1536px){.x .c1-g{font
2025-01-12 00:41:19 UTC	16384	IN	Data Raw: 31 2d 34 34 20 63 31 2d 34 35 20 63 31 2d 34 36 20 63 31 2d 34 37 20 63 31 2d 34 38 20 63 31 2d 34 39 22 20 64 61 74 61 2d 74 63 63 6c 3d 22 75 78 32 2e 48 45 41 44 45 52 2e 68 65 61 64 65 72 39 2e 4e 61 76 2e 4d 6f 72 65 4d 65 6e 75 2e 4c 69 6e 6b 2e 44 65 66 61 75 6c 74 2e 33 34 32 37 38 30 2e 63 6c 69 63 6b 2c 63 6c 69 63 6b 22 3e 48 6f 6d 65 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 64 61 74 61 2d 75 78 3d 22 4c 69 73 74 49 74 65 6d 22 20 72 6f 6c 65 3d 22 6d 65 6e 75 69 74 65 6d 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 6c 69 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 33 70 20 63 31 2d 31 37 20 63 31 2d 33 79 20 63 31 2d 31 63 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 34 72 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e Data Ascii: 1-44 c1-45 c1-46 c1-47 c1-48 c1-49" data-tccl="ux2.HEADER.header9.Nav.MoreMenu.Link.Default.342780.click,click">Home</a></li><li data-ux="ListItem" role="menuitem" class="x-el x-el-li c1-1 c1-2 c1-3p c1-17 c1-3y c1-1c c1-b c1-c c1-4r c1-d c1-e c1-f c1-g">
2025-01-12 00:41:19 UTC	4461	IN	Data Raw: 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 47 72 69 64 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 31 34 20 63 31 2d 37 31 20 63 31 2d 37 32 20 63 31 2d 37 33 20 63 31 2d 31 35 20 63 31 2d 31 36 20 63 31 2d 31 37 20 63 31 2d 31 38 20 63 31 2d 31 32 20 63 31 2d 36 32 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 47 72 69 64 43 65 6c 6c 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 Data Ascii: " class="x-el x-el-div c1-1 c1-2 c1-b c1-c c1-d c1-e c1-f c1-g"><div data-ux="Grid" class="x-el x-el-div c1-1 c1-2 c1-14 c1-71 c1-72 c1-73 c1-15 c1-16 c1-17 c1-18 c1-12 c1-62 c1-b c1-c c1-d c1-e c1-f c1-g"><div data-ux="GridCell" class="x-el x-el-div c1-1

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:24 UTC	593	OUT	OPTIONS /accounts/7d215ab1-2922-48c1-9069-21700b4c4424/config HTTP/1.1 Host: api.ola.godaddy.com Connection: keep-alive Accept: / Access-Control-Request-Method: GET Access-Control-Request-Headers: content-type Origin: https://metamssk-luggiinn.godaddysites.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Referer: https://metamssk-luggiinn.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:24 UTC	454	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:41:24 GMT Content-Length: 0 Connection: close access-control-allow-origin: https://metamssk-luggiinn.godaddysites.com access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers: access-control-max-age: 7200 access-control-allow-credentials: true access-control-allow-headers: content-type Strict-Transport-Security: max-age=15724800; includeSubDomains

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (852)
Category:	dropped
Size (bytes):	919
Entropy (8bit):	5.236642015723828
Encrypted:	false
SSDEEP:	24:caBLoXaPXAH5NUM45cl2TxlBWJSqhPuQHrIYf:t8XyXA/UjmkTxjONrIY
MD5:	1CCD3C1052745E96CE686CC6F6143F10
SHA1:	0B19BB42233073967E22FE75572E12908E70A8C9
SHA-256:	F075FEFC90D97DA32D93AB7A2C9660A9D73B41A3B022497C8E6683CB6F98BF88
SHA-512:	0A274F4D70897638F9EC9F0A04D79C0BF6FA94E297A7938F773345395AC64F2CB87B9DA2D265DDC017C3AE0C16B88B207E8688110AE8A5E91FC662767D78587A
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-a2e90765.js",["exports"],(function(e){"use strict";function r(){return r=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])}return e},r.apply(this,arguments)}e._=function(e,r,t){return(r=function(e){var r=function(e,r){if("object"!=typeof e\|\|null===e)return e;var t=e[Symbol.toPrimitive];if(void 0!==t){var n=t.call(e,r\|\|"default");if("object"!=typeof n)return n;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===r?String:Number)(e)}(e,"string");return"symbol"==typeof r?r:String(r)}(r))in e?Object.defineProperty(e,r,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[r]=t,e},e.a=r})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-_rollupPluginBabelHelpers-a2e90765.js.map.

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1160x1741, components 3
Category:	dropped
Size (bytes):	336853
Entropy (8bit):	7.98019221130003
Encrypted:	false
SSDEEP:	6144:EeoLE16GPSXlbkdotRsK4Kr3Yqb5xydcT0K80E7SIqHmQVcMfgPPq9v91lm87WAg:EeoAoGMIdotWyNWuA0E7SIqtpfkPw7lC
MD5:	35F6B4F14B81B2B40B536C34EEDC402D
SHA1:	C92BCE2F247B158F217A1ABB9554B536A874F98A
SHA-256:	7CF94B3387BCBF110BB7297E2895695E8B4F2FD61E6BA3415CB061914825E049
SHA-512:	ABFF9CE3D16C2EBE5168F89CD32A5E81146D572511ECDE4847FA0987E87E55D2152090B406D2F02DBC2CE002C31203255297D1513376B7CDEB66BCEC851C2381
Malicious:	false
Reputation:	low
Preview:	......Exif..II...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100...........................................C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((..........."........................................V.........................!1A..Qa"q...2...#B..3Rbr.$....4C..%5S..&c.s..6D'7Td....EU.t...............................8......................!.1.A2Q.".aB.#3q.R..4C..$.Db................?.....$>.J.$_..Y.....$..#...g.I..X.u..d....[.W...wi..P9a.=..SI$.E.e..TI.V.:...1..v.x...w....h&2..^..l..8....;Pz.O.s.=.A.+.............k.x5..Bs.O.w...i.....UXW).=H.MF.a..r...+\|o..g?.5Il.......~.xmn...mbq.CRF.....Q...[..y..._5{0........$.X.(7...~G....O..u=.....9....Mbt....`(.%......&..y.....F.4.I.....s....oCO..+.x...,../.......~..E...6.....V...D.0.7...i..P.:...'.K.\.U...+..f....f...W..k.iA=.....^.......

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:25 UTC	683	OUT	GET /accounts/7d215ab1-2922-48c1-9069-21700b4c4424/config HTTP/1.1 Host: api.ola.godaddy.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: / sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/json;charset=UTF-8 Origin: https://metamssk-luggiinn.godaddysites.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metamssk-luggiinn.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:25 UTC	755	IN	HTTP/1.1 404 Not Found Date: Sun, 12 Jan 2025 00:41:25 GMT Content-Type: application/json; charset=utf-8 Content-Length: 29 Connection: close access-control-allow-origin: https://metamssk-luggiinn.godaddysites.com access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers: access-control-max-age: 7200 access-control-allow-credentials: true x-frame-options: SAMEORIGIN x-xss-protection: 0 x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin vary: Accept, Origin cache-control: no-cache x-request-id: 931377603c75cc4cf32c73ebf813288a x-runtime: 0.003928 Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-12 00:41:25 UTC	29	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 22 41 63 63 6f 75 6e 74 20 6e 6f 74 20 66 6f 75 6e 64 22 7d Data Ascii: {"error":"Account not found"}

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:25 UTC	550	OUT	OPTIONS /accounts HTTP/1.1 Host: api.ola.godaddy.com Connection: keep-alive Accept: / Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://metamssk-luggiinn.godaddysites.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Referer: https://metamssk-luggiinn.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:25 UTC	454	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:41:25 GMT Content-Length: 0 Connection: close access-control-allow-origin: https://metamssk-luggiinn.godaddysites.com access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers: access-control-max-age: 7200 access-control-allow-credentials: true access-control-allow-headers: content-type Strict-Transport-Security: max-age=15724800; includeSubDomains

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:26 UTC	660	OUT	POST /accounts HTTP/1.1 Host: api.ola.godaddy.com Connection: keep-alive Content-Length: 54 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: / Content-Type: application/json;charset=UTF-8 sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://metamssk-luggiinn.godaddysites.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metamssk-luggiinn.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:26 UTC	54	OUT	Data Raw: 7b 22 61 63 63 6f 75 6e 74 5f 75 69 64 22 3a 22 37 64 32 31 35 61 62 31 2d 32 39 32 32 2d 34 38 63 31 2d 39 30 36 39 2d 32 31 37 30 30 62 34 63 34 34 32 34 22 7d Data Ascii: {"account_uid":"7d215ab1-2922-48c1-9069-21700b4c4424"}
2025-01-12 00:41:26 UTC	758	IN	HTTP/1.1 401 Unauthorized Date: Sun, 12 Jan 2025 00:41:26 GMT Content-Type: application/json; charset=utf-8 Content-Length: 24 Connection: close access-control-allow-origin: https://metamssk-luggiinn.godaddysites.com access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers: access-control-max-age: 7200 access-control-allow-credentials: true x-frame-options: SAMEORIGIN x-xss-protection: 0 x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin vary: Accept, Origin cache-control: no-cache x-request-id: 10f32cd71bc63e11a651eb1553b9a711 x-runtime: 0.004667 Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-12 00:41:26 UTC	24	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 22 55 6e 61 75 74 68 6f 72 69 7a 65 64 22 7d Data Ascii: {"error":"Unauthorized"}

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:28 UTC	600	OUT	OPTIONS /v2/accounts/7d215ab1-2922-48c1-9069-21700b4c4424/categories HTTP/1.1 Host: api.ola.godaddy.com Connection: keep-alive Accept: / Access-Control-Request-Method: GET Access-Control-Request-Headers: content-type Origin: https://metamssk-luggiinn.godaddysites.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Referer: https://metamssk-luggiinn.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:28 UTC	454	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:41:28 GMT Content-Length: 0 Connection: close access-control-allow-origin: https://metamssk-luggiinn.godaddysites.com access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers: access-control-max-age: 7200 access-control-allow-credentials: true access-control-allow-headers: content-type Strict-Transport-Security: max-age=15724800; includeSubDomains

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:28 UTC	690	OUT	GET /v2/accounts/7d215ab1-2922-48c1-9069-21700b4c4424/categories HTTP/1.1 Host: api.ola.godaddy.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: / sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/json;charset=UTF-8 Origin: https://metamssk-luggiinn.godaddysites.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metamssk-luggiinn.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:28 UTC	755	IN	HTTP/1.1 404 Not Found Date: Sun, 12 Jan 2025 00:41:28 GMT Content-Type: application/json; charset=utf-8 Content-Length: 29 Connection: close access-control-allow-origin: https://metamssk-luggiinn.godaddysites.com access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers: access-control-max-age: 7200 access-control-allow-credentials: true x-frame-options: SAMEORIGIN x-xss-protection: 0 x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin vary: Accept, Origin cache-control: no-cache x-request-id: c54d568465501874cd0ef9f35e63543a x-runtime: 0.004814 Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-12 00:41:28 UTC	29	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 22 41 63 63 6f 75 6e 74 20 6e 6f 74 20 66 6f 75 6e 64 22 7d Data Ascii: {"error":"Account not found"}

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:30 UTC	623	OUT	GET /v3/recaptcha HTTP/1.1 Host: contact.apps-api.instantpage.secureserver.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://metamssk-luggiinn.godaddysites.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metamssk-luggiinn.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:30 UTC	300	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:41:30 GMT Content-Type: application/json; charset=utf-8 Content-Length: 54 Connection: close x-powered-by: Slay Access-Control-Allow-Origin: * ETag: W/"36-/JybxMl8Y5PwwWjo7fmcJSDGXLQ" Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-12 00:41:30 UTC	54	IN	Data Raw: 7b 22 73 69 74 65 4b 65 79 22 3a 22 36 4c 66 6a 73 70 67 55 41 41 41 41 41 42 73 62 6a 47 39 69 64 36 71 58 51 4b 5a 6b 71 62 36 5f 48 70 63 65 36 75 69 5f 22 7d Data Ascii: {"siteKey":"6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_"}

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:31 UTC	381	OUT	GET /v3/recaptcha HTTP/1.1 Host: contact.apps-api.instantpage.secureserver.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:31 UTC	300	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:41:31 GMT Content-Type: application/json; charset=utf-8 Content-Length: 54 Connection: close x-powered-by: Slay Access-Control-Allow-Origin: * ETag: W/"36-/JybxMl8Y5PwwWjo7fmcJSDGXLQ" Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-12 00:41:31 UTC	54	IN	Data Raw: 7b 22 73 69 74 65 4b 65 79 22 3a 22 36 4c 66 6a 73 70 67 55 41 41 41 41 41 42 73 62 6a 47 39 69 64 36 71 58 51 4b 5a 6b 71 62 36 5f 48 70 63 65 36 75 69 5f 22 7d Data Ascii: {"siteKey":"6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_"}

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:31 UTC	692	OUT	GET /recaptcha/api.js?render=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_ HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: / sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://metamssk-luggiinn.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:31 UTC	749	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Expires: Sun, 12 Jan 2025 00:41:31 GMT Date: Sun, 12 Jan 2025 00:41:31 GMT Cache-Control: private, max-age=300 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2025-01-12 00:41:31 UTC	641	IN	Data Raw: 35 62 63 0d 0a 2f 2a 20 50 4c 45 41 53 45 20 44 4f 20 4e 4f 54 20 43 4f 50 59 20 41 4e 44 20 50 41 53 54 45 20 54 48 49 53 20 43 4f 44 45 2e 20 2a 2f 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 77 3d 77 69 6e 64 6f 77 2c 43 3d 27 5f 5f 5f 67 72 65 63 61 70 74 63 68 61 5f 63 66 67 27 2c 63 66 67 3d 77 5b 43 5d 3d 77 5b 43 5d 7c 7c 7b 7d 2c 4e 3d 27 67 72 65 63 61 70 74 63 68 61 27 3b 76 61 72 20 67 72 3d 77 5b 4e 5d 3d 77 5b 4e 5d 7c 7c 7b 7d 3b 67 72 2e 72 65 61 64 79 3d 67 72 2e 72 65 61 64 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 66 29 7b 28 63 66 67 5b 27 66 6e 73 27 5d 3d 63 66 67 5b 27 66 6e 73 27 5d 7c 7c 5b 5d 29 2e 70 75 73 68 28 66 29 3b 7d 3b 77 5b 27 5f 5f 72 65 63 61 70 74 63 68 61 5f 61 70 69 27 5d 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 Data Ascii: 5bc/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.g
2025-01-12 00:41:31 UTC	834	IN	Data Raw: 59 66 66 78 72 4d 38 54 6d 5a 54 36 52 41 72 57 47 51 56 43 4a 30 4c 52 69 76 44 37 67 6c 63 41 55 41 41 41 43 51 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 32 64 76 62 32 64 73 5a 53 35 6a 62 32 30 36 4e 44 51 7a 49 69 77 69 5a 6d 56 68 64 48 56 79 5a 53 49 36 49 6b 52 70 63 32 46 69 62 47 56 55 61 47 6c 79 5a 46 42 68 63 6e 52 35 55 33 52 76 63 6d 46 6e 5a 56 42 68 63 6e 52 70 64 47 6c 76 62 6d 6c 75 5a 7a 49 69 4c 43 4a 6c 65 48 42 70 63 6e 6b 69 4f 6a 45 33 4e 44 49 7a 4e 44 49 7a 4f 54 6b 73 49 6d 6c 7a 55 33 56 69 5a 47 39 74 59 57 6c 75 49 6a 70 30 63 6e 56 6c 4c 43 4a 70 63 31 52 6f 61 58 4a 6b 55 47 46 79 64 48 6b 69 4f 6e 52 79 64 57 56 39 27 3b 69 66 28 76 26 26 76 2e 63 6f 6f 6b 69 65 44 65 70 72 65 63 61 74 69 Data Ascii: YffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecati
2025-01-12 00:41:31 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:33 UTC	993	OUT	GET /recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRhbXNzay1sdWdnaWlubi5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=nh09mt5duhvh HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://metamssk-luggiinn.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:34 UTC	1161	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Embedder-Policy: require-corp Report-To: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Sun, 12 Jan 2025 00:41:33 GMT Content-Security-Policy: script-src 'report-sample' 'nonce-z00q_NgXWnLisUf1VKIO5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Server: ESF X-XSS-Protection: 0 X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2025-01-12 00:41:34 UTC	229	IN	Data Raw: 35 37 37 65 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 3c 74 69 74 6c 65 3e 72 65 43 41 50 54 43 48 41 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 2f 2a 20 63 79 Data Ascii: 577e<!DOCTYPE HTML><html dir="ltr" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><title>reCAPTCHA</title><style type="text/css">/* cy
2025-01-12 00:41:34 UTC	1390	IN	Data Raw: 72 69 6c 6c 69 63 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6d 43 6e 71 45 75 39 32 46 72 31 4d 75 37 32 78 4b 4f 7a 59 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 34 36 30 2d 30 35 32 46 2c 20 55 2b 31 43 38 30 2d 31 43 38 41 2c 20 55 2b 32 30 42 34 2c 20 55 2b 32 44 45 30 2d 32 44 46 46 2c 20 55 2b 41 36 34 Data Ascii: rillic-ext */@font-face { font-family: 'Roboto'; font-style: normal; font-weight: 400; src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu72xKOzY.woff2) format('woff2'); unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A64
2025-01-12 00:41:34 UTC	1390	IN	Data Raw: 30 41 42 3b 0a 7d 0a 2f 2a 20 6c 61 74 69 6e 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6d 43 6e 71 45 75 39 32 46 72 31 4d 75 37 47 78 4b 4f 7a 59 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30 30 2d 30 32 42 41 2c 20 55 2b 30 32 42 44 2d 30 32 43 35 2c 20 55 2b 30 32 43 37 2d 30 32 43 43 2c 20 55 2b 30 32 Data Ascii: 0AB;}/* latin-ext */@font-face { font-family: 'Roboto'; font-style: normal; font-weight: 400; src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2) format('woff2'); unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02
2025-01-12 00:41:34 UTC	1390	IN	Data Raw: 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 35 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6c 43 6e 71 45 75 39 32 46 72 31 4d 6d 45 55 39 66 43 42 63 34 45 73 41 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 31 46 30 30 2d 31 46 46 46 3b 0a 7d 0a 2f 2a 20 67 72 65 65 6b 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 Data Ascii: font-style: normal; font-weight: 500; src: url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2) format('woff2'); unicode-range: U+1F00-1FFF;}/* greek */@font-face { font-family: 'Roboto'; font-style: normal; font-weight:
2025-01-12 00:41:34 UTC	1390	IN	Data Raw: 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 30 30 30 2d 30 30 46 46 2c 20 55 2b 30 31 33 31 2c 20 55 2b 30 31 35 32 2d 30 31 35 33 2c 20 55 2b 30 32 42 42 2d 30 32 42 43 2c 20 55 2b 30 32 43 36 2c 20 55 2b 30 32 44 41 2c 20 55 2b 30 32 44 43 2c 20 55 2b 30 33 30 34 2c 20 55 2b 30 33 30 38 2c 20 55 2b 30 33 32 39 2c 20 55 2b 32 30 30 30 2d 32 30 36 46 2c 20 55 2b 32 30 41 43 2c 20 55 2b 32 31 32 32 2c 20 55 2b 32 31 39 31 2c 20 55 2b 32 31 39 33 2c 20 55 2b 32 32 31 32 2c 20 55 2b 32 32 31 35 2c 20 55 2b 46 45 46 46 2c 20 55 2b 46 46 46 44 3b 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 Data Ascii: ormat('woff2'); unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;}/* cyrillic-ext */@font-face { font-family: '
2025-01-12 00:41:34 UTC	1390	IN	Data Raw: 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6c 43 6e 71 45 75 39 32 46 72 31 4d 6d 59 55 74 66 43 78 63 34 45 73 41 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30 32 2d 30 31 30 33 2c 20 55 2b 30 31 31 30 2d 30 31 31 31 2c 20 55 2b 30 31 32 38 2d 30 31 32 39 2c 20 55 2b 30 31 36 38 2d 30 31 36 39 2c 20 55 2b 30 31 41 30 2d 30 31 41 31 2c 20 55 2b 30 31 41 46 2d 30 31 42 30 2c 20 55 2b 30 33 30 30 2d 30 33 30 31 2c 20 55 2b 30 33 30 33 2d 30 33 30 34 2c 20 55 2b 30 33 30 38 2d 30 33 30 39 2c 20 55 2b 30 33 32 33 2c 20 55 2b 30 33 32 39 2c 20 55 2b 31 45 41 30 2d 31 45 46 39 2c 20 55 2b 32 30 41 42 3b 0a 7d 0a 2f 2a 20 6c 61 74 69 6e 2d 65 78 74 20 2a 2f 0a Data Ascii: /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfCxc4EsA.woff2) format('woff2'); unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;}/* latin-ext */
2025-01-12 00:41:34 UTC	1390	IN	Data Raw: 33 75 6a 35 56 70 6b 6e 76 74 5f 4c 6e 66 4e 62 46 2f 72 65 63 61 70 74 63 68 61 5f 5f 65 6e 2e 6a 73 22 20 6e 6f 6e 63 65 3d 22 7a 30 30 71 5f 4e 67 58 57 6e 4c 69 73 55 66 31 56 4b 49 4f 35 51 22 3e 0a 20 20 20 20 20 20 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 64 69 76 20 69 64 3d 22 72 63 2d 61 6e 63 68 6f 72 2d 61 6c 65 72 74 22 20 63 6c 61 73 73 3d 22 72 63 2d 61 6e 63 68 6f 72 2d 61 6c 65 72 74 22 3e 3c 2f 64 69 76 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 72 65 63 61 70 74 63 68 61 2d 74 6f 6b 65 6e 22 20 76 61 6c 75 65 3d 22 30 33 41 46 63 57 65 41 36 75 47 53 5a 30 6a 54 48 31 41 71 46 35 4a 61 65 5a 6b 32 6c 6f 4b 53 63 48 51 6e 30 4d 71 52 54 5a 32 78 54 34 5f Data Ascii: 3uj5Vpknvt_LnfNbF/recaptcha__en.js" nonce="z00q_NgXWnLisUf1VKIO5Q"> </script></head><body><div id="rc-anchor-alert" class="rc-anchor-alert"></div><input type="hidden" id="recaptcha-token" value="03AFcWeA6uGSZ0jTH1AqF5JaeZk2loKScHQn0MqRTZ2xT4_
2025-01-12 00:41:34 UTC	1390	IN	Data Raw: 44 5f 34 55 46 67 30 44 70 34 74 76 38 6e 33 51 5f 64 4c 37 6d 65 31 70 52 6f 30 67 74 79 39 2d 50 73 54 35 54 4b 6f 37 63 57 74 58 5a 49 4f 42 72 75 78 66 45 39 63 67 59 39 2d 63 58 75 6f 69 4e 55 54 75 45 4f 4c 48 7a 58 78 69 54 41 4c 35 48 36 53 38 6b 48 77 65 36 39 57 6a 72 78 79 63 4c 33 66 62 4b 44 30 58 51 44 5f 57 75 33 42 4f 48 66 31 30 2d 76 72 51 38 47 53 6a 6e 41 4b 79 2d 46 36 59 5a 75 56 4c 38 64 61 33 33 36 41 75 39 51 36 64 47 35 74 4d 63 53 4e 66 79 59 44 46 6c 62 4d 34 35 2d 35 52 6d 52 39 79 2d 55 6f 6f 67 45 4b 71 6f 4f 68 33 58 76 4f 47 72 59 72 61 51 68 44 66 79 48 55 55 47 4a 6c 66 6f 67 7a 4f 63 44 43 4c 6e 45 39 41 4f 4d 4d 4b 6a 73 41 4a 33 5f 30 6a 4d 74 64 72 7a 69 41 65 68 76 6b 54 34 72 64 65 53 45 44 73 43 48 73 67 53 43 4a Data Ascii: D_4UFg0Dp4tv8n3Q_dL7me1pRo0gty9-PsT5TKo7cWtXZIOBruxfE9cgY9-cXuoiNUTuEOLHzXxiTAL5H6S8kHwe69WjrxycL3fbKD0XQD_Wu3BOHf10-vrQ8GSjnAKy-F6YZuVL8da336Au9Q6dG5tMcSNfyYDFlbM45-5RmR9y-UoogEKqoOh3XvOGrYraQhDfyHUUGJlfogzOcDCLnE9AOMMKjsAJ3_0jMtdrziAehvkT4rdeSEDsCHsgSCJ
2025-01-12 00:41:34 UTC	1390	IN	Data Raw: 6c 6d 53 57 34 78 4e 57 56 45 56 30 35 6e 61 33 6c 78 65 44 68 35 64 32 31 42 4e 48 46 57 59 6c 64 52 52 30 64 55 65 54 63 72 63 31 6c 4e 61 58 52 4c 4f 54 4a 32 54 6d 70 4f 4f 47 56 4f 53 6d 68 4c 4d 48 56 30 63 31 64 4f 54 6a 4a 4e 54 56 67 30 4d 6e 46 45 52 7a 45 31 5a 46 4a 31 57 54 56 51 51 55 46 35 51 6b 77 7a 5a 30 74 4c 54 79 73 34 59 6d 34 34 54 46 4a 61 61 44 45 7a 65 56 6b 30 4e 6a 6c 54 65 54 64 48 53 69 39 4a 59 57 70 6c 64 44 6c 69 52 44 6c 6e 5a 58 4a 4c 53 6a 46 6e 54 79 39 34 61 48 5a 69 62 58 4a 46 54 31 55 72 5a 6a 68 73 56 57 6c 4b 62 55 35 58 63 32 64 70 51 6a 52 6d 54 6d 52 6f 51 6a 4e 68 56 33 5a 36 52 6c 5a 4e 62 33 55 72 59 33 4e 61 51 32 4d 31 57 46 70 76 65 6c 4e 76 63 6a 56 35 57 6b 4e 57 62 32 51 72 51 56 52 49 64 33 56 69 65 Data Ascii: lmSW4xNWVEV05na3lxeDh5d21BNHFWYldRR0dUeTcrc1lNaXRLOTJ2TmpOOGVOSmhLMHV0c1dOTjJNTVg0MnFERzE1ZFJ1WTVQQUF5QkwzZ0tLTys4Ym44TFJaaDEzeVk0NjlTeTdHSi9JYWpldDliRDlnZXJLSjFnTy94aHZibXJFT1UrZjhsVWlKbU5Xc2dpQjRmTmRoQjNhV3Z6RlZNb3UrY3NaQ2M1WFpvelNvcjV5WkNWb2QrQVRId3Vie
2025-01-12 00:41:34 UTC	1390	IN	Data Raw: 54 32 74 46 51 6c 5a 76 51 54 55 78 52 57 77 7a 5a 47 78 6f 5a 6a 4a 4c 53 46 56 35 59 56 70 76 52 6b 39 56 55 58 5a 49 65 46 63 31 59 6d 4a 77 54 6b 70 45 63 46 67 32 62 48 64 46 51 32 35 72 4c 30 6c 73 61 33 52 43 5a 55 56 35 53 30 4e 70 63 6a 68 52 65 44 46 76 57 47 4a 5a 65 6e 42 68 51 32 34 78 5a 32 39 77 56 31 42 4a 59 30 34 31 61 6b 74 77 62 57 52 44 62 32 4a 48 54 53 73 78 64 6d 70 47 54 57 70 48 4c 33 64 74 64 7a 4a 72 4e 7a 42 77 62 6d 64 6d 54 47 31 30 4e 58 52 47 4f 54 68 68 59 31 6c 69 57 6d 6f 7a 56 46 68 70 4e 6a 56 54 63 7a 68 6f 63 45 46 74 56 31 49 32 4f 56 49 78 53 54 45 79 4f 45 5a 56 4d 47 4a 50 61 48 55 31 61 47 5a 6c 65 56 70 32 52 47 31 56 54 55 78 45 4e 7a 56 56 4e 48 5a 6e 55 6e 6b 32 5a 44 45 35 52 6c 56 6d 4e 57 56 6a 5a 6a 4a Data Ascii: T2tFQlZvQTUxRWwzZGxoZjJLSFV5YVpvRk9VUXZIeFc1YmJwTkpEcFg2bHdFQ25rL0lsa3RCZUV5S0NpcjhReDFvWGJZenBhQ24xZ29wV1BJY041aktwbWRDb2JHTSsxdmpGTWpHL3dtdzJrNzBwbmdmTG10NXRGOThhY1liWmozVFhpNjVTczhocEFtV1I2OVIxSTEyOEZVMGJPaHU1aGZleVp2RG1VTUxENzVVNHZnUnk2ZDE5RlVmNWVjZjJ

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:36 UTC	875	OUT	GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: worker Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRhbXNzay1sdWdnaWlubi5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=nh09mt5duhvh Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:36 UTC	917	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Cross-Origin-Embedder-Policy: require-corp Report-To: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Expires: Sun, 12 Jan 2025 00:41:36 GMT Date: Sun, 12 Jan 2025 00:41:36 GMT Cache-Control: private, max-age=300 Cross-Origin-Resource-Policy: same-site Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2025-01-12 00:41:36 UTC	108	IN	Data Raw: 36 36 0d 0a 69 6d 70 6f 72 74 53 63 72 69 70 74 73 28 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 72 65 63 61 70 74 63 68 61 2f 72 65 6c 65 61 73 65 73 2f 7a 49 72 69 69 6a 6e 33 75 6a 35 56 70 6b 6e 76 74 5f 4c 6e 66 4e 62 46 2f 72 65 63 61 70 74 63 68 61 5f 5f 65 6e 2e 6a 73 27 29 3b 0d 0a Data Ascii: 66importScripts('https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js');
2025-01-12 00:41:36 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://metamssk-luggiinn.godaddysites.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 184

Chrome Cache Entry: 185

Chrome Cache Entry: 186

Chrome Cache Entry: 187

Chrome Cache Entry: 188

Chrome Cache Entry: 189

Chrome Cache Entry: 190

Chrome Cache Entry: 191

Chrome Cache Entry: 192

Chrome Cache Entry: 193

Chrome Cache Entry: 194

Chrome Cache Entry: 195

Chrome Cache Entry: 196

Chrome Cache Entry: 197

Chrome Cache Entry: 198

Chrome Cache Entry: 199

Chrome Cache Entry: 200

Chrome Cache Entry: 201

Chrome Cache Entry: 202

Chrome Cache Entry: 203

Chrome Cache Entry: 204

Chrome Cache Entry: 205

Chrome Cache Entry: 206

Chrome Cache Entry: 207

Chrome Cache Entry: 208

Chrome Cache Entry: 209

Chrome Cache Entry: 210

Windows Analysis Report
http://metamssk-luggiinn.godaddysites.com/

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:36 UTC	863	OUT	GET /js/bg/97uzgHxzdqXefmTg8wPeKCy4kla86q4zhj2nq_yidw0.js HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRhbXNzay1sdWdnaWlubi5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=nh09mt5duhvh Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:36 UTC	811	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs" Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} Content-Length: 18846 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Sat, 11 Jan 2025 17:20:08 GMT Expires: Sun, 11 Jan 2026 17:20:08 GMT Cache-Control: public, max-age=31536000 Last-Modified: Mon, 02 Dec 2024 19:00:00 GMT Content-Type: text/javascript Vary: Accept-Encoding Age: 26488 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2025-01-12 00:41:36 UTC	579	IN	Data Raw: 2f 2a 20 41 6e 74 69 2d 73 70 61 6d 2e 20 57 61 6e 74 20 74 6f 20 73 61 79 20 68 65 6c 6c 6f 3f 20 43 6f 6e 74 61 63 74 20 28 62 61 73 65 36 34 29 20 59 6d 39 30 5a 33 56 68 63 6d 51 74 59 32 39 75 64 47 46 6a 64 45 42 6e 62 32 39 6e 62 47 55 75 59 32 39 74 20 2a 2f 20 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6c 3d 66 75 6e 63 74 69 6f 6e 28 51 2c 41 29 7b 69 66 28 41 3d 28 51 3d 6e 75 6c 6c 2c 68 29 2e 74 72 75 73 74 65 64 54 79 70 65 73 2c 21 41 7c 7c 21 41 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 29 72 65 74 75 72 6e 20 51 3b 74 72 79 7b 51 3d 41 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 28 22 62 67 22 2c 7b 63 72 65 61 74 65 48 54 4d 4c 3a 46 2c 63 72 65 61 74 65 53 63 72 69 70 74 3a 46 2c 63 72 65 61 74 65 53 63 72 69 70 74 55 52 4c 3a 46 7d 29 7d Data Ascii: /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */ (function(){var l=function(Q,A){if(A=(Q=null,h).trustedTypes,!A\|\|!A.createPolicy)return Q;try{Q=A.createPolicy("bg",{createHTML:F,createScript:F,createScriptURL:F})}
2025-01-12 00:41:36 UTC	1390	IN	Data Raw: 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 27 2c 0a 27 2a 2f 27 2c 0a 27 76 61 72 20 51 34 3d 66 75 6e 63 74 69 6f 6e 28 51 2c 41 2c 68 2c 6e 2c 74 29 7b 66 6f 72 28 68 3d 28 6e 3d 68 5b 74 3d 30 2c 33 5d 7c 30 2c 68 5b 32 5d 7c 30 29 3b 74 3c 31 36 3b 74 2b 2b 29 51 3d 51 3e 3e 3e 38 7c 51 3c 3c 32 34 2c 51 2b 3d 41 7c 30 2c 51 5e 3d 68 2b 31 36 33 34 2c 41 3d 41 3c 3c 33 7c 41 3e 3e 3e 32 39 2c 6e 3d 6e 3e 3e 3e 38 7c 6e 3c 3c 32 34 2c 6e 2b 3d 68 7c 30 2c 6e 5e 3d 74 2b 31 36 33 34 2c 41 5e 3d 51 2c 68 3d 68 3c 3c 33 7c 68 3e 3e 3e 32 39 2c 68 5e 3d 6e 3b 72 65 74 75 72 6e 5b 41 3e 3e 3e 32 34 26 32 35 35 2c 41 3e 3e 3e 31 36 26 32 35 35 2c 41 3e 3e 3e 38 26 32 35 35 2c 41 3e 3e 3e 30 26 32 35 35 2c 51 3e Data Ascii: License-Identifier: Apache-2.0','*/','var Q4=function(Q,A,h,n,t){for(h=(n=h[t=0,3]\|0,h[2]\|0);t<16;t++)Q=Q>>>8\|Q<<24,Q+=A\|0,Q^=h+1634,A=A<<3\|A>>>29,n=n>>>8\|n<<24,n+=h\|0,n^=t+1634,A^=Q,h=h<<3\|h>>>29,h^=n;return[A>>>24&255,A>>>16&255,A>>>8&255,A>>>0&255,Q>
2025-01-12 00:41:36 UTC	1390	IN	Data Raw: 29 7b 69 66 28 51 2e 76 29 72 65 74 75 72 6e 20 42 6a 28 51 2c 51 2e 48 29 3b 72 65 74 75 72 6e 28 41 3d 79 28 51 2c 74 72 75 65 2c 38 29 2c 41 29 26 31 32 38 26 26 28 41 5e 3d 31 32 38 2c 51 3d 79 28 51 2c 74 72 75 65 2c 32 29 2c 41 3d 28 41 3c 3c 32 29 2b 28 51 7c 30 29 29 2c 41 7d 2c 72 43 3d 66 75 6e 63 74 69 6f 6e 28 51 2c 41 2c 68 2c 6e 2c 74 29 7b 69 66 28 28 74 3d 51 5b 30 5d 2c 74 29 3d 3d 77 43 29 41 2e 52 3d 74 72 75 65 2c 41 2e 76 4c 3d 32 35 2c 41 2e 56 28 51 29 3b 65 6c 73 65 20 69 66 28 74 3d 3d 50 29 7b 68 3d 51 5b 31 5d 3b 74 72 79 7b 6e 3d 41 2e 73 7c 7c 41 2e 56 28 51 29 7d 63 61 74 63 68 28 6c 29 7b 4d 28 41 2c 6c 29 2c 6e 3d 41 2e 73 7d 68 28 28 51 3d 41 2e 53 28 29 2c 6e 29 29 2c 41 2e 50 2b 3d 41 2e 53 28 29 2d 51 7d 65 6c 73 65 20 Data Ascii: ){if(Q.v)return Bj(Q,Q.H);return(A=y(Q,true,8),A)&128&&(A^=128,Q=y(Q,true,2),A=(A<<2)+(Q\|0)),A},rC=function(Q,A,h,n,t){if((t=Q[0],t)==wC)A.R=true,A.vL=25,A.V(Q);else if(t==P){h=Q[1];try{n=A.s\|\|A.V(Q)}catch(l){M(A,l),n=A.s}h((Q=A.S(),n)),A.P+=A.S()-Q}else
2025-01-12 00:41:36 UTC	1390	IN	Data Raw: 2d 20 2d 31 38 35 2a 6e 2a 6c 2b 64 2b 33 37 2a 6c 2a 6c 2c 6c 3d 76 6f 69 64 20 30 2c 41 5b 65 5d 29 2c 41 5b 28 64 2b 35 33 26 37 29 2b 28 68 26 32 29 5d 3d 65 2c 41 5b 64 2b 28 68 26 32 29 5d 3d 2d 35 2c 65 7d 2c 74 7d 2c 54 6c 3d 66 75 6e 63 74 69 6f 6e 28 51 2c 41 2c 68 29 7b 69 66 28 51 2e 6c 65 6e 67 74 68 3d 3d 33 29 7b 66 6f 72 28 68 3d 30 3b 68 3c 33 3b 68 2b 2b 29 41 5b 68 5d 2b 3d 51 5b 68 5d 3b 66 6f 72 28 51 3d 5b 31 33 2c 38 2c 31 33 2c 31 32 2c 31 36 2c 35 2c 33 2c 31 30 2c 31 35 5d 2c 68 3d 30 3b 68 3c 39 3b 68 2b 2b 29 41 5b 33 5d 28 41 2c 68 25 33 2c 51 5b 68 5d 29 7d 7d 2c 69 39 3d 66 75 6e 63 74 69 6f 6e 28 51 2c 41 2c 68 2c 6e 2c 74 2c 6c 29 7b 69 66 28 21 41 2e 73 29 7b 41 2e 59 2b 2b 3b 74 72 79 7b 66 6f 72 28 6c 3d 28 68 3d 41 2e Data Ascii: - -185nl+d+37ll,l=void 0,A[e]),A[(d+53&7)+(h&2)]=e,A[d+(h&2)]=-5,e},t},Tl=function(Q,A,h){if(Q.length==3){for(h=0;h<3;h++)A[h]+=Q[h];for(Q=[13,8,13,12,16,5,3,10,15],h=0;h<9;h++)A[3](A,h%3,Q[h])}},i9=function(Q,A,h,n,t,l){if(!A.s){A.Y++;try{for(l=(h=A.
2025-01-12 00:41:36 UTC	1390	IN	Data Raw: 37 37 3b 65 2b 2b 29 64 5b 65 5d 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 65 29 3b 69 66 28 28 6c 2e 61 37 3d 28 6c 2e 66 6f 3d 66 61 6c 73 65 2c 6c 2e 71 6a 3d 28 6c 2e 46 68 3d 30 2c 6c 2e 6f 37 3d 66 75 6e 63 74 69 6f 6e 28 46 29 7b 74 68 69 73 2e 46 3d 46 7d 2c 6c 2e 48 3d 76 6f 69 64 20 30 2c 6c 2e 41 3d 28 6c 2e 76 4c 3d 28 6c 2e 64 4e 3d 5b 5d 2c 6c 2e 4c 3d 76 6f 69 64 20 30 2c 6c 2e 47 3d 5b 5d 2c 28 6c 2e 44 3d 30 2c 28 6c 2e 58 3d 30 2c 6c 29 2e 49 37 3d 28 6c 2e 6d 67 3d 30 2c 6c 2e 6c 3d 28 6c 2e 6a 3d 5b 5d 2c 6c 2e 54 3d 76 6f 69 64 20 30 2c 5b 5d 29 2c 6c 2e 49 3d 5b 5d 2c 5b 5d 29 2c 6c 29 2e 68 4e 3d 28 6c 2e 43 3d 66 61 6c 73 65 2c 6c 2e 46 3d 6c 2c 6c 2e 4e 6a 3d 76 6f 69 64 20 30 2c 6c 2e 4c 6f 3d 66 61 6c 73 65 Data Ascii: 77;e++)d[e]=String.fromCharCode(e);if((l.a7=(l.fo=false,l.qj=(l.Fh=0,l.o7=function(F){this.F=F},l.H=void 0,l.A=(l.vL=(l.dN=[],l.L=void 0,l.G=[],(l.D=0,(l.X=0,l).I7=(l.mg=0,l.l=(l.j=[],l.T=void 0,[]),l.I=[],[]),l).hN=(l.C=false,l.F=l,l.Nj=void 0,l.Lo=false
2025-01-12 00:41:36 UTC	1390	IN	Data Raw: 2c 42 2e 6f 29 29 2c 46 2e 58 3d 46 2e 53 28 29 29 7d 2c 6c 2c 28 53 28 32 32 32 2c 28 47 28 28 47 28 66 75 6e 63 74 69 6f 6e 28 46 2c 42 2c 77 29 7b 4f 28 28 42 3d 59 28 28 77 3d 59 28 46 29 2c 46 29 29 2c 42 3d 4f 28 42 2c 46 29 2c 77 29 2c 46 29 21 3d 30 26 26 53 28 35 32 2c 46 2c 42 29 7d 2c 28 53 28 33 37 32 2c 28 47 28 28 47 28 66 75 6e 63 74 69 6f 6e 28 46 2c 42 2c 77 2c 55 29 7b 53 28 28 55 3d 28 42 3d 59 28 46 29 2c 4e 28 46 29 29 2c 77 3d 59 28 46 29 2c 77 29 2c 46 2c 4f 28 42 2c 46 29 3e 3e 3e 55 29 7d 2c 28 53 28 35 30 38 2c 6c 2c 5b 30 2c 30 2c 28 47 28 66 75 6e 63 74 69 6f 6e 28 46 2c 42 2c 77 2c 55 29 7b 28 42 3d 59 28 28 77 3d 28 55 3d 59 28 46 29 2c 59 29 28 46 29 2c 46 29 29 2c 46 2e 46 29 3d 3d 46 26 26 28 42 3d 4f 28 42 2c 46 29 2c 77 Data Ascii: ,B.o)),F.X=F.S())},l,(S(222,(G((G(function(F,B,w){O((B=Y((w=Y(F),F)),B=O(B,F),w),F)!=0&&S(52,F,B)},(S(372,(G((G(function(F,B,w,U){S((U=(B=Y(F),N(F)),w=Y(F),w),F,O(B,F)>>>U)},(S(508,l,[0,0,(G(function(F,B,w,U){(B=Y((w=(U=Y(F),Y)(F),F)),F.F)==F&&(B=O(B,F),w
2025-01-12 00:41:36 UTC	1390	IN	Data Raw: 3d 5b 5d 3b 72 2d 2d 3b 29 52 2e 70 75 73 68 28 4f 28 59 28 46 29 2c 46 29 29 3b 47 28 66 75 6e 63 74 69 6f 6e 28 57 2c 4c 2c 44 2c 4f 65 2c 6b 29 7b 66 6f 72 28 4c 3d 28 4f 65 3d 28 44 3d 30 2c 5b 5d 29 2c 5b 5d 29 3b 44 3c 67 3b 44 2b 2b 29 7b 69 66 28 21 55 5b 6b 3d 56 5b 44 5d 2c 44 5d 29 7b 66 6f 72 28 3b 6b 3e 3d 4c 2e 6c 65 6e 67 74 68 3b 29 4c 2e 70 75 73 68 28 59 28 57 29 29 3b 6b 3d 4c 5b 6b 5d 7d 4f 65 2e 70 75 73 68 28 6b 29 7d 57 2e 48 3d 28 57 2e 76 3d 75 39 28 52 2e 73 6c 69 63 65 28 29 2c 57 29 2c 75 39 28 4f 65 2c 57 29 29 7d 2c 46 2c 4b 29 7d 2c 28 28 53 28 35 32 2c 6c 2c 28 6c 2e 63 70 6e 71 6a 6e 3d 28 28 28 6c 2e 6c 61 61 6e 74 66 3d 5b 5d 2c 6c 29 2e 6b 75 79 64 71 73 3d 5b 5d 2c 6c 29 2e 62 67 6f 64 6e 64 3d 30 2c 22 22 29 2c 6c 2e Data Ascii: =[];r--;)R.push(O(Y(F),F));G(function(W,L,D,Oe,k){for(L=(Oe=(D=0,[]),[]);D<g;D++){if(!U[k=V[D],D]){for(;k>=L.length;)L.push(Y(W));k=L[k]}Oe.push(k)}W.H=(W.v=u9(R.slice(),W),u9(Oe,W))},F,K)},((S(52,l,(l.cpnqjn=(((l.laantf=[],l).kuydqs=[],l).bgodnd=0,""),l.
2025-01-12 00:41:36 UTC	1390	IN	Data Raw: 29 2c 63 28 5b 4e 46 2c 68 5d 2c 6c 29 2c 6c 29 2c 74 72 75 65 2c 74 72 75 65 29 7d 2c 54 3d 66 75 6e 63 74 69 6f 6e 28 51 2c 41 2c 68 2c 6e 29 7b 66 6f 72 28 6e 3d 28 68 3d 5b 5d 2c 41 7c 30 29 2d 31 3b 6e 3e 3d 30 3b 6e 2d 2d 29 68 5b 28 41 7c 30 29 2d 31 2d 28 6e 7c 30 29 5d 3d 51 3e 3e 6e 2a 38 26 32 35 35 3b 72 65 74 75 72 6e 20 68 7d 2c 50 6a 3d 66 75 6e 63 74 69 6f 6e 28 51 2c 41 29 7b 69 66 28 21 28 41 3d 28 51 3d 45 2e 74 72 75 73 74 65 64 54 79 70 65 73 2c 6e 75 6c 6c 29 2c 51 29 7c 7c 21 51 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 29 72 65 74 75 72 6e 20 41 3b 74 72 79 7b 41 3d 51 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 28 22 62 67 22 2c 7b 63 72 65 61 74 65 48 54 4d 4c 3a 4c 6a 2c 63 72 65 61 74 65 53 63 72 69 70 74 3a 4c 6a 2c 63 72 65 61 74 65 Data Ascii: ),c([NF,h],l),l),true,true)},T=function(Q,A,h,n){for(n=(h=[],A\|0)-1;n>=0;n--)h[(A\|0)-1-(n\|0)]=Q>>n*8&255;return h},Pj=function(Q,A){if(!(A=(Q=E.trustedTypes,null),Q)\|\|!Q.createPolicy)return A;try{A=Q.createPolicy("bg",{createHTML:Lj,createScript:Lj,create
2025-01-12 00:41:36 UTC	1390	IN	Data Raw: 3d 21 68 2e 5a 2e 6c 65 6e 67 74 68 3b 63 28 64 2c 68 29 2c 46 26 26 71 28 68 2c 66 61 6c 73 65 2c 66 61 6c 73 65 29 7d 65 6c 73 65 20 65 3d 72 43 28 64 2c 68 29 3b 72 65 74 75 72 6e 20 65 7d 74 26 26 6c 26 26 74 2e 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 6c 2c 70 2c 7a 29 7d 7d 72 65 74 75 72 6e 20 70 7d 2c 44 65 3d 66 75 6e 63 74 69 6f 6e 28 51 2c 41 29 7b 28 41 2e 70 75 73 68 28 51 5b 30 5d 3c 3c 32 34 7c 51 5b 31 5d 3c 3c 31 36 7c 51 5b 32 5d 3c 3c 38 7c 51 5b 33 5d 29 2c 41 2e 70 75 73 68 28 51 5b 34 5d 3c 3c 32 34 7c 51 5b 35 5d 3c 3c 31 36 7c 51 5b 36 5d 3c 3c 38 7c 51 5b 37 5d 29 2c 41 29 2e 70 75 73 68 28 51 5b 38 5d 3c 3c 32 34 7c 51 5b 39 5d 3c 3c 31 36 7c 51 5b 31 30 5d 3c 3c 38 7c 51 5b 31 31 5d 29 7d 2c 63 6a 3d 66 75 6e Data Ascii: =!h.Z.length;c(d,h),F&&q(h,false,false)}else e=rC(d,h);return e}t&&l&&t.removeEventListener(l,p,z)}}return p},De=function(Q,A){(A.push(Q[0]<<24\|Q[1]<<16\|Q[2]<<8\|Q[3]),A.push(Q[4]<<24\|Q[5]<<16\|Q[6]<<8\|Q[7]),A).push(Q[8]<<24\|Q[9]<<16\|Q[10]<<8\|Q[11])},cj=fun
2025-01-12 00:41:36 UTC	1390	IN	Data Raw: 56 34 28 28 65 7c 30 29 2b 34 2c 74 29 2c 56 34 28 65 2c 74 29 2c 64 29 7d 63 61 74 63 68 28 42 29 7b 74 68 72 6f 77 20 42 3b 7d 7d 74 2e 70 75 73 68 28 74 2e 75 24 5b 46 26 37 5d 5e 70 29 7d 2c 6c 3d 4f 28 35 30 38 2c 68 29 29 3a 51 3d 66 75 6e 63 74 69 6f 6e 28 70 29 7b 74 2e 70 75 73 68 28 70 29 7d 2c 6e 26 26 51 28 6e 26 32 35 35 29 2c 68 3d 30 2c 6e 3d 41 2e 6c 65 6e 67 74 68 3b 68 3c 6e 3b 68 2b 2b 29 51 28 41 5b 68 5d 29 7d 2c 6a 74 3d 66 75 6e 63 74 69 6f 6e 28 51 2c 41 29 7b 72 65 74 75 72 6e 20 62 5b 51 5d 28 62 2e 70 72 6f 74 6f 74 79 70 65 2c 7b 70 6f 70 3a 41 2c 72 65 70 6c 61 63 65 3a 41 2c 70 61 72 65 6e 74 3a 41 2c 73 70 6c 69 63 65 3a 41 2c 6c 65 6e 67 74 68 3a 41 2c 70 72 6f 74 6f 74 79 70 65 3a 41 2c 66 6c 6f 6f 72 3a 41 2c 70 72 6f 70 Data Ascii: V4((e\|0)+4,t),V4(e,t),d)}catch(B){throw B;}}t.push(t.u$[F&7]^p)},l=O(508,h)):Q=function(p){t.push(p)},n&&Q(n&255),h=0,n=A.length;h<n;h++)Q(A[h])},jt=function(Q,A){return b[Q](b.prototype,{pop:A,replace:A,parent:A,splice:A,length:A,prototype:A,floor:A,prop

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:41:37 UTC	495	OUT	GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiVocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:41:37 UTC	917	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Cross-Origin-Embedder-Policy: require-corp Report-To: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Expires: Sun, 12 Jan 2025 00:41:37 GMT Date: Sun, 12 Jan 2025 00:41:37 GMT Cache-Control: private, max-age=300 Cross-Origin-Resource-Policy: same-site Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2025-01-12 00:41:37 UTC	108	IN	Data Raw: 36 36 0d 0a 69 6d 70 6f 72 74 53 63 72 69 70 74 73 28 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 72 65 63 61 70 74 63 68 61 2f 72 65 6c 65 61 73 65 73 2f 7a 49 72 69 69 6a 6e 33 75 6a 35 56 70 6b 6e 76 74 5f 4c 6e 66 4e 62 46 2f 72 65 63 61 70 74 63 68 61 5f 5f 65 6e 2e 6a 73 27 29 3b 0d 0a Data Ascii: 66importScripts('https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js');
2025-01-12 00:41:37 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Target ID:	0
Start time:	19:40:54
Start date:	11/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Target ID:	2
Start time:	19:40:57
Start date:	11/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2572 --field-trial-handle=2424,i,18189076913938515598,7757017181598413240,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Target ID:	3
Start time:	19:41:03
Start date:	11/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://metamssk-luggiinn.godaddysites.com/"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Description:	Adversaries may abuse Internet browser extensions to establish persistent access to victim systems. Browser extensions or plugins are small programs that can add functionality and customize aspects of Internet browsers. They can be installed directly or through a browser's app store and generally have access and permissions to everything that the browser can access.
Tactics:	Persistence
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Process: Process Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre