Edit tour

Windows Analysis Report
http://meittaammasskei-loogge.godaddysites.com/

Overview

General Information

Sample URL:	http://meittaammasskei-loogge.godaddysites.com/
Analysis ID:	1589362
Infos:

Detection

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

AI detected suspicious URL

HTML title does not match URL

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64

chrome.exe (PID: 1496 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2668 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 --field-trial-handle=2068,i,6008844797219477938,1681451580983266432,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5536 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://meittaammasskei-loogge.godaddysites.com/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://meittaammasskei-loogge.godaddysites.com/

Avira URL Cloud: detection malicious, Label: phishing

Antivirus detection for URL or domain

Source: https://meittaammasskei-loogge.godaddysites.com/sw.js	Avira URL Cloud: Label: phishing
Source: https://meittaammasskei-loogge.godaddysites.com/manifest.webmanifest	Avira URL Cloud: Label: phishing

Phishing

AI detected suspicious URL

Source: URL	Joe Sandbox AI: AI detected Brand spoofing attempt in URL: http://meittaammasskei-loogge.godaddysites.com
Source: URL	Joe Sandbox AI: AI detected Typosquatting in URL: http://meittaammasskei-loogge.godaddysites.com

Source: https://meittaammasskei-loogge.godaddysites.com/

HTTP Parser: Title: Metmask Login does not match URL

Source: https://meittaammasskei-loogge.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://meittaammasskei-loogge.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://meittaammasskei-loogge.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: meittaammasskei-loogge.godaddysites.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: meittaammasskei-loogge.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://meittaammasskei-loogge.godaddysites.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda; _tccl_visit=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda; _scc_session=pc=1&C_TOUCH=2025-01-12T00:45:09.045Z
Source: global traffic	HTTP traffic detected: GET /manifest.webmanifest HTTP/1.1Host: meittaammasskei-loogge.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://meittaammasskei-loogge.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: meittaammasskei-loogge.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://meittaammasskei-loogge.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda; _tccl_visit=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda; _scc_session=pc=1&C_TOUCH=2025-01-12T00:45:09.045Z
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: meittaammasskei-loogge.godaddysites.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: meittaammasskei-loogge.godaddysites.com
Source: global traffic	DNS traffic detected: DNS query: img1.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: isteam.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: events.api.secureserver.net
Source: global traffic	DNS traffic detected: DNS query: csp.secureserver.net

Source: chromecache_109.2.dr, chromecache_121.2.dr, chromecache_152.2.dr, chromecache_136.2.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_110.2.dr	String found in binary or memory: http://scripts.sil.org/OFL
Source: chromecache_110.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)
Source: chromecache_110.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2)
Source: chromecache_110.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)
Source: chromecache_110.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)
Source: chromecache_110.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2)
Source: chromecache_110.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2)
Source: chromecache_110.2.dr	String found in binary or memory: https://img1.wsimg.com/isteam/stock/107927
Source: chromecache_110.2.dr	String found in binary or memory: https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc
Source: chromecache_110.2.dr	String found in binary or memory: https://meittaammasskei-loogge.godaddysites.com/
Source: chromecache_110.2.dr	String found in binary or memory: https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applica

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712

Source: classification engine

Classification label: mal60.win@17/117@18/6

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 --field-trial-handle=2068,i,6008844797219477938,1681451580983266432,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://meittaammasskei-loogge.godaddysites.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 --field-trial-handle=2068,i,6008844797219477938,1681451580983266432,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://meittaammasskei-loogge.godaddysites.com/	100%	Avira URL Cloud	phishing

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://meittaammasskei-loogge.godaddysites.com/sw.js	100%	Avira URL Cloud	phishing
https://meittaammasskei-loogge.godaddysites.com/manifest.webmanifest	100%	Avira URL Cloud	phishing

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
meittaammasskei-loogge.godaddysites.com	13.248.243.5	true	true	unknown
www.google.com	216.58.206.36	true	false	high
isteam.wsimg.com	18.192.130.3	true	false	high
img1.wsimg.com	unknown	unknown	false	high
csp.secureserver.net	unknown	unknown	false	high
events.api.secureserver.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://meittaammasskei-loogge.godaddysites.com/	true		unknown
https://meittaammasskei-loogge.godaddysites.com/sw.js	false	Avira URL Cloud: phishing	unknown
https://meittaammasskei-loogge.godaddysites.com/manifest.webmanifest	false	Avira URL Cloud: phishing	unknown
https://meittaammasskei-loogge.godaddysites.com/	false		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Reputation
https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2)	chromecache_110.2.dr	false	high
https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2)	chromecache_110.2.dr	false	high
https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)	chromecache_110.2.dr	false	high
https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc	chromecache_110.2.dr	false	high
https://img1.wsimg.com/isteam/stock/107927	chromecache_110.2.dr	false	high
https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)	chromecache_110.2.dr	false	high
https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2)	chromecache_110.2.dr	false	high
https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applica	chromecache_110.2.dr	false	high
http://scripts.sil.org/OFL	chromecache_110.2.dr	false	high
https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)	chromecache_110.2.dr	false	high
http://jedwatson.github.io/classnames	chromecache_109.2.dr, chromecache_121.2.dr, chromecache_152.2.dr, chromecache_136.2.dr	false	high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.248.243.5	meittaammasskei-loogge.godaddysites.com	United States	16509	AMAZON-02US	true
216.58.206.36	www.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
18.192.130.3	isteam.wsimg.com	United States	16509	AMAZON-02US	false

Private

IP
192.168.2.6
192.168.2.5

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1589362
Start date and time:	2025-01-12 01:44:04 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 15s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://meittaammasskei-loogge.godaddysites.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal60.win@17/117@18/6
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.35, 142.250.184.206, 64.233.166.84, 172.217.18.99, 216.58.206.46, 142.250.181.238, 216.58.206.78, 216.58.212.170, 142.250.185.67, 95.100.110.77, 95.100.110.86, 199.232.214.172, 192.229.221.95, 2.18.64.8, 2.18.64.27, 104.102.33.222, 2.23.227.198, 2.23.227.202, 142.250.184.238, 142.250.181.227, 172.217.16.206, 2.23.242.162, 172.202.163.200, 13.107.246.45, 23.1.237.91
Excluded domains from analysis (whitelisted): e8843.dsca.akamaiedge.net, www.bing.com, fonts.googleapis.com, e40258.g.akamaiedge.net, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, otelrules.azureedge.net, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, wildcard-sni-only.api.secureserver.net.edgekey.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, e64861.dsca.akamaiedge.net, clients.l.google.com, global-wildcard.wsimg.com.sni-only.edgekey.net, csp.secureserver.net.edgekey.net
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: http://meittaammasskei-loogge.godaddysites.com/

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: http://meittaammasskei-loogge.godaddysites.com Model: Joe Sandbox AI	{ "typosquatting": true, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": true, "malicious_keywords": true, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": false, "brand_spoofing_attempt": true, "third_party_hosting": true }
URL: http://meittaammasskei-loogge.godaddysites.com
URL: https://meittaammasskei-loogge.godaddysites.com/... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The script checks for the presence of certain browser features and, if they are not available, loads a polyfill script from a third-party domain. This is a common practice to ensure compatibility across different browsers and is not inherently malicious. However, the use of `document.write()` to inject the script is considered a legacy practice and could potentially cause issues in some cases." }
"IntersectionObserver"in window&&"Intl"in window&&"Locale"in window.Intl\|\|document.write(`\x3Cscript src="https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~locale.en-US">\x3C/script>`)
URL: https://meittaammasskei-loogge.godaddysites.com/ Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Accept", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://meittaammasskei-loogge.godaddysites.com/ Model: Joe Sandbox AI	{ "brands": [ "Metamask" ] }
	{ "brands": [ "Metamask" ] }
URL: https://meittaammasskei-loogge.godaddysites.com/ Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://meittaammasskei-loogge.godaddysites.com/ Model: Joe Sandbox AI	{ "brands": [ "Metamask" ] }
	{ "brands": [ "Metamask" ] }

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Jan 11 23:45:00 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.978825056311583
Encrypted:	false
SSDEEP:	48:8edEToE2HQidAKZdA19ehwiZUklqehEJy+3:8JfR/y
MD5:	95E808D16524FAD79DB6AE9E3C75F23E
SHA1:	93CD4160AFDE00A063CB24E5AFBFFABE6225B4F9
SHA-256:	69027E7316F32F4113886C9413148F0974F60B85A3204344B2EBD50329BC6CCE
SHA-512:	095E570E8D2012931087E399A6E8D16450F66498A120A85E06D6A7C7FDFFAEF041DA4FB9F657BFDA0C0B863554E76600B94897993E34502E0EA8D90C63C2FF98
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....a.5.d..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I,Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V,Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V,Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V,Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V,Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............j.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Jan 11 23:45:00 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9958556510815284
Encrypted:	false
SSDEEP:	48:8sdEToE2HQidAKZdA1weh/iZUkAQkqeh1Jy+2:8Lfj9QKy
MD5:	8E46E7AF91F84E51BD3C1233D1EF3499
SHA1:	E3C372795838D0FF3ACDC198C03C008C7D8ED06B
SHA-256:	07A128E9E16679359F487508A0FEE62EB3347B2C6025AF7E745338511991C7A6
SHA-512:	7DE6A9C5A3B4C773ADC7B62459D8E0BA88CA76082F4B40C1D5DDBDB009EF023E41A4471C57C456D0A5C675621727946FDA2DE73D72A0206A58A6215401AFC9B6
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......5.d..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I,Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V,Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V,Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V,Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V,Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............j.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.007889672389851
Encrypted:	false
SSDEEP:	48:8xldEToEsHQidAKZdA14tseh7sFiZUkmgqeh7s/Jy+BX:8xcfZnDy
MD5:	EEE58DE16E8724C94E7D60080E956AD6
SHA1:	92B9C048D1BDD232CA22DB6305A3FDF11907FCA7
SHA-256:	9834B503F94B310BAFAA6A149FAA34BF9E4156226F3E1AA3DCEC52B3FD2407A1
SHA-512:	40CC1AD46CD85A0C94306757429D52E4DE76BDF2BA96BC70FB26A66BF937F2CF02640D12A614EB7EBF16571A0070F1E7629997CB8709294BBB8A31774BF1A682
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I,Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V,Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V,Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V,Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............j.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Jan 11 23:44:59 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.995772698634131
Encrypted:	false
SSDEEP:	48:8fTdEToE2HQidAKZdA1vehDiZUkwqeh5Jy+R:8OfAZy
MD5:	4CE8E323A4B00727380ADBF80C9D8EDA
SHA1:	04950FDF501F9AE196EE09936C8EC021BD479B91
SHA-256:	4D728A860717D5ABE73FB66159A608D6B8FA8AB36673264EC0CF3734A75F2C2F
SHA-512:	D6004F9210BB84F0E7D3E46C26D7841B0D78EF86662349747D6A3EA0C7D814D03BA3F5002B13D4AE78961E5CAB7B95A8BF07C47D66EBD83376B90556DE8BCA4D
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......5.d..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I,Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V,Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V,Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V,Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V,Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............j.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Jan 11 23:45:00 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.982675645271714
Encrypted:	false
SSDEEP:	48:8IdEToE2HQidAKZdA1hehBiZUk1W1qehbJy+C:8Pfg91y
MD5:	CEF44E82C240DDA382B7AFCC9F5154DD
SHA1:	60C3EA9288FD1E331ED75253CC061D33409D3063
SHA-256:	FD49450745A7CE84BC32A162264901787CD00A78FA44D57489E0C1C197D746BA
SHA-512:	D4C070F4BBA3689AD9B82AD91C1822E45A279F6DBDD95AF977E0475858BB504D359F31B76CBE402841A258331A990A75694EB8F228C709BB787E4A5DBA91A511
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....:.5.d..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I,Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V,Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V,Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V,Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V,Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............j.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat Jan 11 23:44:59 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.9946371303906085
Encrypted:	false
SSDEEP:	48:8wdEToE2HQidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbhJy+yT+:8XfuT/TbxWOvTbDy7T
MD5:	EFCFA105F89D99C41199701462CF9B08
SHA1:	F033F7FC5E14DE9DCAE9EDC6D8D1E12D0B355C1B
SHA-256:	3F1F5221C05D4AF6AFE226ABCC57BE3ECF95FBE5AC4E349EDDCFCCD6B94A779C
SHA-512:	F670903AA2ADA8136DB17400EC0BE16B5B8582CE7DC75A2A2B35D99C3CA822327DB7CFD673854707ED8EB8C69D824D6BA7F9EB522A0C36C810BA1DAFDC31F17E
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....p..5.d..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I,Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V,Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V,Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V,Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V,Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............j.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 100

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32986), with no line terminators
Category:	downloaded
Size (bytes):	32986
Entropy (8bit):	5.235044369215304
Encrypted:	false
SSDEEP:	768:8QMz7Xi7utc79QusIPgexnKnPxPC7JWU/VHeLNsiQk/c4ur2McV2xdnGYeCjWQTB:si79wq0xPCFWsHuCleZ0j/TsmUK
MD5:	8BAC1F71988EBBAC6E6696476FF42D5B
SHA1:	5113A39BF18B7EB0F2380D712533D9068D72E6A3
SHA-256:	9E33AD890705849494312C45089599A682C27351A278F027C40243A474B6C56A
SHA-512:	6E2AC3DF94528937EAC440DE2BE94EC72179823D6C3C36B978D6C7D2342E107139759FE07DE0D17A082B530D65EA54838736C01A38031075675A7A2DB3687F90
Malicious:	false
Reputation:	low
URL:	https://meittaammasskei-loogge.godaddysites.com/sw.js
Preview:	(()=>{"use strict";var e={895:()=>{try{self["workbox:cacheable-response:6.4.1"]&&_()}catch(e){}},259:(e,t,s)=>{s.d(t,{B:()=>a}),s(913);class a{constructor(){this.promise=new Promise(((e,t)=>{this.resolve=e,this.reject=t}))}}},125:(e,t,s)=>{s.d(t,{V:()=>a}),s(913);class a extends Error{constructor(e,t){super(((e,...t)=>{let s=e;return t.length>0&&(s+=` :: ${JSON.stringify(t)}`),s})(e,t)),this.name=e,this.details=t}}},524:(e,t,s)=>{s.d(t,{h:()=>a}),s(125),s(913);const a=null},594:(e,t,s)=>{function a(e,t){const s=new URL(e);for(const e of t)s.searchParams.delete(e);return s.href}async function n(e,t,s,n){const r=a(t.url,s);if(t.url===r)return e.match(t,n);const i=Object.assign(Object.assign({},n),{ignoreSearch:!0}),c=await e.keys(t,i);for(const t of c)if(r===a(t.url,s))return e.match(t,n)}s.d(t,{F:()=>n}),s(913)},536:(e,t,s)=>{s.d(t,{x:()=>r}),s(913);const a={googleAnalytics:"googleAnalytics",precache:"precache-v2",prefix:"workbox",runtime:"runtime",suffix:"undefined"!=typeof registratio

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (905)
Category:	dropped
Size (bytes):	960
Entropy (8bit):	5.203352394673048
Encrypted:	false
SSDEEP:	24:pzBLgJHHVvC+dKbywqIN6ttVFRJB1i/uwBrV7DtZHrIvyU:zSkjbQxz3+uQ7RxrIx
MD5:	62A914B2C847D4D02B76164D7A2A54C6
SHA1:	20D9F49A90A51FA6C8420640610DF77F7A96D919
SHA-256:	B08C2864EC27736C507B1CA4B3A225A19147841B861CD8494DAF95FA370FE639
SHA-512:	E67D3D9F68EF3151D93DEDAA3530DF89F0C957F08561E93134B219DEC23C2A1FE0D109AC666619526742C5411E4636ECE416A3AD1148C1AD0861F0050B41D3DE
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js",["exports"],(function(e){"use strict";var n="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};e.a=n,e.b=function(e){if(e.__esModule)return e;var n=Object.defineProperty({},"__esModule",{value:!0});return Object.keys(e).forEach((function(t){var r=Object.getOwnPropertyDescriptor(e,t);Object.defineProperty(n,t,r.get?r:{enumerable:!0,get:function(){return e[t]}})})),n},e.c=function(e,n,t){return e(t={path:n,exports:{},require:function(e,n){return function(){throw new Error("Dynamic requires are not currently supported by @rollup/plugin-commonjs")}(null==n&&t.path)}},t.exports),t.exports},e.g=function(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_commonjsHelpers-67085353.js.map.

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2622)
Category:	downloaded
Size (bytes):	11094
Entropy (8bit):	5.442143929196519
Encrypted:	false
SSDEEP:	192:Crsr/cAF56ElYEy31fxQ146G6ivzYiYD7PYZbUVXVfpQGTLY2chTS3vZTfU0pn/6:osr/cAF5RlHy31fqW/B5gxZ01TS3vZTU
MD5:	9E8F4BF0D3186E2888CFD46DD31BC983
SHA1:	EFAE16775AF396544FF06FF7971B008E663276CE
SHA-256:	C55013F0EDBCC6B94A7FF4812466B73B904220A08715EDE46182D3FFF284EBD6
SHA-512:	619764DE9351957B9F715C9079CCFFCF932A9C2DBAF6AAEA8E19B23B3670BD5219E32359AED3E104D119BF70948E910D513BB5EBB6E253F1CB50BBEB03A89DCC
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/6c9480da-79f2-4174-a78f-28264f5073ae/gpub/73dd86a0bb972e5c/script.js
Preview:	window.cxs && window.cxs.setOptions({ prefix: "c2-" });.window.wsb=window.wsb\|\|{};window.wsb["Theme18"]=window.wsb["Theme18"]\|\|window.radpack("@widget/LAYOUT/bs-layout18-Theme-publish-Theme").then(function(t){return new t.default();});.window.wsb["DynamicFontScaler"]=function(e){let t,{containerId:o,targetId:n,fontSizes:r,maxLines:a,prioritizeDefault:s}=e;if("undefined"==typeof document)return;const i=document.getElementById(o),c=document.getElementById(n);function l(e){return function(e){const t=parseInt(d(e,"padding-left")\|\|0,10),o=parseInt(d(e,"padding-right")\|\|0,10);return e.scrollWidth+t+o}(e)<=i.clientWidth&&function(e){const t=e.offsetHeight,o=parseInt(d(e,"line-height"),10)\|\|1;return Math.floor(t/o)}(e)<=a}function p(){if(!i\|\|!c\|\|t===window.innerWidth)return;if(c.hasAttribute("data-font-scaled"))return void function(){c.removeAttribute("data-last-size");const e=document.querySelector(`#${n}-style`);e&&e.parentNode.removeChild(e)}();t=window.innerWidth;const e=Array.prototype.sl

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
URL:	https://events.api.secureserver.net/t/1/tl/event?dh=meittaammasskei-loogge.godaddysites.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=1.0.1&vg=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda&vtg=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda&dp=%2F&trace_id=23e6e90a47474fd9899e698682639d00&cts=2025-01-12T00%3A45%3A09.048Z&hit_id=6e4a2c70-69c9-458b-9df3-c29d090ab6cc&ht=pageview&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%226c9480da-79f2-4174-a78f-28264f5073ae%22%2C%22pd%22%3A%222022-12-12T11%3A17%3A16.458Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout18%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&ap=IPv2&vci=1440687707&z=1922049204
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1352)
Category:	dropped
Size (bytes):	1400
Entropy (8bit):	5.307032039583678
Encrypted:	false
SSDEEP:	24:c6BLQZSwXZSUcUxQAQId+06QyyU+bHJRWIFSPhXCoiCUPGyTiKNPR138IHrIYf:j+SwJSxAQ0H0OpwUSPhXCoiCUeuiKNPd
MD5:	5CC6B93D41889C0A55C6C4FCD2D89713
SHA1:	51A59C1DAE337817C4EBAC39FBE61C232705A893
SHA-256:	8671CFDFA128168DB2136D7C17F55BA98DDBA221CDD1ACBBE559D4969280FD51
SHA-512:	8BCAAB1399B6D4D7475C4CF1DC45B0477A9D2AD37578DFCCF23C0C9303716DA1DECD5FBA858D5DD609CB89BCC784E04B72A0D7136BC6EE60DC3EF69CAB977C33
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-index2-87bd33e6.js",["exports"],(function(t){"use strict";t.a=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginBottom:t}," > :last-child":{marginBottom:"0 !important"}}},t.b=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginRight:t}," > :last-child":{marginRight:"0 !important"}}},t.c=function(t){const e=function(t){if("string"!=typeof t\|\|"{"!==t[0])return null;try{return JSON.parse(t)}catch(t){return null}}(t)\|\|{};let n=0;return e.blocks&&e.blocks.forEach((t=>{const e=t.text.length;n+=(global._\|\|guac.lodash).clamp(e,25,Math.max(e,25))})),n},t.g=()=>{const t=document.getElementsByClassName("ux-scaled");let e=1;return t&&t.length>0&&(e=t[0].getAttribute("data-scale")),e},t.r=t=>{let{count:e=0,fontSizeMap:n={},defaultFontSize:r}=t;const i=(global._\|\|guac.lodash).reduce(n,((t,e,n)=>{let[r,i=Number.MAX_VALUE]=e;return t.push({range:[r,i],

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 11644, version 1.0
Category:	downloaded
Size (bytes):	11644
Entropy (8bit):	7.979913171006477
Encrypted:	false
SSDEEP:	192:Tnzm3QwZW75iH4izAQjQSFvOYQPFm3L9ZaWxWiWFSOu4zfOSJh8lvXrgSZlTIKCK:TqAaYyX/v6PURZaiWidOXzGSJ6FPrj
MD5:	734A5B0ADBD95DBAE76BD14E82758144
SHA1:	FD6C0BFDF7F7AAE7B6169BE7DBDFEBB416208106
SHA-256:	EE7EF1D38007C4773D1E000177123FB440383C0D0187FD7D2D6978A0ED0F8976
SHA-512:	D8811D528C5220CCE087C0306F5086EB45793204549D24708A95C9C89EEBD93A072006AE15D76C6324CB375869D23BC9CC232CBECDDEFC5C6CBAB1023CAB21C4
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2
Preview:	wOF2......-\|......k...-.............................\...`........8..[.....6.$..8. .....K....S.".8..D.C.%k3W.......lGWB$..i.!.....Vr...>.W.d.#...y...g.SD2..NP.$ ..a+.9.t.8v.X6l.e....+.f6.y6...y.K...A....T....x..1...'t..E.%/..........v....>.....d...o.v...l(.h$..v..s_}.R.'].......2R.k...u...nH...%...<.4uY.,.9.r:..........t>+......'.D..>...a.......RI#..A..g...c..{!..n...QA .d<..p...+..a..[...q..A...T.,$p.....jk... p..5..Wer...__..A.....s.)c...B..'.X..Q..RI.$.^.LV..\|.K.?.[.!.i.)j...pf.[1......K..^#.....M..<.r.....F..h'..y..c..!.. .7... QB......5\|.. .A..W.=...x.w...O.Ps.g...c..`q.........l'.......XXG.3....{c:A....k....E....@n{..9...U..H.C...O.QX........LL$.[.....'^.........7n.>.....!.L.$.......z.0.. ...p..s.......iR....Bb..&...0@..tj.Q...2.p.C..0..H..q...%j.p J..G....q4I......1.A%.x.... .Nk..d... ..~I.,9.$.0IV....E....A.......5.R..LO..:...q.\.&.b....+...d....J.u7...;.D;....,.....k...pQ.P..j42.k..)o..l..../...+.s...C.Vr.c..I..;...j...*....EQS6.

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1875)
Category:	dropped
Size (bytes):	1935
Entropy (8bit):	5.308478233131919
Encrypted:	false
SSDEEP:	48:UTVqI1xGzgB7gBfYRN0a0qMoAua0pqAddrIt:0VqQzMfYR2xFua0pqAddE
MD5:	42A956F14F8E89C314FA201AB5FC9388
SHA1:	67651220687C3869FD6FAB960AE4B3CA53776E2F
SHA-256:	A9D6036466352258F71ADF94E2EB6DA8F9BEEE5FCBC73351180D1C8331D53949
SHA-512:	0A1F46367A7FB882029086B50A385439EA31D49F3C44C67B0BD77A4782970F174DB85791E5CEC60466322E2451D5F697163ADED5691DB224114381F8D8ACF763
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/bs-LinkAwareComponent-84648e01.js",["exports","~/bs-FlyoutMenu-Component","~/c/bs-_rollupPluginBabelHelpers"],(function(e,t,o){"use strict";const{PUBLISH:n}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants.renderModes;var i,s,r,a=(i=t.default,s=class extends(global.React\|\|guac.react).Component{constructor(){super(...arguments),this.checkActiveLink=this.checkActiveLink.bind(this),this.state={isActive:!1}}componentDidMount(){const{toggleId:e}=this.props;this.moreDropdownElement=document.getElementById(e),this.moreDropdownElement&&(this.checkActiveLink(),window.addEventListener("NavItemsResized",this.checkActiveLink,{passive:!0}))}componentWillUnmount(){this.moreDropdownElement&&window.removeEventListener("NavItemsResized",this.checkActiveLink,{passive:!0})}checkActiveLink(){const{renderMode:e}=this.props;window.requestAnimationFrame((()=>{var t;let o=!1;const i=this.moreDropdownElement.querySelector('[data-ux="NavLinkActive"]')\|\|this.moreDropdownElement.query

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	242257
Entropy (8bit):	5.517949479561666
Encrypted:	false
SSDEEP:	3072:7u8xUu8gpdmSOvTdTK4Tn9TnatTn9TnApfeVH0pdmSO3iTIT7JlDnDQj3jPGIXSQ:Y3A/6hbCxJFxKhUc
MD5:	55BAF821A59FAD53AA754C85AE19D0EA
SHA1:	B1662F5F5B119836E5E9C91C5E4A448BCD6CCC6D
SHA-256:	D26724E378F16CC4135849CCABF5A1BA738C3F4BA952950ACB34E73F24869E83
SHA-512:	791B8AA2E321324B55731B5F69239F86A0602F19FEB833BFC492D525EA132BC23D1C6A3907957992C655742F38AEDD7819A585E6B7A7F3C68126E0DC739DFC1B
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-index3-55bc27af.js",["radpack","exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-overlayTypes","~/c/bs-index2","~/c/bs-index","~/c/bs-dataAids","@wsb/guac-widget-shared@^1/lib/components/ColorSwatch","@wsb/guac-widget-shared@^1/lib/components/Carousel","~/c/bs-navigationDrawer","~/c/bs-searchFormLocations"],(function(e,t,a,r,o,l,n,i,c,s,g){"use strict";class p extends((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.utils.createElement("Background")){}a._(p,"propTypes",{className:(global.PropTypes\|\|guac["prop-types"]).string,backgroundSize:(global.PropTypes\|\|guac["prop-types"]).string,backgroundPosition:(global.PropTypes\|\|guac["prop-types"]).string,style:(global.PropTypes\|\|guac["prop-types"]).object,imageData:(global.PropTypes\|\|guac["prop-types"]).object,mobileWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,desktopWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,blur:(global.PropTypes\|\|guac["prop-types"]).bool}),a._(p,"defaultPr

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (63425)
Category:	dropped
Size (bytes):	315045
Entropy (8bit):	5.470972207090544
Encrypted:	false
SSDEEP:	3072:7aOD2q1BSK7x5jfw71nUNdFIh0qrMdB8pbKQJaZkNeQHUC5SIui/+a:Wzq1Bzc71UNhqrMgpbLaZkNfHHWa
MD5:	D8A1FE8B9FD01233B8A030EA79C21DF0
SHA1:	1B2B4474F72FCEE56977101E7C85A8201F730903
SHA-256:	91DEC32BF6596B875CDEB8C7BFFC8B5029A870657D3D7C790E8939F17E24DC20
SHA-512:	C15DBBD27873E22558239D6671B7FA05107A348D44BEC9CD560B8AA6D443D4A86BBBC38FC6F2C18E4D4C82852741B7C995E3E80A1E95B04A0D2DBDA12DCB6F0F
Malicious:	false
Reputation:	low
Preview:	var Core=function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/",n(n.s=68)}([fun

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (15916)
Category:	downloaded
Size (bytes):	44681
Entropy (8bit):	5.474388642173789
Encrypted:	false
SSDEEP:	384:n/GT2cPPpkN0/kIRTKShRBID5ZLRRdOYfyDFvYkQp5h4DSBlzSfe2khHWLjulW:/GT4I9K+RCjIAyDNrQpvErLjulW
MD5:	9721D29920DC2088BA5E53470A7E6B24
SHA1:	A9E85B67A45136389425119A99C6496F249A04EA
SHA-256:	672FB204E0A9CE553967ED3835FB9A6D7F96495A75BE760F85404066BB9EC3B1
SHA-512:	E9FE7A07F4323F773D47353236D97E54A78087AE014084C87CB86B1E18680D97FE8D60B61CFAE8C2AD7D55EAC9F43F3702EAD848C74FA7C8F50E4B34AA2C1F99
Malicious:	false
Reputation:	low
URL:	https://meittaammasskei-loogge.godaddysites.com/
Preview:	<!DOCTYPE html><html lang="en-US"><head><link rel="shortcut icon" href="//img1.wsimg.com/blobby/go/6c9480da-79f2-4174-a78f-28264f5073ae/favicon/15a893e6-7bc1-4d71-a78b-84864f06a062.ico" sizes="16x16 24x24 32x32 48x48 64x64"/><meta charSet="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="viewport" content="width=device-width, initial-scale=1"/><title>Met..mask Login</title><meta name="description" content=" MetaMask is a lightweight software cryptocurrency wallet. It is used to interrelate with the Ethereum block chain. It may be used on Chrome, ..."/><meta name="author" content="Meittaammasskei-loogge"/><meta name="generator" content="Starfield Technologies; Go Daddy Website Builder 8.0.0000"/><link rel="manifest" href="/manifest.webmanifest"/><link rel="apple-touch-icon" sizes="57x57" href="//img1.wsimg.com/blobby/go/6c9480da-79f2-4174-a78f-28264f5073ae/favicon/15a893e6-7bc1-4d71-a78b-84864f06a062.ico/:/rs=w:57,h:57,m"/><link rel="apple-touch-icon" sizes="6

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Category:	downloaded
Size (bytes):	23040
Entropy (8bit):	7.990788476764561
Encrypted:	true
SSDEEP:	384:adpABC4a0HkBpR1HWtGu06B6lsoAKiwY0HcLKglV6Z+DVb35PJZDdiZeJ1vqYg:0AHa0Ezf2tZn6lsoABwTKK46ZQb3V7wD
MD5:	DE69CF9E514DF447D1B0BB16F49D2457
SHA1:	2AC78601179C3A63BA3F3F3081556B12DDCAF655
SHA-256:	C447DD7677B419DB7B21DBDFC6277C7816A913FFDA76FD2E52702DF538DE0E49
SHA-512:	4AEBB7E54D88827D4A02808F04901C0D09B756C518202B056A6C0F664948F5585221D16967F546E064187C6545ACEF15D59B68D0A7A59897BD899D3E9DDA37B1
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Preview:	wOF2......Z........8..Y...........................B.p.`..D....e.....d.....B..6.$..v. .....E.K...5l\e.v.~S$}.".8.....5.E....s...ai`W.u..8a2C..JuBj....x.....%.u.C.......p..c...7...+.1.GS.3...F_....-..`#........]...T.....x....&..{.....V..,..&~$D.#.P..\|gzz...B.7..m.3....HH.l.....Dj.F.X.....U..+.Q...T.`...ST...1...0....io`zu@.J2....3]}0.X...,..+"...............(k.CGl......`.y.._....3.t!O.,X:t.3....lw..U../:..b.]....V.$.y....G.....H..IN....bQ.+ \@....;...C3...c.l..i/....#..I.).Y...]...s..$K!..Tr...g%\|r.D.#.Y{..R..We...X.?...r.@...G.{..>..4^..b..,.z........T..[.ru#.7..{..G....J.3......Lz.C].of$Y2..^...>@L..P.........7..bB.....6f...ec.i..{._\...A.I.Lcy.Qm".....k.^.d.K(x7U...c.o.......}.T......iL..!.Z.......[O...%...*'?........^I./..;t.4%.....S...4....wY.b9.%.b...,.....tC..9.Z...V..CHnA.S.-.u$m.\....7{,..K{(.."....._...\|{.VowE@E@@..Zg.....`8..b..Z...^....l+...R..%.L.b...._..E.j9\+.L.#J.........?&...&..scE..b..Jc.8...V....L 1./k.3..7w....x..-.....

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23126)
Category:	downloaded
Size (bytes):	23189
Entropy (8bit):	4.539345073526186
Encrypted:	false
SSDEEP:	384:7UuK/6kvTqLYddu4bV/yiAhSs1hiAhAiSeG3dvBRU+SMkc6e:QuJ5wI45/c1+ipG3TJSMkU
MD5:	3D092EF4ABA019B14F01C40747E40554
SHA1:	1C26145272FCF4CA91AF501288CCE84B1BFFD38B
SHA-256:	B4C48B77BBE6BBACF7D16BDAA81F5509FB8EA0FBFDDFBF2D12307F7A88518846
SHA-512:	F7180D3D98CF17556E27D62EF719DD9E35041679BAB74BD49BD898EB0FB62018EF6C6B64D06E9E0CAC4A646154DB93A1D35096B098DDCFF7B02CD6889A29DA0A
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-defaultSocialIconPack-91835b99.js
Preview:	define("@widget/LAYOUT/c/bs-defaultSocialIconPack-91835b99.js",["exports"],(function(a){"use strict";const e=(global.React\|\|guac.react).createElement("path",{d:"M12 2C6.477 2 2 6.477 2 12s4.477 10 10 10 10-4.477 10-10A10 10 0 0 0 12 2zM7.055 13.745a.97.97 0 0 1-.073-.509l.182-2.072a.687.687 0 0 1 .29-.364c.182-.11.582.036.582.036l2.619 1.31s.4.181.4.509c-.037.436-.219.436-.364.509l-3.055.654s-.436.146-.581-.073zm4.945.473l-.036 3.018s.036.437-.219.51c-.144.02-.291.02-.436 0l-2.036-.655a.6.6 0 0 1-.291-.364c-.073-.218.182-.545.182-.545l2.036-2.255s.327-.29.582-.145c.254.145.254.436.218.436zm-.364-3.236a.687.687 0 0 1-.581-.182l-2.51-3.418s-.363-.4-.181-.691a.64.64 0 0 1 .363-.291l2.4-.873c.11-.036.218-.145.582.073.255.145.291.655.291.655l.036 4.145s-.072.51-.4.582zm1.419.582l1.636-2.582s.145-.364.436-.327c.152.002.29.085.364.218l1.382 1.636a.676.676 0 0 1 .072.473c-.072.218-.472.363-.472.363l-2.91.837s-.4.073-.545-.182c-.145-.255 0-.51.037-.436zm3.781 3.309L15.6 16.655a.815.815 0 0 1-.4

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21556)
Category:	downloaded
Size (bytes):	21592
Entropy (8bit):	5.118279269599776
Encrypted:	false
SSDEEP:	384:/z+lhnKuowsx9pGxw57yty3eOHenS934osy:JioFP934Y
MD5:	1C56940A864F144FAE2EB40EE952CB94
SHA1:	EBFC754CE962A1F9025853F2995B3987F0383D87
SHA-256:	3C37A4AA3CF6AAAE6921A4B750C0E4F81FD338D6878BE90B0FAF2F921039CB23
SHA-512:	AEF4B08A01D56BD8855653499B375DB11D8FD7D67C4BCDC74323236BADC47B70DDFEDC14CE89828736C63FFE147BF71C14311580296D41B59F11A3305993ADDD
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("tti",[],e):"object"==typeof exports?exports["tti"]=e():t["tti"]=e()}(window,function(){return n=[function(t,e){var n=function(){return this}();try{n=n\|\|Function("return this")()}catch(t){"object"==typeof window&&(n=window)}t.exports=n},function(t,e,n){"use strict";e.__esModule=!0,e.setCustomProperties=e._sendWebVitalsData=e._collectVitals=e.calculateTTI=void 0,n(2);function i(){0<s.timeToInteractive&&setTimeout(function(){window._expDataLayer=window._expDataLayer\|\|[],window._expDataLayer.push({schema:"add_perf",version:"v1",data:window._tccInternal?{type:"pageperf",properties:s,custom_properties:c}:{timing_object:s,is_hard_navigation:!0,custom_properties:c}})},0)}function r(){var t,e,n=(r=0<arguments.length&&void 0!==arguments[0]?arguments[0]:{}).name,r=r.value;s[n]="CLS"===n?r:Math.round(r),"timeToInteractive"===n&&(s.hasOwnProperty("FID")?i():(t=0,e=setInt

Chrome Cache Entry: 114

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	324
Entropy (8bit):	5.376083689062415
Encrypted:	false
SSDEEP:	6:FSPl39b4BSyRbjGJlI9kXJ3+V0q1EkmGHr9EJiKWaEt39J:cd39MBSyVz0XkTHr+pWTt39J
MD5:	ACD4F2B6117E5054FC9BF848AE8121CA
SHA1:	AE4D5F41D854BA8D99A4A1EC6EE6D6C3C0A859B8
SHA-256:	66774F89FCFA5674BE9AEF60E3FE3CB81E4DD88246BDE4E5392DF8B99FEFD4DB
SHA-512:	906FC9144D4AB81E8000CBE4A7AF7AFF775464347449193337E8738D705888C02B9476E083B3B67BDB3CBC312AAC4644C10737BC1FC5F9F08B38F5F45A2410F9
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-legacyOverrides-42582241.js",["exports"],(function(e){"use strict";e.g=function(e,i,n){let o={};return"MENU"===i&&"h3"===e&&(o={color:"highlight"},"menu3"===n&&(o.fontSize="large")),o}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-legacyOverrides-42582241.js.map.

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
URL:	https://events.api.secureserver.net/t/1/tl/event?dh=meittaammasskei-loogge.godaddysites.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=1.0.1&vg=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda&vtg=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda&dp=%2F&trace_id=23e6e90a47474fd9899e698682639d00&cts=2025-01-12T00%3A45%3A12.949Z&hit_id=6ce83a54-8080-4db6-b0b7-5eefda5acba0&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%226c9480da-79f2-4174-a78f-28264f5073ae%22%2C%22pd%22%3A%222022-12-12T11%3A17%3A16.458Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout18%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&ap=IPv2&vci=1440687707&z=521436238&tce=1736642704866&tcs=1736642704356&tdc=1736642712931&tdclee=1736642709054&tdcles=1736642709053&tdi=1736642707536&tdl=1736642705005&tdle=1736642704356&tdls=1736642704325&tfs=1736642704323&tns=1736642703800&trqs=1736642704866&tre=1736642705072&trps=1736642704984&tles=1736642712931&tlee=0&nt=navigate&LCP=1457&nav_type=hard
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1211)
Category:	dropped
Size (bytes):	1261
Entropy (8bit):	5.340315611373646
Encrypted:	false
SSDEEP:	24:/BLEQuC0F6lq5lEYwy5WqogVeESgVeId4PXsHrIW:Z4jFYq5lpwW7vdd4PXgrIW
MD5:	CB9BFA0FBDD957FBE7F4841B70341DB2
SHA1:	9CAD12A3580D3E4D340CB867E88B687C75564C5A
SHA-256:	513864FD4EBD1926F3E1E78B436A90C2BC3A5D16835B50415E7B318D7DEEC2A2
SHA-512:	DF98C3262F64DA4EA9CACF75FF7CB685D71B69142D89F726AB3E13CF6F25432DC395D7C0950E1632F0E519F135B02FDA0753739189E51F1C9210ACA6692551DD
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js",["exports"],(function(e){"use strict";const o=e=>{let{color:o,isActive:t,inStock:r,isSmall:l}=e;const a=r\|\|void 0===r,c=l?"24px":"38px",n=l?"20px":"32px",i={borderRadius:"50%",borderWidth:"1px",borderStyle:"solid"},s={outer:{...i,display:"flex",alignItems:"center",justifyContent:"center",width:c,height:c,borderColor:t?"lowContrast":"transparent"},inner:{...i,borderColor:"ultraLowContrast",color:"ultraLowContrast",width:n,height:n,background:a?o:`linear-gradient(to left top, ${o} calc(50% - 1px), currentColor, ${o} calc(50% + 1px) )`}};return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.outer},(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.inner}))};o.propTypes={color:(global.PropTypes\|\|guac["prop-types"]).string.isRequired,isActive:(global.PropTypes\|\|guac["prop-types"]).bool,inStock:(

Chrome Cache Entry: 117

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	543
Entropy (8bit):	5.1550717860523445
Encrypted:	false
SSDEEP:	12:YWGhtXIoWFJsTPOi4+eiPwTPOi4+eDnZ5p3:YZXIoWomIPomhnp
MD5:	39F40F25B657FBDA334D3912D2C263D6
SHA1:	6E2CECDDBCA6882A039D8697F5CD3D4BAD94C3C5
SHA-256:	64F3B3104B553578AFC1D29831D534B33DB2F74B5372984CE98A833157BF8D4F
SHA-512:	1D30711725F6F23C606A91C3511E77546C1E057AD36551FA94354EC71CA74AAC749BD1EE8EB6B125EDB89D6C933B9425B82D2A7D90A0F7316A0148F95151910F
Malicious:	false
Reputation:	low
URL:	https://meittaammasskei-loogge.godaddysites.com/manifest.webmanifest
Preview:	{"scope":"/","start_url":"/","display":"standalone","icons":[{"sizes":"192x192","type":"image/png","src":"//img1.wsimg.com/blobby/go/6c9480da-79f2-4174-a78f-28264f5073ae/favicon/15a893e6-7bc1-4d71-a78b-84864f06a062.ico/:/rs=w:192,h:192,m"},{"sizes":"512x512","type":"image/png","src":"//img1.wsimg.com/blobby/go/6c9480da-79f2-4174-a78f-28264f5073ae/favicon/15a893e6-7bc1-4d71-a78b-84864f06a062.ico/:/rs=w:512,h:512,m"}],"name":"Meittaammasskei-loogge","short_name":"Meittaammasskei-loogge","theme_color":"#D22F25","background_color":"#D22F25"}

Chrome Cache Entry: 118

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3283)
Category:	dropped
Size (bytes):	3345
Entropy (8bit):	5.205184210840741
Encrypted:	false
SSDEEP:	96:Pdi5dgr2G2tvdbGZd1hdTrdEdEidKH5bKsaqexOAvHeMbMh:lSFkpNO1K5bja/reF
MD5:	1E4C3172663AD2ACC0CEC9723E93D39F
SHA1:	1610B980BB81B4A4330399C81A4B23A78A70C42B
SHA-256:	F23EC23F7792FF56FB516E06280BED56D3A80D1CFD8D48F22C2B1F93CA69F0D5
SHA-512:	B96520A05B04CB55617B582A9458E3AE547AD953D0B0FE3F573B5CE1F55AB1B92A5356C0E5575A2596B59365C24F9E5A1A1FB1ABC17B8E6E331A1DC0B3F7ACBF
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/bs-FlyoutMenu-Component-229d1624.js",["exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-Toggle","~/c/bs-index2"],(function(e,o,t,p){"use strict";var a={toggleId:(global.PropTypes\|\|guac["prop-types"]).string.isRequired,activeProps:(global.PropTypes\|\|guac["prop-types"]).object,label:(global.PropTypes\|\|guac["prop-types"]).string.isRequired,renderCustomIcon:(global.PropTypes\|\|guac["prop-types"]).object,renderCustomContent:(global.PropTypes\|\|guac["prop-types"]).oneOfType([(global.PropTypes\|\|guac["prop-types"]).bool,(global.PropTypes\|\|guac["prop-types"]).element,(global.PropTypes\|\|guac["prop-types"]).node]),id:(global.PropTypes\|\|guac["prop-types"]).string,isActive:(global.PropTypes\|\|guac["prop-types"]).bool,enableNoOverlapDropdown:(global.PropTypes\|\|guac["prop-types"]).bool,widgetId:(global.PropTypes\|\|guac["prop-types"]).string,overrideIconStyle:(global.PropTypes\|\|guac["prop-types"]).object,dataAid:(global.PropTypes\|\|guac["prop-types"]).string,hasHover:(global.PropT

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 11728, version 1.0
Category:	downloaded
Size (bytes):	11728
Entropy (8bit):	7.9793276091352485
Encrypted:	false
SSDEEP:	192:klyIZ5n3ROBQn0nXAdzXVIuiRdTgo4NL7WVvSat6YC/B67QuQyJGFtNdo/U5qE8F:gX3RAu0XAdzquw6dSVvS86YC/aQuv8lO
MD5:	B2845477C209263ADB2F8D6059491758
SHA1:	76C6F1F64027566CB5CBF88BC642B708D34D1302
SHA-256:	8F40676C64A72CB5D80952071B7A2F371650D7B2BB787EA01D8C5BC88EF734C7
SHA-512:	C07F84E8C169A79253C2EEA35E8B9A964A94203C20ADD14742840CFA8A084317C3792696D5157A961273637EC206C7F8DC9332C9DA4850F5716E5D956502E708
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2
Preview:	wOF2......-.......k...-v............................^...`........0..R.....6.$..8. ..d..K...AS.".8..Do@.%..$....!....$..d....}.'.J.L..~..w..a..?....Or.....O.J....`bA.....6v.e.[.]...u^mW[_m..U.rt.zKE......~..v....C..aRRI...A.-T.....?.O.....q...`x..O.&8@...R.....vC.v.@....\...... ..R.o`.@.B...".hT......jw.T.&..5.X..2K&....lr..g..p.d.,...'".:...?.L9..T.........k.M..k!.......zwY....N..q......FEAB...l......0..U.tn..y.^>6..........y.B....,...S#19.XB8...y....5f.!.r.%.......B,T..(.........8....D..J.$.].4.`.....bxN.6.....k{...\..L..4.p.#...x....b....+..F....G......L..y.$d.Be.].......C.^>...IC.....\|.!..c...C..'....5@.}..:......I:...^r.....0m$.{0.ce.XC...;<OR..a.....lg..=1....P.....=...a.N..o...........T..w.4...ev/.]<...x.........o:...$.Y....."....3Zb..0:.J....."B....&Fp.p.3..m!V..C....@!.........=P...2.}..J...@...."..&[O{....=.h ....xr[Qh].....,..+.c[..m...;.F.+.......8u.$E.......u.q<n..\|%.....R...pl....H.:.+...s.$*E.).V..@+.......G...w.Y...@..lv .m.j.

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (20947)
Category:	downloaded
Size (bytes):	24399
Entropy (8bit):	5.2375624098374
Encrypted:	false
SSDEEP:	384:UNoz5VHqeg0VzpiyiwffnnPacVorjFtteVT36FCLCpKe9plq2D:ME5qeg0Rp8wffnPVEjFtteEFiSbbl3D
MD5:	753CB19EE1A756E46FAA0F118B1B4E01
SHA1:	248885E3BFE7E71989BA9FFFB33B6EFF18166FEC
SHA-256:	ED9FFA2FBA5ECC75AF2F99E6EBADD5B927086F258037C2A848E94449CC579991
SHA-512:	4482C4D5F2F93DE8E095C549994A7783FA55CD1A6C4C9CC5E697CC2E2F00C98B04D5CB958CC1ADC4D0EF67F300BE014E112AE1D992487F40EB25BC93E8B47AAA
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js
Preview:	define("@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js",["exports","~/c/_rollupPluginBabelHelpers","~/c/_commonjsHelpers","~/c/interopRequireDefault","~/c/_react_commonjs-external"],(function(e,t,n,i,r){"use strict";var s=n.c((function(e){function t(n){return e.exports=t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e.exports.__esModule=!0,e.exports.default=e.exports,t(n)}e.exports=t,e.exports.__esModule=!0,e.exports.default=e.exports})),o=n.c((function(e){var t=s.default;function n(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,i=new WeakMap;return(n=function(e){return e?i:t})(e)}e.exports=function(e,i){if(!i&&e&&e.__esModule)return e;if(null===e\|\|"object"!==t(e)&&"function"!=typeof e)return{default:e};var r=n(i);if(r&&r.has(e))return r.get(e);var s={},o=Object.defineProperty&&Object.getOwnPropertyDescr

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	221
Entropy (8bit):	5.32955468303281
Encrypted:	false
SSDEEP:	6:FSPD8WUDDSBSyFbNemGHr9EJiKWaEwI8WUDDn:c5UDGBSyCTHr+pWTwGUDr
MD5:	8F12765EB30FBDCFCDC116D13F7FC272
SHA1:	506E45B7D3930756EACCE0DAD449A3C8CDB3EAC6
SHA-256:	265995EB76326E95613750F6F6570B850F5C22280D262DE9B9632A16CEB98B9B
SHA-512:	7AA2F396B105BCCF2B943FD2AC60929D8BF3A0EB8574B77451CB29816DF8ACDCD07694B526D7E4585F849DFDA3A0FE6E95661179E13F682DBF54098D98154BFB
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js
Preview:	define("@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js",["exports"],(function(i){"use strict";i.N="-249vw"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-navigationDrawer-27f5f1f5.js.map.

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	105560
Entropy (8bit):	5.173099073295946
Encrypted:	false
SSDEEP:	1536:Kvbe2WTBTlur/rTVYHlA2taouk+ZPL50/:E+Mr/1m+I
MD5:	6837678401F602120E41C9EAA7A7E915
SHA1:	A1F801D56B6666BDDED519DE10A8F04B9257AE0E
SHA-256:	DAE89C4D8697DC845428A11C2BDE64334AB65738EE97F598414D857B5D9D3FD2
SHA-512:	F0B529B9BED94C6EAC30FDB59CB1C2D347D78015B06C5D11577B12B2312A63D8D1AE684E5C05B7DE979EAEB848A337C20E7B00E089ADB2802B772A9690A005BF
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("scc-c2",[],e):"object"==typeof exports?exports["scc-c2"]=e():t["scc-c2"]=e()}(self,(()=>(()=>{"use strict";var t={d:(e,n)=>{for(var r in n)t.o(n,r)&&!t.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:n[r]})},o:(t,e)=>Object.prototype.hasOwnProperty.call(t,e),r:t=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})}},e={};t.r(e),t.d(e,{_isDebug:()=>v,debug:()=>w,error:()=>h,info:()=>m,log:()=>m,setDebug:()=>b,warn:()=>g});var n={};t.r(n),t.d(n,{cmdLogEvent:()=>Ki,cmdLogPerf:()=>Gi});var r,o,i,a,c,u=(r="",i={document:o=Object.create({get cookie(){return r},set cookie(t){r=t}})},a={},"undefined"==typeof window?{window:i,document:o,navigator:a}:{window:window\|\|i,document:window.document\|\|o,navigator:navigator\|\|a}),f=function(){return u.window},s=functi

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (905)
Category:	downloaded
Size (bytes):	960
Entropy (8bit):	5.203352394673048
Encrypted:	false
SSDEEP:	24:pzBLgJHHVvC+dKbywqIN6ttVFRJB1i/uwBrV7DtZHrIvyU:zSkjbQxz3+uQ7RxrIx
MD5:	62A914B2C847D4D02B76164D7A2A54C6
SHA1:	20D9F49A90A51FA6C8420640610DF77F7A96D919
SHA-256:	B08C2864EC27736C507B1CA4B3A225A19147841B861CD8494DAF95FA370FE639
SHA-512:	E67D3D9F68EF3151D93DEDAA3530DF89F0C957F08561E93134B219DEC23C2A1FE0D109AC666619526742C5411E4636ECE416A3AD1148C1AD0861F0050B41D3DE
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js
Preview:	define("@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js",["exports"],(function(e){"use strict";var n="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};e.a=n,e.b=function(e){if(e.__esModule)return e;var n=Object.defineProperty({},"__esModule",{value:!0});return Object.keys(e).forEach((function(t){var r=Object.getOwnPropertyDescriptor(e,t);Object.defineProperty(n,t,r.get?r:{enumerable:!0,get:function(){return e[t]}})})),n},e.c=function(e,n,t){return e(t={path:n,exports:{},require:function(e,n){return function(){throw new Error("Dynamic requires are not currently supported by @rollup/plugin-commonjs")}(null==n&&t.path)}},t.exports),t.exports},e.g=function(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_commonjsHelpers-67085353.js.map.

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1535x1021, components 3
Category:	dropped
Size (bytes):	220414
Entropy (8bit):	7.979263536328385
Encrypted:	false
SSDEEP:	3072:zmYreP02VlixvN/3evRiFPc9HxSetyc7YIj43UjkrRersUVuGy/khrwXFUhwp0ye:CXPHixvN/C4FERXl7ndoepVvy/1XR0oG
MD5:	9136B98B23F9699551E487D3E4A783AC
SHA1:	C8D723ED969C52F2590517C2BCC3C589D1D823E7
SHA-256:	F0BAC715E3178D69E243AE17CA82F0A3EA0C0FF4F0E4AFB7417E0AD675F1F477
SHA-512:	4992BC9F8542D0F37756A058698D28C45DDC867C40584FB9D258F342F1CBD65387D77C0E78077A4B4201658ECA679F5360B24FB83AB51A53A60553E077336E23
Malicious:	false
Reputation:	low
Preview:	......Exif..II...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100...........................................C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((..........."........................................Y........................!.1A.."Qaq2....B...#R..3br..$....%CScs....&4'56DT....dt..E.7eu................................1.......................!1.A.Q"..2aq3B..#4.R................?..f...........Zh....b..J....s...D.4.....9.R..C..H.)..Qa@.k....Q .`.@sOPS..K.S..qJ.`.oP"...j.. ..0qMJ..S.LP.y.9.P...gz.m..-.M.0..!.A.j..JaK;SR(.l...=T..R.J..T...4...:..OQ...X...1.@....)...t..S.1R.J..T...1.TH.L...H...lU&!.=8....H.3K.:jV:"F....50...X.N...e..MD..(`>i.s..H..5.J.......A.).>.$....R1PaZ...@.!..f...,T.K....9..Df...\|..0."\.T...J.....i...&.>..6..P...#O@....LE.+L*.s..&..7.D.0.Q'&....c.:\|T.S......D-ZA.

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (383)
Category:	dropped
Size (bytes):	437
Entropy (8bit):	5.418011449016951
Encrypted:	false
SSDEEP:	12:cTTgBSyk+Jb8KCjoD3BMXkKbr4Si+THr+pWTDTd:cTTgBL3fCjqMXfr4SiSHrIYDTd
MD5:	21AD22788E6CAA18A4E9E57F7372B108
SHA1:	50EBDD2452193BEAB7D1899F788FBBF32D90DD55
SHA-256:	0FE26F07B9E5D49590F55D31CBC381CA9337850F89B09940E3B384FCD6D26464
SHA-512:	4237775466FC3A94FE9FD769B9A186DBF8559FE5E06442EA107872462B1591DA2EBFC2786DD8D05495538428F668D940A4D851AE8E13DAFBBF8B763EAAD2F063
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js",["exports"],(function(e){"use strict";const{headerTreatments:{FILL:n,FIT:t,INSET:o,BLUR:a,LEGACY_BLUR:c}}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants;e.A="accent",e.B=a,e.C="category",e.F=n,e.I=o,e.L=c,e.N="neutral",e.P="primary",e.a="none",e.b=t,e.c="light_dark"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-overlayTypes-e1dbe765.js.map.

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13834)
Category:	dropped
Size (bytes):	13891
Entropy (8bit):	4.645788246161265
Encrypted:	false
SSDEEP:	192:49+DrRmRAiyq602NNTV0afQQYrAJ9wzkENGWHl2JBpfodMjHJv8k9fopl1jn:4Bp49ykE8WQs2Vv8k9fGTjn
MD5:	C7B1DBB0EEF8600D5F57536998855E4D
SHA1:	03908243C34D5A373ACBA694EB16E30F088B4F7D
SHA-256:	53DA7DD341F1EF0C484A7B56A17D86669287DA5D082AAA8A0AF04FD3816B6631
SHA-512:	56EE4961F4C03A15C79252AD9C3CAD93573AC785881541EA32F83389996F4E8C074FBC397FF9F0B218121A3D8E1A9CEF101D088B4BCFB2353D6A311D5F60DCBA
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-modernThinRound-ced97fbd.js",["exports"],(function(e){"use strict";const a=(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M5.643 19.241a.782.782 0 0 1-.634-.889c.317-2.142 1.62-4.188 3.525-5.244l.459-.254-.39-.352a4.89 4.89 0 0 1-.797-6.327 4.747 4.747 0 0 1 2.752-2.003 4.894 4.894 0 0 1 6.092 5.72c-.211 1.042-.802 1.97-1.59 2.683l-.308.28.459.253c1.876 1.04 3.185 3.131 3.53 5.26a.765.765 0 0 1-.742.883c-.367.005-.697-.25-.753-.613-.52-3.384-4.067-6.087-7.702-4.324-1.628.79-2.714 2.511-3.014 4.313a.76.76 0 0 1-.887.614zm2.873-10.36a3.36 3.36 0 0 0 3.356 3.355A3.36 3.36 0 0 0 15.23 8.88a3.361 3.361 0 0 0-3.358-3.357A3.36 3.36 0 0 0 8.516 8.88z"});var l={__proto__:null,account:a,person:a,magGlass:(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M19.504 18.461a.76.76 0 0 1 0 1.038.652.652 0 0 1-.956 0L15.2 15.993a6.142 6.142 0 0 1-3.83 1.353C7.858 17.346 5 14.353 5 10.673 5 6.994 7.858 4 11.371 4c3.513 0 6.371 2.994

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	304
Entropy (8bit):	5.609970428503769
Encrypted:	false
SSDEEP:	6:FSPOhWNjZTivBSyv5F/kpIdiEjGWF+ktxRmGHr9EJiKWaEkWNjZTiKF:cUZBSyv5ZdihWF+CRTHr+pWTkAF
MD5:	DAA79AD7558674F6A12D962ABF47F2F6
SHA1:	03EEA0EBEBD11EC14CFA5A651EB0ACA2604829A7
SHA-256:	604281887CD770ED21601933E9636A7A9C8A57A30D7D796AE7D760EEF64D5089
SHA-512:	B335EBCB0C982398C56D9A5F68F5D4E36A850AB139976BD94354C7CD18F1F370866A74F46FCD399F46E410D59AF7FBA890A17003BB4FD456DD43A6DE531D28F9
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js
Preview:	define("@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js",["exports"],(function(o){"use strict";o.D="DESKTOP_NAV_COVER",o.M="MOBILE_NAV",o.N="NAV_DRAWER",o.S="SIDEBAR",o.a="DESKTOP_NAV"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-searchFormLocations-c86f2a99.js.map.

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (383)
Category:	downloaded
Size (bytes):	437
Entropy (8bit):	5.418011449016951
Encrypted:	false
SSDEEP:	12:cTTgBSyk+Jb8KCjoD3BMXkKbr4Si+THr+pWTDTd:cTTgBL3fCjqMXfr4SiSHrIYDTd
MD5:	21AD22788E6CAA18A4E9E57F7372B108
SHA1:	50EBDD2452193BEAB7D1899F788FBBF32D90DD55
SHA-256:	0FE26F07B9E5D49590F55D31CBC381CA9337850F89B09940E3B384FCD6D26464
SHA-512:	4237775466FC3A94FE9FD769B9A186DBF8559FE5E06442EA107872462B1591DA2EBFC2786DD8D05495538428F668D940A4D851AE8E13DAFBBF8B763EAAD2F063
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js
Preview:	define("@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js",["exports"],(function(e){"use strict";const{headerTreatments:{FILL:n,FIT:t,INSET:o,BLUR:a,LEGACY_BLUR:c}}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants;e.A="accent",e.B=a,e.C="category",e.F=n,e.I=o,e.L=c,e.N="neutral",e.P="primary",e.a="none",e.b=t,e.c="light_dark"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-overlayTypes-e1dbe765.js.map.

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	304
Entropy (8bit):	5.609970428503769
Encrypted:	false
SSDEEP:	6:FSPOhWNjZTivBSyv5F/kpIdiEjGWF+ktxRmGHr9EJiKWaEkWNjZTiKF:cUZBSyv5ZdihWF+CRTHr+pWTkAF
MD5:	DAA79AD7558674F6A12D962ABF47F2F6
SHA1:	03EEA0EBEBD11EC14CFA5A651EB0ACA2604829A7
SHA-256:	604281887CD770ED21601933E9636A7A9C8A57A30D7D796AE7D760EEF64D5089
SHA-512:	B335EBCB0C982398C56D9A5F68F5D4E36A850AB139976BD94354C7CD18F1F370866A74F46FCD399F46E410D59AF7FBA890A17003BB4FD456DD43A6DE531D28F9
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js",["exports"],(function(o){"use strict";o.D="DESKTOP_NAV_COVER",o.M="MOBILE_NAV",o.N="NAV_DRAWER",o.S="SIDEBAR",o.a="DESKTOP_NAV"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-searchFormLocations-c86f2a99.js.map.

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (516)
Category:	downloaded
Size (bytes):	583
Entropy (8bit):	5.275794886448015
Encrypted:	false
SSDEEP:	12:csTLaBSyTUXaPXAbDTc/NeL2QiTj+RVnIYQ2ofXgYFw1THr+pWT0Lv:cTBLTUXaPXAPTc/tTj+Hn/Q2CQYytHrI
MD5:	0D42FFB998A9CF7C25824CF365C7D0C9
SHA1:	7A95B87AC3B0C813F195EA46EFB9E792023EAFBE
SHA-256:	3418AA0FB5D19C3909DD89CCF081C9B59EBAD2A0334EED58373ED395D228487A
SHA-512:	EE2711CED0E8936C0DDAE9CFBE1FFAFABF56766C4611DC5B68C50919EDFC6CD1F3C850A0599ED107E8F6555D54BB46B3395B957A74697BEA2A749814C270C0FD
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-e83be766.js
Preview:	define("@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-e83be766.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e},e.a=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-_rollupPluginBabelHelpers-e83be766.js.map.

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	266
Entropy (8bit):	5.182741116673583
Encrypted:	false
SSDEEP:	6:F9oNS2BSyRbWsCJwvYtMe1mGHr9EJiKWaO6SZF:HgS2BSyEsCJB1THr+pWIS7
MD5:	8578A331AD09BB2EF6359FEC3916BEFC
SHA1:	38B68F5C02CBDB6E29C50F8858710E0392B0B8D6
SHA-256:	3D7E7552E3801941A408C504AA732223FE2BED5D12E248680847D772182CB639
SHA-512:	B034DDDA04F8DEE0D174651D13A89AF9FE5ED28E1E81FAB229AFA119B9B0A9C418E324FFCE28E909D8D596BEAE98FA1AC0BA09C74E7E7689B945C032088C5E18
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js
Preview:	define("@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js",["exports"],(function(e){"use strict";const n=global.React\|\|guac.react;e._=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_react_commonjs-external-a1351e34.js.map.

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8076)
Category:	dropped
Size (bytes):	8146
Entropy (8bit):	5.193570786754158
Encrypted:	false
SSDEEP:	192:bXex8k/4ro1H29Lm90fwK4cal8k5AV+IZ7/UHpvx/nvvdlFwmlqkk1:bXex9QriHqLm90fwncal75AV+IZ78HF6
MD5:	D0BF5E9E6E778CE2D940F214EC04700C
SHA1:	2ECB604E1F2E8CA95A0413DB58C153B9AA710A29
SHA-256:	1B7F2E117669F2643EA895B6BEDB818796AF009F19A6FC1F8B8A1DC9C30B6D9B
SHA-512:	DC1A45C8946109AB2E61509A977287020136B03555CC2FAC0B769BB20ADC78268929AE857F695626E86D8AC6E805C3731D33374360406E86FC98F643A3523E5C
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/bs-layout18-Theme-publish-Theme-5bf6e4ee.js",["exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-index3","~/c/bs-legacyOverrides","~/c/bs-modernThinRound","~/c/bs-defaultSocialIconPack","~/c/bs-loaders","~/c/bs-index2","~/c/bs-index","~/c/bs-overlayTypes"],(function(e,t,r,o,a,l,n,i,s,d){"use strict";const{colorPackCategories:g,buttons:h}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,{LIGHT:m,LIGHT_ALT:c,LIGHT_COLORFUL:u,DARK:p,DARK_ALT:b,DARK_COLORFUL:y,COLORFUL:f}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants.paintJobs,S={[d.F]:"accent-overlay",[d.b]:"accent-overlay",[d.I]:"category-alt-solid",[d.B]:"accent-overlay",[d.L]:"accent-overlay"},H={defaultHeaderTreatment:d.F,hasLegacy:!0,heroContentItems:["tagline","tagline2","cta"],nonHeroContentItems:["phone"],imageTreatments:S};var C={id:"layout18",name:"dawn",packs:{color:"000",font:"lato"},logo:{font:"primary"},packCategories:{color:g.NEUTRAL},headerProperties:{alignmentOption:"center"},header

Chrome Cache Entry: 134

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	242257
Entropy (8bit):	5.517949479561666
Encrypted:	false
SSDEEP:	3072:7u8xUu8gpdmSOvTdTK4Tn9TnatTn9TnApfeVH0pdmSO3iTIT7JlDnDQj3jPGIXSQ:Y3A/6hbCxJFxKhUc
MD5:	55BAF821A59FAD53AA754C85AE19D0EA
SHA1:	B1662F5F5B119836E5E9C91C5E4A448BCD6CCC6D
SHA-256:	D26724E378F16CC4135849CCABF5A1BA738C3F4BA952950ACB34E73F24869E83
SHA-512:	791B8AA2E321324B55731B5F69239F86A0602F19FEB833BFC492D525EA132BC23D1C6A3907957992C655742F38AEDD7819A585E6B7A7F3C68126E0DC739DFC1B
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-55bc27af.js
Preview:	define("@widget/LAYOUT/c/bs-index3-55bc27af.js",["radpack","exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-overlayTypes","~/c/bs-index2","~/c/bs-index","~/c/bs-dataAids","@wsb/guac-widget-shared@^1/lib/components/ColorSwatch","@wsb/guac-widget-shared@^1/lib/components/Carousel","~/c/bs-navigationDrawer","~/c/bs-searchFormLocations"],(function(e,t,a,r,o,l,n,i,c,s,g){"use strict";class p extends((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.utils.createElement("Background")){}a._(p,"propTypes",{className:(global.PropTypes\|\|guac["prop-types"]).string,backgroundSize:(global.PropTypes\|\|guac["prop-types"]).string,backgroundPosition:(global.PropTypes\|\|guac["prop-types"]).string,style:(global.PropTypes\|\|guac["prop-types"]).object,imageData:(global.PropTypes\|\|guac["prop-types"]).object,mobileWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,desktopWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,blur:(global.PropTypes\|\|guac["prop-types"]).bool}),a._(p,"defaultPr

Chrome Cache Entry: 135

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	15406
Entropy (8bit):	5.982376326439098
Encrypted:	false
SSDEEP:	384:/NsjPtQsR9HhPn094yWl4lnesLVWv8rHe1iTq77QOfUCAyC/kv:/sXBNnGW6e1i4pfb
MD5:	86B494B6021E3B7AA230A366D3BA6030
SHA1:	29F041F9151C3CA13C7F5860C1492D6D71679D88
SHA-256:	1B44BDFBD79AE9EADE44837099E58405C65EE88408AC725DA7D9004F6A75DDAD
SHA-512:	3B7C4BFA70C5B78042FDA0870BBEAEBAA676A0029C0D4CC35A3E6E92DCEBBED13A703C71330B117F3C73B2225A52F4B66A0FD476D07CF22B098F8F59009AA12D
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/6c9480da-79f2-4174-a78f-28264f5073ae/favicon/15a893e6-7bc1-4d71-a78b-84864f06a062.ico
Preview:	............ .h...6... .... .(.......00.... .h&......(....... ..... ..........................i...p.2.f...@........................Q.........`...q...p.2!r.^#u..#t..!s.F..m.......T[e.T\e.dlx......#s.\|#t.#u..#u.."u.$u..%v..$s..)i..O...r.....%...!.;HX.r...8v..$l..$u..%v..$v..#u..$u..$t..%j..&a..!s.. ~...w...x...z.. {..$j..&a..$q..$u..$u.. ~.. ~.. }.. x.. x...........................{.. w.. z.. ~.. ~...................~..!x..&m..........!w..'n.. \|.................................#m..(]..*[...}......#o..,W..&c.. y...............~.E.........}..$k..%k..%m...~......!u..%l..%j.."q...............>x..N...a...t..!u..$t..$v..........!{..%u..#s...w...l...X...E...<u..=t..<s..=w..D...^..#t.......... \|.."n...O...A}..<t..<t..=u..=u..>v..>v..=u..=t..=v..X...........u...G...<t..=u..=u..>v..>v..<v..>v..>v..=u..=u..=v..X...........v...F...<t..=u..>v..>v..>v..=u..>v..=u..<t..A...`.. \|..............!r...Q...=u..=u..>u..>v..=v..=u..<t..K.."l..#v..................!{..%u...^...A}..<t..=u..<t..>y..W

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (63425)
Category:	downloaded
Size (bytes):	315045
Entropy (8bit):	5.470972207090544
Encrypted:	false
SSDEEP:	3072:7aOD2q1BSK7x5jfw71nUNdFIh0qrMdB8pbKQJaZkNeQHUC5SIui/+a:Wzq1Bzc71UNhqrMgpbLaZkNfHHWa
MD5:	D8A1FE8B9FD01233B8A030EA79C21DF0
SHA1:	1B2B4474F72FCEE56977101E7C85A8201F730903
SHA-256:	91DEC32BF6596B875CDEB8C7BFFC8B5029A870657D3D7C790E8939F17E24DC20
SHA-512:	C15DBBD27873E22558239D6671B7FA05107A348D44BEC9CD560B8AA6D443D4A86BBBC38FC6F2C18E4D4C82852741B7C995E3E80A1E95B04A0D2DBDA12DCB6F0F
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.10.js
Preview:	var Core=function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/",n(n.s=68)}([fun

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (330)
Category:	downloaded
Size (bytes):	390
Entropy (8bit):	5.206764812811324
Encrypted:	false
SSDEEP:	6:F9o8fAX7s4Bszv4yA5FKJyR8aBzzNWLc3oqcqAdfFwC6emGHr9EJiKWayfAX7A:HGs4Bkv4yA5sy+go9Hf+eTHr+pWOA
MD5:	C86B7F8224FA45FB1682AC94D8F75AC6
SHA1:	9561F67AAE74B14702DB79C22F9C7F9E6F3B3239
SHA-256:	010083B88E95F18CEFDB90796ACCE02073E91FC8DFEFB27A7F5F3F75529E4906
SHA-512:	B239BAC43D973D0076F4E0C0720906560B0AED76472F50202841B2EABB66C5AD5774E35449007AA2DC3E6A096330AB14D1AA9374645136C89A20B45E4BBDBC52
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js
Preview:	define("@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js",["exports","~/c/_commonjsHelpers"],(function(e,o){"use strict";var t=o.c((function(e){e.exports=function(e){return e&&e.__esModule?e:{default:e}},e.exports.__esModule=!0,e.exports.default=e.exports}));e.i=t})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=interopRequireDefault-c83974f7.js.map.

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	266
Entropy (8bit):	5.182741116673583
Encrypted:	false
SSDEEP:	6:F9oNS2BSyRbWsCJwvYtMe1mGHr9EJiKWaO6SZF:HgS2BSyEsCJB1THr+pWIS7
MD5:	8578A331AD09BB2EF6359FEC3916BEFC
SHA1:	38B68F5C02CBDB6E29C50F8858710E0392B0B8D6
SHA-256:	3D7E7552E3801941A408C504AA732223FE2BED5D12E248680847D772182CB639
SHA-512:	B034DDDA04F8DEE0D174651D13A89AF9FE5ED28E1E81FAB229AFA119B9B0A9C418E324FFCE28E909D8D596BEAE98FA1AC0BA09C74E7E7689B945C032088C5E18
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js",["exports"],(function(e){"use strict";const n=global.React\|\|guac.react;e._=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_react_commonjs-external-a1351e34.js.map.

Chrome Cache Entry: 139

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3283)
Category:	downloaded
Size (bytes):	3345
Entropy (8bit):	5.205184210840741
Encrypted:	false
SSDEEP:	96:Pdi5dgr2G2tvdbGZd1hdTrdEdEidKH5bKsaqexOAvHeMbMh:lSFkpNO1K5bja/reF
MD5:	1E4C3172663AD2ACC0CEC9723E93D39F
SHA1:	1610B980BB81B4A4330399C81A4B23A78A70C42B
SHA-256:	F23EC23F7792FF56FB516E06280BED56D3A80D1CFD8D48F22C2B1F93CA69F0D5
SHA-512:	B96520A05B04CB55617B582A9458E3AE547AD953D0B0FE3F573B5CE1F55AB1B92A5356C0E5575A2596B59365C24F9E5A1A1FB1ABC17B8E6E331A1DC0B3F7ACBF
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-FlyoutMenu-Component-229d1624.js
Preview:	define("@widget/LAYOUT/bs-FlyoutMenu-Component-229d1624.js",["exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-Toggle","~/c/bs-index2"],(function(e,o,t,p){"use strict";var a={toggleId:(global.PropTypes\|\|guac["prop-types"]).string.isRequired,activeProps:(global.PropTypes\|\|guac["prop-types"]).object,label:(global.PropTypes\|\|guac["prop-types"]).string.isRequired,renderCustomIcon:(global.PropTypes\|\|guac["prop-types"]).object,renderCustomContent:(global.PropTypes\|\|guac["prop-types"]).oneOfType([(global.PropTypes\|\|guac["prop-types"]).bool,(global.PropTypes\|\|guac["prop-types"]).element,(global.PropTypes\|\|guac["prop-types"]).node]),id:(global.PropTypes\|\|guac["prop-types"]).string,isActive:(global.PropTypes\|\|guac["prop-types"]).bool,enableNoOverlapDropdown:(global.PropTypes\|\|guac["prop-types"]).bool,widgetId:(global.PropTypes\|\|guac["prop-types"]).string,overrideIconStyle:(global.PropTypes\|\|guac["prop-types"]).object,dataAid:(global.PropTypes\|\|guac["prop-types"]).string,hasHover:(global.PropT

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3043)
Category:	dropped
Size (bytes):	3092
Entropy (8bit):	5.221416224205306
Encrypted:	false
SSDEEP:	96:/NSXU/vuELNSXtiF7ANSXTJrrBNSXt7X5wqh:VcKncc7ycd3cd5w8
MD5:	852CBC5322260E00B44F2C682F88B2C7
SHA1:	BCAF229E6134F43EB5F974C9891E4D16FAF1D344
SHA-256:	BAE437DBEFE58377D88C9D579DB7C59F4202F3FBF88866D0005FB375BE6B2CD7
SHA-512:	F031B43F7FA0DA001F71DDCFFE5E322A94C5F1F52F7C4D67D34880243D9D361AC55C0E5001DD004390867CB31E5DEF5D4D9282E6E2ECB9AEC0E880AA5B786BA3
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-loaders-fffeeba5.js",["exports","~/c/bs-index3"],(function(e,a){"use strict";e.B=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).createElement((global.React\|\|guac.react).Fragment,null,(global.React\|\|guac.react).createElement(c,{viewBox:"0 0 44 44",width:"3em",height:"3em",fill:"currentColor"},(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M31.968 23H12.032c-.57 0-1.032-.448-1.032-1 0-.553.462-1 1.032-1h19.936c.57 0 1.032.447 1.032 1 0 .552-.462 1-1.032 1"})),(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX.Style,null,a.k.loaderBalance)),style:{"> svg":{animation:"balance 1s infinite cubic-bezier(.62,.06,.33,.79);",transformOrigin:"center"}}},e)},e.C=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).crea

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21556)
Category:	dropped
Size (bytes):	21592
Entropy (8bit):	5.118279269599776
Encrypted:	false
SSDEEP:	384:/z+lhnKuowsx9pGxw57yty3eOHenS934osy:JioFP934Y
MD5:	1C56940A864F144FAE2EB40EE952CB94
SHA1:	EBFC754CE962A1F9025853F2995B3987F0383D87
SHA-256:	3C37A4AA3CF6AAAE6921A4B750C0E4F81FD338D6878BE90B0FAF2F921039CB23
SHA-512:	AEF4B08A01D56BD8855653499B375DB11D8FD7D67C4BCDC74323236BADC47B70DDFEDC14CE89828736C63FFE147BF71C14311580296D41B59F11A3305993ADDD
Malicious:	false
Reputation:	low
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("tti",[],e):"object"==typeof exports?exports["tti"]=e():t["tti"]=e()}(window,function(){return n=[function(t,e){var n=function(){return this}();try{n=n\|\|Function("return this")()}catch(t){"object"==typeof window&&(n=window)}t.exports=n},function(t,e,n){"use strict";e.__esModule=!0,e.setCustomProperties=e._sendWebVitalsData=e._collectVitals=e.calculateTTI=void 0,n(2);function i(){0<s.timeToInteractive&&setTimeout(function(){window._expDataLayer=window._expDataLayer\|\|[],window._expDataLayer.push({schema:"add_perf",version:"v1",data:window._tccInternal?{type:"pageperf",properties:s,custom_properties:c}:{timing_object:s,is_hard_navigation:!0,custom_properties:c}})},0)}function r(){var t,e,n=(r=0<arguments.length&&void 0!==arguments[0]?arguments[0]:{}).name,r=r.value;s[n]="CLS"===n?r:Math.round(r),"timeToInteractive"===n&&(s.hasOwnProperty("FID")?i():(t=0,e=setInt

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (330)
Category:	dropped
Size (bytes):	390
Entropy (8bit):	5.206764812811324
Encrypted:	false
SSDEEP:	6:F9o8fAX7s4Bszv4yA5FKJyR8aBzzNWLc3oqcqAdfFwC6emGHr9EJiKWayfAX7A:HGs4Bkv4yA5sy+go9Hf+eTHr+pWOA
MD5:	C86B7F8224FA45FB1682AC94D8F75AC6
SHA1:	9561F67AAE74B14702DB79C22F9C7F9E6F3B3239
SHA-256:	010083B88E95F18CEFDB90796ACCE02073E91FC8DFEFB27A7F5F3F75529E4906
SHA-512:	B239BAC43D973D0076F4E0C0720906560B0AED76472F50202841B2EABB66C5AD5774E35449007AA2DC3E6A096330AB14D1AA9374645136C89A20B45E4BBDBC52
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js",["exports","~/c/_commonjsHelpers"],(function(e,o){"use strict";var t=o.c((function(e){e.exports=function(e){return e&&e.__esModule?e:{default:e}},e.exports.__esModule=!0,e.exports.default=e.exports}));e.i=t})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=interopRequireDefault-c83974f7.js.map.

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (516)
Category:	dropped
Size (bytes):	583
Entropy (8bit):	5.275794886448015
Encrypted:	false
SSDEEP:	12:csTLaBSyTUXaPXAbDTc/NeL2QiTj+RVnIYQ2ofXgYFw1THr+pWT0Lv:cTBLTUXaPXAPTc/tTj+Hn/Q2CQYytHrI
MD5:	0D42FFB998A9CF7C25824CF365C7D0C9
SHA1:	7A95B87AC3B0C813F195EA46EFB9E792023EAFBE
SHA-256:	3418AA0FB5D19C3909DD89CCF081C9B59EBAD2A0334EED58373ED395D228487A
SHA-512:	EE2711CED0E8936C0DDAE9CFBE1FFAFABF56766C4611DC5B68C50919EDFC6CD1F3C850A0599ED107E8F6555D54BB46B3395B957A74697BEA2A749814C270C0FD
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-e83be766.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e},e.a=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-_rollupPluginBabelHelpers-e83be766.js.map.

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2368)
Category:	downloaded
Size (bytes):	2416
Entropy (8bit):	5.220048787531057
Encrypted:	false
SSDEEP:	48:UfRV3dTEDPoRidiLEjTyAmzl584CC6zS72F7vNXuCyjSdad6f2vNdbTrID:iRXE7ocQLlWSwSQL5uCyjSdad82vNdb6
MD5:	ABFD2ADA44521989F7C040FC3EAEF6C9
SHA1:	D682B5CAAD4C1C839262A6D03CAFB95E0AF64A21
SHA-256:	3F2536BBC0A15193347F2D6DD1F4E8BEFE2E221DF5C4FF99FDA6BD18C428C857
SHA-512:	89CF1F0AD4AB25C95221F043FAC57CADE9F620F20EDEC099BA84288808C6589522E8F3FD3BE9DD4CC26141511B98C2FA27F2780DA3551D1755BF25C5ACE9BA80
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-Toggle-37f740c7.js
Preview:	define("@widget/LAYOUT/c/bs-Toggle-37f740c7.js",["exports","~/c/bs-_rollupPluginBabelHelpers"],(function(e,t){"use strict";function o(e,t,o){let s=e;for(;s;){const e=s.getAttribute&&s.getAttribute(t);if(e&&(void 0===o\|\|e===o))return!0;s=s.parentNode}return!1}function s(e,t){return o(e,"id",t)}class l extends(global.React\|\|guac.react).Component{constructor(){super(...arguments),this.handleClick=this.handleClick.bind(this),this.handleToggle=this.handleToggle.bind(this),this._id=(global._\|\|guac.lodash).uniqueId(),this.state={open:!1}}componentDidMount(){this._link=(global.ReactDOM\|\|guac["react-dom"]).findDOMNode(this),document.addEventListener("click",this.handleClick,{capture:!0})}componentWillUnmount(){document.removeEventListener("click",this.handleClick,{capture:!0})}shouldClose(e){const{closeAttr:t,ignoreCloseAttr:l,closeOnOutsideClick:n,toggleId:i}=this.props;let a=!0;return t?a=o(e.target,t):l&&(a=!o(e.target,l)),!a&&i&&n&&(a=!s(e.target,i)),a&&!s(e.target,this._id)}handleClick(e){

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1875)
Category:	downloaded
Size (bytes):	1935
Entropy (8bit):	5.308478233131919
Encrypted:	false
SSDEEP:	48:UTVqI1xGzgB7gBfYRN0a0qMoAua0pqAddrIt:0VqQzMfYR2xFua0pqAddE
MD5:	42A956F14F8E89C314FA201AB5FC9388
SHA1:	67651220687C3869FD6FAB960AE4B3CA53776E2F
SHA-256:	A9D6036466352258F71ADF94E2EB6DA8F9BEEE5FCBC73351180D1C8331D53949
SHA-512:	0A1F46367A7FB882029086B50A385439EA31D49F3C44C67B0BD77A4782970F174DB85791E5CEC60466322E2451D5F697163ADED5691DB224114381F8D8ACF763
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-LinkAwareComponent-84648e01.js
Preview:	define("@widget/LAYOUT/bs-LinkAwareComponent-84648e01.js",["exports","~/bs-FlyoutMenu-Component","~/c/bs-_rollupPluginBabelHelpers"],(function(e,t,o){"use strict";const{PUBLISH:n}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants.renderModes;var i,s,r,a=(i=t.default,s=class extends(global.React\|\|guac.react).Component{constructor(){super(...arguments),this.checkActiveLink=this.checkActiveLink.bind(this),this.state={isActive:!1}}componentDidMount(){const{toggleId:e}=this.props;this.moreDropdownElement=document.getElementById(e),this.moreDropdownElement&&(this.checkActiveLink(),window.addEventListener("NavItemsResized",this.checkActiveLink,{passive:!0}))}componentWillUnmount(){this.moreDropdownElement&&window.removeEventListener("NavItemsResized",this.checkActiveLink,{passive:!0})}checkActiveLink(){const{renderMode:e}=this.props;window.requestAnimationFrame((()=>{var t;let o=!1;const i=this.moreDropdownElement.querySelector('[data-ux="NavLinkActive"]')\|\|this.moreDropdownElement.query

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3043)
Category:	downloaded
Size (bytes):	3092
Entropy (8bit):	5.221416224205306
Encrypted:	false
SSDEEP:	96:/NSXU/vuELNSXtiF7ANSXTJrrBNSXt7X5wqh:VcKncc7ycd3cd5w8
MD5:	852CBC5322260E00B44F2C682F88B2C7
SHA1:	BCAF229E6134F43EB5F974C9891E4D16FAF1D344
SHA-256:	BAE437DBEFE58377D88C9D579DB7C59F4202F3FBF88866D0005FB375BE6B2CD7
SHA-512:	F031B43F7FA0DA001F71DDCFFE5E322A94C5F1F52F7C4D67D34880243D9D361AC55C0E5001DD004390867CB31E5DEF5D4D9282E6E2ECB9AEC0E880AA5B786BA3
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-fffeeba5.js
Preview:	define("@widget/LAYOUT/c/bs-loaders-fffeeba5.js",["exports","~/c/bs-index3"],(function(e,a){"use strict";e.B=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).createElement((global.React\|\|guac.react).Fragment,null,(global.React\|\|guac.react).createElement(c,{viewBox:"0 0 44 44",width:"3em",height:"3em",fill:"currentColor"},(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M31.968 23H12.032c-.57 0-1.032-.448-1.032-1 0-.553.462-1 1.032-1h19.936c.57 0 1.032.447 1.032 1 0 .552-.462 1-1.032 1"})),(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX.Style,null,a.k.loaderBalance)),style:{"> svg":{animation:"balance 1s infinite cubic-bezier(.62,.06,.33,.79);",transformOrigin:"center"}}},e)},e.C=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).crea

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (51853)
Category:	dropped
Size (bytes):	60918
Entropy (8bit):	5.352568683747888
Encrypted:	false
SSDEEP:	768:RfLoCGFoLHT8vvw4xUC/ib7V/Kc5EVou19RA/LkIT8OTGLOumJ66KzWmzpEP2szU:Ij19RqD8OvumJ66KzxFEP2szmOM
MD5:	08534C5959CB096A08F8DD2FA47C2386
SHA1:	083CAD88A2B6937D5F53F7774107FA399959AB13
SHA-256:	8CAE8493F9F805B47C5D3E807518D91F4FC1A0A4A57C696791A8126C7FED88B1
SHA-512:	93D317EB7C4316E98C5D4EF4D27EEC20FEAC01C8B8D564451BC6D3FD0927019DE75BE5F9C3ABC99D0EEC2E6F275E1FB013F21913ABF9B1095874D5607C9E71C6
Malicious:	false
Reputation:	low
Preview:	navigator&&navigator.connection&&(window.networkInfo=navigator.connection,navigator.connection.addEventListener&&navigator.connection.addEventListener("change",({target:n})=>window.networkInfo=n));.const imageObserver=new IntersectionObserver((e,r)=>{var a=e=>{if(e.hasAttribute("data-lazyimg")){var t=e.getAttribute("data-srclazy");let o=e.getAttribute("data-srcsetlazy")\|\|"";if(t&&(e.src=t),o&&window.networkInfo){var n=window.networkInfo.downlink;const r=[{min:0,max:5,regex:/(.?(?=, ))/,qMod:!0},{min:5,max:8,regex:/(.2x)/}];r.forEach(({min:e,max:t,regex:r,qMod:a})=>{e<=n&&n<t&&(r=o.match(r),o=(r&&r.length?r[0]:o)+(a?"/qt=q:"+Math.round((n-e)/(t-e)*100):""))})}e.srcset=o,e.removeAttribute("sizes"),e.removeAttribute("data-lazyimg"),e.removeAttribute("data-srclazy"),e.removeAttribute("data-srcsetlazy")}};e.forEach(e=>{if(e.isIntersecting){const t=e.target;window.networkInfo&&0===window.networkInfo.downlink\|\|([t].concat(Array.from(t.querySelectorAll("[data-lazyimg]"))).forEach(a),r.unobse

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	221
Entropy (8bit):	5.32955468303281
Encrypted:	false
SSDEEP:	6:FSPD8WUDDSBSyFbNemGHr9EJiKWaEwI8WUDDn:c5UDGBSyCTHr+pWTwGUDr
MD5:	8F12765EB30FBDCFCDC116D13F7FC272
SHA1:	506E45B7D3930756EACCE0DAD449A3C8CDB3EAC6
SHA-256:	265995EB76326E95613750F6F6570B850F5C22280D262DE9B9632A16CEB98B9B
SHA-512:	7AA2F396B105BCCF2B943FD2AC60929D8BF3A0EB8574B77451CB29816DF8ACDCD07694B526D7E4585F849DFDA3A0FE6E95661179E13F682DBF54098D98154BFB
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js",["exports"],(function(i){"use strict";i.N="-249vw"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-navigationDrawer-27f5f1f5.js.map.

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1211)
Category:	downloaded
Size (bytes):	1261
Entropy (8bit):	5.340315611373646
Encrypted:	false
SSDEEP:	24:/BLEQuC0F6lq5lEYwy5WqogVeESgVeId4PXsHrIW:Z4jFYq5lpwW7vdd4PXgrIW
MD5:	CB9BFA0FBDD957FBE7F4841B70341DB2
SHA1:	9CAD12A3580D3E4D340CB867E88B687C75564C5A
SHA-256:	513864FD4EBD1926F3E1E78B436A90C2BC3A5D16835B50415E7B318D7DEEC2A2
SHA-512:	DF98C3262F64DA4EA9CACF75FF7CB685D71B69142D89F726AB3E13CF6F25432DC395D7C0950E1632F0E519F135B02FDA0753739189E51F1C9210ACA6692551DD
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js
Preview:	define("@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js",["exports"],(function(e){"use strict";const o=e=>{let{color:o,isActive:t,inStock:r,isSmall:l}=e;const a=r\|\|void 0===r,c=l?"24px":"38px",n=l?"20px":"32px",i={borderRadius:"50%",borderWidth:"1px",borderStyle:"solid"},s={outer:{...i,display:"flex",alignItems:"center",justifyContent:"center",width:c,height:c,borderColor:t?"lowContrast":"transparent"},inner:{...i,borderColor:"ultraLowContrast",color:"ultraLowContrast",width:n,height:n,background:a?o:`linear-gradient(to left top, ${o} calc(50% - 1px), currentColor, ${o} calc(50% + 1px) )`}};return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.outer},(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.inner}))};o.propTypes={color:(global.PropTypes\|\|guac["prop-types"]).string.isRequired,isActive:(global.PropTypes\|\|guac["prop-types"]).bool,inStock:(

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (829)
Category:	dropped
Size (bytes):	876
Entropy (8bit):	5.561256771975726
Encrypted:	false
SSDEEP:	24:cEBLv5pqMIuHMnH7cmo17Jv0ySaUKdei9hJQE2HrIYpb:f75pqaowmWJcySaUKdTfcrIC
MD5:	9219CF782ED219BD3929A51E99503BC2
SHA1:	6AAC399854EC0405949566FAFDCA8C121F0CDA58
SHA-256:	89388608D7BCECED5AD74231681FFCE822AD580ACB9FD7E492970176E3E38347
SHA-512:	D421851026422D46E1561FA852084CE7B41E32C7451DCF85900838265D330F09389DA18F4D8A5FAF3E0A4076508BA7E93EA9C5F8B5B32ACF32205C9B6E65E709
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-index-4e26cd6b.js",["exports"],(function(o){"use strict";const{widgetTypes:e,colorPackCategories:t,themeConstants:n,buttons:l}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,s=(global.keyMirror\|\|guac.keymirror)({NONE:null,SMALL_UNDERLINE:null,FULL_UNDERLINE:null,INLINE:null}),i=24,r=n.DEFAULT_OVERLAY_TEXT_SHADOW,a={about4:i,introduction5:i,content5:i,ordering1:i,payment2:i,zillow1:i,reviews1:i,rss1:i,subscribe3:i,mlsSearch1:i,contact10:i,countdown1:i,quote1:i},c={spotlight:{fill:l.fills.SOLID},external:{fill:l.fills.NONE,decoration:l.decorations.NONE,shadow:l.shadows.NONE}};o.A="365px",o.B="24px",o.C=c,o.D=25,o.I=28,o.M=40,o.O="0px 2px 10px rgba(0, 0, 0, 0.3)",o.S=40,o.W={about1:!0},o.a=r,o.b="18px",o.c=a,o.d="600px",o.e=t,o.s=s})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-index-4e26cd6b.js.map.

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23126)
Category:	dropped
Size (bytes):	23189
Entropy (8bit):	4.539345073526186
Encrypted:	false
SSDEEP:	384:7UuK/6kvTqLYddu4bV/yiAhSs1hiAhAiSeG3dvBRU+SMkc6e:QuJ5wI45/c1+ipG3TJSMkU
MD5:	3D092EF4ABA019B14F01C40747E40554
SHA1:	1C26145272FCF4CA91AF501288CCE84B1BFFD38B
SHA-256:	B4C48B77BBE6BBACF7D16BDAA81F5509FB8EA0FBFDDFBF2D12307F7A88518846
SHA-512:	F7180D3D98CF17556E27D62EF719DD9E35041679BAB74BD49BD898EB0FB62018EF6C6B64D06E9E0CAC4A646154DB93A1D35096B098DDCFF7B02CD6889A29DA0A
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-defaultSocialIconPack-91835b99.js",["exports"],(function(a){"use strict";const e=(global.React\|\|guac.react).createElement("path",{d:"M12 2C6.477 2 2 6.477 2 12s4.477 10 10 10 10-4.477 10-10A10 10 0 0 0 12 2zM7.055 13.745a.97.97 0 0 1-.073-.509l.182-2.072a.687.687 0 0 1 .29-.364c.182-.11.582.036.582.036l2.619 1.31s.4.181.4.509c-.037.436-.219.436-.364.509l-3.055.654s-.436.146-.581-.073zm4.945.473l-.036 3.018s.036.437-.219.51c-.144.02-.291.02-.436 0l-2.036-.655a.6.6 0 0 1-.291-.364c-.073-.218.182-.545.182-.545l2.036-2.255s.327-.29.582-.145c.254.145.254.436.218.436zm-.364-3.236a.687.687 0 0 1-.581-.182l-2.51-3.418s-.363-.4-.181-.691a.64.64 0 0 1 .363-.291l2.4-.873c.11-.036.218-.145.582.073.255.145.291.655.291.655l.036 4.145s-.072.51-.4.582zm1.419.582l1.636-2.582s.145-.364.436-.327c.152.002.29.085.364.218l1.382 1.636a.676.676 0 0 1 .072.473c-.072.218-.472.363-.472.363l-2.91.837s-.4.073-.545-.182c-.145-.255 0-.51.037-.436zm3.781 3.309L15.6 16.655a.815.815 0 0 1-.4

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (20947)
Category:	dropped
Size (bytes):	24399
Entropy (8bit):	5.2375624098374
Encrypted:	false
SSDEEP:	384:UNoz5VHqeg0VzpiyiwffnnPacVorjFtteVT36FCLCpKe9plq2D:ME5qeg0Rp8wffnPVEjFtteEFiSbbl3D
MD5:	753CB19EE1A756E46FAA0F118B1B4E01
SHA1:	248885E3BFE7E71989BA9FFFB33B6EFF18166FEC
SHA-256:	ED9FFA2FBA5ECC75AF2F99E6EBADD5B927086F258037C2A848E94449CC579991
SHA-512:	4482C4D5F2F93DE8E095C549994A7783FA55CD1A6C4C9CC5E697CC2E2F00C98B04D5CB958CC1ADC4D0EF67F300BE014E112AE1D992487F40EB25BC93E8B47AAA
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js",["exports","~/c/_rollupPluginBabelHelpers","~/c/_commonjsHelpers","~/c/interopRequireDefault","~/c/_react_commonjs-external"],(function(e,t,n,i,r){"use strict";var s=n.c((function(e){function t(n){return e.exports=t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e.exports.__esModule=!0,e.exports.default=e.exports,t(n)}e.exports=t,e.exports.__esModule=!0,e.exports.default=e.exports})),o=n.c((function(e){var t=s.default;function n(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,i=new WeakMap;return(n=function(e){return e?i:t})(e)}e.exports=function(e,i){if(!i&&e&&e.__esModule)return e;if(null===e\|\|"object"!==t(e)&&"function"!=typeof e)return{default:e};var r=n(i);if(r&&r.has(e))return r.get(e);var s={},o=Object.defineProperty&&Object.getOwnPropertyDescr

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
URL:	https://events.api.secureserver.net/t/1/tl/event?dh=meittaammasskei-loogge.godaddysites.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=1.0.1&vg=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda&vtg=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda&dp=%2F&trace_id=23e6e90a47474fd9899e698682639d00&cts=2025-01-12T00%3A45%3A19.524Z&hit_id=81dab3ff-b698-4f42-9445-7352808f40cf&ea=click&ht=pageevent&eid=ux2.COOKIE_BANNER.cookie1.Group.Default.Button.Primary.22905.click&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%226c9480da-79f2-4174-a78f-28264f5073ae%22%2C%22pd%22%3A%222022-12-12T11%3A17%3A16.458Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout18%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&ap=IPv2&vci=1440687707&z=1225092936
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Category:	downloaded
Size (bytes):	23580
Entropy (8bit):	7.990537110832721
Encrypted:	true
SSDEEP:	384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK
MD5:	E1B3B5908C9CF23DFB2B9C52B9A023AB
SHA1:	FCD4136085F2A03481D9958CC6793A5ED98E714C
SHA-256:	918B7DC3E2E2D015C16CE08B57BCB64D2253BAFC1707658F361E72865498E537
SHA-512:	B2DA7EF768385707AFED62CA1F178EFC6AA14519762E3F270129B3AFEE4D3782CB991E6FA66B3B08A2F81FF7CABA0B4C34C726D952198B2AC4A784B36EB2A828
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Preview:	wOF2......\........,..[...........................z.p.`..D....e........]..B..6.$..v. .....E.K...5c[R..V.Vr!.....$....@n..P.....'%.1....."A...#H:.T.6.JL.7.g..7..x....N"..,h....R3..u.T..A.._O..f=Mu.e.....0.c.0.FV.q....m;8..J.t.-.%."......&..2...!\....n..]Lx..:......S/F.V.rf%..#.Uk}....X.1n..V.\|.O..aC ."...#..>..n.... $;.....y.5..\|>...;@..Q.D........FT...r=p.Llf...J.3..{Z.. t]Rp.N..Z..7"B..,D.0s..."o..V<...#.N.WZ...m.\......Pb....#:z...B......~w.....J.ABQ.u<.8j..m..r2.....Aq.fNY...P..c.L+......v.n..yV.w......l......H...,..2.."v.......R.V.[...s......@..L....CS..'....Z.2..o......).4.H{C.%..?.%^...#.A.]..[....._&.[~1..j.P..`.......=......[.D7h..5...s......d'.....,....?...6.;....f..(M.CV.....R..q.c.....4.6.k.V.h/..........H..?u..!mq5...9@..0YA9.M..:..reS.;._......K...\..S.^.2..Fv.l~'l..U.TN....OXv..]..`.X1w.4E.t%a...2!.c.R.............t.'Hc...2.8...K.w..p@..T..RZ.@..)}..'+.7s1..... . -.....E7<...C.J.D....Iw-...u...m.K.\e..>..*....7y\|{........G..d13g].t.%.y<..

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (522)
Category:	downloaded
Size (bytes):	586
Entropy (8bit):	5.2378887904744955
Encrypted:	false
SSDEEP:	12:H/QL7ANBSyTUXaPXAbDTc/NeL2QiTj+RVngQ2ofXgYhMYTHr+pWgL7AO:cANBLTUXaPXAPTc/tTj+HngQ2CQY/HrQ
MD5:	FADB3719FFA2A9E96CDC64FFEA0220FA
SHA1:	B9B00833E59E99ECE036B518D8429AF5EFEC1163
SHA-256:	E8A5463FF98210D3017DEEE55D5A287AD01AAA11DBE7DEB7D07F7D15D7F609F2
SHA-512:	C6E3581F7676B3204BC0FC8D4DCCF5A383FDE6F17A27D2F855EBEE3D205459BD9866A219808EAB1D4D4B37676D13B516AF546C7125C3FFA22CA74B995A180644
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js
Preview:	define("@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=n,e.a=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_rollupPluginBabelHelpers-8ce54c82.js.map.

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (51853)
Category:	downloaded
Size (bytes):	60918
Entropy (8bit):	5.352568683747888
Encrypted:	false
SSDEEP:	768:RfLoCGFoLHT8vvw4xUC/ib7V/Kc5EVou19RA/LkIT8OTGLOumJ66KzWmzpEP2szU:Ij19RqD8OvumJ66KzxFEP2szmOM
MD5:	08534C5959CB096A08F8DD2FA47C2386
SHA1:	083CAD88A2B6937D5F53F7774107FA399959AB13
SHA-256:	8CAE8493F9F805B47C5D3E807518D91F4FC1A0A4A57C696791A8126C7FED88B1
SHA-512:	93D317EB7C4316E98C5D4EF4D27EEC20FEAC01C8B8D564451BC6D3FD0927019DE75BE5F9C3ABC99D0EEC2E6F275E1FB013F21913ABF9B1095874D5607C9E71C6
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/6c9480da-79f2-4174-a78f-28264f5073ae/gpub/bd97f00c7dd57dd0/script.js
Preview:	navigator&&navigator.connection&&(window.networkInfo=navigator.connection,navigator.connection.addEventListener&&navigator.connection.addEventListener("change",({target:n})=>window.networkInfo=n));.const imageObserver=new IntersectionObserver((e,r)=>{var a=e=>{if(e.hasAttribute("data-lazyimg")){var t=e.getAttribute("data-srclazy");let o=e.getAttribute("data-srcsetlazy")\|\|"";if(t&&(e.src=t),o&&window.networkInfo){var n=window.networkInfo.downlink;const r=[{min:0,max:5,regex:/(.?(?=, ))/,qMod:!0},{min:5,max:8,regex:/(.2x)/}];r.forEach(({min:e,max:t,regex:r,qMod:a})=>{e<=n&&n<t&&(r=o.match(r),o=(r&&r.length?r[0]:o)+(a?"/qt=q:"+Math.round((n-e)/(t-e)*100):""))})}e.srcset=o,e.removeAttribute("sizes"),e.removeAttribute("data-lazyimg"),e.removeAttribute("data-srclazy"),e.removeAttribute("data-srcsetlazy")}};e.forEach(e=>{if(e.isIntersecting){const t=e.target;window.networkInfo&&0===window.networkInfo.downlink\|\|([t].concat(Array.from(t.querySelectorAll("[data-lazyimg]"))).forEach(a),r.unobse

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13834)
Category:	downloaded
Size (bytes):	13891
Entropy (8bit):	4.645788246161265
Encrypted:	false
SSDEEP:	192:49+DrRmRAiyq602NNTV0afQQYrAJ9wzkENGWHl2JBpfodMjHJv8k9fopl1jn:4Bp49ykE8WQs2Vv8k9fGTjn
MD5:	C7B1DBB0EEF8600D5F57536998855E4D
SHA1:	03908243C34D5A373ACBA694EB16E30F088B4F7D
SHA-256:	53DA7DD341F1EF0C484A7B56A17D86669287DA5D082AAA8A0AF04FD3816B6631
SHA-512:	56EE4961F4C03A15C79252AD9C3CAD93573AC785881541EA32F83389996F4E8C074FBC397FF9F0B218121A3D8E1A9CEF101D088B4BCFB2353D6A311D5F60DCBA
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-modernThinRound-ced97fbd.js
Preview:	define("@widget/LAYOUT/c/bs-modernThinRound-ced97fbd.js",["exports"],(function(e){"use strict";const a=(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M5.643 19.241a.782.782 0 0 1-.634-.889c.317-2.142 1.62-4.188 3.525-5.244l.459-.254-.39-.352a4.89 4.89 0 0 1-.797-6.327 4.747 4.747 0 0 1 2.752-2.003 4.894 4.894 0 0 1 6.092 5.72c-.211 1.042-.802 1.97-1.59 2.683l-.308.28.459.253c1.876 1.04 3.185 3.131 3.53 5.26a.765.765 0 0 1-.742.883c-.367.005-.697-.25-.753-.613-.52-3.384-4.067-6.087-7.702-4.324-1.628.79-2.714 2.511-3.014 4.313a.76.76 0 0 1-.887.614zm2.873-10.36a3.36 3.36 0 0 0 3.356 3.355A3.36 3.36 0 0 0 15.23 8.88a3.361 3.361 0 0 0-3.358-3.357A3.36 3.36 0 0 0 8.516 8.88z"});var l={__proto__:null,account:a,person:a,magGlass:(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M19.504 18.461a.76.76 0 0 1 0 1.038.652.652 0 0 1-.956 0L15.2 15.993a6.142 6.142 0 0 1-3.83 1.353C7.858 17.346 5 14.353 5 10.673 5 6.994 7.858 4 11.371 4c3.513 0 6.371 2.994

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1824)
Category:	dropped
Size (bytes):	1874
Entropy (8bit):	4.934407477113311
Encrypted:	false
SSDEEP:	48:fCEX2kA83zdkJi1lvietWdcy0cy7mdOrxGfrIK:aE33zdkJiDvietWdR0R7mdOFYX
MD5:	EDC15AD5DAAC3CFA744BFFDB1E0174BE
SHA1:	E314A5CA702D0E77B2C2C023ADDADE266EA223B2
SHA-256:	3B54AEACFDA01BE53800632989A82F6F5A7F92E927159A37A4324B38D3DFFEF8
SHA-512:	8B8805D67FF993BD406EEB6682B1578537A3D6B7DC6711BE7152120689C77147D8C24351ACEBD2A06AE9B81D858EAED19C44E6792FE3C147EEAF3133C635589B
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-dataAids-6a839d53.js",["exports"],(function(E){"use strict";var R=(global.keyMirror\|\|guac.keymirror)({BACKGROUND_IMAGE_RENDERED:null,HAMBURGER_MENU_LINK:null,HEADER_WIDGET:null,HEADER_SECTION:null,HEADER_VIDEO:null,HEADER_VIDEO_EMBED_WRAPPER:null,HEADER_VIDEO_EMBED:null,HEADER_VIDEO_EMBED_INSET_POSTER:null,HEADER_VIDEO_EMBED_FILL_POSTER:null,HEADER_VIDEO_BACKGROUND:null,HEADER_SLIDESHOW:null,HEADER_SLIDE:null,HEADER_HERO_SLIDE:null,HEADER_PHONE_RENDERED:null,HEADER_PIPE_RENDERED:null,HEADER_ADDRESS_RENDERED:null,HEADER_LOGO_RENDERED:null,HEADER_LOGO_IMAGE_RENDERED:null,HEADER_LOGO_OVERHANG_CONTAINER:null,HEADER_LOGO_TEXT_RENDERED:null,HEADER_TAGLINE_RENDERED:null,HEADER_TAGLINE2_RENDERED:null,HEADER_NAV_RENDERED:null,HEADER_CTA_BTN:null,CART_ICON_RENDER:null,CART_ICON_COUNT:null,CART_ICON_PIPE:null,CART_TEXT:null,CART_DROPDOWN_RENDERED:null,SEARCH_FORM_RENDERED:null,SEARCH_ICON_RENDERED:null,SEARCH_ICON_RENDERED_OPEN:null,SEARCH_CLOSE_RENDERED:null,SEARCH_FI

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (829)
Category:	downloaded
Size (bytes):	876
Entropy (8bit):	5.561256771975726
Encrypted:	false
SSDEEP:	24:cEBLv5pqMIuHMnH7cmo17Jv0ySaUKdei9hJQE2HrIYpb:f75pqaowmWJcySaUKdTfcrIC
MD5:	9219CF782ED219BD3929A51E99503BC2
SHA1:	6AAC399854EC0405949566FAFDCA8C121F0CDA58
SHA-256:	89388608D7BCECED5AD74231681FFCE822AD580ACB9FD7E492970176E3E38347
SHA-512:	D421851026422D46E1561FA852084CE7B41E32C7451DCF85900838265D330F09389DA18F4D8A5FAF3E0A4076508BA7E93EA9C5F8B5B32ACF32205C9B6E65E709
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-4e26cd6b.js
Preview:	define("@widget/LAYOUT/c/bs-index-4e26cd6b.js",["exports"],(function(o){"use strict";const{widgetTypes:e,colorPackCategories:t,themeConstants:n,buttons:l}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,s=(global.keyMirror\|\|guac.keymirror)({NONE:null,SMALL_UNDERLINE:null,FULL_UNDERLINE:null,INLINE:null}),i=24,r=n.DEFAULT_OVERLAY_TEXT_SHADOW,a={about4:i,introduction5:i,content5:i,ordering1:i,payment2:i,zillow1:i,reviews1:i,rss1:i,subscribe3:i,mlsSearch1:i,contact10:i,countdown1:i,quote1:i},c={spotlight:{fill:l.fills.SOLID},external:{fill:l.fills.NONE,decoration:l.decorations.NONE,shadow:l.shadows.NONE}};o.A="365px",o.B="24px",o.C=c,o.D=25,o.I=28,o.M=40,o.O="0px 2px 10px rgba(0, 0, 0, 0.3)",o.S=40,o.W={about1:!0},o.a=r,o.b="18px",o.c=a,o.d="600px",o.e=t,o.s=s})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-index-4e26cd6b.js.map.

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	15406
Entropy (8bit):	5.982376326439098
Encrypted:	false
SSDEEP:	384:/NsjPtQsR9HhPn094yWl4lnesLVWv8rHe1iTq77QOfUCAyC/kv:/sXBNnGW6e1i4pfb
MD5:	86B494B6021E3B7AA230A366D3BA6030
SHA1:	29F041F9151C3CA13C7F5860C1492D6D71679D88
SHA-256:	1B44BDFBD79AE9EADE44837099E58405C65EE88408AC725DA7D9004F6A75DDAD
SHA-512:	3B7C4BFA70C5B78042FDA0870BBEAEBAA676A0029C0D4CC35A3E6E92DCEBBED13A703C71330B117F3C73B2225A52F4B66A0FD476D07CF22B098F8F59009AA12D
Malicious:	false
Reputation:	low
Preview:	............ .h...6... .... .(.......00.... .h&......(....... ..... ..........................i...p.2.f...@........................Q.........`...q...p.2!r.^#u..#t..!s.F..m.......T[e.T\e.dlx......#s.\|#t.#u..#u.."u.$u..%v..$s..)i..O...r.....%...!.;HX.r...8v..$l..$u..%v..$v..#u..$u..$t..%j..&a..!s.. ~...w...x...z.. {..$j..&a..$q..$u..$u.. ~.. ~.. }.. x.. x...........................{.. w.. z.. ~.. ~...................~..!x..&m..........!w..'n.. \|.................................#m..(]..*[...}......#o..,W..&c.. y...............~.E.........}..$k..%k..%m...~......!u..%l..%j.."q...............>x..N...a...t..!u..$t..$v..........!{..%u..#s...w...l...X...E...<u..=t..<s..=w..D...^..#t.......... \|.."n...O...A}..<t..<t..=u..=u..>v..>v..=u..=t..=v..X...........u...G...<t..=u..=u..>v..>v..<v..>v..>v..=u..=u..=v..X...........v...F...<t..=u..>v..>v..>v..=u..>v..=u..<t..A...`.. \|..............!r...Q...=u..=u..>u..>v..=v..=u..<t..K.."l..#v..................!{..%u...^...A}..<t..=u..<t..>y..W

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	105560
Entropy (8bit):	5.173099073295946
Encrypted:	false
SSDEEP:	1536:Kvbe2WTBTlur/rTVYHlA2taouk+ZPL50/:E+Mr/1m+I
MD5:	6837678401F602120E41C9EAA7A7E915
SHA1:	A1F801D56B6666BDDED519DE10A8F04B9257AE0E
SHA-256:	DAE89C4D8697DC845428A11C2BDE64334AB65738EE97F598414D857B5D9D3FD2
SHA-512:	F0B529B9BED94C6EAC30FDB59CB1C2D347D78015B06C5D11577B12B2312A63D8D1AE684E5C05B7DE979EAEB848A337C20E7B00E089ADB2802B772A9690A005BF
Malicious:	false
Reputation:	low
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("scc-c2",[],e):"object"==typeof exports?exports["scc-c2"]=e():t["scc-c2"]=e()}(self,(()=>(()=>{"use strict";var t={d:(e,n)=>{for(var r in n)t.o(n,r)&&!t.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:n[r]})},o:(t,e)=>Object.prototype.hasOwnProperty.call(t,e),r:t=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})}},e={};t.r(e),t.d(e,{_isDebug:()=>v,debug:()=>w,error:()=>h,info:()=>m,log:()=>m,setDebug:()=>b,warn:()=>g});var n={};t.r(n),t.d(n,{cmdLogEvent:()=>Ki,cmdLogPerf:()=>Gi});var r,o,i,a,c,u=(r="",i={document:o=Object.create({get cookie(){return r},set cookie(t){r=t}})},a={},"undefined"==typeof window?{window:i,document:o,navigator:a}:{window:window\|\|i,document:window.document\|\|o,navigator:navigator\|\|a}),f=function(){return u.window},s=functi

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (522)
Category:	dropped
Size (bytes):	586
Entropy (8bit):	5.2378887904744955
Encrypted:	false
SSDEEP:	12:H/QL7ANBSyTUXaPXAbDTc/NeL2QiTj+RVngQ2ofXgYhMYTHr+pWgL7AO:cANBLTUXaPXAPTc/tTj+HngQ2CQY/HrQ
MD5:	FADB3719FFA2A9E96CDC64FFEA0220FA
SHA1:	B9B00833E59E99ECE036B518D8429AF5EFEC1163
SHA-256:	E8A5463FF98210D3017DEEE55D5A287AD01AAA11DBE7DEB7D07F7D15D7F609F2
SHA-512:	C6E3581F7676B3204BC0FC8D4DCCF5A383FDE6F17A27D2F855EBEE3D205459BD9866A219808EAB1D4D4B37676D13B516AF546C7125C3FFA22CA74B995A180644
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=n,e.a=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_rollupPluginBabelHelpers-8ce54c82.js.map.

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
URL:	https://events.api.secureserver.net/t/1/tl/event?dh=meittaammasskei-loogge.godaddysites.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=1.0.1&vg=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda&vtg=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda&dp=%2F&trace_id=23e6e90a47474fd9899e698682639d00&cts=2025-01-12T00%3A45%3A19.624Z&hit_id=9a1833fb-befd-49d8-bcf0-612b9bc0f685&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%226c9480da-79f2-4174-a78f-28264f5073ae%22%2C%22pd%22%3A%222022-12-12T11%3A17%3A16.458Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout18%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&usrin=wam_site_hasPopupWidget%2Cfalse%5Ewam_site_hasMessagingWidget%2Cfalse%5Ewam_site_headerTreatment%2Cfalse%5Ewam_site_hasSlideshow%2Cfalse%5Ewam_site_hasFreemiumBanner%2Cfalse%5Ewam_site_homepageFirstWidgetType%2CINTRODUCTION%5Ewam_site_homepageFirstWidgetPreset%2Cintroduction4%5Ewam_site_businessCategory%2Crealestateagents%5Ewam_site_theme%2Clayout18%5Ewam_site_locale%2Cen-US%5Ewam_site_fontPack%2Clato%5Ewam_site_cookieBannerEnabled%2Ctrue%5Ewam_site_membershipEnabled%2Cfalse%5Ewam_site_hasHomepageHTML%2Cfalse%5Ewam_site_hasHomepageShop%2Cfalse%5Ewam_site_hasHomepageOla%2Cfalse%5Ewam_site_hasHomepageBlog%2Cfalse%5Ewam_site_hasShop%2Cfalse%5Ewam_site_hasOla%2Cfalse%5Ewam_site_planType%2CbusinessPlus%5Ewam_site_isHomepage%2Ctrue%5Ewam_site_htmlWidget%2Cfalse%5Ewam_site_networkSpeed%2C4.45&ap=IPv2&vci=1440687707&z=1877677939&LCP=1457&CLS=0.0001966384317006865&FID=31&timeToInteractive=7619&nav_type=hard
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	324
Entropy (8bit):	5.376083689062415
Encrypted:	false
SSDEEP:	6:FSPl39b4BSyRbjGJlI9kXJ3+V0q1EkmGHr9EJiKWaEt39J:cd39MBSyVz0XkTHr+pWTt39J
MD5:	ACD4F2B6117E5054FC9BF848AE8121CA
SHA1:	AE4D5F41D854BA8D99A4A1EC6EE6D6C3C0A859B8
SHA-256:	66774F89FCFA5674BE9AEF60E3FE3CB81E4DD88246BDE4E5392DF8B99FEFD4DB
SHA-512:	906FC9144D4AB81E8000CBE4A7AF7AFF775464347449193337E8738D705888C02B9476E083B3B67BDB3CBC312AAC4644C10737BC1FC5F9F08B38F5F45A2410F9
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-legacyOverrides-42582241.js
Preview:	define("@widget/LAYOUT/c/bs-legacyOverrides-42582241.js",["exports"],(function(e){"use strict";e.g=function(e,i,n){let o={};return"MENU"===i&&"h3"===e&&(o={color:"highlight"},"menu3"===n&&(o.fontSize="large")),o}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-legacyOverrides-42582241.js.map.

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8076)
Category:	downloaded
Size (bytes):	8146
Entropy (8bit):	5.193570786754158
Encrypted:	false
SSDEEP:	192:bXex8k/4ro1H29Lm90fwK4cal8k5AV+IZ7/UHpvx/nvvdlFwmlqkk1:bXex9QriHqLm90fwncal75AV+IZ78HF6
MD5:	D0BF5E9E6E778CE2D940F214EC04700C
SHA1:	2ECB604E1F2E8CA95A0413DB58C153B9AA710A29
SHA-256:	1B7F2E117669F2643EA895B6BEDB818796AF009F19A6FC1F8B8A1DC9C30B6D9B
SHA-512:	DC1A45C8946109AB2E61509A977287020136B03555CC2FAC0B769BB20ADC78268929AE857F695626E86D8AC6E805C3731D33374360406E86FC98F643A3523E5C
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-layout18-Theme-publish-Theme-5bf6e4ee.js
Preview:	define("@widget/LAYOUT/bs-layout18-Theme-publish-Theme-5bf6e4ee.js",["exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-index3","~/c/bs-legacyOverrides","~/c/bs-modernThinRound","~/c/bs-defaultSocialIconPack","~/c/bs-loaders","~/c/bs-index2","~/c/bs-index","~/c/bs-overlayTypes"],(function(e,t,r,o,a,l,n,i,s,d){"use strict";const{colorPackCategories:g,buttons:h}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,{LIGHT:m,LIGHT_ALT:c,LIGHT_COLORFUL:u,DARK:p,DARK_ALT:b,DARK_COLORFUL:y,COLORFUL:f}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants.paintJobs,S={[d.F]:"accent-overlay",[d.b]:"accent-overlay",[d.I]:"category-alt-solid",[d.B]:"accent-overlay",[d.L]:"accent-overlay"},H={defaultHeaderTreatment:d.F,hasLegacy:!0,heroContentItems:["tagline","tagline2","cta"],nonHeroContentItems:["phone"],imageTreatments:S};var C={id:"layout18",name:"dawn",packs:{color:"000",font:"lato"},logo:{font:"primary"},packCategories:{color:g.NEUTRAL},headerProperties:{alignmentOption:"center"},header

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1824)
Category:	downloaded
Size (bytes):	1874
Entropy (8bit):	4.934407477113311
Encrypted:	false
SSDEEP:	48:fCEX2kA83zdkJi1lvietWdcy0cy7mdOrxGfrIK:aE33zdkJiDvietWdR0R7mdOFYX
MD5:	EDC15AD5DAAC3CFA744BFFDB1E0174BE
SHA1:	E314A5CA702D0E77B2C2C023ADDADE266EA223B2
SHA-256:	3B54AEACFDA01BE53800632989A82F6F5A7F92E927159A37A4324B38D3DFFEF8
SHA-512:	8B8805D67FF993BD406EEB6682B1578537A3D6B7DC6711BE7152120689C77147D8C24351ACEBD2A06AE9B81D858EAED19C44E6792FE3C147EEAF3133C635589B
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js
Preview:	define("@widget/LAYOUT/c/bs-dataAids-6a839d53.js",["exports"],(function(E){"use strict";var R=(global.keyMirror\|\|guac.keymirror)({BACKGROUND_IMAGE_RENDERED:null,HAMBURGER_MENU_LINK:null,HEADER_WIDGET:null,HEADER_SECTION:null,HEADER_VIDEO:null,HEADER_VIDEO_EMBED_WRAPPER:null,HEADER_VIDEO_EMBED:null,HEADER_VIDEO_EMBED_INSET_POSTER:null,HEADER_VIDEO_EMBED_FILL_POSTER:null,HEADER_VIDEO_BACKGROUND:null,HEADER_SLIDESHOW:null,HEADER_SLIDE:null,HEADER_HERO_SLIDE:null,HEADER_PHONE_RENDERED:null,HEADER_PIPE_RENDERED:null,HEADER_ADDRESS_RENDERED:null,HEADER_LOGO_RENDERED:null,HEADER_LOGO_IMAGE_RENDERED:null,HEADER_LOGO_OVERHANG_CONTAINER:null,HEADER_LOGO_TEXT_RENDERED:null,HEADER_TAGLINE_RENDERED:null,HEADER_TAGLINE2_RENDERED:null,HEADER_NAV_RENDERED:null,HEADER_CTA_BTN:null,CART_ICON_RENDER:null,CART_ICON_COUNT:null,CART_ICON_PIPE:null,CART_TEXT:null,CART_DROPDOWN_RENDERED:null,SEARCH_FORM_RENDERED:null,SEARCH_ICON_RENDERED:null,SEARCH_ICON_RENDERED_OPEN:null,SEARCH_CLOSE_RENDERED:null,SEARCH_FI

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 1535x1021, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	151288
Entropy (8bit):	7.998613332119962
Encrypted:	true
SSDEEP:	3072:Qr20Z/KY4SK/mrDW7xmfA16WDMUWu4MDkHDyfZW1+:Oi0K/xsfAPmFbDB+
MD5:	C0D1D98CE1B1E0C0E1C50CFE76FF1A56
SHA1:	A9E95951EDFE680AFB5E0999128764B6E303A8D4
SHA-256:	93671E51E52BB9082D8DE84B1CE771AE676E2E968B99F77EDB583FE73F284614
SHA-512:	25D9A43AC05BFFC0D6197A78894ABE7A697470AFCF85AE3702AEA89EAEF911B52822CB2A8267A159FBB5FA38C999531B4AA35FA732159521E1E08D390A4CAD66
Malicious:	false
Reputation:	low
URL:	"https://img1.wsimg.com/isteam/stock/107927/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:1535,m"
Preview:	RIFF.N..WEBPVP8 .N...........>m2.H$".+.sK.p..gn......V.q....B.....;..........>.................?.}.i#...`Z;............z..~.....(..._.......<..Q.M.P.....'....{.J....<.......}../.~...f..<....W...".n}Y....;..............&..............q.....`..........g..Qr,e.8...$..Rb`...".75.B.=y.uY..X.r..6I.&...kg...K>..d...x.b.Y).{bY...k.b...8~..[Y=10t{..a.<...6..{1B........-.@.=.u..Z..R....d........x...v..............-?e...A..=:....8..Jt.Q......y..1O...k..7...H.{`.1.Z.....0O..@.Z#.g..dN.]...0.P@vaN..H'R...J..9.5...Ec.D....[P.]k.I........c(...E..5T.:.!rO.o..D...".'.D cu...-..vbL..Ck....=c.....W.~.2.~0.\.. #Q...C(T7..Y..2.@....t.u..^.!.......i.~.s..p<(.%*..W....(_.1l.<Ykk...P........}...,........#....=....Y.<.v.$2ud..2.J.........P......W:...R.......9.....4.;N.......L...n.....j......j\|.......9.....'.[e..)....3:B....}....xtot.6.d2j.hi.....ZVd5..r.%.-.Zo.l^.Ug..af\q2j.u/.C...#.g.8S.#]4S[..G@..+..W........xQNqwA...0{......4C....?.3Fx.iX..u..n...'.<>.&c.A..

Chrome Cache Entry: 97

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2368)
Category:	dropped
Size (bytes):	2416
Entropy (8bit):	5.220048787531057
Encrypted:	false
SSDEEP:	48:UfRV3dTEDPoRidiLEjTyAmzl584CC6zS72F7vNXuCyjSdad6f2vNdbTrID:iRXE7ocQLlWSwSQL5uCyjSdad82vNdb6
MD5:	ABFD2ADA44521989F7C040FC3EAEF6C9
SHA1:	D682B5CAAD4C1C839262A6D03CAFB95E0AF64A21
SHA-256:	3F2536BBC0A15193347F2D6DD1F4E8BEFE2E221DF5C4FF99FDA6BD18C428C857
SHA-512:	89CF1F0AD4AB25C95221F043FAC57CADE9F620F20EDEC099BA84288808C6589522E8F3FD3BE9DD4CC26141511B98C2FA27F2780DA3551D1755BF25C5ACE9BA80
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-Toggle-37f740c7.js",["exports","~/c/bs-_rollupPluginBabelHelpers"],(function(e,t){"use strict";function o(e,t,o){let s=e;for(;s;){const e=s.getAttribute&&s.getAttribute(t);if(e&&(void 0===o\|\|e===o))return!0;s=s.parentNode}return!1}function s(e,t){return o(e,"id",t)}class l extends(global.React\|\|guac.react).Component{constructor(){super(...arguments),this.handleClick=this.handleClick.bind(this),this.handleToggle=this.handleToggle.bind(this),this._id=(global._\|\|guac.lodash).uniqueId(),this.state={open:!1}}componentDidMount(){this._link=(global.ReactDOM\|\|guac["react-dom"]).findDOMNode(this),document.addEventListener("click",this.handleClick,{capture:!0})}componentWillUnmount(){document.removeEventListener("click",this.handleClick,{capture:!0})}shouldClose(e){const{closeAttr:t,ignoreCloseAttr:l,closeOnOutsideClick:n,toggleId:i}=this.props;let a=!0;return t?a=o(e.target,t):l&&(a=!o(e.target,l)),!a&&i&&n&&(a=!s(e.target,i)),a&&!s(e.target,this._id)}handleClick(e){

Chrome Cache Entry: 98

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2622)
Category:	dropped
Size (bytes):	11094
Entropy (8bit):	5.442143929196519
Encrypted:	false
SSDEEP:	192:Crsr/cAF56ElYEy31fxQ146G6ivzYiYD7PYZbUVXVfpQGTLY2chTS3vZTfU0pn/6:osr/cAF5RlHy31fqW/B5gxZ01TS3vZTU
MD5:	9E8F4BF0D3186E2888CFD46DD31BC983
SHA1:	EFAE16775AF396544FF06FF7971B008E663276CE
SHA-256:	C55013F0EDBCC6B94A7FF4812466B73B904220A08715EDE46182D3FFF284EBD6
SHA-512:	619764DE9351957B9F715C9079CCFFCF932A9C2DBAF6AAEA8E19B23B3670BD5219E32359AED3E104D119BF70948E910D513BB5EBB6E253F1CB50BBEB03A89DCC
Malicious:	false
Reputation:	low
Preview:	window.cxs && window.cxs.setOptions({ prefix: "c2-" });.window.wsb=window.wsb\|\|{};window.wsb["Theme18"]=window.wsb["Theme18"]\|\|window.radpack("@widget/LAYOUT/bs-layout18-Theme-publish-Theme").then(function(t){return new t.default();});.window.wsb["DynamicFontScaler"]=function(e){let t,{containerId:o,targetId:n,fontSizes:r,maxLines:a,prioritizeDefault:s}=e;if("undefined"==typeof document)return;const i=document.getElementById(o),c=document.getElementById(n);function l(e){return function(e){const t=parseInt(d(e,"padding-left")\|\|0,10),o=parseInt(d(e,"padding-right")\|\|0,10);return e.scrollWidth+t+o}(e)<=i.clientWidth&&function(e){const t=e.offsetHeight,o=parseInt(d(e,"line-height"),10)\|\|1;return Math.floor(t/o)}(e)<=a}function p(){if(!i\|\|!c\|\|t===window.innerWidth)return;if(c.hasAttribute("data-font-scaled"))return void function(){c.removeAttribute("data-last-size");const e=document.querySelector(`#${n}-style`);e&&e.parentNode.removeChild(e)}();t=window.innerWidth;const e=Array.prototype.sl

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1352)
Category:	downloaded
Size (bytes):	1400
Entropy (8bit):	5.307032039583678
Encrypted:	false
SSDEEP:	24:c6BLQZSwXZSUcUxQAQId+06QyyU+bHJRWIFSPhXCoiCUPGyTiKNPR138IHrIYf:j+SwJSxAQ0H0OpwUSPhXCoiCUeuiKNPd
MD5:	5CC6B93D41889C0A55C6C4FCD2D89713
SHA1:	51A59C1DAE337817C4EBAC39FBE61C232705A893
SHA-256:	8671CFDFA128168DB2136D7C17F55BA98DDBA221CDD1ACBBE559D4969280FD51
SHA-512:	8BCAAB1399B6D4D7475C4CF1DC45B0477A9D2AD37578DFCCF23C0C9303716DA1DECD5FBA858D5DD609CB89BCC784E04B72A0D7136BC6EE60DC3EF69CAB977C33
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-87bd33e6.js
Preview:	define("@widget/LAYOUT/c/bs-index2-87bd33e6.js",["exports"],(function(t){"use strict";t.a=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginBottom:t}," > :last-child":{marginBottom:"0 !important"}}},t.b=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginRight:t}," > :last-child":{marginRight:"0 !important"}}},t.c=function(t){const e=function(t){if("string"!=typeof t\|\|"{"!==t[0])return null;try{return JSON.parse(t)}catch(t){return null}}(t)\|\|{};let n=0;return e.blocks&&e.blocks.forEach((t=>{const e=t.text.length;n+=(global._\|\|guac.lodash).clamp(e,25,Math.max(e,25))})),n},t.g=()=>{const t=document.getElementsByClassName("ux-scaled");let e=1;return t&&t.length>0&&(e=t[0].getAttribute("data-scale")),e},t.r=t=>{let{count:e=0,fontSizeMap:n={},defaultFontSize:r}=t;const i=(global._\|\|guac.lodash).reduce(n,((t,e,n)=>{let[r,i=Number.MAX_VALUE]=e;return t.push({range:[r,i],

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 12, 2025 01:45:02.760193110 CET	49712	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:45:02.760235071 CET	443	49712	216.58.206.36	192.168.2.5
Jan 12, 2025 01:45:02.760308981 CET	49712	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:45:02.760591030 CET	49712	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:45:02.760605097 CET	443	49712	216.58.206.36	192.168.2.5
Jan 12, 2025 01:45:03.392879009 CET	443	49712	216.58.206.36	192.168.2.5
Jan 12, 2025 01:45:03.393393040 CET	49712	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:45:03.393420935 CET	443	49712	216.58.206.36	192.168.2.5
Jan 12, 2025 01:45:03.394429922 CET	443	49712	216.58.206.36	192.168.2.5
Jan 12, 2025 01:45:03.394503117 CET	49712	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:45:03.395823002 CET	49712	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:45:03.395888090 CET	443	49712	216.58.206.36	192.168.2.5
Jan 12, 2025 01:45:03.438553095 CET	49712	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:45:03.438564062 CET	443	49712	216.58.206.36	192.168.2.5
Jan 12, 2025 01:45:03.484966040 CET	49712	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:45:04.540966988 CET	49715	80	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:04.541105986 CET	49716	80	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:04.545826912 CET	80	49715	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:04.545860052 CET	80	49716	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:04.545893908 CET	49715	80	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:04.545921087 CET	49716	80	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:04.546103001 CET	49715	80	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:04.552057028 CET	80	49715	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.025707006 CET	80	49715	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.061049938 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.061073065 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.061359882 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.061359882 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.061379910 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.066195011 CET	49715	80	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.562118053 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.562490940 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.562509060 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.563966990 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.564049959 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.570167065 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.570316076 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.570411921 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.570420980 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.611699104 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.687871933 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.687923908 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.687951088 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.687959909 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.687977076 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.687994003 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.688008070 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.688067913 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.741061926 CET	49721	443	192.168.2.5	18.192.130.3
Jan 12, 2025 01:45:05.741092920 CET	443	49721	18.192.130.3	192.168.2.5
Jan 12, 2025 01:45:05.741159916 CET	49721	443	192.168.2.5	18.192.130.3
Jan 12, 2025 01:45:05.741408110 CET	49721	443	192.168.2.5	18.192.130.3
Jan 12, 2025 01:45:05.741420031 CET	443	49721	18.192.130.3	192.168.2.5
Jan 12, 2025 01:45:05.774121046 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.774207115 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.774214029 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.774250984 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.774286032 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.774302006 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.775655031 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.775732994 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.775736094 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.775774956 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.775789976 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.775818110 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.775827885 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.775976896 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:05.776027918 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.776246071 CET	49717	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:05.776258945 CET	443	49717	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:06.482738018 CET	443	49721	18.192.130.3	192.168.2.5
Jan 12, 2025 01:45:06.483249903 CET	49721	443	192.168.2.5	18.192.130.3
Jan 12, 2025 01:45:06.483270884 CET	443	49721	18.192.130.3	192.168.2.5
Jan 12, 2025 01:45:06.484994888 CET	443	49721	18.192.130.3	192.168.2.5
Jan 12, 2025 01:45:06.485075951 CET	49721	443	192.168.2.5	18.192.130.3
Jan 12, 2025 01:45:06.489535093 CET	49721	443	192.168.2.5	18.192.130.3
Jan 12, 2025 01:45:06.489895105 CET	443	49721	18.192.130.3	192.168.2.5
Jan 12, 2025 01:45:06.534157038 CET	49721	443	192.168.2.5	18.192.130.3
Jan 12, 2025 01:45:06.534193039 CET	443	49721	18.192.130.3	192.168.2.5
Jan 12, 2025 01:45:06.581928015 CET	49721	443	192.168.2.5	18.192.130.3
Jan 12, 2025 01:45:13.301996946 CET	443	49712	216.58.206.36	192.168.2.5
Jan 12, 2025 01:45:13.302141905 CET	443	49712	216.58.206.36	192.168.2.5
Jan 12, 2025 01:45:13.302195072 CET	49712	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:45:13.309165955 CET	49712	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:45:13.309175968 CET	443	49712	216.58.206.36	192.168.2.5
Jan 12, 2025 01:45:13.670891047 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:13.670934916 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:13.671027899 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:13.673870087 CET	49793	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:13.673906088 CET	443	49793	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:13.673958063 CET	49793	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:13.674890995 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:13.674906015 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:13.675123930 CET	49793	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:13.675138950 CET	443	49793	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.156848907 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.157670975 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.157690048 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.158175945 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.160096884 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.160226107 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.160330057 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.169771910 CET	443	49793	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.171282053 CET	49793	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.171308041 CET	443	49793	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.174987078 CET	443	49793	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.175137997 CET	49793	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.185230970 CET	49793	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.185345888 CET	443	49793	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.185606003 CET	49793	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.185623884 CET	443	49793	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.203330994 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.204231977 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.235582113 CET	49793	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.279901981 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.279975891 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.280004025 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.280045033 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.280050039 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.280082941 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.280100107 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.280101061 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.280131102 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.280169010 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.280169010 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.294691086 CET	443	49793	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.294840097 CET	443	49793	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.295067072 CET	49793	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.298496008 CET	49793	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.298513889 CET	443	49793	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.365237951 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.365298986 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.365344048 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.365365028 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.365396976 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.365427971 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.365437031 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.365562916 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.366015911 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.366036892 CET	443	49792	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.366070032 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.366070032 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.366318941 CET	49792	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.389432907 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.389466047 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.389558077 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.389952898 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.389970064 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.878508091 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.879961967 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.879971981 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.881159067 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.912785053 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.913064003 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:14.918194056 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:14.959336996 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.027308941 CET	80	49715	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.027394056 CET	49715	80	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:15.033214092 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.033286095 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.033329964 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.033354044 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:15.033366919 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.033394098 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.033416986 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:15.033438921 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:15.120410919 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.120434999 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.120536089 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:15.120551109 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.120596886 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:15.121237040 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.121304989 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:15.121304035 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.121336937 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.121371031 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.121373892 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:15.121397972 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:15.121436119 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:15.317329884 CET	49809	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:15.317337990 CET	443	49809	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:15.534394979 CET	49715	80	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:15.539238930 CET	80	49715	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:20.226336956 CET	49846	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:20.226366043 CET	443	49846	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:20.226563931 CET	49846	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:20.227732897 CET	49846	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:20.227747917 CET	443	49846	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:20.721860886 CET	443	49846	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:20.722903967 CET	49846	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:20.722922087 CET	443	49846	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:20.723292112 CET	443	49846	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:20.724116087 CET	49846	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:20.724199057 CET	443	49846	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:20.767191887 CET	49846	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:24.920037985 CET	80	49716	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:24.920200109 CET	80	49716	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:24.920289040 CET	49716	80	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:40.829170942 CET	443	49846	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:40.829243898 CET	443	49846	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:40.829463005 CET	49846	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:40.847003937 CET	49846	443	192.168.2.5	13.248.243.5
Jan 12, 2025 01:45:40.847018003 CET	443	49846	13.248.243.5	192.168.2.5
Jan 12, 2025 01:45:51.547364950 CET	49721	443	192.168.2.5	18.192.130.3
Jan 12, 2025 01:45:51.547394991 CET	443	49721	18.192.130.3	192.168.2.5
Jan 12, 2025 01:46:02.814825058 CET	50080	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:46:02.814862967 CET	443	50080	216.58.206.36	192.168.2.5
Jan 12, 2025 01:46:02.814954996 CET	50080	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:46:02.815290928 CET	50080	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:46:02.815304041 CET	443	50080	216.58.206.36	192.168.2.5
Jan 12, 2025 01:46:03.451750040 CET	443	50080	216.58.206.36	192.168.2.5
Jan 12, 2025 01:46:03.452099085 CET	50080	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:46:03.452112913 CET	443	50080	216.58.206.36	192.168.2.5
Jan 12, 2025 01:46:03.452428102 CET	443	50080	216.58.206.36	192.168.2.5
Jan 12, 2025 01:46:03.452871084 CET	50080	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:46:03.452933073 CET	443	50080	216.58.206.36	192.168.2.5
Jan 12, 2025 01:46:03.500663042 CET	50080	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:46:04.848062038 CET	49716	80	192.168.2.5	13.248.243.5
Jan 12, 2025 01:46:04.849062920 CET	49716	80	192.168.2.5	13.248.243.5
Jan 12, 2025 01:46:04.852902889 CET	80	49716	13.248.243.5	192.168.2.5
Jan 12, 2025 01:46:04.852972031 CET	49716	80	192.168.2.5	13.248.243.5
Jan 12, 2025 01:46:06.291732073 CET	443	49721	18.192.130.3	192.168.2.5
Jan 12, 2025 01:46:06.291930914 CET	443	49721	18.192.130.3	192.168.2.5
Jan 12, 2025 01:46:06.292021990 CET	49721	443	192.168.2.5	18.192.130.3
Jan 12, 2025 01:46:06.847831011 CET	49721	443	192.168.2.5	18.192.130.3
Jan 12, 2025 01:46:06.847871065 CET	443	49721	18.192.130.3	192.168.2.5
Jan 12, 2025 01:46:13.421947002 CET	443	50080	216.58.206.36	192.168.2.5
Jan 12, 2025 01:46:13.422017097 CET	443	50080	216.58.206.36	192.168.2.5
Jan 12, 2025 01:46:13.422272921 CET	50080	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:46:14.846579075 CET	50080	443	192.168.2.5	216.58.206.36
Jan 12, 2025 01:46:14.846595049 CET	443	50080	216.58.206.36	192.168.2.5

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 12, 2025 01:44:58.416435003 CET	53	61098	1.1.1.1	192.168.2.5
Jan 12, 2025 01:44:58.490413904 CET	53	58147	1.1.1.1	192.168.2.5
Jan 12, 2025 01:44:59.682311058 CET	53	54454	1.1.1.1	192.168.2.5
Jan 12, 2025 01:45:02.752270937 CET	62576	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:02.752398014 CET	53721	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:02.758867979 CET	53	62576	1.1.1.1	192.168.2.5
Jan 12, 2025 01:45:02.759243965 CET	53	53721	1.1.1.1	192.168.2.5
Jan 12, 2025 01:45:04.528337955 CET	64529	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:04.528675079 CET	56173	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:04.536420107 CET	53	56173	1.1.1.1	192.168.2.5
Jan 12, 2025 01:45:04.536890984 CET	53	64529	1.1.1.1	192.168.2.5
Jan 12, 2025 01:45:05.029269934 CET	64244	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:05.029654026 CET	49201	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:05.038103104 CET	53	49201	1.1.1.1	192.168.2.5
Jan 12, 2025 01:45:05.060282946 CET	53	64244	1.1.1.1	192.168.2.5
Jan 12, 2025 01:45:05.715790033 CET	51970	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:05.716094971 CET	59872	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:05.717767954 CET	53	58683	1.1.1.1	192.168.2.5
Jan 12, 2025 01:45:05.731059074 CET	54063	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:05.731195927 CET	50365	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:05.739768982 CET	53	54063	1.1.1.1	192.168.2.5
Jan 12, 2025 01:45:05.740128994 CET	53	50365	1.1.1.1	192.168.2.5
Jan 12, 2025 01:45:08.019205093 CET	60452	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:08.019718885 CET	56769	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:13.671642065 CET	59163	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:13.671814919 CET	60915	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:13.895996094 CET	61474	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:13.896325111 CET	62041	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:15.540177107 CET	62822	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:15.540433884 CET	60557	53	192.168.2.5	1.1.1.1
Jan 12, 2025 01:45:17.025252104 CET	53	58152	1.1.1.1	192.168.2.5
Jan 12, 2025 01:45:35.728344917 CET	53	64906	1.1.1.1	192.168.2.5
Jan 12, 2025 01:45:58.151458025 CET	53	52095	1.1.1.1	192.168.2.5
Jan 12, 2025 01:45:58.603178978 CET	53	52469	1.1.1.1	192.168.2.5

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 12, 2025 01:45:02.752270937 CET	192.168.2.5	1.1.1.1	0x9aeb	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:02.752398014 CET	192.168.2.5	1.1.1.1	0x451c	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 12, 2025 01:45:04.528337955 CET	192.168.2.5	1.1.1.1	0xf308	Standard query (0)	meittaammasskei-loogge.godaddysites.com	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:04.528675079 CET	192.168.2.5	1.1.1.1	0x70ff	Standard query (0)	meittaammasskei-loogge.godaddysites.com	65	IN (0x0001)	false
Jan 12, 2025 01:45:05.029269934 CET	192.168.2.5	1.1.1.1	0x785a	Standard query (0)	meittaammasskei-loogge.godaddysites.com	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:05.029654026 CET	192.168.2.5	1.1.1.1	0x58a6	Standard query (0)	meittaammasskei-loogge.godaddysites.com	65	IN (0x0001)	false
Jan 12, 2025 01:45:05.715790033 CET	192.168.2.5	1.1.1.1	0x4f45	Standard query (0)	img1.wsimg.com	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:05.716094971 CET	192.168.2.5	1.1.1.1	0x1d64	Standard query (0)	img1.wsimg.com	65	IN (0x0001)	false
Jan 12, 2025 01:45:05.731059074 CET	192.168.2.5	1.1.1.1	0xf4f4	Standard query (0)	isteam.wsimg.com	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:05.731195927 CET	192.168.2.5	1.1.1.1	0x2669	Standard query (0)	isteam.wsimg.com	65	IN (0x0001)	false
Jan 12, 2025 01:45:08.019205093 CET	192.168.2.5	1.1.1.1	0x8288	Standard query (0)	img1.wsimg.com	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:08.019718885 CET	192.168.2.5	1.1.1.1	0xdfee	Standard query (0)	img1.wsimg.com	65	IN (0x0001)	false
Jan 12, 2025 01:45:13.671642065 CET	192.168.2.5	1.1.1.1	0xf73c	Standard query (0)	events.api.secureserver.net	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:13.671814919 CET	192.168.2.5	1.1.1.1	0x8926	Standard query (0)	events.api.secureserver.net	65	IN (0x0001)	false
Jan 12, 2025 01:45:13.895996094 CET	192.168.2.5	1.1.1.1	0xf812	Standard query (0)	csp.secureserver.net	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:13.896325111 CET	192.168.2.5	1.1.1.1	0x8084	Standard query (0)	csp.secureserver.net	65	IN (0x0001)	false
Jan 12, 2025 01:45:15.540177107 CET	192.168.2.5	1.1.1.1	0xb824	Standard query (0)	events.api.secureserver.net	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:15.540433884 CET	192.168.2.5	1.1.1.1	0x8d01	Standard query (0)	events.api.secureserver.net	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jan 12, 2025 01:45:02.758867979 CET	1.1.1.1	192.168.2.5	0x9aeb	No error (0)	www.google.com		216.58.206.36	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:02.759243965 CET	1.1.1.1	192.168.2.5	0x451c	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 12, 2025 01:45:04.536890984 CET	1.1.1.1	192.168.2.5	0xf308	No error (0)	meittaammasskei-loogge.godaddysites.com		13.248.243.5	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:04.536890984 CET	1.1.1.1	192.168.2.5	0xf308	No error (0)	meittaammasskei-loogge.godaddysites.com		76.223.105.230	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:05.060282946 CET	1.1.1.1	192.168.2.5	0x785a	No error (0)	meittaammasskei-loogge.godaddysites.com		13.248.243.5	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:05.060282946 CET	1.1.1.1	192.168.2.5	0x785a	No error (0)	meittaammasskei-loogge.godaddysites.com		76.223.105.230	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:05.722945929 CET	1.1.1.1	192.168.2.5	0x4f45	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 12, 2025 01:45:05.723181009 CET	1.1.1.1	192.168.2.5	0x1d64	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 12, 2025 01:45:05.739768982 CET	1.1.1.1	192.168.2.5	0xf4f4	No error (0)	isteam.wsimg.com		18.192.130.3	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:05.739768982 CET	1.1.1.1	192.168.2.5	0xf4f4	No error (0)	isteam.wsimg.com		18.197.103.231	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:45:08.027405977 CET	1.1.1.1	192.168.2.5	0xdfee	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 12, 2025 01:45:08.027826071 CET	1.1.1.1	192.168.2.5	0x8288	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 12, 2025 01:45:13.679959059 CET	1.1.1.1	192.168.2.5	0xf73c	No error (0)	events.api.secureserver.net	wildcard-sni-only.api.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 12, 2025 01:45:13.680093050 CET	1.1.1.1	192.168.2.5	0x8926	No error (0)	events.api.secureserver.net	wildcard-sni-only.api.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 12, 2025 01:45:13.903352976 CET	1.1.1.1	192.168.2.5	0x8084	No error (0)	csp.secureserver.net	csp.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 12, 2025 01:45:13.905122995 CET	1.1.1.1	192.168.2.5	0xf812	No error (0)	csp.secureserver.net	csp.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 12, 2025 01:45:15.547616005 CET	1.1.1.1	192.168.2.5	0x8d01	No error (0)	events.api.secureserver.net	wildcard-sni-only.api.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 12, 2025 01:45:15.549170971 CET	1.1.1.1	192.168.2.5	0xb824	No error (0)	events.api.secureserver.net	wildcard-sni-only.api.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false

HTTP Request Dependency Graph

meittaammasskei-loogge.godaddysites.com

https:

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.5	49715	13.248.243.5	80	2668	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 12, 2025 01:45:04.546103001 CET	454	OUT	GET / HTTP/1.1 Host: meittaammasskei-loogge.godaddysites.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 12, 2025 01:45:05.025707006 CET	365	IN	HTTP/1.1 301 Moved Permanently location: https://meittaammasskei-loogge.godaddysites.com/ vary: Accept-Encoding server: DPS/2.0.0+sha-fcac51d x-version: fcac51d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ etag: ca74a593a514daa778ad22a3998f5e4e date: Sun, 12 Jan 2025 00:45:04 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.5	49716	13.248.243.5	80	2668	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 12, 2025 01:45:24.920037985 CET	233	IN	HTTP/1.1 408 Request Time-out Content-length: 110 Cache-Control: no-cache Connection: close Content-Type: text/html Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 38 20 52 65 71 75 65 73 74 20 54 69 6d 65 2d 6f 75 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 64 69 64 6e 27 74 20 73 65 6e 64 20 61 20 63 6f 6d 70 6c 65 74 65 20 72 65 71 75 65 73 74 20 69 6e 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>408 Request Time-out</h1>Your browser didn't send a complete request in time.</body></html>

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.5	49717	13.248.243.5	443	2668	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:45:05 UTC	713	OUT	GET / HTTP/1.1 Host: meittaammasskei-loogge.godaddysites.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1
2025-01-12 00:45:05 UTC	1297	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.10.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-fcac51d X-Version: fcac51d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: ca74a593a514daa778ad22a3998f5e4e Date: Sun, 12 Jan 2025 00:45:05 GMT Connection: close Transfer-Encoding: chunked
2025-01-12 00:45:05 UTC	15087	IN	Data Raw: 61 65 38 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 62 6c 6f 62 62 79 2f 67 6f 2f 36 63 39 34 38 30 64 61 2d 37 39 66 32 2d 34 31 37 34 2d 61 37 38 66 2d 32 38 32 36 34 66 35 30 37 33 61 65 2f 66 61 76 69 63 6f 6e 2f 31 35 61 38 39 33 65 36 2d 37 62 63 31 2d 34 64 37 31 2d 61 37 38 62 2d 38 34 38 36 34 66 30 36 61 30 36 32 2e 69 63 6f 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 20 32 34 78 32 34 20 33 32 78 33 32 20 34 38 78 34 38 20 36 34 78 36 34 22 2f 3e 3c 6d 65 74 61 20 63 68 61 72 53 65 74 3d 22 75 74 66 2d 38 22 2f 3e 3c Data Ascii: ae89<!DOCTYPE html><html lang="en-US"><head><link rel="shortcut icon" href="//img1.wsimg.com/blobby/go/6c9480da-79f2-4174-a78f-28264f5073ae/favicon/15a893e6-7bc1-4d71-a78b-84864f06a062.ico" sizes="16x16 24x24 32x32 48x48 64x64"/><meta charSet="utf-8"/><
2025-01-12 00:45:05 UTC	16384	IN	Data Raw: 66 6c 65 78 2d 62 61 73 69 73 3a 31 30 30 25 7d 2e 78 20 2e 63 31 2d 35 72 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 35 7d 2e 78 20 2e 63 31 2d 35 73 7b 63 6f 6c 6f 72 3a 72 67 62 28 38 39 2c 20 38 39 2c 20 38 39 29 7d 2e 78 20 2e 63 31 2d 35 74 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 2e 78 20 2e 63 31 2d 35 7a 7b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 78 20 2e 63 31 2d 36 30 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 78 20 2e 63 31 2d 36 31 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 2e 78 20 2e 63 31 2d 36 32 7b 66 6f 6e 74 2d 73 74 79 6c 65 3a 69 74 61 6c 69 63 7d 2e 78 20 2e 63 31 2d 36 33 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6c 69 6e 65 2d 74 68 Data Ascii: flex-basis:100%}.x .c1-5r{line-height:1.5}.x .c1-5s{color:rgb(89, 89, 89)}.x .c1-5t{font-size:14px}.x .c1-5z{font-size:inherit !important}.x .c1-60{font-weight:700}.x .c1-61{line-height:inherit}.x .c1-62{font-style:italic}.x .c1-63{text-decoration:line-th
2025-01-12 00:45:05 UTC	13223	IN	Data Raw: 2d 73 63 61 6c 65 64 3d 22 74 72 75 65 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 73 70 61 6e 20 63 31 2d 32 66 20 63 31 2d 32 67 20 63 31 2d 33 39 20 63 31 2d 33 61 20 63 31 2d 33 31 20 63 31 2d 32 34 20 63 31 2d 32 32 20 63 31 2d 32 31 20 63 31 2d 32 33 20 63 31 2d 32 6a 20 63 31 2d 33 62 20 63 31 2d 33 63 20 63 31 2d 33 64 20 63 31 2d 33 65 20 63 31 2d 33 66 20 63 31 2d 33 67 20 63 31 2d 33 68 20 63 31 2d 32 69 20 63 31 2d 33 32 20 63 31 2d 33 34 20 63 31 2d 33 69 20 63 31 2d 33 6a 20 63 31 2d 33 6b 20 63 31 2d 33 6c 22 3e 4d 65 74 f0 9d 96 86 6d 61 73 6b 20 4c 6f 67 69 6e 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 72 6f 6c 65 3d 22 68 65 61 64 69 6e 67 22 20 61 72 69 61 2d 6c 65 76 65 6c 3d 22 4e 61 4e 22 20 64 61 74 61 2d 75 78 3d 22 73 63 Data Ascii: -scaled="true" class="x-el x-el-span c1-2f c1-2g c1-39 c1-3a c1-31 c1-24 c1-22 c1-21 c1-23 c1-2j c1-3b c1-3c c1-3d c1-3e c1-3f c1-3g c1-3h c1-2i c1-32 c1-34 c1-3i c1-3j c1-3k c1-3l">Metmask Login</span><span role="heading" aria-level="NaN" data-ux="sc

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.5	49792	13.248.243.5	443	2668	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:45:14 UTC	684	OUT	GET /sw.js HTTP/1.1 Host: meittaammasskei-loogge.godaddysites.com Connection: keep-alive Cache-Control: max-age=0 Accept: / Service-Worker: script Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: serviceworker Referer: https://meittaammasskei-loogge.godaddysites.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda; _tccl_visit=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda; _scc_session=pc=1&C_TOUCH=2025-01-12T00:45:09.045Z
2025-01-12 00:45:14 UTC	736	IN	HTTP/1.1 200 OK Link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: application/javascript Vary: Accept-Encoding Server: DPS/2.0.0+sha-fcac51d X-Version: fcac51d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 8bac1f71988ebbac6e6696476ff42d5b Date: Sun, 12 Jan 2025 00:45:14 GMT Connection: close Transfer-Encoding: chunked
2025-01-12 00:45:14 UTC	15648	IN	Data Raw: 38 30 64 61 0d 0a 28 28 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 3d 7b 38 39 35 3a 28 29 3d 3e 7b 74 72 79 7b 73 65 6c 66 5b 22 77 6f 72 6b 62 6f 78 3a 63 61 63 68 65 61 62 6c 65 2d 72 65 73 70 6f 6e 73 65 3a 36 2e 34 2e 31 22 5d 26 26 5f 28 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 2c 32 35 39 3a 28 65 2c 74 2c 73 29 3d 3e 7b 73 2e 64 28 74 2c 7b 42 3a 28 29 3d 3e 61 7d 29 2c 73 28 39 31 33 29 3b 63 6c 61 73 73 20 61 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 7b 74 68 69 73 2e 70 72 6f 6d 69 73 65 3d 6e 65 77 20 50 72 6f 6d 69 73 65 28 28 28 65 2c 74 29 3d 3e 7b 74 68 69 73 2e 72 65 73 6f 6c 76 65 3d 65 2c 74 68 69 73 2e 72 65 6a 65 63 74 3d 74 7d 29 29 7d 7d 7d 2c 31 32 35 3a 28 65 2c 74 2c 73 29 3d 3e 7b 73 2e 64 28 74 2c 7b 56 3a Data Ascii: 80da(()=>{"use strict";var e={895:()=>{try{self["workbox:cacheable-response:6.4.1"]&&_()}catch(e){}},259:(e,t,s)=>{s.d(t,{B:()=>a}),s(913);class a{constructor(){this.promise=new Promise(((e,t)=>{this.resolve=e,this.reject=t}))}}},125:(e,t,s)=>{s.d(t,{V:
2025-01-12 00:45:14 UTC	16384	IN	Data Raw: 2c 72 29 2c 72 7d 76 61 72 20 52 3b 52 3d 64 2c 64 3d 7b 2e 2e 2e 52 2c 67 65 74 3a 28 65 2c 74 2c 73 29 3d 3e 5f 28 65 2c 74 29 7c 7c 52 2e 67 65 74 28 65 2c 74 2c 73 29 2c 68 61 73 3a 28 65 2c 74 29 3d 3e 21 21 5f 28 65 2c 74 29 7c 7c 52 2e 68 61 73 28 65 2c 74 29 7d 2c 73 28 35 35 30 29 3b 63 6f 6e 73 74 20 76 3d 22 63 61 63 68 65 2d 65 6e 74 72 69 65 73 22 2c 62 3d 65 3d 3e 7b 63 6f 6e 73 74 20 74 3d 6e 65 77 20 55 52 4c 28 65 2c 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 29 3b 72 65 74 75 72 6e 20 74 2e 68 61 73 68 3d 22 22 2c 74 2e 68 72 65 66 7d 3b 63 6c 61 73 73 20 78 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 65 29 7b 74 68 69 73 2e 5f 64 62 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 63 61 63 68 65 4e 61 6d 65 3d 65 7d 5f 75 70 67 72 61 64 65 44 62 28 65 29 7b Data Ascii: ,r),r}var R;R=d,d={...R,get:(e,t,s)=>_(e,t)\|\|R.get(e,t,s),has:(e,t)=>!!_(e,t)\|\|R.has(e,t)},s(550);const v="cache-entries",b=e=>{const t=new URL(e,location.href);return t.hash="",t.href};class x{constructor(e){this._db=null,this._cacheName=e}_upgradeDb(e){
2025-01-12 00:45:14 UTC	967	IN	Data Raw: 65 4e 61 6d 65 3a 22 6e 65 74 77 6f 72 6b 2d 66 69 72 73 74 22 2c 70 6c 75 67 69 6e 73 3a 5b 6e 65 77 20 61 2e 43 61 63 68 65 61 62 6c 65 52 65 73 70 6f 6e 73 65 50 6c 75 67 69 6e 28 7b 73 74 61 74 75 73 65 73 3a 5b 32 30 30 5d 7d 29 5d 7d 29 29 2c 28 30 2c 65 2e 72 65 67 69 73 74 65 72 52 6f 75 74 65 29 28 28 28 7b 72 65 71 75 65 73 74 3a 65 7d 29 3d 3e 22 73 74 79 6c 65 22 3d 3d 3d 65 2e 64 65 73 74 69 6e 61 74 69 6f 6e 7c 7c 22 73 63 72 69 70 74 22 3d 3d 3d 65 2e 64 65 73 74 69 6e 61 74 69 6f 6e 29 2c 6e 65 77 20 74 2e 53 74 61 6c 65 57 68 69 6c 65 52 65 76 61 6c 69 64 61 74 65 28 7b 63 61 63 68 65 4e 61 6d 65 3a 22 73 74 61 74 69 63 2d 72 65 73 6f 75 72 63 65 73 22 2c 70 6c 75 67 69 6e 73 3a 5b 6e 65 77 20 61 2e 43 61 63 68 65 61 62 6c 65 52 65 73 70 Data Ascii: eName:"network-first",plugins:[new a.CacheableResponsePlugin({statuses:[200]})]})),(0,e.registerRoute)((({request:e})=>"style"===e.destination\|\|"script"===e.destination),new t.StaleWhileRevalidate({cacheName:"static-resources",plugins:[new a.CacheableResp

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.5	49793	13.248.243.5	443	2668	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:45:14 UTC	582	OUT	GET /manifest.webmanifest HTTP/1.1 Host: meittaammasskei-loogge.godaddysites.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: manifest Referer: https://meittaammasskei-loogge.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:45:14 UTC	739	IN	HTTP/1.1 200 OK Link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: application/manifest+json Vary: Accept-Encoding Server: DPS/2.0.0+sha-fcac51d X-Version: fcac51d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 39f40f25b657fbda334d3912d2c263d6 Date: Sun, 12 Jan 2025 00:45:14 GMT Connection: close Transfer-Encoding: chunked
2025-01-12 00:45:14 UTC	555	IN	Data Raw: 32 31 66 0d 0a 7b 22 73 63 6f 70 65 22 3a 22 2f 22 2c 22 73 74 61 72 74 5f 75 72 6c 22 3a 22 2f 22 2c 22 64 69 73 70 6c 61 79 22 3a 22 73 74 61 6e 64 61 6c 6f 6e 65 22 2c 22 69 63 6f 6e 73 22 3a 5b 7b 22 73 69 7a 65 73 22 3a 22 31 39 32 78 31 39 32 22 2c 22 74 79 70 65 22 3a 22 69 6d 61 67 65 2f 70 6e 67 22 2c 22 73 72 63 22 3a 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 62 6c 6f 62 62 79 2f 67 6f 2f 36 63 39 34 38 30 64 61 2d 37 39 66 32 2d 34 31 37 34 2d 61 37 38 66 2d 32 38 32 36 34 66 35 30 37 33 61 65 2f 66 61 76 69 63 6f 6e 2f 31 35 61 38 39 33 65 36 2d 37 62 63 31 2d 34 64 37 31 2d 61 37 38 62 2d 38 34 38 36 34 66 30 36 61 30 36 32 2e 69 63 6f 2f 3a 2f 72 73 3d 77 3a 31 39 32 2c 68 3a 31 39 32 2c 6d 22 7d 2c 7b 22 73 69 7a 65 73 22 3a 22 Data Ascii: 21f{"scope":"/","start_url":"/","display":"standalone","icons":[{"sizes":"192x192","type":"image/png","src":"//img1.wsimg.com/blobby/go/6c9480da-79f2-4174-a78f-28264f5073ae/favicon/15a893e6-7bc1-4d71-a78b-84864f06a062.ico/:/rs=w:192,h:192,m"},{"sizes":"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.5	49809	13.248.243.5	443	2668	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:45:14 UTC	662	OUT	GET / HTTP/1.1 Host: meittaammasskei-loogge.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://meittaammasskei-loogge.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda; _tccl_visit=757a1d83-6bbe-4f1e-8c8f-dbe7d01adbda; _scc_session=pc=1&C_TOUCH=2025-01-12T00:45:09.045Z
2025-01-12 00:45:15 UTC	1297	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.10.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-fcac51d X-Version: fcac51d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: ca74a593a514daa778ad22a3998f5e4e Date: Sun, 12 Jan 2025 00:45:14 GMT Connection: close Transfer-Encoding: chunked
2025-01-12 00:45:15 UTC	15087	IN	Data Raw: 61 65 38 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 62 6c 6f 62 62 79 2f 67 6f 2f 36 63 39 34 38 30 64 61 2d 37 39 66 32 2d 34 31 37 34 2d 61 37 38 66 2d 32 38 32 36 34 66 35 30 37 33 61 65 2f 66 61 76 69 63 6f 6e 2f 31 35 61 38 39 33 65 36 2d 37 62 63 31 2d 34 64 37 31 2d 61 37 38 62 2d 38 34 38 36 34 66 30 36 61 30 36 32 2e 69 63 6f 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 20 32 34 78 32 34 20 33 32 78 33 32 20 34 38 78 34 38 20 36 34 78 36 34 22 2f 3e 3c 6d 65 74 61 20 63 68 61 72 53 65 74 3d 22 75 74 66 2d 38 22 2f 3e 3c Data Ascii: ae89<!DOCTYPE html><html lang="en-US"><head><link rel="shortcut icon" href="//img1.wsimg.com/blobby/go/6c9480da-79f2-4174-a78f-28264f5073ae/favicon/15a893e6-7bc1-4d71-a78b-84864f06a062.ico" sizes="16x16 24x24 32x32 48x48 64x64"/><meta charSet="utf-8"/><
2025-01-12 00:45:15 UTC	16384	IN	Data Raw: 66 6c 65 78 2d 62 61 73 69 73 3a 31 30 30 25 7d 2e 78 20 2e 63 31 2d 35 72 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 35 7d 2e 78 20 2e 63 31 2d 35 73 7b 63 6f 6c 6f 72 3a 72 67 62 28 38 39 2c 20 38 39 2c 20 38 39 29 7d 2e 78 20 2e 63 31 2d 35 74 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 2e 78 20 2e 63 31 2d 35 7a 7b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 78 20 2e 63 31 2d 36 30 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 78 20 2e 63 31 2d 36 31 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 2e 78 20 2e 63 31 2d 36 32 7b 66 6f 6e 74 2d 73 74 79 6c 65 3a 69 74 61 6c 69 63 7d 2e 78 20 2e 63 31 2d 36 33 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6c 69 6e 65 2d 74 68 Data Ascii: flex-basis:100%}.x .c1-5r{line-height:1.5}.x .c1-5s{color:rgb(89, 89, 89)}.x .c1-5t{font-size:14px}.x .c1-5z{font-size:inherit !important}.x .c1-60{font-weight:700}.x .c1-61{line-height:inherit}.x .c1-62{font-style:italic}.x .c1-63{text-decoration:line-th
2025-01-12 00:45:15 UTC	13223	IN	Data Raw: 2d 73 63 61 6c 65 64 3d 22 74 72 75 65 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 73 70 61 6e 20 63 31 2d 32 66 20 63 31 2d 32 67 20 63 31 2d 33 39 20 63 31 2d 33 61 20 63 31 2d 33 31 20 63 31 2d 32 34 20 63 31 2d 32 32 20 63 31 2d 32 31 20 63 31 2d 32 33 20 63 31 2d 32 6a 20 63 31 2d 33 62 20 63 31 2d 33 63 20 63 31 2d 33 64 20 63 31 2d 33 65 20 63 31 2d 33 66 20 63 31 2d 33 67 20 63 31 2d 33 68 20 63 31 2d 32 69 20 63 31 2d 33 32 20 63 31 2d 33 34 20 63 31 2d 33 69 20 63 31 2d 33 6a 20 63 31 2d 33 6b 20 63 31 2d 33 6c 22 3e 4d 65 74 f0 9d 96 86 6d 61 73 6b 20 4c 6f 67 69 6e 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 72 6f 6c 65 3d 22 68 65 61 64 69 6e 67 22 20 61 72 69 61 2d 6c 65 76 65 6c 3d 22 4e 61 4e 22 20 64 61 74 61 2d 75 78 3d 22 73 63 Data Ascii: -scaled="true" class="x-el x-el-span c1-2f c1-2g c1-39 c1-3a c1-31 c1-24 c1-22 c1-21 c1-23 c1-2j c1-3b c1-3c c1-3d c1-3e c1-3f c1-3g c1-3h c1-2i c1-32 c1-34 c1-3i c1-3j c1-3k c1-3l">Metmask Login</span><span role="heading" aria-level="NaN" data-ux="sc

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 1496, Parent PID: 5376

General

Target ID:	0
Start time:	19:44:54
Start date:	11/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 2668, Parent PID: 1496

General

Target ID:	2
Start time:	19:44:57
Start date:	11/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 --field-trial-handle=2068,i,6008844797219477938,1681451580983266432,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 5536, Parent PID: 5376

General

Target ID:	3
Start time:	19:45:03
Start date:	11/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://meittaammasskei-loogge.godaddysites.com/"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may abuse Internet browser extensions to establish persistent access to victim systems. Browser extensions or plugins are small programs that can add functionality and customize aspects of Internet browsers. They can be installed directly or through a browser's app store and generally have access and permissions to everything that the browser can access.
Tactics:	Persistence
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Process: Process Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://meittaammasskei-loogge.godaddysites.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Windows Analysis Report
http://meittaammasskei-loogge.godaddysites.com/