Edit tour

Windows Analysis Report
http://widget.getblue.io

Overview

General Information

Sample URL:	http://widget.getblue.io
Analysis ID:	1606293
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 6304 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 7008 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1880,i,17816486783368692357,8071491321392918966,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6684 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://widget.getblue.io" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

• Phishing
• Compliance
• Networking
• System Summary
• Boot Survival

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://web.getblue.io/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-WHVGXNV
Source: https://web.getblue.io/	HTTP Parser: Iframe src: https://event.getblue.io/p/?cId=3CD4AEBE-BE0D-3A0D-9313D7F67DEF58DC&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=f95716b5-28b4-43f4-8b20-dd0a1a4394f3&ulc=&v=29092023-1023&nocache=2890728116978.94
Source: https://web.getblue.io/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-WHVGXNV
Source: https://web.getblue.io/	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/16533307350?random=1738657289219&cv=11&fst=1738657289219&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5230z8889460454za201zb9123381289&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067808~102081485~102123608~102482432~102539968~102556565~102558064&u_w=1280&u_h=1024&url=https%3A%2F%2Fweb.getblue.io%2F&hn=www.googleadservices.com&frm=0&tiba=Blue%20-%20Home&npa=0&pscdl=noapi&auid=1955217038.1738657286&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1
Source: https://web.getblue.io/	HTTP Parser: Iframe src: https://event.getblue.io/p/?cId=3CD4AEBE-BE0D-3A0D-9313D7F67DEF58DC&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=f95716b5-28b4-43f4-8b20-dd0a1a4394f3&ulc=&v=29092023-1023&nocache=2890728116978.94

Source: https://web.getblue.io/	HTTP Parser: No favicon
Source: https://web.getblue.io/	HTTP Parser: No favicon

Source: https://web.getblue.io/	HTTP Parser: No <meta name="author".. found
Source: https://web.getblue.io/	HTTP Parser: No <meta name="author".. found

Source: https://web.getblue.io/	HTTP Parser: No <meta name="copyright".. found
Source: https://web.getblue.io/	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49716 version: TLS 1.2

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.77.188
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: widget.getblue.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: widget.getblue.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://widget.getblue.io/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: widget.getblue.io
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: getblue.io
Source: global traffic	DNS traffic detected: DNS query: web.getblue.io
Source: global traffic	DNS traffic detected: DNS query: cdn.prod.website-files.com
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: d3e54v103j8qbb.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: event.getblue.io
Source: global traffic	DNS traffic detected: DNS query: cm.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: ib.adnxs.com
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: cms.getblue.io

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49716 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@20/74@48/69

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1880,i,17816486783368692357,8071491321392918966,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://widget.getblue.io"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1880,i,17816486783368692357,8071491321392918966,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://widget.getblue.io"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://widget.getblue.io	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
http://widget.getblue.io/favicon.ico	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
cdn.jsdelivr.net.cdn.cloudflare.net	104.18.186.31	true	false	high
getblue.io	18.231.65.145	true	false	unknown
widget.getblue.io	54.207.179.253	true	false	unknown
proxy-ssl-geo-2.webflow.com	15.160.106.203	true	false	unknown
event.getblue.io	54.207.179.253	true	false	unknown
d3e54v103j8qbb.cloudfront.net	18.244.20.134	true	false	high
googleads.g.doubleclick.net	142.250.186.130	true	false	high
cdn.prod.website-files.com	104.18.160.117	true	false	high
cm.g.doubleclick.net	142.250.184.194	true	false	high
www.google.com	142.250.184.196	true	false	high
td.doubleclick.net	142.250.181.226	true	false	high
ib.anycast.adnxs.com	185.89.210.90	true	false	high
cms.getblue.io	54.94.146.62	true	false	unknown
cdn.jsdelivr.net	unknown	unknown	false	high
ib.adnxs.com	unknown	unknown	false	high
web.getblue.io	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://widget.getblue.io/	false		unknown
https://web.getblue.io/	false		unknown
http://widget.getblue.io/favicon.ico	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.206	unknown	United States	15169	GOOGLEUS	false
54.207.179.253	widget.getblue.io	United States	16509	AMAZON-02US	false
104.18.160.117	cdn.prod.website-files.com	United States	13335	CLOUDFLARENETUS	false
142.250.186.130	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
216.58.206.78	unknown	United States	15169	GOOGLEUS	false
37.252.173.215	unknown	European Union	29990	ASN-APPNEXUS	false
104.18.161.117	unknown	United States	13335	CLOUDFLARENETUS	false
142.250.185.163	unknown	United States	15169	GOOGLEUS	false
142.250.186.132	unknown	United States	15169	GOOGLEUS	false
66.102.1.84	unknown	United States	15169	GOOGLEUS	false
54.232.232.210	unknown	United States	16509	AMAZON-02US	false
142.250.184.196	www.google.com	United States	15169	GOOGLEUS	false
142.250.186.78	unknown	United States	15169	GOOGLEUS	false
54.94.146.62	cms.getblue.io	United States	16509	AMAZON-02US	false
104.18.186.31	cdn.jsdelivr.net.cdn.cloudflare.net	United States	13335	CLOUDFLARENETUS	false
15.160.106.203	proxy-ssl-geo-2.webflow.com	United States	71	HP-INTERNET-ASUS	false
142.250.184.194	cm.g.doubleclick.net	United States	15169	GOOGLEUS	false
18.231.65.145	getblue.io	United States	16509	AMAZON-02US	false
18.244.20.134	d3e54v103j8qbb.cloudfront.net	United States	16509	AMAZON-02US	false
216.58.206.42	unknown	United States	15169	GOOGLEUS	false
172.217.18.2	unknown	United States	15169	GOOGLEUS	false
142.250.185.136	unknown	United States	15169	GOOGLEUS	false
185.89.210.90	ib.anycast.adnxs.com	Germany	29990	ASN-APPNEXUS	false
142.250.181.226	td.doubleclick.net	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
54.233.228.238	unknown	United States	16509	AMAZON-02US	false
142.250.185.72	unknown	United States	15169	GOOGLEUS	false
142.250.184.232	unknown	United States	15169	GOOGLEUS	false
172.217.16.132	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1606293
Start date and time:	2025-02-04 09:20:23 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	http://widget.getblue.io
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	11
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@20/74@48/69

Warnings

Exclude process from analysis (whitelisted): svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.163, 216.58.206.78, 66.102.1.84, 142.250.186.110
Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, redirector.gvt1.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: http://widget.getblue.io

LLM Input / Output

Input	Output
URL: http://widget.getblue.io Model: Joe Sandbox AI	```json{ "brand": "Blue", "brand_classification": "unknown", "legit_url": "unknown", "similarity": 2, "spoofed": 1, "reasoning": "The URL 'http://widget.getblue.io' does not closely resemble any well-known brand's URL. The use of 'getblue' could potentially relate to a brand or service named 'Blue', but without additional context, it is not strongly indicative of typosquatting. The domain 'getblue.io' suggests a possible legitimate service or product related to 'Blue', possibly in a tech or software context, given the '.io' extension commonly used in the tech industry. The subdomain 'widget' implies a specific service or feature, which is typical for legitimate business operations. There are no obvious character substitutions or structural changes that suggest an attempt to mimic a well-known brand. Overall, the likelihood of this being a typosquatting attempt is low."}
URL: http://widget.getblue.io
URL: https://cdn.jsdelivr.net/npm/swiper@11/swiper-bund... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a part of the Swiper library, which is a popular and widely-used mobile touch slider framework. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscated code. It primarily focuses on DOM manipulation and smooth scrolling behavior, which are common and expected functionalities in a slider library. While the code uses some legacy APIs like `XDomainRequest`, these pose only minor risks and are not inherently malicious. Overall, the script seems to be a legitimate implementation of the Swiper library and does not exhibit any suspicious or malicious behavior." }
/** * Swiper 11.2.2 * Most modern mobile touch slider and framework with hardware accelerated transitions * https://swiperjs.com * * Copyright 2014-2025 Vladimir Kharlampidi * * Released under the MIT License * * Released on: January 31, 2025 / var Swiper=function(){"use strict";function e(e){return null!==e&&"object"==typeof e&&"constructor"in e&&e.constructor===Object}function t(s,a){void 0===s&&(s={}),void 0===a&&(a={}),Object.keys(a).forEach((i=>{void 0===s[i]?s[i]=a[i]:e(a[i])&&e(s[i])&&Object.keys(a[i]).length>0&&t(s[i],a[i])}))}const s={body:{},addEventListener(){},removeEventListener(){},activeElement:{blur(){},nodeName:""},querySelector:()=>null,querySelectorAll:()=>[],getElementById:()=>null,createEvent:()=>({initEvent(){}}),createElement:()=>({children:[],childNodes:[],style:{},setAttribute(){},getElementsByTagName:()=>[]}),createElementNS:()=>({}),importNode:()=>null,location:{hash:"",host:"",hostname:"",href:"",origin:"",pathname:"",protocol:"",search:""}};function a(){const e="undefined"!=typeof document?document:{};return t(e,s),e}const i={document:s,navigator:{userAgent:""},location:{hash:"",host:"",hostname:"",href:"",origin:"",pathname:"",protocol:"",search:""},history:{replaceState(){},pushState(){},go(){},back(){}},CustomEvent:function(){return this},addEventListener(){},removeEventListener(){},getComputedStyle:()=>({getPropertyValue:()=>""}),Image(){},Date(){},screen:{},setTimeout(){},clearTimeout(){},matchMedia:()=>({}),requestAnimationFrame:e=>"undefined"==typeof setTimeout?(e(),null):setTimeout(e,0),cancelAnimationFrame(e){"undefined"!=typeof setTimeout&&clearTimeout(e)}};function r(){const e="undefined"!=typeof window?window:{};return t(e,i),e}function n(e){return void 0===e&&(e=""),e.trim().split(" ").filter((e=>!!e.trim()))}function l(e,t){return void 0===t&&(t=0),setTimeout(e,t)}function o(){return Date.now()}function d(e,t){void 0===t&&(t="x");const s=r();let a,i,n;const l=function(e){const t=r();let s;return t.getComputedStyle&&(s=t.getComputedStyle(e,null)),!s&&e.currentStyle&&(s=e.currentStyle),s\|\|(s=e.style),s}(e);return s.WebKitCSSMatrix?(i=l.transform\|\|l.webkitTransform,i.split(",").length>6&&(i=i.split(", ").map((e=>e.replace(",","."))).join(", ")),n=new s.WebKitCSSMatrix("none"===i?"":i)):(n=l.MozTransform\|\|l.OTransform\|\|l.MsTransform\|\|l.msTransform\|\|l.transform\|\|l.getPropertyValue("transform").replace("translate(","matrix(1, 0, 0, 1,"),a=n.toString().split(",")),"x"===t&&(i=s.WebKitCSSMatrix?n.m41:16===a.length?parseFloat(a[12]):parseFloat(a[4])),"y"===t&&(i=s.WebKitCSSMatrix?n.m42:16===a.length?parseFloat(a[13]):parseFloat(a[5])),i\|\|0}function c(e){return"object"==typeof e&&null!==e&&e.constructor&&"Object"===Object.prototype.toString.call(e).slice(8,-1)}function p(){const e=Object(arguments.length<=0?void 0:arguments[0]),t=["__proto__","constructor","prototype"];for(let a=1;a<arguments.length;a+=1){const i=a<0\|\|arguments.length<=a?void 0:arguments[a];if(null!=i&&(s=i,!("undefined"!=typeof window&&void 0!==window.HTMLElement?s instanceof HTMLElement:s&&(1===s.nodeType\|\|11===s.nodeType)))){const s=Object.keys(Object(i)).filter((e=>t.indexOf(e)<0));for(let t=0,a=s.length;t<a;t+=1){const a=s[t],r=Object.getOwnPropertyDescriptor(i,a);void 0!==r&&r.enumerable&&(c(e[a])&&c(i[a])?i[a].__swiper__?e[a]=i[a]:p(e[a],i[a]):!c(e[a])&&c(i[a])?(e[a]={},i[a].__swiper__?e[a]=i[a]:p(e[a],i[a])):e[a]=i[a])}}}var s;return e}function u(e,t,s){e.style.setProperty(t,s)}function m(e){let{swiper:t,targetPosition:s,side:a}=e;const i=r(),n=-t.translate;let l,o=null;const d=t.params.speed;t.wrapperEl.style.scrollSnapType="none",i.cancelAnimationFrame(t.cssModeFrameID);const c=s>n?"next":"prev",p=(e,t)=>"next"===c&&e>=t\|\|"prev"===c&&e<=t,u=()=>{l=(new Date).getTime(),null===o&&(o=l);const e=Math.max(Math.min((l-o)/d,1),0),r=.5-Math.cos(eMath.PI)/2;let c=n+r*(s-n);if(p(c,s)&&(c=s),t.wrapperEl.scrollTo({[a]:c}),p(c,s))return t.wrapperEl.style.overflow="hidden",t.wrapperEl.style.scrollSnapType="",setTimeout((()
URL: https://event.getblue.io/js/blue-tag.min.js... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a legitimate script that handles mobile device detection, document ready state, and user ID management. It does not exhibit any high-risk behaviors like dynamic code execution, data exfiltration, or obfuscated code. The script uses common web development practices such as localStorage, sessionStorage, and cookies to store and retrieve a unique user ID. While it has some moderate-risk indicators like external data transmission and aggressive DOM manipulation, these are likely part of the script's intended functionality. Overall, the script seems to be a well-implemented utility with no clear malicious intent." }
window.blue={},window.blue.isMobileDetected=function(){return!!(navigator.userAgent.match(/Android/i)\|\|navigator.userAgent.match(/webOS/i)\|\|navigator.userAgent.match(/iPhone/i)\|\|navigator.userAgent.match(/iPad/i)\|\|navigator.userAgent.match(/iPod/i)\|\|navigator.userAgent.match(/BlackBerry/i)\|\|navigator.userAgent.match(/Windows Phone/i))},window.blue.isFirefox=navigator.userAgent.toLowerCase().indexOf("firefox")>-1,window.console\|\|(console={log:function(){}}),function(e,t){e=e\|\|"docReady",t=t\|\|window;var n=[],o=!1,r=!1;function u(){if(!o){o=!0;for(var e=0;e<n.length;e++)n[e].fn.call(window,n[e].ctx);n=[]}}function a(){("complete"===document.readyState\|\|"interactive"===document.readyState)&&u()}t[e]=function(e,t){if("function"!=typeof e)throw TypeError("callback for docReady(fn) must be a function");if(o){setTimeout(function(){e(t)},1);return}n.push({fn:e,ctx:t}),"complete"===document.readyState\|\|"interactive"===document.readyState?setTimeout(u,1):r\|\|(document.addEventListener?(document.addEventListener("DOMContentLoaded",u,!1),window.addEventListener("load",u,!1)):(document.attachEvent("onreadystatechange",a),window.attachEvent("onload",u)),r=!0)}}("documentReady",window),documentReady(function(){if(blue_obj[instId]=new blue_obj,window.blue_v="29092023-1023",window.bluecpy_id=generateUid(),window.blue_ulc="",setLastClickBlue(),!0===isCookieEnabled()){var e=getCookieBlue("blueID");""!=e&&"null"!==e&&null!==e?window.bluecpy_id=e:setCookieBlue("blueID",window.bluecpy_id,365)}if(!0===isSessionStorageEnabled()){var e=getSessionStorage("blueID");null!==e&&"null"!==e?window.bluecpy_id=e:setSessionStorage("blueID",window.bluecpy_id)}if(!0===isLocalStorageEnabled()){var e=getLocalStorage("blueID");null!==e&&"null"!==e?window.bluecpy_id=e:setLocalStorage("blueID",window.bluecpy_id)}if(!("bluecpy_id"in window)\|\|!window.bluecpy_id.length\|\|""==window.bluecpy_id\|\|null==window.bluecpy_id\|\|"null"==window.bluecpy_id){window.bluecpy_id=generateUid();try{setCookieBlue("blueID",window.bluecpy_id,365)}catch(t){}try{setSessionStorage("blueID",window.bluecpy_id)}catch(n){}try{setLocalStorage("blueID",window.bluecpy_id)}catch(o){}}executeFlow(instId)}),executeFlow=function(e){var t=window.blue_q\|\|[];for(i=0;i<t.length;i++)loadFunction(t[i].event,t[i].value);var n=blue_obj[e].getAttributes(),o=n.campaignId.split(","),r=n.pageType.split(",");for(idxCampaignId=0;idxCampaignId<o.length;idxCampaignId++)for(idxPageType=0;idxPageType<r.length;idxPageType++)executeRequests(o[idxCampaignId],r[idxPageType])};var instId=new Date().getTime(),campaignId="",pageType="",blueProductId="",transactionTotal="",transactionId="",p1="",p2="",p3="",pixelMode=0,fingerprint="";function setLocalStorage(e,t){try{return localStorage.setItem(e,t),!0}catch(n){return!1}}function getLocalStorage(e){try{if(window.localStorage)return localStorage.getItem(e)\|\|"";return""}catch(t){return""}}function setSessionStorage(e,t){try{return window.sessionStorage.setItem(e,t),!0}catch(n){return!1}}function getSessionStorage(e){try{if(window.sessionStorage)return window.sessionStorage.getItem(e)\|\|"";return""}catch(t){return""}}function setCookieBlue(e,t,n){var o=new Date;o.setTime(o.getTime()+864e5n);var r="expires="+o.toUTCString();document.cookie=e+"="+t+";domain=."+getDomainBlue(window.location.protocol+"//"+window.location.hostname)+";"+r+";path=/"}function getCookieBlue(e){var t=e+"=";try{for(var n=decodeURIComponent(document.cookie).split(";"),o=0;o<n.length;o++){for(var r=n[o];" "==r.charAt(0);)r=r.substring(1);if(0==r.indexOf(t))return r.substring(t.length,r.length)}return""}catch(u){return getLocalStorage(e)}}function generateUid(){var e=new Date().getTime();return"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(t){var n=(e+16Math.random())%16\|0;return e=Math.floor(e/16),("x"==t?n:3&n\|8).toString(16)})}function setLastClickBlue(){var e=window.location.search,t=new URLSearchParams(e).get("utm_source")\|\|"";t.length?(window.blue_ulc=t,!0===isCookieEnabled()&&setCookieBlue("blueUL
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.... Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "This appears to be the standard jQuery library, which is a widely used and trusted JavaScript library. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscated code/URLs. The behaviors observed are typical of a legitimate JavaScript library, including DOM manipulation, event handling, and utility functions. While the code uses some older APIs like `XDomainRequest`, these pose minor risks and are not inherently malicious. Overall, this script is considered low risk." }
/! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license / !function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e\|\|"function"==typeof e?n[o.call(e)]\|\|"object":typeof e}var f="3.5.1",S=function(e,t){return new S.fn.init(e,t)};function p(e){var t=!!e&&"length"in e&&e.length,n=w(e);return!m(e)&&!x(e)&&("array"===n\|\|0===t\|\|"number"==typeof t&&0<t&&t-1 in e)}S.fn=S.prototype={jquery:f,constructor:S,length:0,toArray:function(){return s.call(this)},get:function(e){return null==e?s.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=S.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return S.each(this,e)},map:function(n){return this.pushStack(S.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(s.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(S.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(S.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject\|\|this.constructor()},push:u,sort:t.sort,splice:t.splice},S.extend=S.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]\|\|{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]\|\|{},s++),"object"==typeof a\|\|m(a)\|\|(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(S.isPlainObject(r)\|\|(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i\|\|S.isPlainObject(n)?n:{},i=!1,a[t]=S.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},S.extend({expando:"jQuery"+(f+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e\|\|"[object Object]"!==o.call(e))&&(!(t=r(e))\|\|"function"==typeof(n=v.call(t,"constructor")&&t.constructor)&&a.call(n)===l)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){b(e,{nonce:t&&t.nonce},n)},each:function(e,t){var n,r=0;if(p(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},makeArray:function(e,t){var n=t\|\|[];return null!=e&&(p(Object(e))?S.merge(n,"string"==typeof e?[e]:e):u.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:i.call(t,e,n)},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){var r,i,o=0,a=[];if(p(e))for(r=e.length;o<r;o++)null!=(i=t(e[o],o,n))&&a.push(i);else for(o in e)null!=(i=t(e[o],o,n))&&a.push(i);return g(a)},guid:1,support:y}),"function"==typeof Symbol&&(S.fn[Symbol.iterator]=t[Symbol.iterator]),S.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var d=function(n){var e,d,b,o,i,h,f,g,w,u,l,T,C,a,E,v,s,c,y,S="sizzle"+1*new Date,p=n.document,
URL: https://web.getblue.io/ Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Entre em contato", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false, "page_classification": "unknown" }

URL: https://web.getblue.io/ Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Retargeting preciso e eficaz atravs de machine learning e IA.", "prominent_button_name": "Enviar", "text_input_field_labels": [ "Nome", "E-mail", "URL do site", "Pas", "Visitas mensais", "Taxa de converso", "Ticket mdio de venda", "Custo por lead", "Mensagem" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false, "page_classification": "Retargeting" }

URL: https://web.getblue.io/ Model: Joe Sandbox AI	{ "brands": [ "Blue" ] }
	{ "brands": [ "Blue" ] }
URL: https://web.getblue.io Model: Joe Sandbox AI	```json{ "brand": "Blue", "brand_classification": "unknown", "legit_url": "unknown", "similarity": 2, "spoofed": 1, "reasoning": "The URL 'https://web.getblue.io' does not closely resemble any well-known brand URL. The use of 'getblue' could suggest a service or product related to the color blue or a brand named 'Blue', but there is no strong indication of typosquatting. The domain extension '.io' is commonly used for tech companies and startups, which aligns with the potential purpose of the site. The subdomain 'web' is generic and does not imply any deceptive intent. Overall, the URL structure and naming do not strongly suggest an attempt to confuse users into thinking they are interacting with a well-known brand."}
URL: https://web.getblue.io
URL: https://web.getblue.io/ Model: Joe Sandbox AI	{ "brands": [ "Blue" ] }
	{ "brands": [ "Blue" ] }
URL: https://web.getblue.io/ Model: Joe Sandbox AI	```json{ "legit_domain": "getblue.io", "classification": "unknown", "reasons": [ "The brand 'Blue' is a common name and does not directly associate with a specific well-known company or service.", "The domain 'getblue.io' does not have any obvious misspellings or suspicious elements.", "The domain uses a '.io' extension, which is commonly used by tech companies and startups, but it is not inherently suspicious.", "There is no clear association between the brand 'Blue' and the domain 'getblue.io' that can be verified independently.", "The input fields suggest a form for business or marketing purposes, which is not inherently suspicious but requires context." ], "riskscore": 5}
URL: web.getblue.io Brands: Blue Input Fields: Nome, E-mail, URL do site, Pas, Visitas mensais, Taxa de converso, Ticket mdio de venda, Custo por lead, Mensagem
URL: https://googleads.g.doubleclick.net/pagead/viewthr... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "The script exhibits several moderate-risk behaviors, including external data transmission to a third-party domain (Google) and the use of a legacy API (`XDomainRequest`). While the script appears to be related to analytics or tracking, the lack of transparency around the data being sent and the use of an outdated API raises some concerns. Further review may be necessary to determine the full extent of the script's behavior and potential impact." }
(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");} var m=k(this),n=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",q={},t={};function u(a,b,c){if(!c\|\|a!=null){c=t[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}} function v(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],g;!a&&e in q?g=q:g=m;for(e=0;e<d.length-1;e++){var f=d[e];if(!(f in g))break a;g=g[f]}d=d[d.length-1];c=n&&c==="es6"?g[d]:null;b=b(c);b!=null&&(a?h(q,d,{configurable:!0,writable:!0,value:b}):b!==c&&(t[d]===void 0&&(a=Math.random()1E9>>>0,t[d]=n?m.Symbol(d):"$jscp$"+a+"$"+d),h(g,t[d],{configurable:!0,writable:!0,value:b})))}} var w=n&&typeof u(Object,"assign")=="function"?u(Object,"assign"):function(a,b){for(var c=1;c<arguments.length;c++){var d=arguments[c];if(d)for(var e in d)Object.prototype.hasOwnProperty.call(d,e)&&(a[e]=d[e])}return a};v("Object.assign",function(a){return a\|\|w},"es6");/ Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ var x=this\|\|self;var y={};var z=window,A=navigator;function B(a){try{var b=A.sendBeacon&&A.sendBeacon(a)}catch(c){y.TAGGING=y.TAGGING\|\|[],y.TAGGING[15]=!0}b\|\|C(a)}var D={cache:"no-store",credentials:"include",keepalive:!0,method:"POST",mode:"no-cors",redirect:"follow"};function E(a){if(typeof z.fetch==="function"){var b=u(Object,"assign").call(Object,{},D);try{var c=z.fetch(a,b);if(c)return c.then(function(){}).catch(function(){}),!0}catch(d){}}B(a);return!0} function C(a){var b=new Image(1,1);b.onload=function(){b.onload=null};b.onerror=function(){b.onerror=null};b.src=a};var F,G;a:{for(var H=["CLOSURE_FLAGS"],I=x,J=0;J<H.length;J++)if(I=I[H[J]],I==null){G=null;break a}G=I}var K=G&&G[610401301];F=K!=null?K:!1;var L,M=x.navigator;L=M?M.userAgentData\|\|null:null;function N(a){return F?L?L.brands.some(function(b){return(b=b.brand)&&b.indexOf(a)!=-1}):!1:!1}function P(a){var b;a:{if(b=x.navigator)if(b=b.userAgent)break a;b=""}return b.indexOf(a)!=-1};function Q(){return F?!!L&&L.brands.length>0:!1}function R(){return Q()?N("Chromium"):(P("Chrome")\|\|P("CriOS"))&&!(Q()?0:P("Edge"))\|\|P("Silk")};!P("Android")\|\|R();R();P("Safari")&&(R()\|\|(Q()?0:P("Coast"))\|\|(Q()?0:P("Opera"))\|\|(Q()?0:P("Edge"))\|\|(Q()?N("Microsoft Edge"):P("Edg/"))\|\|Q()&&N("Opera"));var S=/#\|$/;function T(a){var b=a.search(S),c;a:{for(c=0;(c=a.indexOf("fmt",c))>=0&&c<b;){var d=a.charCodeAt(c-1);if(d==38\|\|d==63)if(d=a.charCodeAt(c+3),!d\|\|d==61\|\|d==38\|\|d==35)break a;c+=4}c=-1}if(c<0)return null;d=a.indexOf("&",c);if(d<0\|\|d>b)d=b;return decodeURIComponent(a.slice(c+4,d!==-1?d:0).replace(/\+/g," "))};function U(a,b,c,d){function e(){--g;if(g<=0){var l;(l=a.GooglebQhCsO)\|\|(l={});var O=l[b];O&&(delete l[b],(l=O[0])&&l.call&&l())}}d=d===void 0?[]:d;for(var g=c.length+1,f={g:0};f.g<c.length;f={g:f.g},f.g++){var r=Number(T(c[f.g])),p=null;r!==1&&r!==2\|\|!(r=a.document.getElementById("goog_conv_iframe"))\|\|r.src\|\|(p=r);p\|\|(p=new Image,d&&d[f.g]&&(p.onerror=function(l){return function(){E(d[l.g])&&e()}}(f)));p.onload=e;p.src=c[f.g]}e()}var V=["ss_"],W=s\|\|x; V[0]in W\|\|typeof W.execScript=="undefined"\|\|W.execScript("var "+V[0]);for(var X;V.length&&(X=V.shift());)V.length\|\|U===void 0?W[X]&&W[X]!==Object.prototype[X]?W=W[X]:W=W[X]={}:W[X]=U;}).call(this);;s.ss_(window,'OjE3Mzg2NTcyODkyMTk',['https://www.google.com/pagead/1p-user-list/16533307350/?random\x3d1738657289219\x26cv\x3d11\x26fst\x3d1738656000000\x26bg\x3dffffff\x26guid\x3dON\x26async\x3d1\x26gtm\x3d45be5230z8889460454za201zb9123381289\x26gcd\x3d13l3l3l3l1l1\x26dma\x3d0\x26tag_exp\x3d102067808~102081485~102123608~102482432~102539968~102556565~102558064\x26u_w\x3d1280
URL: https://getblue.io Model: Joe Sandbox AI	```json{ "brand": "Blue", "brand_classification": "unknown", "legit_url": "unknown", "similarity": 2, "spoofed": 1, "reasoning": "The URL 'getblue.io' does not closely resemble any well-known brand URL. The use of 'get' as a prefix is common in technology and startup domains, often indicating a call to action or service offering. The domain extension '.io' is popular among tech companies and startups, and does not suggest typosquatting. There are no obvious character substitutions or visual similarities to a known brand. The URL structure does not imply an attempt to confuse users into thinking they are visiting a different, well-known brand. Overall, the URL appears to be legitimate and not a typosquatting attempt."}
URL: https://getblue.io
URL: http://getblue.io Model: Joe Sandbox AI	```json{ "brand": "Blue", "brand_classification": "unknown", "legit_url": "unknown", "similarity": 2, "spoofed": 1, "reasoning": "The URL 'getblue.io' does not closely resemble any well-known brand URL. The use of 'get' as a prefix is common in technology and startup domains, often indicating a call to action or service offering. The domain extension '.io' is popular among tech companies and startups, and does not suggest typosquatting. There are no visual character substitutions or structural changes that mimic a known brand. The term 'blue' is generic and could refer to a variety of services or products, not necessarily a specific brand. Overall, the URL does not exhibit characteristics typical of typosquatting."}
URL: http://getblue.io

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.013181899731614
Encrypted:	false
SSDEEP:
MD5:	B40755AFD392BAA1113DF4ECBC6901CD
SHA1:	549E01C3F31790113750B7FA8562E1DB4543C260
SHA-256:	8E217521B662143B0968930261B89578577C51467551B350CAD72976E3C0062A
SHA-512:	EB01341FFF07D7704B141450F171185F70FF3EDDD2CFD83B7ACE1E684CBE3FC1CA139BAA59115835A823352A67E98667BCBB4F03FC8527BD5420E6F36C77EA2B
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDZ.B....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDZ.B....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDZ.B....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDZ.B..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............z.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Feb 4 07:20:56 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.002368938739538
Encrypted:	false
SSDEEP:
MD5:	03215B1A4BE9D41C35CDDCD19CCEE556
SHA1:	E5F51FBE99FEBC1825261D31BBC7DE1BC6BBA0C4
SHA-256:	2FB7F2B6A1F24E154012DF8A1DDF37E6134F2B6244F78A12059BB0B245D5BB0B
SHA-512:	032CCEEE2492B124821E85AF8A372F83422EA6F7AC4E14A0A3A9167515FCAB2DB6D238247FBA650E0C68C692885B85B7DDA76ED83950A21A6D7AC6BC37F0501B
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....T....v..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDZ.B....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDZ.B....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDZ.B....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDZ.B..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDZ.B...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............z.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 100

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	78995
Entropy (8bit):	3.7917759674823963
Encrypted:	false
SSDEEP:
MD5:	5AF4253E30DB811B1B578B5473D23581
SHA1:	9FE1F77759DBD44EB4D8D8B9B4A4600403C916A2
SHA-256:	04C228B571DCD58A152255BF9CBB6D1EE42A9D3D4B6A62BAEAB43CDE1BB83911
SHA-512:	4C0B4FDE7170A417EAEFB115EDC2578579F0C87A799640E5929EAFD554841DB0F94E4EE65B0C4A1F812A7073CEEF0851BC0ECF61B5EF5DC3FF558B1C8D8C0CD7
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415e5_home%20about%20graphics.svg
Preview:	<svg width="332" height="305" viewBox="0 0 332 305" fill="none" xmlns="http://www.w3.org/2000/svg">.<rect width="332" height="305" rx="20" fill="#213253"/>.<path d="M216.117 257.625H219.883C220.737 257.625 221.458 257.755 222.047 258.016C222.641 258.276 223.091 258.661 223.398 259.172C223.711 259.677 223.867 260.299 223.867 261.039C223.867 261.56 223.76 262.036 223.547 262.469C223.339 262.896 223.036 263.26 222.641 263.562C222.25 263.859 221.781 264.081 221.234 264.227L220.812 264.391H217.273L217.258 263.164H219.93C220.471 263.164 220.922 263.07 221.281 262.883C221.641 262.69 221.911 262.432 222.094 262.109C222.276 261.786 222.367 261.43 222.367 261.039C222.367 260.602 222.281 260.219 222.109 259.891C221.938 259.562 221.667 259.31 221.297 259.133C220.932 258.951 220.461 258.859 219.883 258.859H217.625V269H216.117V257.625ZM222.766 269L220 263.844L221.57 263.836L224.375 268.906V269H222.766ZM229.922 255.781V258.164H228.75V255.781H229.922ZM229.781 268.539V270.625H228.617V268.539H229.781ZM2

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	8119
Entropy (8bit):	4.3737388220911635
Encrypted:	false
SSDEEP:
MD5:	52D9DB7B18835AE9798F73702025EAB4
SHA1:	CD9BBFA6E71E2FE9A7F9B340B673D6F160685FBC
SHA-256:	D72FDFE36196BC7632D65029D42235D858D79F4D34DB901EB71BD2B0D103B2C6
SHA-512:	C120E1AED56246499CB6D21E073A3F9D2440E81C2F4F4B0B4626053A63D4A7298689D994B881CB73C482D3372684B898CAD852132C94143914E83A91298E8CEC
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415b3_home-background-about.svg
Preview:	<svg width="1920" height="1268" viewBox="0 0 1920 1268" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M3.4043 3.00012C414.012 67.8438 983.407 804.851 930.861 1061.13C896.404 1229.13 492.717 1225.36 382.427 1255.66C232.024 1296.93 516.807 1142.45 574.809 963.865C643.722 751.65 539.118 193.758 870.964 291.849C1160.57 377.502 1223.28 654.915 1430.88 648.489C1618.64 642.594 1764.91 409.747 1858.72 215.216" stroke="#223254" stroke-width="5" stroke-miterlimit="10"/>.<path d="M3.37549 20.007C396.755 92.3076 944.529 806.06 900.74 1051.61C872.026 1212.48 489.702 1207.12 387.653 1234.35C246.18 1272.05 518.817 1123.59 576.331 952.252C645.244 746.816 550.144 212.917 870.504 307.5C1156.29 391.65 1213.98 675.517 1423.45 675.93C1611.55 675.576 1763.59 447.769 1861.53 257.394" stroke="#223254" stroke-width="5" stroke-miterlimit="10"/>.<path d="M3.34155 36.9244C379.493 116.682 905.645 807.12 870.643 1042C847.671 1195.74 486.681 1188.78 392.873 1212.95C260.302 1246.97 520.822 1104.63 577.848

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5268)
Category:	downloaded
Size (bytes):	299802
Entropy (8bit):	5.562460126015554
Encrypted:	false
SSDEEP:
MD5:	A76DB7702E0C451AC1291E14F6EF3569
SHA1:	C3187DBBA573A1555F9CC9061A38B6DD9E345744
SHA-256:	68D95C950330F41D07887C76FED4518DC49AE4328DD3F29B95E0815E8464A380
SHA-512:	6E2B0786A2530D9B9A4F0A1E48F779747D22DD43DF12D26D1CD9FDB0668F7353EB0E9ED6B4FDBC8FEEFD39E74BB54402FC10B96E3AB4162D607B290F16566D19
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/destination?id=AW-16533307350&l=dataLayer&cx=c&gtm=45je5230v9123381289za200zb889460454
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_ads_datatos","priority":16,"vtp_instanceDestinationId":"AW-16533307350","tag_id":10},{"function":"__ogt_1p_data_v2","priority":6,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_streetValue":"","vtp_lastNameType":"CSS_SELECTOR","vtp_autoAddressEnabled":false,"vtp_re

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	exported SGML document, ASCII text
Category:	downloaded
Size (bytes):	13
Entropy (8bit):	2.931208948910323
Encrypted:	false
SSDEEP:
MD5:	365DB0225D53BBC9CCD23FDF5C704CAA
SHA1:	719E41AD1D8198DC13F0AA2C416F42389C2C56AE
SHA-256:	EB99134542C987F687360D120213EEEC049A290D73D2302EE1B74A01CE279F4D
SHA-512:	BEE5F22ABB72E95798DBF27AF554509169373874664A442699C336EB268FC3C28064EA9A191B092D0CFAFBCE420B47D8CBC0CA539AD52A5D16B51A4ED882C35F
Malicious:	false
Reputation:	unknown
URL:	https://widget.getblue.io/event/?cId=3CD4AEBE-BE0D-3A0D-9313D7F67DEF58DC&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=f95716b5-28b4-43f4-8b20-dd0a1a4394f3&ulc=&v=29092023-1023&if=0&nocache=7568837092765.013
Preview:	cms -->.

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	15586
Entropy (8bit):	7.926177654094873
Encrypted:	false
SSDEEP:
MD5:	A7F92E187BA9CA6C240B4EFD53F48A29
SHA1:	8B1A293732632143694181EC6E92523D9B76579D
SHA-256:	D32B63E21313E8DD57BFC8C5583DE8CE9519ED5BB410CC8AD03C6DB23B545876
SHA-512:	C43A857BDE36D570618661CD49A22AF1D96D47F4BC89E7DD485FACC82C30AAE494FFE5269DE5386EB67502F2FC2D05ADD8C19B58815763AD7943A7EC2C772E34
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415ff_company%20logo%20tokstok.webp
Preview:	RIFF.<..WEBPVP8X....0......7..ICCP........lcms.@..mntrRGB XYZ ............acspMSFT...................................-lcms................................................desc... ...@cprt...`...6wtpt........chad.......,rXYZ........bXYZ........gXYZ........rTRC....... gTRC....... bTRC....... chrm...4...$dmnd...X...$dmdd...\|...$mluc............enUS...$.....G.I.M.P. .b.u.i.l.t.-.i.n. .s.R.G.Bmluc............enUS.........P.u.b.l.i.c. .D.o.m.a.i.n..XYZ ...............-sf32.......B.......%.......................nXYZ ......o...8.....XYZ ......$.........XYZ ......b.........para..........ff......Y.......[chrm..............T\|..L.......&g...\mluc............enUS.........G.I.M.Pmluc............enUS.........s.R.G.BALPH.......m.!I....H.......j.Y...m._>.m......L[...".. ;.2..g........?.........C........?.........C........?........,/){.O....5.....XA.j.......q_..k....P.VJ.,.....24..b.yq.Jp......x....ln...^o.&e..}.M$...#......@...;...j..2...d'.....T.@-..<...[@H&.#...(R.1..T...>.*._E........;

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (18199)
Category:	downloaded
Size (bytes):	18456
Entropy (8bit):	5.170526822318905
Encrypted:	false
SSDEEP:
MD5:	570AEDD701E58EC6A463F6C5541DA55E
SHA1:	F40DE23A5BD24CBEF7356189E0873DFA20640F47
SHA-256:	7042A95C8E430A1F36C6376EA275DC2E0836945840C47EBE54CE46AA9EC47A70
SHA-512:	DFF45123A2AE4B68EECE52971A61A6F5B145A81717B268829393202AFE037A2AA9BD17B6C2AF279324C86C24CC56C45DA0C64D47900DE48CD54F7BA722362A16
Malicious:	false
Reputation:	unknown
URL:	https://cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.css
Preview:	/*. Swiper 11.2.2. * Most modern mobile touch slider and framework with hardware accelerated transitions. * https://swiperjs.com. . Copyright 2014-2025 Vladimir Kharlampidi. . Released under the MIT License. . Released on: January 31, 2025. */..@font-face{font-family:swiper-icons;src:url('data:application/font-woff;charset=utf-8;base64, d09GRgABAAAAAAZgABAAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAAGRAAAABoAAAAci6qHkUdERUYAAAWgAAAAIwAAACQAYABXR1BPUwAABhQAAAAuAAAANuAY7+xHU1VCAAAFxAAAAFAAAABm2fPczU9TLzIAAAHcAAAASgAAAGBP9V5RY21hcAAAAkQAAACIAAABYt6F0cBjdnQgAAACzAAAAAQAAAAEABEBRGdhc3AAAAWYAAAACAAAAAj//wADZ2x5ZgAAAywAAADMAAAD2MHtryVoZWFkAAABbAAAADAAAAA2E2+eoWhoZWEAAAGcAAAAHwAAACQC9gDzaG10eAAAAigAAAAZAAAArgJkABFsb2NhAAAC0AAAAFoAAABaFQAUGG1heHAAAAG8AAAAHwAAACAAcABAbmFtZQAAA/gAAAE5AAACXvFdBwlwb3N0AAAFNAAAAGIAAACE5s74hXjaY2BkYGAAYpf5Hu/j+W2+MnAzMYDAzaX6QjD6/4//Bxj5GA8AuRwMYGkAPywL13jaY2BkYGA88P8Agx4j+/8fQDYfA1AEBWgDAIB2BOoAeNpjYGRgYNBh4GdgYgABEMnIABJzYNADCQAACWgAsQB42mNgYfzCOIGBl

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (2587)
Category:	downloaded
Size (bytes):	104287
Entropy (8bit):	5.16084761781032
Encrypted:	false
SSDEEP:
MD5:	B30DFB4E85B02CD20CD8D31DEE26815B
SHA1:	A2C8C91287B87D44920AC899C3299575D330D7DB
SHA-256:	E774FD46034463FAFD6B7ADFB34572F50432AD2F2073FC5AFCBCD09BEC1C977C
SHA-512:	3C52FF2E20BCCC6F8DC2A5C153D931A164CA1D5557519D21D4D8D5C6D7D7D176C771756CCD64114A4163529FEBF1171C8FBE67DDEEFA7656BB2E39993A11956D
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/css/opencircle-bluemedia.webflow.b30dfb4e8.css
Preview:	html {. -webkit-text-size-adjust: 100%;. -ms-text-size-adjust: 100%;. font-family: sans-serif;.}..body {. margin: 0;.}..article, aside, details, figcaption, figure, footer, header, hgroup, main, menu, nav, section, summary {. display: block;.}..audio, canvas, progress, video {. vertical-align: baseline;. display: inline-block;.}..audio:not([controls]) {. height: 0;. display: none;.}..[hidden], template {. display: none;.}..a {. background-color: #0000;.}..a:active, a:hover {. outline: 0;.}..abbr[title] {. border-bottom: 1px dotted;.}..b, strong {. font-weight: bold;.}..dfn {. font-style: italic;.}..h1 {. margin: .67em 0;. font-size: 2em;.}..mark {. color: #000;. background: #ff0;.}..small {. font-size: 80%;.}..sub, sup {. vertical-align: baseline;. font-size: 75%;. line-height: 0;. position: relative;.}..sup {. top: -.5em;.}..sub {. bottom: -.25em;.}..img {. border: 0;.}..svg:not(:root) {. overflow: hidden;.}..hr {. box-sizing: content-box;. height: 0;.}..

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65279)
Category:	dropped
Size (bytes):	153261
Entropy (8bit):	5.2472785585061485
Encrypted:	false
SSDEEP:
MD5:	42FEDE71EE2F65D2572B65E09D15E2E1
SHA1:	6F63EB8F01A70139D492D775E48803DFD5A684D2
SHA-256:	47A4591778A093661F232DC17C939C3E5BDE054DB5548B4C60C1EA8100AFC6E4
SHA-512:	4826B7DC3472A947CB38306D6D7417DBF9BB9ABECBDD1483F412F9614DE6D9D3CBF68D676770FD08058F90FBE076B576596E9F7B0116879D2F70DD2DA0468252
Malicious:	false
Reputation:	unknown
Preview:	/*. Swiper 11.2.2. * Most modern mobile touch slider and framework with hardware accelerated transitions. * https://swiperjs.com. . Copyright 2014-2025 Vladimir Kharlampidi. . Released under the MIT License. . Released on: January 31, 2025. */..var Swiper=function(){"use strict";function e(e){return null!==e&&"object"==typeof e&&"constructor"in e&&e.constructor===Object}function t(s,a){void 0===s&&(s={}),void 0===a&&(a={}),Object.keys(a).forEach((i=>{void 0===s[i]?s[i]=a[i]:e(a[i])&&e(s[i])&&Object.keys(a[i]).length>0&&t(s[i],a[i])}))}const s={body:{},addEventListener(){},removeEventListener(){},activeElement:{blur(){},nodeName:""},querySelector:()=>null,querySelectorAll:()=>[],getElementById:()=>null,createEvent:()=>({initEvent(){}}),createElement:()=>({children:[],childNodes:[],style:{},setAttribute(){},getElementsByTagName:()=>[]}),createElementNS:()=>({}),importNode:()=>null,location:{hash:"",host:"",hostname:"",href:"",origin:"",pathname:"",protocol:"",search:""}};func

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	2978
Entropy (8bit):	7.9135759674503126
Encrypted:	false
SSDEEP:
MD5:	06AE327F7A6B1A75698832C573BCA652
SHA1:	4998F6553F788786BF2A60690DB7740F2DA0AEB3
SHA-256:	29E0D37E1ECE326FC462C8AD5FAFF67AF1D872CDFC9F7004E5EDC356F02B8867
SHA-512:	488BDA3C939E81064B0CA39C97A1A09C59B33A8C338AF2DF710E51A00C6D2EFCD075AB9DACD444893276943220482CEF148375B6CC4627D210276003BE1BD79C
Malicious:	false
Reputation:	unknown
Preview:	RIFF....WEBPVP8X....0......h..ALPHD..... .HR.\|...G.......2@.D.Q$q........O.A..xFy.......FD..5.^..<.,....VP8 0....6.....i.>1..D"!..=T. ....p...{..@.@...O.o..9.......}..P.8.....K..............C............l.++...P/b~}........C~..v.U...?.?...7......{.W..............B.;.........?7.........O............[.C._...J.lr".J...~. l<l.%..l.%.~c...8...../.....Hl"... .9?.-,...@..N....hX..G..)}...}]B.@...o....m.O..Q.....i.p'2..3k.0.v3A."....w.L..%.]gxB.O!..2...N.n...JpM.Ro\|R....j..i.Z=..jHOc>S....Du.m.}nP..........n......k...1...w<....7N........p.E.........'#u..J.Cd!G`a).qS%..v\|...).....Z.C.?.L........\_..Y.....)o.Cj.=+..........>z.+.D.<...="..$.......Q...m..p.....$...F;.`w.U.o..j..._..........D.L.^.m....}.h......g..."....,..P.0.._..H[.O#..bTD..`=..?..\|...[.5..49k.."....\|4...@`.\....}+A...V..L.H.k...2c?..).`.I9&LEMWc..,.l..-V..` ;....b.cJ..\|....&.,.3....D.....;..f.Ac...GdWc....w"Jr/x.2..[.X\|...4.$T.@;.BAE.b...HL.._f'A.`j....".m..h.u;_...[.........;)..x.kkbf-.W..

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 313x625, Suserng: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	15802
Entropy (8bit):	7.988296670364192
Encrypted:	false
SSDEEP:
MD5:	74FCE03AE6868D5B9D54F3CDFD166093
SHA1:	FDBAE507CBE7385EB2F4C16B311097EF46EF3EE5
SHA-256:	98D752DD6D3EA145A70EBE0B9DFB55E173742E7AFD98C77F79C7769CA6C61ACE
SHA-512:	3A911DB132C295B65CD13FA23E789C0D3B779202B878885AAFFB6384375EF1A8FB84668529724412E175EF71969E05CD4BD932E7E7A56FDC61C786F25228188B
Malicious:	false
Reputation:	unknown
Preview:	RIFF.=..WEBPVP8 .=..0....9.q.>1..C.!..x.. ....yH..../....}.4.....].fG..^.....}.\|..m.s.......?..m...T........?..h....~......)......._j_................................`...............W..............O....j...f............/.'.7...~..3......?.............W.G.......C.....`?.........._.....~........._.?..l................T..X...).b......n.>t..G.uX..H..{O.<../..6..0..^.b.^.Y......\|>pa.!M5`~UF.WH.@.j:.S(.'.]..h...sUt..W8.P....@....Mcc....{....y....Cj[o#]...).nuWM.f.6..%.-...-.b.D.....p.=V[.O......)z..~UV..(...T...>...?+e`.\|`d......^f.o6.M....Xs..XV.....C>.h..Z...}..r........T+...h.l..iT....G...D...w.....B....@q.....?.....%@p.......I.{O.W8.FU..l.j..?.+Pz.b;.^.....m.....>.F..OC...R...T...u.Y.1......fQ.....$.....(.%.M....6.*O.&.}.s.z.;....Y/.K].....]&..vAi>.TMl:..7.j[..b.LC.FZ./....C.....r.0.".C...d.. ....I+;.....KD.}..l6..x.......I..].:C.V9/..#.:.c~%....p...W....n.......@_.........M.<.e.<j.b.-...a.....;..,.._.hiE.K.LC.........S.<P..F(.'9.I....

Chrome Cache Entry: 117

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (450)
Category:	downloaded
Size (bytes):	455
Entropy (8bit):	4.873347052353031
Encrypted:	false
SSDEEP:
MD5:	0A4FF5DA1B0EC60C0B205B6D6403358D
SHA1:	C14132C0760F032C0B7E8F0C3B7CD1281BF0C756
SHA-256:	BCF73A01F5B6645738EC93913CAF04432DE4072410E03BB7D421857FB287D66D
SHA-512:	73C0BCC5C4ABD635F36EDADA0BEA659E750AE58B8ACC4D01099DAFE192990D7C2B54CA303EB39DA42E9D55A7C21477A01AC354FB757BC1AB3AE168AF7FC923B3
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=getblue.io&oit=3&cp=0&pgcl=4&gs_rn=42&psi=1vehHLSELXv0EP7e&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["getblue.io",["getblue.io","widget getblue io","event getblue io","click tracker jetblue io","cms getblue io","https widget getblue io"],["","","","","",""],[],{"google:clientdata":{"bpc":false,"phi":0,"pre":0,"tlw":false},"google:suggestrelevance":[851,601,600,552,551,550],"google:suggestsubtypes":[[512],[7,30],[7,30],[7,30,10],[7,30],[7,30]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"],"google:verbatimrelevance":851}]

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (40571)
Category:	downloaded
Size (bytes):	59432
Entropy (8bit):	5.335458400591511
Encrypted:	false
SSDEEP:
MD5:	94F26C6A0AC054DDFE362041F65C2128
SHA1:	06516AE23F40F9DB15F79E2C98CFE525BA160825
SHA-256:	8E5EC5B3783E3DB35F844E8C48510B392CB1741B6E5B8B6E7CADB09A3FCD5368
SHA-512:	D080BF856EE3AA23D20644EAB391EAF7E3DEB52A115F9E8689E86358C5EDE19C66DBB2FBE32CA45DB2A1417FFC302C89BF735DC1028153E4645BF2EAE0AA32A4
Malicious:	false
Reputation:	unknown
URL:	https://web.getblue.io/
Preview:	<!DOCTYPE html> Last Published: Wed Nov 06 2024 17:35:18 GMT+0000 (Coordinated Universal Time) --><html data-wf-domain="web.getblue.io" data-wf-page="65afd577e3158ea66d24157c" data-wf-site="65afd577e3158ea66d24157d" lang="pt"><head><meta charset="utf-8"/><title>Blue - Home</title><meta content="Retargeting preciso e eficaz atrav.s de machine learning e IA." name="description"/><meta content="Blue - Home" property="og:title"/><meta content="Retargeting preciso e eficaz atrav.s de machine learning e IA." property="og:description"/><meta content="Blue - Home" property="twitter:title"/><meta content="Retargeting preciso e eficaz atrav.s de machine learning e IA." property="twitter:description"/><meta property="og:type" content="website"/><meta content="summary_large_image" name="twitter:card"/><meta content="width=device-width, initial-scale=1" name="viewport"/><link href="https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/css/opencircle-bluemedia.webflow.b30dfb4e8.css" rel

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 20812, version 1.0
Category:	downloaded
Size (bytes):	20812
Entropy (8bit):	7.990350059185381
Encrypted:	true
SSDEEP:
MD5:	4E9B3602EC217B964FC7D568F32B9794
SHA1:	BCAD5E7A1561767A5A631A6B35BCD2702165BE8C
SHA-256:	77D5E347174D1D9449B63FAED71BC7C14B1FCC3AC11CF77F2F36C182065AFB1D
SHA-512:	2A0C128B0FF165394A4C327917323450A77234B345B41D68EFE099D95723614E5DA19A3C00E363E545FFCCD4CBEE57BE1D77820287C3A7EEA1984AAFE752487F
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415b1_BebasNeue-Regular.woff2
Preview:	wOF2......QL.......$..P..........................t..... .`..z...........@..8..d..6.$..&. .....Q..K...g.m..Hw...}.4#...C@......l.......Hr......L2f....&....CD...B..nFSk.l....RG B..KK..0o.{.q$.7z:MQmU..p.9v.....n%...C;6..[...ede%.."x.I..zI....L..3.i..1..[..t......D..%.bcx.C8.X...I...m.Kn.gW..mY...A.x..@..Sv\|....W.....".'.\u..S.g.6..oT.D....?..K.A9..(.....(.#b...6..w...A.$..^t.b..i......{.$<9.....Y.x?,_.p....G...m3w.......NA.Zh..#.P.NET,.\.....5..gn..n.E.~...Q0u.. ......U,.n.Zl......Q..`Z!.v...0.K%?.......(..Vl.$............y.)...2(.dW.[.X..].%...?.^..J^.......h.MuA...f.z...U.6@.`O.......U4..J...o.#.KZ..6&".%...!..V.....\|O.].ku...w@.v..f...Z../'Q+%.".sr.p..pu....4.&\|1.(.@........"B.5,.M.A6.;...M.b."..z..6S5m^7..U.-I.G...h6.....t..MO>........-..\T.+0.z...P......;.Q.Q..F2..9.'.K.e.!I.;....(.........4{.,.Gg..pW......jM.n..X.........R.>yx(.s..#2....k.._.....?.,."..5..zz.......w.C.L....*sz.v....X$..(...&<\|.sv.d...D....P./M.p...9..\+.$

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	2709
Entropy (8bit):	4.242301133425546
Encrypted:	false
SSDEEP:
MD5:	C5C3D262948C8ECBF319D81555F612F7
SHA1:	A86657C1CEAD80E32E718DFEBDAA1F2CD2E65903
SHA-256:	BE74ED546826D1DA196A1EA4EA85EF66EE88F131498DAFEDAE5DF93950D111CC
SHA-512:	DA687A027C6364DC63768FE58D14C692CBE193D89B94CDB10BDCEC9243794887CB494122BDB3884ADD42CAD01C9A5077B960B5A8F16D21477BA23F60992B52F2
Malicious:	false
Reputation:	unknown
Preview:	<svg width="60" height="60" viewBox="0 0 60 60" fill="none" xmlns="http://www.w3.org/2000/svg">.<rect width="60" height="60" rx="10" fill="#E1F5FF"/>.<g clip-path="url(#clip0_2602_1769)">.<path d="M40.8333 10H19.1667C16.7363 10.0026 14.4063 10.9693 12.6878 12.6878C10.9693 14.4063 10.0026 16.7363 10 19.1667L10 32.5C10.0026 34.9303 10.9693 37.2604 12.6878 38.9789C14.4063 40.6974 16.7363 41.664 19.1667 41.6667H27.5V45H22.5C21.837 45 21.2011 45.2634 20.7322 45.7322C20.2634 46.2011 20 46.837 20 47.5C20 48.163 20.2634 48.7989 20.7322 49.2678C21.2011 49.7366 21.837 50 22.5 50H37.5C38.163 50 38.7989 49.7366 39.2678 49.2678C39.7366 48.7989 40 48.163 40 47.5C40 46.837 39.7366 46.2011 39.2678 45.7322C38.7989 45.2634 38.163 45 37.5 45H32.5V41.6667H40.8333C43.2637 41.664 45.5937 40.6974 47.3122 38.9789C49.0307 37.2604 49.9974 34.9303 50 32.5V19.1667C49.9974 16.7363 49.0307 14.4063 47.3122 12.6878C45.5937 10.9693 43.2637 10.0026 40.8333 10V10ZM45 32.5C45 33.6051 44.561 34.6649 43.7796 35.4463C42.998

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	1304
Entropy (8bit):	7.800520268436296
Encrypted:	false
SSDEEP:
MD5:	E17574CAC0947DA0E6DC7F10F36E2765
SHA1:	6D99C1828E8C80B644BF4B906FCBBCB89B8BDD47
SHA-256:	8DC6C7411D885EF64682B9DF4DDCF8D4BC1D7D82EFB1AC308872F0A2F961F844
SHA-512:	36C6F10CEF60736237F908007CB50D821F3C70B579C11AF2AAD186B0FAB1A4FB0E954538987B3D98C3F9531644560B5375C2407BBA294541CC64B5E36451778C
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415da_logo-wine.webp
Preview:	RIFF....WEBPVP8X....0......h..ALPH<..... .H.h......$).""hB..k........O.A..8Fs...ID.3"...M...)...VP8 ....p......i.>1..C.!....x ....p.............g..A.....]p/Q.w...c..q...S..?.q.v........F\|c......7._.....[.[....4..T..gSe3..G.+.z.T.=L.i.O?Roi..h5...=dZ....9.dn>..9..7....d{...L..Ha.....C.9..,p..M..\N.>i.RS.D...eR!...7f.#..Kr.fJD...(.cr.]l}..P..$..S:.).M......YA....@$`.\..U!6...?.s......g=..I.)m..~.y0?..G..Qi...:.=F.-...&+>.......U.-.SC_...vu.68.l?.....Z..R.:.(I.\|z^......i...(..!...o.v...y......D~=..p.Zq.X8..ao.j.y....t.F..P.S......i.-W.B.D.V......;+....Al...._SyH..9d....XX\.=.So....$+r.6.S]S..AI{....yP.)..).._e..'1..(..`.9;.G...@.....'R%.I....`>W.\|.......9.4u..B&Y4.A{2j..']X..w...Y..s.....E.5o..=D.y....H......K6. ..DD...{..<N...3J..._.UPJ .......a....q.W..Kw.jE^...?....6.,.<...#...........f.6F[..@.k..e...9y._~.l......S..g.h...;.....{...+....$...;2..<.....M\2e.8...E.&..E.....U...5;_.-.?.*wU.agHGH.5.:t.}.l.J7.h...e....73.....m.f..c.A.....<......pi"..

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (695)
Category:	downloaded
Size (bytes):	646875
Entropy (8bit):	5.1482884557905875
Encrypted:	false
SSDEEP:
MD5:	954EB8D5CFD08CD536942C91DF1D45BB
SHA1:	B27765F401DBA7967ACCDE1A1C888AA5B564A64C
SHA-256:	0BB2F5EAEEE65787CCF573267A240C00A24F0BFB69CDA3BEF9249A61A5B6F6FC
SHA-512:	0A944E2328046FD4A44421C0E708A8E34C19910006A9543186C51C0EB25256F46E20C7D456342AE8F4E6E4F93BE058907E76EDD0618537C16A433F4B815F19B5
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/js/webflow.954eb8d5c.js
Preview:	./!. Webflow: Front-end site library. * @license MIT. * Inline scripts may access the api using an async handler:. * var Webflow = Webflow \|\| [];. * Webflow.push(readyFunction);. */..(() => {. var __create = Object.create;. var __defProp = Object.defineProperty;. var __getOwnPropDesc = Object.getOwnPropertyDescriptor;. var __getOwnPropNames = Object.getOwnPropertyNames;. var __getProtoOf = Object.getPrototypeOf;. var __hasOwnProp = Object.prototype.hasOwnProperty;. var __esm = (fn, res) => function __init() {. return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;. };. var __commonJS = (cb, mod) => function __require() {. return mod \|\| (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;. };. var __export = (target, all) => {. for (var name in all). __defProp(target, name, { get: all[name], enumerable: true });. };. var __copyProps = (to, from, except, desc) => {. if (from && typeof from === "object" \|\|

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65451)
Category:	downloaded
Size (bytes):	89476
Entropy (8bit):	5.2896589255084425
Encrypted:	false
SSDEEP:
MD5:	DC5E7F18C8D36AC1D3D4753A87C98D0A
SHA1:	C8E1C8B386DC5B7A9184C763C88D19A346EB3342
SHA-256:	F7F6A5894F1D19DDAD6FA392B2ECE2C5E578CBF7DA4EA805B6885EB6985B6E3D
SHA-512:	6CB4F4426F559C06190DF97229C05A436820D21498350AC9F118A5625758435171418A022ED523BAE46E668F9F8EA871FEAB6AFF58AD2740B67A30F196D65516
Malicious:	false
Reputation:	unknown
URL:	https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=65afd577e3158ea66d24157d
Preview:	/! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"o

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	212
Entropy (8bit):	5.001868352385537
Encrypted:	false
SSDEEP:
MD5:	4E070DCFB087DEED22B719C5F3DA83AD
SHA1:	DA0A00B8F1CB7D254CD5F0062990ADCEB2532F7C
SHA-256:	F127133AF1EDA971B9CFD54F9CF341B7CB1FBA8141AF760C81DE45879508AF0E
SHA-512:	F1C8687BD11E75C16320077DFBE12C70DB58081F2C115FF3B7296FAD766C67E459E410F1741405B239CAD43171168F7C01E0786488CA6EB35DA1E54B18D92E26
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISeQlHilN0sJjKoRIFDbT55gcSBQ0PqGwMEgUNsQQYQxIFDZFr5A0SBQ3gkyn0EgUNgUvj6xIFDTlZaOwSBQ1oNE6dEgUNST8F6hIFDcssBeoSBQ0kNDeCEgUN4z8g7RIFDWXP8F4SBQ19-U0vEgUNyQquthIFDUc1E74=?alt=proto
Preview:	CpwBCgsNtPnmBxoECAcYAQoLDQ+obAwaBAgJGAEKBw2xBBhDGgAKCw2Ra+QNGgQIJBgBCgcN4JMp9BoACgcNgUvj6xoACgcNOVlo7BoACgcNaDROnRoACgcNST8F6hoACgcNyywF6hoACgcNJDQ3ghoACgcN4z8g7RoACgcNZc/wXhoACgcNfflNLxoACgcNyQquthoACgcNRzUTvhoA

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17076)
Category:	downloaded
Size (bytes):	381156
Entropy (8bit):	5.660858063781796
Encrypted:	false
SSDEEP:
MD5:	33297F84D0FFD2EA1D7C627B48383437
SHA1:	7D154168A4F5039D3E9DD83A628F95ED209D1F4A
SHA-256:	07D0E7B04EFABF9B19B8502C4DEE103E82A7CD8A840BE012949170AF4C913054
SHA-512:	3DE142878027C0917FD9FF4B3A7198767D20CC65DE849B145229930B153649943D724ADC13656007FFD3DBE120F508266E9F82FD2F4A1ED7361DBE0A7A5EA778
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/js?id=G-CYEN6ZL50J&l=dataLayer&cx=c&gtm=45He5230v889460454za200
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_ga_send","priority":7,"vtp_value":true,"tag_id":10},{"function":"__ogt_referral_exclusion","priority":7,"vtp_includeConditions":["list","getblue\\.io"],"tag_id":12},{"function":"__ogt_session_timeout","priority":7,"vtp_sessionMinutes":30,"vtp_sessionHours":0,"tag_id":13},{"function":"__ogt_1p_data_v2","priority":7,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR",

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	3242
Entropy (8bit):	4.161045116553128
Encrypted:	false
SSDEEP:
MD5:	904104DF23330B16DAFFCF8DE48F1A56
SHA1:	9E2FE1ADE485A2397C21B15BA52E6E4B7E40AC3C
SHA-256:	436D431223483C961AAEFB30B223EF3C16713D170C9A9E7348CFA987FC992160
SHA-512:	965A727984E6C3E15134066045634C6E636F333D026DD709F5F18BD0983C5A2EDD1C5AA952B2E12B565E5F100B64E9EBABA5F3BF2732B3709FDA7EDEF678350A
Malicious:	false
Reputation:	unknown
Preview:	<svg width="60" height="60" viewBox="0 0 60 60" fill="none" xmlns="http://www.w3.org/2000/svg">.<rect width="60" height="60" rx="10" fill="#E1F5FF"/>.<g clip-path="url(#clip0_2602_2060)">.<path d="M35 22.5012C35 22.0068 35.1466 21.5234 35.4213 21.1123C35.696 20.7012 36.0865 20.3808 36.5433 20.1915C37.0001 20.0023 37.5028 19.9528 37.9877 20.0493C38.4727 20.1457 38.9181 20.3838 39.2678 20.7335C39.6174 21.0831 39.8555 21.5286 39.952 22.0135C40.0484 22.4985 39.9989 23.0011 39.8097 23.458C39.6205 23.9148 39.3 24.3052 38.8889 24.5799C38.4778 24.8546 37.9945 25.0012 37.5 25.0012C36.837 25.0012 36.2011 24.7379 35.7322 24.269C35.2634 23.8002 35 23.1643 35 22.5012V22.5012ZM32.5 30.0012C32.9945 30.0012 33.4778 29.8546 33.8889 29.5799C34.3 29.3052 34.6205 28.9148 34.8097 28.458C34.9989 28.0011 35.0484 27.4985 34.952 27.0135C34.8555 26.5286 34.6174 26.0831 34.2678 25.7335C33.9181 25.3838 33.4727 25.1457 32.9877 25.0493C32.5028 24.9528 32.0001 25.0023 31.5433 25.1915C31.0865 25.3808 30.696 25.7012 3

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (687)
Category:	downloaded
Size (bytes):	774
Entropy (8bit):	5.660721978623315
Encrypted:	false
SSDEEP:
MD5:	0662E9431F81B500945CB1074128AD5E
SHA1:	7B197CD638C4723C5BA67533FAA1E9863DA95A5F
SHA-256:	DEDB01970E80B9E3FBC73E4ACD26AA0D6283AECD497D9805B66F812470C55112
SHA-512:	63BE19DD3D99CB9644454951344866632835E8715BC7A5CE2E31F0C3316C24CCF312B4795F389AAAD32E201027150810BC1631C3556DDE891D0FFDD6614742F6
Malicious:	false
Reputation:	unknown
URL:	https://event.getblue.io/p/?cId=3CD4AEBE-BE0D-3A0D-9313D7F67DEF58DC&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=f95716b5-28b4-43f4-8b20-dd0a1a4394f3&ulc=&v=29092023-1023&nocache=2890728116978.94
Preview:	<html><head><meta name='referrer' content='no-referrer'/></head><body>.<img src="https://cm.g.doubleclick.net/pixel?google_nid=getblue&google_cm&&google_sc&ckid=A3E9A909-94E7-4C44-8CECE1C15C613ABC&cid=3CD4AEBE-BE0D-3A0D-9313D7F67DEF58DC&google_ula=7625555190&ula=7625555190&google_hm=QTNFOUE5MDktOTRFNy00QzQ0LThDRUNFMUMxNUM2MTNBQkM&blueID=f95716b5-28b4-43f4-8b20-dd0a1a4394f3" width="1" height="1" /><img src="https://ib.adnxs.com/setuid?entity=449&code=A3E9A909-94E7-4C44-8CECE1C15C613ABC" width="1" height="1" /> <img src="https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=A3E9A909-94E7-4C44-8CECE1C15C613ABC&cid=3CD4AEBE-BE0D-3A0D-9313D7F67DEF58DC&blueID=f95716b5-28b4-43f4-8b20-dd0a1a4394f3&appnexusid=$UID" width="1" height="1" />.</body></html>.

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	695
Entropy (8bit):	5.106644165571943
Encrypted:	false
SSDEEP:
MD5:	51E5F5FA272E1E54B13D76FE534748C9
SHA1:	174CD5DF60C9447E30340939BB12FA2E68CFD1BC
SHA-256:	05AFE66790ED47D63CB42E876FCD9DE4F47A1DE0443586922E4C18362C27DEBF
SHA-512:	2347498038F13AF7A41F21E77135F9AD97D011EBEF62FAF3BB0F5E477B5C984E6625876F27B88D6BE555DD9CF6EF488E559490998FD2DCE1FC9C4FAD1F90A869
Malicious:	false
Reputation:	unknown
Preview:	<svg width="21" height="16" viewBox="0 0 21 16" fill="none" xmlns="http://www.w3.org/2000/svg">.<rect y="0.5" width="21" height="15" rx="3" fill="#249F58"/>.<path fill-rule="evenodd" clip-rule="evenodd" d="M10.5 2.5L18 8L10.5 13.5L3 8" fill="#FFDA2C"/>.<path d="M10.5 11.5C12.433 11.5 14 9.933 14 8C14 6.067 12.433 4.5 10.5 4.5C8.567 4.5 7 6.067 7 8C7 9.933 8.567 11.5 10.5 11.5Z" fill="#1A47B8"/>.<path fill-rule="evenodd" clip-rule="evenodd" d="M9 9.5V10.5H10V9.5H9ZM11 9.5V10.5H12V9.5H11Z" fill="white"/>.<path fill-rule="evenodd" clip-rule="evenodd" d="M8 6.5C8 6.5 10.264 6.9 11.896 7.598L14 8.5" fill="white"/>.<path d="M8 6.5C8 6.5 10.264 6.9 11.896 7.598L14 8.5" stroke="white"/>.</svg>.

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (825)
Category:	downloaded
Size (bytes):	830
Entropy (8bit):	5.170617019248833
Encrypted:	false
SSDEEP:
MD5:	E1BBA601D88C7DBB501D1C81C76AEAF8
SHA1:	207C013E5C2A2268F1EFB239437E4F921C6999E9
SHA-256:	1D9BC29732E0F60F8A0A689C52AB6504716E83AD59DA2DFA92649F2186856A86
SHA-512:	1764B1A7FC2A58A69CC47B7BE1B70749CF568E58E25AAA1D5CEBA6E2D29B2A29F4ADDFC4F1DC28AF20426857E466783DD024BA30DB1566A141B049629991B913
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["",["nyt crossword clues","lottery mega millions powerball jackpot","pga tour wm phoenix open","starlink apple iphones","jurassic world rebirth trailer","openai deep research","bowman gray stadium clash","battlefield labs game"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggesteventid":"-5908913304078360194","google:suggestrelevance":[1254,1253,1252,1251,1250,601,600,550],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362,10],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 313x625, Suserng: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	42970
Entropy (8bit):	7.995054755761038
Encrypted:	true
SSDEEP:
MD5:	2B86BC87AC240059D051CD5238DB4D1E
SHA1:	C030C8E2CDF121EF74DAAC7EA749B2E06992D97A
SHA-256:	AAC968358201FCCBDE8E1468BB6ACA2C4057836411E9F0DDF7DEF1E7659FAFDE
SHA-512:	E5178A990B2BBB417DE345B62E722EF6E5DA2BE53043456AF54CB5A02C0799769E32126C0459279F05CD1B1C1ECE62136E31AA396524D03B251AFB074554FA36
Malicious:	false
Reputation:	unknown
Preview:	RIFF...WEBPVP8 ....)...9.q.>1..C"!!.... ...;..L..~..g.. ._........+....../8..=Y~..........{......xO....z..U.......q.........?...O....8.}........i...S....5...'.............../...~....?..P...........G...f)}...A.s..................g.?.O.....~........k.......?..~...o.?........_....._..._..a_..........w......l.......q%.......0G..~./..ZB....d.V.<..^....pB.$.C..6V...&`........=......@...)..,...(IL-.g.J...23..d..".Y.........\.b......I.K...:.X.Y..).....Y. ..f-l.U.7.O1....5..a.....M:.....G...sUgpA.f..;q......i......Y./.S.kU...gJB\|...7..u.-...b.......@...{_c..3}..w=....g..Aa...?.......e......!..lZ.:...[..r%.?..w...j..-..z.R#.}...7..V..i..gC...ns:%1y..^.2....~.bm.6P..........?..K}..M.~.=N...o.l......m.K.s..Z.}.K..?.F....E.GY...GG.(....#....Ji.}n..{..1o.}..1..k:..{.eNS#Y5...G..3J.K......H._.rC.W...........,'.....2.A.X.2..m....&..(....l..<...aq.w..J.D..P.Sw.O...H....%..H...GbB....V...;.....A.....n!.....uw.....H....[..T....p`M..K2.....dt..!C.h.@..i@

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	3470
Entropy (8bit):	7.916635581642067
Encrypted:	false
SSDEEP:
MD5:	A2EB55A23184C6B1C7DC7B58BA9CCB83
SHA1:	0B2125C66EE58ABC4A9517810A8472BB70E43E90
SHA-256:	B3BD30BFC831A80950201CCA25FC825B9C03C034C090E365A4C0E60824415C8F
SHA-512:	DFCC09A1FD97802C99662058F8B77DF80C2EF6658C52EBAF59528BE1DE347F346F35180D0FF68ED69B93CE7EEF270F5E6A7637811A71E63A935DE00A1A6224E8
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415cf_logo-elo%20(1).webp
Preview:	RIFF....WEBPVP8X....0......h..ALPH..........6..=.9..v......03....bf^.W.......f.r..L23H:.Y.R.7(onDL.......stq.H..._E.....XX.0.}f......7...hvq!...a..D.........o...GZk.ln~1"...&.-G.YIX.....R.~....o......`...J. ....@.Q...W.}Y.P.\|..B.v.t..JM....#K..........".C......[.y.^f..J...s..T......B..#(!......b.r....^.Al..x\.$..(.....+.8.8`lY/b...)....P.J. .8...Z..7.P4ru,Z"......[.T.0...8.# ..v7g...... ..>0....bs..Qod=]m....JuC..X..X.....^.l.E.F.w..s...._...Sb86S$5..n...........].tB8..TS5`......D.F..ec(Y._.f.Y"..N.a;LRT5..pe..3.Lw...........\|.W.m[y`H...9.pr..P+.z...D<..A....+Y....5..........~G.v_q.=..6.*n..<....)..q..c.X.H..&...y.$.].Q.63.'./8.L......Dv........Jp.D..[.'74.eG....%.+.S..$ v....{rz..g..^pd...9.ro.>\...jAU(.<..I...%..#..]......<~(..ZV..{..ZQ....X.....jE.{...2n.$.J..z.."u.....EJ..^.w....y.?....X,.8..%Y)..D...J.(.'IJ{0.7-...._H....d.?.1>...E.$.x.....\....V.z..n.kk..R+=..KG.~..YJ......(.....g..X.v.~\|vV...HV..$_.//..R..1.^..B.uY....{.s>..I

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	3130
Entropy (8bit):	7.911559027208567
Encrypted:	false
SSDEEP:
MD5:	EC75152A3F1E65C11E61B539489C2535
SHA1:	2C2A1FA256450BF77BDEF439148611112476114D
SHA-256:	9438D1BCF4439194867F2C3BFAB6C3BA19659C1AD879E16051000B13BCA41AFE
SHA-512:	334E11B1AED1926271E0C9992120F8B92D12F4C3BDAEC92EC4D59038DE8A51E35E018ED8933F223931DDAD8F8ED1A1E86141B8F44A22575B2F728911C47F0903
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415d7_logo-petz.webp
Preview:	RIFF2...WEBPVP8X....0......h..ALPH.....!1i...'.DD.#.I .......:........HK...$.....I;.m...m.m.......E..........,.......22...W...X...z7..Ls.^../t...Vv..oC..@..P.0...V.O^.A...x..o......=}...2...".....S..7[9...Lk.'..}K..%.E.v..r9}.....Z.c}..V1.a.iZ`..J5.._W..H.9........Ego..'+.....2.=.J..v.m.\|....v]..G.n.....'@...A.2.b.a..YP..e.@C.F..gWp....&a......>.x?7..KP.(S..e.T.....z.......!.ag.3.q.~...?U.p0..1.2....%...H..[V&!..o<.7U%.C.X"..#p.8kX.i..sR...7..{r...{...H.....2&5.2...UJ.:..Y..Vj.3...?.<.@.I'.Zd...c.vD(..RC...b.......fXc.].vV..5....e.s.F.y#.K..LY...5.".V...'...~.G\|..u.D5.L...~.r..?..4y.-.{.F..jc._.....'+....~.8.F/f...&U.dy.J.)Y..D.b...W.O....%...t.\|O........+....g.+O...r.i.....5...mGT4.i.bq..W<..&.Fe....Y...=M.t.L.L.E...d..(.."Q1.........._{@........xK.R[.2.g.]E8qU....mKZ:x.....T..\|...\|....r)K.?.qX<D1...g.{..\|j..?..//....5MQ..jR.,.YQ..2...p."..R..#0.[2.2..#...`.@~....?..?M....p~v..w..E=...,.....G.vG....'...F.&8..;....JC....q.

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1105
Entropy (8bit):	4.147775348285566
Encrypted:	false
SSDEEP:
MD5:	49A7B906F4D10114D529365C5E0C3A4F
SHA1:	7483154A5DEF03E23A5D746D28A09105B8D37AFB
SHA-256:	9D4CADB694FFB0608A5B9B740C6F1D53A758AE482B935B483274B8092422E052
SHA-512:	FBE10B4FEE962D964883E31E07108D289DF5079C4C013B76F0184F2881C11A53B50EDF6CD0267D64789F4C82CA24DC28BAB1DD0AA9C415E6AF4AF3953006B93B
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415e7_footer%20arrow%20icon.svg
Preview:	<svg width="14" height="9" viewBox="0 0 14 9" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M13.7098 1.20998C13.6169 1.11625 13.5063 1.04186 13.3844 0.991091C13.2625 0.940323 13.1318 0.914185 12.9998 0.914185C12.8678 0.914185 12.7371 0.940323 12.6152 0.991091C12.4934 1.04186 12.3828 1.11625 12.2898 1.20998L7.70982 5.78997C7.61685 5.8837 7.50625 5.9581 7.38439 6.00886C7.26253 6.05963 7.13183 6.08577 6.99982 6.08577C6.86781 6.08577 6.7371 6.05963 6.61524 6.00886C6.49338 5.9581 6.38278 5.8837 6.28982 5.78997L1.70982 1.20998C1.61685 1.11625 1.50625 1.04186 1.38439 0.991091C1.26253 0.940323 1.13183 0.914185 0.999816 0.914185C0.867804 0.914185 0.737098 0.940323 0.615239 0.991091C0.49338 1.04186 0.382779 1.11625 0.289816 1.20998C0.103565 1.39734 -0.000976562 1.6508 -0.000976562 1.91498C-0.000976562 2.17917 0.103565 2.43262 0.289816 2.61998L4.87982 7.20997C5.44232 7.77177 6.20481 8.08733 6.99982 8.08733C7.79482 8.08733 8.55732 7.77177 9.11982 7.20997L13.7098 2.61998C13.8961 2.43262

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	13238
Entropy (8bit):	7.912316736170124
Encrypted:	false
SSDEEP:
MD5:	99346105E5876E251D7288335E17453C
SHA1:	F3BA2A2FEF652F2C0E9AF54537A62F5AFEC46B3C
SHA-256:	2A42DA412D5F3E1586F0CF89A8547A623D7104C2F05677E7CC77241801195822
SHA-512:	451EF023423647424D25549101A43D8C59F83D608055820144785FB464A890681846FF7343BE52D7FE27CF2A3FC67E3BD3013D7E73564E41D232C3D7BE91B296
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d24160c_company%20logo%20new%20nutrition.webp
Preview:	RIFF.3..WEBPVP8X....0.........ICCP........lcms.@..mntrRGB XYZ ............acspMSFT...................................-lcms................................................desc... ...@cprt...`...6wtpt........chad.......,rXYZ........bXYZ........gXYZ........rTRC....... gTRC....... bTRC....... chrm...4...$dmnd...X...$dmdd...\|...$mluc............enUS...$.....G.I.M.P. .b.u.i.l.t.-.i.n. .s.R.G.Bmluc............enUS.........P.u.b.l.i.c. .D.o.m.a.i.n..XYZ ...............-sf32.......B.......%.......................nXYZ ......o...8.....XYZ ......$.........XYZ ......b.........para..........ff......Y.......[chrm..............T\|..L.......&g...\mluc............enUS.........G.I.M.Pmluc............enUS.........s.R.G.BALPH,..... .HT..j....2a.%.T...gn....?.........w.VP8 .0..p....* ...>1..D"!..... ....~...te#......?.?r}..._#}....o...]>t.............?........o...?...>Q.....................z............K...G._._#?.........+.....o.?.;......h...e...O......'.?..m..{.g?.MG~C.#..........o.}A...w...g.....

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2343)
Category:	dropped
Size (bytes):	52916
Entropy (8bit):	5.51283890397623
Encrypted:	false
SSDEEP:
MD5:	575B5480531DA4D14E7453E2016FE0BC
SHA1:	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1
SHA-256:	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
SHA-512:	174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A
Malicious:	false
Reputation:	unknown
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var n=this\|\|self,p=function(a,b){a=a.split(".");var c=n;a[0]in c\|\|"undefined"==typeof c.execScript\|\|c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length\|\|void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};function q(){for(var a=r,b={},c=0;c<a.length;++c)b[a[c]]=c;return b}function u(){var a="ABCDEFGHIJKLMNOPQRSTUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;.function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r\|\|u();v=v\|\|q();for(var c="",d=0;;){var e=b(-1),f=b(0),h=b(64),g=b(64);if(64===g&&-1===e)return c;c+=String.fromCharCode(e<<2\|f>>4);64!=h&&(c+=String.fromCharCode(f<<4&240\|h>>2),64!=g&&(c+=String.fromCharCode(h<<6&192\|g)))}};var w={},y=function(a){w.TAGGING=w.TAGGING\|\|[];w.TAGGING[a]=!0};var ba=Array.isArray,c

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	3912
Entropy (8bit):	7.937111631371835
Encrypted:	false
SSDEEP:
MD5:	437B1F539BC505683CF36F069EC86597
SHA1:	A754E049F426400E095EC6D2F64A24A666D1A78A
SHA-256:	F37E03665132ECE02619C91A84771D63E055FF022F7B9FD7ED6B892A631406F8
SHA-512:	D38D33DD8E2523C7F04488708D171F59E5D7FE4EF4C70E3C056B5E4EE7AA82083A7BEC707A48831B54DF09ECB4511D406EE58AF44DE656CE2286EFEC30234EF5
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415d9_logo-grancursos.webp
Preview:	RIFF@...WEBPVP8X....0......h..ALPH......0....H....\|f..".?.1fw$./..VP8 ....PB.....i.>1..C.!.... ....p........+........S.-.._._.~............_.....?j.T...._.?.z`{...~.ze~..#~.....................-....#.......c........?........g.>._......A...}.y.z......y?..D.3...?............O.g...?........=...o.......}).7.o.7................./.........5(.....e.xd..2YuR..3......z.2...V.5<R...I./...!~c...y..P...lq..(..A'q.A...c.k.. ..k...u.....G4.).O..BF-..........o.a....?...o:.E....$B...n.........<R......CW...!...B@..D.>X<.'bs.N..'7~ZZDl~...WV...1....e.:a.>...rJ..X...6.....( ..re.092....x..........i...O9S$........ .E.1N.....E..N.V......rc....H0.....7...4..?.$..t...R...d..[.)...h.\..P...).....ppG9.>.R.Q..OZ.w...^...T....1_..3...X...=....%..Y.j..)_.}b......~.$..t..B..f.j.....n.;Y...<..<..........]\...%.D....o..Y..jJP....1.p.5........q...f...d.2...s...h...uv}....\|.D).<....X.......T..86..<$x.)n...H.?B..5.I.c.).'.Ud.`..........N=xNy>...A..Q..B

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto LightRegularVersion 2.137; 2017Roboto-Ligh
Category:	downloaded
Size (bytes):	167000
Entropy (8bit):	6.518622594382529
Encrypted:	false
SSDEEP:
MD5:	881E150AB929E26D1F812C4342C15A7C
SHA1:	18788C5D630FA695F9283F6393BFA541B2031508
SHA-256:	C576C50642271BCDBFFFED04F92DC8D6A981DAF300914D0A20C8A5A5A57015C7
SHA-512:	AF18FEBDF3E0D5FC8111E6335BD8CC4FC8DD944910DB8A4F3EBAE284E3D1064EB793A25588007E3D1CEE24051E11CF3328951A3F708375856D54176A53701B49
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415bf_Roboto-Light.ttf
Preview:	........... GDEF.B.........bGPOS.m?6......].GSUBz..w..v.....OS/2.......X...`cmap..Qm........cvt /......L...Xfpgm.."....T....gasp............glyf.......,...VhdmxG`Rp........head.Y.i.......6hhea.......4...$hmtxU.?.......8loca...t.......maxp.>.\...... name=Qm,........post.m.d...l... prepz/.W.......:...d...(.............o......9........................EX../....>Y..EX../....>Y......9......9......9......9........9......9......01!!.!.......!.5.!.(.<..6......................}.w...x.^.^..^.......>.......<......9.........EX../....>Y..EX../....>Y.....+X!...Y..../01.#.3.462...."&..o.\|.,L--L,......"//"!--......;............./..../........01..#.3..#.3..P.a..Q.a.t...........U...............EX../....>Y..EX../....>Y..EX../....>Y..EX../....>Y......9\|../......+X!...Y............../.....+X!...Y...............................01.!.#.#5!.!5!.3.!.3.3.#.3.!.#.!.!....McM...S...)OcO.;OdO..S...Md..;S.....f..]..`...`...``.G].f.......s.0.....+.{..,-..9.../..EX../....>Y..EX../....>Y..EX. /.. .>Y..

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5664)
Category:	downloaded
Size (bytes):	339505
Entropy (8bit):	5.569793754723534
Encrypted:	false
SSDEEP:
MD5:	0A710939E01646347BF1612156ACEC52
SHA1:	6276BA9A2C8C8FDB4DCFC48F328EE4F02B1F1A0C
SHA-256:	494586A0B8944DEE58E8E049D7DB7FE3458EE768AA121057361D0755A043C5E5
SHA-512:	A3117478510AB336962BD03A2A5BE53DE2CC1D5A1859A24BCF018A7093618D367958D7D74F9AD30AA642AA30309F724DC379DCD529438BBC927655BD4BC719C2
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtm.js?id=GTM-WHVGXNV
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]\|\|{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"5",. . "macros":[{"function":"__e"},{"function":"__gas","vtp_cookieDomain":"auto","vtp_doubleClick":false,"vtp_setTrackerName":false,"vtp_useDebugVersion":false,"vtp_useHashAutoLink":false,"vtp_decorateFormsAutoLink":false,"vtp_enableLinkId":false,"vtp_enableEcommerce":false,"vtp_trackingId":"UA-122234007-2","vtp_enableRecaptchaOption":false,"vtp_enableUaRlsa":false,"vtp_enableUseInternalVersion":false,"vtp_enableGA4Schema":true},{"function":"__u","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__v","vtp_name":"gtm.triggers","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":""},{"function":"__v","vtp_name":"gtm.scrollThreshold","vtp_dataLayerVersion":1},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5268)
Category:	dropped
Size (bytes):	299799
Entropy (8bit):	5.56235967246584
Encrypted:	false
SSDEEP:
MD5:	E8A58E965B452F1E231BF01589CB23C4
SHA1:	E0C50169E6A7100BDAC8E34A47FDD7584C671910
SHA-256:	274D3C200E1007384A05EAA0682C565B298628A890EAD506B17878679339F39B
SHA-512:	029BCD7A5A60A55DD0A81490EFBA78371F1AFB369306BD2E2499FB250DC65CEF14C6D2A6059448A4BDAC2C79BB6A443ED2B5DD196C5CE46783CAC9EB50A12CC7
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_ads_datatos","priority":16,"vtp_instanceDestinationId":"AW-16533307350","tag_id":10},{"function":"__ogt_1p_data_v2","priority":6,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_streetValue":"","vtp_lastNameType":"CSS_SELECTOR","vtp_autoAddressEnabled":false,"vtp_re

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	1592
Entropy (8bit):	7.819080321373057
Encrypted:	false
SSDEEP:
MD5:	E55A496A285AD116A4C2B7CEA5144AC1
SHA1:	AE7FF2850EFA2473C3362B5060577D5F2236C083
SHA-256:	D540C06E4A99E24C69CCC918898D8A877E281E0FE16D72DEC07BD5B5D4B75C5F
SHA-512:	54BBEBEB0D6B405346F88AD106CB4766FAC18F3082985DFDF46F8D76CFC30B19040148C50F9011174BB6AE203E620D22DA46164802F365F12E1EEC419BC2CD2D
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415d1_logo-enjoei.webp
Preview:	RIFF0...WEBPVP8X....0......h..ALPH$..... .H.h.....l.2...#.u.F.............VP8 .....%.....i.>1..C.!!.I.. ....p..%O_..._..Q...C............V....{&.w.o.}........X.U{..../.\|..p........:.E....R^u.o./.....w.....<..I.../.w.....}.H.B..p.n...3...Z...x..I7.....NV.....T....U..o.,aTMA..c..>p..l&F..n.=..<..+.....79q......}...w2Gzi-.F8.$}$.9C.E...R8.G.J..<..qw...n..K..-...AP.m\0..'......YAW..t.@...:..IEn^....rD./.U~F\|2E....u.....!...'.).W.......=..D...1.8.......p.o...1...]...P...GN.%........9..Pd..........2....w...J.>:X.ck.N].....I.j..@.'..s......h.HX...T1..... ..:.....f...m.. n.3......J.f.{...k.A1......?....d..u&.../..4ff.^.gZ.......R-..8.......!.'T.6...S.-..........:....f.5/.P..K.oz.*...{.]'?2..)............<oW.B~6%...?}=0T.Q.TZ.:..K......fip1..\..(.:.S..y.g..^......3...._..?.....5x....-.m....Zo...:-..A8=6..R\M..O..x....a..<H.l.......E.P....w#Y....,oF...}..qE{.g&..s..HT......K...8.u...........]..E.}.}_...\|..\|.XF.x...&}...s3.J..%._.f.:..F.....^...D

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	4214
Entropy (8bit):	7.935510925347809
Encrypted:	false
SSDEEP:
MD5:	445B474EF2C100038397FF4A2D5A2DFD
SHA1:	3627DFFD4ED2BB2E21ECC16B64C9B005B59DC22A
SHA-256:	6B4F4406A109A639839E5EC3D89753EC9407632F23B26C9A8B354138E75DBE17
SHA-512:	7DD4ED30A8E39A4E7F447A8F96D4C2FC3E407BB062ECD9B2443895C87D7855CA91AEED0CE6B6AAFE4552A21BE686B6A97B0C85E3985C725856B26FCA927AA1AF
Malicious:	false
Reputation:	unknown
Preview:	RIFFn...WEBPVP8X....0......h..ALPH(....!1i...'.DD.#.I .......:j..d C.....z...L..L./l.....3.5i.6]F.e.m[{o.[....l...6cMf...7f......;"&.(....s.0...!Y_).E...q..V...J..7YU.2U[5.5'..1........ ,G..1..G{.F...o.qC:CXC...r.1 .. ......H.4.h.FFm.......A..QXO$...O..el...4.Yc.Im.z.N~...ld..\t..y......;^..D......\k.......2RG....V?}...........z/.J.W...\|I.Q.-...4g./...H..b.`Q.,0..a.E.....#.(Y..^.Af.....8...4wi..^....{.LZ..].....p...iv...EJ'....Q.`:..-k...zr..<u4W...nu..L.{..LMB......qo9.@l....R.Z...Ku..m....y:6.W.&.(g"..._...C7d..t/,.eP.....e.(.,.....-W.d..l..o..._.%.........A'$m.....R..Y^.......-...j...........%<.~>.../....<.3.h+...@..jX."P../.^>..N/..O...m.......U..{..$=.mR.b..lNEa.Y.@E.3......uRf..C.U..$..............c.I.a...K.....Z.SK..~\|....l...6....^F.3..+..Oi..d. ..S.O.....9\|.....8v..........K>n3gg.....c..XQ...\....=...n..:...RYV. ..Y8...`d.0.,...ZOZ7...E......TW."<{$5. ..O.d..q.QX.q........I..>..1X......-..lK..r5X.&}+j./R../..H......U...Z..

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (815)
Category:	downloaded
Size (bytes):	3501
Entropy (8bit):	5.383873370647921
Encrypted:	false
SSDEEP:
MD5:	147FD3B00C22BA9C939712E9213C24CA
SHA1:	3B48369B86FA0574F35379AACD1F42CC9C98A52B
SHA-256:	70F5B11C1870CF90201A6D5F770CA318A3FA5827C74A8765EDE22B487F7D4532
SHA-512:	E8419A71232EDAC8FD131446777F7D034B3171EFE07B3267479B439E4982650DB65A0D1DDC9F516315D5ED1B01ECFD2F7EB55D75D44AA51EE0AD494D441586D2
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/static/service_worker/5230/sw_iframe.html?origin=https%3A%2F%2Fweb.getblue.io
Preview:	<!DOCTYPE html>.<html>.<head>. <link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon">.</head>.<body>. <script>.'use strict';class m{constructor(a){this.j=a;this.g={};this.h={};this.i=0;this.id=String(Math.floor(Number.MAX_SAFE_INTEGERMath.random()))}}function n(a){return a.performance&&a.performance.now()\|\|Date.now()}.var p=function(a,b){class d{constructor(c,g,f){this.failureType=c;this.data=g;this.g=f;this.h=new m(n(f))}s(c,g){const f=c.clientId;if(c.type===0){c.isDead=!0;var e=this.h,h=n(this.g);e.g[f]==null&&(e.g[f]=0,e.h[f]=h,e.i++);e.g[f]++;c.stats={targetId:e.id,clientCount:e.i,totalLifeMs:Math.round(h-e.j),heartbeatCount:e.g[f],clientLifeMs:Math.round(h-e.h[f])}}c.failure={failureType:this.failureType,data:this.data};g(c)}}return new d(5,a,b)};/.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0.*/.let q=globalThis.trustedTypes,r;function t(){let a=null;if(!q)return a;try{const b=d=>d;a=q.createPolicy("goog#html",{createHTML:b,createScript:b,crea

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1103
Entropy (8bit):	4.15184474742952
Encrypted:	false
SSDEEP:
MD5:	C2F753E3AB6697D5B26622378EDA6316
SHA1:	7E11919FB2DC2E3E5126B1A12BBB4A77926F979C
SHA-256:	6C9D8B95569BAF9D7CA9B9F3B15394132E3006B47E3907F829AD0D21FD683DF7
SHA-512:	3D56CEA9F4CEF69ABDBF7BC191E2468F4E5481BEF49FE7B39B9CC0767F3FC7752CB4E44BE20851B764C932FFA163F26694EFD61D5D960D554A990BCD54E143E0
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415f7_navbar%20drop%20arrow%20white.svg
Preview:	<svg width="14" height="9" viewBox="0 0 14 9" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M13.7098 1.20998C13.6169 1.11625 13.5063 1.04186 13.3844 0.991091C13.2625 0.940323 13.1318 0.914185 12.9998 0.914185C12.8678 0.914185 12.7371 0.940323 12.6152 0.991091C12.4934 1.04186 12.3828 1.11625 12.2898 1.20998L7.70982 5.78997C7.61685 5.8837 7.50625 5.9581 7.38439 6.00886C7.26253 6.05963 7.13183 6.08577 6.99982 6.08577C6.86781 6.08577 6.7371 6.05963 6.61524 6.00886C6.49338 5.9581 6.38278 5.8837 6.28982 5.78997L1.70982 1.20998C1.61685 1.11625 1.50625 1.04186 1.38439 0.991091C1.26253 0.940323 1.13183 0.914185 0.999816 0.914185C0.867804 0.914185 0.737098 0.940323 0.615239 0.991091C0.49338 1.04186 0.382779 1.11625 0.289816 1.20998C0.103565 1.39734 -0.000976562 1.6508 -0.000976562 1.91498C-0.000976562 2.17917 0.103565 2.43262 0.289816 2.61998L4.87982 7.20997C5.44232 7.77177 6.20481 8.08733 6.99982 8.08733C7.79482 8.08733 8.55732 7.77177 9.11982 7.20997L13.7098 2.61998C13.8961 2.43262

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	5868
Entropy (8bit):	7.951192921832952
Encrypted:	false
SSDEEP:
MD5:	09F378C89A7131257EBDDCA147ED59F1
SHA1:	54A6B5F3FFF19D38F200A9523456BD9D70C4467E
SHA-256:	09CD67DCE2364D55CADA2ABA21A9ECCD2A48B669C60B30920CD271AEE233676C
SHA-512:	D874D741384467C45C11681E4247AD3B6826D7D066DD35F365E87A7A758A0C40949CB10A5CEABF9FFFEB0EDBCC0089F04239F68DD7DF1F99FF719649F6987028
Malicious:	false
Reputation:	unknown
Preview:	RIFF....WEBPVP8X....0......h..ALPH$........:%..=....N[.....[....X..niW.....E.....9.3.8.............m....E..>......u..?f..9..f.p.rL.........g+g...'a..)...O@.".....C...-G.{X...............@(...).-].[.......Ef.iT..2LD.#..-k9...X..s;7$FJ..f...W.wa......P.rq.....\H-."..S.%....G.x..B:..&N.^..d\N.....`#........E.4.!...RW...2{'B..)...`k.X....\|Uo..?..d.$>......\4......2.....5.U[.j..71.....)..H....Y...g....S.../.%s_.P....]C..@.q..8<.H...7.....z.*....E..{^_K...n.U.EH....[)#.J.U...0........#O...).0.k......Q....N.VQVe..........`.=..H.p...?.R[~}....W..w..o/H.~@.......h..$..8......jn-p.t..........t...R.......3.U1.7'.........U.X)..A...P.U..$.C......H......I..)..U.?.t..{-!$'...."W.b.=.../...../..B...k..2..7..H..0.}..".5..!&..w.....B .J(.&....Ex...9..!..F....2K.J%......y.Bx`..b......M.H..HD.;/..L.+.....(... ...Cxd..u..s....:8.A..Ht}E.&...4Z...._ .+{...)O.....U...'..6.!1.2.'... ..O....%y.MD.7.BX.........8.......................T.......'.!.....Xx.bOw..@

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1185
Entropy (8bit):	7.758904469511149
Encrypted:	false
SSDEEP:
MD5:	1170AEBF0814FD7718322A59A3203868
SHA1:	8C1195403659323340A6E1D7D0AF8864F6EE5B7F
SHA-256:	57D653D09DF0F452572C3848242300EA71656C25A0BD5488DE6EA9F63E89EB2F
SHA-512:	1042403AA7197A64733BD39331476A2B0590E8BC630695187DB96B502AAF3BD7979DF7FA005646598D9A46D31E06A9B28E62C3FDEA324230CCF89A81A63489FA
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65b7bbca9c6f57c6766b78db_favicon.png
Preview:	.PNG........IHDR... ... .....szz....hIDATX..KlTU....s..jg.......(ua.Ix$(..(F#.7.\.Zu..c..F7.W..&......D.q.....P.w;.....8.sQk.-..v.....;.....Hh.._s..#Z.^#.-..1h. J.L.$....\|.c...FI....~.q\|...ZF..q....;C.p.y0.`...s+...AMU.r_...#.N.<..._........b..h......j....>2.;..9.(#..D...=O.Z.........D....B..@....I.^..;..ma$....U....iy..wk.D._.E.C.g.w.9Fc.....D....g..1..&.@..#.........(.`$Y..".,.......s{q.d...%..i.5O.J.:.a.9.Q.M;....eHK-.~m0...M...=...6.....N!.5(z......d{..h%... #..X..,....c...iLU)...6.1=K....+/.[zi..y..PK6.@)hc ...<L...`.....N3.Ci..O;...(e.Zl.....F....I0.8..J..g.C..@.......0r.zaR.j..-...,f/.."gR6.c.ri^...'....#....)....t.....q[....4KY.p.Q.Ja..z.....oY?.l..H`..l(.......`..J.x.p.{.3.Z...9l.j.".E....ZK.@.....-=..L.....l......r...h).X..GWG......R.XV.x.....m.......ii.."..........p...q...r.a.t..:.=.....R1G.^p>cY...X..DZ.\w......<Kks.,.2q..J%.....l.B[!....:;.t.(!...X..K1q.......P.....0f..PAx...J D).g........m>..?..^...9.P...4.'E.*.....Q,.p)..

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	2584
Entropy (8bit):	7.888979746326396
Encrypted:	false
SSDEEP:
MD5:	3F6DC263D88F5766AF81E2F8473A1294
SHA1:	54170D4C8E814BA8595B097809E9DFF8E9440CAC
SHA-256:	DBA4F2ADE04C0AF8C8FF13066024688E12C3B9928C0083BE850298CC907904A4
SHA-512:	C8D2ACE7884C32F1E8D10F47F3CF7E1D8D348A81C477456EB184E8C0E9EF95157836A6DA994B57261194F4546C65F425CD9D4530180A0F82EF8D7E15A36C08D6
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415d8_logo-farfetch.webp
Preview:	RIFF....WEBPVP8X....0......h..ALPH.....!1i.......I ..?.....\m..Iz.=.m..#.V..s.s.s...5#...Q.....DL..x...\|.m.^../N....E..L..m......c.6..5..M.m..I.$?<........@......E^...B.z.h.....CQ).^X...)....o.SJ._. ..;6....,/......e.7n.h.`.9:......O.....I..<i...wtKi.hZ.26......O...#_VzO6k....5..^....A.+(7i...AA}...R&...,.G.\\.Z....6Fi....&h[ElC..m.@&....t.d..d}2..R._...U.T._.=.......M.XDi....=...N...z....[w.....F....m.=Y.4.>..Q.._.. .......s....X.....n..W.M\|.......sP6.[/.E.-.-..X..J%...r..7..s.0..`.(......f...Qc..P.+.@...u....K ."5 ..8.3...5...bq.K~...+N...@if.r..#...X.....,....S)`us....+...#.Q..$........p.K$.. @.y....B..s+>p..a...+.a.zl.....,....p....p.C...we}...1.4A.e.../...r...p.....A`m.......G?..............p..S.M.........5....N?.._V(.A...R.x M..m....!P.5Ql.L]..6...5.)..5..3t...d..9?Wv1.LYsZ7(...C...'ToO..U.......l.....C.d.mv..B.B.X.\..#.....01[..pqY3`.8..Mk..j...])......%.N....m.B..O.+yo}x..._\....I`}C..N...RsS \|.-.../],..w.^.J"..x..[j.v?.I.....

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	1724
Entropy (8bit):	7.852455848327545
Encrypted:	false
SSDEEP:
MD5:	569FE88A72A67024AB2E26D01F8376BB
SHA1:	6D82D620DC7AEC4C3763D32AE8CAC76816A154B1
SHA-256:	67EBE63EAAB839D59B43E1046C087B6885237E759B9224FD7747CCC3C0C0D77F
SHA-512:	1422303F4B78418B3F8882DA611ADF88B37E824DC72DFA1DE69BC010B5CAD46A53E1A7BFE121148E333652D7EC64289F511083D30124BAAE20E33D0849DB8270
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415d5_logo-almap.webp
Preview:	RIFF....WEBPVP8X....0......h..ALPH)..... .HR.\|.....$%..I..?!....;.s.6.~.=5]>.VP8 d....).....i.>1..D"!....8 ....~>L~Tf.D1.....@.0...........?gO...=.?b..}....d...f.....}.....0}.}W........O..C.5..........o..!.%8.@....;....7.....~...^G.......?./.....y..;....O......he:.1../........a.....[...kv.]E.>..'M..SuF..<..RNZz'..u@C...T.\c#.........J.6H....]..K..SR...X..:k...D....z...#&.=.oe..<..,`.W_.)#.3....../.yF.................EFEk..n....G.Ey..`t....=.C...yke_r..w.yw...H...q-.nZ.]H.....i...b$.y..KIH.3.......;!.R....>.......?.=.v,...;.0..........?....T.T..-O...d.!E....[z...~.k.L....p.6.>.....3..>.T...+.^UV.6...3.<".C......_.q.....U..(40..CO.....5...u.........%..3 H.g....Bm.r}q..+.w..jZ.#..j...3.."^.yc.`..?...'u.tO.......5.......3b.p#:y.....&[...i.Z^...`...>.8........L...!w.RB...6....X..1..>.(....A...^6...@g9..._..A.=*..:....M..:......X....8F.&@u...2..@.ed5......S....p:KY.p..$a.t..U../.....;...d.jS..B..@]..v.A...&f.j:k\..b...t>.L..D...

Chrome Cache Entry: 169

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	3230
Entropy (8bit):	4.270698518134394
Encrypted:	false
SSDEEP:
MD5:	EF5520C3E3E95CD7C24B2FE90210B633
SHA1:	BA4C87A23559C2127E836EC900AD4EE0EEF630D4
SHA-256:	90F9F69A9DE1222747E7BA2DF1C2906150451A434A7C81A271D012350723F88C
SHA-512:	75536362B869598379C2A8C6C82D72612E4A41BC0E85774E8A586F5E33BC8D577EA56615F2AEA131DF2B8E34C082172EEEF1DF405D327A6A2D271C6143D968C5
Malicious:	false
Reputation:	unknown
Preview:	<svg width="235" height="80" viewBox="0 0 235 80" fill="none" xmlns="http://www.w3.org/2000/svg">.<g clip-path="url(#clip0_2718_615)">.<path d="M28.6672 23.0803C40.1035 23.0803 49.9468 29.9163 54.3216 39.7194C55.8671 36.2302 56.7468 32.3849 56.7468 28.326C56.7468 12.8262 44.1692 0.269653 28.6434 0.269653C13.1176 0.269653 0.540039 12.8262 0.540039 28.326C0.540039 32.3849 1.41975 36.2539 2.9652 39.7194C7.38756 29.9163 17.2309 23.0803 28.6672 23.0803Z" fill="#0081C6"/>.<path d="M28.667 56.3587C17.2307 56.3587 7.38737 49.5226 3.01257 39.7195C1.46712 43.2087 0.587402 47.054 0.587402 51.1129C0.587402 66.6127 13.165 79.1693 28.6908 79.1693C44.2166 79.1693 56.7941 66.6127 56.7941 51.1129C56.7941 47.054 55.9144 43.185 54.369 39.7195C49.9704 49.5226 40.1271 56.3587 28.667 56.3587Z" fill="#80B0E5"/>.<path d="M28.6671 56.3585C40.1034 56.3585 49.9467 49.5225 54.3216 39.7194C49.9467 29.9163 40.1034 23.0802 28.6671 23.0802C17.2308 23.0802 7.3875 29.9163 3.0127 39.7194C7.3875 49.5225 17.2308 56.3585 2

Chrome Cache Entry: 172

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1055
Entropy (8bit):	5.041458922231722
Encrypted:	false
SSDEEP:
MD5:	190AA597F45372FC8BCCC9212592310F
SHA1:	2333A48772056989E6666E553176B9C8BA3BF8AA
SHA-256:	7F942AF67CACDF3E62F7896D1DE8114D1A14E138B381C42BCE4222E4D2DD63DB
SHA-512:	B2AEFD528BA6F969E3BB9E6D6AC36B4078FAC14008325BFDF48CAD842547DAEA35332105E0ED192C75A398756C486807FF4DD9915CBE0F1F3AA172FCA6E1F9C5
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/6671ac5a71574e35a9b8127e_usa-flag.svg
Preview:	<svg width="21" height="16" viewBox="0 0 21 16" fill="none" xmlns="http://www.w3.org/2000/svg">.<g clip-path="url(#clip0_2586_1040)">.<rect y="0.5" width="21" height="15" rx="3" fill="white"/>.<path fill-rule="evenodd" clip-rule="evenodd" d="M0 0.5H9V7.5H0V0.5Z" fill="#1A47B8"/>.<path fill-rule="evenodd" clip-rule="evenodd" d="M9 0.5V1.5H21V0.5H9ZM9 2.5V3.5H21V2.5H9ZM9 4.5V5.5H21V4.5H9ZM9 6.5V7.5H21V6.5H9ZM0 8.5V9.5H21V8.5H0ZM0 10.5V11.5H21V10.5H0ZM0 12.5V13.5H21V12.5H0ZM0 14.5V15.5H21V14.5H0Z" fill="#F93939"/>.<path fill-rule="evenodd" clip-rule="evenodd" d="M1 1.5V2.5H2V1.5H1ZM3 1.5V2.5H4V1.5H3ZM5 1.5V2.5H6V1.5H5ZM7 1.5V2.5H8V1.5H7ZM6 2.5V3.5H7V2.5H6ZM4 2.5V3.5H5V2.5H4ZM2 2.5V3.5H3V2.5H2ZM1 3.5V4.5H2V3.5H1ZM3 3.5V4.5H4V3.5H3ZM5 3.5V4.5H6V3.5H5ZM7 3.5V4.5H8V3.5H7ZM1 5.5V6.5H2V5.5H1ZM3 5.5V6.5H4V5.5H3ZM5 5.5V6.5H6V5.5H5ZM7 5.5V6.5H8V5.5H7ZM6 4.5V5.5H7V4.5H6ZM4 4.5V5.5H5V4.5H4ZM2 4.5V5.5H3V4.5H2Z" fill="white"/>.</g>.<defs>.<clipPath id="clip0_2586_1040">.<rect y="0.5" width="21" height

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Category:	downloaded
Size (bytes):	63748
Entropy (8bit):	7.996818176788358
Encrypted:	true
SSDEEP:
MD5:	6887B6F24414DBC612DBF42CCDC76B70
SHA1:	8068D3ABFBC6CBF35B55919DA45B1F4D2D136238
SHA-256:	FC5C015FC32518F1ED810FA84CA28941EB9D5A3C81ACC8DF69A4DBBEEDEF7B0C
SHA-512:	00F08F9DD648972C9571547E06172D5505DD13F577FE2E65A497D3856172807AC11C996984E4138D2EB2AC784257FE61864AEE15752FE9E9E76F98DB931E0C2A
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415af_Roboto-Regular.woff2
Preview:	wOF2..............................................b...L....`....T..<.....$..s........6.$..8. .... ..I[sZ....._.L].E.....].S!..M.V.v......ZF..\|....x\|......._.Ld..i.$...)...ms.:..Q..0....l`h;.W.=Q04c`]...l.].L...1.4...7b.i.r....+aZ..Og..=u;i.q....P&D.s..S.]..?.].U.O..o....1K..=.Q...^..x.o.?.r..0.m..08......X.J........iC).HX9.....j.j....)G..K.]U~.L.~..&...W.p.Z......!):x......p21R[.@JD1...4...]4.. ^M.O3D.._.....v...%_..^..M>n&S....4s...[p#J..z.....Z1.......V..'{..$)&:. L.Kg.J.,..~Q...w.,.! ..\Xb.G..O.....i...d....Z...K.....%x.b...W..b..C\|z]..I.Z..(_q.3i'3..t+..R.....v...yd6a!{&m.oE..:.....t.S......1D0~d aQ#r.Q...+`,.m..c..I..(.,tX`^^..x..F.......H......V.$DT"J:O....N..w.RZ..1.2r...@<..Gw.X%).&i........0..... +...0.#.kxD..1h3.N.d.u......W.k........{y._X..uT..Nt..I..[uBV.....`.x....@.$..C..`...u...F....!.f.F.PQ...s....8%....;se$....N.O..J.J...E!..%.......!Qx.4..........#.4..<..}.*../r..?..(.....j"..@..":QdC.....M<r.k.[i...Ye..7....Z.$N'..w}...,..r.\.>.

Chrome Cache Entry: 175

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	2428
Entropy (8bit):	7.896383017062833
Encrypted:	false
SSDEEP:
MD5:	47CF95E322BCE55695C6DAD1A728AE53
SHA1:	8D059B74C259BC8BCA61D25C9DF3679275F2F6A2
SHA-256:	04010ED2376A9BA4D7378DACA48DF286BA25E8E3FAC4C01770A13DD17F4BE50E
SHA-512:	D0976701B57E7A8D7B7007F8F451D1B8CBFFF327080053D3AC05D46B722BF055B67EC871B9A9CD2212219EB82068CE33E94FD36FE8179AA80C4064C1A93F07EE
Malicious:	false
Reputation:	unknown
Preview:	RIFFt...WEBPVP8X....0......h..ALPH..........F..WTAh..b.D.x....4.Y.=.....vrww.....C..PB...$....../.W.T..u....i ZaM.e.C.... .W...j..p....Rt4M.ZZD@....D..~.U.d..7LS .z....bk.8=-...^.=B.s}..q]m4......O.d.].=`;......-.F...t..[o]my.....7.X ..R...D.V........v6n..ho....T.6W^. e...\..7w..v.q_.....\...".&j.=.?46.l&SRP6.....p.....E`.V..-..4..._td.'...FB@7....;y....Wj...7..G:.8v.U.o...-/#..N.D...W...,...+.$.5&..g....x.s.Y...GFFD.Y.6....`9.}.1 .........F.................F...c$.. .\|(..W.n...x.....us;.h.]......... .'..R......{..!..q..!.Mtq....!z......1.H.@.\~.p.?...O.t.x\|.._.....g.M.O!......f@.~VH`..L&..R..#R.."_...s$p........t.O7..//...o.<.j(.'"........v...V...,.N...\|...7..O&.!.yO.....1............s.....}~_4U.j..M.i...V{....P..C...4.zL..>.._.0.......Cj p..X...Zvw....C....d..hh..x="...DBX...9.!...?.Y.....xc....t...l..Hg..q. .....G....=5e.P<..3g.......m%.......t..aIy.6...?.Z2..cBb.7.v.Y.)....W%.A!4.p....s..N?.zf$.KH.]..8`.7..v..b...7...(7.....

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	18788
Entropy (8bit):	7.9895942044404835
Encrypted:	false
SSDEEP:
MD5:	45959FE32A13CDEABFCBE9C2768DA04C
SHA1:	142F141A628B144C3763ACBAFB81B29D619BB852
SHA-256:	C4ED0B72F55A34499065EDC3BF9661B565F600958E72583BD1156D4DAA22B754
SHA-512:	4804C519195463CD9D88B5A3BA99BF277B5F1C5AA401C65E15C24C1E10E731146F121F621BE490C39482534BC1056EE2FD7AA3816ADF241FE959C39E759B5F89
Malicious:	false
Reputation:	unknown
Preview:	RIFF\I..WEBPVP8X..............ALPH4.....p.....L.6%Yh.o.......?.........?.........?._.^1VP8 .I......* ...>m6.H$#%!#......i...N..aQ.M.N..n......{..b.^d_...................m...../..?......}.=.....~.......M..{..u......=.?YzNj.Q......1..\..s.5(.S..'~..;.k......~.tY.5..y..%P.....o..0.l..=4...s...OM;.......#=.@Jj..].n$.D...)..Zj7OB.J.~a...c./.1..u....h.sq.Z....9c..wedXi,....@.j.id.P.....\vZN..@w.(#.Ay.#.....jI..7.@P2............zc0...ay............{.<.nz.Bt.^..z...KfF.L<......?.w...c../.\OMl^].1....6.........OG~W...{.ws......$.):.E.iT.?.....@.{...uj...@.]<._....Nn..{C..n...0..]...G....J....&s......@....,...$.r..<7..,../..n!}.....q...4..... .l+!{.F.$.FUR.i.5..,.JJ..5..[.....6.\.ed...76.......@....,.Hz....C..C...6...2..'.b..1.nX..............._..]...(#.g.$bl....#.......).7)..4...pI9...6X_...T.3zC...8X%.Tg.E.T.X.y.?...#.0p..w.../.\|r..=m.*.>`.3..F.N~.#...e..?Y.T....NCWN..Jo...>"..L.C.j7....m.o-.O\|.....A...z....N.`...bo....]`.C..tb..u^.?F0.#.=&

Chrome Cache Entry: 178

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 313x625, Suserng: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	20314
Entropy (8bit):	7.98878247812836
Encrypted:	false
SSDEEP:
MD5:	5A337A24686519F5A44C527B6756B176
SHA1:	F8F0D77AFB78E847BA7C8B36E7D91E1D797794A6
SHA-256:	A09B7F890A3C97245447F443245509F43CB34B3C398872A956E42691E9500909
SHA-512:	A77B2AB326628B1FD3A39E9B6C642F671CBB369B6B53ED981A80A5A639D03CAA338E3C22B15E372037495AD63C8C2B0AA4DEF728DA6AB0228EFF456ADEFE5A9E
Malicious:	false
Reputation:	unknown
Preview:	RIFFRO..WEBPVP8 FO...{...9.q.>1..C.!!.iN` ...._5G.;.$....s............y.....n.....#.G...O._........W...o.....?._......{.....L.......m...#.C...'.....?.~....S...i......................i.........................._7?I.U....\...../........Q..........?.~Q...C./Q...............Z...7.7.?..s_..+./...}....k...............O..w........:.o...S..._.?..{?.....5P.....kU..t.....;].\.J..t.........M_f..p...P3..T.......Z.?\..U......\t.R....7......A;..........Ou$V....B..0....x.Op.?..1.....L...b.D3..<.\|}..Y.ib9z..v.>>.-.......>.Y-HD...0.v...J.[...m..(...NV.+.Y.s.....Vv:.b.W....+9..AS.4o...n...=M.........W}..]A...m\|0-.M...i.`.e.J.X..H<L\b;u..H`:..f......_..l.......92.'w...].`.7.~.N..E..`e....Q...a/u...!3.?.........!..4..=.... ..fx.5./.....i:.,0c...zn$.>..'..R.>...U..b=5q/..T\.......#.R.9*3Vs}..........\~9".)-..o..&rW..........Z.\.@.Y.51$'.......=..~......vF..V...#@....S.....I..P..'..w.}5...\|.Q.ua..5.......Uj._{...........Oa2\|..=...R.9.L./...y#?

Chrome Cache Entry: 179

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 313x625, Suserng: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	17598
Entropy (8bit):	7.986408295095829
Encrypted:	false
SSDEEP:
MD5:	DB508C4CF753000A23C6A610EA25357F
SHA1:	2C7A01D36904D3F6ED841A73CB8C3104661B0F8F
SHA-256:	714DAAE4D956DAC0F0C1DC83EFE1C0155B4B5E556928909EA8C2B9FC1901FFC6
SHA-512:	FE8C812DE06C75CBEC6A22190999606910DCC8F9A99FDB61F71C86AA761398505A975B830494589A80943727A724CDAAB652EF3869B42D16522775BBBFF45D50
Malicious:	false
Reputation:	unknown
Preview:	RIFF.D..WEBPVP8 .D..P....9.q.>1..C.!..... ....p.8.R.2...n..._...............O.>O.......g....{....k............}g.......w./.....].......).../.G.o.O....:...../.G.....^..................o....O......?..^....O.....X.......G......?._...=..../...}..;......p....\|K...../...~....O.?._....b......._.=..w...~....g..._......K...7.?...~...C.;.'...O......fxWzg....._......-.w.....O...r..~c.O........a..........g.O...9.......hG#.!......$k.o&....;..l.....d.b.d....#.M0y&J-...d.%....?S.`.X.w..)..R#.V._^...s....h.......dF.....af.\....@.%.Z.O...j3-{...%.3;.;>.tF.!2K5..,..H.....v...kFNI.D.... ..k......Db...@..^3.E..?..`..I..hfns......D.[c`....H.W..3a...m}LF....&m.!..4l.....i..n...!.Zb"4!..I....... ...J..=..$G...Z.f.@K.....D..I..S]..^z......#S8..}w.EZ..b...;...w.^H.H.w0...B.l#..b.....c....aq...^...}x...A."..b:.C......A...h.}.=..i.d.....K......w.7C....K...-.K?..i........"y\....b.`......F.h..._Cr.RI......6...k.-.%$........q......w.......1.#...l.@..i....Y.;.

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	6244
Entropy (8bit):	7.797015744673386
Encrypted:	false
SSDEEP:
MD5:	DD4AD44869ED2D26B4AF5F6CBEB1BAD4
SHA1:	ABFD4B66B753EEE8F207A4F26F5494E4ECCF184F
SHA-256:	418F10D26E6CA9EF554540E5A9F697C09CC98961816D003FE4F3FC1731E1D586
SHA-512:	63040B9886D472757835A537D136450305D4E91035AFAF933F2FCA31B0BF511CD68154C5161CDCF9BBC6A854DF7E93EB63EDBBF110C33D57455C223FE553DC5B
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d24160e_company%20logo%20baw%20clothing.webp
Preview:	RIFF\...WEBPVP8X.... .........ICCP........lcms.@..mntrRGB XYZ ............acspMSFT...................................-lcms................................................desc... ...@cprt...`...6wtpt........chad.......,rXYZ........bXYZ........gXYZ........rTRC....... gTRC....... bTRC....... chrm...4...$dmnd...X...$dmdd...\|...$mluc............enUS...$.....G.I.M.P. .b.u.i.l.t.-.i.n. .s.R.G.Bmluc............enUS.........P.u.b.l.i.c. .D.o.m.a.i.n..XYZ ...............-sf32.......B.......%.......................nXYZ ......o...8.....XYZ ......$.........XYZ ......b.........para..........ff......Y.......[chrm..............T\|..L.......&g...\mluc............enUS.........G.I.M.Pmluc............enUS.........s.R.G.BVP8 ....0n...* ...>1..C.!...d0 ....p........o....!...3...~?.U....M...h~......?...<S./.._....n.........P'.=...zi.7.o......R.....d......_........X.......?......o. n..,....Y...\|...&.f.$M.. H..@.7.0."o.a.D.,....Y...\|...&.f.$M.. H..@.7.0."o...........$`A...........q....+6.*......!..ZR.

Chrome Cache Entry: 182

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	3410
Entropy (8bit):	7.921484180910444
Encrypted:	false
SSDEEP:
MD5:	EC6BC941536E5BB825C347318C7720D8
SHA1:	8DC7883E9E701FC1E8691848D2E12D5A0C58B9A6
SHA-256:	7CE7E6B5636BB1A7ACFDA058EC4072035E7E47039B24975F4DDE17A59B4EABD0
SHA-512:	C9A4F3175BA2B2DC6AE52552EE3A30CAE6A256D7DE93ED76971D8071404F274BC9AF606D1BC7DEF185580F0BA1C2A0C43B755F132458E62ABEFFE849BF0BFCBD
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415cd_logo-drogaraia.webp
Preview:	RIFFJ...WEBPVP8X....0......h..ALPH,..... .HR.\|.....m$).O...i}..O.l.V.K....9+a...VP8 .....>.....i.>1..C.!.... ....~>L...'.'...o...n.Q.J...w................E.).......;..........._.}I.t...C...W.?.?.=..d..?d=1.d...m.l...]...G./..n.#....%.v.P<..'..A..}....g....v}..I........_..k......?..s...:......?..P.K......&.$.O...G.S........?......I...O.....?....e.Z.z....l.ri.<.....;3\|..bBn.......\|.?<{.g.-.J.73;.ZgX..v...?.XaUUB......~....#o.......fi.I..~.S.n.......4.......Pa...e.O.]....".o4.e..;....NNft66.-..n..&.q...y..A.(.......!.y..W1.b.6..7..D.4h.l.....y...\o6...Z...I...a.T.........}P.._.7..?.$k...+i....?.D...I(...D.......\|l..Gq..U.B....~0.!.S.E.B.\|Q.%.pdX..+....@....?.9$.......u..s. o..h.-..;~.G....\|.Im..T..S..../...-....&...".......[..;..f.....=..Y\|'.n..~g.........p._.5...y.qs..C......T8.x..-.q[.....;v.)"....]......5...'lK.M.M#.Q.T.3..;%..%..v.Y.gz(.O...-.[.-...K.......M....w&..f.D=nn..i..e."..gF.p...qJ..e.n..}......B...sX.....Go-0.~.._.L.....

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9113), with no line terminators
Category:	dropped
Size (bytes):	9113
Entropy (8bit):	5.300576191647459
Encrypted:	false
SSDEEP:
MD5:	5C8F4A46A21DFF724A763101B646B4F3
SHA1:	FBE7C978E0C99D1A22BE935D266DA915A2D400B0
SHA-256:	A2BE364E2921857C3E1415E1E9E74E5628A02318662A25DA27A23DA90929C84A
SHA-512:	AE0EA77EF19A92124DBAED732D5181A06C54CF696E96A8DD65AF90E0B5FBD62919901E3E3B4F405350057A2F6F9633E5E93E76F5D932FDE9CB988CFFAEF745DF
Malicious:	false
Reputation:	unknown
Preview:	window.blue={},window.blue.isMobileDetected=function(){return!!(navigator.userAgent.match(/Android/i)\|\|navigator.userAgent.match(/webOS/i)\|\|navigator.userAgent.match(/iPhone/i)\|\|navigator.userAgent.match(/iPad/i)\|\|navigator.userAgent.match(/iPod/i)\|\|navigator.userAgent.match(/BlackBerry/i)\|\|navigator.userAgent.match(/Windows Phone/i))},window.blue.isFirefox=navigator.userAgent.toLowerCase().indexOf("firefox")>-1,window.console\|\|(console={log:function(){}}),function(e,t){e=e\|\|"docReady",t=t\|\|window;var n=[],o=!1,r=!1;function u(){if(!o){o=!0;for(var e=0;e<n.length;e++)n[e].fn.call(window,n[e].ctx);n=[]}}function a(){("complete"===document.readyState\|\|"interactive"===document.readyState)&&u()}t[e]=function(e,t){if("function"!=typeof e)throw TypeError("callback for docReady(fn) must be a function");if(o){setTimeout(function(){e(t)},1);return}n.push({fn:e,ctx:t}),"complete"===document.readyState\|\|"interactive"===document.readyState?setTimeout(u,1):r\|\|(document.addEventListener?(document.ad

Chrome Cache Entry: 185

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	6182
Entropy (8bit):	7.9527986533968855
Encrypted:	false
SSDEEP:
MD5:	4A626879A8B99CC59F02845C8C8EAC1A
SHA1:	E6EF44CB5FBD67A12E3F5E5BD0400C46A4855138
SHA-256:	E3387BB5903D042DC7ED92598ADCAB3079499664EC012817D1965D5DB4430EFA
SHA-512:	8F71A9C0872F541F6F21E9EF845AC08F424B370F8AD5507BCE028C855DD52D87E8E1E502B67EE80DA50743106196F424BEB6D66BB807EA29A92E856435ED6D3B
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415ca_logo-centauro.webp
Preview:	RIFF....WEBPVP8X....0......h..ALPH...........>..$K..p.$3...L.[Z*,333_.aff>...e.r...8..X2H...._v................F~.4.r.K.....8..e..8.0........6..&..t..a.,-.{.2?.Uid.V=..!e......m=.).r..........Q...'..lv\...?H7. ....( e#!.H.a..J.<.^._.\......y..W..E..$6...n....qx\|\|\..../.....Q].....}.....w4.....'..\|....%y......,.........T\|....r.7..h......R.C.!7.....d..c.b...y..5$f:...k.. 826>!t.0.b.G....M.^..C....>..C.N....."...W.......Cr......M.Y.B...(^Z...P..K@l,.n.k....c......^.E?^Z.[..l~.O.......S.n..4.W..!.6.H...`.4...n.;g<.......[..$f........-.;G`n....0=.`.0...~O........G....>...^.G..=....h/.-?..+.,g.i.4...R..5......jM.F.(h.....r9..R.Q..;.....h4..,....R.v..q...x$..r[Y).m)NK..J.~_.J.J#n..\.N.z.u^&.....<....c..........mB...../=(8....Z..=.\.0.)..`.MYZ...,...G..v.21y..l......@s...J.LL>..@.Q..(..N..t.].R.FJC....y...1}.]r...\w.}.....o......E...M<.B\|h...Y.....8..8.D=..p..'...^...A.S)9rD.g...F/..h....Z.2..).>...a.........R........6..2Q.]\|...w>dq....o\..9!.

Chrome Cache Entry: 187

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	2
Entropy (8bit):	1.0
Encrypted:	false
SSDEEP:
MD5:	E0AA021E21DDDBD6D8CECEC71E9CF564
SHA1:	9CE3BD4224C8C1780DB56B4125ECF3F24BF748B7
SHA-256:	565339BC4D33D72817B583024112EB7F5CDF3E5EEF0252D6EC1B9C9A94E12BB3
SHA-512:	900110C951560EFF857B440E89CC29F529416E0E3B3D7F0AD51651BFDBD8025B91768C5ED7DB5352D1A5523354CE06CED2C42047E33A3E958A1BBA5F742DB874
Malicious:	false
Reputation:	unknown
URL:	"https://cms.getblue.io/cm/?src=adx&ckid=A3E9A909-94E7-4C44-8CECE1C15C613ABC&cid=3CD4AEBE-BE0D-3A0D-9313D7F67DEF58DC&ula=7625555190&blueID=f95716b5-28b4-43f4-8b20-dd0a1a4394f3&google_gid=CAESEP1HwvSVCvEYBrOFkFkICQY&google_cver=1&google_ula=7625555190,0"
Preview:	OK

Chrome Cache Entry: 188

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	downloaded
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:
MD5:	518ED29525738CEBDAC49C49E60EA9D3
SHA1:	9A78211436F6D425EC38F5C4E02270801F3524F8
SHA-256:	C3641F8544D7C02F3580B07C0F9887F0C6A27FF5AB1D4A3E29CAF197CFC299AE
SHA-512:	E97B9CC0C1E22C66BFF31F6C457C2B95B9F9AF955C8A098E043734DF7439031FD1C6748A139D99077EB2DB5F3D98A0E9D05B6606E3D4010EC107A52CD7E43359
Malicious:	false
Reputation:	unknown
URL:	http://widget.getblue.io/
Preview:	@

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17076)
Category:	dropped
Size (bytes):	381192
Entropy (8bit):	5.6610853092642
Encrypted:	false
SSDEEP:
MD5:	932F6B862DA50A9EA7F8BDE8EBF1AD17
SHA1:	7CBF383BFAAFF02F00E8B93635B228A3B7C11EC1
SHA-256:	D73D062179AE64C84C7509D4A6BE389C9B7DFC02898AD6ED5F0E896DF9BE482E
SHA-512:	58380377FA8A6253C50ACE4B50E8849DA40F97522639009074AE0119D3565873D620475AF368068E213DED42A7FAA0FA5B8DF3984D1FA0DB93DE0E132F10F3F3
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_ga_send","priority":7,"vtp_value":true,"tag_id":10},{"function":"__ogt_referral_exclusion","priority":7,"vtp_includeConditions":["list","getblue\\.io"],"tag_id":12},{"function":"__ogt_session_timeout","priority":7,"vtp_sessionMinutes":30,"vtp_sessionHours":0,"tag_id":13},{"function":"__ogt_1p_data_v2","priority":7,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR",

Chrome Cache Entry: 193

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	1703
Entropy (8bit):	4.530806211054418
Encrypted:	false
SSDEEP:
MD5:	82DE17D3FC75C262824953CF46935010
SHA1:	8E4BEDB365BA6B38AF473B10AEAC965CA44F4D60
SHA-256:	525FADB723D9F8B45D942AC38F27EF8636E713A764F9FFB7690B0AB04EC00F91
SHA-512:	27E66DC6268B77CA31554DC0A7405A709AFBF86C28736E2C623279F43512A6F5387D8919A86537484E3D082FA8C7984B3492B4093632911549B8CB8D43E08FDA
Malicious:	false
Reputation:	unknown
Preview:	<svg width="60" height="60" viewBox="0 0 60 60" fill="none" xmlns="http://www.w3.org/2000/svg">.<rect width="60" height="60" rx="10" fill="#E1F5FF"/>.<g clip-path="url(#clip0_2602_2045)">.<path d="M22.4197 33.3629C15.3177 34.0048 9.90693 40.0059 10.0012 47.1362V47.4978C10.0012 48.8783 11.1204 49.9975 12.5009 49.9975C13.8814 49.9975 15.0006 48.8783 15.0006 47.4978V47.0362C14.9255 42.6582 18.1563 38.9248 22.4997 38.3706C27.0845 37.916 31.1699 41.2642 31.6245 45.849C31.6514 46.12 31.665 46.3922 31.6652 46.6646V47.4978C31.6652 48.8784 32.7843 49.9975 34.1649 49.9975C35.5454 49.9975 36.6646 48.8784 36.6646 47.4978V46.6646C36.6565 39.2934 30.6743 33.3245 23.3032 33.3326C23.0084 33.333 22.7137 33.343 22.4197 33.3629Z" fill="#0081C6"/>.<path d="M23.3329 29.9996C28.855 29.9996 33.3316 25.523 33.3316 20.0008C33.3316 14.4787 28.855 10.0021 23.3329 10.0021C17.8107 10.0021 13.3341 14.4787 13.3341 20.0008C13.3397 25.5208 17.813 29.9941 23.3329 29.9996ZM23.3329 15.0015C26.0939 15.0015 28.3323 17.2398

Chrome Cache Entry: 194

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	13
Entropy (8bit):	2.7773627950641693
Encrypted:	false
SSDEEP:
MD5:	C83301425B2AD1D496473A5FF3D9ECCA
SHA1:	941EFB7368E46B27B937D34B07FC4D41DA01B002
SHA-256:	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
SHA-512:	83BAFE4C888008AFDD1B72C028C7F50DEE651CA9E7D8E1B332E0BF3AA1315884155A1458A304F6E5C5627E714BF5A855A8B8D7DB3F4EB2BB2789FE2F8F6A1D83
Malicious:	false
Reputation:	unknown
URL:	https://td.doubleclick.net/td/rul/16533307350?random=1738657289219&cv=11&fst=1738657289219&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5230z8889460454za201zb9123381289&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067808~102081485~102123608~102482432~102539968~102556565~102558064&u_w=1280&u_h=1024&url=https%3A%2F%2Fweb.getblue.io%2F&hn=www.googleadservices.com&frm=0&tiba=Blue%20-%20Home&npa=0&pscdl=noapi&auid=1955217038.1738657286&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1
Preview:	<html></html>

Chrome Cache Entry: 196

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	4022
Entropy (8bit):	7.915838933717679
Encrypted:	false
SSDEEP:
MD5:	C3651EB0EBEBFD8318C1172462DE26AC
SHA1:	8FCF33999E99B3021A1EE56BD2B59D8670DDF946
SHA-256:	28E906C4F1ED091226F5DD6BC19F6F273C98DA2835EB98450AB0BC53A37B5B0C
SHA-512:	7B725F03FD0802BA0A41A4E99DAC86198B4B9218774ADE49E288DEA098D2BBCB5FA188DDB925DFF5FDF3D2EF917EC7E0F4F668A35BE9E661E4E27740D613BFA9
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415d4_logo-mobly.webp
Preview:	RIFF....WEBPVP8X....0......h..ALPH.....!1i..v....$.H.{..H.r...g.....YR.-p(..XQ..(BW..C........._.......#.j.......9o.m.m...c..3..vU.R.z...WDL...........+..s..'....b;4.....!...J.z..$=...!..P....BA..y...V"...P...f[[....W..hb......^..$..j.N._4U...o.h.Tj....:...RI..nx..A..B..#Z.1.J.n4x.;73v..Qh...0&....\|./..N._Z-.(..........$..8@..h....V......Y,](.......n..D...G<7.....x.s7....v..k.nw..i.k..@..uG.m+..\|ccO/C........}d........7x..<.........M...P......F.....w.x....=.!....d.n..0~.....,_P........M...x...... ...E.,....w<...B....0.K...}.3.......u.2,ONO..J.B.@..w.!...\|~.(G....<.D.`..l-.P...%....}3....`..}..../].UK....W)...d0.........3E5.$.A.......1..........._..?....K.....Pve.c.R..`,..Gc.\|I..P....kp~Rlw&c`..E#..h7L.:..I...,.f.._m.KK.XW2..Y.`r(...i3.B.H.@....X....)......;.s.vv...3......S &..][..D.t........J.............(1......Mo..T[f..7>....$....ah....\|s.....p.T..qDUe...8z.3..(.?.1..F.@._.c.o..@.$.A.]........si...A..Wa....J.,......)

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	3222
Entropy (8bit):	4.1761553043505035
Encrypted:	false
SSDEEP:
MD5:	FA934CE9CFFA544A7F4A7C82A95C325E
SHA1:	6162BD1A513FB5586ED48F074D1500D537572C3D
SHA-256:	E39A9442E2CD531DC8039B90B84D30E7BE04FA42569D222C40C9F758A3356A8B
SHA-512:	A5E5EA40B175ECEAE55646C42FC3BE734A3C4AE15F3AFE7B6A29908A67CE3D498C45DB75506192FE1C125DA4A924D11D6B4F9F1E02DA37B7DB0E5C4F8DF5928E
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415c4_home%20about%20icon%20banner.svg
Preview:	<svg width="60" height="60" viewBox="0 0 60 60" fill="none" xmlns="http://www.w3.org/2000/svg">.<rect width="60" height="60" rx="10" fill="#E1F5FF"/>.<g clip-path="url(#clip0_2602_1888)">.<path d="M37.5 10C36.837 10 36.2011 10.2634 35.7322 10.7322C35.2634 11.2011 35 11.837 35 12.5C35 14.695 34.4267 16.6667 27.5 16.6667H17.5C15.5116 16.6689 13.6052 17.4598 12.1991 18.8658C10.7931 20.2718 10.0022 22.1782 10 24.1667V29.1667C10.0046 30.5179 10.3754 31.8426 11.073 32.9998C11.7706 34.157 12.7689 35.1034 13.9617 35.7383L19.2583 47.56C19.5815 48.2861 20.1081 48.903 20.7745 49.336C21.4409 49.7691 22.2186 49.9997 23.0133 50C23.6212 49.9996 24.2193 49.8474 24.7534 49.5572C25.2876 49.267 25.7407 48.848 26.0719 48.3383C26.403 47.8285 26.6015 47.2441 26.6495 46.6382C26.6975 46.0322 26.5934 45.4239 26.3467 44.8683L22.585 36.6667H27.5C34.4267 36.6667 35 38.6383 35 40.8333C35 41.4964 35.2634 42.1323 35.7322 42.6011C36.2011 43.0699 36.837 43.3333 37.5 43.3333C38.163 43.3333 38.7989 43.0699 39.2678 42.60

Chrome Cache Entry: 199

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	3678
Entropy (8bit):	7.924144213116408
Encrypted:	false
SSDEEP:
MD5:	5D6C3337BB6342CECB9307F5964BD55C
SHA1:	3A4D816C4B4AAE26DFDF00A309F1B9F30870CEBF
SHA-256:	DADB0EC9B65886D8D2CB06574332B6B33DDC53E7A49BBF214A686D40D774F8D4
SHA-512:	8B3F62F51E3C3DF73C74723A30BE55A49421E563A9817BFF44266B883D3CEBEAD7EC20E49EC1098171BA48CA2CB60066A0AD86197098E5B355F7F2C697787A90
Malicious:	false
Reputation:	unknown
Preview:	RIFFV...WEBPVP8X....0......h..ALPH.....!. ..'{....I ..?.....7.-..8#..f.....T!..d..t..n.`.7.GL.....$.y.HUV.....m.m.m.g....[=.B#+.2+3...22..=G{mDL.B....W...`.BG..F........).+I...Ra..I..A..$..rQ...8.4I<.L.\|..@.'.j...0g.SM......N.D.x..$..vvuz._.;...!.}...q'...?.z.ZJ.Jun1..G{^.b...k^El.5oSe5..`.Q..6.[.....:...iS^U7:.=.......-.?&...~...Qw:.....,,.I.....pk..ZN..........]x.B3./DQ.Skf.?...)...i.F..M...{......?.GJ...yc..2...,..(.Q.8.&.q.XF.W..e...9X..e...cdY......~.?L...\|.~.g.9.^.,.0.P[w.oqN.Z`..t;.d1-..v......y?..nq..z....7#...@P..Rd..O.{q..C{......:..ll.....V................i...4...`.7....x.Fv..[v..t...@;.X.....z.e..b..M.h. s-..OU"..._....v\v...;..G...I..o....o....../.....A.d.......Z....."..(.....2.2..v..A1....tj.`];a.-..@....f.;v<...v.1.$<....%tjl....z."q$%...[]..<.l.........SS..f.l.NN..}..4`...o...jg......f....Y.]..u...yC~.3...6.......G..\..R..Y.k_..nP.bf,.%..d.Z .8eA.,,3.0D.u.@.\.d.o.L....XX$KeJ........,..*......_.....q%L..^.91......p.4+

Chrome Cache Entry: 200

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1239)
Category:	downloaded
Size (bytes):	21603
Entropy (8bit):	5.4947057918957585
Encrypted:	false
SSDEEP:
MD5:	5DE52675FD2086ECC0C40565E398107E
SHA1:	98B4688F89EBBB92E1C4FC4F4A23F2F6708524B4
SHA-256:	06871F2BFAF96F7ACF5241CB3D596981D7A98D5B22D732863D9B837DD7343E73
SHA-512:	9F04D46C23FC5B9F9CB3D36D29531146F33DACC069B9B6FFE407E395143B9DD4EE9F8672E2ABD3CDF25D10F3DD9B51C8B6F3E4F4C31940B678D4ABBBA18E181F
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/static/service_worker/5230/sw.js?origin=https%3A%2F%2Fweb.getblue.io
Preview:	'use strict';var ca=function(a){function b(d){return a.next(d)}function c(d){return a.throw(d)}return new Promise(function(d,e){function f(g){g.done?d(g.value):Promise.resolve(g.value).then(b,c).then(f,e)}f(a.next())})},h=function(a){return ca(a())};/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var n=this\|\|self;var r,x;a:{for(var da=["CLOSURE_FLAGS"],A=n,B=0;B<da.length;B++)if(A=A[da[B]],A==null){x=null;break a}x=A}var ea=x&&x[610401301];r=ea!=null?ea:!1;var E;const fa=n.navigator;E=fa?fa.userAgentData\|\|null:null;function F(a){return r?E?E.brands.some(({brand:b})=>b&&b.indexOf(a)!=-1):!1:!1}function G(a){var b;a:{const c=n.navigator;if(c){const d=c.userAgent;if(d){b=d;break a}}b=""}return b.indexOf(a)!=-1};function H(){return r?!!E&&E.brands.length>0:!1}function I(){return H()?F("Chromium"):(G("Chrome")\|\|G("CriOS"))&&!(H()?0:G("Edge"))\|\|G("Silk")};!G("Android")\|\|I();I();!G("Safari")\|\|I()\|\|(H()?0:G("Coast"))\|\|(H()?0:G("Opera"))\|\|(H()?0:G("Edge"))\|\|(

Chrome Cache Entry: 201

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	2490
Entropy (8bit):	7.903860039430619
Encrypted:	false
SSDEEP:
MD5:	D31C7874F78FD6DD29729839A219DB0A
SHA1:	D9B46CA0E6703E897B09BC3F46897DB9B6DB68A6
SHA-256:	24E31128DF2ECD15391AE4C823EB48B09033345ECE41B090C76213DCEE5E64A6
SHA-512:	F0A061D5C39A3668236436E41E3E3C7DC7786AA1B82792F5C2D2002822F31926BEA9310D0FABC22B2ACF7AAFC9B7004A9DCBF8A88E6588BA76EF8B9028326361
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415cb_logo-brahma.webp
Preview:	RIFF....WEBPVP8X....0......h..ALPH,..... .H.h....CM#)..8.X@.z0I{..".?...=.l.....&.VP8 `..../.....i.>1..C.!...4. ....p.......{.Z..l^...?........H...=@.)....................a..>.?.^..._...?.~...~......\.......Ofx....h~..S....z......./...z..K.....\| ...s.G..D....z.7.......z....E.;....._.?....U..:B.~..jhG.?. =./.......s..C....!^.=l..'.....[_py.h..^.-h3...kM....R......._.,.f..o.....Yl......v.A.wJTrS...0.V........&..=M..7.a.w.B.....`.\|...+....=..=.$..9...\|...&............^l4y....../...tx.?.{.".......3.k.k.:}..q.%rI4....{.w3....8...{W2..j^v..X...m.y.%...{&..m..\|I.p\f..>.a...:H.>o._"z5..#y.s....p:.dyql......}.nM ...)..~?a.gx..@...s....,R...._l.....Ju..XD....Y..........46w.O!~.6il..q.TS.E.9..s.....&b#..M.[.{(L`-O.9...{.L.V,.....4.k..+R.."s.i.OET.N..^<E....'tpD....G.B:.UsY7.....^..P....O..G.Z..K.;Q;X('Z..l.M.K^<.9<..n..w...p....A.....U.#...#....^j{X.........\...=^fY.5.#....)..~..[o.~M...,.u.M..X.}.......^.$...{..Qq.....lpD..q.1.D.Zv.c.Y~].4U...<.7.........%

Chrome Cache Entry: 204

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 313x625, Suserng: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	21968
Entropy (8bit):	7.988850675400502
Encrypted:	false
SSDEEP:
MD5:	8D65EB8A43FAA318F1218102BF27B6F8
SHA1:	4699B3FDBFEDF02BB366EB7FA478615B1B927860
SHA-256:	0FE86796D92549979233310F6E44E6534D269868B5D3688A65D327075BA02DDE
SHA-512:	A819E82A21EAA2B75EB228982E7A30C6C9F12BB8D945B4E9C2FBBD02EB8D6D343C8A5C8BA6B82BC1EDE2BD879D4CCDF989753F357E1D120CE7A3A9F8528C1091
Malicious:	false
Reputation:	unknown
Preview:	RIFF.U..WEBPVP8 .U..P8...9.q.>1..C"!!.H.l ....[......q..@.Qh.......E.O.........W..........?.w....<.93.../..?......3....._.............._./...?..........?D.~.?..j...3......O..'?................<.c.....E......O./.........k.#.........?...................../P.U~......g...?..y.%.....~..t..?e.....s.O.?.~....{....!........G._....f.........{............~.......?..~).g..._......?..L.U.....'.......y....._............G......8=..Y.[...O........\|.O.../....W.u=.?s.`.1....K.s./Q.............G....a5Xg.."....c.U..1]C.C.....b......f=..?$v&.:...w.... !B...3..............4kg.R..A/..Xy..c..3....fJh.N..XN.R..........o......!..`.......LGB..Zz.J.Z.i.N=..<.#..7.G'.......g...+..r....701..?...j..E7..\.K....<....(..HrC=.i.et..nU........w.:Mb.p...\0.....j^....tb..................B=D......@5.....`6..<.......W.(...T.^..d.3....H...s(9.r.T.QH".]...c^.uI..\|l.%..DR..j..x..X.....9.l..?.p2TV........ff.3Z.. ..\hM..p........<......y@...^a..8......z.[~.mC.v.o.G..O.d.!..

Chrome Cache Entry: 207

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4576), with no line terminators
Category:	downloaded
Size (bytes):	4576
Entropy (8bit):	5.811254353527816
Encrypted:	false
SSDEEP:
MD5:	638B22BFCE1D235229F636AFBDF6F162
SHA1:	2245FA26B087EA693A36D18823DAB90ECB5A3677
SHA-256:	90DDA3D6B31A050B4D70D2FAD5606F2C112C92734D98D60B53F0B01DBE2BC7AF
SHA-512:	6B645A6AB5CDE6043D495846E6D628F92E9FFFB6424BE3FE1EF9DEFD3C11EE059BB4DA1052B5F3258EAB106EC0ECB767D48A0D29B068371C8B02F768B94BF0E0
Malicious:	false
Reputation:	unknown
URL:	https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16533307350/?random=1738657289219&cv=11&fst=1738657289219&bg=ffffff&guid=ON&async=1&gtm=45be5230z8889460454za201zb9123381289&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067808~102081485~102123608~102482432~102539968~102556565~102558064&u_w=1280&u_h=1024&url=https%3A%2F%2Fweb.getblue.io%2F&hn=www.googleadservices.com&frm=0&tiba=Blue%20-%20Home&npa=0&pscdl=noapi&auid=1955217038.1738657286&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=4
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");} var m=k(this),n=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",q={},t={};function u(a,b,c){if(!c\|\|a!=null){c=t[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}} function v(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],g;!a&&e in q?g=q:g=m;for(e=0;e<d.length-1;e++){var f=d[e];if(!(f in g))break a;g=g[f]}d=d[d.length-1];c=n&&c==="es6"?g[d]:null;b=b(c);b!=null&&(a?h(q,d,{configurable:!0,writable:!0,value:b}):b!==c&&(t[d]===void 0&&(a=Math.random()*1E9>>>0,t[d]=n?m.Symbol(d):"$jscp$"+a+"$"+d),h(g,t[d],{co

Chrome Cache Entry: 209

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	3962
Entropy (8bit):	7.938907672599605
Encrypted:	false
SSDEEP:
MD5:	BD339E63B60A315D53BD770278B0960B
SHA1:	8A764B09E886CDA518EC0167E5A88E7777D1DD61
SHA-256:	390B5B77F8A5083E807218269261E7292568DCC7614DBF8C4360E36C3E407162
SHA-512:	80AE2BF614AAEFDB45259F01E8C07EEF571D3DC6930B43A432E3D0C8B3E338FBC1505B7361914F88DF92E2CFCDD8143B9B837BD2BB26F966763673074155EBF5
Malicious:	false
Reputation:	unknown
Preview:	RIFFr...WEBPVP8X....0......h..ALPHv....!1.1^.......t$.@...KDD(.m7.?.2......a...t.1F..L...sp..1..........n.4.=......\|.m.m.Z......L..q.#.d.....1.....]......,..eY<.......".f(Go.....r.....]r?....\|6..(s.S..R3\|.....~E.a..#.S........`./J..%.$:..E9..9.......c)B.>..wm.\..f....6.qx...>vz:..W.....Qz........,...&.G..q[<XgNk...Gy.Z.,..,.\|...`@.......\|....n~....J....x.8....z..&...R.b...V.A.U.4PEu..+...5_..).8.eq..\|n.)^.h.?...Z>.m...nr]NE.85....n....I.1L..1....q. .b..Q.b(.KF2.....K1p...8......F?..pyA...K..0c..s....)u....E........5. .....X..2._.....3.......S.9...wOt..r0...9......}.\.?.......E`.dkF\|\.x .....x.l..X%`..Xr..:M..FX'.. .b.J..(T.B.\|.....D).$.....a.^..25...Yu.}.NB.~."..._....M..+k8...N...MH....ca0.6C}Z.t7..1.3..'.".dJ.....G..~..6..//q.=.,.K..Og9DGyQ\q< .2@... .;...).!......n@1.......++......A.8..kt=.c._..?...Z...4y....r.].p\Wt.L....p.;t.[]N.~7@.17..p.&9@....U.f...'5uyn.h?.R..N.U]4.M..E.@L.#.\F....Q.+.8.@.I..P..d.S....<T$.......Rj\|w.=...h

Chrome Cache Entry: 212

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	43506
Entropy (8bit):	3.8679822530065118
Encrypted:	false
SSDEEP:
MD5:	C01F09EEFCFBC1218CE6988530638821
SHA1:	5BC24FCDF9C1BEEBCB99229B34EF9834BAFA7C79
SHA-256:	06307CA3900FE6E0A8A7C7B644C7EEB498E9B303F890D07D8EA82B82E12D8456
SHA-512:	8341EA2B5B41F3A0D3024C6AC59DBB27D5B3DE219B352B5B20D3D13AB7A101818100B0773915AA2D3189E431976ED9548FF906C0E62274A3B8FD8DCEE0CD9ED1
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415e6_home%20about%20graphics%202.svg
Preview:	<svg width="344" height="237" viewBox="0 0 344 237" fill="none" xmlns="http://www.w3.org/2000/svg">.<g filter="url(#filter0_d_2715_2082)">.<rect x="6" y="4" width="332" height="225" rx="20" fill="#213253"/>.</g>.<path d="M161.117 197.22L180.884 186.075L187.192 167.991L196.234 176.402L222.939 80.3044L238.079 152.01L252.589 119.627L272.986 167.991L283.079 153.272L291.07 158.949L306 125.725" stroke="#04CE00" stroke-width="3" stroke-linecap="round" stroke-linejoin="round"/>.<path d="M47.4863 125.674H50.7949C51.8548 125.674 52.7285 125.495 53.416 125.137C54.1035 124.764 54.612 124.249 54.9414 123.59C55.2852 122.917 55.457 122.136 55.457 121.248C55.457 120.446 55.2995 119.737 54.9844 119.121C54.6836 118.491 54.2181 118.004 53.5879 117.66C52.9577 117.302 52.1628 117.123 51.2031 117.123C50.444 117.123 49.7422 117.273 49.0977 117.574C48.4531 117.875 47.9375 118.298 47.5508 118.842C47.1641 119.386 46.9707 120.045 46.9707 120.818H40.7617C40.7617 119.1 41.2201 117.603 42.1367 116.328C43.0677 115.0

Chrome Cache Entry: 92

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 2880x1620, Suserng: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	112730
Entropy (8bit):	7.994706973546691
Encrypted:	true
SSDEEP:
MD5:	A2DEE14469611A136BA4A879CBF51D2B
SHA1:	8D7FD9A92B7FCEBA3B75FFDC46AE88D25B0E41B3
SHA-256:	E4C23081404260829D7CBF5173DD3B3CF15E7308A529E5BECD6CA96048D3DC44
SHA-512:	3882DC752B9B6F55DBC3F4AD89741681D25AF8AB0DE631C58D0B1D81777933BAB6C54221D47ADB3158C0534D4FD347376B66B9516F244238C9EBEF5A7207CD89
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415b2_home-background-hero-img.webp
Preview:	RIFFR...WEBPVP8 F....1...@.T.>m6.H./1.$.Z0..gn.l.~..y..../c.........9.'=.(...c.t+'.mv..^..w...?.yGzO.o....$....g..k.._.y.z....3...3......7..1.Q......]........\......o........<.....=......S.....>G...s....\|../......S.c...?..s..v.........._...z....?.K........y......{6..x.......?...~..J.............].... .p.6.S...^....Q.g.....[z..7...F...a...%.a..........i.Gj7........,....F3.m.....S.....&.......mH.+..}%C&v.<.6!O.~I#..O...a..:r...wh..p.5..lU.sh....2.........g0]T....zN.....k..........n........L:<R%.....}.u.B"O.@.?..Y.O3.,b.......EW.F...a......eP.@J....P.@J....a..!..W.\|.........:grZp.)L..F{..9R?....k....[.G.....L.t...XC".......x.&...t6F.t..E.}.IR.E...=.........P.@J.........j.. ..j.e.......{.....V...........i.....8...a... %F...a....h.m0..F...^.M8C...G.x......r..../E_....E.Sy..D....#.....l.?@..%k5....Z...\|<p.....^A..rPU.k'......g;>.'.#...c).3G>*......e..]..F......<.1yiT.g.o.+.'$...i...[........"...(..p.m0..F...a.....Q....L9..j..fF%2.X..:....G..

Chrome Cache Entry: 93

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	19886
Entropy (8bit):	7.987468830953805
Encrypted:	false
SSDEEP:
MD5:	78EAD79AC2D5AF372C48293EB74945C0
SHA1:	1620D5F12681E84A5996C1702AA4E992A4900263
SHA-256:	8F2BC61EB6A593063121DF4AF9068B49D1D8FF61647E63A938BA478721D9251D
SHA-512:	BA8A03BF0D4A5ACF7282840C833957FFC5848804EB125D06D277F6FBC0EA929ABDA032506C9BC4E21F2CEF6DA7A20C75FE89AA544515A5146B42E726D28CDB0B
Malicious:	false
Reputation:	unknown
Preview:	RIFF.M..WEBPVP8X........8..p..ALPH ..........@4....k.".?.Y-...........VP8 `M...&...9.q.>1..C.!.!%.Jx@..cn..m..D6.....?.~<x+.~....O.O......s.{..g..g...;.....F~..c...g..._...~X.....K...7..........v...C.......v=F./....._.G.?..._...].c...?.../....>].....4......._......?.e.....g........o....B.?..=.@?.{W............r...9.....u.W........<../..B..}........?'...a.....>..B?..W.....w.............?.?...~H...S.....?......;.......o.~..$.........?...J?....]...k..........k...'......UUht.l..T..X..{aH#..-\|.4..J.s...`..\F.-...H..9+.9xw..-i.S.9K........l.....i........MW......).L&.......r[.'5.t.....~..su.e.b..0...bxw.....}.^...A]Z8....P...x0...Y.w....Y....Wd..(.j.......2......cMq.^.V,.`sE.c:....#..G.K..U.DC(...Y..r.a.~=7..4..i...3$...Q.z..)R.+.....N..'.`..Z~.N1...[..\......AJIU.w.g.S5..`d....r.Qr]P.T ....4.Z....d..E.....u.....X.3.=).6\|-....p.\....\.K...$o.}....B..X.. .$.......7..^..d..._.......fM.2..:-..(..;[..J.u>....5f..J...z."`+J.Mq..+.{.-.....>x.32i.^

Chrome Cache Entry: 94

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4594), with no line terminators
Category:	dropped
Size (bytes):	4594
Entropy (8bit):	5.820028043687755
Encrypted:	false
SSDEEP:
MD5:	7118720EE7CC0B0C6802B467BA053A6B
SHA1:	0F2742956A573F65CEB18D4AE1E72B3A347C0441
SHA-256:	143BDF8CEBA1BD7DA2CD7E68ACA75874ACA9FB0C1FBBA8121392F880B3250C38
SHA-512:	2FFAF224B76915EFFB34A982485EA2843A591ACDE7717D191ACCBEA442737FF8CB6F50B8D06A7AD2D5F77D60720426B86A41DD7CA6E535089CA47CCAA67A0732
Malicious:	false
Reputation:	unknown
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");} var m=k(this),n=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",q={},t={};function u(a,b,c){if(!c\|\|a!=null){c=t[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}} function v(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],g;!a&&e in q?g=q:g=m;for(e=0;e<d.length-1;e++){var f=d[e];if(!(f in g))break a;g=g[f]}d=d[d.length-1];c=n&&c==="es6"?g[d]:null;b=b(c);b!=null&&(a?h(q,d,{configurable:!0,writable:!0,value:b}):b!==c&&(t[d]===void 0&&(a=Math.random()*1E9>>>0,t[d]=n?m.Symbol(d):"$jscp$"+a+"$"+d),h(g,t[d],{co

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Category:	downloaded
Size (bytes):	63920
Entropy (8bit):	7.996713921159844
Encrypted:	true
SSDEEP:
MD5:	A65527FCB58F66A7CFBC0E6B160538B4
SHA1:	45D260E7FA343401B5BB0DF982A014F53E2D253B
SHA-256:	FB13C3A1CBAC60649B76F7D7F85C1645D35AC69B85CE5F4EB0692505ECC2CD45
SHA-512:	8448E96ABE326F43285B2D8B0D75BEAF0E9C9E051E8754841D907B30EB303AE24C447011306DA6A1703B9192D02AEFF76A4517BDF94EC6E7DC360CE3538802AF
Malicious:	false
Reputation:	unknown
URL:	https://cdn.prod.website-files.com/65afd577e3158ea66d24157d/65afd577e3158ea66d2415b0_Roboto-Bold.woff2
Preview:	wOF2...................H..........................b........`....H..<........E........6.$..8. .... ..)[.T...d.....Z...U.....:u..O.:....cx.<.z.....n..".~..........&.X..=.....!..A..&i.~.b4.@.....jC.X..K..lj......}H.5M.ccx9.T...T......D-'..7P.L).L..).2..Yzq..I.....X.U\..Mz..x..{xQ...].`J..}\...@.{..{.p?..^.D....M......[....L]..nT.M3...S+Ee...yP...y(.......'..^36.R...S1..`m.....AW..[.f...4b.5"k.u.......(>..j..{.\...$j.c.Ck"..F..jd..U....".l....]..w..\|...w.^.$....._.E..~.Yk.G'><..4..\}F.'z.+o.U....g...;.Jg....N.\|..i.."!..r...x..v...8>qv.zr7..g..8...Ke.....Y&s.r.V....&.0..;....N.i&...X..}.....Haf.$...h.=O..OS{<..v..b...$....?..E.Q3..#.I.(..(.U.{n.c.s...v.K....x.EZCsz.....F...x..}.k.Y.}g.....p...b.$........s.{..Q.$Ca...'..&LE.k...X...M..V.1`..m....QV.B..H.+].I.E...L).=#.....c..h...c6./...3.cb....T..W."..0..6..6@sk#.J...) .H...E..X......FQ...&*..].c..f.y....M....'.Y.Z..xJ..r.....U .Q...p..+.n9L.O..J~.7......{/@.T,#LS..D;JM...A.e......................

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1081
Category:	downloaded
Size (bytes):	463
Entropy (8bit):	7.501042832841477
Encrypted:	false
SSDEEP:
MD5:	B78A21345741F31EF1E413E15BFCF031
SHA1:	6381DBAA8F139A758530BA1E1443B98961759516
SHA-256:	7AF9492CA4393FC8C0786ED8B414050654F8EBB76EEFD938A3D040F7826BB917
SHA-512:	2CA3437FAB047B3758813606ADC7E218574B837035F59E99DCBAD2D51160F73A07F3CA07329622F30398CC2267F39A808B916589DC8FE271E244AAE5843EDFAB
Malicious:	false
Reputation:	unknown
URL:	http://widget.getblue.io/favicon.ico
Preview:	.............n.0.._e...._Q...R...!..8.$.p..mw....!O.$)..........'..g.Wt..4.....V.n..K..eS.2d.\|]U...I:DX.X..._.'x.....,..N.aD...#e..9..............i/.tq.1.v......pWK...#\|1..o.....n.E....r8..A/...og..i..^.../..2.g.\|,....{....Hx@.[=....$..s!u.....5...M.....Fk.....#..4........A..4...:..2.}2..@V...e..,........Hd.....Qv.$k.Q..<.1.`.2.M.J#.`:.3....i.....3R.......F~.c/.>.q/.....!...&N......32*.#..$.t..&RL'_...^.W.T.\|.$e/.M.o9...9'.M..o\|.w9...

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5664)
Category:	dropped
Size (bytes):	339505
Entropy (8bit):	5.5698504003433955
Encrypted:	false
SSDEEP:
MD5:	350A863E9994428AB4D99D893F572156
SHA1:	25595C507B7E210E783AD3F5A595C50F0935E475
SHA-256:	20A0F0B62CA1C8F2CF2ADB4A9DB82BF9EFFA8BDCCEAB6302AE318E0F3FDED3D7
SHA-512:	C178ED963B267F72DA8E3E90900006A5D0B0B5E951549DED56CD59B8DC3C91533BDC74AF6547F5BADA51DEC4A6E35B0F8D941DD20A29BBBAD8B129A428AE0287
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]\|\|{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"5",. . "macros":[{"function":"__e"},{"function":"__gas","vtp_cookieDomain":"auto","vtp_doubleClick":false,"vtp_setTrackerName":false,"vtp_useDebugVersion":false,"vtp_useHashAutoLink":false,"vtp_decorateFormsAutoLink":false,"vtp_enableLinkId":false,"vtp_enableEcommerce":false,"vtp_trackingId":"UA-122234007-2","vtp_enableRecaptchaOption":false,"vtp_enableUaRlsa":false,"vtp_enableUseInternalVersion":false,"vtp_enableGA4Schema":true},{"function":"__u","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__v","vtp_name":"gtm.triggers","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":""},{"function":"__v","vtp_name":"gtm.scrollThreshold","vtp_dataLayerVersion":1},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys

Static File Info

⊘No static file info

Description:	Adversaries may gain access to a system through a user visiting a website over the normal course of browsing. With this technique, the user's web browser is typically targeted for exploitation, but adversaries may also use compromised websites for non-exploitation behavior such as acquiring Application Access Token .
Tactics:	Initial Access
Data Sources:	Application Log: Application Log Content, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Process: Process Creation
Platforms:	Linux, macOS, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://widget.getblue.io

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 100

Chrome Cache Entry: 104

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 117

Chrome Cache Entry: 121

Chrome Cache Entry: 123

Chrome Cache Entry: 125

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 130

Chrome Cache Entry: 131

Chrome Cache Entry: 133

Chrome Cache Entry: 137

Chrome Cache Entry: 138

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 149

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 153

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 157

Chrome Cache Entry: 159

Chrome Cache Entry: 161

Windows Analysis Report
http://widget.getblue.io