Edit tour

Windows Analysis Report
http://mattamaks_walletus.godaddysites.com/

Overview

General Information

Sample URL:	http://mattamaks_walletus.godaddysites.com/
Analysis ID:	1590419
Infos:

Detection

HTMLPhisher

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish64

AI detected landing page (webpage, office document or email)

AI detected suspicious URL

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64

chrome.exe (PID: 4396 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 744 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=2016,i,9449222036529942553,3427401837050949230,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 1560 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://mattamaks_walletus.godaddysites.com/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

HTML

Source	Rule	Description	Author	Strings
1.0.pages.csv	JoeSecurity_HtmlPhish_64	Yara detected HtmlPhish_64	Joe Security
1.1.pages.csv	JoeSecurity_HtmlPhish_64	Yara detected HtmlPhish_64	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Yara detected HtmlPhish64

Source: Yara match	File source: 1.0.pages.csv, type: HTML
Source: Yara match	File source: 1.1.pages.csv, type: HTML

AI detected landing page (webpage, office document or email)

Source: https://mattamaks_walletus.godaddysites.com/

Joe Sandbox AI: Page contains button: 'Download now' Source: '1.0.pages.csv'

AI detected suspicious URL

Source: URL	Joe Sandbox AI: AI detected Brand spoofing attempt in URL: http://mattamaks_walletus.godaddysites.com
Source: URL	Joe Sandbox AI: AI detected Typosquatting in URL: http://mattamaks_walletus.godaddysites.com

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: mattamaks_walletus.godaddysites.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: mattamaks_walletus.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://mattamaks_walletus.godaddysites.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=43f09da0-7acd-4fbb-a594-aea7fb7d07e5; _tccl_visit=43f09da0-7acd-4fbb-a594-aea7fb7d07e5; _scc_session=pc=1&C_TOUCH=2025-01-14T00:28:59.284Z
Source: global traffic	HTTP traffic detected: GET /manifest.webmanifest HTTP/1.1Host: mattamaks_walletus.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://mattamaks_walletus.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: mattamaks_walletus.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://mattamaks_walletus.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=43f09da0-7acd-4fbb-a594-aea7fb7d07e5; _tccl_visit=43f09da0-7acd-4fbb-a594-aea7fb7d07e5; _scc_session=pc=1&C_TOUCH=2025-01-14T00:28:59.284Z
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: mattamaks_walletus.godaddysites.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: mattamaks_walletus.godaddysites.com
Source: global traffic	DNS traffic detected: DNS query: img1.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: isteam.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: events.api.secureserver.net
Source: global traffic	DNS traffic detected: DNS query: csp.secureserver.net

Source: chromecache_149.2.dr, chromecache_160.2.dr, chromecache_158.2.dr, chromecache_120.2.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_131.2.dr	String found in binary or memory: http://scripts.sil.org/OFL
Source: chromecache_131.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)
Source: chromecache_131.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2)
Source: chromecache_131.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)
Source: chromecache_131.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)
Source: chromecache_131.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2)
Source: chromecache_131.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2)
Source: chromecache_131.2.dr	String found in binary or memory: https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc
Source: chromecache_131.2.dr	String found in binary or memory: https://mattamaks_walletus.godaddysites.com/

Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703

Source: classification engine

Classification label: mal56.phis.win@17/124@18/6

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=2016,i,9449222036529942553,3427401837050949230,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://mattamaks_walletus.godaddysites.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=2016,i,9449222036529942553,3427401837050949230,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	2 Browser Extensions	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://mattamaks_walletus.godaddysites.com/	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://mattamaks_walletus.godaddysites.com/sw.js	0%	Avira URL Cloud	safe
https://mattamaks_walletus.godaddysites.com/manifest.webmanifest	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
mattamaks_walletus.godaddysites.com	13.248.243.5	true	true	unknown
www.google.com	142.250.186.132	true	false	high
isteam.wsimg.com	18.197.103.231	true	false	high
img1.wsimg.com	unknown	unknown	false	high
csp.secureserver.net	unknown	unknown	false	high
events.api.secureserver.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://mattamaks_walletus.godaddysites.com/sw.js	true	Avira URL Cloud: safe	unknown
https://mattamaks_walletus.godaddysites.com/	true		unknown
https://mattamaks_walletus.godaddysites.com/manifest.webmanifest	true	Avira URL Cloud: safe	unknown
http://mattamaks_walletus.godaddysites.com/	false		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Reputation
https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2)	chromecache_131.2.dr	false	high
https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2)	chromecache_131.2.dr	false	high
https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)	chromecache_131.2.dr	false	high
https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc	chromecache_131.2.dr	false	high
https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)	chromecache_131.2.dr	false	high
https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2)	chromecache_131.2.dr	false	high
http://scripts.sil.org/OFL	chromecache_131.2.dr	false	high
https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)	chromecache_131.2.dr	false	high
http://jedwatson.github.io/classnames	chromecache_149.2.dr, chromecache_160.2.dr, chromecache_158.2.dr, chromecache_120.2.dr	false	high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
18.197.103.231	isteam.wsimg.com	United States	16509	AMAZON-02US	false
13.248.243.5	mattamaks_walletus.godaddysites.com	United States	16509	AMAZON-02US	true
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.186.132	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.6
192.168.2.5

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1590419
Start date and time:	2025-01-14 01:27:57 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 6s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://mattamaks_walletus.godaddysites.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal56.phis.win@17/124@18/6
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.163, 142.250.185.174, 74.125.206.84, 142.250.181.238, 172.217.16.206, 142.250.184.202, 142.250.186.67, 95.100.110.77, 95.100.110.86, 23.38.98.114, 23.38.98.78, 2.18.64.27, 2.18.64.8, 84.201.210.39, 104.102.33.222, 23.50.108.3, 2.23.227.198, 2.23.227.202, 142.250.186.78, 142.250.186.142, 142.250.185.78, 142.250.184.206, 142.250.186.174, 142.250.186.46, 142.250.186.99, 184.28.90.27, 4.175.87.197, 13.107.246.45
Excluded domains from analysis (whitelisted): e8843.dsca.akamaiedge.net, fonts.googleapis.com, e40258.g.akamaiedge.net, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, otelrules.azureedge.net, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, wildcard-sni-only.api.secureserver.net.edgekey.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, e64861.dsca.akamaiedge.net, clients.l.google.com, global-wildcard.wsimg.com.sni-only.edgekey.net, csp.secureserver.net.edgekey.net
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: http://mattamaks_walletus.godaddysites.com/

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: http://mattamaks_walletus.godaddysites.com Model: Joe Sandbox AI	{ "typosquatting": true, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": true, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": false, "brand_spoofing_attempt": true, "third_party_hosting": true }
URL: http://mattamaks_walletus.godaddysites.com
URL: https://mattamaks_walletus.godaddysites.com/... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet checks for the existence of certain browser features and, if they are not present, it dynamically loads a polyfill script from a third-party domain. This behavior is commonly used to provide fallback functionality for older browsers or browsers with limited feature support. While the use of `document.write()` is generally discouraged, the overall intent appears to be benign and focused on improving the user experience by ensuring the necessary functionality is available. The script does not exhibit any high-risk indicators, such as dynamic code execution, data exfiltration, or suspicious redirects." }
"IntersectionObserver"in window&&"Intl"in window&&"Locale"in window.Intl\|\|document.write(`\x3Cscript src="https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~locale.en-IN">\x3C/script>`)
URL: https://mattamaks_walletus.godaddysites.com/ Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Start exploring blockchain applications in seconds. Trusted by over 21 million users worldwide.", "prominent_button_name": "Download now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://mattamaks_walletus.godaddysites.com/ Model: Joe Sandbox AI	{ "brands": [ "MetaMask" ] }
	{ "brands": [ "MetaMask" ] }

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 13 23:28:51 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.97594360281306
Encrypted:	false
SSDEEP:	48:8OVdoTMEiFHGidAKZdA19ehwiZUklqehGy+3:8Ow/iydy
MD5:	A4DEEA5EB19F23709C3E867550A9BB6E
SHA1:	60D3D9D8FC0558A732E9D12818B3621C45F9D861
SHA-256:	591F9342AA0C3F48CC146B73113CC5909C9447C3F5730913E5E209DD2E920924
SHA-512:	65E309A156FC8FE5EA4DDA56B729C20A4DB14F49E12FFB3EA95DC0007CA6F071FB0BF3AB574F23F4351114FF2735E286008513DD3710D37ABA5BDD7B6C115F9F
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....].H.f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............he.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 13 23:28:50 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9883651101960096
Encrypted:	false
SSDEEP:	48:8MdoTMEiFHGidAKZdA1weh/iZUkAQkqehNy+2:87/io9QQy
MD5:	696B9216A5117EDDFE9BB6E4E7655034
SHA1:	D686CDB8249343857C81A4DA5CD0DB12A57250E8
SHA-256:	17281F25C60D8D240BEA8697E09C136DCA18A80C711726B4A4B5366870DD1809
SHA-512:	23987BBE5751DAFB53E2796865AD5B87D96A58548332532BFA1F95542B03FC058D63673C8F7D4DEF5672A5A6659140698B9E9D0AFD0C598BA0BE64B258D4A148
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....b..H.f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............he.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.001964268266926
Encrypted:	false
SSDEEP:	48:8x1doTMEsHGidAKZdA14tseh7sFiZUkmgqeh7sHy+BX:8xQ/7nxy
MD5:	6364BBCDA8359691750FF96A7227432D
SHA1:	83294C6D4E169E805853A2FA1F030CB6CF6A6424
SHA-256:	16AEA3BBF4699B39CD08A0574130F8A3C15DCE355492EB8DAA2EE0BCCBF90D92
SHA-512:	6E9370CCDECDE914932A4F5226F24F40657BD379B30534CF6A3B529A1F162C33E073E06F79AD19A43AE6541975033489018FB320D76F9B408CD86783CEECE059
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............he.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 13 23:28:50 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9876677742677584
Encrypted:	false
SSDEEP:	48:8fdoTMEiFHGidAKZdA1vehDiZUkwqehJy+R:8e/izfy
MD5:	47EF94EB6CDB422CC57119FF3448A1A9
SHA1:	08D51A5C6359A1289653A158AEF7039ABA10E9ED
SHA-256:	29E02B44BFDE4E6A5EC32E0AE5E8138BF694E4558EC52BC9F6D84F3BA74ABD5B
SHA-512:	B84133E78E704A1D3908F9E67A6FC954776D3CA9A581D75DCD006FDF0AD55C36BD5632B3CF4B5E74E6BD6040EC9358DAB4F344926FF5200E51ED790EC2BD1CAC
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......H.f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............he.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 13 23:28:51 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.977189409667092
Encrypted:	false
SSDEEP:	48:8ldoTMEiFHGidAKZdA1hehBiZUk1W1qehLy+C:8A/ij9ry
MD5:	02D43A52BF0FCACB96B9E6B21DA52C9B
SHA1:	9205A01168D06834DA4B6B701AB1691770C344F6
SHA-256:	AB7CF28F0DB2E52D5BE1FE877963ABCCE5E094CEB2A357E9E20B0F91EA10CC6E
SHA-512:	18EC07D8C283439BE0316A9C598618C2E467A1938C30F7D832C3DA83E41D44648557632745497BC0AD3D9BA5FF4EDEE12D8BCCA0797C503AF1A987E07423606A
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....%..H.f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............he.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 13 23:28:50 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.9867401220714793
Encrypted:	false
SSDEEP:	48:8fdoTMEiFHGidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbxy+yT+:8e/iTT/TbxWOvTbxy7T
MD5:	71FD48BBB1A2B901B4EAB13F83D96529
SHA1:	AF50D5C841FC56E166EBF403AF313D50F194D42C
SHA-256:	E1604C392DF1DB560227E6F2EAB728690355F0A229679A12F291590491D732CD
SHA-512:	7E2D6CF66D217DB1BA3E932FDE884839DA97366760B9461FA5FDF4E62D4523025E599D9B9D2B5F0DD8CAB533A51A74BA90759D88C762E921DA2BBB90BB97ECB1
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......H.f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............he.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 100

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1352)
Category:	downloaded
Size (bytes):	1400
Entropy (8bit):	5.307032039583678
Encrypted:	false
SSDEEP:	24:c6BLQZSwXZSUcUxQAQId+06QyyU+bHJRWIFSPhXCoiCUPGyTiKNPR138IHrIYf:j+SwJSxAQ0H0OpwUSPhXCoiCUeuiKNPd
MD5:	5CC6B93D41889C0A55C6C4FCD2D89713
SHA1:	51A59C1DAE337817C4EBAC39FBE61C232705A893
SHA-256:	8671CFDFA128168DB2136D7C17F55BA98DDBA221CDD1ACBBE559D4969280FD51
SHA-512:	8BCAAB1399B6D4D7475C4CF1DC45B0477A9D2AD37578DFCCF23C0C9303716DA1DECD5FBA858D5DD609CB89BCC784E04B72A0D7136BC6EE60DC3EF69CAB977C33
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-87bd33e6.js
Preview:	define("@widget/LAYOUT/c/bs-index2-87bd33e6.js",["exports"],(function(t){"use strict";t.a=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginBottom:t}," > :last-child":{marginBottom:"0 !important"}}},t.b=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginRight:t}," > :last-child":{marginRight:"0 !important"}}},t.c=function(t){const e=function(t){if("string"!=typeof t\|\|"{"!==t[0])return null;try{return JSON.parse(t)}catch(t){return null}}(t)\|\|{};let n=0;return e.blocks&&e.blocks.forEach((t=>{const e=t.text.length;n+=(global._\|\|guac.lodash).clamp(e,25,Math.max(e,25))})),n},t.g=()=>{const t=document.getElementsByClassName("ux-scaled");let e=1;return t&&t.length>0&&(e=t[0].getAttribute("data-scale")),e},t.r=t=>{let{count:e=0,fontSizeMap:n={},defaultFontSize:r}=t;const i=(global._\|\|guac.lodash).reduce(n,((t,e,n)=>{let[r,i=Number.MAX_VALUE]=e;return t.push({range:[r,i],

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
URL:	https://events.api.secureserver.net/t/1/tl/event?dh=mattamaks_walletus.godaddysites.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=1.0.1&vg=43f09da0-7acd-4fbb-a594-aea7fb7d07e5&vtg=43f09da0-7acd-4fbb-a594-aea7fb7d07e5&dp=%2F&trace_id=af0eda69ae544e65811791fc8b98a966&cts=2025-01-14T00%3A28%3A59.285Z&hit_id=a00faebc-6bf7-4ce8-9a7a-03f7b1f80230&ht=pageview&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%2207dffded-8313-4239-be79-d950a0c05af1%22%2C%22pd%22%3A%222022-10-31T10%3A08%3A00.056Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout18%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&ap=IPv2&vci=435995003&z=1455842348
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (905)
Category:	dropped
Size (bytes):	960
Entropy (8bit):	5.203352394673048
Encrypted:	false
SSDEEP:	24:pzBLgJHHVvC+dKbywqIN6ttVFRJB1i/uwBrV7DtZHrIvyU:zSkjbQxz3+uQ7RxrIx
MD5:	62A914B2C847D4D02B76164D7A2A54C6
SHA1:	20D9F49A90A51FA6C8420640610DF77F7A96D919
SHA-256:	B08C2864EC27736C507B1CA4B3A225A19147841B861CD8494DAF95FA370FE639
SHA-512:	E67D3D9F68EF3151D93DEDAA3530DF89F0C957F08561E93134B219DEC23C2A1FE0D109AC666619526742C5411E4636ECE416A3AD1148C1AD0861F0050B41D3DE
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js",["exports"],(function(e){"use strict";var n="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};e.a=n,e.b=function(e){if(e.__esModule)return e;var n=Object.defineProperty({},"__esModule",{value:!0});return Object.keys(e).forEach((function(t){var r=Object.getOwnPropertyDescriptor(e,t);Object.defineProperty(n,t,r.get?r:{enumerable:!0,get:function(){return e[t]}})})),n},e.c=function(e,n,t){return e(t={path:n,exports:{},require:function(e,n){return function(){throw new Error("Dynamic requires are not currently supported by @rollup/plugin-commonjs")}(null==n&&t.path)}},t.exports),t.exports},e.g=function(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_commonjsHelpers-67085353.js.map.

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 16x16, components 3
Category:	dropped
Size (bytes):	606
Entropy (8bit):	5.262782303842354
Encrypted:	false
SSDEEP:	12:SPb3SkEl9uuG5c150XyoseMj0c/DY0qdKFOFeCFCIcB:/lYc1spoDYpMueCFCII
MD5:	FACC24BFF150E07FC2165A551219BEB8
SHA1:	9295DD32030798C06B8CC5CAB88DC372511F3E1D
SHA-256:	92C0F7F6A4DC075CFE290E2297F6708A670A222980E333F44AFAA36D63F3E41F
SHA-512:	91863A9A390B49DE0B2925932466EC9FAA2A350624EBC8BE789C7A4962403C065732C321BAD0C8E90B3BF3C4AAD93AF16FCEB26F6DF08C824B9C0B68B6C97421
Malicious:	false
Reputation:	low
Preview:	......Exif..II...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100...........................................C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((..........."..................................#..........................!A.2"q...............................................1....AB..............?.y..y].snl..Wfu...u..&[O.r......*.7:.U<.el<.t... .vU1.....t...k.S5R.(%> .........E.......+.0....gB..jf.......M..h..

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (651)
Category:	downloaded
Size (bytes):	698
Entropy (8bit):	5.240081353203154
Encrypted:	false
SSDEEP:	12:HniBSys8YpBynnHW7Y9VZWZbWpTEnTHr+pW6+:HiBLstpBy27GZWZbWSTHrIN+
MD5:	7B01FCDF2048E82F4DF741791CD44F61
SHA1:	D1D126931B5D6937B1496E7950342D6A06F361B9
SHA-256:	CBC04C06117804A9A97013C97A0714B027DF8279C5F1D0FD0478756A0944AEE6
SHA-512:	3D16B5D5D68C92C6098534C10E57B5FAF389BA31D3DB8D004927410657895F147BBB1AF23A20509AC6834F66B6D98ED0DFBA944756D8EE419D73437CCAEBD897
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/traffic2-0a7e72c6.js
Preview:	define("@wsb/guac-widget-shared/lib/common/constants/traffic2-0a7e72c6.js",["exports"],(function(a){"use strict";const e="click",o="pandc.vnext";var n,i,s=(n=o,i={editor_preview:{submit_contact_form:e,messaging_fab_open:e,messaging_fab_close:e,messaging_webApp_appstore:e,conversations_learn_more:e},shop_widget:{click_pagination_back_arrow:e,click_pagination_forward_arrow:e,click_pagination_number:e}},(global._\|\|guac.lodash).mapValues(i,((a,e)=>(global._\|\|guac.lodash).mapValues(a,((a,o)=>[n,e,o,a].join("."))))));a.TRAFFIC_PREFIX=o,a.default=s,Object.defineProperty(a,"__esModule",{value:!0})})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=traffic2-0a7e72c6.js.map.

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1352)
Category:	dropped
Size (bytes):	1400
Entropy (8bit):	5.307032039583678
Encrypted:	false
SSDEEP:	24:c6BLQZSwXZSUcUxQAQId+06QyyU+bHJRWIFSPhXCoiCUPGyTiKNPR138IHrIYf:j+SwJSxAQ0H0OpwUSPhXCoiCUeuiKNPd
MD5:	5CC6B93D41889C0A55C6C4FCD2D89713
SHA1:	51A59C1DAE337817C4EBAC39FBE61C232705A893
SHA-256:	8671CFDFA128168DB2136D7C17F55BA98DDBA221CDD1ACBBE559D4969280FD51
SHA-512:	8BCAAB1399B6D4D7475C4CF1DC45B0477A9D2AD37578DFCCF23C0C9303716DA1DECD5FBA858D5DD609CB89BCC784E04B72A0D7136BC6EE60DC3EF69CAB977C33
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-index2-87bd33e6.js",["exports"],(function(t){"use strict";t.a=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginBottom:t}," > :last-child":{marginBottom:"0 !important"}}},t.b=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginRight:t}," > :last-child":{marginRight:"0 !important"}}},t.c=function(t){const e=function(t){if("string"!=typeof t\|\|"{"!==t[0])return null;try{return JSON.parse(t)}catch(t){return null}}(t)\|\|{};let n=0;return e.blocks&&e.blocks.forEach((t=>{const e=t.text.length;n+=(global._\|\|guac.lodash).clamp(e,25,Math.max(e,25))})),n},t.g=()=>{const t=document.getElementsByClassName("ux-scaled");let e=1;return t&&t.length>0&&(e=t[0].getAttribute("data-scale")),e},t.r=t=>{let{count:e=0,fontSizeMap:n={},defaultFontSize:r}=t;const i=(global._\|\|guac.lodash).reduce(n,((t,e,n)=>{let[r,i=Number.MAX_VALUE]=e;return t.push({range:[r,i],

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	2910
Entropy (8bit):	7.817088326257949
Encrypted:	false
SSDEEP:	48:6HkbqlZF043dO2ZDS4mFh6EDfCnf/pHoBpjLik6pbS7mP6ja2CY3EgNoJ3JvKPJ:6Hqqlg43dnwFhDc/BMNik6g2e1NoZJCR
MD5:	DD02DBB250A270C9D430B6B57D983C49
SHA1:	189DFBEE3D21271A68B14E5A8F6E66E78786276F
SHA-256:	8B2CD8316D05853621ED2BA8415E887C273AA84A66A54A1193911C0B34A4B6BC
SHA-512:	4F77A7F67ECC05EBCD7705D5DA90AEE3E1CF5ECF42CBFC86F2414E87665DA147F01E802F82696EB3F8201E4EDC3AE73FE41FA6A46DA9E3DC22A927B0D683F651
Malicious:	false
Reputation:	low
URL:	"https://img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/favicon/5057bfe8-8a44-49ff-8070-aa5d57bcfed7.png/:/rs=w:192,h:192,m"
Preview:	RIFFV...WEBPVP8X..............VP8 v....9.......>m4.G$#"!.....M.....Ro..v.C.~ct......O7jS...........?..Y?D...>C.....;.......g...'........<ku..'O....X...u5.@....O...8{.N.?...........s\../..I...a..}w...".".Z.yNI....J.......R>..q..S..H.:..X.`.\|.C1...lg3........==,..j.d:'...ZK....G.....).1xb.M.'~LH9{......PS...a.......2/c.A~..p...&h...f.n!.!.1.O..y#l..T.f#2.......>.K!..$.}E.L..U..E..a%;..N~..... ..y.Tg..(..U.~?y.....D..n.6Y...y@.....e..v...._...]k..nt...9.K.1....Q....ZM?.........so.........y...v:/e!.n...I..J..[e+....gP......#.=.-./....u..%.-.f&.v+.M..q.....aq L......5..k..F.q_..e.6_......q.%.2\.dZ...[............K${s.........4....'2.Ct.0F.\.}."6......1..p..lE.....2.l)..z.?".`..M...&Zv.J.-m.....r...ug.'`.i#x..7.#.E.3b....i.U.YM.4~s...+.+!R...LX.l&pd..n..\....z\|..".4/`..@.&.....-.5....u. \.)...)G5...=...<8...{.;.w.`.......:5. ...jqb....)..W..A..U/l..;.......R.c.......Ovjc..p.W.>G..R....w{..(7m..=.g.`0gD97..8.:.......^q...*,.Q.?Y......7j

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 11644, version 1.0
Category:	downloaded
Size (bytes):	11644
Entropy (8bit):	7.979913171006477
Encrypted:	false
SSDEEP:	192:Tnzm3QwZW75iH4izAQjQSFvOYQPFm3L9ZaWxWiWFSOu4zfOSJh8lvXrgSZlTIKCK:TqAaYyX/v6PURZaiWidOXzGSJ6FPrj
MD5:	734A5B0ADBD95DBAE76BD14E82758144
SHA1:	FD6C0BFDF7F7AAE7B6169BE7DBDFEBB416208106
SHA-256:	EE7EF1D38007C4773D1E000177123FB440383C0D0187FD7D2D6978A0ED0F8976
SHA-512:	D8811D528C5220CCE087C0306F5086EB45793204549D24708A95C9C89EEBD93A072006AE15D76C6324CB375869D23BC9CC232CBECDDEFC5C6CBAB1023CAB21C4
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2
Preview:	wOF2......-\|......k...-.............................\...`........8..[.....6.$..8. .....K....S.".8..D.C.%k3W.......lGWB$..i.!.....Vr...>.W.d.#...y...g.SD2..NP.$ ..a+.9.t.8v.X6l.e....+.f6.y6...y.K...A....T....x..1...'t..E.%/..........v....>.....d...o.v...l(.h$..v..s_}.R.'].......2R.k...u...nH...%...<.4uY.,.9.r:..........t>+......'.D..>...a.......RI#..A..g...c..{!..n...QA .d<..p...+..a..[...q..A...T.,$p.....jk... p..5..Wer...__..A.....s.)c...B..'.X..Q..RI.$.^.LV..\|.K.?.[.!.i.)j...pf.[1......K..^#.....M..<.r.....F..h'..y..c..!.. .7... QB......5\|.. .A..W.=...x.w...O.Ps.g...c..`q.........l'.......XXG.3....{c:A....k....E....@n{..9...U..H.C...O.QX........LL$.[.....'^.........7n.>.....!.L.$.......z.0.. ...p..s.......iR....Bb..&...0@..tj.Q...2.p.C..0..H..q...%j.p J..G....q4I......1.A%.x.... .Nk..d... ..~I.,9.$.0IV....E....A.......5.R..LO..:...q.\.&.b....+...d....J.u7...;.D;....,.....k...pQ.P..j42.k..)o..l..../...+.s...C.Vr.c..I..;...j...*....EQS6.

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	242257
Entropy (8bit):	5.517949479561666
Encrypted:	false
SSDEEP:	3072:7u8xUu8gpdmSOvTdTK4Tn9TnatTn9TnApfeVH0pdmSO3iTIT7JlDnDQj3jPGIXSQ:Y3A/6hbCxJFxKhUc
MD5:	55BAF821A59FAD53AA754C85AE19D0EA
SHA1:	B1662F5F5B119836E5E9C91C5E4A448BCD6CCC6D
SHA-256:	D26724E378F16CC4135849CCABF5A1BA738C3F4BA952950ACB34E73F24869E83
SHA-512:	791B8AA2E321324B55731B5F69239F86A0602F19FEB833BFC492D525EA132BC23D1C6A3907957992C655742F38AEDD7819A585E6B7A7F3C68126E0DC739DFC1B
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-index3-55bc27af.js",["radpack","exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-overlayTypes","~/c/bs-index2","~/c/bs-index","~/c/bs-dataAids","@wsb/guac-widget-shared@^1/lib/components/ColorSwatch","@wsb/guac-widget-shared@^1/lib/components/Carousel","~/c/bs-navigationDrawer","~/c/bs-searchFormLocations"],(function(e,t,a,r,o,l,n,i,c,s,g){"use strict";class p extends((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.utils.createElement("Background")){}a._(p,"propTypes",{className:(global.PropTypes\|\|guac["prop-types"]).string,backgroundSize:(global.PropTypes\|\|guac["prop-types"]).string,backgroundPosition:(global.PropTypes\|\|guac["prop-types"]).string,style:(global.PropTypes\|\|guac["prop-types"]).object,imageData:(global.PropTypes\|\|guac["prop-types"]).object,mobileWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,desktopWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,blur:(global.PropTypes\|\|guac["prop-types"]).bool}),a._(p,"defaultPr

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Category:	downloaded
Size (bytes):	23040
Entropy (8bit):	7.990788476764561
Encrypted:	true
SSDEEP:	384:adpABC4a0HkBpR1HWtGu06B6lsoAKiwY0HcLKglV6Z+DVb35PJZDdiZeJ1vqYg:0AHa0Ezf2tZn6lsoABwTKK46ZQb3V7wD
MD5:	DE69CF9E514DF447D1B0BB16F49D2457
SHA1:	2AC78601179C3A63BA3F3F3081556B12DDCAF655
SHA-256:	C447DD7677B419DB7B21DBDFC6277C7816A913FFDA76FD2E52702DF538DE0E49
SHA-512:	4AEBB7E54D88827D4A02808F04901C0D09B756C518202B056A6C0F664948F5585221D16967F546E064187C6545ACEF15D59B68D0A7A59897BD899D3E9DDA37B1
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Preview:	wOF2......Z........8..Y...........................B.p.`..D....e.....d.....B..6.$..v. .....E.K...5l\e.v.~S$}.".8.....5.E....s...ai`W.u..8a2C..JuBj....x.....%.u.C.......p..c...7...+.1.GS.3...F_....-..`#........]...T.....x....&..{.....V..,..&~$D.#.P..\|gzz...B.7..m.3....HH.l.....Dj.F.X.....U..+.Q...T.`...ST...1...0....io`zu@.J2....3]}0.X...,..+"...............(k.CGl......`.y.._....3.t!O.,X:t.3....lw..U../:..b.]....V.$.y....G.....H..IN....bQ.+ \@....;...C3...c.l..i/....#..I.).Y...]...s..$K!..Tr...g%\|r.D.#.Y{..R..We...X.?...r.@...G.{..>..4^..b..,.z........T..[.ru#.7..{..G....J.3......Lz.C].of$Y2..^...>@L..P.........7..bB.....6f...ec.i..{._\...A.I.Lcy.Qm".....k.^.d.K(x7U...c.o.......}.T......iL..!.Z.......[O...%...*'?........^I./..;t.4%.....S...4....wY.b9.%.b...,.....tC..9.Z...V..CHnA.S.-.u$m.\....7{,..K{(.."....._...\|{.VowE@E@@..Zg.....`8..b..Z...^....l+...R..%.L.b...._..E.j9\+.L.#J.........?&...&..scE..b..Jc.8...V....L 1./k.3..7w....x..-.....

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23126)
Category:	downloaded
Size (bytes):	23189
Entropy (8bit):	4.539345073526186
Encrypted:	false
SSDEEP:	384:7UuK/6kvTqLYddu4bV/yiAhSs1hiAhAiSeG3dvBRU+SMkc6e:QuJ5wI45/c1+ipG3TJSMkU
MD5:	3D092EF4ABA019B14F01C40747E40554
SHA1:	1C26145272FCF4CA91AF501288CCE84B1BFFD38B
SHA-256:	B4C48B77BBE6BBACF7D16BDAA81F5509FB8EA0FBFDDFBF2D12307F7A88518846
SHA-512:	F7180D3D98CF17556E27D62EF719DD9E35041679BAB74BD49BD898EB0FB62018EF6C6B64D06E9E0CAC4A646154DB93A1D35096B098DDCFF7B02CD6889A29DA0A
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-defaultSocialIconPack-91835b99.js
Preview:	define("@widget/LAYOUT/c/bs-defaultSocialIconPack-91835b99.js",["exports"],(function(a){"use strict";const e=(global.React\|\|guac.react).createElement("path",{d:"M12 2C6.477 2 2 6.477 2 12s4.477 10 10 10 10-4.477 10-10A10 10 0 0 0 12 2zM7.055 13.745a.97.97 0 0 1-.073-.509l.182-2.072a.687.687 0 0 1 .29-.364c.182-.11.582.036.582.036l2.619 1.31s.4.181.4.509c-.037.436-.219.436-.364.509l-3.055.654s-.436.146-.581-.073zm4.945.473l-.036 3.018s.036.437-.219.51c-.144.02-.291.02-.436 0l-2.036-.655a.6.6 0 0 1-.291-.364c-.073-.218.182-.545.182-.545l2.036-2.255s.327-.29.582-.145c.254.145.254.436.218.436zm-.364-3.236a.687.687 0 0 1-.581-.182l-2.51-3.418s-.363-.4-.181-.691a.64.64 0 0 1 .363-.291l2.4-.873c.11-.036.218-.145.582.073.255.145.291.655.291.655l.036 4.145s-.072.51-.4.582zm1.419.582l1.636-2.582s.145-.364.436-.327c.152.002.29.085.364.218l1.382 1.636a.676.676 0 0 1 .072.473c-.072.218-.472.363-.472.363l-2.91.837s-.4.073-.545-.182c-.145-.255 0-.51.037-.436zm3.781 3.309L15.6 16.655a.815.815 0 0 1-.4

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21556)
Category:	downloaded
Size (bytes):	21592
Entropy (8bit):	5.118279269599776
Encrypted:	false
SSDEEP:	384:/z+lhnKuowsx9pGxw57yty3eOHenS934osy:JioFP934Y
MD5:	1C56940A864F144FAE2EB40EE952CB94
SHA1:	EBFC754CE962A1F9025853F2995B3987F0383D87
SHA-256:	3C37A4AA3CF6AAAE6921A4B750C0E4F81FD338D6878BE90B0FAF2F921039CB23
SHA-512:	AEF4B08A01D56BD8855653499B375DB11D8FD7D67C4BCDC74323236BADC47B70DDFEDC14CE89828736C63FFE147BF71C14311580296D41B59F11A3305993ADDD
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("tti",[],e):"object"==typeof exports?exports["tti"]=e():t["tti"]=e()}(window,function(){return n=[function(t,e){var n=function(){return this}();try{n=n\|\|Function("return this")()}catch(t){"object"==typeof window&&(n=window)}t.exports=n},function(t,e,n){"use strict";e.__esModule=!0,e.setCustomProperties=e._sendWebVitalsData=e._collectVitals=e.calculateTTI=void 0,n(2);function i(){0<s.timeToInteractive&&setTimeout(function(){window._expDataLayer=window._expDataLayer\|\|[],window._expDataLayer.push({schema:"add_perf",version:"v1",data:window._tccInternal?{type:"pageperf",properties:s,custom_properties:c}:{timing_object:s,is_hard_navigation:!0,custom_properties:c}})},0)}function r(){var t,e,n=(r=0<arguments.length&&void 0!==arguments[0]?arguments[0]:{}).name,r=r.value;s[n]="CLS"===n?r:Math.round(r),"timeToInteractive"===n&&(s.hasOwnProperty("FID")?i():(t=0,e=setInt

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32970), with no line terminators
Category:	downloaded
Size (bytes):	32970
Entropy (8bit):	5.232874057300594
Encrypted:	false
SSDEEP:	768:8QMz7Xi7utc79QusIPgexnKnPxPC7JWU/VHeLNsiQk/c4ur2McV2xdnGYeCjWQTK:si79wq0xPCFWsHuCleZ0j/TsmU9
MD5:	5ACF5E15083B84C29D43D7D09CEF1BEF
SHA1:	0B4C373C128A20F337305A799ADC8D63594F8DB1
SHA-256:	F144FFB3A3ADBCEDB5D457372958B4DCA150786F72E14FFB1E3CCB10336AC1CF
SHA-512:	D25F95686880FCCB636B42A72525194DE258434CF502B45FADE0759BE6CE1ED69624B7469E26117BC5A0B0C93D0A85C2C12D5C8C766989F0F965A8906FA29C1F
Malicious:	false
Reputation:	low
URL:	https://mattamaks_walletus.godaddysites.com/sw.js
Preview:	(()=>{"use strict";var e={895:()=>{try{self["workbox:cacheable-response:6.4.1"]&&_()}catch(e){}},259:(e,t,s)=>{s.d(t,{B:()=>a}),s(913);class a{constructor(){this.promise=new Promise(((e,t)=>{this.resolve=e,this.reject=t}))}}},125:(e,t,s)=>{s.d(t,{V:()=>a}),s(913);class a extends Error{constructor(e,t){super(((e,...t)=>{let s=e;return t.length>0&&(s+=` :: ${JSON.stringify(t)}`),s})(e,t)),this.name=e,this.details=t}}},524:(e,t,s)=>{s.d(t,{h:()=>a}),s(125),s(913);const a=null},594:(e,t,s)=>{function a(e,t){const s=new URL(e);for(const e of t)s.searchParams.delete(e);return s.href}async function n(e,t,s,n){const r=a(t.url,s);if(t.url===r)return e.match(t,n);const i=Object.assign(Object.assign({},n),{ignoreSearch:!0}),c=await e.keys(t,i);for(const t of c)if(r===a(t.url,s))return e.match(t,n)}s.d(t,{F:()=>n}),s(913)},536:(e,t,s)=>{s.d(t,{x:()=>r}),s(913);const a={googleAnalytics:"googleAnalytics",precache:"precache-v2",prefix:"workbox",runtime:"runtime",suffix:"undefined"!=typeof registratio

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	446
Entropy (8bit):	5.769182699683439
Encrypted:	false
SSDEEP:	12:e30kj9cWkXzv4x7kYrdJLsw6Pb3SkEl9uuG:O91kXzQSYrnLVXl
MD5:	8948426331E2E4AE6F35A7F4B28301E1
SHA1:	C5C385631C91EADEDD57309D59FAEB486E4C7278
SHA-256:	CE353002E7EB0DA37CFAB5CAB4575AA7680EC8C2B593C7BAC8E9C24085175425
SHA-512:	E2176C5E911CC18FA71F1CB67C51E8BABEFF3425D1D9CE85C723CC280DF3DF92AC50E71AF362F5428D9CF403CBB3862A6E3B898E400BAB614618B2F906E2FA96
Malicious:	false
Reputation:	low
URL:	"https://img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/favicon/5057bfe8-8a44-49ff-8070-aa5d57bcfed7.png/:/rs=w:16,h:16,m"
Preview:	RIFF....WEBPVP8X..............VP8 ..............@&%..t..&.......\.....g.>.i....F.4.k..a.G...#u..W<<......~m>.9......@...Q...........l.`,.o. .(.T..bm....pr..8..W.....2/.}.}..W.9./2.r!.{..> &...j.<.gvj..r~.....].......H....[....F\?...].sG..D..EXIF....Exif..II...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100........................................

Chrome Cache Entry: 114

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	324
Entropy (8bit):	5.376083689062415
Encrypted:	false
SSDEEP:	6:FSPl39b4BSyRbjGJlI9kXJ3+V0q1EkmGHr9EJiKWaEt39J:cd39MBSyVz0XkTHr+pWTt39J
MD5:	ACD4F2B6117E5054FC9BF848AE8121CA
SHA1:	AE4D5F41D854BA8D99A4A1EC6EE6D6C3C0A859B8
SHA-256:	66774F89FCFA5674BE9AEF60E3FE3CB81E4DD88246BDE4E5392DF8B99FEFD4DB
SHA-512:	906FC9144D4AB81E8000CBE4A7AF7AFF775464347449193337E8738D705888C02B9476E083B3B67BDB3CBC312AAC4644C10737BC1FC5F9F08B38F5F45A2410F9
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-legacyOverrides-42582241.js",["exports"],(function(e){"use strict";e.g=function(e,i,n){let o={};return"MENU"===i&&"h3"===e&&(o={color:"highlight"},"menu3"===n&&(o.fontSize="large")),o}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-legacyOverrides-42582241.js.map.

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (51229)
Category:	dropped
Size (bytes):	60294
Entropy (8bit):	5.3522812100597745
Encrypted:	false
SSDEEP:	768:RfLoCGFoLt8vvw4xUC/ib7V/Kc5EVou1/e/LkIT8OTGLFmJ6KhzFmzi6r8BmuMg:+t1/QD8O8mJ6Khz8zi6r8BmuJ
MD5:	6AF7EF3E31A8CDDEADC67B87D7B48179
SHA1:	705D4CD0D7201C82B0F23036DF835B765EBA703B
SHA-256:	522B1E2C7CC243459B843F543C0EF027A7F955EE33B6120BE0D8BB5197E756DD
SHA-512:	9D8EC7D287E1183D75A260EED2B412FEEC8E8FD2E247F680511A2254107413ECFFF09B361C5A41BAC151D9F5CF140E22848555A7D4445A787A1AF492193AF414
Malicious:	false
Reputation:	low
Preview:	navigator&&navigator.connection&&(window.networkInfo=navigator.connection,navigator.connection.addEventListener&&navigator.connection.addEventListener("change",({target:n})=>window.networkInfo=n));.const imageObserver=new IntersectionObserver((e,r)=>{var a=e=>{if(e.hasAttribute("data-lazyimg")){var t=e.getAttribute("data-srclazy");let o=e.getAttribute("data-srcsetlazy")\|\|"";if(t&&(e.src=t),o&&window.networkInfo){var n=window.networkInfo.downlink;const r=[{min:0,max:5,regex:/(.?(?=, ))/,qMod:!0},{min:5,max:8,regex:/(.2x)/}];r.forEach(({min:e,max:t,regex:r,qMod:a})=>{e<=n&&n<t&&(r=o.match(r),o=(r&&r.length?r[0]:o)+(a?"/qt=q:"+Math.round((n-e)/(t-e)*100):""))})}e.srcset=o,e.removeAttribute("sizes"),e.removeAttribute("data-lazyimg"),e.removeAttribute("data-srclazy"),e.removeAttribute("data-srcsetlazy")}};e.forEach(e=>{if(e.isIntersecting){const t=e.target;window.networkInfo&&0===window.networkInfo.downlink\|\|([t].concat(Array.from(t.querySelectorAll("[data-lazyimg]"))).forEach(a),r.unobse

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1211)
Category:	dropped
Size (bytes):	1261
Entropy (8bit):	5.340315611373646
Encrypted:	false
SSDEEP:	24:/BLEQuC0F6lq5lEYwy5WqogVeESgVeId4PXsHrIW:Z4jFYq5lpwW7vdd4PXgrIW
MD5:	CB9BFA0FBDD957FBE7F4841B70341DB2
SHA1:	9CAD12A3580D3E4D340CB867E88B687C75564C5A
SHA-256:	513864FD4EBD1926F3E1E78B436A90C2BC3A5D16835B50415E7B318D7DEEC2A2
SHA-512:	DF98C3262F64DA4EA9CACF75FF7CB685D71B69142D89F726AB3E13CF6F25432DC395D7C0950E1632F0E519F135B02FDA0753739189E51F1C9210ACA6692551DD
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js",["exports"],(function(e){"use strict";const o=e=>{let{color:o,isActive:t,inStock:r,isSmall:l}=e;const a=r\|\|void 0===r,c=l?"24px":"38px",n=l?"20px":"32px",i={borderRadius:"50%",borderWidth:"1px",borderStyle:"solid"},s={outer:{...i,display:"flex",alignItems:"center",justifyContent:"center",width:c,height:c,borderColor:t?"lowContrast":"transparent"},inner:{...i,borderColor:"ultraLowContrast",color:"ultraLowContrast",width:n,height:n,background:a?o:`linear-gradient(to left top, ${o} calc(50% - 1px), currentColor, ${o} calc(50% + 1px) )`}};return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.outer},(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.inner}))};o.propTypes={color:(global.PropTypes\|\|guac["prop-types"]).string.isRequired,isActive:(global.PropTypes\|\|guac["prop-types"]).bool,inStock:(

Chrome Cache Entry: 117

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5528)
Category:	downloaded
Size (bytes):	10513
Entropy (8bit):	5.2478027275002335
Encrypted:	false
SSDEEP:	192:CGgDeA70SYXnbUVXVfG/bF1JQRVGRhxMinqsnAKWgZRJbOGwCFqT6qVXmB6pbPsz:bgDeAViFYRVQhxDnpnAKWgZRNH6pbPsz
MD5:	388AD726DA38645BE5D4B9A8515C67A3
SHA1:	3F3BC5AF4377EE443043C787869A71BE417287E0
SHA-256:	15F3F034627BE70F8EF5E4B1E3A6B4EAEF758A9704737D36F191FC47070781EB
SHA-512:	4D7058B8BEEF8C8302C6524B6B02D4D22B3C8FBFA411166715AB95FE00ECA98A1C7D47190026E540DA2F870EC3B0ADFD7E6931CB3AF737F35023655059A4558C
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/07dffded-8313-4239-be79-d950a0c05af1/gpub/9e142ea9c07452b2/script.js
Preview:	window.cxs && window.cxs.setOptions({ prefix: "c2-" });.window.wsb=window.wsb\|\|{};window.wsb["Theme18"]=window.wsb["Theme18"]\|\|window.radpack("@widget/LAYOUT/bs-layout18-Theme-publish-Theme").then(function(t){return new t.default();});.window.wsb['context-bs-1']=JSON.parse("{\"env\":\"production\",\"renderMode\":\"PUBLISH\",\"fonts\":[\"lato\",\"default\",\"\"],\"colors\":[\"#d5dade\"],\"fontScale\":\"medium\",\"locale\":\"en-IN\",\"language\":\"en\",\"resellerId\":1,\"internalLinks\":{},\"isHomepage\":true,\"navigationMap\":{\"1a038cb3-966b-4c09-9318-308b5b7e3df1\":{\"isFlyoutMenu\":false,\"active\":true,\"pageId\":\"1a038cb3-966b-4c09-9318-308b5b7e3df1\",\"name\":\"Home\",\"href\":\"/\",\"target\":\"\",\"visible\":true,\"requiresAuth\":false,\"tags\":[],\"rel\":\"\",\"type\":\"page\",\"showInFooter\":false},\"3844ddf6-cdf5-4f7f-9cbb-6171b801dd56\":{\"isFlyoutMenu\":false,\"active\":false,\"pageId\":\"3844ddf6-cdf5-4f7f-9cbb-6171b801dd56\",\"name\":\"404\",\"href\":\"/404\",\"target\"

Chrome Cache Entry: 118

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13449)
Category:	dropped
Size (bytes):	13500
Entropy (8bit):	5.426302310270178
Encrypted:	false
SSDEEP:	384:xwCUJQw/nfvqr5mu4Oxs1iGbW3DaJxJu74b4iEHj74O84NVXIMvFZucQr:xe/nHG5mu4OxCiGbW32Jfu74b4iEHj7i
MD5:	E135455ABAC1E365C75ACB29427BE2BD
SHA1:	386B236DC493D0EBE7827B2FD8897CC9DF4FE222
SHA-256:	88C66FB773F05F8A1B9EA9092CDE47FD6204EB3D3E5EF91F8223BD8A62339B40
SHA-512:	10260309AB241123099D44E175644D4C63C61ABFEB5FB71621DD41534012CD2EA9E662CBFA0B2D67B8CC7A6FD5B4B59FD34F325450E947ADD2B0EB01B5A04122
Malicious:	false
Reputation:	low
Preview:	define("@widget/MESSAGING/bs-Component-3fa47963.js",["radpack","exports","@wsb/guac-widget-shared@^1/lib/components/Recaptcha/badge","@wsb/guac-widget-shared@^1/lib/common/constants/traffic2","@wsb/guac-widget-shared@^1/lib/common/constants/form/formIdentifiers"],(function(e,o,a,t,r){"use strict";var l=(global.keyMirror\|\|guac.keymirror)({MESSAGING_FAB:null,MESSAGING_MESSAGE_FLYOUT:null,WELCOME_MESSAGE:null,SEND_MESSAGE_TO:null,EMAIL_OPT_IN_TOGGLE:null,EMAIL_OPT_IN_MESSAGE:null,COLOR_SATURATION_KNOB:null,COLOR_HUE_SLIDER_KNOB:null});const c=(global.React\|\|guac.react).createElement("path",{d:"M0.342304 14.5C7.35025 6.3293 3.35025 0.829295 0 0.0.0 0.0 5.4 2.1 32.3502 0.329295C32.3503 3.8293 -3.13481 20.7261 0.342304 14.5Z"});function s({text:e}){return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{category:"neutral",section:"overlay",style:{backgroundColor:"neutral",margin:"-medium medium medium medium",borderRadius:"5px",position:

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 11728, version 1.0
Category:	downloaded
Size (bytes):	11728
Entropy (8bit):	7.9793276091352485
Encrypted:	false
SSDEEP:	192:klyIZ5n3ROBQn0nXAdzXVIuiRdTgo4NL7WVvSat6YC/B67QuQyJGFtNdo/U5qE8F:gX3RAu0XAdzquw6dSVvS86YC/aQuv8lO
MD5:	B2845477C209263ADB2F8D6059491758
SHA1:	76C6F1F64027566CB5CBF88BC642B708D34D1302
SHA-256:	8F40676C64A72CB5D80952071B7A2F371650D7B2BB787EA01D8C5BC88EF734C7
SHA-512:	C07F84E8C169A79253C2EEA35E8B9A964A94203C20ADD14742840CFA8A084317C3792696D5157A961273637EC206C7F8DC9332C9DA4850F5716E5D956502E708
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2
Preview:	wOF2......-.......k...-v............................^...`........0..R.....6.$..8. ..d..K...AS.".8..Do@.%..$....!....$..d....}.'.J.L..~..w..a..?....Or.....O.J....`bA.....6v.e.[.]...u^mW[_m..U.rt.zKE......~..v....C..aRRI...A.-T.....?.O.....q...`x..O.&8@...R.....vC.v.@....\...... ..R.o`.@.B...".hT......jw.T.&..5.X..2K&....lr..g..p.d.,...'".:...?.L9..T.........k.M..k!.......zwY....N..q......FEAB...l......0..U.tn..y.^>6..........y.B....,...S#19.XB8...y....5f.!.r.%.......B,T..(.........8....D..J.$.].4.`.....bxN.6.....k{...\..L..4.p.#...x....b....+..F....G......L..y.$d.Be.].......C.^>...IC.....\|.!..c...C..'....5@.}..:......I:...^r.....0m$.{0.ce.XC...;<OR..a.....lg..=1....P.....=...a.N..o...........T..w.4...ev/.]<...x.........o:...$.Y....."....3Zb..0:.J....."B....&Fp.p.3..m!V..C....@!.........=P...2.}..J...@...."..&[O{....=.h ....xr[Qh].....,..+.c[..m...;.F.+.......8u.$E.......u.q<n..\|%.....R...pl....H.:.+...s.$*E.).V..@+.......G...w.Y...@..lv .m.j.

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (20947)
Category:	downloaded
Size (bytes):	24399
Entropy (8bit):	5.2375624098374
Encrypted:	false
SSDEEP:	384:UNoz5VHqeg0VzpiyiwffnnPacVorjFtteVT36FCLCpKe9plq2D:ME5qeg0Rp8wffnPVEjFtteEFiSbbl3D
MD5:	753CB19EE1A756E46FAA0F118B1B4E01
SHA1:	248885E3BFE7E71989BA9FFFB33B6EFF18166FEC
SHA-256:	ED9FFA2FBA5ECC75AF2F99E6EBADD5B927086F258037C2A848E94449CC579991
SHA-512:	4482C4D5F2F93DE8E095C549994A7783FA55CD1A6C4C9CC5E697CC2E2F00C98B04D5CB958CC1ADC4D0EF67F300BE014E112AE1D992487F40EB25BC93E8B47AAA
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js
Preview:	define("@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js",["exports","~/c/_rollupPluginBabelHelpers","~/c/_commonjsHelpers","~/c/interopRequireDefault","~/c/_react_commonjs-external"],(function(e,t,n,i,r){"use strict";var s=n.c((function(e){function t(n){return e.exports=t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e.exports.__esModule=!0,e.exports.default=e.exports,t(n)}e.exports=t,e.exports.__esModule=!0,e.exports.default=e.exports})),o=n.c((function(e){var t=s.default;function n(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,i=new WeakMap;return(n=function(e){return e?i:t})(e)}e.exports=function(e,i){if(!i&&e&&e.__esModule)return e;if(null===e\|\|"object"!==t(e)&&"function"!=typeof e)return{default:e};var r=n(i);if(r&&r.has(e))return r.get(e);var s={},o=Object.defineProperty&&Object.getOwnPropertyDescr

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	221
Entropy (8bit):	5.32955468303281
Encrypted:	false
SSDEEP:	6:FSPD8WUDDSBSyFbNemGHr9EJiKWaEwI8WUDDn:c5UDGBSyCTHr+pWTwGUDr
MD5:	8F12765EB30FBDCFCDC116D13F7FC272
SHA1:	506E45B7D3930756EACCE0DAD449A3C8CDB3EAC6
SHA-256:	265995EB76326E95613750F6F6570B850F5C22280D262DE9B9632A16CEB98B9B
SHA-512:	7AA2F396B105BCCF2B943FD2AC60929D8BF3A0EB8574B77451CB29816DF8ACDCD07694B526D7E4585F849DFDA3A0FE6E95661179E13F682DBF54098D98154BFB
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js
Preview:	define("@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js",["exports"],(function(i){"use strict";i.N="-249vw"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-navigationDrawer-27f5f1f5.js.map.

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
URL:	https://events.api.secureserver.net/t/1/tl/event?dh=mattamaks_walletus.godaddysites.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=1.0.1&vg=43f09da0-7acd-4fbb-a594-aea7fb7d07e5&vtg=43f09da0-7acd-4fbb-a594-aea7fb7d07e5&dp=%2F&trace_id=af0eda69ae544e65811791fc8b98a966&cts=2025-01-14T00%3A29%3A10.053Z&hit_id=077b03f5-dde5-47f7-8055-b9eeea8e53e0&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%2207dffded-8313-4239-be79-d950a0c05af1%22%2C%22pd%22%3A%222022-10-31T10%3A08%3A00.056Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout18%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&usrin=wam_site_hasPopupWidget%2Cfalse%5Ewam_site_hasMessagingWidget%2Ctrue%5Ewam_site_headerTreatment%2Cfalse%5Ewam_site_hasSlideshow%2Cfalse%5Ewam_site_hasFreemiumBanner%2Cfalse%5Ewam_site_homepageFirstWidgetType%2CCONTENT%5Ewam_site_homepageFirstWidgetPreset%2Ccontent7%5Ewam_site_businessCategory%2Ceducation%5Ewam_site_theme%2Clayout18%5Ewam_site_locale%2Cen-IN%5Ewam_site_fontPack%2Clato%5Ewam_site_cookieBannerEnabled%2Ctrue%5Ewam_site_membershipEnabled%2Ctrue%5Ewam_site_hasHomepageHTML%2Cfalse%5Ewam_site_hasHomepageShop%2Cfalse%5Ewam_site_hasHomepageOla%2Cfalse%5Ewam_site_hasHomepageBlog%2Cfalse%5Ewam_site_hasShop%2Cfalse%5Ewam_site_hasOla%2Cfalse%5Ewam_site_planType%2CbusinessPlus%5Ewam_site_isHomepage%2Ctrue%5Ewam_site_htmlWidget%2Cfalse%5Ewam_site_networkSpeed%2C1.25&ap=IPv2&vci=435995003&z=1977916386&LCP=2902&FID=19&timeToInteractive=5103&nav_type=hard
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	105560
Entropy (8bit):	5.173099073295946
Encrypted:	false
SSDEEP:	1536:Kvbe2WTBTlur/rTVYHlA2taouk+ZPL50/:E+Mr/1m+I
MD5:	6837678401F602120E41C9EAA7A7E915
SHA1:	A1F801D56B6666BDDED519DE10A8F04B9257AE0E
SHA-256:	DAE89C4D8697DC845428A11C2BDE64334AB65738EE97F598414D857B5D9D3FD2
SHA-512:	F0B529B9BED94C6EAC30FDB59CB1C2D347D78015B06C5D11577B12B2312A63D8D1AE684E5C05B7DE979EAEB848A337C20E7B00E089ADB2802B772A9690A005BF
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("scc-c2",[],e):"object"==typeof exports?exports["scc-c2"]=e():t["scc-c2"]=e()}(self,(()=>(()=>{"use strict";var t={d:(e,n)=>{for(var r in n)t.o(n,r)&&!t.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:n[r]})},o:(t,e)=>Object.prototype.hasOwnProperty.call(t,e),r:t=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})}},e={};t.r(e),t.d(e,{_isDebug:()=>v,debug:()=>w,error:()=>h,info:()=>m,log:()=>m,setDebug:()=>b,warn:()=>g});var n={};t.r(n),t.d(n,{cmdLogEvent:()=>Ki,cmdLogPerf:()=>Gi});var r,o,i,a,c,u=(r="",i={document:o=Object.create({get cookie(){return r},set cookie(t){r=t}})},a={},"undefined"==typeof window?{window:i,document:o,navigator:a}:{window:window\|\|i,document:window.document\|\|o,navigator:navigator\|\|a}),f=function(){return u.window},s=functi

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (905)
Category:	downloaded
Size (bytes):	960
Entropy (8bit):	5.203352394673048
Encrypted:	false
SSDEEP:	24:pzBLgJHHVvC+dKbywqIN6ttVFRJB1i/uwBrV7DtZHrIvyU:zSkjbQxz3+uQ7RxrIx
MD5:	62A914B2C847D4D02B76164D7A2A54C6
SHA1:	20D9F49A90A51FA6C8420640610DF77F7A96D919
SHA-256:	B08C2864EC27736C507B1CA4B3A225A19147841B861CD8494DAF95FA370FE639
SHA-512:	E67D3D9F68EF3151D93DEDAA3530DF89F0C957F08561E93134B219DEC23C2A1FE0D109AC666619526742C5411E4636ECE416A3AD1148C1AD0861F0050B41D3DE
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js
Preview:	define("@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js",["exports"],(function(e){"use strict";var n="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};e.a=n,e.b=function(e){if(e.__esModule)return e;var n=Object.defineProperty({},"__esModule",{value:!0});return Object.keys(e).forEach((function(t){var r=Object.getOwnPropertyDescriptor(e,t);Object.defineProperty(n,t,r.get?r:{enumerable:!0,get:function(){return e[t]}})})),n},e.c=function(e,n,t){return e(t={path:n,exports:{},require:function(e,n){return function(){throw new Error("Dynamic requires are not currently supported by @rollup/plugin-commonjs")}(null==n&&t.path)}},t.exports),t.exports},e.g=function(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_commonjsHelpers-67085353.js.map.

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 1240x679, components 3
Category:	dropped
Size (bytes):	60755
Entropy (8bit):	7.710230545104985
Encrypted:	false
SSDEEP:	1536:3lSbXoMB/kIsUzgVh5FtWjlKYGtV5wSc3BaXJWDktFD:u4skIsEGIDGtTLcxN0F
MD5:	CC1C756B3A225C3A58C74053EFDF71C9
SHA1:	916FA90D35A50D8AC519C45D5F97F90A584B6F13
SHA-256:	FAC9E2E3C5E698DAD414B09E1CDCF31D39D3AD6D303546ABE14F63FE0751EA8F
SHA-512:	95ACE8BD4D67FB69364A13E921D5E1565CA26AA475DAA604CE122E82813F9004E916BE57A287B36A9D5F2FB118F74546F87CD0EEA4D9996EF440F991F1D6F2CB
Malicious:	false
Reputation:	low
Preview:	......Exif..II...........................J...........R...(...........i.......Z.......8c......8c................0210........0100...........................................C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((...........".........................................[..........................!1..AQa.."q...2BRU....#Tbrs....$347t....6CDS.'5....%Vc....du...................................2.......................!.1.."AR..2Qa.3Bq.#..................?.......................................................................................................................................................................l...'WK.w=.....2Dg....U..v.l..........e....+11...Me.J..(#W.#X.L..q..j......o.d...G.\.".9..l.L.8^.....................................................................................................................,......L....3..........m.>&..f...w&{...f..T..R../Z...n..{.b.._.v..

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (383)
Category:	dropped
Size (bytes):	437
Entropy (8bit):	5.418011449016951
Encrypted:	false
SSDEEP:	12:cTTgBSyk+Jb8KCjoD3BMXkKbr4Si+THr+pWTDTd:cTTgBL3fCjqMXfr4SiSHrIYDTd
MD5:	21AD22788E6CAA18A4E9E57F7372B108
SHA1:	50EBDD2452193BEAB7D1899F788FBBF32D90DD55
SHA-256:	0FE26F07B9E5D49590F55D31CBC381CA9337850F89B09940E3B384FCD6D26464
SHA-512:	4237775466FC3A94FE9FD769B9A186DBF8559FE5E06442EA107872462B1591DA2EBFC2786DD8D05495538428F668D940A4D851AE8E13DAFBBF8B763EAAD2F063
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js",["exports"],(function(e){"use strict";const{headerTreatments:{FILL:n,FIT:t,INSET:o,BLUR:a,LEGACY_BLUR:c}}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants;e.A="accent",e.B=a,e.C="category",e.F=n,e.I=o,e.L=c,e.N="neutral",e.P="primary",e.a="none",e.b=t,e.c="light_dark"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-overlayTypes-e1dbe765.js.map.

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13834)
Category:	dropped
Size (bytes):	13891
Entropy (8bit):	4.645788246161265
Encrypted:	false
SSDEEP:	192:49+DrRmRAiyq602NNTV0afQQYrAJ9wzkENGWHl2JBpfodMjHJv8k9fopl1jn:4Bp49ykE8WQs2Vv8k9fGTjn
MD5:	C7B1DBB0EEF8600D5F57536998855E4D
SHA1:	03908243C34D5A373ACBA694EB16E30F088B4F7D
SHA-256:	53DA7DD341F1EF0C484A7B56A17D86669287DA5D082AAA8A0AF04FD3816B6631
SHA-512:	56EE4961F4C03A15C79252AD9C3CAD93573AC785881541EA32F83389996F4E8C074FBC397FF9F0B218121A3D8E1A9CEF101D088B4BCFB2353D6A311D5F60DCBA
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-modernThinRound-ced97fbd.js",["exports"],(function(e){"use strict";const a=(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M5.643 19.241a.782.782 0 0 1-.634-.889c.317-2.142 1.62-4.188 3.525-5.244l.459-.254-.39-.352a4.89 4.89 0 0 1-.797-6.327 4.747 4.747 0 0 1 2.752-2.003 4.894 4.894 0 0 1 6.092 5.72c-.211 1.042-.802 1.97-1.59 2.683l-.308.28.459.253c1.876 1.04 3.185 3.131 3.53 5.26a.765.765 0 0 1-.742.883c-.367.005-.697-.25-.753-.613-.52-3.384-4.067-6.087-7.702-4.324-1.628.79-2.714 2.511-3.014 4.313a.76.76 0 0 1-.887.614zm2.873-10.36a3.36 3.36 0 0 0 3.356 3.355A3.36 3.36 0 0 0 15.23 8.88a3.361 3.361 0 0 0-3.358-3.357A3.36 3.36 0 0 0 8.516 8.88z"});var l={__proto__:null,account:a,person:a,magGlass:(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M19.504 18.461a.76.76 0 0 1 0 1.038.652.652 0 0 1-.956 0L15.2 15.993a6.142 6.142 0 0 1-3.83 1.353C7.858 17.346 5 14.353 5 10.673 5 6.994 7.858 4 11.371 4c3.513 0 6.371 2.994

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	304
Entropy (8bit):	5.609970428503769
Encrypted:	false
SSDEEP:	6:FSPOhWNjZTivBSyv5F/kpIdiEjGWF+ktxRmGHr9EJiKWaEkWNjZTiKF:cUZBSyv5ZdihWF+CRTHr+pWTkAF
MD5:	DAA79AD7558674F6A12D962ABF47F2F6
SHA1:	03EEA0EBEBD11EC14CFA5A651EB0ACA2604829A7
SHA-256:	604281887CD770ED21601933E9636A7A9C8A57A30D7D796AE7D760EEF64D5089
SHA-512:	B335EBCB0C982398C56D9A5F68F5D4E36A850AB139976BD94354C7CD18F1F370866A74F46FCD399F46E410D59AF7FBA890A17003BB4FD456DD43A6DE531D28F9
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js
Preview:	define("@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js",["exports"],(function(o){"use strict";o.D="DESKTOP_NAV_COVER",o.M="MOBILE_NAV",o.N="NAV_DRAWER",o.S="SIDEBAR",o.a="DESKTOP_NAV"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-searchFormLocations-c86f2a99.js.map.

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13449)
Category:	downloaded
Size (bytes):	13500
Entropy (8bit):	5.426302310270178
Encrypted:	false
SSDEEP:	384:xwCUJQw/nfvqr5mu4Oxs1iGbW3DaJxJu74b4iEHj74O84NVXIMvFZucQr:xe/nHG5mu4OxCiGbW32Jfu74b4iEHj7i
MD5:	E135455ABAC1E365C75ACB29427BE2BD
SHA1:	386B236DC493D0EBE7827B2FD8897CC9DF4FE222
SHA-256:	88C66FB773F05F8A1B9EA9092CDE47FD6204EB3D3E5EF91F8223BD8A62339B40
SHA-512:	10260309AB241123099D44E175644D4C63C61ABFEB5FB71621DD41534012CD2EA9E662CBFA0B2D67B8CC7A6FD5B4B59FD34F325450E947ADD2B0EB01B5A04122
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/MESSAGING/bs-Component-3fa47963.js
Preview:	define("@widget/MESSAGING/bs-Component-3fa47963.js",["radpack","exports","@wsb/guac-widget-shared@^1/lib/components/Recaptcha/badge","@wsb/guac-widget-shared@^1/lib/common/constants/traffic2","@wsb/guac-widget-shared@^1/lib/common/constants/form/formIdentifiers"],(function(e,o,a,t,r){"use strict";var l=(global.keyMirror\|\|guac.keymirror)({MESSAGING_FAB:null,MESSAGING_MESSAGE_FLYOUT:null,WELCOME_MESSAGE:null,SEND_MESSAGE_TO:null,EMAIL_OPT_IN_TOGGLE:null,EMAIL_OPT_IN_MESSAGE:null,COLOR_SATURATION_KNOB:null,COLOR_HUE_SLIDER_KNOB:null});const c=(global.React\|\|guac.react).createElement("path",{d:"M0.342304 14.5C7.35025 6.3293 3.35025 0.829295 0 0.0.0 0.0 5.4 2.1 32.3502 0.329295C32.3503 3.8293 -3.13481 20.7261 0.342304 14.5Z"});function s({text:e}){return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{category:"neutral",section:"overlay",style:{backgroundColor:"neutral",margin:"-medium medium medium medium",borderRadius:"5px",position:

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (8320)
Category:	downloaded
Size (bytes):	26505
Entropy (8bit):	5.52527504967141
Encrypted:	false
SSDEEP:	384:zuGT2oJv1ERUD5yXRpS7a8EUmqQ4aPvh6ytORt3W:iGTz1AUTaWArsR1W
MD5:	2033F0B0F02D748AFD94661D110467AF
SHA1:	D7289CDBDB7A52918D07ED45F46BBF0D48897FBC
SHA-256:	00E6C2871ABED699FC7921BE05C1B70E3DE133E1FAFA48C1A9F3FA3A5061C072
SHA-512:	C2AFFAB4F499EC06F7F4551FD0D240F8B0551CB6C571AC65E0640AD856E0A15B96E148A3D2EBD40852D6F799F3562263D87638FD2EA425685EB3C0635AF67F96
Malicious:	false
Reputation:	low
URL:	https://mattamaks_walletus.godaddysites.com/
Preview:	<!DOCTYPE html><html lang="en-IN"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/favicon/5057bfe8-8a44-49ff-8070-aa5d57bcfed7.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/favicon/5057bfe8-8a44-49ff-8070-aa5d57bcfed7.png/:/rs=w:24,h:24,m" sizes="24x24"/><link rel="icon" href="//img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/favicon/5057bfe8-8a44-49ff-8070-aa5d57bcfed7.png/:/rs=w:32,h:32,m" sizes="32x32"/><link rel="icon" href="//img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/favicon/5057bfe8-8a44-49ff-8070-aa5d57bcfed7.png/:/rs=w:48,h:48,m" sizes="48x48"/><link rel="icon" href="//img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/favicon/5057bfe8-8a44-49ff-8070-aa5d57bcfed7.png/:/rs=w:64,h:64,m" sizes="64x64"/><meta charSet="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="viewport" content="width=d

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (383)
Category:	downloaded
Size (bytes):	437
Entropy (8bit):	5.418011449016951
Encrypted:	false
SSDEEP:	12:cTTgBSyk+Jb8KCjoD3BMXkKbr4Si+THr+pWTDTd:cTTgBL3fCjqMXfr4SiSHrIYDTd
MD5:	21AD22788E6CAA18A4E9E57F7372B108
SHA1:	50EBDD2452193BEAB7D1899F788FBBF32D90DD55
SHA-256:	0FE26F07B9E5D49590F55D31CBC381CA9337850F89B09940E3B384FCD6D26464
SHA-512:	4237775466FC3A94FE9FD769B9A186DBF8559FE5E06442EA107872462B1591DA2EBFC2786DD8D05495538428F668D940A4D851AE8E13DAFBBF8B763EAAD2F063
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js
Preview:	define("@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js",["exports"],(function(e){"use strict";const{headerTreatments:{FILL:n,FIT:t,INSET:o,BLUR:a,LEGACY_BLUR:c}}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants;e.A="accent",e.B=a,e.C="category",e.F=n,e.I=o,e.L=c,e.N="neutral",e.P="primary",e.a="none",e.b=t,e.c="light_dark"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-overlayTypes-e1dbe765.js.map.

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	304
Entropy (8bit):	5.609970428503769
Encrypted:	false
SSDEEP:	6:FSPOhWNjZTivBSyv5F/kpIdiEjGWF+ktxRmGHr9EJiKWaEkWNjZTiKF:cUZBSyv5ZdihWF+CRTHr+pWTkAF
MD5:	DAA79AD7558674F6A12D962ABF47F2F6
SHA1:	03EEA0EBEBD11EC14CFA5A651EB0ACA2604829A7
SHA-256:	604281887CD770ED21601933E9636A7A9C8A57A30D7D796AE7D760EEF64D5089
SHA-512:	B335EBCB0C982398C56D9A5F68F5D4E36A850AB139976BD94354C7CD18F1F370866A74F46FCD399F46E410D59AF7FBA890A17003BB4FD456DD43A6DE531D28F9
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js",["exports"],(function(o){"use strict";o.D="DESKTOP_NAV_COVER",o.M="MOBILE_NAV",o.N="NAV_DRAWER",o.S="SIDEBAR",o.a="DESKTOP_NAV"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-searchFormLocations-c86f2a99.js.map.

Chrome Cache Entry: 134

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (516)
Category:	downloaded
Size (bytes):	583
Entropy (8bit):	5.275794886448015
Encrypted:	false
SSDEEP:	12:csTLaBSyTUXaPXAbDTc/NeL2QiTj+RVnIYQ2ofXgYFw1THr+pWT0Lv:cTBLTUXaPXAPTc/tTj+Hn/Q2CQYytHrI
MD5:	0D42FFB998A9CF7C25824CF365C7D0C9
SHA1:	7A95B87AC3B0C813F195EA46EFB9E792023EAFBE
SHA-256:	3418AA0FB5D19C3909DD89CCF081C9B59EBAD2A0334EED58373ED395D228487A
SHA-512:	EE2711CED0E8936C0DDAE9CFBE1FFAFABF56766C4611DC5B68C50919EDFC6CD1F3C850A0599ED107E8F6555D54BB46B3395B957A74697BEA2A749814C270C0FD
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-e83be766.js
Preview:	define("@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-e83be766.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e},e.a=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-_rollupPluginBabelHelpers-e83be766.js.map.

Chrome Cache Entry: 135

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 192x197, components 3
Category:	dropped
Size (bytes):	4905
Entropy (8bit):	7.837991298914067
Encrypted:	false
SSDEEP:	96:tBDV0BWiQGXygvWufN0vyTOxvoS15q6D0Ltg1kx97lJhZYAg:tBDV0BW0xxfqvyS9fTwKkDrg
MD5:	E364BB31615893F66BF32A4454469314
SHA1:	17289F323B65841A3C0F898AEAE98FE2582E30F9
SHA-256:	C4241DAB91548405268EBC6BA27CBF01058F9901D083C4CBEA4DCA9AE34FD74F
SHA-512:	786630A1BD2E1E9249D5652200E3086797F10775DBD73D5810E7E3BCE69114BBA88203DAA26FBD03E99423EAD409FA49750E0F9F67837DD5D5529B073EC3D563
Malicious:	false
Reputation:	low
Preview:	......Exif..II...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100...........................................C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((..........."........................................A........................!..1Q..Aaq."2......BRT.....#3SUbr.$.4E............................................................!1Q2A."...Ba..RSq.............?..D@......~.[(e..)..'..I...]. y.g5...B.mF=..(>...b.....u.....{.... .....X=OgT.zIh..l0...""...." ...".h]-D..&..<..Z.[{.%...Kb....:..D..g..Y\|.3mt..J6.('C.Y6...Q%.WCP@.'.N.. ....S..0.\$..",.B" ...v....S.......fc.w..n..t..^....%?....Y..=.\WQ4...4..G....NI...:}..a.^....Zi[,.,x.B......M4..h"...<Z{.-H..Pm...E.kM.Z...m..].r)..u'M.O.Os.)X .A.+..[H.m.+.....\.[Kf...l.7Q..C..C..;...W....Z.+.i.........&.E...].".w..7%>k.s..8.. ..*..;.z...,.[l

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	266
Entropy (8bit):	5.182741116673583
Encrypted:	false
SSDEEP:	6:F9oNS2BSyRbWsCJwvYtMe1mGHr9EJiKWaO6SZF:HgS2BSyEsCJB1THr+pWIS7
MD5:	8578A331AD09BB2EF6359FEC3916BEFC
SHA1:	38B68F5C02CBDB6E29C50F8858710E0392B0B8D6
SHA-256:	3D7E7552E3801941A408C504AA732223FE2BED5D12E248680847D772182CB639
SHA-512:	B034DDDA04F8DEE0D174651D13A89AF9FE5ED28E1E81FAB229AFA119B9B0A9C418E324FFCE28E909D8D596BEAE98FA1AC0BA09C74E7E7689B945C032088C5E18
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js
Preview:	define("@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js",["exports"],(function(e){"use strict";const n=global.React\|\|guac.react;e._=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_react_commonjs-external-a1351e34.js.map.

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
URL:	https://events.api.secureserver.net/t/1/tl/event?dh=mattamaks_walletus.godaddysites.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=1.0.1&vg=43f09da0-7acd-4fbb-a594-aea7fb7d07e5&vtg=43f09da0-7acd-4fbb-a594-aea7fb7d07e5&dp=%2F&trace_id=af0eda69ae544e65811791fc8b98a966&cts=2025-01-14T00%3A29%3A03.378Z&hit_id=8e0c9c6b-2c47-465d-af87-f5501b7a6961&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%2207dffded-8313-4239-be79-d950a0c05af1%22%2C%22pd%22%3A%222022-10-31T10%3A08%3A00.056Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout18%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&ap=IPv2&vci=435995003&z=1390572607&tce=1736814535746&tcs=1736814535264&tdc=1736814543362&tdclee=1736814539288&tdcles=1736814539287&tdi=1736814537985&tdl=1736814535893&tdle=1736814535264&tdls=1736814535254&tfs=1736814535251&tns=1736814534185&trqs=1736814535746&tre=1736814535962&trps=1736814535866&tles=1736814543362&tlee=0&nt=navigate&LCP=2902&nav_type=hard
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (367)
Category:	dropped
Size (bytes):	421
Entropy (8bit):	5.615758069936489
Encrypted:	false
SSDEEP:	6:F9o1iGhM9WjW84BSyRbZ0ZMC4sXPJu3AdBAerBBecO+mGHr9EJiKWaaM9WjWQ:HnGhM0V4BSyQ0seOBhNTHr+pWBM0j
MD5:	401821742DEF46C40D4CF5F0121C8BEC
SHA1:	1852305A4F2D7E120F9B7BD185790B98CDF9BFA6
SHA-256:	462D8298239BC61418760DB4204CD135D990537E625782D059CB9D3A1D0266A4
SHA-512:	38A53048605CF83ADAC562721A2818462EEE8289A79DEF4E02FE5B73B4515D8BC2303A577BADB6A9A55D75F3644459D5652B2AA75390A2CE7A925D3DDA8D6D4D
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-99523055.js",["exports"],(function(e){"use strict";var n=(global.keyMirror\|\|guac.keymirror)({CONTACT_US:null,MESSAGING_EMAIL:null,MESSAGING_CONVERSATIONS:null,JOB_POSTING:null});e.default=n,Object.defineProperty(e,"__esModule",{value:!0})})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=formIdentifiers-99523055.js.map.

Chrome Cache Entry: 139

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (651)
Category:	dropped
Size (bytes):	698
Entropy (8bit):	5.240081353203154
Encrypted:	false
SSDEEP:	12:HniBSys8YpBynnHW7Y9VZWZbWpTEnTHr+pW6+:HiBLstpBy27GZWZbWSTHrIN+
MD5:	7B01FCDF2048E82F4DF741791CD44F61
SHA1:	D1D126931B5D6937B1496E7950342D6A06F361B9
SHA-256:	CBC04C06117804A9A97013C97A0714B027DF8279C5F1D0FD0478756A0944AEE6
SHA-512:	3D16B5D5D68C92C6098534C10E57B5FAF389BA31D3DB8D004927410657895F147BBB1AF23A20509AC6834F66B6D98ED0DFBA944756D8EE419D73437CCAEBD897
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/lib/common/constants/traffic2-0a7e72c6.js",["exports"],(function(a){"use strict";const e="click",o="pandc.vnext";var n,i,s=(n=o,i={editor_preview:{submit_contact_form:e,messaging_fab_open:e,messaging_fab_close:e,messaging_webApp_appstore:e,conversations_learn_more:e},shop_widget:{click_pagination_back_arrow:e,click_pagination_forward_arrow:e,click_pagination_number:e}},(global._\|\|guac.lodash).mapValues(i,((a,e)=>(global._\|\|guac.lodash).mapValues(a,((a,o)=>[n,e,o,a].join("."))))));a.TRAFFIC_PREFIX=o,a.default=s,Object.defineProperty(a,"__esModule",{value:!0})})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=traffic2-0a7e72c6.js.map.

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8076)
Category:	dropped
Size (bytes):	8146
Entropy (8bit):	5.193570786754158
Encrypted:	false
SSDEEP:	192:bXex8k/4ro1H29Lm90fwK4cal8k5AV+IZ7/UHpvx/nvvdlFwmlqkk1:bXex9QriHqLm90fwncal75AV+IZ78HF6
MD5:	D0BF5E9E6E778CE2D940F214EC04700C
SHA1:	2ECB604E1F2E8CA95A0413DB58C153B9AA710A29
SHA-256:	1B7F2E117669F2643EA895B6BEDB818796AF009F19A6FC1F8B8A1DC9C30B6D9B
SHA-512:	DC1A45C8946109AB2E61509A977287020136B03555CC2FAC0B769BB20ADC78268929AE857F695626E86D8AC6E805C3731D33374360406E86FC98F643A3523E5C
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/bs-layout18-Theme-publish-Theme-5bf6e4ee.js",["exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-index3","~/c/bs-legacyOverrides","~/c/bs-modernThinRound","~/c/bs-defaultSocialIconPack","~/c/bs-loaders","~/c/bs-index2","~/c/bs-index","~/c/bs-overlayTypes"],(function(e,t,r,o,a,l,n,i,s,d){"use strict";const{colorPackCategories:g,buttons:h}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,{LIGHT:m,LIGHT_ALT:c,LIGHT_COLORFUL:u,DARK:p,DARK_ALT:b,DARK_COLORFUL:y,COLORFUL:f}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants.paintJobs,S={[d.F]:"accent-overlay",[d.b]:"accent-overlay",[d.I]:"category-alt-solid",[d.B]:"accent-overlay",[d.L]:"accent-overlay"},H={defaultHeaderTreatment:d.F,hasLegacy:!0,heroContentItems:["tagline","tagline2","cta"],nonHeroContentItems:["phone"],imageTreatments:S};var C={id:"layout18",name:"dawn",packs:{color:"000",font:"lato"},logo:{font:"primary"},packCategories:{color:g.NEUTRAL},headerProperties:{alignmentOption:"center"},header

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	242257
Entropy (8bit):	5.517949479561666
Encrypted:	false
SSDEEP:	3072:7u8xUu8gpdmSOvTdTK4Tn9TnatTn9TnApfeVH0pdmSO3iTIT7JlDnDQj3jPGIXSQ:Y3A/6hbCxJFxKhUc
MD5:	55BAF821A59FAD53AA754C85AE19D0EA
SHA1:	B1662F5F5B119836E5E9C91C5E4A448BCD6CCC6D
SHA-256:	D26724E378F16CC4135849CCABF5A1BA738C3F4BA952950ACB34E73F24869E83
SHA-512:	791B8AA2E321324B55731B5F69239F86A0602F19FEB833BFC492D525EA132BC23D1C6A3907957992C655742F38AEDD7819A585E6B7A7F3C68126E0DC739DFC1B
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-55bc27af.js
Preview:	define("@widget/LAYOUT/c/bs-index3-55bc27af.js",["radpack","exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-overlayTypes","~/c/bs-index2","~/c/bs-index","~/c/bs-dataAids","@wsb/guac-widget-shared@^1/lib/components/ColorSwatch","@wsb/guac-widget-shared@^1/lib/components/Carousel","~/c/bs-navigationDrawer","~/c/bs-searchFormLocations"],(function(e,t,a,r,o,l,n,i,c,s,g){"use strict";class p extends((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.utils.createElement("Background")){}a._(p,"propTypes",{className:(global.PropTypes\|\|guac["prop-types"]).string,backgroundSize:(global.PropTypes\|\|guac["prop-types"]).string,backgroundPosition:(global.PropTypes\|\|guac["prop-types"]).string,style:(global.PropTypes\|\|guac["prop-types"]).object,imageData:(global.PropTypes\|\|guac["prop-types"]).object,mobileWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,desktopWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,blur:(global.PropTypes\|\|guac["prop-types"]).bool}),a._(p,"defaultPr

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (330)
Category:	downloaded
Size (bytes):	390
Entropy (8bit):	5.206764812811324
Encrypted:	false
SSDEEP:	6:F9o8fAX7s4Bszv4yA5FKJyR8aBzzNWLc3oqcqAdfFwC6emGHr9EJiKWayfAX7A:HGs4Bkv4yA5sy+go9Hf+eTHr+pWOA
MD5:	C86B7F8224FA45FB1682AC94D8F75AC6
SHA1:	9561F67AAE74B14702DB79C22F9C7F9E6F3B3239
SHA-256:	010083B88E95F18CEFDB90796ACCE02073E91FC8DFEFB27A7F5F3F75529E4906
SHA-512:	B239BAC43D973D0076F4E0C0720906560B0AED76472F50202841B2EABB66C5AD5774E35449007AA2DC3E6A096330AB14D1AA9374645136C89A20B45E4BBDBC52
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js
Preview:	define("@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js",["exports","~/c/_commonjsHelpers"],(function(e,o){"use strict";var t=o.c((function(e){e.exports=function(e){return e&&e.__esModule?e:{default:e}},e.exports.__esModule=!0,e.exports.default=e.exports}));e.i=t})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=interopRequireDefault-c83974f7.js.map.

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	266
Entropy (8bit):	5.182741116673583
Encrypted:	false
SSDEEP:	6:F9oNS2BSyRbWsCJwvYtMe1mGHr9EJiKWaO6SZF:HgS2BSyEsCJB1THr+pWIS7
MD5:	8578A331AD09BB2EF6359FEC3916BEFC
SHA1:	38B68F5C02CBDB6E29C50F8858710E0392B0B8D6
SHA-256:	3D7E7552E3801941A408C504AA732223FE2BED5D12E248680847D772182CB639
SHA-512:	B034DDDA04F8DEE0D174651D13A89AF9FE5ED28E1E81FAB229AFA119B9B0A9C418E324FFCE28E909D8D596BEAE98FA1AC0BA09C74E7E7689B945C032088C5E18
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js",["exports"],(function(e){"use strict";const n=global.React\|\|guac.react;e._=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_react_commonjs-external-a1351e34.js.map.

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3043)
Category:	dropped
Size (bytes):	3092
Entropy (8bit):	5.221416224205306
Encrypted:	false
SSDEEP:	96:/NSXU/vuELNSXtiF7ANSXTJrrBNSXt7X5wqh:VcKncc7ycd3cd5w8
MD5:	852CBC5322260E00B44F2C682F88B2C7
SHA1:	BCAF229E6134F43EB5F974C9891E4D16FAF1D344
SHA-256:	BAE437DBEFE58377D88C9D579DB7C59F4202F3FBF88866D0005FB375BE6B2CD7
SHA-512:	F031B43F7FA0DA001F71DDCFFE5E322A94C5F1F52F7C4D67D34880243D9D361AC55C0E5001DD004390867CB31E5DEF5D4D9282E6E2ECB9AEC0E880AA5B786BA3
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-loaders-fffeeba5.js",["exports","~/c/bs-index3"],(function(e,a){"use strict";e.B=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).createElement((global.React\|\|guac.react).Fragment,null,(global.React\|\|guac.react).createElement(c,{viewBox:"0 0 44 44",width:"3em",height:"3em",fill:"currentColor"},(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M31.968 23H12.032c-.57 0-1.032-.448-1.032-1 0-.553.462-1 1.032-1h19.936c.57 0 1.032.447 1.032 1 0 .552-.462 1-1.032 1"})),(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX.Style,null,a.k.loaderBalance)),style:{"> svg":{animation:"balance 1s infinite cubic-bezier(.62,.06,.33,.79);",transformOrigin:"center"}}},e)},e.C=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).crea

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21556)
Category:	dropped
Size (bytes):	21592
Entropy (8bit):	5.118279269599776
Encrypted:	false
SSDEEP:	384:/z+lhnKuowsx9pGxw57yty3eOHenS934osy:JioFP934Y
MD5:	1C56940A864F144FAE2EB40EE952CB94
SHA1:	EBFC754CE962A1F9025853F2995B3987F0383D87
SHA-256:	3C37A4AA3CF6AAAE6921A4B750C0E4F81FD338D6878BE90B0FAF2F921039CB23
SHA-512:	AEF4B08A01D56BD8855653499B375DB11D8FD7D67C4BCDC74323236BADC47B70DDFEDC14CE89828736C63FFE147BF71C14311580296D41B59F11A3305993ADDD
Malicious:	false
Reputation:	low
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("tti",[],e):"object"==typeof exports?exports["tti"]=e():t["tti"]=e()}(window,function(){return n=[function(t,e){var n=function(){return this}();try{n=n\|\|Function("return this")()}catch(t){"object"==typeof window&&(n=window)}t.exports=n},function(t,e,n){"use strict";e.__esModule=!0,e.setCustomProperties=e._sendWebVitalsData=e._collectVitals=e.calculateTTI=void 0,n(2);function i(){0<s.timeToInteractive&&setTimeout(function(){window._expDataLayer=window._expDataLayer\|\|[],window._expDataLayer.push({schema:"add_perf",version:"v1",data:window._tccInternal?{type:"pageperf",properties:s,custom_properties:c}:{timing_object:s,is_hard_navigation:!0,custom_properties:c}})},0)}function r(){var t,e,n=(r=0<arguments.length&&void 0!==arguments[0]?arguments[0]:{}).name,r=r.value;s[n]="CLS"===n?r:Math.round(r),"timeToInteractive"===n&&(s.hasOwnProperty("FID")?i():(t=0,e=setInt

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (367)
Category:	downloaded
Size (bytes):	421
Entropy (8bit):	5.615758069936489
Encrypted:	false
SSDEEP:	6:F9o1iGhM9WjW84BSyRbZ0ZMC4sXPJu3AdBAerBBecO+mGHr9EJiKWaaM9WjWQ:HnGhM0V4BSyQ0seOBhNTHr+pWBM0j
MD5:	401821742DEF46C40D4CF5F0121C8BEC
SHA1:	1852305A4F2D7E120F9B7BD185790B98CDF9BFA6
SHA-256:	462D8298239BC61418760DB4204CD135D990537E625782D059CB9D3A1D0266A4
SHA-512:	38A53048605CF83ADAC562721A2818462EEE8289A79DEF4E02FE5B73B4515D8BC2303A577BADB6A9A55D75F3644459D5652B2AA75390A2CE7A925D3DDA8D6D4D
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-99523055.js
Preview:	define("@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-99523055.js",["exports"],(function(e){"use strict";var n=(global.keyMirror\|\|guac.keymirror)({CONTACT_US:null,MESSAGING_EMAIL:null,MESSAGING_CONVERSATIONS:null,JOB_POSTING:null});e.default=n,Object.defineProperty(e,"__esModule",{value:!0})})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=formIdentifiers-99523055.js.map.

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (330)
Category:	dropped
Size (bytes):	390
Entropy (8bit):	5.206764812811324
Encrypted:	false
SSDEEP:	6:F9o8fAX7s4Bszv4yA5FKJyR8aBzzNWLc3oqcqAdfFwC6emGHr9EJiKWayfAX7A:HGs4Bkv4yA5sy+go9Hf+eTHr+pWOA
MD5:	C86B7F8224FA45FB1682AC94D8F75AC6
SHA1:	9561F67AAE74B14702DB79C22F9C7F9E6F3B3239
SHA-256:	010083B88E95F18CEFDB90796ACCE02073E91FC8DFEFB27A7F5F3F75529E4906
SHA-512:	B239BAC43D973D0076F4E0C0720906560B0AED76472F50202841B2EABB66C5AD5774E35449007AA2DC3E6A096330AB14D1AA9374645136C89A20B45E4BBDBC52
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js",["exports","~/c/_commonjsHelpers"],(function(e,o){"use strict";var t=o.c((function(e){e.exports=function(e){return e&&e.__esModule?e:{default:e}},e.exports.__esModule=!0,e.exports.default=e.exports}));e.i=t})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=interopRequireDefault-c83974f7.js.map.

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (516)
Category:	dropped
Size (bytes):	583
Entropy (8bit):	5.275794886448015
Encrypted:	false
SSDEEP:	12:csTLaBSyTUXaPXAbDTc/NeL2QiTj+RVnIYQ2ofXgYFw1THr+pWT0Lv:cTBLTUXaPXAPTc/tTj+Hn/Q2CQYytHrI
MD5:	0D42FFB998A9CF7C25824CF365C7D0C9
SHA1:	7A95B87AC3B0C813F195EA46EFB9E792023EAFBE
SHA-256:	3418AA0FB5D19C3909DD89CCF081C9B59EBAD2A0334EED58373ED395D228487A
SHA-512:	EE2711CED0E8936C0DDAE9CFBE1FFAFABF56766C4611DC5B68C50919EDFC6CD1F3C850A0599ED107E8F6555D54BB46B3395B957A74697BEA2A749814C270C0FD
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-e83be766.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e},e.a=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-_rollupPluginBabelHelpers-e83be766.js.map.

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (63425)
Category:	dropped
Size (bytes):	314664
Entropy (8bit):	5.468234877621491
Encrypted:	false
SSDEEP:	3072:OfpdUw9ySK7x5jfw71wUNdFsh0q312hgBQKQYctGfziZo/c0z6iv8W:g8w9yzc71rNVq31JBQKctGfWZoUW
MD5:	31E273E89FB56A44D86D206F1BCDCDB4
SHA1:	C1D25BAD06F8485EB76D39134C4BEC22A44E5534
SHA-256:	9E3C0FE8C9D6F0325C883709CEDE8898CE5D70F0640420ED058E0709C636531B
SHA-512:	53EFED1036FCC4F3D88D0269BA1348950DB5813B7B7AFE0548DE536AC7532BBEB7451E0BE3537C4FFBA5FE5A1CB1974243793AF0D958537C060EF01DF000674F
Malicious:	false
Reputation:	low
Preview:	var Core=function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/",n(n.s=68)}([fun

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (51229)
Category:	downloaded
Size (bytes):	60294
Entropy (8bit):	5.3522812100597745
Encrypted:	false
SSDEEP:	768:RfLoCGFoLt8vvw4xUC/ib7V/Kc5EVou1/e/LkIT8OTGLFmJ6KhzFmzi6r8BmuMg:+t1/QD8O8mJ6Khz8zi6r8BmuJ
MD5:	6AF7EF3E31A8CDDEADC67B87D7B48179
SHA1:	705D4CD0D7201C82B0F23036DF835B765EBA703B
SHA-256:	522B1E2C7CC243459B843F543C0EF027A7F955EE33B6120BE0D8BB5197E756DD
SHA-512:	9D8EC7D287E1183D75A260EED2B412FEEC8E8FD2E247F680511A2254107413ECFFF09B361C5A41BAC151D9F5CF140E22848555A7D4445A787A1AF492193AF414
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/07dffded-8313-4239-be79-d950a0c05af1/gpub/aa2f9bb5b45a35/script.js
Preview:	navigator&&navigator.connection&&(window.networkInfo=navigator.connection,navigator.connection.addEventListener&&navigator.connection.addEventListener("change",({target:n})=>window.networkInfo=n));.const imageObserver=new IntersectionObserver((e,r)=>{var a=e=>{if(e.hasAttribute("data-lazyimg")){var t=e.getAttribute("data-srclazy");let o=e.getAttribute("data-srcsetlazy")\|\|"";if(t&&(e.src=t),o&&window.networkInfo){var n=window.networkInfo.downlink;const r=[{min:0,max:5,regex:/(.?(?=, ))/,qMod:!0},{min:5,max:8,regex:/(.2x)/}];r.forEach(({min:e,max:t,regex:r,qMod:a})=>{e<=n&&n<t&&(r=o.match(r),o=(r&&r.length?r[0]:o)+(a?"/qt=q:"+Math.round((n-e)/(t-e)*100):""))})}e.srcset=o,e.removeAttribute("sizes"),e.removeAttribute("data-lazyimg"),e.removeAttribute("data-srclazy"),e.removeAttribute("data-srcsetlazy")}};e.forEach(e=>{if(e.isIntersecting){const t=e.target;window.networkInfo&&0===window.networkInfo.downlink\|\|([t].concat(Array.from(t.querySelectorAll("[data-lazyimg]"))).forEach(a),r.unobse

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3043)
Category:	downloaded
Size (bytes):	3092
Entropy (8bit):	5.221416224205306
Encrypted:	false
SSDEEP:	96:/NSXU/vuELNSXtiF7ANSXTJrrBNSXt7X5wqh:VcKncc7ycd3cd5w8
MD5:	852CBC5322260E00B44F2C682F88B2C7
SHA1:	BCAF229E6134F43EB5F974C9891E4D16FAF1D344
SHA-256:	BAE437DBEFE58377D88C9D579DB7C59F4202F3FBF88866D0005FB375BE6B2CD7
SHA-512:	F031B43F7FA0DA001F71DDCFFE5E322A94C5F1F52F7C4D67D34880243D9D361AC55C0E5001DD004390867CB31E5DEF5D4D9282E6E2ECB9AEC0E880AA5B786BA3
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-fffeeba5.js
Preview:	define("@widget/LAYOUT/c/bs-loaders-fffeeba5.js",["exports","~/c/bs-index3"],(function(e,a){"use strict";e.B=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).createElement((global.React\|\|guac.react).Fragment,null,(global.React\|\|guac.react).createElement(c,{viewBox:"0 0 44 44",width:"3em",height:"3em",fill:"currentColor"},(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M31.968 23H12.032c-.57 0-1.032-.448-1.032-1 0-.553.462-1 1.032-1h19.936c.57 0 1.032.447 1.032 1 0 .552-.462 1-1.032 1"})),(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX.Style,null,a.k.loaderBalance)),style:{"> svg":{animation:"balance 1s infinite cubic-bezier(.62,.06,.33,.79);",transformOrigin:"center"}}},e)},e.C=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).crea

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	658
Entropy (8bit):	6.61730029867641
Encrypted:	false
SSDEEP:	12:iNol07G5AaTycUlH5xxaicnZdBospuGM+eG1DRPb3SkEl9e:moKfblZxUiIUOu1+RB2l
MD5:	879C1943149C92DC59978AB1CEA144BA
SHA1:	2AA9F610A73F6CFE16772B1D81A9C9E53B72CC05
SHA-256:	E8CF82C58502F0958CA150370689B6FC2E5E41852E2310EB4404F4922FDB8376
SHA-512:	BD025AE3DBF5697CC2305E34BDE71F1146667A71D8CF829F402FAE04B62A8435F1DB64C3025759FA6308A4D2C5EE6397C8E9C16CF4E2618BB6BC24261B15B1D6
Malicious:	false
Reputation:	low
URL:	"https://img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/favicon/5057bfe8-8a44-49ff-8070-aa5d57bcfed7.png/:/rs=w:32,h:32,m"
Preview:	RIFF....WEBPVP8X........... ..VP8 .........* .!.>e(.E."....@.D..V.^.#..6............i_3....`.2k0.w.v..n................+..}~?...7L...5c.._..W.NXw........v..Q3......p....6..?.Z...e...i..Bn.;_UQ...zZ.2.}.W....$..E..]......JO)...c...C..,.'..UXy..K..S..G..0..V......#.1....k9.I...L...D.<'...c.'(s......z...P3.W.`........n.I...Dns.V....5-..j......eN...}..F...N.r.4..T........./[.0Z).(...IB...S."...Cjp..[I..J.....J."......H0.5.......u.......EXIF....Exif..II*...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100.................... ...........!.......

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	221
Entropy (8bit):	5.32955468303281
Encrypted:	false
SSDEEP:	6:FSPD8WUDDSBSyFbNemGHr9EJiKWaEwI8WUDDn:c5UDGBSyCTHr+pWTwGUDr
MD5:	8F12765EB30FBDCFCDC116D13F7FC272
SHA1:	506E45B7D3930756EACCE0DAD449A3C8CDB3EAC6
SHA-256:	265995EB76326E95613750F6F6570B850F5C22280D262DE9B9632A16CEB98B9B
SHA-512:	7AA2F396B105BCCF2B943FD2AC60929D8BF3A0EB8574B77451CB29816DF8ACDCD07694B526D7E4585F849DFDA3A0FE6E95661179E13F682DBF54098D98154BFB
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js",["exports"],(function(i){"use strict";i.N="-249vw"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-navigationDrawer-27f5f1f5.js.map.

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1211)
Category:	downloaded
Size (bytes):	1261
Entropy (8bit):	5.340315611373646
Encrypted:	false
SSDEEP:	24:/BLEQuC0F6lq5lEYwy5WqogVeESgVeId4PXsHrIW:Z4jFYq5lpwW7vdd4PXgrIW
MD5:	CB9BFA0FBDD957FBE7F4841B70341DB2
SHA1:	9CAD12A3580D3E4D340CB867E88B687C75564C5A
SHA-256:	513864FD4EBD1926F3E1E78B436A90C2BC3A5D16835B50415E7B318D7DEEC2A2
SHA-512:	DF98C3262F64DA4EA9CACF75FF7CB685D71B69142D89F726AB3E13CF6F25432DC395D7C0950E1632F0E519F135B02FDA0753739189E51F1C9210ACA6692551DD
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js
Preview:	define("@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js",["exports"],(function(e){"use strict";const o=e=>{let{color:o,isActive:t,inStock:r,isSmall:l}=e;const a=r\|\|void 0===r,c=l?"24px":"38px",n=l?"20px":"32px",i={borderRadius:"50%",borderWidth:"1px",borderStyle:"solid"},s={outer:{...i,display:"flex",alignItems:"center",justifyContent:"center",width:c,height:c,borderColor:t?"lowContrast":"transparent"},inner:{...i,borderColor:"ultraLowContrast",color:"ultraLowContrast",width:n,height:n,background:a?o:`linear-gradient(to left top, ${o} calc(50% - 1px), currentColor, ${o} calc(50% + 1px) )`}};return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.outer},(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.inner}))};o.propTypes={color:(global.PropTypes\|\|guac["prop-types"]).string.isRequired,isActive:(global.PropTypes\|\|guac["prop-types"]).bool,inStock:(

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (829)
Category:	dropped
Size (bytes):	876
Entropy (8bit):	5.561256771975726
Encrypted:	false
SSDEEP:	24:cEBLv5pqMIuHMnH7cmo17Jv0ySaUKdei9hJQE2HrIYpb:f75pqaowmWJcySaUKdTfcrIC
MD5:	9219CF782ED219BD3929A51E99503BC2
SHA1:	6AAC399854EC0405949566FAFDCA8C121F0CDA58
SHA-256:	89388608D7BCECED5AD74231681FFCE822AD580ACB9FD7E492970176E3E38347
SHA-512:	D421851026422D46E1561FA852084CE7B41E32C7451DCF85900838265D330F09389DA18F4D8A5FAF3E0A4076508BA7E93EA9C5F8B5B32ACF32205C9B6E65E709
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-index-4e26cd6b.js",["exports"],(function(o){"use strict";const{widgetTypes:e,colorPackCategories:t,themeConstants:n,buttons:l}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,s=(global.keyMirror\|\|guac.keymirror)({NONE:null,SMALL_UNDERLINE:null,FULL_UNDERLINE:null,INLINE:null}),i=24,r=n.DEFAULT_OVERLAY_TEXT_SHADOW,a={about4:i,introduction5:i,content5:i,ordering1:i,payment2:i,zillow1:i,reviews1:i,rss1:i,subscribe3:i,mlsSearch1:i,contact10:i,countdown1:i,quote1:i},c={spotlight:{fill:l.fills.SOLID},external:{fill:l.fills.NONE,decoration:l.decorations.NONE,shadow:l.shadows.NONE}};o.A="365px",o.B="24px",o.C=c,o.D=25,o.I=28,o.M=40,o.O="0px 2px 10px rgba(0, 0, 0, 0.3)",o.S=40,o.W={about1:!0},o.a=r,o.b="18px",o.c=a,o.d="600px",o.e=t,o.s=s})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-index-4e26cd6b.js.map.

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23126)
Category:	dropped
Size (bytes):	23189
Entropy (8bit):	4.539345073526186
Encrypted:	false
SSDEEP:	384:7UuK/6kvTqLYddu4bV/yiAhSs1hiAhAiSeG3dvBRU+SMkc6e:QuJ5wI45/c1+ipG3TJSMkU
MD5:	3D092EF4ABA019B14F01C40747E40554
SHA1:	1C26145272FCF4CA91AF501288CCE84B1BFFD38B
SHA-256:	B4C48B77BBE6BBACF7D16BDAA81F5509FB8EA0FBFDDFBF2D12307F7A88518846
SHA-512:	F7180D3D98CF17556E27D62EF719DD9E35041679BAB74BD49BD898EB0FB62018EF6C6B64D06E9E0CAC4A646154DB93A1D35096B098DDCFF7B02CD6889A29DA0A
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-defaultSocialIconPack-91835b99.js",["exports"],(function(a){"use strict";const e=(global.React\|\|guac.react).createElement("path",{d:"M12 2C6.477 2 2 6.477 2 12s4.477 10 10 10 10-4.477 10-10A10 10 0 0 0 12 2zM7.055 13.745a.97.97 0 0 1-.073-.509l.182-2.072a.687.687 0 0 1 .29-.364c.182-.11.582.036.582.036l2.619 1.31s.4.181.4.509c-.037.436-.219.436-.364.509l-3.055.654s-.436.146-.581-.073zm4.945.473l-.036 3.018s.036.437-.219.51c-.144.02-.291.02-.436 0l-2.036-.655a.6.6 0 0 1-.291-.364c-.073-.218.182-.545.182-.545l2.036-2.255s.327-.29.582-.145c.254.145.254.436.218.436zm-.364-3.236a.687.687 0 0 1-.581-.182l-2.51-3.418s-.363-.4-.181-.691a.64.64 0 0 1 .363-.291l2.4-.873c.11-.036.218-.145.582.073.255.145.291.655.291.655l.036 4.145s-.072.51-.4.582zm1.419.582l1.636-2.582s.145-.364.436-.327c.152.002.29.085.364.218l1.382 1.636a.676.676 0 0 1 .072.473c-.072.218-.472.363-.472.363l-2.91.837s-.4.073-.545-.182c-.145-.255 0-.51.037-.436zm3.781 3.309L15.6 16.655a.815.815 0 0 1-.4

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (63425)
Category:	downloaded
Size (bytes):	314664
Entropy (8bit):	5.468234877621491
Encrypted:	false
SSDEEP:	3072:OfpdUw9ySK7x5jfw71wUNdFsh0q312hgBQKQYctGfziZo/c0z6iv8W:g8w9yzc71rNVq31JBQKctGfWZoUW
MD5:	31E273E89FB56A44D86D206F1BCDCDB4
SHA1:	C1D25BAD06F8485EB76D39134C4BEC22A44E5534
SHA-256:	9E3C0FE8C9D6F0325C883709CEDE8898CE5D70F0640420ED058E0709C636531B
SHA-512:	53EFED1036FCC4F3D88D0269BA1348950DB5813B7B7AFE0548DE536AC7532BBEB7451E0BE3537C4FFBA5FE5A1CB1974243793AF0D958537C060EF01DF000674F
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.2.js
Preview:	var Core=function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/",n(n.s=68)}([fun

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (442)
Category:	dropped
Size (bytes):	486
Entropy (8bit):	5.227340053777477
Encrypted:	false
SSDEEP:	12:HDSk+nBSyD8Dgu4dKsVfIoD3PS22hTHr+pWrY:ek+nBLD8DN4sog+iHrIcY
MD5:	5F10DF611C856F376981BE4DFBD17753
SHA1:	4463A27419B2FDFDBD81770C74DEE2E74BE948E0
SHA-256:	EBD2BA2A0E879AE2CEC7D513324E04346153A581BE3AA202662E6C9D5B1CE6E1
SHA-512:	F5911E08ED8B57B2E4B10C8AC622C4E7A82AEEC7D5B1AFED9C064A2975F41E211149CE1692FCF2F9497508E7ECDF678E48EC2CFA1D8C9112507950748146D5D8
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/lib/components/Recaptcha/badge-e542c4f1.js",["exports"],(function(e){"use strict";class a extends(global.React\|\|guac.react).Component{render(){return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX.Style,null,".grecaptcha-badge { visibility: hidden; }")}}e.default=a,Object.defineProperty(e,"__esModule",{value:!0})})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=badge-e542c4f1.js.map.

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (20947)
Category:	dropped
Size (bytes):	24399
Entropy (8bit):	5.2375624098374
Encrypted:	false
SSDEEP:	384:UNoz5VHqeg0VzpiyiwffnnPacVorjFtteVT36FCLCpKe9plq2D:ME5qeg0Rp8wffnPVEjFtteEFiSbbl3D
MD5:	753CB19EE1A756E46FAA0F118B1B4E01
SHA1:	248885E3BFE7E71989BA9FFFB33B6EFF18166FEC
SHA-256:	ED9FFA2FBA5ECC75AF2F99E6EBADD5B927086F258037C2A848E94449CC579991
SHA-512:	4482C4D5F2F93DE8E095C549994A7783FA55CD1A6C4C9CC5E697CC2E2F00C98B04D5CB958CC1ADC4D0EF67F300BE014E112AE1D992487F40EB25BC93E8B47AAA
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js",["exports","~/c/_rollupPluginBabelHelpers","~/c/_commonjsHelpers","~/c/interopRequireDefault","~/c/_react_commonjs-external"],(function(e,t,n,i,r){"use strict";var s=n.c((function(e){function t(n){return e.exports=t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e.exports.__esModule=!0,e.exports.default=e.exports,t(n)}e.exports=t,e.exports.__esModule=!0,e.exports.default=e.exports})),o=n.c((function(e){var t=s.default;function n(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,i=new WeakMap;return(n=function(e){return e?i:t})(e)}e.exports=function(e,i){if(!i&&e&&e.__esModule)return e;if(null===e\|\|"object"!==t(e)&&"function"!=typeof e)return{default:e};var r=n(i);if(r&&r.has(e))return r.get(e);var s={},o=Object.defineProperty&&Object.getOwnPropertyDescr

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Category:	downloaded
Size (bytes):	23580
Entropy (8bit):	7.990537110832721
Encrypted:	true
SSDEEP:	384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK
MD5:	E1B3B5908C9CF23DFB2B9C52B9A023AB
SHA1:	FCD4136085F2A03481D9958CC6793A5ED98E714C
SHA-256:	918B7DC3E2E2D015C16CE08B57BCB64D2253BAFC1707658F361E72865498E537
SHA-512:	B2DA7EF768385707AFED62CA1F178EFC6AA14519762E3F270129B3AFEE4D3782CB991E6FA66B3B08A2F81FF7CABA0B4C34C726D952198B2AC4A784B36EB2A828
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Preview:	wOF2......\........,..[...........................z.p.`..D....e........]..B..6.$..v. .....E.K...5c[R..V.Vr!.....$....@n..P.....'%.1....."A...#H:.T.6.JL.7.g..7..x....N"..,h....R3..u.T..A.._O..f=Mu.e.....0.c.0.FV.q....m;8..J.t.-.%."......&..2...!\....n..]Lx..:......S/F.V.rf%..#.Uk}....X.1n..V.\|.O..aC ."...#..>..n.... $;.....y.5..\|>...;@..Q.D........FT...r=p.Llf...J.3..{Z.. t]Rp.N..Z..7"B..,D.0s..."o..V<...#.N.WZ...m.\......Pb....#:z...B......~w.....J.ABQ.u<.8j..m..r2.....Aq.fNY...P..c.L+......v.n..yV.w......l......H...,..2.."v.......R.V.[...s......@..L....CS..'....Z.2..o......).4.H{C.%..?.%^...#.A.]..[....._&.[~1..j.P..`.......=......[.D7h..5...s......d'.....,....?...6.;....f..(M.CV.....R..q.c.....4.6.k.V.h/..........H..?u..!mq5...9@..0YA9.M..:..reS.;._......K...\..S.^.2..Fv.l~'l..U.TN....OXv..]..`.X1w.4E.t%a...2!.c.R.............t.'Hc...2.8...K.w..p@..T..RZ.@..)}..'+.7s1..... . -.....E7<...C.J.D....Iw-...u...m.K.\e..>..*....7y\|{........G..d13g].t.%.y<..

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (522)
Category:	downloaded
Size (bytes):	586
Entropy (8bit):	5.2378887904744955
Encrypted:	false
SSDEEP:	12:H/QL7ANBSyTUXaPXAbDTc/NeL2QiTj+RVngQ2ofXgYhMYTHr+pWgL7AO:cANBLTUXaPXAPTc/tTj+HngQ2CQY/HrQ
MD5:	FADB3719FFA2A9E96CDC64FFEA0220FA
SHA1:	B9B00833E59E99ECE036B518D8429AF5EFEC1163
SHA-256:	E8A5463FF98210D3017DEEE55D5A287AD01AAA11DBE7DEB7D07F7D15D7F609F2
SHA-512:	C6E3581F7676B3204BC0FC8D4DCCF5A383FDE6F17A27D2F855EBEE3D205459BD9866A219808EAB1D4D4B37676D13B516AF546C7125C3FFA22CA74B995A180644
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js
Preview:	define("@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=n,e.a=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_rollupPluginBabelHelpers-8ce54c82.js.map.

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13834)
Category:	downloaded
Size (bytes):	13891
Entropy (8bit):	4.645788246161265
Encrypted:	false
SSDEEP:	192:49+DrRmRAiyq602NNTV0afQQYrAJ9wzkENGWHl2JBpfodMjHJv8k9fopl1jn:4Bp49ykE8WQs2Vv8k9fGTjn
MD5:	C7B1DBB0EEF8600D5F57536998855E4D
SHA1:	03908243C34D5A373ACBA694EB16E30F088B4F7D
SHA-256:	53DA7DD341F1EF0C484A7B56A17D86669287DA5D082AAA8A0AF04FD3816B6631
SHA-512:	56EE4961F4C03A15C79252AD9C3CAD93573AC785881541EA32F83389996F4E8C074FBC397FF9F0B218121A3D8E1A9CEF101D088B4BCFB2353D6A311D5F60DCBA
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-modernThinRound-ced97fbd.js
Preview:	define("@widget/LAYOUT/c/bs-modernThinRound-ced97fbd.js",["exports"],(function(e){"use strict";const a=(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M5.643 19.241a.782.782 0 0 1-.634-.889c.317-2.142 1.62-4.188 3.525-5.244l.459-.254-.39-.352a4.89 4.89 0 0 1-.797-6.327 4.747 4.747 0 0 1 2.752-2.003 4.894 4.894 0 0 1 6.092 5.72c-.211 1.042-.802 1.97-1.59 2.683l-.308.28.459.253c1.876 1.04 3.185 3.131 3.53 5.26a.765.765 0 0 1-.742.883c-.367.005-.697-.25-.753-.613-.52-3.384-4.067-6.087-7.702-4.324-1.628.79-2.714 2.511-3.014 4.313a.76.76 0 0 1-.887.614zm2.873-10.36a3.36 3.36 0 0 0 3.356 3.355A3.36 3.36 0 0 0 15.23 8.88a3.361 3.361 0 0 0-3.358-3.357A3.36 3.36 0 0 0 8.516 8.88z"});var l={__proto__:null,account:a,person:a,magGlass:(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M19.504 18.461a.76.76 0 0 1 0 1.038.652.652 0 0 1-.956 0L15.2 15.993a6.142 6.142 0 0 1-3.83 1.353C7.858 17.346 5 14.353 5 10.673 5 6.994 7.858 4 11.371 4c3.513 0 6.371 2.994

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5528)
Category:	dropped
Size (bytes):	10513
Entropy (8bit):	5.2478027275002335
Encrypted:	false
SSDEEP:	192:CGgDeA70SYXnbUVXVfG/bF1JQRVGRhxMinqsnAKWgZRJbOGwCFqT6qVXmB6pbPsz:bgDeAViFYRVQhxDnpnAKWgZRNH6pbPsz
MD5:	388AD726DA38645BE5D4B9A8515C67A3
SHA1:	3F3BC5AF4377EE443043C787869A71BE417287E0
SHA-256:	15F3F034627BE70F8EF5E4B1E3A6B4EAEF758A9704737D36F191FC47070781EB
SHA-512:	4D7058B8BEEF8C8302C6524B6B02D4D22B3C8FBFA411166715AB95FE00ECA98A1C7D47190026E540DA2F870EC3B0ADFD7E6931CB3AF737F35023655059A4558C
Malicious:	false
Reputation:	low
Preview:	window.cxs && window.cxs.setOptions({ prefix: "c2-" });.window.wsb=window.wsb\|\|{};window.wsb["Theme18"]=window.wsb["Theme18"]\|\|window.radpack("@widget/LAYOUT/bs-layout18-Theme-publish-Theme").then(function(t){return new t.default();});.window.wsb['context-bs-1']=JSON.parse("{\"env\":\"production\",\"renderMode\":\"PUBLISH\",\"fonts\":[\"lato\",\"default\",\"\"],\"colors\":[\"#d5dade\"],\"fontScale\":\"medium\",\"locale\":\"en-IN\",\"language\":\"en\",\"resellerId\":1,\"internalLinks\":{},\"isHomepage\":true,\"navigationMap\":{\"1a038cb3-966b-4c09-9318-308b5b7e3df1\":{\"isFlyoutMenu\":false,\"active\":true,\"pageId\":\"1a038cb3-966b-4c09-9318-308b5b7e3df1\",\"name\":\"Home\",\"href\":\"/\",\"target\":\"\",\"visible\":true,\"requiresAuth\":false,\"tags\":[],\"rel\":\"\",\"type\":\"page\",\"showInFooter\":false},\"3844ddf6-cdf5-4f7f-9cbb-6171b801dd56\":{\"isFlyoutMenu\":false,\"active\":false,\"pageId\":\"3844ddf6-cdf5-4f7f-9cbb-6171b801dd56\",\"name\":\"404\",\"href\":\"/404\",\"target\"

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1824)
Category:	dropped
Size (bytes):	1874
Entropy (8bit):	4.934407477113311
Encrypted:	false
SSDEEP:	48:fCEX2kA83zdkJi1lvietWdcy0cy7mdOrxGfrIK:aE33zdkJiDvietWdR0R7mdOFYX
MD5:	EDC15AD5DAAC3CFA744BFFDB1E0174BE
SHA1:	E314A5CA702D0E77B2C2C023ADDADE266EA223B2
SHA-256:	3B54AEACFDA01BE53800632989A82F6F5A7F92E927159A37A4324B38D3DFFEF8
SHA-512:	8B8805D67FF993BD406EEB6682B1578537A3D6B7DC6711BE7152120689C77147D8C24351ACEBD2A06AE9B81D858EAED19C44E6792FE3C147EEAF3133C635589B
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-dataAids-6a839d53.js",["exports"],(function(E){"use strict";var R=(global.keyMirror\|\|guac.keymirror)({BACKGROUND_IMAGE_RENDERED:null,HAMBURGER_MENU_LINK:null,HEADER_WIDGET:null,HEADER_SECTION:null,HEADER_VIDEO:null,HEADER_VIDEO_EMBED_WRAPPER:null,HEADER_VIDEO_EMBED:null,HEADER_VIDEO_EMBED_INSET_POSTER:null,HEADER_VIDEO_EMBED_FILL_POSTER:null,HEADER_VIDEO_BACKGROUND:null,HEADER_SLIDESHOW:null,HEADER_SLIDE:null,HEADER_HERO_SLIDE:null,HEADER_PHONE_RENDERED:null,HEADER_PIPE_RENDERED:null,HEADER_ADDRESS_RENDERED:null,HEADER_LOGO_RENDERED:null,HEADER_LOGO_IMAGE_RENDERED:null,HEADER_LOGO_OVERHANG_CONTAINER:null,HEADER_LOGO_TEXT_RENDERED:null,HEADER_TAGLINE_RENDERED:null,HEADER_TAGLINE2_RENDERED:null,HEADER_NAV_RENDERED:null,HEADER_CTA_BTN:null,CART_ICON_RENDER:null,CART_ICON_COUNT:null,CART_ICON_PIPE:null,CART_TEXT:null,CART_DROPDOWN_RENDERED:null,SEARCH_FORM_RENDERED:null,SEARCH_ICON_RENDERED:null,SEARCH_ICON_RENDERED_OPEN:null,SEARCH_CLOSE_RENDERED:null,SEARCH_FI

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (829)
Category:	downloaded
Size (bytes):	876
Entropy (8bit):	5.561256771975726
Encrypted:	false
SSDEEP:	24:cEBLv5pqMIuHMnH7cmo17Jv0ySaUKdei9hJQE2HrIYpb:f75pqaowmWJcySaUKdTfcrIC
MD5:	9219CF782ED219BD3929A51E99503BC2
SHA1:	6AAC399854EC0405949566FAFDCA8C121F0CDA58
SHA-256:	89388608D7BCECED5AD74231681FFCE822AD580ACB9FD7E492970176E3E38347
SHA-512:	D421851026422D46E1561FA852084CE7B41E32C7451DCF85900838265D330F09389DA18F4D8A5FAF3E0A4076508BA7E93EA9C5F8B5B32ACF32205C9B6E65E709
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-4e26cd6b.js
Preview:	define("@widget/LAYOUT/c/bs-index-4e26cd6b.js",["exports"],(function(o){"use strict";const{widgetTypes:e,colorPackCategories:t,themeConstants:n,buttons:l}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,s=(global.keyMirror\|\|guac.keymirror)({NONE:null,SMALL_UNDERLINE:null,FULL_UNDERLINE:null,INLINE:null}),i=24,r=n.DEFAULT_OVERLAY_TEXT_SHADOW,a={about4:i,introduction5:i,content5:i,ordering1:i,payment2:i,zillow1:i,reviews1:i,rss1:i,subscribe3:i,mlsSearch1:i,contact10:i,countdown1:i,quote1:i},c={spotlight:{fill:l.fills.SOLID},external:{fill:l.fills.NONE,decoration:l.decorations.NONE,shadow:l.shadows.NONE}};o.A="365px",o.B="24px",o.C=c,o.D=25,o.I=28,o.M=40,o.O="0px 2px 10px rgba(0, 0, 0, 0.3)",o.S=40,o.W={about1:!0},o.a=r,o.b="18px",o.c=a,o.d="600px",o.e=t,o.s=s})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-index-4e26cd6b.js.map.

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	105560
Entropy (8bit):	5.173099073295946
Encrypted:	false
SSDEEP:	1536:Kvbe2WTBTlur/rTVYHlA2taouk+ZPL50/:E+Mr/1m+I
MD5:	6837678401F602120E41C9EAA7A7E915
SHA1:	A1F801D56B6666BDDED519DE10A8F04B9257AE0E
SHA-256:	DAE89C4D8697DC845428A11C2BDE64334AB65738EE97F598414D857B5D9D3FD2
SHA-512:	F0B529B9BED94C6EAC30FDB59CB1C2D347D78015B06C5D11577B12B2312A63D8D1AE684E5C05B7DE979EAEB848A337C20E7B00E089ADB2802B772A9690A005BF
Malicious:	false
Reputation:	low
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("scc-c2",[],e):"object"==typeof exports?exports["scc-c2"]=e():t["scc-c2"]=e()}(self,(()=>(()=>{"use strict";var t={d:(e,n)=>{for(var r in n)t.o(n,r)&&!t.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:n[r]})},o:(t,e)=>Object.prototype.hasOwnProperty.call(t,e),r:t=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})}},e={};t.r(e),t.d(e,{_isDebug:()=>v,debug:()=>w,error:()=>h,info:()=>m,log:()=>m,setDebug:()=>b,warn:()=>g});var n={};t.r(n),t.d(n,{cmdLogEvent:()=>Ki,cmdLogPerf:()=>Gi});var r,o,i,a,c,u=(r="",i={document:o=Object.create({get cookie(){return r},set cookie(t){r=t}})},a={},"undefined"==typeof window?{window:i,document:o,navigator:a}:{window:window\|\|i,document:window.document\|\|o,navigator:navigator\|\|a}),f=function(){return u.window},s=functi

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (522)
Category:	dropped
Size (bytes):	586
Entropy (8bit):	5.2378887904744955
Encrypted:	false
SSDEEP:	12:H/QL7ANBSyTUXaPXAbDTc/NeL2QiTj+RVngQ2ofXgYhMYTHr+pWgL7AO:cANBLTUXaPXAPTc/tTj+HngQ2CQY/HrQ
MD5:	FADB3719FFA2A9E96CDC64FFEA0220FA
SHA1:	B9B00833E59E99ECE036B518D8429AF5EFEC1163
SHA-256:	E8A5463FF98210D3017DEEE55D5A287AD01AAA11DBE7DEB7D07F7D15D7F609F2
SHA-512:	C6E3581F7676B3204BC0FC8D4DCCF5A383FDE6F17A27D2F855EBEE3D205459BD9866A219808EAB1D4D4B37676D13B516AF546C7125C3FFA22CA74B995A180644
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=n,e.a=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_rollupPluginBabelHelpers-8ce54c82.js.map.

Chrome Cache Entry: 169

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	324
Entropy (8bit):	5.376083689062415
Encrypted:	false
SSDEEP:	6:FSPl39b4BSyRbjGJlI9kXJ3+V0q1EkmGHr9EJiKWaEt39J:cd39MBSyVz0XkTHr+pWTt39J
MD5:	ACD4F2B6117E5054FC9BF848AE8121CA
SHA1:	AE4D5F41D854BA8D99A4A1EC6EE6D6C3C0A859B8
SHA-256:	66774F89FCFA5674BE9AEF60E3FE3CB81E4DD88246BDE4E5392DF8B99FEFD4DB
SHA-512:	906FC9144D4AB81E8000CBE4A7AF7AFF775464347449193337E8738D705888C02B9476E083B3B67BDB3CBC312AAC4644C10737BC1FC5F9F08B38F5F45A2410F9
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-legacyOverrides-42582241.js
Preview:	define("@widget/LAYOUT/c/bs-legacyOverrides-42582241.js",["exports"],(function(e){"use strict";e.g=function(e,i,n){let o={};return"MENU"===i&&"h3"===e&&(o={color:"highlight"},"menu3"===n&&(o.fontSize="large")),o}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-legacyOverrides-42582241.js.map.

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8076)
Category:	downloaded
Size (bytes):	8146
Entropy (8bit):	5.193570786754158
Encrypted:	false
SSDEEP:	192:bXex8k/4ro1H29Lm90fwK4cal8k5AV+IZ7/UHpvx/nvvdlFwmlqkk1:bXex9QriHqLm90fwncal75AV+IZ78HF6
MD5:	D0BF5E9E6E778CE2D940F214EC04700C
SHA1:	2ECB604E1F2E8CA95A0413DB58C153B9AA710A29
SHA-256:	1B7F2E117669F2643EA895B6BEDB818796AF009F19A6FC1F8B8A1DC9C30B6D9B
SHA-512:	DC1A45C8946109AB2E61509A977287020136B03555CC2FAC0B769BB20ADC78268929AE857F695626E86D8AC6E805C3731D33374360406E86FC98F643A3523E5C
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-layout18-Theme-publish-Theme-5bf6e4ee.js
Preview:	define("@widget/LAYOUT/bs-layout18-Theme-publish-Theme-5bf6e4ee.js",["exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-index3","~/c/bs-legacyOverrides","~/c/bs-modernThinRound","~/c/bs-defaultSocialIconPack","~/c/bs-loaders","~/c/bs-index2","~/c/bs-index","~/c/bs-overlayTypes"],(function(e,t,r,o,a,l,n,i,s,d){"use strict";const{colorPackCategories:g,buttons:h}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,{LIGHT:m,LIGHT_ALT:c,LIGHT_COLORFUL:u,DARK:p,DARK_ALT:b,DARK_COLORFUL:y,COLORFUL:f}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants.paintJobs,S={[d.F]:"accent-overlay",[d.b]:"accent-overlay",[d.I]:"category-alt-solid",[d.B]:"accent-overlay",[d.L]:"accent-overlay"},H={defaultHeaderTreatment:d.F,hasLegacy:!0,heroContentItems:["tagline","tagline2","cta"],nonHeroContentItems:["phone"],imageTreatments:S};var C={id:"layout18",name:"dawn",packs:{color:"000",font:"lato"},logo:{font:"primary"},packCategories:{color:g.NEUTRAL},headerProperties:{alignmentOption:"center"},header

Chrome Cache Entry: 171

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1824)
Category:	downloaded
Size (bytes):	1874
Entropy (8bit):	4.934407477113311
Encrypted:	false
SSDEEP:	48:fCEX2kA83zdkJi1lvietWdcy0cy7mdOrxGfrIK:aE33zdkJiDvietWdR0R7mdOFYX
MD5:	EDC15AD5DAAC3CFA744BFFDB1E0174BE
SHA1:	E314A5CA702D0E77B2C2C023ADDADE266EA223B2
SHA-256:	3B54AEACFDA01BE53800632989A82F6F5A7F92E927159A37A4324B38D3DFFEF8
SHA-512:	8B8805D67FF993BD406EEB6682B1578537A3D6B7DC6711BE7152120689C77147D8C24351ACEBD2A06AE9B81D858EAED19C44E6792FE3C147EEAF3133C635589B
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js
Preview:	define("@widget/LAYOUT/c/bs-dataAids-6a839d53.js",["exports"],(function(E){"use strict";var R=(global.keyMirror\|\|guac.keymirror)({BACKGROUND_IMAGE_RENDERED:null,HAMBURGER_MENU_LINK:null,HEADER_WIDGET:null,HEADER_SECTION:null,HEADER_VIDEO:null,HEADER_VIDEO_EMBED_WRAPPER:null,HEADER_VIDEO_EMBED:null,HEADER_VIDEO_EMBED_INSET_POSTER:null,HEADER_VIDEO_EMBED_FILL_POSTER:null,HEADER_VIDEO_BACKGROUND:null,HEADER_SLIDESHOW:null,HEADER_SLIDE:null,HEADER_HERO_SLIDE:null,HEADER_PHONE_RENDERED:null,HEADER_PIPE_RENDERED:null,HEADER_ADDRESS_RENDERED:null,HEADER_LOGO_RENDERED:null,HEADER_LOGO_IMAGE_RENDERED:null,HEADER_LOGO_OVERHANG_CONTAINER:null,HEADER_LOGO_TEXT_RENDERED:null,HEADER_TAGLINE_RENDERED:null,HEADER_TAGLINE2_RENDERED:null,HEADER_NAV_RENDERED:null,HEADER_CTA_BTN:null,CART_ICON_RENDER:null,CART_ICON_COUNT:null,CART_ICON_PIPE:null,CART_TEXT:null,CART_DROPDOWN_RENDERED:null,SEARCH_FORM_RENDERED:null,SEARCH_ICON_RENDERED:null,SEARCH_ICON_RENDERED_OPEN:null,SEARCH_CLOSE_RENDERED:null,SEARCH_FI

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (442)
Category:	downloaded
Size (bytes):	486
Entropy (8bit):	5.227340053777477
Encrypted:	false
SSDEEP:	12:HDSk+nBSyD8Dgu4dKsVfIoD3PS22hTHr+pWrY:ek+nBLD8DN4sog+iHrIcY
MD5:	5F10DF611C856F376981BE4DFBD17753
SHA1:	4463A27419B2FDFDBD81770C74DEE2E74BE948E0
SHA-256:	EBD2BA2A0E879AE2CEC7D513324E04346153A581BE3AA202662E6C9D5B1CE6E1
SHA-512:	F5911E08ED8B57B2E4B10C8AC622C4E7A82AEEC7D5B1AFED9C064A2975F41E211149CE1692FCF2F9497508E7ECDF678E48EC2CFA1D8C9112507950748146D5D8
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Recaptcha/badge-e542c4f1.js
Preview:	define("@wsb/guac-widget-shared/lib/components/Recaptcha/badge-e542c4f1.js",["exports"],(function(e){"use strict";class a extends(global.React\|\|guac.react).Component{render(){return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX.Style,null,".grecaptcha-badge { visibility: hidden; }")}}e.default=a,Object.defineProperty(e,"__esModule",{value:!0})})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=badge-e542c4f1.js.map.

Chrome Cache Entry: 97

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 32x33, components 3
Category:	dropped
Size (bytes):	928
Entropy (8bit):	6.514004425175416
Encrypted:	false
SSDEEP:	12:SPb3SkEl9eIc150XyoseXkwUIkbfwtfhQCT0cMh0SWNr3iBKDKYpnxdHkay:/l7c1spXluwh/T0OycDjniV
MD5:	9A3E765D56EEAAAF34B32569C5C419FA
SHA1:	820E87D6365BBADA92B6DB159060F786A5647108
SHA-256:	E88554C4359114D4E8AD7F173FAE6107698EE7F2BBD31357263A12E5BB741865
SHA-512:	1B1F8B5CC6A94B490629F0D3BCE84314A565D804CC8E641CBB1EF1AEE8A77B2DB5078C55DE55B22DC7D45467E32F8A30BED28EBEFF7C7110A4DA544BD1181EEA
Malicious:	false
Reputation:	low
Preview:	......Exif..II...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100.................... ...........!..........C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......!. .."...................................../.........................!..."12Q..Aq...$a............................... .......................A.!1Q.............?...n\|.6.....q...\Jp4z..r=.;.\..!.bKH.k...\|+.....7.X...).-.)..y.NF..~..9k.i......P:v....?..>y.L..c.+.`..b..w.U..9.g...#n........)NIq..$..w.%.6.]$iKiVF.S.s.....L[...Gw.9....#.g.......3\|vK......I.!G'#o7...yH."e.."t..H..n..o..>......(.....C.={..]T)n....JBc.. ..1....A.C../J......HV..8..S@..[>.'$.T{...V...F...~.\..........%2$..3.....[NP...y.......N.....0iX..p.y.e..Si...8..M..I........U#..5.STQEYR.E.P...

Chrome Cache Entry: 98

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	31680
Entropy (8bit):	7.986799383763708
Encrypted:	false
SSDEEP:	768:oWNdBJn8117kywUGd99/Mlo2ZX7mr/HuTPKIWrTGOp8YdL:bNdBG11oywNDElNXarHuP8TBNdL
MD5:	369A44EE7B29E125BDDB408229AD5BB5
SHA1:	E12B10EA2F4463995E85E039CA66F1E9E2ED3841
SHA-256:	1DF3C84882B975232E029F441FFD20128403F7E5E27E3BC7FF15CE5A8D6687D4
SHA-512:	8EB4CF5FA67B960503F4A1B294C8818E3E1FC40C8022476473405342DB8FFC2C7E53CA85552856ECF0C13D56D8B6590148160E8561731E477249CB7BA491F3BB
Malicious:	false
Reputation:	low
URL:	"https://img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/Metamask%20Wallet.jpg/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:1240,cg:true"
Preview:	RIFF.{..WEBPVP8X..............VP8 .z...{.......>m4.I$".$"1...gn......1..tm................~.8../hx....1..............O.{...S._.O..os..^.?.z..2..O.o........o...?d=.xW.....=[..._..R.....%........g.._...._.O.?........?...O...K\|..O....._........j....{.{1.....?{..{..W./..}......../....~.............?......_...~....+.7......................H.Z..R..."....>.../..".J...R..."....E.E...........>.../..".J...R....p`.."a1.\|.T.VM..-..-.;.I.....`....i.x(....y8..K0..g.v.r!...I.p.,.9x8.z..[./..L..>....?i....\|....y........9.1.0.I....jd.I4..o..(....o.fm.#....?6...M"....hH...i..M.F.....^...m..bv*.....6...Z..X....._..8.H.^. -o.....p..k.\|.!..:.....b-5......v...1.&......]Xi..B.D.r.veTr..w.Sx...m.]C.$.......V...k\k)..2..)n.U...:.i.c.S....?.fW......#_.xI.u..;[..+.....q.....v.....f.d[<..Y......R.....0..o.1Z.{..g3H{....N....9..A.....O..J...o.s...mq..Sf..d.It..bg".....`H.s....L... .<.>'.B.s..qPvE.J.j.v.r./...0.4..e...rLx@...\|.y(.W...d....4..P.......vE.....p.

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	535
Entropy (8bit):	5.085769048209071
Encrypted:	false
SSDEEP:	12:YWGhtXIoWFJsTPXemn9sdf0PwTPXemn9sdfF3XZ:YZXIoWofB9sdf0PofB9sdftXZ
MD5:	167F03A7C9F7CD43D16427C9868E6901
SHA1:	686D07181B307209F56D4EBB9DE494845CA5C13D
SHA-256:	59B683BB45BF5E260E669726A09639ED3B5ACECDAD7BD5C297D2AE61383A7ED6
SHA-512:	C2797CAEC80B8BC0A217B5F6361B9D30701C10A0EAE9EE05291345898DFA55F41A83A883D5BCBFFD57CC3F780C27839EE7571D4F59537072D314B2322F1E0921
Malicious:	false
Reputation:	low
URL:	https://mattamaks_walletus.godaddysites.com/manifest.webmanifest
Preview:	{"scope":"/","start_url":"/","display":"standalone","icons":[{"sizes":"192x192","type":"image/png","src":"//img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/favicon/5057bfe8-8a44-49ff-8070-aa5d57bcfed7.png/:/rs=w:192,h:192,m"},{"sizes":"512x512","type":"image/png","src":"//img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/favicon/5057bfe8-8a44-49ff-8070-aa5d57bcfed7.png/:/rs=w:512,h:512,m"}],"name":"mattamaks_walletus","short_name":"mattamaks_walletus","theme_color":"#d5dade","background_color":"#d5dade"}

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 14, 2025 01:28:43.112912893 CET	49675	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:28:43.112914085 CET	49674	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:28:43.222393990 CET	49673	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:28:52.720808983 CET	49674	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:28:52.892596960 CET	49675	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:28:52.892596960 CET	49673	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:28:54.027152061 CET	49711	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:28:54.027200937 CET	443	49711	142.250.186.132	192.168.2.5
Jan 14, 2025 01:28:54.027288914 CET	49711	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:28:54.027492046 CET	49711	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:28:54.027501106 CET	443	49711	142.250.186.132	192.168.2.5
Jan 14, 2025 01:28:54.619810104 CET	443	49703	23.1.237.91	192.168.2.5
Jan 14, 2025 01:28:54.620064974 CET	49703	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:28:54.695940971 CET	443	49711	142.250.186.132	192.168.2.5
Jan 14, 2025 01:28:54.696542025 CET	49711	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:28:54.696577072 CET	443	49711	142.250.186.132	192.168.2.5
Jan 14, 2025 01:28:54.698143959 CET	443	49711	142.250.186.132	192.168.2.5
Jan 14, 2025 01:28:54.698232889 CET	49711	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:28:54.699585915 CET	49711	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:28:54.699681997 CET	443	49711	142.250.186.132	192.168.2.5
Jan 14, 2025 01:28:54.752043962 CET	49711	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:28:54.752134085 CET	443	49711	142.250.186.132	192.168.2.5
Jan 14, 2025 01:28:54.798806906 CET	49711	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:28:55.081253052 CET	49713	80	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:55.081329107 CET	49714	80	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:55.087534904 CET	80	49713	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:55.087549925 CET	80	49714	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:55.087616920 CET	49713	80	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:55.087651014 CET	49714	80	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:55.098475933 CET	49713	80	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:55.103406906 CET	80	49713	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:55.546956062 CET	80	49713	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:55.596662998 CET	49713	80	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.103887081 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.103939056 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.104095936 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.104448080 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.104464054 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.575988054 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.576320887 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.576359034 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.577825069 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.577896118 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.585927963 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.586066008 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.586078882 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.586106062 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.628026009 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.628051996 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.674942970 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.705820084 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.705895901 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.705921888 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.705969095 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.705993891 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.706013918 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.706084013 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.706084013 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.706084013 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.706127882 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.706185102 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.775511980 CET	49720	443	192.168.2.5	18.197.103.231
Jan 14, 2025 01:28:56.775523901 CET	443	49720	18.197.103.231	192.168.2.5
Jan 14, 2025 01:28:56.775607109 CET	49720	443	192.168.2.5	18.197.103.231
Jan 14, 2025 01:28:56.776284933 CET	49720	443	192.168.2.5	18.197.103.231
Jan 14, 2025 01:28:56.776295900 CET	443	49720	18.197.103.231	192.168.2.5
Jan 14, 2025 01:28:56.787636042 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.787686110 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.787729979 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.787746906 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.787790060 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.787852049 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:56.787904978 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.801637888 CET	49716	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:28:56.801645994 CET	443	49716	13.248.243.5	192.168.2.5
Jan 14, 2025 01:28:57.523454905 CET	443	49720	18.197.103.231	192.168.2.5
Jan 14, 2025 01:28:57.523715019 CET	49720	443	192.168.2.5	18.197.103.231
Jan 14, 2025 01:28:57.523731947 CET	443	49720	18.197.103.231	192.168.2.5
Jan 14, 2025 01:28:57.524980068 CET	443	49720	18.197.103.231	192.168.2.5
Jan 14, 2025 01:28:57.525054932 CET	49720	443	192.168.2.5	18.197.103.231
Jan 14, 2025 01:28:57.526537895 CET	49720	443	192.168.2.5	18.197.103.231
Jan 14, 2025 01:28:57.526616096 CET	443	49720	18.197.103.231	192.168.2.5
Jan 14, 2025 01:28:57.566032887 CET	49720	443	192.168.2.5	18.197.103.231
Jan 14, 2025 01:28:57.566096067 CET	443	49720	18.197.103.231	192.168.2.5
Jan 14, 2025 01:28:57.611720085 CET	49720	443	192.168.2.5	18.197.103.231
Jan 14, 2025 01:29:04.215328932 CET	49786	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.215356112 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.215429068 CET	49786	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.215914965 CET	49786	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.215929031 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.229521990 CET	49787	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.229585886 CET	443	49787	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.229655027 CET	49787	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.230175972 CET	49787	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.230192900 CET	443	49787	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.586344957 CET	443	49711	142.250.186.132	192.168.2.5
Jan 14, 2025 01:29:04.586517096 CET	443	49711	142.250.186.132	192.168.2.5
Jan 14, 2025 01:29:04.586575031 CET	49711	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:29:04.682272911 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.682693005 CET	49786	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.682709932 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.683020115 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.683423042 CET	49786	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.683482885 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.683720112 CET	49786	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.722466946 CET	443	49787	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.722758055 CET	49787	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.722796917 CET	443	49787	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.723715067 CET	443	49787	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.723787069 CET	49787	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.724169970 CET	49787	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.724226952 CET	443	49787	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.724515915 CET	49787	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.724524021 CET	443	49787	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.731326103 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.741450071 CET	49711	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:29:04.741468906 CET	443	49711	142.250.186.132	192.168.2.5
Jan 14, 2025 01:29:04.782903910 CET	49787	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.802556992 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.802582026 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.802654028 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.802659035 CET	49786	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.802685022 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.802727938 CET	49786	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.802758932 CET	49786	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.842355013 CET	443	49787	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.842425108 CET	443	49787	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.842489958 CET	49787	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.846342087 CET	49787	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.846360922 CET	443	49787	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.894954920 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.894973993 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.894998074 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.895040035 CET	49786	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.895055056 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.895070076 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.895132065 CET	49786	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.895132065 CET	49786	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.896454096 CET	49786	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.896471024 CET	443	49786	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.920912981 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.920948029 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:04.921014071 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.921219110 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:04.921233892 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.393035889 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.393227100 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:05.393243074 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.394361973 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.394726992 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:05.394820929 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:05.394826889 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.394896984 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.439429998 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:05.523370981 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.523447037 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.523499012 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.523516893 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:05.523519039 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.523560047 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.523571014 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:05.523571968 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.523614883 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:05.549119949 CET	80	49713	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.549170971 CET	49713	80	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:05.569710970 CET	49713	80	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:05.574525118 CET	80	49713	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.594261885 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.594336033 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.594376087 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:05.594393969 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.594415903 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:05.594465017 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:05.594578981 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:05.594738960 CET	49798	443	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:05.594750881 CET	443	49798	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:15.474329948 CET	80	49714	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:15.474531889 CET	80	49714	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:15.474594116 CET	49714	80	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:42.579519033 CET	49720	443	192.168.2.5	18.197.103.231
Jan 14, 2025 01:29:42.579529047 CET	443	49720	18.197.103.231	192.168.2.5
Jan 14, 2025 01:29:54.083332062 CET	50077	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:29:54.083431005 CET	443	50077	142.250.186.132	192.168.2.5
Jan 14, 2025 01:29:54.083512068 CET	50077	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:29:54.083726883 CET	50077	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:29:54.083764076 CET	443	50077	142.250.186.132	192.168.2.5
Jan 14, 2025 01:29:54.731626987 CET	443	50077	142.250.186.132	192.168.2.5
Jan 14, 2025 01:29:54.731991053 CET	50077	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:29:54.732019901 CET	443	50077	142.250.186.132	192.168.2.5
Jan 14, 2025 01:29:54.732286930 CET	443	50077	142.250.186.132	192.168.2.5
Jan 14, 2025 01:29:54.732588053 CET	50077	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:29:54.732630014 CET	443	50077	142.250.186.132	192.168.2.5
Jan 14, 2025 01:29:54.785309076 CET	50077	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:29:55.787226915 CET	49714	80	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:55.787226915 CET	49714	80	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:55.792171001 CET	80	49714	13.248.243.5	192.168.2.5
Jan 14, 2025 01:29:55.792259932 CET	49714	80	192.168.2.5	13.248.243.5
Jan 14, 2025 01:29:57.329467058 CET	443	49720	18.197.103.231	192.168.2.5
Jan 14, 2025 01:29:57.329567909 CET	443	49720	18.197.103.231	192.168.2.5
Jan 14, 2025 01:29:57.329772949 CET	49720	443	192.168.2.5	18.197.103.231
Jan 14, 2025 01:29:57.784627914 CET	49720	443	192.168.2.5	18.197.103.231
Jan 14, 2025 01:29:57.784652948 CET	443	49720	18.197.103.231	192.168.2.5
Jan 14, 2025 01:30:04.641765118 CET	443	50077	142.250.186.132	192.168.2.5
Jan 14, 2025 01:30:04.641948938 CET	443	50077	142.250.186.132	192.168.2.5
Jan 14, 2025 01:30:04.642296076 CET	50077	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:30:05.783760071 CET	50077	443	192.168.2.5	142.250.186.132
Jan 14, 2025 01:30:05.783833027 CET	443	50077	142.250.186.132	192.168.2.5

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 14, 2025 01:28:49.622145891 CET	53	51475	1.1.1.1	192.168.2.5
Jan 14, 2025 01:28:49.650935888 CET	53	52868	1.1.1.1	192.168.2.5
Jan 14, 2025 01:28:50.741291046 CET	53	61672	1.1.1.1	192.168.2.5
Jan 14, 2025 01:28:54.018609047 CET	59538	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:28:54.018800020 CET	53379	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:28:54.025685072 CET	53	53379	1.1.1.1	192.168.2.5
Jan 14, 2025 01:28:54.025727034 CET	53	59538	1.1.1.1	192.168.2.5
Jan 14, 2025 01:28:55.061709881 CET	61708	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:28:55.061935902 CET	50797	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:28:55.071275949 CET	53	61708	1.1.1.1	192.168.2.5
Jan 14, 2025 01:28:55.072666883 CET	53	50797	1.1.1.1	192.168.2.5
Jan 14, 2025 01:28:56.094475985 CET	52975	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:28:56.094685078 CET	59449	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:28:56.103071928 CET	53	52975	1.1.1.1	192.168.2.5
Jan 14, 2025 01:28:56.103280067 CET	53	59449	1.1.1.1	192.168.2.5
Jan 14, 2025 01:28:56.741398096 CET	52720	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:28:56.741579056 CET	55231	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:28:56.744585991 CET	53	49217	1.1.1.1	192.168.2.5
Jan 14, 2025 01:28:56.750403881 CET	52129	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:28:56.750771999 CET	56249	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:28:56.757870913 CET	53	56249	1.1.1.1	192.168.2.5
Jan 14, 2025 01:28:56.768918991 CET	53	52129	1.1.1.1	192.168.2.5
Jan 14, 2025 01:28:57.916043997 CET	51300	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:28:57.916333914 CET	56873	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:29:04.228562117 CET	65046	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:29:04.228697062 CET	52824	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:29:04.463443995 CET	61702	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:29:04.463563919 CET	53280	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:29:05.537724972 CET	61667	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:29:05.538000107 CET	51710	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:29:07.995207071 CET	53	50585	1.1.1.1	192.168.2.5
Jan 14, 2025 01:29:27.026946068 CET	53	53702	1.1.1.1	192.168.2.5
Jan 14, 2025 01:29:49.262188911 CET	53	49221	1.1.1.1	192.168.2.5
Jan 14, 2025 01:29:49.338202953 CET	53	62466	1.1.1.1	192.168.2.5

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 14, 2025 01:28:54.018609047 CET	192.168.2.5	1.1.1.1	0xe77	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:28:54.018800020 CET	192.168.2.5	1.1.1.1	0x498a	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 14, 2025 01:28:55.061709881 CET	192.168.2.5	1.1.1.1	0x2c32	Standard query (0)	mattamaks_walletus.godaddysites.com	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:28:55.061935902 CET	192.168.2.5	1.1.1.1	0x5862	Standard query (0)	mattamaks_walletus.godaddysites.com	65	IN (0x0001)	false
Jan 14, 2025 01:28:56.094475985 CET	192.168.2.5	1.1.1.1	0xbb4f	Standard query (0)	mattamaks_walletus.godaddysites.com	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:28:56.094685078 CET	192.168.2.5	1.1.1.1	0xdebf	Standard query (0)	mattamaks_walletus.godaddysites.com	65	IN (0x0001)	false
Jan 14, 2025 01:28:56.741398096 CET	192.168.2.5	1.1.1.1	0x5436	Standard query (0)	img1.wsimg.com	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:28:56.741579056 CET	192.168.2.5	1.1.1.1	0xea54	Standard query (0)	img1.wsimg.com	65	IN (0x0001)	false
Jan 14, 2025 01:28:56.750403881 CET	192.168.2.5	1.1.1.1	0xe28e	Standard query (0)	isteam.wsimg.com	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:28:56.750771999 CET	192.168.2.5	1.1.1.1	0x1cbb	Standard query (0)	isteam.wsimg.com	65	IN (0x0001)	false
Jan 14, 2025 01:28:57.916043997 CET	192.168.2.5	1.1.1.1	0x6076	Standard query (0)	img1.wsimg.com	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:28:57.916333914 CET	192.168.2.5	1.1.1.1	0x65d0	Standard query (0)	img1.wsimg.com	65	IN (0x0001)	false
Jan 14, 2025 01:29:04.228562117 CET	192.168.2.5	1.1.1.1	0x59e7	Standard query (0)	events.api.secureserver.net	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:29:04.228697062 CET	192.168.2.5	1.1.1.1	0xfc60	Standard query (0)	events.api.secureserver.net	65	IN (0x0001)	false
Jan 14, 2025 01:29:04.463443995 CET	192.168.2.5	1.1.1.1	0xe0b2	Standard query (0)	csp.secureserver.net	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:29:04.463563919 CET	192.168.2.5	1.1.1.1	0xbffc	Standard query (0)	csp.secureserver.net	65	IN (0x0001)	false
Jan 14, 2025 01:29:05.537724972 CET	192.168.2.5	1.1.1.1	0xf191	Standard query (0)	events.api.secureserver.net	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:29:05.538000107 CET	192.168.2.5	1.1.1.1	0xad49	Standard query (0)	events.api.secureserver.net	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jan 14, 2025 01:28:54.025685072 CET	1.1.1.1	192.168.2.5	0x498a	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 14, 2025 01:28:54.025727034 CET	1.1.1.1	192.168.2.5	0xe77	No error (0)	www.google.com		142.250.186.132	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:28:55.071275949 CET	1.1.1.1	192.168.2.5	0x2c32	No error (0)	mattamaks_walletus.godaddysites.com		13.248.243.5	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:28:55.071275949 CET	1.1.1.1	192.168.2.5	0x2c32	No error (0)	mattamaks_walletus.godaddysites.com		76.223.105.230	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:28:56.103071928 CET	1.1.1.1	192.168.2.5	0xbb4f	No error (0)	mattamaks_walletus.godaddysites.com		13.248.243.5	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:28:56.103071928 CET	1.1.1.1	192.168.2.5	0xbb4f	No error (0)	mattamaks_walletus.godaddysites.com		76.223.105.230	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:28:56.749458075 CET	1.1.1.1	192.168.2.5	0xea54	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:28:56.749492884 CET	1.1.1.1	192.168.2.5	0x5436	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:28:56.768918991 CET	1.1.1.1	192.168.2.5	0xe28e	No error (0)	isteam.wsimg.com		18.197.103.231	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:28:56.768918991 CET	1.1.1.1	192.168.2.5	0xe28e	No error (0)	isteam.wsimg.com		18.192.130.3	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:28:57.923077106 CET	1.1.1.1	192.168.2.5	0x6076	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:28:57.923175097 CET	1.1.1.1	192.168.2.5	0x65d0	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:29:04.236394882 CET	1.1.1.1	192.168.2.5	0xfc60	No error (0)	events.api.secureserver.net	wildcard-sni-only.api.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:29:04.236814976 CET	1.1.1.1	192.168.2.5	0x59e7	No error (0)	events.api.secureserver.net	wildcard-sni-only.api.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:29:04.470565081 CET	1.1.1.1	192.168.2.5	0xe0b2	No error (0)	csp.secureserver.net	csp.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:29:04.470592976 CET	1.1.1.1	192.168.2.5	0xbffc	No error (0)	csp.secureserver.net	csp.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:29:05.545169115 CET	1.1.1.1	192.168.2.5	0xad49	No error (0)	events.api.secureserver.net	wildcard-sni-only.api.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:29:05.546365023 CET	1.1.1.1	192.168.2.5	0xf191	No error (0)	events.api.secureserver.net	wildcard-sni-only.api.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false

HTTP Request Dependency Graph

mattamaks_walletus.godaddysites.com

https:

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.5	49713	13.248.243.5	80	744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 14, 2025 01:28:55.098475933 CET	450	OUT	GET / HTTP/1.1 Host: mattamaks_walletus.godaddysites.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 14, 2025 01:28:55.546956062 CET	361	IN	HTTP/1.1 301 Moved Permanently location: https://mattamaks_walletus.godaddysites.com/ vary: Accept-Encoding server: DPS/2.0.0+sha-c2e68e8 x-version: c2e68e8 x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ etag: 058f4eb4302137eac7355ec65e5b187a date: Tue, 14 Jan 2025 00:28:55 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.5	49714	13.248.243.5	80	744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 14, 2025 01:29:15.474329948 CET	233	IN	HTTP/1.1 408 Request Time-out Content-length: 110 Cache-Control: no-cache Connection: close Content-Type: text/html Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 38 20 52 65 71 75 65 73 74 20 54 69 6d 65 2d 6f 75 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 64 69 64 6e 27 74 20 73 65 6e 64 20 61 20 63 6f 6d 70 6c 65 74 65 20 72 65 71 75 65 73 74 20 69 6e 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>408 Request Time-out</h1>Your browser didn't send a complete request in time.</body></html>

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.5	49716	13.248.243.5	443	744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:28:56 UTC	709	OUT	GET / HTTP/1.1 Host: mattamaks_walletus.godaddysites.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1
2025-01-14 00:28:56 UTC	1296	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.2.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c2e68e8 X-Version: c2e68e8 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 058f4eb4302137eac7355ec65e5b187a Date: Tue, 14 Jan 2025 00:28:56 GMT Connection: close Transfer-Encoding: chunked
2025-01-14 00:28:56 UTC	15088	IN	Data Raw: 36 37 38 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 49 4e 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 30 37 64 66 66 64 65 64 2d 38 33 31 33 2d 34 32 33 39 2d 62 65 37 39 2d 64 39 35 30 61 30 63 30 35 61 66 31 2f 66 61 76 69 63 6f 6e 2f 35 30 35 37 62 66 65 38 2d 38 61 34 34 2d 34 39 66 66 2d 38 30 37 30 2d 61 61 35 64 35 37 62 63 66 65 64 37 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f Data Ascii: 6789<!DOCTYPE html><html lang="en-IN"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/favicon/5057bfe8-8a44-49ff-8070-aa5d57bcfed7.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com/
2025-01-14 00:28:56 UTC	11430	IN	Data Raw: 6e 6f 6e 65 7d 2e 78 20 2e 63 31 2d 33 7a 3a 6e 74 68 2d 63 68 69 6c 64 28 32 29 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 32 34 70 78 7d 2e 78 20 2e 63 31 2d 34 30 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 28 30 2c 20 30 2c 20 30 29 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 64 61 74 61 2d 67 6c 61 6d 6f 72 3d 22 63 78 73 2d 78 73 2d 73 68 65 65 74 22 3e 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 37 36 37 70 78 29 7b 2e 78 20 2e 63 31 2d 6c 7b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 34 30 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 37 36 37 70 78 29 7b 2e 78 20 2e 63 31 2d 6d 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 34 30 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d Data Ascii: none}.x .c1-3z:nth-child(2){margin-left:24px}.x .c1-40:hover{background-color:rgb(0, 0, 0)}</style><style data-glamor="cxs-xs-sheet">@media (max-width: 767px){.x .c1-l{padding-top:40px}}@media (max-width: 767px){.x .c1-m{padding-bottom:40px}}@media (max-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.5	49786	13.248.243.5	443	744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:29:04 UTC	676	OUT	GET /sw.js HTTP/1.1 Host: mattamaks_walletus.godaddysites.com Connection: keep-alive Cache-Control: max-age=0 Accept: / Service-Worker: script Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: serviceworker Referer: https://mattamaks_walletus.godaddysites.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=43f09da0-7acd-4fbb-a594-aea7fb7d07e5; _tccl_visit=43f09da0-7acd-4fbb-a594-aea7fb7d07e5; _scc_session=pc=1&C_TOUCH=2025-01-14T00:28:59.284Z
2025-01-14 00:29:04 UTC	736	IN	HTTP/1.1 200 OK Link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: application/javascript Vary: Accept-Encoding Server: DPS/2.0.0+sha-c2e68e8 X-Version: c2e68e8 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 5acf5e15083b84c29d43d7d09cef1bef Date: Tue, 14 Jan 2025 00:29:04 GMT Connection: close Transfer-Encoding: chunked
2025-01-14 00:29:04 UTC	15648	IN	Data Raw: 38 30 63 61 0d 0a 28 28 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 3d 7b 38 39 35 3a 28 29 3d 3e 7b 74 72 79 7b 73 65 6c 66 5b 22 77 6f 72 6b 62 6f 78 3a 63 61 63 68 65 61 62 6c 65 2d 72 65 73 70 6f 6e 73 65 3a 36 2e 34 2e 31 22 5d 26 26 5f 28 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 2c 32 35 39 3a 28 65 2c 74 2c 73 29 3d 3e 7b 73 2e 64 28 74 2c 7b 42 3a 28 29 3d 3e 61 7d 29 2c 73 28 39 31 33 29 3b 63 6c 61 73 73 20 61 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 7b 74 68 69 73 2e 70 72 6f 6d 69 73 65 3d 6e 65 77 20 50 72 6f 6d 69 73 65 28 28 28 65 2c 74 29 3d 3e 7b 74 68 69 73 2e 72 65 73 6f 6c 76 65 3d 65 2c 74 68 69 73 2e 72 65 6a 65 63 74 3d 74 7d 29 29 7d 7d 7d 2c 31 32 35 3a 28 65 2c 74 2c 73 29 3d 3e 7b 73 2e 64 28 74 2c 7b 56 3a Data Ascii: 80ca(()=>{"use strict";var e={895:()=>{try{self["workbox:cacheable-response:6.4.1"]&&_()}catch(e){}},259:(e,t,s)=>{s.d(t,{B:()=>a}),s(913);class a{constructor(){this.promise=new Promise(((e,t)=>{this.resolve=e,this.reject=t}))}}},125:(e,t,s)=>{s.d(t,{V:
2025-01-14 00:29:04 UTC	16384	IN	Data Raw: 2c 72 29 2c 72 7d 76 61 72 20 52 3b 52 3d 64 2c 64 3d 7b 2e 2e 2e 52 2c 67 65 74 3a 28 65 2c 74 2c 73 29 3d 3e 5f 28 65 2c 74 29 7c 7c 52 2e 67 65 74 28 65 2c 74 2c 73 29 2c 68 61 73 3a 28 65 2c 74 29 3d 3e 21 21 5f 28 65 2c 74 29 7c 7c 52 2e 68 61 73 28 65 2c 74 29 7d 2c 73 28 35 35 30 29 3b 63 6f 6e 73 74 20 76 3d 22 63 61 63 68 65 2d 65 6e 74 72 69 65 73 22 2c 62 3d 65 3d 3e 7b 63 6f 6e 73 74 20 74 3d 6e 65 77 20 55 52 4c 28 65 2c 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 29 3b 72 65 74 75 72 6e 20 74 2e 68 61 73 68 3d 22 22 2c 74 2e 68 72 65 66 7d 3b 63 6c 61 73 73 20 78 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 65 29 7b 74 68 69 73 2e 5f 64 62 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 63 61 63 68 65 4e 61 6d 65 3d 65 7d 5f 75 70 67 72 61 64 65 44 62 28 65 29 7b Data Ascii: ,r),r}var R;R=d,d={...R,get:(e,t,s)=>_(e,t)\|\|R.get(e,t,s),has:(e,t)=>!!_(e,t)\|\|R.has(e,t)},s(550);const v="cache-entries",b=e=>{const t=new URL(e,location.href);return t.hash="",t.href};class x{constructor(e){this._db=null,this._cacheName=e}_upgradeDb(e){
2025-01-14 00:29:04 UTC	951	IN	Data Raw: 69 72 73 74 22 2c 70 6c 75 67 69 6e 73 3a 5b 6e 65 77 20 61 2e 43 61 63 68 65 61 62 6c 65 52 65 73 70 6f 6e 73 65 50 6c 75 67 69 6e 28 7b 73 74 61 74 75 73 65 73 3a 5b 32 30 30 5d 7d 29 5d 7d 29 29 2c 28 30 2c 65 2e 72 65 67 69 73 74 65 72 52 6f 75 74 65 29 28 28 28 7b 72 65 71 75 65 73 74 3a 65 7d 29 3d 3e 22 73 74 79 6c 65 22 3d 3d 3d 65 2e 64 65 73 74 69 6e 61 74 69 6f 6e 7c 7c 22 73 63 72 69 70 74 22 3d 3d 3d 65 2e 64 65 73 74 69 6e 61 74 69 6f 6e 29 2c 6e 65 77 20 74 2e 53 74 61 6c 65 57 68 69 6c 65 52 65 76 61 6c 69 64 61 74 65 28 7b 63 61 63 68 65 4e 61 6d 65 3a 22 73 74 61 74 69 63 2d 72 65 73 6f 75 72 63 65 73 22 2c 70 6c 75 67 69 6e 73 3a 5b 6e 65 77 20 61 2e 43 61 63 68 65 61 62 6c 65 52 65 73 70 6f 6e 73 65 50 6c 75 67 69 6e 28 7b 73 74 61 74 Data Ascii: irst",plugins:[new a.CacheableResponsePlugin({statuses:[200]})]})),(0,e.registerRoute)((({request:e})=>"style"===e.destination\|\|"script"===e.destination),new t.StaleWhileRevalidate({cacheName:"static-resources",plugins:[new a.CacheableResponsePlugin({stat

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.5	49787	13.248.243.5	443	744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:29:04 UTC	574	OUT	GET /manifest.webmanifest HTTP/1.1 Host: mattamaks_walletus.godaddysites.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: manifest Referer: https://mattamaks_walletus.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 00:29:04 UTC	739	IN	HTTP/1.1 200 OK Link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: application/manifest+json Vary: Accept-Encoding Server: DPS/2.0.0+sha-c2e68e8 X-Version: c2e68e8 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 167f03a7c9f7cd43d16427c9868e6901 Date: Tue, 14 Jan 2025 00:29:04 GMT Connection: close Transfer-Encoding: chunked
2025-01-14 00:29:04 UTC	547	IN	Data Raw: 32 31 37 0d 0a 7b 22 73 63 6f 70 65 22 3a 22 2f 22 2c 22 73 74 61 72 74 5f 75 72 6c 22 3a 22 2f 22 2c 22 64 69 73 70 6c 61 79 22 3a 22 73 74 61 6e 64 61 6c 6f 6e 65 22 2c 22 69 63 6f 6e 73 22 3a 5b 7b 22 73 69 7a 65 73 22 3a 22 31 39 32 78 31 39 32 22 2c 22 74 79 70 65 22 3a 22 69 6d 61 67 65 2f 70 6e 67 22 2c 22 73 72 63 22 3a 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 30 37 64 66 66 64 65 64 2d 38 33 31 33 2d 34 32 33 39 2d 62 65 37 39 2d 64 39 35 30 61 30 63 30 35 61 66 31 2f 66 61 76 69 63 6f 6e 2f 35 30 35 37 62 66 65 38 2d 38 61 34 34 2d 34 39 66 66 2d 38 30 37 30 2d 61 61 35 64 35 37 62 63 66 65 64 37 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 39 32 2c 68 3a 31 39 32 2c 6d 22 7d 2c 7b 22 73 69 7a 65 73 22 3a 22 Data Ascii: 217{"scope":"/","start_url":"/","display":"standalone","icons":[{"sizes":"192x192","type":"image/png","src":"//img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/favicon/5057bfe8-8a44-49ff-8070-aa5d57bcfed7.png/:/rs=w:192,h:192,m"},{"sizes":"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.5	49798	13.248.243.5	443	744	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:29:05 UTC	654	OUT	GET / HTTP/1.1 Host: mattamaks_walletus.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://mattamaks_walletus.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=43f09da0-7acd-4fbb-a594-aea7fb7d07e5; _tccl_visit=43f09da0-7acd-4fbb-a594-aea7fb7d07e5; _scc_session=pc=1&C_TOUCH=2025-01-14T00:28:59.284Z
2025-01-14 00:29:05 UTC	1296	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.2.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c2e68e8 X-Version: c2e68e8 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 058f4eb4302137eac7355ec65e5b187a Date: Tue, 14 Jan 2025 00:29:05 GMT Connection: close Transfer-Encoding: chunked
2025-01-14 00:29:05 UTC	15088	IN	Data Raw: 36 37 38 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 49 4e 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 30 37 64 66 66 64 65 64 2d 38 33 31 33 2d 34 32 33 39 2d 62 65 37 39 2d 64 39 35 30 61 30 63 30 35 61 66 31 2f 66 61 76 69 63 6f 6e 2f 35 30 35 37 62 66 65 38 2d 38 61 34 34 2d 34 39 66 66 2d 38 30 37 30 2d 61 61 35 64 35 37 62 63 66 65 64 37 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f Data Ascii: 6789<!DOCTYPE html><html lang="en-IN"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/07dffded-8313-4239-be79-d950a0c05af1/favicon/5057bfe8-8a44-49ff-8070-aa5d57bcfed7.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com/
2025-01-14 00:29:05 UTC	11430	IN	Data Raw: 6e 6f 6e 65 7d 2e 78 20 2e 63 31 2d 33 7a 3a 6e 74 68 2d 63 68 69 6c 64 28 32 29 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 32 34 70 78 7d 2e 78 20 2e 63 31 2d 34 30 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 28 30 2c 20 30 2c 20 30 29 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 64 61 74 61 2d 67 6c 61 6d 6f 72 3d 22 63 78 73 2d 78 73 2d 73 68 65 65 74 22 3e 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 37 36 37 70 78 29 7b 2e 78 20 2e 63 31 2d 6c 7b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 34 30 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 37 36 37 70 78 29 7b 2e 78 20 2e 63 31 2d 6d 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 34 30 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d Data Ascii: none}.x .c1-3z:nth-child(2){margin-left:24px}.x .c1-40:hover{background-color:rgb(0, 0, 0)}</style><style data-glamor="cxs-xs-sheet">@media (max-width: 767px){.x .c1-l{padding-top:40px}}@media (max-width: 767px){.x .c1-m{padding-bottom:40px}}@media (max-

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 4396, Parent PID: 5752

General

Target ID:	0
Start time:	19:28:45
Start date:	13/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 744, Parent PID: 4396

General

Target ID:	2
Start time:	19:28:48
Start date:	13/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=2016,i,9449222036529942553,3427401837050949230,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 1560, Parent PID: 5752

General

Target ID:	3
Start time:	19:28:54
Start date:	13/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://mattamaks_walletus.godaddysites.com/"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may abuse Internet browser extensions to establish persistent access to victim systems. Browser extensions or plugins are small programs that can add functionality and customize aspects of Internet browsers. They can be installed directly or through a browser's app store and generally have access and permissions to everything that the browser can access.
Tactics:	Persistence
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Process: Process Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://mattamaks_walletus.godaddysites.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Windows Analysis Report
http://mattamaks_walletus.godaddysites.com/