Edit tour

Windows Analysis Report
https://gemmini-tllogiiess-wrx.godaddysites.com/

Overview

General Information

Sample URL:	https://gemmini-tllogiiess-wrx.godaddysites.com/
Analysis ID:	1521774
Tags:	openphish
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML title does not match URL

Classification

Process Tree

System is w10x64

chrome.exe (PID: 3244 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5284 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1712 --field-trial-handle=2020,i,14739926256914341888,4208355801869281692,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6392 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gemmini-tllogiiess-wrx.godaddysites.com/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://gemmini-tllogiiess-wrx.godaddysites.com/

SlashNext: detection malicious, Label: Fraudulent Website type: Phishing & Social Engineering

Source: https://gemmini-tllogiiess-wrx.godaddysites.com/

HTTP Parser: Number of links: 0

Source: https://gemmini-tllogiiess-wrx.godaddysites.com/

HTTP Parser: Title: Gemini: Loin | Sign In does not match URL

Source: https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applications&utm_campaign=en-us_corp_applications_base

HTTP Parser: No favicon

Source: https://gemmini-tllogiiess-wrx.godaddysites.com/

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49768 version: TLS 1.2

Source: global traffic

TCP traffic: 192.168.2.4:59866 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: gemmini-tllogiiess-wrx.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: gemmini-tllogiiess-wrx.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://gemmini-tllogiiess-wrx.godaddysites.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=52198e3f-df06-49db-b510-afd341095f7b; _tccl_visit=52198e3f-df06-49db-b510-afd341095f7b; _scc_session=pc=1&C_TOUCH=2024-09-29T01:33:08.989Z
Source: global traffic	HTTP traffic detected: GET /manifest.webmanifest HTTP/1.1Host: gemmini-tllogiiess-wrx.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://gemmini-tllogiiess-wrx.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: gemmini-tllogiiess-wrx.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://gemmini-tllogiiess-wrx.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=52198e3f-df06-49db-b510-afd341095f7b; _tccl_visit=52198e3f-df06-49db-b510-afd341095f7b; _scc_session=pc=1&C_TOUCH=2024-09-29T01:33:08.989Z

Source: global traffic	DNS traffic detected: DNS query: gemmini-tllogiiess-wrx.godaddysites.com
Source: global traffic	DNS traffic detected: DNS query: img1.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: isteam.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: events.api.secureserver.net
Source: global traffic	DNS traffic detected: DNS query: csp.secureserver.net
Source: global traffic	DNS traffic detected: DNS query: www.godaddy.com

Source: chromecache_177.2.dr, chromecache_149.2.dr, chromecache_193.2.dr, chromecache_160.2.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_168.2.dr	String found in binary or memory: http://scripts.sil.org/OFL
Source: chromecache_168.2.dr	String found in binary or memory: https://gemmini-tllogiiess-wrx.godaddysites.com/
Source: chromecache_168.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)
Source: chromecache_168.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2)
Source: chromecache_168.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)
Source: chromecache_168.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)
Source: chromecache_168.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2)
Source: chromecache_168.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2)
Source: chromecache_168.2.dr	String found in binary or memory: https://img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/gemini-login-signin.jpg
Source: chromecache_168.2.dr	String found in binary or memory: https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc
Source: chromecache_168.2.dr	String found in binary or memory: https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applica

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 59870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49768 version: TLS 1.2

Source: classification engine

Classification label: mal48.win@22/102@18/6

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1712 --field-trial-handle=2020,i,14739926256914341888,4208355801869281692,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gemmini-tllogiiess-wrx.godaddysites.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1712 --field-trial-handle=2020,i,14739926256914341888,4208355801869281692,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://gemmini-tllogiiess-wrx.godaddysites.com/	100%	SlashNext	Fraudulent Website type: Phishing & Social Engineering

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
http://scripts.sil.org/OFL	0%	URL Reputation	safe
http://jedwatson.github.io/classnames	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
www.google.com	142.250.184.196	true	false	unknown
gemmini-tllogiiess-wrx.godaddysites.com	13.248.243.5	true	false	unknown
isteam.wsimg.com	3.64.248.63	true	false	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	unknown
img1.wsimg.com	unknown	unknown	false	unknown
csp.secureserver.net	unknown	unknown	false	unknown
events.api.secureserver.net	unknown	unknown	false	unknown
www.godaddy.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Reputation
https://gemmini-tllogiiess-wrx.godaddysites.com/manifest.webmanifest	true	unknown
https://gemmini-tllogiiess-wrx.godaddysites.com/	true	unknown
https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applications&utm_campaign=en-us_corp_applications_base	false	unknown
https://gemmini-tllogiiess-wrx.godaddysites.com/sw.js	true	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2)	chromecache_168.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2)	chromecache_168.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)	chromecache_168.2.dr	false		unknown
https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc	chromecache_168.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)	chromecache_168.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2)	chromecache_168.2.dr	false		unknown
https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applica	chromecache_168.2.dr	false		unknown
http://scripts.sil.org/OFL	chromecache_168.2.dr	false	URL Reputation: safe	unknown
https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)	chromecache_168.2.dr	false		unknown
https://img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/gemini-login-signin.jpg	chromecache_168.2.dr	false		unknown
http://jedwatson.github.io/classnames	chromecache_177.2.dr, chromecache_149.2.dr, chromecache_193.2.dr, chromecache_160.2.dr	false	URL Reputation: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.184.196	www.google.com	United States	15169	GOOGLEUS	false
13.248.243.5	gemmini-tllogiiess-wrx.godaddysites.com	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
3.64.248.63	isteam.wsimg.com	United States	16509	AMAZON-02US	false

Private

IP
192.168.2.4
192.168.2.5

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1521774
Start date and time:	2024-09-29 03:32:10 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 18s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://gemmini-tllogiiess-wrx.godaddysites.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.win@22/102@18/6
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applications&utm_campaign=en-us_corp_applications_base

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.16.195, 142.250.185.238, 74.125.206.84, 34.104.35.123, 142.250.185.138, 142.250.186.163, 23.38.98.78, 23.38.98.114, 2.18.64.27, 2.18.64.8, 104.102.33.222, 20.12.23.50, 23.201.246.20, 93.184.221.240, 192.229.221.95, 13.95.31.18, 20.3.187.198, 142.250.74.195
Excluded domains from analysis (whitelisted): e8843.dsca.akamaiedge.net, e40258.g.akamaiedge.net, slscr.update.microsoft.com, e6001.dscx.akamaiedge.net, clientservices.googleapis.com, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, global-wildcard.wsimg.com.sni-only.edgekey.net, wu-b-net.trafficmanager.net, csp.secureserver.net.edgekey.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, fonts.gstatic.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, wildcard-sni-only.api.secureserver.net.edgekey.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, wildcard-ipv6.godaddy.com.edgekey.net, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, e64861.dsca.akamaiedge.net, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
VT rate limit hit for: https://gemmini-tllogiiess-wrx.godaddysites.com/

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applications&utm_campaign=en-us_corp_applications_base Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://gemmini-tllogiiess-wrx.godaddysites.com/ Model: jbxai	{ "brand":["Gemini"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Accept", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (51853)
Category:	downloaded
Size (bytes):	60918
Entropy (8bit):	5.352681231182395
Encrypted:	false
SSDEEP:	768:RfLoCGFoLL8vvw4xUC/ib7V/Kc5EVou19RA/LkIT8OTGGOumJ66KzWmzpEP2szm0:Yj19RqD8OEumJ66KzxFEP2szmOT
MD5:	6BCC0C090DC5CE661AC2A6ACDB0FAC53
SHA1:	690EF645A63793730A886A57F7A58FB9554475D0
SHA-256:	08A57EF33084604003B0D47275A0E2CFF8933BBBE555FB9900E9676C73D6F4D1
SHA-512:	C86CC73F6D0ACE5255941FE24D5CA52C86414860236AA93AC6746CC0ACA1AABEBECEF00FAAEADFC4A7C1A2E309BD819C9F871C6E95809E85FFE9C352ADCC7DCF
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/298a5d7a-6f41-46c8-88c7-196fd538185b/gpub/a7c954210ed83c8/script.js
Preview:	navigator&&navigator.connection&&(window.networkInfo=navigator.connection,navigator.connection.addEventListener&&navigator.connection.addEventListener("change",({target:n})=>window.networkInfo=n));.const imageObserver=new IntersectionObserver((e,r)=>{var a=e=>{if(e.hasAttribute("data-lazyimg")){var t=e.getAttribute("data-srclazy");let o=e.getAttribute("data-srcsetlazy")\|\|"";if(t&&(e.src=t),o&&window.networkInfo){var n=window.networkInfo.downlink;const r=[{min:0,max:5,regex:/(.?(?=, ))/,qMod:!0},{min:5,max:8,regex:/(.2x)/}];r.forEach(({min:e,max:t,regex:r,qMod:a})=>{e<=n&&n<t&&(r=o.match(r),o=(r&&r.length?r[0]:o)+(a?"/qt=q:"+Math.round((n-e)/(t-e)*100):""))})}e.srcset=o,e.removeAttribute("sizes"),e.removeAttribute("data-lazyimg"),e.removeAttribute("data-srclazy"),e.removeAttribute("data-srcsetlazy")}};e.forEach(e=>{if(e.isIntersecting){const t=e.target;window.networkInfo&&0===window.networkInfo.downlink\|\|([t].concat(Array.from(t.querySelectorAll("[data-lazyimg]"))).forEach(a),r.unobse

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1352)
Category:	downloaded
Size (bytes):	1400
Entropy (8bit):	5.307032039583678
Encrypted:	false
SSDEEP:	24:c6BLQZSwXZSUcUxQAQId+06QyyU+bHJRWIFSPhXCoiCUPGyTiKNPR138IHrIYf:j+SwJSxAQ0H0OpwUSPhXCoiCUeuiKNPd
MD5:	5CC6B93D41889C0A55C6C4FCD2D89713
SHA1:	51A59C1DAE337817C4EBAC39FBE61C232705A893
SHA-256:	8671CFDFA128168DB2136D7C17F55BA98DDBA221CDD1ACBBE559D4969280FD51
SHA-512:	8BCAAB1399B6D4D7475C4CF1DC45B0477A9D2AD37578DFCCF23C0C9303716DA1DECD5FBA858D5DD609CB89BCC784E04B72A0D7136BC6EE60DC3EF69CAB977C33
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-87bd33e6.js
Preview:	define("@widget/LAYOUT/c/bs-index2-87bd33e6.js",["exports"],(function(t){"use strict";t.a=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginBottom:t}," > :last-child":{marginBottom:"0 !important"}}},t.b=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginRight:t}," > :last-child":{marginRight:"0 !important"}}},t.c=function(t){const e=function(t){if("string"!=typeof t\|\|"{"!==t[0])return null;try{return JSON.parse(t)}catch(t){return null}}(t)\|\|{};let n=0;return e.blocks&&e.blocks.forEach((t=>{const e=t.text.length;n+=(global._\|\|guac.lodash).clamp(e,25,Math.max(e,25))})),n},t.g=()=>{const t=document.getElementsByClassName("ux-scaled");let e=1;return t&&t.length>0&&(e=t[0].getAttribute("data-scale")),e},t.r=t=>{let{count:e=0,fontSizeMap:n={},defaultFontSize:r}=t;const i=(global._\|\|guac.lodash).reduce(n,((t,e,n)=>{let[r,i=Number.MAX_VALUE]=e;return t.push({range:[r,i],

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (51853)
Category:	dropped
Size (bytes):	60918
Entropy (8bit):	5.352681231182395
Encrypted:	false
SSDEEP:	768:RfLoCGFoLL8vvw4xUC/ib7V/Kc5EVou19RA/LkIT8OTGGOumJ66KzWmzpEP2szm0:Yj19RqD8OEumJ66KzxFEP2szmOT
MD5:	6BCC0C090DC5CE661AC2A6ACDB0FAC53
SHA1:	690EF645A63793730A886A57F7A58FB9554475D0
SHA-256:	08A57EF33084604003B0D47275A0E2CFF8933BBBE555FB9900E9676C73D6F4D1
SHA-512:	C86CC73F6D0ACE5255941FE24D5CA52C86414860236AA93AC6746CC0ACA1AABEBECEF00FAAEADFC4A7C1A2E309BD819C9F871C6E95809E85FFE9C352ADCC7DCF
Malicious:	false
Reputation:	low
Preview:	navigator&&navigator.connection&&(window.networkInfo=navigator.connection,navigator.connection.addEventListener&&navigator.connection.addEventListener("change",({target:n})=>window.networkInfo=n));.const imageObserver=new IntersectionObserver((e,r)=>{var a=e=>{if(e.hasAttribute("data-lazyimg")){var t=e.getAttribute("data-srclazy");let o=e.getAttribute("data-srcsetlazy")\|\|"";if(t&&(e.src=t),o&&window.networkInfo){var n=window.networkInfo.downlink;const r=[{min:0,max:5,regex:/(.?(?=, ))/,qMod:!0},{min:5,max:8,regex:/(.2x)/}];r.forEach(({min:e,max:t,regex:r,qMod:a})=>{e<=n&&n<t&&(r=o.match(r),o=(r&&r.length?r[0]:o)+(a?"/qt=q:"+Math.round((n-e)/(t-e)*100):""))})}e.srcset=o,e.removeAttribute("sizes"),e.removeAttribute("data-lazyimg"),e.removeAttribute("data-srclazy"),e.removeAttribute("data-srcsetlazy")}};e.forEach(e=>{if(e.isIntersecting){const t=e.target;window.networkInfo&&0===window.networkInfo.downlink\|\|([t].concat(Array.from(t.querySelectorAll("[data-lazyimg]"))).forEach(a),r.unobse

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (905)
Category:	dropped
Size (bytes):	960
Entropy (8bit):	5.203352394673048
Encrypted:	false
SSDEEP:	24:pzBLgJHHVvC+dKbywqIN6ttVFRJB1i/uwBrV7DtZHrIvyU:zSkjbQxz3+uQ7RxrIx
MD5:	62A914B2C847D4D02B76164D7A2A54C6
SHA1:	20D9F49A90A51FA6C8420640610DF77F7A96D919
SHA-256:	B08C2864EC27736C507B1CA4B3A225A19147841B861CD8494DAF95FA370FE639
SHA-512:	E67D3D9F68EF3151D93DEDAA3530DF89F0C957F08561E93134B219DEC23C2A1FE0D109AC666619526742C5411E4636ECE416A3AD1148C1AD0861F0050B41D3DE
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js",["exports"],(function(e){"use strict";var n="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};e.a=n,e.b=function(e){if(e.__esModule)return e;var n=Object.defineProperty({},"__esModule",{value:!0});return Object.keys(e).forEach((function(t){var r=Object.getOwnPropertyDescriptor(e,t);Object.defineProperty(n,t,r.get?r:{enumerable:!0,get:function(){return e[t]}})})),n},e.c=function(e,n,t){return e(t={path:n,exports:{},require:function(e,n){return function(){throw new Error("Dynamic requires are not currently supported by @rollup/plugin-commonjs")}(null==n&&t.path)}},t.exports),t.exports},e.g=function(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_commonjsHelpers-67085353.js.map.

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1352)
Category:	dropped
Size (bytes):	1400
Entropy (8bit):	5.307032039583678
Encrypted:	false
SSDEEP:	24:c6BLQZSwXZSUcUxQAQId+06QyyU+bHJRWIFSPhXCoiCUPGyTiKNPR138IHrIYf:j+SwJSxAQ0H0OpwUSPhXCoiCUeuiKNPd
MD5:	5CC6B93D41889C0A55C6C4FCD2D89713
SHA1:	51A59C1DAE337817C4EBAC39FBE61C232705A893
SHA-256:	8671CFDFA128168DB2136D7C17F55BA98DDBA221CDD1ACBBE559D4969280FD51
SHA-512:	8BCAAB1399B6D4D7475C4CF1DC45B0477A9D2AD37578DFCCF23C0C9303716DA1DECD5FBA858D5DD609CB89BCC784E04B72A0D7136BC6EE60DC3EF69CAB977C33
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-index2-87bd33e6.js",["exports"],(function(t){"use strict";t.a=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginBottom:t}," > :last-child":{marginBottom:"0 !important"}}},t.b=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginRight:t}," > :last-child":{marginRight:"0 !important"}}},t.c=function(t){const e=function(t){if("string"!=typeof t\|\|"{"!==t[0])return null;try{return JSON.parse(t)}catch(t){return null}}(t)\|\|{};let n=0;return e.blocks&&e.blocks.forEach((t=>{const e=t.text.length;n+=(global._\|\|guac.lodash).clamp(e,25,Math.max(e,25))})),n},t.g=()=>{const t=document.getElementsByClassName("ux-scaled");let e=1;return t&&t.length>0&&(e=t[0].getAttribute("data-scale")),e},t.r=t=>{let{count:e=0,fontSizeMap:n={},defaultFontSize:r}=t;const i=(global._\|\|guac.lodash).reduce(n,((t,e,n)=>{let[r,i=Number.MAX_VALUE]=e;return t.push({range:[r,i],

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 11644, version 1.0
Category:	downloaded
Size (bytes):	11644
Entropy (8bit):	7.979913171006477
Encrypted:	false
SSDEEP:	192:Tnzm3QwZW75iH4izAQjQSFvOYQPFm3L9ZaWxWiWFSOu4zfOSJh8lvXrgSZlTIKCK:TqAaYyX/v6PURZaiWidOXzGSJ6FPrj
MD5:	734A5B0ADBD95DBAE76BD14E82758144
SHA1:	FD6C0BFDF7F7AAE7B6169BE7DBDFEBB416208106
SHA-256:	EE7EF1D38007C4773D1E000177123FB440383C0D0187FD7D2D6978A0ED0F8976
SHA-512:	D8811D528C5220CCE087C0306F5086EB45793204549D24708A95C9C89EEBD93A072006AE15D76C6324CB375869D23BC9CC232CBECDDEFC5C6CBAB1023CAB21C4
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2
Preview:	wOF2......-\|......k...-.............................\...`........8..[.....6.$..8. .....K....S.".8..D.C.%k3W.......lGWB$..i.!.....Vr...>.W.d.#...y...g.SD2..NP.$ ..a+.9.t.8v.X6l.e....+.f6.y6...y.K...A....T....x..1...'t..E.%/..........v....>.....d...o.v...l(.h$..v..s_}.R.'].......2R.k...u...nH...%...<.4uY.,.9.r:..........t>+......'.D..>...a.......RI#..A..g...c..{!..n...QA .d<..p...+..a..[...q..A...T.,$p.....jk... p..5..Wer...__..A.....s.)c...B..'.X..Q..RI.$.^.LV..\|.K.?.[.!.i.)j...pf.[1......K..^#.....M..<.r.....F..h'..y..c..!.. .7... QB......5\|.. .A..W.=...x.w...O.Ps.g...c..`q.........l'.......XXG.3....{c:A....k....E....@n{..9...U..H.C...O.QX........LL$.[.....'^.........7n.>.....!.L.$.......z.0.. ...p..s.......iR....Bb..&...0@..tj.Q...2.p.C..0..H..q...%j.p J..G....q4I......1.A%.x.... .Nk..d... ..~I.,9.$.0IV....E....A.......5.R..LO..:...q.\.&.b....+...d....J.u7...;.D;....,.....k...pQ.P..j42.k..)o..l..../...+.s...C.Vr.c..I..;...j...*....EQS6.

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	242257
Entropy (8bit):	5.517949479561666
Encrypted:	false
SSDEEP:	3072:7u8xUu8gpdmSOvTdTK4Tn9TnatTn9TnApfeVH0pdmSO3iTIT7JlDnDQj3jPGIXSQ:Y3A/6hbCxJFxKhUc
MD5:	55BAF821A59FAD53AA754C85AE19D0EA
SHA1:	B1662F5F5B119836E5E9C91C5E4A448BCD6CCC6D
SHA-256:	D26724E378F16CC4135849CCABF5A1BA738C3F4BA952950ACB34E73F24869E83
SHA-512:	791B8AA2E321324B55731B5F69239F86A0602F19FEB833BFC492D525EA132BC23D1C6A3907957992C655742F38AEDD7819A585E6B7A7F3C68126E0DC739DFC1B
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-index3-55bc27af.js",["radpack","exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-overlayTypes","~/c/bs-index2","~/c/bs-index","~/c/bs-dataAids","@wsb/guac-widget-shared@^1/lib/components/ColorSwatch","@wsb/guac-widget-shared@^1/lib/components/Carousel","~/c/bs-navigationDrawer","~/c/bs-searchFormLocations"],(function(e,t,a,r,o,l,n,i,c,s,g){"use strict";class p extends((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.utils.createElement("Background")){}a._(p,"propTypes",{className:(global.PropTypes\|\|guac["prop-types"]).string,backgroundSize:(global.PropTypes\|\|guac["prop-types"]).string,backgroundPosition:(global.PropTypes\|\|guac["prop-types"]).string,style:(global.PropTypes\|\|guac["prop-types"]).object,imageData:(global.PropTypes\|\|guac["prop-types"]).object,mobileWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,desktopWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,blur:(global.PropTypes\|\|guac["prop-types"]).bool}),a._(p,"defaultPr

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (63425)
Category:	dropped
Size (bytes):	315045
Entropy (8bit):	5.470972207090544
Encrypted:	false
SSDEEP:	3072:7aOD2q1BSK7x5jfw71nUNdFIh0qrMdB8pbKQJaZkNeQHUC5SIui/+a:Wzq1Bzc71UNhqrMgpbLaZkNfHHWa
MD5:	D8A1FE8B9FD01233B8A030EA79C21DF0
SHA1:	1B2B4474F72FCEE56977101E7C85A8201F730903
SHA-256:	91DEC32BF6596B875CDEB8C7BFFC8B5029A870657D3D7C790E8939F17E24DC20
SHA-512:	C15DBBD27873E22558239D6671B7FA05107A348D44BEC9CD560B8AA6D443D4A86BBBC38FC6F2C18E4D4C82852741B7C995E3E80A1E95B04A0D2DBDA12DCB6F0F
Malicious:	false
Reputation:	low
Preview:	var Core=function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/",n(n.s=68)}([fun

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	384
Entropy (8bit):	5.317230181572565
Encrypted:	false
SSDEEP:	6:wBqWekiTakpxxdGztoIhS3EaXqnRCsDPLCmKg1ixWbcaS3jfU0cMU1ixPT:dkK9dg5qEaXScKIjf4q
MD5:	12C479E096916884EC4A1A687D2AF8EC
SHA1:	EFBF38B05BEAFEB1D01EE1FCDE7E0908937CFA98
SHA-256:	157841577D46DF61FFF1DA7B842B4B0B0122F5061EACAD29B937B675827F48D2
SHA-512:	5B654FC9D5C004A96F18A8E32FA936D2C50E5410FCDDB68EEF1354D99437A25D039B090273D946C267694011D39B55799AAD91C8BE9D663D05E802C81610648B
Malicious:	false
Reputation:	low
URL:	https://www.godaddy.com/favicon.ico
Preview:	<HTML><HEAD>.<TITLE>Access Denied</TITLE>.</HEAD><BODY>.<H1>Access Denied</H1>. .You don't have permission to access "http://www.godaddy.com/favicon.ico" on this server.<P>.Reference #18.9cf01002.1727573598.1394fee1.<P>https://errors.edgesuite.net/18.9cf01002.1727573598.1394fee1</P>.</BODY>.</HTML>.

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Category:	downloaded
Size (bytes):	23040
Entropy (8bit):	7.990788476764561
Encrypted:	true
SSDEEP:	384:adpABC4a0HkBpR1HWtGu06B6lsoAKiwY0HcLKglV6Z+DVb35PJZDdiZeJ1vqYg:0AHa0Ezf2tZn6lsoABwTKK46ZQb3V7wD
MD5:	DE69CF9E514DF447D1B0BB16F49D2457
SHA1:	2AC78601179C3A63BA3F3F3081556B12DDCAF655
SHA-256:	C447DD7677B419DB7B21DBDFC6277C7816A913FFDA76FD2E52702DF538DE0E49
SHA-512:	4AEBB7E54D88827D4A02808F04901C0D09B756C518202B056A6C0F664948F5585221D16967F546E064187C6545ACEF15D59B68D0A7A59897BD899D3E9DDA37B1
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Preview:	wOF2......Z........8..Y...........................B.p.`..D....e.....d.....B..6.$..v. .....E.K...5l\e.v.~S$}.".8.....5.E....s...ai`W.u..8a2C..JuBj....x.....%.u.C.......p..c...7...+.1.GS.3...F_....-..`#........]...T.....x....&..{.....V..,..&~$D.#.P..\|gzz...B.7..m.3....HH.l.....Dj.F.X.....U..+.Q...T.`...ST...1...0....io`zu@.J2....3]}0.X...,..+"...............(k.CGl......`.y.._....3.t!O.,X:t.3....lw..U../:..b.]....V.$.y....G.....H..IN....bQ.+ \@....;...C3...c.l..i/....#..I.).Y...]...s..$K!..Tr...g%\|r.D.#.Y{..R..We...X.?...r.@...G.{..>..4^..b..,.z........T..[.ru#.7..{..G....J.3......Lz.C].of$Y2..^...>@L..P.........7..bB.....6f...ec.i..{._\...A.I.Lcy.Qm".....k.^.d.K(x7U...c.o.......}.T......iL..!.Z.......[O...%...*'?........^I./..;t.4%.....S...4....wY.b9.%.b...,.....tC..9.Z...V..CHnA.S.-.u$m.\....7{,..K{(.."....._...\|{.VowE@E@@..Zg.....`8..b..Z...^....l+...R..%.L.b...._..E.j9\+.L.#J.........?&...&..scE..b..Jc.8...V....L 1./k.3..7w....x..-.....

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23126)
Category:	downloaded
Size (bytes):	23189
Entropy (8bit):	4.539345073526186
Encrypted:	false
SSDEEP:	384:7UuK/6kvTqLYddu4bV/yiAhSs1hiAhAiSeG3dvBRU+SMkc6e:QuJ5wI45/c1+ipG3TJSMkU
MD5:	3D092EF4ABA019B14F01C40747E40554
SHA1:	1C26145272FCF4CA91AF501288CCE84B1BFFD38B
SHA-256:	B4C48B77BBE6BBACF7D16BDAA81F5509FB8EA0FBFDDFBF2D12307F7A88518846
SHA-512:	F7180D3D98CF17556E27D62EF719DD9E35041679BAB74BD49BD898EB0FB62018EF6C6B64D06E9E0CAC4A646154DB93A1D35096B098DDCFF7B02CD6889A29DA0A
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-defaultSocialIconPack-91835b99.js
Preview:	define("@widget/LAYOUT/c/bs-defaultSocialIconPack-91835b99.js",["exports"],(function(a){"use strict";const e=(global.React\|\|guac.react).createElement("path",{d:"M12 2C6.477 2 2 6.477 2 12s4.477 10 10 10 10-4.477 10-10A10 10 0 0 0 12 2zM7.055 13.745a.97.97 0 0 1-.073-.509l.182-2.072a.687.687 0 0 1 .29-.364c.182-.11.582.036.582.036l2.619 1.31s.4.181.4.509c-.037.436-.219.436-.364.509l-3.055.654s-.436.146-.581-.073zm4.945.473l-.036 3.018s.036.437-.219.51c-.144.02-.291.02-.436 0l-2.036-.655a.6.6 0 0 1-.291-.364c-.073-.218.182-.545.182-.545l2.036-2.255s.327-.29.582-.145c.254.145.254.436.218.436zm-.364-3.236a.687.687 0 0 1-.581-.182l-2.51-3.418s-.363-.4-.181-.691a.64.64 0 0 1 .363-.291l2.4-.873c.11-.036.218-.145.582.073.255.145.291.655.291.655l.036 4.145s-.072.51-.4.582zm1.419.582l1.636-2.582s.145-.364.436-.327c.152.002.29.085.364.218l1.382 1.636a.676.676 0 0 1 .072.473c-.072.218-.472.363-.472.363l-2.91.837s-.4.073-.545-.182c-.145-.255 0-.51.037-.436zm3.781 3.309L15.6 16.655a.815.815 0 0 1-.4

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21556)
Category:	downloaded
Size (bytes):	21592
Entropy (8bit):	5.118279269599776
Encrypted:	false
SSDEEP:	384:/z+lhnKuowsx9pGxw57yty3eOHenS934osy:JioFP934Y
MD5:	1C56940A864F144FAE2EB40EE952CB94
SHA1:	EBFC754CE962A1F9025853F2995B3987F0383D87
SHA-256:	3C37A4AA3CF6AAAE6921A4B750C0E4F81FD338D6878BE90B0FAF2F921039CB23
SHA-512:	AEF4B08A01D56BD8855653499B375DB11D8FD7D67C4BCDC74323236BADC47B70DDFEDC14CE89828736C63FFE147BF71C14311580296D41B59F11A3305993ADDD
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("tti",[],e):"object"==typeof exports?exports["tti"]=e():t["tti"]=e()}(window,function(){return n=[function(t,e){var n=function(){return this}();try{n=n\|\|Function("return this")()}catch(t){"object"==typeof window&&(n=window)}t.exports=n},function(t,e,n){"use strict";e.__esModule=!0,e.setCustomProperties=e._sendWebVitalsData=e._collectVitals=e.calculateTTI=void 0,n(2);function i(){0<s.timeToInteractive&&setTimeout(function(){window._expDataLayer=window._expDataLayer\|\|[],window._expDataLayer.push({schema:"add_perf",version:"v1",data:window._tccInternal?{type:"pageperf",properties:s,custom_properties:c}:{timing_object:s,is_hard_navigation:!0,custom_properties:c}})},0)}function r(){var t,e,n=(r=0<arguments.length&&void 0!==arguments[0]?arguments[0]:{}).name,r=r.value;s[n]="CLS"===n?r:Math.round(r),"timeToInteractive"===n&&(s.hasOwnProperty("FID")?i():(t=0,e=setInt

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	324
Entropy (8bit):	5.376083689062415
Encrypted:	false
SSDEEP:	6:FSPl39b4BSyRbjGJlI9kXJ3+V0q1EkmGHr9EJiKWaEt39J:cd39MBSyVz0XkTHr+pWTt39J
MD5:	ACD4F2B6117E5054FC9BF848AE8121CA
SHA1:	AE4D5F41D854BA8D99A4A1EC6EE6D6C3C0A859B8
SHA-256:	66774F89FCFA5674BE9AEF60E3FE3CB81E4DD88246BDE4E5392DF8B99FEFD4DB
SHA-512:	906FC9144D4AB81E8000CBE4A7AF7AFF775464347449193337E8738D705888C02B9476E083B3B67BDB3CBC312AAC4644C10737BC1FC5F9F08B38F5F45A2410F9
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-legacyOverrides-42582241.js",["exports"],(function(e){"use strict";e.g=function(e,i,n){let o={};return"MENU"===i&&"h3"===e&&(o={color:"highlight"},"menu3"===n&&(o.fontSize="large")),o}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-legacyOverrides-42582241.js.map.

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 192x192, components 3
Category:	dropped
Size (bytes):	4820
Entropy (8bit):	7.789919318821602
Encrypted:	false
SSDEEP:	96:t+yw5vfa5RjA0v6/9yhtX98UjOPMYRaHr:tB0y5R//tX98xaHr
MD5:	836852512AD6E0A81F9C165AC3573F92
SHA1:	F9F8C34B2AD2A10BE3815B4028BAA3FE7D14BE1C
SHA-256:	B544EFB6939AA05A94872672B42F1EF0A52528F2D2C5052E1EBDAC9318D5F972
SHA-512:	8729417A6C2F89DAF93C8F9FB2CF99BE0B365A9E67E13AC1E85D111E0FADB9CD2B80FC6A9F12677B3BC32E50840FBF94323459F76DF61BECE3080010C7080A96
Malicious:	false
Reputation:	low
Preview:	......Exif..II...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100...........................................C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((..........."........................................>.........................!1Qq."2Aa....#BS......$Rbs...356Cr..........................................................1!A...."QRaq..2...............?...DDDDDDDP..j;T>..P.z,....tE.....A......x....T...`...5...K..I.H?).....n%..q%.i'$....~.>...lG.-.....J._.m...B.......Ui].\|.B7D.=.+...U.8....b^M......5...YR.2....s..s...\|E;37........oE.o....t'1VT...."#.?($C.......0.+.........+..w..g.~........Z...7......x.......a...u...i-psI...8!Y,._]D[.^j......_z.....7....{.6>....1..M.....P.:L:..!OY../.[.bc._,............R..I.E.....,.=.....,Q...U{6B.o?.L.}.._KA..js..?..Y.MD.S.j..,....k...0.-..y.wd.Y>;2"".TDDDDDD

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1211)
Category:	dropped
Size (bytes):	1261
Entropy (8bit):	5.340315611373646
Encrypted:	false
SSDEEP:	24:/BLEQuC0F6lq5lEYwy5WqogVeESgVeId4PXsHrIW:Z4jFYq5lpwW7vdd4PXgrIW
MD5:	CB9BFA0FBDD957FBE7F4841B70341DB2
SHA1:	9CAD12A3580D3E4D340CB867E88B687C75564C5A
SHA-256:	513864FD4EBD1926F3E1E78B436A90C2BC3A5D16835B50415E7B318D7DEEC2A2
SHA-512:	DF98C3262F64DA4EA9CACF75FF7CB685D71B69142D89F726AB3E13CF6F25432DC395D7C0950E1632F0E519F135B02FDA0753739189E51F1C9210ACA6692551DD
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js",["exports"],(function(e){"use strict";const o=e=>{let{color:o,isActive:t,inStock:r,isSmall:l}=e;const a=r\|\|void 0===r,c=l?"24px":"38px",n=l?"20px":"32px",i={borderRadius:"50%",borderWidth:"1px",borderStyle:"solid"},s={outer:{...i,display:"flex",alignItems:"center",justifyContent:"center",width:c,height:c,borderColor:t?"lowContrast":"transparent"},inner:{...i,borderColor:"ultraLowContrast",color:"ultraLowContrast",width:n,height:n,background:a?o:`linear-gradient(to left top, ${o} calc(50% - 1px), currentColor, ${o} calc(50% + 1px) )`}};return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.outer},(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.inner}))};o.propTypes={color:(global.PropTypes\|\|guac["prop-types"]).string.isRequired,isActive:(global.PropTypes\|\|guac["prop-types"]).bool,inStock:(

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
URL:	https://events.api.secureserver.net/t/1/tl/event?dh=gemmini-tllogiiess-wrx.godaddysites.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.7&vg=52198e3f-df06-49db-b510-afd341095f7b&vtg=52198e3f-df06-49db-b510-afd341095f7b&dp=%2F&trace_id=4fe05bcbd4234ba1aa5c20160f45387c&cts=2024-09-29T01%3A33%3A11.767Z&hit_id=05e474fe-1f5d-434f-a15b-69471e76af38&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22298a5d7a-6f41-46c8-88c7-196fd538185b%22%2C%22pd%22%3A%222022-12-15T06%3A11%3A42.679Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout18%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&ap=IPv2&vci=2072419413&z=142320289&tce=1727573584057&tcs=1727573583584&tdc=1727573591759&tdclee=1727573588995&tdcles=1727573588994&tdi=1727573586312&tdl=1727573584183&tdle=1727573583584&tdls=1727573583584&tfs=1727573583555&tns=1727573583551&trqs=1727573584057&tre=1727573584258&trps=1727573584177&tles=1727573591759&tlee=0&nt=navigate&LCP=2634&nav_type=hard
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 1535x688, components 3
Category:	dropped
Size (bytes):	66241
Entropy (8bit):	7.70433021157909
Encrypted:	false
SSDEEP:	1536:0WCCCGdV+5Y7hRIsnVUtI7c4I9OnEoA09wN0vYnbF1cQV:0WGGB/I6VUtIQ4I9OEoL+bF+QV
MD5:	8B13CE70112619E4766225048B008A59
SHA1:	522BC2DD783B7CA18D0760CEC8BC90A8DFAF0F79
SHA-256:	4DB01A2365BECA450E5DB1CD44F4078E7B22163DFD317D2CE5BC48EE9DC54AF2
SHA-512:	4CECFCC2138BE5822C0BC876BB90D7F96D1931D4A698EA04DB66257318BA71A1E74FA3D0C09723993642AFB0F0B544F19DF6D026866227FC1DADAFB5923284EB
Malicious:	false
Reputation:	low
Preview:	......Exif..MM..............................J...........R.(...........i.........Z......c8......c8..............0210........0100...........................................C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((...........".........................................^...........................!.1AQ.....TUa.."27qr......346Rstu...#5BSVb....$%...'Cde...&DFc..E...............................&.........................!1.AQ.2a".#............?..\......9.7..............y<?A..........9.7..............y<?A..........9.7..............y<?A..........9.7..............y<?A..........9.7..............y<?A..........9.7..............y<?A..........9.7..............y<?A..........9.7..............y<?A..........9.7..............y<?A..."...^.59.TDZe.c..<......9.7......w..M.cs..N.9.2..f=..S......#..x~..GM..../.3X.t.O..A........GM..........._.X.t.O..A........GM..........._.X.t.O..A........GM....

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 11728, version 1.0
Category:	downloaded
Size (bytes):	11728
Entropy (8bit):	7.9793276091352485
Encrypted:	false
SSDEEP:	192:klyIZ5n3ROBQn0nXAdzXVIuiRdTgo4NL7WVvSat6YC/B67QuQyJGFtNdo/U5qE8F:gX3RAu0XAdzquw6dSVvS86YC/aQuv8lO
MD5:	B2845477C209263ADB2F8D6059491758
SHA1:	76C6F1F64027566CB5CBF88BC642B708D34D1302
SHA-256:	8F40676C64A72CB5D80952071B7A2F371650D7B2BB787EA01D8C5BC88EF734C7
SHA-512:	C07F84E8C169A79253C2EEA35E8B9A964A94203C20ADD14742840CFA8A084317C3792696D5157A961273637EC206C7F8DC9332C9DA4850F5716E5D956502E708
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2
Preview:	wOF2......-.......k...-v............................^...`........0..R.....6.$..8. ..d..K...AS.".8..Do@.%..$....!....$..d....}.'.J.L..~..w..a..?....Or.....O.J....`bA.....6v.e.[.]...u^mW[_m..U.rt.zKE......~..v....C..aRRI...A.-T.....?.O.....q...`x..O.&8@...R.....vC.v.@....\...... ..R.o`.@.B...".hT......jw.T.&..5.X..2K&....lr..g..p.d.,...'".:...?.L9..T.........k.M..k!.......zwY....N..q......FEAB...l......0..U.tn..y.^>6..........y.B....,...S#19.XB8...y....5f.!.r.%.......B,T..(.........8....D..J.$.].4.`.....bxN.6.....k{...\..L..4.p.#...x....b....+..F....G......L..y.$d.Be.].......C.^>...IC.....\|.!..c...C..'....5@.}..:......I:...^r.....0m$.{0.ce.XC...;<OR..a.....lg..=1....P.....=...a.N..o...........T..w.4...ev/.]<...x.........o:...$.Y....."....3Zb..0:.J....."B....&Fp.p.3..m!V..C....@!.........=P...2.}..J...@...."..&[O{....=.h ....xr[Qh].....,..+.c[..m...;.F.+.......8u.$E.......u.q<n..\|%.....R...pl....H.:.+...s.$*E.).V..@+.......G...w.Y...@..lv .m.j.

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (20947)
Category:	downloaded
Size (bytes):	24399
Entropy (8bit):	5.2375624098374
Encrypted:	false
SSDEEP:	384:UNoz5VHqeg0VzpiyiwffnnPacVorjFtteVT36FCLCpKe9plq2D:ME5qeg0Rp8wffnPVEjFtteEFiSbbl3D
MD5:	753CB19EE1A756E46FAA0F118B1B4E01
SHA1:	248885E3BFE7E71989BA9FFFB33B6EFF18166FEC
SHA-256:	ED9FFA2FBA5ECC75AF2F99E6EBADD5B927086F258037C2A848E94449CC579991
SHA-512:	4482C4D5F2F93DE8E095C549994A7783FA55CD1A6C4C9CC5E697CC2E2F00C98B04D5CB958CC1ADC4D0EF67F300BE014E112AE1D992487F40EB25BC93E8B47AAA
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js
Preview:	define("@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js",["exports","~/c/_rollupPluginBabelHelpers","~/c/_commonjsHelpers","~/c/interopRequireDefault","~/c/_react_commonjs-external"],(function(e,t,n,i,r){"use strict";var s=n.c((function(e){function t(n){return e.exports=t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e.exports.__esModule=!0,e.exports.default=e.exports,t(n)}e.exports=t,e.exports.__esModule=!0,e.exports.default=e.exports})),o=n.c((function(e){var t=s.default;function n(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,i=new WeakMap;return(n=function(e){return e?i:t})(e)}e.exports=function(e,i){if(!i&&e&&e.__esModule)return e;if(null===e\|\|"object"!==t(e)&&"function"!=typeof e)return{default:e};var r=n(i);if(r&&r.has(e))return r.get(e);var s={},o=Object.defineProperty&&Object.getOwnPropertyDescr

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	221
Entropy (8bit):	5.32955468303281
Encrypted:	false
SSDEEP:	6:FSPD8WUDDSBSyFbNemGHr9EJiKWaEwI8WUDDn:c5UDGBSyCTHr+pWTwGUDr
MD5:	8F12765EB30FBDCFCDC116D13F7FC272
SHA1:	506E45B7D3930756EACCE0DAD449A3C8CDB3EAC6
SHA-256:	265995EB76326E95613750F6F6570B850F5C22280D262DE9B9632A16CEB98B9B
SHA-512:	7AA2F396B105BCCF2B943FD2AC60929D8BF3A0EB8574B77451CB29816DF8ACDCD07694B526D7E4585F849DFDA3A0FE6E95661179E13F682DBF54098D98154BFB
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js
Preview:	define("@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js",["exports"],(function(i){"use strict";i.N="-249vw"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-navigationDrawer-27f5f1f5.js.map.

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	107922
Entropy (8bit):	5.16833322430428
Encrypted:	false
SSDEEP:	1536:rrgGXmRRShRLWvm1y+bvdVa/AfVcclozOshAZpXZgiLxdONPam1ZJs6Q8FBirniQ:rrLbba/UEHw
MD5:	6A7950CC31489069917BF817B62B2BFE
SHA1:	44AAB6E9B8FDBAA23EA297CE69E26422277907C0
SHA-256:	1B4DACB0DAFDA81D48EE0890EA113B3B8275BF2D16D5325F971F16EB75F7218A
SHA-512:	0329712BC9EC144910DEE414B70181C4FD4145B65C78E2628BEE547A5DBC8D48BACD3BAA350451437C740493875DDD47FEC66C2C9189AA823A7B95DE8E9FA9F4
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("scc-c2",[],e):"object"==typeof exports?exports["scc-c2"]=e():t["scc-c2"]=e()}(self,(()=>(()=>{"use strict";var t={d:(e,n)=>{for(var r in n)t.o(n,r)&&!t.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:n[r]})},o:(t,e)=>Object.prototype.hasOwnProperty.call(t,e),r:t=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})}},e={};t.r(e);var n={};t.r(n),t.d(n,{_isDebug:()=>d,debug:()=>O,error:()=>g,info:()=>h,log:()=>h,setDebug:()=>b,warn:()=>w});var r={};t.r(r),t.d(r,{cmdLogEvent:()=>Yo,cmdLogPerf:()=>ti});var o,i,a,c,u,f=(o="",a={document:i=Object.create({get cookie(){return o},set cookie(t){o=t}})},c={},"undefined"==typeof window?{window:a,document:i,navigator:c}:{window:window\|\|a,document:window.document\|\|i,navigator:navigator\|\|c}),s=function(){return f.

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (905)
Category:	downloaded
Size (bytes):	960
Entropy (8bit):	5.203352394673048
Encrypted:	false
SSDEEP:	24:pzBLgJHHVvC+dKbywqIN6ttVFRJB1i/uwBrV7DtZHrIvyU:zSkjbQxz3+uQ7RxrIx
MD5:	62A914B2C847D4D02B76164D7A2A54C6
SHA1:	20D9F49A90A51FA6C8420640610DF77F7A96D919
SHA-256:	B08C2864EC27736C507B1CA4B3A225A19147841B861CD8494DAF95FA370FE639
SHA-512:	E67D3D9F68EF3151D93DEDAA3530DF89F0C957F08561E93134B219DEC23C2A1FE0D109AC666619526742C5411E4636ECE416A3AD1148C1AD0861F0050B41D3DE
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js
Preview:	define("@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js",["exports"],(function(e){"use strict";var n="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};e.a=n,e.b=function(e){if(e.__esModule)return e;var n=Object.defineProperty({},"__esModule",{value:!0});return Object.keys(e).forEach((function(t){var r=Object.getOwnPropertyDescriptor(e,t);Object.defineProperty(n,t,r.get?r:{enumerable:!0,get:function(){return e[t]}})})),n},e.c=function(e,n,t){return e(t={path:n,exports:{},require:function(e,n){return function(){throw new Error("Dynamic requires are not currently supported by @rollup/plugin-commonjs")}(null==n&&t.path)}},t.exports),t.exports},e.g=function(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_commonjsHelpers-67085353.js.map.

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (383)
Category:	dropped
Size (bytes):	437
Entropy (8bit):	5.418011449016951
Encrypted:	false
SSDEEP:	12:cTTgBSyk+Jb8KCjoD3BMXkKbr4Si+THr+pWTDTd:cTTgBL3fCjqMXfr4SiSHrIYDTd
MD5:	21AD22788E6CAA18A4E9E57F7372B108
SHA1:	50EBDD2452193BEAB7D1899F788FBBF32D90DD55
SHA-256:	0FE26F07B9E5D49590F55D31CBC381CA9337850F89B09940E3B384FCD6D26464
SHA-512:	4237775466FC3A94FE9FD769B9A186DBF8559FE5E06442EA107872462B1591DA2EBFC2786DD8D05495538428F668D940A4D851AE8E13DAFBBF8B763EAAD2F063
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js",["exports"],(function(e){"use strict";const{headerTreatments:{FILL:n,FIT:t,INSET:o,BLUR:a,LEGACY_BLUR:c}}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants;e.A="accent",e.B=a,e.C="category",e.F=n,e.I=o,e.L=c,e.N="neutral",e.P="primary",e.a="none",e.b=t,e.c="light_dark"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-overlayTypes-e1dbe765.js.map.

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13834)
Category:	dropped
Size (bytes):	13891
Entropy (8bit):	4.645788246161265
Encrypted:	false
SSDEEP:	192:49+DrRmRAiyq602NNTV0afQQYrAJ9wzkENGWHl2JBpfodMjHJv8k9fopl1jn:4Bp49ykE8WQs2Vv8k9fGTjn
MD5:	C7B1DBB0EEF8600D5F57536998855E4D
SHA1:	03908243C34D5A373ACBA694EB16E30F088B4F7D
SHA-256:	53DA7DD341F1EF0C484A7B56A17D86669287DA5D082AAA8A0AF04FD3816B6631
SHA-512:	56EE4961F4C03A15C79252AD9C3CAD93573AC785881541EA32F83389996F4E8C074FBC397FF9F0B218121A3D8E1A9CEF101D088B4BCFB2353D6A311D5F60DCBA
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-modernThinRound-ced97fbd.js",["exports"],(function(e){"use strict";const a=(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M5.643 19.241a.782.782 0 0 1-.634-.889c.317-2.142 1.62-4.188 3.525-5.244l.459-.254-.39-.352a4.89 4.89 0 0 1-.797-6.327 4.747 4.747 0 0 1 2.752-2.003 4.894 4.894 0 0 1 6.092 5.72c-.211 1.042-.802 1.97-1.59 2.683l-.308.28.459.253c1.876 1.04 3.185 3.131 3.53 5.26a.765.765 0 0 1-.742.883c-.367.005-.697-.25-.753-.613-.52-3.384-4.067-6.087-7.702-4.324-1.628.79-2.714 2.511-3.014 4.313a.76.76 0 0 1-.887.614zm2.873-10.36a3.36 3.36 0 0 0 3.356 3.355A3.36 3.36 0 0 0 15.23 8.88a3.361 3.361 0 0 0-3.358-3.357A3.36 3.36 0 0 0 8.516 8.88z"});var l={__proto__:null,account:a,person:a,magGlass:(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M19.504 18.461a.76.76 0 0 1 0 1.038.652.652 0 0 1-.956 0L15.2 15.993a6.142 6.142 0 0 1-3.83 1.353C7.858 17.346 5 14.353 5 10.673 5 6.994 7.858 4 11.371 4c3.513 0 6.371 2.994

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	304
Entropy (8bit):	5.609970428503769
Encrypted:	false
SSDEEP:	6:FSPOhWNjZTivBSyv5F/kpIdiEjGWF+ktxRmGHr9EJiKWaEkWNjZTiKF:cUZBSyv5ZdihWF+CRTHr+pWTkAF
MD5:	DAA79AD7558674F6A12D962ABF47F2F6
SHA1:	03EEA0EBEBD11EC14CFA5A651EB0ACA2604829A7
SHA-256:	604281887CD770ED21601933E9636A7A9C8A57A30D7D796AE7D760EEF64D5089
SHA-512:	B335EBCB0C982398C56D9A5F68F5D4E36A850AB139976BD94354C7CD18F1F370866A74F46FCD399F46E410D59AF7FBA890A17003BB4FD456DD43A6DE531D28F9
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js
Preview:	define("@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js",["exports"],(function(o){"use strict";o.D="DESKTOP_NAV_COVER",o.M="MOBILE_NAV",o.N="NAV_DRAWER",o.S="SIDEBAR",o.a="DESKTOP_NAV"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-searchFormLocations-c86f2a99.js.map.

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (8163)
Category:	downloaded
Size (bytes):	38426
Entropy (8bit):	5.533529727272429
Encrypted:	false
SSDEEP:	384:N919NUPaYwuquGqE5Y9T2cYP2SpKZf0XjgSIJSiD5pQ1REpS+A8vB2AhW+abuZpH:e9TjSpgsXjgSIJSixTKbuZpbPD/endW
MD5:	E56C6230B13C132F4A8FED076058A1C8
SHA1:	96AD2041E1825D835009C197795EC1EC230F2BF2
SHA-256:	6160889FDCB8F600DA8817C5B458FACC097E2EABAFE3448C28B53BB003251055
SHA-512:	4B2AED0CFCBC821547E27A7DE36826044B582F5884BC80C552CC4439690B614D7FEB5EB816C45E6C68A93E1D057D1B9ADE9B3FEF96D60D6B6FC44889422C99C3
Malicious:	false
Reputation:	low
URL:	https://gemmini-tllogiiess-wrx.godaddysites.com/
Preview:	<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/favicon/facde73f-30a8-4bdf-969a-11e8b5360b5d.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/favicon/facde73f-30a8-4bdf-969a-11e8b5360b5d.png/:/rs=w:24,h:24,m" sizes="24x24"/><link rel="icon" href="//img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/favicon/facde73f-30a8-4bdf-969a-11e8b5360b5d.png/:/rs=w:32,h:32,m" sizes="32x32"/><link rel="icon" href="//img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/favicon/facde73f-30a8-4bdf-969a-11e8b5360b5d.png/:/rs=w:48,h:48,m" sizes="48x48"/><link rel="icon" href="//img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/favicon/facde73f-30a8-4bdf-969a-11e8b5360b5d.png/:/rs=w:64,h:64,m" sizes="64x64"/><meta charSet="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="viewport" content="width=d

Chrome Cache Entry: 169

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (383)
Category:	downloaded
Size (bytes):	437
Entropy (8bit):	5.418011449016951
Encrypted:	false
SSDEEP:	12:cTTgBSyk+Jb8KCjoD3BMXkKbr4Si+THr+pWTDTd:cTTgBL3fCjqMXfr4SiSHrIYDTd
MD5:	21AD22788E6CAA18A4E9E57F7372B108
SHA1:	50EBDD2452193BEAB7D1899F788FBBF32D90DD55
SHA-256:	0FE26F07B9E5D49590F55D31CBC381CA9337850F89B09940E3B384FCD6D26464
SHA-512:	4237775466FC3A94FE9FD769B9A186DBF8559FE5E06442EA107872462B1591DA2EBFC2786DD8D05495538428F668D940A4D851AE8E13DAFBBF8B763EAAD2F063
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js
Preview:	define("@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js",["exports"],(function(e){"use strict";const{headerTreatments:{FILL:n,FIT:t,INSET:o,BLUR:a,LEGACY_BLUR:c}}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants;e.A="accent",e.B=a,e.C="category",e.F=n,e.I=o,e.L=c,e.N="neutral",e.P="primary",e.a="none",e.b=t,e.c="light_dark"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-overlayTypes-e1dbe765.js.map.

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	674
Entropy (8bit):	6.737102952726011
Encrypted:	false
SSDEEP:	12:jWP2s7jEUyg5ZcwlzBfkVfvd9xnfMdTbjpljTkAJ+agPb3SkEl9eB:j8HcKzBcn9xkdlvJJ9tl
MD5:	E0DC2F813299D9620C20BBE56CB34C8F
SHA1:	72B642D6A4DF9A014F07DA693A67B7A0D9C6FDD0
SHA-256:	3E4B0C3A540EC0AA087314CB1E17244F84F1235F07ACF6E0B3C411F29D5FF84D
SHA-512:	F7864B1D1733714CEDBCB59EE5671CFD716C7F31783E9667EEE8086D632F9B52598DE1308820C074830D71F09A3F97390AFACB2D6737096D6DD8333529F16184
Malicious:	false
Reputation:	low
URL:	"https://img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/favicon/facde73f-30a8-4bdf-969a-11e8b5360b5d.png/:/rs=w:32,h:32,m"
Preview:	RIFF....WEBPVP8X..............VP8 ....P....* . .>m,.F$"..(.P...l..2.y...h .m......o..y&..............?.z.../.=.p~..~.'.n.s......._.....\<".2.;ZV.......%.+.c..YD..e... .....=....e.E.l....=}...b..m.z...r.G..4/..?.p+..V..Xv......g.j..FC.E~g..%.x..]i....0..U..E...+p.[0.r....M2O...$Sg-9..}.l>.B...8.~D......f.2w!.u1S.z.k.........mr.II.}...^.!...;.y./.>0..#.#....G%.z.pj..f.....#... .....7. `Q.y....Y...t..;A@@..va..%..(l.}F...z......x.`.l..........OX..]Zx.mP..EXIF....Exif..II...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100.................... ........... .......

Chrome Cache Entry: 171

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
URL:	https://events.api.secureserver.net/t/1/tl/event?dh=gemmini-tllogiiess-wrx.godaddysites.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.7&vg=52198e3f-df06-49db-b510-afd341095f7b&vtg=52198e3f-df06-49db-b510-afd341095f7b&dp=%2F&trace_id=4fe05bcbd4234ba1aa5c20160f45387c&cts=2024-09-29T01%3A33%3A08.990Z&hit_id=e323af2d-261a-4bf2-b86f-b97b8eb2029b&ht=pageview&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22298a5d7a-6f41-46c8-88c7-196fd538185b%22%2C%22pd%22%3A%222022-12-15T06%3A11%3A42.679Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout18%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&ap=IPv2&vci=2072419413&z=588409879
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 172

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	304
Entropy (8bit):	5.609970428503769
Encrypted:	false
SSDEEP:	6:FSPOhWNjZTivBSyv5F/kpIdiEjGWF+ktxRmGHr9EJiKWaEkWNjZTiKF:cUZBSyv5ZdihWF+CRTHr+pWTkAF
MD5:	DAA79AD7558674F6A12D962ABF47F2F6
SHA1:	03EEA0EBEBD11EC14CFA5A651EB0ACA2604829A7
SHA-256:	604281887CD770ED21601933E9636A7A9C8A57A30D7D796AE7D760EEF64D5089
SHA-512:	B335EBCB0C982398C56D9A5F68F5D4E36A850AB139976BD94354C7CD18F1F370866A74F46FCD399F46E410D59AF7FBA890A17003BB4FD456DD43A6DE531D28F9
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js",["exports"],(function(o){"use strict";o.D="DESKTOP_NAV_COVER",o.M="MOBILE_NAV",o.N="NAV_DRAWER",o.S="SIDEBAR",o.a="DESKTOP_NAV"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-searchFormLocations-c86f2a99.js.map.

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (516)
Category:	downloaded
Size (bytes):	583
Entropy (8bit):	5.275794886448015
Encrypted:	false
SSDEEP:	12:csTLaBSyTUXaPXAbDTc/NeL2QiTj+RVnIYQ2ofXgYFw1THr+pWT0Lv:cTBLTUXaPXAPTc/tTj+Hn/Q2CQYytHrI
MD5:	0D42FFB998A9CF7C25824CF365C7D0C9
SHA1:	7A95B87AC3B0C813F195EA46EFB9E792023EAFBE
SHA-256:	3418AA0FB5D19C3909DD89CCF081C9B59EBAD2A0334EED58373ED395D228487A
SHA-512:	EE2711CED0E8936C0DDAE9CFBE1FFAFABF56766C4611DC5B68C50919EDFC6CD1F3C850A0599ED107E8F6555D54BB46B3395B957A74697BEA2A749814C270C0FD
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-e83be766.js
Preview:	define("@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-e83be766.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e},e.a=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-_rollupPluginBabelHelpers-e83be766.js.map.

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	266
Entropy (8bit):	5.182741116673583
Encrypted:	false
SSDEEP:	6:F9oNS2BSyRbWsCJwvYtMe1mGHr9EJiKWaO6SZF:HgS2BSyEsCJB1THr+pWIS7
MD5:	8578A331AD09BB2EF6359FEC3916BEFC
SHA1:	38B68F5C02CBDB6E29C50F8858710E0392B0B8D6
SHA-256:	3D7E7552E3801941A408C504AA732223FE2BED5D12E248680847D772182CB639
SHA-512:	B034DDDA04F8DEE0D174651D13A89AF9FE5ED28E1E81FAB229AFA119B9B0A9C418E324FFCE28E909D8D596BEAE98FA1AC0BA09C74E7E7689B945C032088C5E18
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js
Preview:	define("@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js",["exports"],(function(e){"use strict";const n=global.React\|\|guac.react;e._=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_react_commonjs-external-a1351e34.js.map.

Chrome Cache Entry: 175

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8076)
Category:	dropped
Size (bytes):	8146
Entropy (8bit):	5.193570786754158
Encrypted:	false
SSDEEP:	192:bXex8k/4ro1H29Lm90fwK4cal8k5AV+IZ7/UHpvx/nvvdlFwmlqkk1:bXex9QriHqLm90fwncal75AV+IZ78HF6
MD5:	D0BF5E9E6E778CE2D940F214EC04700C
SHA1:	2ECB604E1F2E8CA95A0413DB58C153B9AA710A29
SHA-256:	1B7F2E117669F2643EA895B6BEDB818796AF009F19A6FC1F8B8A1DC9C30B6D9B
SHA-512:	DC1A45C8946109AB2E61509A977287020136B03555CC2FAC0B769BB20ADC78268929AE857F695626E86D8AC6E805C3731D33374360406E86FC98F643A3523E5C
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/bs-layout18-Theme-publish-Theme-5bf6e4ee.js",["exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-index3","~/c/bs-legacyOverrides","~/c/bs-modernThinRound","~/c/bs-defaultSocialIconPack","~/c/bs-loaders","~/c/bs-index2","~/c/bs-index","~/c/bs-overlayTypes"],(function(e,t,r,o,a,l,n,i,s,d){"use strict";const{colorPackCategories:g,buttons:h}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,{LIGHT:m,LIGHT_ALT:c,LIGHT_COLORFUL:u,DARK:p,DARK_ALT:b,DARK_COLORFUL:y,COLORFUL:f}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants.paintJobs,S={[d.F]:"accent-overlay",[d.b]:"accent-overlay",[d.I]:"category-alt-solid",[d.B]:"accent-overlay",[d.L]:"accent-overlay"},H={defaultHeaderTreatment:d.F,hasLegacy:!0,heroContentItems:["tagline","tagline2","cta"],nonHeroContentItems:["phone"],imageTreatments:S};var C={id:"layout18",name:"dawn",packs:{color:"000",font:"lato"},logo:{font:"primary"},packCategories:{color:g.NEUTRAL},headerProperties:{alignmentOption:"center"},header

Chrome Cache Entry: 176

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	242257
Entropy (8bit):	5.517949479561666
Encrypted:	false
SSDEEP:	3072:7u8xUu8gpdmSOvTdTK4Tn9TnatTn9TnApfeVH0pdmSO3iTIT7JlDnDQj3jPGIXSQ:Y3A/6hbCxJFxKhUc
MD5:	55BAF821A59FAD53AA754C85AE19D0EA
SHA1:	B1662F5F5B119836E5E9C91C5E4A448BCD6CCC6D
SHA-256:	D26724E378F16CC4135849CCABF5A1BA738C3F4BA952950ACB34E73F24869E83
SHA-512:	791B8AA2E321324B55731B5F69239F86A0602F19FEB833BFC492D525EA132BC23D1C6A3907957992C655742F38AEDD7819A585E6B7A7F3C68126E0DC739DFC1B
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-55bc27af.js
Preview:	define("@widget/LAYOUT/c/bs-index3-55bc27af.js",["radpack","exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-overlayTypes","~/c/bs-index2","~/c/bs-index","~/c/bs-dataAids","@wsb/guac-widget-shared@^1/lib/components/ColorSwatch","@wsb/guac-widget-shared@^1/lib/components/Carousel","~/c/bs-navigationDrawer","~/c/bs-searchFormLocations"],(function(e,t,a,r,o,l,n,i,c,s,g){"use strict";class p extends((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.utils.createElement("Background")){}a._(p,"propTypes",{className:(global.PropTypes\|\|guac["prop-types"]).string,backgroundSize:(global.PropTypes\|\|guac["prop-types"]).string,backgroundPosition:(global.PropTypes\|\|guac["prop-types"]).string,style:(global.PropTypes\|\|guac["prop-types"]).object,imageData:(global.PropTypes\|\|guac["prop-types"]).object,mobileWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,desktopWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,blur:(global.PropTypes\|\|guac["prop-types"]).bool}),a._(p,"defaultPr

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (63425)
Category:	downloaded
Size (bytes):	315045
Entropy (8bit):	5.470972207090544
Encrypted:	false
SSDEEP:	3072:7aOD2q1BSK7x5jfw71nUNdFIh0qrMdB8pbKQJaZkNeQHUC5SIui/+a:Wzq1Bzc71UNhqrMgpbLaZkNfHHWa
MD5:	D8A1FE8B9FD01233B8A030EA79C21DF0
SHA1:	1B2B4474F72FCEE56977101E7C85A8201F730903
SHA-256:	91DEC32BF6596B875CDEB8C7BFFC8B5029A870657D3D7C790E8939F17E24DC20
SHA-512:	C15DBBD27873E22558239D6671B7FA05107A348D44BEC9CD560B8AA6D443D4A86BBBC38FC6F2C18E4D4C82852741B7C995E3E80A1E95B04A0D2DBDA12DCB6F0F
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.10.js
Preview:	var Core=function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/",n(n.s=68)}([fun

Chrome Cache Entry: 178

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (330)
Category:	downloaded
Size (bytes):	390
Entropy (8bit):	5.206764812811324
Encrypted:	false
SSDEEP:	6:F9o8fAX7s4Bszv4yA5FKJyR8aBzzNWLc3oqcqAdfFwC6emGHr9EJiKWayfAX7A:HGs4Bkv4yA5sy+go9Hf+eTHr+pWOA
MD5:	C86B7F8224FA45FB1682AC94D8F75AC6
SHA1:	9561F67AAE74B14702DB79C22F9C7F9E6F3B3239
SHA-256:	010083B88E95F18CEFDB90796ACCE02073E91FC8DFEFB27A7F5F3F75529E4906
SHA-512:	B239BAC43D973D0076F4E0C0720906560B0AED76472F50202841B2EABB66C5AD5774E35449007AA2DC3E6A096330AB14D1AA9374645136C89A20B45E4BBDBC52
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js
Preview:	define("@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js",["exports","~/c/_commonjsHelpers"],(function(e,o){"use strict";var t=o.c((function(e){e.exports=function(e){return e&&e.__esModule?e:{default:e}},e.exports.__esModule=!0,e.exports.default=e.exports}));e.i=t})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=interopRequireDefault-c83974f7.js.map.

Chrome Cache Entry: 179

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	266
Entropy (8bit):	5.182741116673583
Encrypted:	false
SSDEEP:	6:F9oNS2BSyRbWsCJwvYtMe1mGHr9EJiKWaO6SZF:HgS2BSyEsCJB1THr+pWIS7
MD5:	8578A331AD09BB2EF6359FEC3916BEFC
SHA1:	38B68F5C02CBDB6E29C50F8858710E0392B0B8D6
SHA-256:	3D7E7552E3801941A408C504AA732223FE2BED5D12E248680847D772182CB639
SHA-512:	B034DDDA04F8DEE0D174651D13A89AF9FE5ED28E1E81FAB229AFA119B9B0A9C418E324FFCE28E909D8D596BEAE98FA1AC0BA09C74E7E7689B945C032088C5E18
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js",["exports"],(function(e){"use strict";const n=global.React\|\|guac.react;e._=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_react_commonjs-external-a1351e34.js.map.

Chrome Cache Entry: 180

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
URL:	https://events.api.secureserver.net/t/1/tl/event?dh=gemmini-tllogiiess-wrx.godaddysites.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.7&vg=52198e3f-df06-49db-b510-afd341095f7b&vtg=52198e3f-df06-49db-b510-afd341095f7b&dp=%2F&trace_id=4fe05bcbd4234ba1aa5c20160f45387c&cts=2024-09-29T01%3A33%3A19.110Z&hit_id=6a4b4497-23ef-4729-b346-5d71f34e410d&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22298a5d7a-6f41-46c8-88c7-196fd538185b%22%2C%22pd%22%3A%222022-12-15T06%3A11%3A42.679Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout18%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&usrin=wam_site_hasPopupWidget%2Cfalse%5Ewam_site_hasMessagingWidget%2Cfalse%5Ewam_site_headerTreatment%2CFit%5Ewam_site_hasSlideshow%2Cfalse%5Ewam_site_hasFreemiumBanner%2Cfalse%5Ewam_site_homepageFirstWidgetType%2CINTRODUCTION%5Ewam_site_homepageFirstWidgetPreset%2Cintroduction4%5Ewam_site_businessCategory%2Crealestateagents%5Ewam_site_theme%2Clayout18%5Ewam_site_locale%2Cen-US%5Ewam_site_fontPack%2Clato%5Ewam_site_cookieBannerEnabled%2Ctrue%5Ewam_site_membershipEnabled%2Cfalse%5Ewam_site_hasHomepageHTML%2Cfalse%5Ewam_site_hasHomepageShop%2Cfalse%5Ewam_site_hasHomepageOla%2Cfalse%5Ewam_site_hasHomepageBlog%2Cfalse%5Ewam_site_hasShop%2Cfalse%5Ewam_site_hasOla%2Cfalse%5Ewam_site_planType%2CbusinessPlus%5Ewam_site_isHomepage%2Ctrue%5Ewam_site_htmlWidget%2Cfalse%5Ewam_site_networkSpeed%2C1.30&ap=IPv2&vci=2072419413&z=1254898626&LCP=2634&CLS=0.00018914303679713342&FID=2&timeToInteractive=5444&nav_type=hard
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 32x32, components 3
Category:	dropped
Size (bytes):	873
Entropy (8bit):	6.340347994003227
Encrypted:	false
SSDEEP:	24:/l4c1spMroPmQGrrQpYHrqQ+F0URujNCI:t4iWMrKGrrQpYHWQ+OU6F
MD5:	3C2423487ED55247190787DFC8584B3B
SHA1:	76C6189C5D9A71B27D03873ADDCAB1B634204EF1
SHA-256:	D64DCBA54AAFE8CEF462EF237B2F5C42E1C20F4B9B86170E5D992A0D21191FF2
SHA-512:	5E04FE818140880A172B4F012DB7368E6AE81575B139EB033AB4746BDC64D4B929499223417B995CF047C08A9C8097F2823CF81248C34AAA9DD6BDF00E2EEE78
Malicious:	false
Reputation:	low
Preview:	......Exif..II...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100.................... ........... ..........C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((...... . .."....................................).......................!.a."1AQ.q..Rb............................... .......................!"1Qa..............?..^,.1iH..%s.5.Cc..j...k.r.:.?r.>:Qs.....Vu.,..v..)....K....C?Y..$. %JH..:...H..<.."C.] ..+..aO......h....j..\|F..1...b...py..Hc4....q.E..R.B.U...G/).l1Y.d.B.G......;..5..i..+Q...BZM.O#...8..p..c-..=.o....zE...TyH.k.V.c.\|....>....d..JQ1.L.8<.......8Q;...8?=........>...V........@.[........:.'.%IJ.<..\|..6..p....qa>..kD(....;......Q8O...&D...X.....}..#..91.5.H.....

Chrome Cache Entry: 182

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3043)
Category:	dropped
Size (bytes):	3092
Entropy (8bit):	5.221416224205306
Encrypted:	false
SSDEEP:	96:/NSXU/vuELNSXtiF7ANSXTJrrBNSXt7X5wqh:VcKncc7ycd3cd5w8
MD5:	852CBC5322260E00B44F2C682F88B2C7
SHA1:	BCAF229E6134F43EB5F974C9891E4D16FAF1D344
SHA-256:	BAE437DBEFE58377D88C9D579DB7C59F4202F3FBF88866D0005FB375BE6B2CD7
SHA-512:	F031B43F7FA0DA001F71DDCFFE5E322A94C5F1F52F7C4D67D34880243D9D361AC55C0E5001DD004390867CB31E5DEF5D4D9282E6E2ECB9AEC0E880AA5B786BA3
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-loaders-fffeeba5.js",["exports","~/c/bs-index3"],(function(e,a){"use strict";e.B=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).createElement((global.React\|\|guac.react).Fragment,null,(global.React\|\|guac.react).createElement(c,{viewBox:"0 0 44 44",width:"3em",height:"3em",fill:"currentColor"},(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M31.968 23H12.032c-.57 0-1.032-.448-1.032-1 0-.553.462-1 1.032-1h19.936c.57 0 1.032.447 1.032 1 0 .552-.462 1-1.032 1"})),(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX.Style,null,a.k.loaderBalance)),style:{"> svg":{animation:"balance 1s infinite cubic-bezier(.62,.06,.33,.79);",transformOrigin:"center"}}},e)},e.C=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).crea

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21556)
Category:	dropped
Size (bytes):	21592
Entropy (8bit):	5.118279269599776
Encrypted:	false
SSDEEP:	384:/z+lhnKuowsx9pGxw57yty3eOHenS934osy:JioFP934Y
MD5:	1C56940A864F144FAE2EB40EE952CB94
SHA1:	EBFC754CE962A1F9025853F2995B3987F0383D87
SHA-256:	3C37A4AA3CF6AAAE6921A4B750C0E4F81FD338D6878BE90B0FAF2F921039CB23
SHA-512:	AEF4B08A01D56BD8855653499B375DB11D8FD7D67C4BCDC74323236BADC47B70DDFEDC14CE89828736C63FFE147BF71C14311580296D41B59F11A3305993ADDD
Malicious:	false
Reputation:	low
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("tti",[],e):"object"==typeof exports?exports["tti"]=e():t["tti"]=e()}(window,function(){return n=[function(t,e){var n=function(){return this}();try{n=n\|\|Function("return this")()}catch(t){"object"==typeof window&&(n=window)}t.exports=n},function(t,e,n){"use strict";e.__esModule=!0,e.setCustomProperties=e._sendWebVitalsData=e._collectVitals=e.calculateTTI=void 0,n(2);function i(){0<s.timeToInteractive&&setTimeout(function(){window._expDataLayer=window._expDataLayer\|\|[],window._expDataLayer.push({schema:"add_perf",version:"v1",data:window._tccInternal?{type:"pageperf",properties:s,custom_properties:c}:{timing_object:s,is_hard_navigation:!0,custom_properties:c}})},0)}function r(){var t,e,n=(r=0<arguments.length&&void 0!==arguments[0]?arguments[0]:{}).name,r=r.value;s[n]="CLS"===n?r:Math.round(r),"timeToInteractive"===n&&(s.hasOwnProperty("FID")?i():(t=0,e=setInt

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (330)
Category:	dropped
Size (bytes):	390
Entropy (8bit):	5.206764812811324
Encrypted:	false
SSDEEP:	6:F9o8fAX7s4Bszv4yA5FKJyR8aBzzNWLc3oqcqAdfFwC6emGHr9EJiKWayfAX7A:HGs4Bkv4yA5sy+go9Hf+eTHr+pWOA
MD5:	C86B7F8224FA45FB1682AC94D8F75AC6
SHA1:	9561F67AAE74B14702DB79C22F9C7F9E6F3B3239
SHA-256:	010083B88E95F18CEFDB90796ACCE02073E91FC8DFEFB27A7F5F3F75529E4906
SHA-512:	B239BAC43D973D0076F4E0C0720906560B0AED76472F50202841B2EABB66C5AD5774E35449007AA2DC3E6A096330AB14D1AA9374645136C89A20B45E4BBDBC52
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js",["exports","~/c/_commonjsHelpers"],(function(e,o){"use strict";var t=o.c((function(e){e.exports=function(e){return e&&e.__esModule?e:{default:e}},e.exports.__esModule=!0,e.exports.default=e.exports}));e.i=t})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=interopRequireDefault-c83974f7.js.map.

Chrome Cache Entry: 185

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (516)
Category:	dropped
Size (bytes):	583
Entropy (8bit):	5.275794886448015
Encrypted:	false
SSDEEP:	12:csTLaBSyTUXaPXAbDTc/NeL2QiTj+RVnIYQ2ofXgYFw1THr+pWT0Lv:cTBLTUXaPXAPTc/tTj+Hn/Q2CQYytHrI
MD5:	0D42FFB998A9CF7C25824CF365C7D0C9
SHA1:	7A95B87AC3B0C813F195EA46EFB9E792023EAFBE
SHA-256:	3418AA0FB5D19C3909DD89CCF081C9B59EBAD2A0334EED58373ED395D228487A
SHA-512:	EE2711CED0E8936C0DDAE9CFBE1FFAFABF56766C4611DC5B68C50919EDFC6CD1F3C850A0599ED107E8F6555D54BB46B3395B957A74697BEA2A749814C270C0FD
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-e83be766.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e},e.a=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-_rollupPluginBabelHelpers-e83be766.js.map.

Chrome Cache Entry: 186

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3043)
Category:	downloaded
Size (bytes):	3092
Entropy (8bit):	5.221416224205306
Encrypted:	false
SSDEEP:	96:/NSXU/vuELNSXtiF7ANSXTJrrBNSXt7X5wqh:VcKncc7ycd3cd5w8
MD5:	852CBC5322260E00B44F2C682F88B2C7
SHA1:	BCAF229E6134F43EB5F974C9891E4D16FAF1D344
SHA-256:	BAE437DBEFE58377D88C9D579DB7C59F4202F3FBF88866D0005FB375BE6B2CD7
SHA-512:	F031B43F7FA0DA001F71DDCFFE5E322A94C5F1F52F7C4D67D34880243D9D361AC55C0E5001DD004390867CB31E5DEF5D4D9282E6E2ECB9AEC0E880AA5B786BA3
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-fffeeba5.js
Preview:	define("@widget/LAYOUT/c/bs-loaders-fffeeba5.js",["exports","~/c/bs-index3"],(function(e,a){"use strict";e.B=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).createElement((global.React\|\|guac.react).Fragment,null,(global.React\|\|guac.react).createElement(c,{viewBox:"0 0 44 44",width:"3em",height:"3em",fill:"currentColor"},(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M31.968 23H12.032c-.57 0-1.032-.448-1.032-1 0-.553.462-1 1.032-1h19.936c.57 0 1.032.447 1.032 1 0 .552-.462 1-1.032 1"})),(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX.Style,null,a.k.loaderBalance)),style:{"> svg":{animation:"balance 1s infinite cubic-bezier(.62,.06,.33,.79);",transformOrigin:"center"}}},e)},e.C=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).crea

Chrome Cache Entry: 187

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	221
Entropy (8bit):	5.32955468303281
Encrypted:	false
SSDEEP:	6:FSPD8WUDDSBSyFbNemGHr9EJiKWaEwI8WUDDn:c5UDGBSyCTHr+pWTwGUDr
MD5:	8F12765EB30FBDCFCDC116D13F7FC272
SHA1:	506E45B7D3930756EACCE0DAD449A3C8CDB3EAC6
SHA-256:	265995EB76326E95613750F6F6570B850F5C22280D262DE9B9632A16CEB98B9B
SHA-512:	7AA2F396B105BCCF2B943FD2AC60929D8BF3A0EB8574B77451CB29816DF8ACDCD07694B526D7E4585F849DFDA3A0FE6E95661179E13F682DBF54098D98154BFB
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js",["exports"],(function(i){"use strict";i.N="-249vw"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-navigationDrawer-27f5f1f5.js.map.

Chrome Cache Entry: 188

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	543
Entropy (8bit):	5.143354632565304
Encrypted:	false
SSDEEP:	12:YWGhtXIoWFJsTPXOfqLyGuRPwTPXOfqLyGuA4K5p3:YZXIoWofuGuRPofuGuv2p
MD5:	AA98277F37D8C26E40367E6E86674151
SHA1:	6031D863735E6C04BCC21845F8F79E45B65CE666
SHA-256:	02FD84794D7B9A8A5300E4508835A2121D8983C124E3E9131FA7F2CCE5DEB845
SHA-512:	81B9E6FE9D52107D41111EE21E64FCC645706C32E2C3900010FB70524E74AC52BD7BB21DE90E68C680359C8F4903008A811BB3078A00B4CDAAE51BE089FCE3A5
Malicious:	false
Reputation:	low
URL:	https://gemmini-tllogiiess-wrx.godaddysites.com/manifest.webmanifest
Preview:	{"scope":"/","start_url":"/","display":"standalone","icons":[{"sizes":"192x192","type":"image/png","src":"//img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/favicon/facde73f-30a8-4bdf-969a-11e8b5360b5d.png/:/rs=w:192,h:192,m"},{"sizes":"512x512","type":"image/png","src":"//img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/favicon/facde73f-30a8-4bdf-969a-11e8b5360b5d.png/:/rs=w:512,h:512,m"}],"name":"gemmini-tllogiiess-wrx","short_name":"gemmini-tllogiiess-wrx","theme_color":"#D22F25","background_color":"#D22F25"}

Chrome Cache Entry: 189

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1211)
Category:	downloaded
Size (bytes):	1261
Entropy (8bit):	5.340315611373646
Encrypted:	false
SSDEEP:	24:/BLEQuC0F6lq5lEYwy5WqogVeESgVeId4PXsHrIW:Z4jFYq5lpwW7vdd4PXgrIW
MD5:	CB9BFA0FBDD957FBE7F4841B70341DB2
SHA1:	9CAD12A3580D3E4D340CB867E88B687C75564C5A
SHA-256:	513864FD4EBD1926F3E1E78B436A90C2BC3A5D16835B50415E7B318D7DEEC2A2
SHA-512:	DF98C3262F64DA4EA9CACF75FF7CB685D71B69142D89F726AB3E13CF6F25432DC395D7C0950E1632F0E519F135B02FDA0753739189E51F1C9210ACA6692551DD
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js
Preview:	define("@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js",["exports"],(function(e){"use strict";const o=e=>{let{color:o,isActive:t,inStock:r,isSmall:l}=e;const a=r\|\|void 0===r,c=l?"24px":"38px",n=l?"20px":"32px",i={borderRadius:"50%",borderWidth:"1px",borderStyle:"solid"},s={outer:{...i,display:"flex",alignItems:"center",justifyContent:"center",width:c,height:c,borderColor:t?"lowContrast":"transparent"},inner:{...i,borderColor:"ultraLowContrast",color:"ultraLowContrast",width:n,height:n,background:a?o:`linear-gradient(to left top, ${o} calc(50% - 1px), currentColor, ${o} calc(50% + 1px) )`}};return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.outer},(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.inner}))};o.propTypes={color:(global.PropTypes\|\|guac["prop-types"]).string.isRequired,isActive:(global.PropTypes\|\|guac["prop-types"]).bool,inStock:(

Chrome Cache Entry: 191

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (829)
Category:	dropped
Size (bytes):	876
Entropy (8bit):	5.561256771975726
Encrypted:	false
SSDEEP:	24:cEBLv5pqMIuHMnH7cmo17Jv0ySaUKdei9hJQE2HrIYpb:f75pqaowmWJcySaUKdTfcrIC
MD5:	9219CF782ED219BD3929A51E99503BC2
SHA1:	6AAC399854EC0405949566FAFDCA8C121F0CDA58
SHA-256:	89388608D7BCECED5AD74231681FFCE822AD580ACB9FD7E492970176E3E38347
SHA-512:	D421851026422D46E1561FA852084CE7B41E32C7451DCF85900838265D330F09389DA18F4D8A5FAF3E0A4076508BA7E93EA9C5F8B5B32ACF32205C9B6E65E709
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-index-4e26cd6b.js",["exports"],(function(o){"use strict";const{widgetTypes:e,colorPackCategories:t,themeConstants:n,buttons:l}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,s=(global.keyMirror\|\|guac.keymirror)({NONE:null,SMALL_UNDERLINE:null,FULL_UNDERLINE:null,INLINE:null}),i=24,r=n.DEFAULT_OVERLAY_TEXT_SHADOW,a={about4:i,introduction5:i,content5:i,ordering1:i,payment2:i,zillow1:i,reviews1:i,rss1:i,subscribe3:i,mlsSearch1:i,contact10:i,countdown1:i,quote1:i},c={spotlight:{fill:l.fills.SOLID},external:{fill:l.fills.NONE,decoration:l.decorations.NONE,shadow:l.shadows.NONE}};o.A="365px",o.B="24px",o.C=c,o.D=25,o.I=28,o.M=40,o.O="0px 2px 10px rgba(0, 0, 0, 0.3)",o.S=40,o.W={about1:!0},o.a=r,o.b="18px",o.c=a,o.d="600px",o.e=t,o.s=s})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-index-4e26cd6b.js.map.

Chrome Cache Entry: 192

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23126)
Category:	dropped
Size (bytes):	23189
Entropy (8bit):	4.539345073526186
Encrypted:	false
SSDEEP:	384:7UuK/6kvTqLYddu4bV/yiAhSs1hiAhAiSeG3dvBRU+SMkc6e:QuJ5wI45/c1+ipG3TJSMkU
MD5:	3D092EF4ABA019B14F01C40747E40554
SHA1:	1C26145272FCF4CA91AF501288CCE84B1BFFD38B
SHA-256:	B4C48B77BBE6BBACF7D16BDAA81F5509FB8EA0FBFDDFBF2D12307F7A88518846
SHA-512:	F7180D3D98CF17556E27D62EF719DD9E35041679BAB74BD49BD898EB0FB62018EF6C6B64D06E9E0CAC4A646154DB93A1D35096B098DDCFF7B02CD6889A29DA0A
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-defaultSocialIconPack-91835b99.js",["exports"],(function(a){"use strict";const e=(global.React\|\|guac.react).createElement("path",{d:"M12 2C6.477 2 2 6.477 2 12s4.477 10 10 10 10-4.477 10-10A10 10 0 0 0 12 2zM7.055 13.745a.97.97 0 0 1-.073-.509l.182-2.072a.687.687 0 0 1 .29-.364c.182-.11.582.036.582.036l2.619 1.31s.4.181.4.509c-.037.436-.219.436-.364.509l-3.055.654s-.436.146-.581-.073zm4.945.473l-.036 3.018s.036.437-.219.51c-.144.02-.291.02-.436 0l-2.036-.655a.6.6 0 0 1-.291-.364c-.073-.218.182-.545.182-.545l2.036-2.255s.327-.29.582-.145c.254.145.254.436.218.436zm-.364-3.236a.687.687 0 0 1-.581-.182l-2.51-3.418s-.363-.4-.181-.691a.64.64 0 0 1 .363-.291l2.4-.873c.11-.036.218-.145.582.073.255.145.291.655.291.655l.036 4.145s-.072.51-.4.582zm1.419.582l1.636-2.582s.145-.364.436-.327c.152.002.29.085.364.218l1.382 1.636a.676.676 0 0 1 .072.473c-.072.218-.472.363-.472.363l-2.91.837s-.4.073-.545-.182c-.145-.255 0-.51.037-.436zm3.781 3.309L15.6 16.655a.815.815 0 0 1-.4

Chrome Cache Entry: 193

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (20947)
Category:	dropped
Size (bytes):	24399
Entropy (8bit):	5.2375624098374
Encrypted:	false
SSDEEP:	384:UNoz5VHqeg0VzpiyiwffnnPacVorjFtteVT36FCLCpKe9plq2D:ME5qeg0Rp8wffnPVEjFtteEFiSbbl3D
MD5:	753CB19EE1A756E46FAA0F118B1B4E01
SHA1:	248885E3BFE7E71989BA9FFFB33B6EFF18166FEC
SHA-256:	ED9FFA2FBA5ECC75AF2F99E6EBADD5B927086F258037C2A848E94449CC579991
SHA-512:	4482C4D5F2F93DE8E095C549994A7783FA55CD1A6C4C9CC5E697CC2E2F00C98B04D5CB958CC1ADC4D0EF67F300BE014E112AE1D992487F40EB25BC93E8B47AAA
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js",["exports","~/c/_rollupPluginBabelHelpers","~/c/_commonjsHelpers","~/c/interopRequireDefault","~/c/_react_commonjs-external"],(function(e,t,n,i,r){"use strict";var s=n.c((function(e){function t(n){return e.exports=t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e.exports.__esModule=!0,e.exports.default=e.exports,t(n)}e.exports=t,e.exports.__esModule=!0,e.exports.default=e.exports})),o=n.c((function(e){var t=s.default;function n(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,i=new WeakMap;return(n=function(e){return e?i:t})(e)}e.exports=function(e,i){if(!i&&e&&e.__esModule)return e;if(null===e\|\|"object"!==t(e)&&"function"!=typeof e)return{default:e};var r=n(i);if(r&&r.has(e))return r.get(e);var s={},o=Object.defineProperty&&Object.getOwnPropertyDescr

Chrome Cache Entry: 194

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Category:	downloaded
Size (bytes):	23580
Entropy (8bit):	7.990537110832721
Encrypted:	true
SSDEEP:	384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK
MD5:	E1B3B5908C9CF23DFB2B9C52B9A023AB
SHA1:	FCD4136085F2A03481D9958CC6793A5ED98E714C
SHA-256:	918B7DC3E2E2D015C16CE08B57BCB64D2253BAFC1707658F361E72865498E537
SHA-512:	B2DA7EF768385707AFED62CA1F178EFC6AA14519762E3F270129B3AFEE4D3782CB991E6FA66B3B08A2F81FF7CABA0B4C34C726D952198B2AC4A784B36EB2A828
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Preview:	wOF2......\........,..[...........................z.p.`..D....e........]..B..6.$..v. .....E.K...5c[R..V.Vr!.....$....@n..P.....'%.1....."A...#H:.T.6.JL.7.g..7..x....N"..,h....R3..u.T..A.._O..f=Mu.e.....0.c.0.FV.q....m;8..J.t.-.%."......&..2...!\....n..]Lx..:......S/F.V.rf%..#.Uk}....X.1n..V.\|.O..aC ."...#..>..n.... $;.....y.5..\|>...;@..Q.D........FT...r=p.Llf...J.3..{Z.. t]Rp.N..Z..7"B..,D.0s..."o..V<...#.N.WZ...m.\......Pb....#:z...B......~w.....J.ABQ.u<.8j..m..r2.....Aq.fNY...P..c.L+......v.n..yV.w......l......H...,..2.."v.......R.V.[...s......@..L....CS..'....Z.2..o......).4.H{C.%..?.%^...#.A.]..[....._&.[~1..j.P..`.......=......[.D7h..5...s......d'.....,....?...6.;....f..(M.CV.....R..q.c.....4.6.k.V.h/..........H..?u..!mq5...9@..0YA9.M..:..reS.;._......K...\..S.^.2..Fv.l~'l..U.TN....OXv..]..`.X1w.4E.t%a...2!.c.R.............t.'Hc...2.8...K.w..p@..T..RZ.@..)}..'+.7s1..... . -.....E7<...C.J.D....Iw-...u...m.K.\e..>..*....7y\|{........G..d13g].t.%.y<..

Chrome Cache Entry: 195

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (522)
Category:	downloaded
Size (bytes):	586
Entropy (8bit):	5.2378887904744955
Encrypted:	false
SSDEEP:	12:H/QL7ANBSyTUXaPXAbDTc/NeL2QiTj+RVngQ2ofXgYhMYTHr+pWgL7AO:cANBLTUXaPXAPTc/tTj+HngQ2CQY/HrQ
MD5:	FADB3719FFA2A9E96CDC64FFEA0220FA
SHA1:	B9B00833E59E99ECE036B518D8429AF5EFEC1163
SHA-256:	E8A5463FF98210D3017DEEE55D5A287AD01AAA11DBE7DEB7D07F7D15D7F609F2
SHA-512:	C6E3581F7676B3204BC0FC8D4DCCF5A383FDE6F17A27D2F855EBEE3D205459BD9866A219808EAB1D4D4B37676D13B516AF546C7125C3FFA22CA74B995A180644
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js
Preview:	define("@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=n,e.a=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_rollupPluginBabelHelpers-8ce54c82.js.map.

Chrome Cache Entry: 196

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	2958
Entropy (8bit):	7.816481544951156
Encrypted:	false
SSDEEP:	48:Qkb49ivsbTugjocMRVUniJ/Bp2mdfPbyR9Z/NzlpoEIXxM:Qkb4/ocMRVUS/X2mVjyLtJPoL2
MD5:	F523FB39FB1E5CAC7A119FE6B1F4163C
SHA1:	6D7D15DA0B69C77DB144B6CDA275F58950EE6D43
SHA-256:	B61EBCE4318FAE5F420336332403F1C04A70CC9D06E9625E6BC2C1741F3508B7
SHA-512:	75DD8482E2C585867B056E8674D804F2F52118258FBE212C6846FB08B0244945A83D90F7762D8B1B52BA51ECA77A23B331611135F10296CBD7720389EBB4610F
Malicious:	false
Reputation:	low
URL:	"https://img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/favicon/facde73f-30a8-4bdf-969a-11e8b5360b5d.png/:/rs=w:192,h:192,m"
Preview:	RIFF....WEBPVP8X..............VP8 ....p5.......>m2.G$#".(......dDxP.2>.?.v.`^......2..O.o.`..t.........o.>..._.=...~.~.{......a.......N..A...e...I.Q.B.w..~...>U@....w.,6.G..z..T......x.J.gEY....5O.l.....o......2.Zf..}.v6-..k............s<@.A6.X...)-P.....B.$)..]X.k..H.-........#MD7./......\44.u;..>.t...y.G..]..IR(...S...7!...G9;....e.......txz q.K.....0......t.5.......8.....j.O`.FfE.`".u.l...\|%.p..#.5F...x+U.......r.a`...[x..XkW.?..p...R./....qu....p'T..w.+A..l..>..).....,g.S.......e..xv[..........Z..d[..M.U..d~..A.u.'.....l,.....+V.buJ.G.PN.y.t..G.......3b..c.U{h]{\|.&z.-.F.eS%V.u...Is.PN.`....=.U0..).....a...mT.....yN....F.cOs.#.y...4.Mz......Mj......-.X..WMoN...&..d...N..p..`..g....'........d.5i{b.o..d..@.@..8..VC...=#..W:c.t.<,..3&E.Y.$.L"]..n[.H/..Aw.a..'l./..L..=....@F.i.. ..........lw..0v....p0.."yS..........[.L)..u>gQP..0.......4.4.....1.[P.C6BT.....*,...#............5......h~....T(.....>....]q..t....>{...vN+.B.R..p........(..

Chrome Cache Entry: 197

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13834)
Category:	downloaded
Size (bytes):	13891
Entropy (8bit):	4.645788246161265
Encrypted:	false
SSDEEP:	192:49+DrRmRAiyq602NNTV0afQQYrAJ9wzkENGWHl2JBpfodMjHJv8k9fopl1jn:4Bp49ykE8WQs2Vv8k9fGTjn
MD5:	C7B1DBB0EEF8600D5F57536998855E4D
SHA1:	03908243C34D5A373ACBA694EB16E30F088B4F7D
SHA-256:	53DA7DD341F1EF0C484A7B56A17D86669287DA5D082AAA8A0AF04FD3816B6631
SHA-512:	56EE4961F4C03A15C79252AD9C3CAD93573AC785881541EA32F83389996F4E8C074FBC397FF9F0B218121A3D8E1A9CEF101D088B4BCFB2353D6A311D5F60DCBA
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-modernThinRound-ced97fbd.js
Preview:	define("@widget/LAYOUT/c/bs-modernThinRound-ced97fbd.js",["exports"],(function(e){"use strict";const a=(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M5.643 19.241a.782.782 0 0 1-.634-.889c.317-2.142 1.62-4.188 3.525-5.244l.459-.254-.39-.352a4.89 4.89 0 0 1-.797-6.327 4.747 4.747 0 0 1 2.752-2.003 4.894 4.894 0 0 1 6.092 5.72c-.211 1.042-.802 1.97-1.59 2.683l-.308.28.459.253c1.876 1.04 3.185 3.131 3.53 5.26a.765.765 0 0 1-.742.883c-.367.005-.697-.25-.753-.613-.52-3.384-4.067-6.087-7.702-4.324-1.628.79-2.714 2.511-3.014 4.313a.76.76 0 0 1-.887.614zm2.873-10.36a3.36 3.36 0 0 0 3.356 3.355A3.36 3.36 0 0 0 15.23 8.88a3.361 3.361 0 0 0-3.358-3.357A3.36 3.36 0 0 0 8.516 8.88z"});var l={__proto__:null,account:a,person:a,magGlass:(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M19.504 18.461a.76.76 0 0 1 0 1.038.652.652 0 0 1-.956 0L15.2 15.993a6.142 6.142 0 0 1-3.83 1.353C7.858 17.346 5 14.353 5 10.673 5 6.994 7.858 4 11.371 4c3.513 0 6.371 2.994

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1824)
Category:	dropped
Size (bytes):	1874
Entropy (8bit):	4.934407477113311
Encrypted:	false
SSDEEP:	48:fCEX2kA83zdkJi1lvietWdcy0cy7mdOrxGfrIK:aE33zdkJiDvietWdR0R7mdOFYX
MD5:	EDC15AD5DAAC3CFA744BFFDB1E0174BE
SHA1:	E314A5CA702D0E77B2C2C023ADDADE266EA223B2
SHA-256:	3B54AEACFDA01BE53800632989A82F6F5A7F92E927159A37A4324B38D3DFFEF8
SHA-512:	8B8805D67FF993BD406EEB6682B1578537A3D6B7DC6711BE7152120689C77147D8C24351ACEBD2A06AE9B81D858EAED19C44E6792FE3C147EEAF3133C635589B
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-dataAids-6a839d53.js",["exports"],(function(E){"use strict";var R=(global.keyMirror\|\|guac.keymirror)({BACKGROUND_IMAGE_RENDERED:null,HAMBURGER_MENU_LINK:null,HEADER_WIDGET:null,HEADER_SECTION:null,HEADER_VIDEO:null,HEADER_VIDEO_EMBED_WRAPPER:null,HEADER_VIDEO_EMBED:null,HEADER_VIDEO_EMBED_INSET_POSTER:null,HEADER_VIDEO_EMBED_FILL_POSTER:null,HEADER_VIDEO_BACKGROUND:null,HEADER_SLIDESHOW:null,HEADER_SLIDE:null,HEADER_HERO_SLIDE:null,HEADER_PHONE_RENDERED:null,HEADER_PIPE_RENDERED:null,HEADER_ADDRESS_RENDERED:null,HEADER_LOGO_RENDERED:null,HEADER_LOGO_IMAGE_RENDERED:null,HEADER_LOGO_OVERHANG_CONTAINER:null,HEADER_LOGO_TEXT_RENDERED:null,HEADER_TAGLINE_RENDERED:null,HEADER_TAGLINE2_RENDERED:null,HEADER_NAV_RENDERED:null,HEADER_CTA_BTN:null,CART_ICON_RENDER:null,CART_ICON_COUNT:null,CART_ICON_PIPE:null,CART_TEXT:null,CART_DROPDOWN_RENDERED:null,SEARCH_FORM_RENDERED:null,SEARCH_ICON_RENDERED:null,SEARCH_ICON_RENDERED_OPEN:null,SEARCH_CLOSE_RENDERED:null,SEARCH_FI

Chrome Cache Entry: 199

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (829)
Category:	downloaded
Size (bytes):	876
Entropy (8bit):	5.561256771975726
Encrypted:	false
SSDEEP:	24:cEBLv5pqMIuHMnH7cmo17Jv0ySaUKdei9hJQE2HrIYpb:f75pqaowmWJcySaUKdTfcrIC
MD5:	9219CF782ED219BD3929A51E99503BC2
SHA1:	6AAC399854EC0405949566FAFDCA8C121F0CDA58
SHA-256:	89388608D7BCECED5AD74231681FFCE822AD580ACB9FD7E492970176E3E38347
SHA-512:	D421851026422D46E1561FA852084CE7B41E32C7451DCF85900838265D330F09389DA18F4D8A5FAF3E0A4076508BA7E93EA9C5F8B5B32ACF32205C9B6E65E709
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-4e26cd6b.js
Preview:	define("@widget/LAYOUT/c/bs-index-4e26cd6b.js",["exports"],(function(o){"use strict";const{widgetTypes:e,colorPackCategories:t,themeConstants:n,buttons:l}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,s=(global.keyMirror\|\|guac.keymirror)({NONE:null,SMALL_UNDERLINE:null,FULL_UNDERLINE:null,INLINE:null}),i=24,r=n.DEFAULT_OVERLAY_TEXT_SHADOW,a={about4:i,introduction5:i,content5:i,ordering1:i,payment2:i,zillow1:i,reviews1:i,rss1:i,subscribe3:i,mlsSearch1:i,contact10:i,countdown1:i,quote1:i},c={spotlight:{fill:l.fills.SOLID},external:{fill:l.fills.NONE,decoration:l.decorations.NONE,shadow:l.shadows.NONE}};o.A="365px",o.B="24px",o.C=c,o.D=25,o.I=28,o.M=40,o.O="0px 2px 10px rgba(0, 0, 0, 0.3)",o.S=40,o.W={about1:!0},o.a=r,o.b="18px",o.c=a,o.d="600px",o.e=t,o.s=s})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-index-4e26cd6b.js.map.

Chrome Cache Entry: 200

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	107922
Entropy (8bit):	5.16833322430428
Encrypted:	false
SSDEEP:	1536:rrgGXmRRShRLWvm1y+bvdVa/AfVcclozOshAZpXZgiLxdONPam1ZJs6Q8FBirniQ:rrLbba/UEHw
MD5:	6A7950CC31489069917BF817B62B2BFE
SHA1:	44AAB6E9B8FDBAA23EA297CE69E26422277907C0
SHA-256:	1B4DACB0DAFDA81D48EE0890EA113B3B8275BF2D16D5325F971F16EB75F7218A
SHA-512:	0329712BC9EC144910DEE414B70181C4FD4145B65C78E2628BEE547A5DBC8D48BACD3BAA350451437C740493875DDD47FEC66C2C9189AA823A7B95DE8E9FA9F4
Malicious:	false
Reputation:	low
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("scc-c2",[],e):"object"==typeof exports?exports["scc-c2"]=e():t["scc-c2"]=e()}(self,(()=>(()=>{"use strict";var t={d:(e,n)=>{for(var r in n)t.o(n,r)&&!t.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:n[r]})},o:(t,e)=>Object.prototype.hasOwnProperty.call(t,e),r:t=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})}},e={};t.r(e);var n={};t.r(n),t.d(n,{_isDebug:()=>d,debug:()=>O,error:()=>g,info:()=>h,log:()=>h,setDebug:()=>b,warn:()=>w});var r={};t.r(r),t.d(r,{cmdLogEvent:()=>Yo,cmdLogPerf:()=>ti});var o,i,a,c,u,f=(o="",a={document:i=Object.create({get cookie(){return o},set cookie(t){o=t}})},c={},"undefined"==typeof window?{window:a,document:i,navigator:c}:{window:window\|\|a,document:window.document\|\|i,navigator:navigator\|\|c}),s=function(){return f.

Chrome Cache Entry: 201

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (522)
Category:	dropped
Size (bytes):	586
Entropy (8bit):	5.2378887904744955
Encrypted:	false
SSDEEP:	12:H/QL7ANBSyTUXaPXAbDTc/NeL2QiTj+RVngQ2ofXgYhMYTHr+pWgL7AO:cANBLTUXaPXAPTc/tTj+HngQ2CQY/HrQ
MD5:	FADB3719FFA2A9E96CDC64FFEA0220FA
SHA1:	B9B00833E59E99ECE036B518D8429AF5EFEC1163
SHA-256:	E8A5463FF98210D3017DEEE55D5A287AD01AAA11DBE7DEB7D07F7D15D7F609F2
SHA-512:	C6E3581F7676B3204BC0FC8D4DCCF5A383FDE6F17A27D2F855EBEE3D205459BD9866A219808EAB1D4D4B37676D13B516AF546C7125C3FFA22CA74B995A180644
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=n,e.a=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_rollupPluginBabelHelpers-8ce54c82.js.map.

Chrome Cache Entry: 202

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	324
Entropy (8bit):	5.376083689062415
Encrypted:	false
SSDEEP:	6:FSPl39b4BSyRbjGJlI9kXJ3+V0q1EkmGHr9EJiKWaEt39J:cd39MBSyVz0XkTHr+pWTt39J
MD5:	ACD4F2B6117E5054FC9BF848AE8121CA
SHA1:	AE4D5F41D854BA8D99A4A1EC6EE6D6C3C0A859B8
SHA-256:	66774F89FCFA5674BE9AEF60E3FE3CB81E4DD88246BDE4E5392DF8B99FEFD4DB
SHA-512:	906FC9144D4AB81E8000CBE4A7AF7AFF775464347449193337E8738D705888C02B9476E083B3B67BDB3CBC312AAC4644C10737BC1FC5F9F08B38F5F45A2410F9
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-legacyOverrides-42582241.js
Preview:	define("@widget/LAYOUT/c/bs-legacyOverrides-42582241.js",["exports"],(function(e){"use strict";e.g=function(e,i,n){let o={};return"MENU"===i&&"h3"===e&&(o={color:"highlight"},"menu3"===n&&(o.fontSize="large")),o}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-legacyOverrides-42582241.js.map.

Chrome Cache Entry: 203

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8076)
Category:	downloaded
Size (bytes):	8146
Entropy (8bit):	5.193570786754158
Encrypted:	false
SSDEEP:	192:bXex8k/4ro1H29Lm90fwK4cal8k5AV+IZ7/UHpvx/nvvdlFwmlqkk1:bXex9QriHqLm90fwncal75AV+IZ78HF6
MD5:	D0BF5E9E6E778CE2D940F214EC04700C
SHA1:	2ECB604E1F2E8CA95A0413DB58C153B9AA710A29
SHA-256:	1B7F2E117669F2643EA895B6BEDB818796AF009F19A6FC1F8B8A1DC9C30B6D9B
SHA-512:	DC1A45C8946109AB2E61509A977287020136B03555CC2FAC0B769BB20ADC78268929AE857F695626E86D8AC6E805C3731D33374360406E86FC98F643A3523E5C
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-layout18-Theme-publish-Theme-5bf6e4ee.js
Preview:	define("@widget/LAYOUT/bs-layout18-Theme-publish-Theme-5bf6e4ee.js",["exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-index3","~/c/bs-legacyOverrides","~/c/bs-modernThinRound","~/c/bs-defaultSocialIconPack","~/c/bs-loaders","~/c/bs-index2","~/c/bs-index","~/c/bs-overlayTypes"],(function(e,t,r,o,a,l,n,i,s,d){"use strict";const{colorPackCategories:g,buttons:h}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,{LIGHT:m,LIGHT_ALT:c,LIGHT_COLORFUL:u,DARK:p,DARK_ALT:b,DARK_COLORFUL:y,COLORFUL:f}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants.paintJobs,S={[d.F]:"accent-overlay",[d.b]:"accent-overlay",[d.I]:"category-alt-solid",[d.B]:"accent-overlay",[d.L]:"accent-overlay"},H={defaultHeaderTreatment:d.F,hasLegacy:!0,heroContentItems:["tagline","tagline2","cta"],nonHeroContentItems:["phone"],imageTreatments:S};var C={id:"layout18",name:"dawn",packs:{color:"000",font:"lato"},logo:{font:"primary"},packCategories:{color:g.NEUTRAL},headerProperties:{alignmentOption:"center"},header

Chrome Cache Entry: 204

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32986), with no line terminators
Category:	downloaded
Size (bytes):	32986
Entropy (8bit):	5.236201358060013
Encrypted:	false
SSDEEP:	768:8QMz7Xi7utc79QusIPgexnKnPxPC7JWU/VHeLNsiQk/c4ur2McV2xdnGYeCjWQTN:si79wq0xPCFWsHuCleZ0j/TsmU6
MD5:	38836C37B83462D562F541B04DAB4E96
SHA1:	139DD68E78EE4A910E3CBC8BEF7B66633FB960D6
SHA-256:	C8116A8F750C7A543378490304EE37CBEF83BA5E4E3518B9E6156C9D3726F757
SHA-512:	051E7E62997340A130A1A4E1E7492E9ADAC50AB8F28EA8E36C10DB9D0DC77CDE1BEF82A551D412DA186C73199C4EB9618A9CFA266A580431E81D384A3C73BE99
Malicious:	false
Reputation:	low
URL:	https://gemmini-tllogiiess-wrx.godaddysites.com/sw.js
Preview:	(()=>{"use strict";var e={895:()=>{try{self["workbox:cacheable-response:6.4.1"]&&_()}catch(e){}},259:(e,t,s)=>{s.d(t,{B:()=>a}),s(913);class a{constructor(){this.promise=new Promise(((e,t)=>{this.resolve=e,this.reject=t}))}}},125:(e,t,s)=>{s.d(t,{V:()=>a}),s(913);class a extends Error{constructor(e,t){super(((e,...t)=>{let s=e;return t.length>0&&(s+=` :: ${JSON.stringify(t)}`),s})(e,t)),this.name=e,this.details=t}}},524:(e,t,s)=>{s.d(t,{h:()=>a}),s(125),s(913);const a=null},594:(e,t,s)=>{function a(e,t){const s=new URL(e);for(const e of t)s.searchParams.delete(e);return s.href}async function n(e,t,s,n){const r=a(t.url,s);if(t.url===r)return e.match(t,n);const i=Object.assign(Object.assign({},n),{ignoreSearch:!0}),c=await e.keys(t,i);for(const t of c)if(r===a(t.url,s))return e.match(t,n)}s.d(t,{F:()=>n}),s(913)},536:(e,t,s)=>{s.d(t,{x:()=>r}),s(913);const a={googleAnalytics:"googleAnalytics",precache:"precache-v2",prefix:"workbox",runtime:"runtime",suffix:"undefined"!=typeof registratio

Chrome Cache Entry: 205

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1824)
Category:	downloaded
Size (bytes):	1874
Entropy (8bit):	4.934407477113311
Encrypted:	false
SSDEEP:	48:fCEX2kA83zdkJi1lvietWdcy0cy7mdOrxGfrIK:aE33zdkJiDvietWdR0R7mdOFYX
MD5:	EDC15AD5DAAC3CFA744BFFDB1E0174BE
SHA1:	E314A5CA702D0E77B2C2C023ADDADE266EA223B2
SHA-256:	3B54AEACFDA01BE53800632989A82F6F5A7F92E927159A37A4324B38D3DFFEF8
SHA-512:	8B8805D67FF993BD406EEB6682B1578537A3D6B7DC6711BE7152120689C77147D8C24351ACEBD2A06AE9B81D858EAED19C44E6792FE3C147EEAF3133C635589B
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js
Preview:	define("@widget/LAYOUT/c/bs-dataAids-6a839d53.js",["exports"],(function(E){"use strict";var R=(global.keyMirror\|\|guac.keymirror)({BACKGROUND_IMAGE_RENDERED:null,HAMBURGER_MENU_LINK:null,HEADER_WIDGET:null,HEADER_SECTION:null,HEADER_VIDEO:null,HEADER_VIDEO_EMBED_WRAPPER:null,HEADER_VIDEO_EMBED:null,HEADER_VIDEO_EMBED_INSET_POSTER:null,HEADER_VIDEO_EMBED_FILL_POSTER:null,HEADER_VIDEO_BACKGROUND:null,HEADER_SLIDESHOW:null,HEADER_SLIDE:null,HEADER_HERO_SLIDE:null,HEADER_PHONE_RENDERED:null,HEADER_PIPE_RENDERED:null,HEADER_ADDRESS_RENDERED:null,HEADER_LOGO_RENDERED:null,HEADER_LOGO_IMAGE_RENDERED:null,HEADER_LOGO_OVERHANG_CONTAINER:null,HEADER_LOGO_TEXT_RENDERED:null,HEADER_TAGLINE_RENDERED:null,HEADER_TAGLINE2_RENDERED:null,HEADER_NAV_RENDERED:null,HEADER_CTA_BTN:null,CART_ICON_RENDER:null,CART_ICON_COUNT:null,CART_ICON_PIPE:null,CART_TEXT:null,CART_DROPDOWN_RENDERED:null,SEARCH_FORM_RENDERED:null,SEARCH_ICON_RENDERED:null,SEARCH_ICON_RENDERED_OPEN:null,SEARCH_CLOSE_RENDERED:null,SEARCH_FI

Chrome Cache Entry: 206

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	29194
Entropy (8bit):	7.983495444186003
Encrypted:	false
SSDEEP:	768:tw3YTiKAe4oT7teW+DkAhGS0tFYybXydtg3kP3u:lT54oT70xDvv0rYymvu
MD5:	4F5129506325710F8FD343C40641B550
SHA1:	68DC5DDCF5300C58C8B1E841A6D16190735BAA31
SHA-256:	62B2A53314077867C4AE8F3BF1658C32D91E1615979C6ED722508622B2C5631B
SHA-512:	F44C6E413C763768DF3120B6091CD05990D2833012CC6EAA22925EC0573C4945DA206B09D85FBBCE86A9D18054037A2FAB4183FA2F17CD6A38CAB26D9F570D25
Malicious:	false
Reputation:	low
URL:	"https://img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/gemini-login-signin.jpg/:/rs=w:1535,m"
Preview:	RIFF.r..WEBPVP8X..............VP8 :q...........>m4.I$"..!.y...in..k..^..~j..,.=......?.k._..`..>.^gz8..........s..........?.g..._...v...~...........^C=W...>..%.7./..._..z>...........................?r..~.......z........?........G.OT.H...../.G........................E......./..........C._..._......p...........Y..,8o.k..@t.X.;K..........8o.k..........8o.k...^:....,.[....c..C(...Q..C..V....J.CZ..X.k%'\@F..^..1......3q.j..C.x}.g....].8.5.o,.[.x...d.....-...Du.M,M...}.\|."923i...\xF..0........!J.\...E.W.^........7.`S...pv.......$.....cnsB.o.3B.O..}!i.~.:...84...'w........W...\|..8.).......2.....L[...I.BK,.6h..!#.b,....#4.%...1L`..&..s...~..L8w'...R-..h.V.N.}P......w.^..7...x.W+Qz2.:;\.5.B...w.UJ..m7....X8w..)..a....].c...HR.Z.[K.u.@N..zg\|y.......w..W......[.\|+vI.1Co.$.!%.F..>....x. .UX....!-...*B..!HZJ(Y.{..!"...BY..J....H.}.>....Tq...kn...E.,"......:.P..d.m..;.gk......W.C...".M.>..l.....g@....-..l...3....BGk.!.V....2.^VG.B.UX....!

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 29, 2024 03:32:54.300807953 CEST	49675	443	192.168.2.4	173.222.162.32
Sep 29, 2024 03:33:03.908664942 CEST	49675	443	192.168.2.4	173.222.162.32
Sep 29, 2024 03:33:04.929866076 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:04.929915905 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:04.930000067 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:04.930071115 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:04.930109978 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:04.930155039 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:04.930474997 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:04.930490971 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:04.930629015 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:04.930644035 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.400491953 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.400856018 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.400870085 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.401875019 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.401956081 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.403275967 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.403336048 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.403389931 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.417180061 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.417519093 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.417548895 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.418581963 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.418643951 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.418993950 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.419056892 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.447396040 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.474309921 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.474337101 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.520649910 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.521013021 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.521070004 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.521121979 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.521147966 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.521181107 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.521198034 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.521198034 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.571132898 CEST	49744	443	192.168.2.4	3.64.248.63
Sep 29, 2024 03:33:05.571201086 CEST	443	49744	3.64.248.63	192.168.2.4
Sep 29, 2024 03:33:05.571257114 CEST	49744	443	192.168.2.4	3.64.248.63
Sep 29, 2024 03:33:05.571422100 CEST	49744	443	192.168.2.4	3.64.248.63
Sep 29, 2024 03:33:05.571439028 CEST	443	49744	3.64.248.63	192.168.2.4
Sep 29, 2024 03:33:05.603277922 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.603303909 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.603355885 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.603374958 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.603400946 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.603400946 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.603425980 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.603446007 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.603899956 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.603945017 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.603988886 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.603997946 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.604068041 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.604108095 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:05.604178905 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.604424000 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:05.604435921 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:06.310926914 CEST	443	49744	3.64.248.63	192.168.2.4
Sep 29, 2024 03:33:06.311310053 CEST	49744	443	192.168.2.4	3.64.248.63
Sep 29, 2024 03:33:06.311361074 CEST	443	49744	3.64.248.63	192.168.2.4
Sep 29, 2024 03:33:06.312751055 CEST	443	49744	3.64.248.63	192.168.2.4
Sep 29, 2024 03:33:06.312829971 CEST	49744	443	192.168.2.4	3.64.248.63
Sep 29, 2024 03:33:06.314076900 CEST	49744	443	192.168.2.4	3.64.248.63
Sep 29, 2024 03:33:06.314188004 CEST	443	49744	3.64.248.63	192.168.2.4
Sep 29, 2024 03:33:06.362451077 CEST	49744	443	192.168.2.4	3.64.248.63
Sep 29, 2024 03:33:06.362497091 CEST	443	49744	3.64.248.63	192.168.2.4
Sep 29, 2024 03:33:06.408822060 CEST	49744	443	192.168.2.4	3.64.248.63
Sep 29, 2024 03:33:07.472011089 CEST	49751	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:33:07.472064018 CEST	443	49751	142.250.184.196	192.168.2.4
Sep 29, 2024 03:33:07.472132921 CEST	49751	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:33:07.473865032 CEST	49751	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:33:07.473875999 CEST	443	49751	142.250.184.196	192.168.2.4
Sep 29, 2024 03:33:08.123541117 CEST	443	49751	142.250.184.196	192.168.2.4
Sep 29, 2024 03:33:08.126976013 CEST	49751	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:33:08.127003908 CEST	443	49751	142.250.184.196	192.168.2.4
Sep 29, 2024 03:33:08.128050089 CEST	443	49751	142.250.184.196	192.168.2.4
Sep 29, 2024 03:33:08.128106117 CEST	49751	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:33:08.184374094 CEST	49761	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:08.184410095 CEST	443	49761	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:08.184541941 CEST	49761	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:08.187313080 CEST	49761	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:08.187330008 CEST	443	49761	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:08.374006987 CEST	49751	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:33:08.374188900 CEST	443	49751	142.250.184.196	192.168.2.4
Sep 29, 2024 03:33:08.426327944 CEST	49751	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:33:08.426363945 CEST	443	49751	142.250.184.196	192.168.2.4
Sep 29, 2024 03:33:08.471149921 CEST	49751	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:33:08.831614971 CEST	443	49761	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:08.831681013 CEST	49761	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:08.867594004 CEST	49761	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:08.867604971 CEST	443	49761	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:08.867882013 CEST	443	49761	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:08.911720991 CEST	49761	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:09.172593117 CEST	49761	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:09.219404936 CEST	443	49761	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:09.357549906 CEST	443	49761	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:09.357613087 CEST	443	49761	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:09.358594894 CEST	49761	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:09.761476040 CEST	49761	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:09.761497974 CEST	443	49761	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:09.761540890 CEST	49761	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:09.761547089 CEST	443	49761	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:09.841608047 CEST	49768	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:09.841655016 CEST	443	49768	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:09.841741085 CEST	49768	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:09.842845917 CEST	49768	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:09.842869043 CEST	443	49768	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:10.476088047 CEST	443	49768	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:10.476190090 CEST	49768	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:10.477963924 CEST	49768	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:10.477974892 CEST	443	49768	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:10.478235006 CEST	443	49768	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:10.480653048 CEST	49768	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:10.523396015 CEST	443	49768	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:10.751943111 CEST	443	49768	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:10.752026081 CEST	443	49768	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:10.752108097 CEST	49768	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:10.755717993 CEST	49768	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:10.755738020 CEST	443	49768	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:10.755749941 CEST	49768	443	192.168.2.4	184.28.90.27
Sep 29, 2024 03:33:10.755755901 CEST	443	49768	184.28.90.27	192.168.2.4
Sep 29, 2024 03:33:13.184180021 CEST	49797	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.184223890 CEST	443	49797	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.184277058 CEST	49797	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.185178041 CEST	49797	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.185188055 CEST	443	49797	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.185246944 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.231405020 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.300357103 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.300380945 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.300389051 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.300416946 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.300427914 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.300436020 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.300452948 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.300489902 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.300506115 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.300533056 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.387515068 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.387526989 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.387557983 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.387598991 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.387624025 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.387665987 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.387681007 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.387682915 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.387727976 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.389545918 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.389563084 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.468803883 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.468863010 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.468936920 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.470191002 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.470204115 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.678280115 CEST	443	49797	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.678621054 CEST	49797	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.678636074 CEST	443	49797	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.679630995 CEST	443	49797	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.679775953 CEST	49797	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.680267096 CEST	49797	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.680330038 CEST	443	49797	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.680497885 CEST	49797	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.680516005 CEST	443	49797	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.722058058 CEST	49797	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.801032066 CEST	443	49797	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.801117897 CEST	443	49797	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.801548004 CEST	49797	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.812812090 CEST	49797	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.812834024 CEST	443	49797	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.963403940 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.971174002 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.971188068 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.971565962 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.972345114 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:13.972409010 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:13.972695112 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:14.015404940 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:14.090723991 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:14.090747118 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:14.090764046 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:14.090825081 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:14.090842009 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:14.090853930 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:14.090892076 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:14.177894115 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:14.177916050 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:14.177987099 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:14.177999020 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:14.178039074 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:14.178585052 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:14.178636074 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:14.178641081 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:14.178663969 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:14.178700924 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:14.365979910 CEST	49807	443	192.168.2.4	13.248.243.5
Sep 29, 2024 03:33:14.366013050 CEST	443	49807	13.248.243.5	192.168.2.4
Sep 29, 2024 03:33:18.087218046 CEST	443	49751	142.250.184.196	192.168.2.4
Sep 29, 2024 03:33:18.087412119 CEST	443	49751	142.250.184.196	192.168.2.4
Sep 29, 2024 03:33:18.087474108 CEST	49751	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:33:18.799005032 CEST	49751	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:33:18.799041033 CEST	443	49751	142.250.184.196	192.168.2.4
Sep 29, 2024 03:33:22.392220020 CEST	49723	80	192.168.2.4	199.232.210.172
Sep 29, 2024 03:33:22.397370100 CEST	80	49723	199.232.210.172	192.168.2.4
Sep 29, 2024 03:33:22.397540092 CEST	49723	80	192.168.2.4	199.232.210.172
Sep 29, 2024 03:33:32.857099056 CEST	59866	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:32.862010002 CEST	53	59866	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:32.862169027 CEST	59866	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:32.862344980 CEST	59866	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:32.867105961 CEST	53	59866	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:33.306355000 CEST	53	59866	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:33.307277918 CEST	59866	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:33.312459946 CEST	53	59866	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:33.312534094 CEST	59866	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:51.366945982 CEST	49744	443	192.168.2.4	3.64.248.63
Sep 29, 2024 03:33:51.366978884 CEST	443	49744	3.64.248.63	192.168.2.4
Sep 29, 2024 03:34:06.112646103 CEST	443	49744	3.64.248.63	192.168.2.4
Sep 29, 2024 03:34:06.112726927 CEST	443	49744	3.64.248.63	192.168.2.4
Sep 29, 2024 03:34:06.112780094 CEST	49744	443	192.168.2.4	3.64.248.63
Sep 29, 2024 03:34:07.347829103 CEST	49744	443	192.168.2.4	3.64.248.63
Sep 29, 2024 03:34:07.347867012 CEST	443	49744	3.64.248.63	192.168.2.4
Sep 29, 2024 03:34:07.348284006 CEST	59870	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:34:07.348336935 CEST	443	59870	142.250.184.196	192.168.2.4
Sep 29, 2024 03:34:07.348516941 CEST	59870	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:34:07.348701954 CEST	59870	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:34:07.348720074 CEST	443	59870	142.250.184.196	192.168.2.4
Sep 29, 2024 03:34:08.020201921 CEST	443	59870	142.250.184.196	192.168.2.4
Sep 29, 2024 03:34:08.020543098 CEST	59870	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:34:08.020606041 CEST	443	59870	142.250.184.196	192.168.2.4
Sep 29, 2024 03:34:08.020987988 CEST	443	59870	142.250.184.196	192.168.2.4
Sep 29, 2024 03:34:08.021423101 CEST	59870	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:34:08.021502972 CEST	443	59870	142.250.184.196	192.168.2.4
Sep 29, 2024 03:34:08.065047026 CEST	59870	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:34:17.909087896 CEST	443	59870	142.250.184.196	192.168.2.4
Sep 29, 2024 03:34:17.909158945 CEST	443	59870	142.250.184.196	192.168.2.4
Sep 29, 2024 03:34:17.909367085 CEST	59870	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:34:19.714374065 CEST	59870	443	192.168.2.4	142.250.184.196
Sep 29, 2024 03:34:19.714401007 CEST	443	59870	142.250.184.196	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 29, 2024 03:33:03.557090044 CEST	53	58659	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:03.584470034 CEST	53	62127	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:04.640100956 CEST	53	59107	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:04.917072058 CEST	57363	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:04.917391062 CEST	49394	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:04.925159931 CEST	53	57363	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:04.925287008 CEST	53	49394	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:05.537720919 CEST	53	62124	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:05.542021990 CEST	55698	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:05.542148113 CEST	60235	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:05.548815966 CEST	63819	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:05.548952103 CEST	64833	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:05.558036089 CEST	53	64833	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:05.570439100 CEST	53	63819	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:07.394352913 CEST	64948	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:07.394826889 CEST	58743	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:07.400955915 CEST	53	64948	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:07.401531935 CEST	53	58743	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:07.804649115 CEST	59683	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:07.805111885 CEST	64552	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:13.182571888 CEST	58818	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:13.183073997 CEST	54165	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:13.367714882 CEST	62397	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:13.368144989 CEST	61293	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:14.541773081 CEST	59936	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:14.541937113 CEST	49289	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:17.755717993 CEST	49309	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:17.756042004 CEST	52966	53	192.168.2.4	1.1.1.1
Sep 29, 2024 03:33:21.730545998 CEST	53	58203	1.1.1.1	192.168.2.4
Sep 29, 2024 03:33:23.075356960 CEST	138	138	192.168.2.4	192.168.2.255
Sep 29, 2024 03:33:32.856554985 CEST	53	64810	1.1.1.1	192.168.2.4
Sep 29, 2024 03:34:02.986409903 CEST	53	51944	1.1.1.1	192.168.2.4

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Sep 29, 2024 03:33:04.917072058 CEST	192.168.2.4	1.1.1.1	0x666b	Standard query (0)	gemmini-tllogiiess-wrx.godaddysites.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:04.917391062 CEST	192.168.2.4	1.1.1.1	0xb217	Standard query (0)	gemmini-tllogiiess-wrx.godaddysites.com	65	IN (0x0001)	false
Sep 29, 2024 03:33:05.542021990 CEST	192.168.2.4	1.1.1.1	0x37e1	Standard query (0)	img1.wsimg.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:05.542148113 CEST	192.168.2.4	1.1.1.1	0xe22a	Standard query (0)	img1.wsimg.com	65	IN (0x0001)	false
Sep 29, 2024 03:33:05.548815966 CEST	192.168.2.4	1.1.1.1	0xa42a	Standard query (0)	isteam.wsimg.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:05.548952103 CEST	192.168.2.4	1.1.1.1	0x330f	Standard query (0)	isteam.wsimg.com	65	IN (0x0001)	false
Sep 29, 2024 03:33:07.394352913 CEST	192.168.2.4	1.1.1.1	0xe26	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:07.394826889 CEST	192.168.2.4	1.1.1.1	0x6c03	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 29, 2024 03:33:07.804649115 CEST	192.168.2.4	1.1.1.1	0x57df	Standard query (0)	img1.wsimg.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:07.805111885 CEST	192.168.2.4	1.1.1.1	0xa84f	Standard query (0)	img1.wsimg.com	65	IN (0x0001)	false
Sep 29, 2024 03:33:13.182571888 CEST	192.168.2.4	1.1.1.1	0x5b62	Standard query (0)	events.api.secureserver.net	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:13.183073997 CEST	192.168.2.4	1.1.1.1	0x9666	Standard query (0)	events.api.secureserver.net	65	IN (0x0001)	false
Sep 29, 2024 03:33:13.367714882 CEST	192.168.2.4	1.1.1.1	0xa3d1	Standard query (0)	csp.secureserver.net	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:13.368144989 CEST	192.168.2.4	1.1.1.1	0x1bc5	Standard query (0)	csp.secureserver.net	65	IN (0x0001)	false
Sep 29, 2024 03:33:14.541773081 CEST	192.168.2.4	1.1.1.1	0xea3a	Standard query (0)	events.api.secureserver.net	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:14.541937113 CEST	192.168.2.4	1.1.1.1	0x44d7	Standard query (0)	events.api.secureserver.net	65	IN (0x0001)	false
Sep 29, 2024 03:33:17.755717993 CEST	192.168.2.4	1.1.1.1	0xd153	Standard query (0)	www.godaddy.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:17.756042004 CEST	192.168.2.4	1.1.1.1	0x9e62	Standard query (0)	www.godaddy.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Sep 29, 2024 03:33:04.925159931 CEST	1.1.1.1	192.168.2.4	0x666b	No error (0)	gemmini-tllogiiess-wrx.godaddysites.com		13.248.243.5	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:04.925159931 CEST	1.1.1.1	192.168.2.4	0x666b	No error (0)	gemmini-tllogiiess-wrx.godaddysites.com		76.223.105.230	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:05.550405979 CEST	1.1.1.1	192.168.2.4	0x37e1	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:05.557946920 CEST	1.1.1.1	192.168.2.4	0xe22a	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:05.570439100 CEST	1.1.1.1	192.168.2.4	0xa42a	No error (0)	isteam.wsimg.com		3.64.248.63	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:05.570439100 CEST	1.1.1.1	192.168.2.4	0xa42a	No error (0)	isteam.wsimg.com		3.121.64.201	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:07.400955915 CEST	1.1.1.1	192.168.2.4	0xe26	No error (0)	www.google.com		142.250.184.196	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:07.401531935 CEST	1.1.1.1	192.168.2.4	0x6c03	No error (0)	www.google.com			65	IN (0x0001)	false
Sep 29, 2024 03:33:07.811881065 CEST	1.1.1.1	192.168.2.4	0xa84f	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:07.826062918 CEST	1.1.1.1	192.168.2.4	0x57df	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:13.190007925 CEST	1.1.1.1	192.168.2.4	0x9666	No error (0)	events.api.secureserver.net	wildcard-sni-only.api.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:13.190577030 CEST	1.1.1.1	192.168.2.4	0x5b62	No error (0)	events.api.secureserver.net	wildcard-sni-only.api.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:13.375040054 CEST	1.1.1.1	192.168.2.4	0xa3d1	No error (0)	csp.secureserver.net	csp.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:13.376593113 CEST	1.1.1.1	192.168.2.4	0x1bc5	No error (0)	csp.secureserver.net	csp.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:14.549123049 CEST	1.1.1.1	192.168.2.4	0x44d7	No error (0)	events.api.secureserver.net	wildcard-sni-only.api.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:14.550039053 CEST	1.1.1.1	192.168.2.4	0xea3a	No error (0)	events.api.secureserver.net	wildcard-sni-only.api.secureserver.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:17.764044046 CEST	1.1.1.1	192.168.2.4	0xd153	No error (0)	www.godaddy.com	wildcard-ipv6.godaddy.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:17.777463913 CEST	1.1.1.1	192.168.2.4	0x9e62	No error (0)	www.godaddy.com	wildcard-ipv6.godaddy.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:19.668483019 CEST	1.1.1.1	192.168.2.4	0xd484	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:19.668483019 CEST	1.1.1.1	192.168.2.4	0xd484	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 29, 2024 03:33:32.794059038 CEST	1.1.1.1	192.168.2.4	0x8a	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 03:33:32.794059038 CEST	1.1.1.1	192.168.2.4	0x8a	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

gemmini-tllogiiess-wrx.godaddysites.com

fs.microsoft.com

https:

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49736	13.248.243.5	443	5284	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 01:33:05 UTC	682	OUT	GET / HTTP/1.1 Host: gemmini-tllogiiess-wrx.godaddysites.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-29 01:33:05 UTC	1224	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.10.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 5ee5efc7e95f22fe2c55b1513f0982e8 Date: Sun, 29 Sep 2024 01:33:05 GMT Connection: close Transfer-Encoding: chunked
2024-09-29 01:33:05 UTC	15160	IN	Data Raw: 39 36 31 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 32 39 38 61 35 64 37 61 2d 36 66 34 31 2d 34 36 63 38 2d 38 38 63 37 2d 31 39 36 66 64 35 33 38 31 38 35 62 2f 66 61 76 69 63 6f 6e 2f 66 61 63 64 65 37 33 66 2d 33 30 61 38 2d 34 62 64 66 2d 39 36 39 61 2d 31 31 65 38 62 35 33 36 30 62 35 64 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f Data Ascii: 961a<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/favicon/facde73f-30a8-4bdf-969a-11e8b5360b5d.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com/
2024-09-29 01:33:05 UTC	16384	IN	Data Raw: 63 31 2d 34 76 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 28 32 31 30 2c 20 34 37 2c 20 33 37 29 7d 2e 78 20 2e 63 31 2d 34 77 7b 6f 76 65 72 66 6c 6f 77 2d 79 3a 61 75 74 6f 7d 2e 78 20 2e 63 31 2d 34 78 7b 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 31 73 20 65 61 73 65 2d 69 6e 7d 2e 78 20 2e 63 31 2d 34 79 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 32 70 78 20 36 70 78 20 30 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 33 29 7d 2e 78 20 2e 63 31 2d 34 7a 7b 63 6f 6e 74 61 69 6e 3a 63 6f 6e 74 65 6e 74 7d 2e 78 20 2e 63 31 2d 35 30 7b 62 6f 74 74 6f 6d 3a 2d 35 30 30 70 78 7d 2e 78 20 2e 63 31 2d 35 38 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 38 70 78 7d 2e 78 20 2e 63 31 2d 35 39 7b 63 6f 6c 6f 72 3a 72 67 62 28 32 35 35 Data Ascii: c1-4v{background-color:rgb(210, 47, 37)}.x .c1-4w{overflow-y:auto}.x .c1-4x{transition:all 1s ease-in}.x .c1-4y{box-shadow:0 2px 6px 0px rgba(0,0,0,0.3)}.x .c1-4z{contain:content}.x .c1-50{bottom:-500px}.x .c1-58{padding-bottom:8px}.x .c1-59{color:rgb(255
2024-09-29 01:33:05 UTC	6895	IN	Data Raw: 69 76 20 64 61 74 61 2d 75 78 3d 22 47 72 69 64 43 65 6c 6c 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 32 68 20 63 31 2d 33 75 20 63 31 2d 32 72 20 63 31 2d 33 76 20 63 31 2d 31 71 20 63 31 2d 32 74 20 63 31 2d 33 77 20 63 31 2d 32 76 20 63 31 2d 33 78 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 33 79 20 63 31 2d 33 7a 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 46 6f 6f 74 65 72 44 65 74 61 69 6c 73 22 20 64 61 74 61 2d 61 69 64 3d 22 46 4f 4f 54 45 52 5f 43 4f 50 59 52 49 47 48 54 5f 52 45 4e 44 45 52 45 44 22 20 64 61 74 61 2d 74 79 70 6f 67 72 61 70 68 79 3d 22 44 65 74 61 69 6c 73 41 6c 70 68 61 22 20 63 6c 61 73 73 3d 22 78 Data Ascii: iv data-ux="GridCell" class="x-el x-el-div c1-1 c1-2 c1-2h c1-3u c1-2r c1-3v c1-1q c1-2t c1-3w c1-2v c1-3x c1-b c1-c c1-d c1-3y c1-3z c1-e c1-f c1-g"><div data-ux="FooterDetails" data-aid="FOOTER_COPYRIGHT_RENDERED" data-typography="DetailsAlpha" class="x

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49761	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-29 01:33:09 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-29 01:33:09 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF67) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=141113 Date: Sun, 29 Sep 2024 01:33:09 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49768	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-29 01:33:10 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-29 01:33:10 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=141142 Date: Sun, 29 Sep 2024 01:33:10 GMT Content-Length: 55 Connection: close X-CID: 2
2024-09-29 01:33:10 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49735	13.248.243.5	443	5284	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 01:33:13 UTC	684	OUT	GET /sw.js HTTP/1.1 Host: gemmini-tllogiiess-wrx.godaddysites.com Connection: keep-alive Cache-Control: max-age=0 Accept: / Service-Worker: script Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: serviceworker Referer: https://gemmini-tllogiiess-wrx.godaddysites.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=52198e3f-df06-49db-b510-afd341095f7b; _tccl_visit=52198e3f-df06-49db-b510-afd341095f7b; _scc_session=pc=1&C_TOUCH=2024-09-29T01:33:08.989Z
2024-09-29 01:33:13 UTC	663	IN	HTTP/1.1 200 OK Link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: application/javascript Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 38836c37b83462d562f541b04dab4e96 Date: Sun, 29 Sep 2024 01:33:13 GMT Connection: close Transfer-Encoding: chunked
2024-09-29 01:33:13 UTC	15721	IN	Data Raw: 38 30 64 61 0d 0a 28 28 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 3d 7b 38 39 35 3a 28 29 3d 3e 7b 74 72 79 7b 73 65 6c 66 5b 22 77 6f 72 6b 62 6f 78 3a 63 61 63 68 65 61 62 6c 65 2d 72 65 73 70 6f 6e 73 65 3a 36 2e 34 2e 31 22 5d 26 26 5f 28 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 2c 32 35 39 3a 28 65 2c 74 2c 73 29 3d 3e 7b 73 2e 64 28 74 2c 7b 42 3a 28 29 3d 3e 61 7d 29 2c 73 28 39 31 33 29 3b 63 6c 61 73 73 20 61 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 7b 74 68 69 73 2e 70 72 6f 6d 69 73 65 3d 6e 65 77 20 50 72 6f 6d 69 73 65 28 28 28 65 2c 74 29 3d 3e 7b 74 68 69 73 2e 72 65 73 6f 6c 76 65 3d 65 2c 74 68 69 73 2e 72 65 6a 65 63 74 3d 74 7d 29 29 7d 7d 7d 2c 31 32 35 3a 28 65 2c 74 2c 73 29 3d 3e 7b 73 2e 64 28 74 2c 7b 56 3a Data Ascii: 80da(()=>{"use strict";var e={895:()=>{try{self["workbox:cacheable-response:6.4.1"]&&_()}catch(e){}},259:(e,t,s)=>{s.d(t,{B:()=>a}),s(913);class a{constructor(){this.promise=new Promise(((e,t)=>{this.resolve=e,this.reject=t}))}}},125:(e,t,s)=>{s.d(t,{V:
2024-09-29 01:33:13 UTC	16384	IN	Data Raw: 65 2c 74 29 7c 7c 52 2e 68 61 73 28 65 2c 74 29 7d 2c 73 28 35 35 30 29 3b 63 6f 6e 73 74 20 76 3d 22 63 61 63 68 65 2d 65 6e 74 72 69 65 73 22 2c 62 3d 65 3d 3e 7b 63 6f 6e 73 74 20 74 3d 6e 65 77 20 55 52 4c 28 65 2c 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 29 3b 72 65 74 75 72 6e 20 74 2e 68 61 73 68 3d 22 22 2c 74 2e 68 72 65 66 7d 3b 63 6c 61 73 73 20 78 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 65 29 7b 74 68 69 73 2e 5f 64 62 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 63 61 63 68 65 4e 61 6d 65 3d 65 7d 5f 75 70 67 72 61 64 65 44 62 28 65 29 7b 63 6f 6e 73 74 20 74 3d 65 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 53 74 6f 72 65 28 76 2c 7b 6b 65 79 50 61 74 68 3a 22 69 64 22 7d 29 3b 74 2e 63 72 65 61 74 65 49 6e 64 65 78 28 22 63 61 63 68 65 4e 61 6d 65 22 2c 22 Data Ascii: e,t)\|\|R.has(e,t)},s(550);const v="cache-entries",b=e=>{const t=new URL(e,location.href);return t.hash="",t.href};class x{constructor(e){this._db=null,this._cacheName=e}_upgradeDb(e){const t=e.createObjectStore(v,{keyPath:"id"});t.createIndex("cacheName","
2024-09-29 01:33:13 UTC	894	IN	Data Raw: 30 30 5d 7d 29 5d 7d 29 29 2c 28 30 2c 65 2e 72 65 67 69 73 74 65 72 52 6f 75 74 65 29 28 28 28 7b 72 65 71 75 65 73 74 3a 65 7d 29 3d 3e 22 73 74 79 6c 65 22 3d 3d 3d 65 2e 64 65 73 74 69 6e 61 74 69 6f 6e 7c 7c 22 73 63 72 69 70 74 22 3d 3d 3d 65 2e 64 65 73 74 69 6e 61 74 69 6f 6e 29 2c 6e 65 77 20 74 2e 53 74 61 6c 65 57 68 69 6c 65 52 65 76 61 6c 69 64 61 74 65 28 7b 63 61 63 68 65 4e 61 6d 65 3a 22 73 74 61 74 69 63 2d 72 65 73 6f 75 72 63 65 73 22 2c 70 6c 75 67 69 6e 73 3a 5b 6e 65 77 20 61 2e 43 61 63 68 65 61 62 6c 65 52 65 73 70 6f 6e 73 65 50 6c 75 67 69 6e 28 7b 73 74 61 74 75 73 65 73 3a 5b 32 30 30 5d 7d 29 5d 7d 29 29 2c 28 30 2c 65 2e 72 65 67 69 73 74 65 72 52 6f 75 74 65 29 28 28 28 7b 75 72 6c 3a 65 7d 29 3d 3e 22 68 74 74 70 73 3a 2f Data Ascii: 00]})]})),(0,e.registerRoute)((({request:e})=>"style"===e.destination\|\|"script"===e.destination),new t.StaleWhileRevalidate({cacheName:"static-resources",plugins:[new a.CacheableResponsePlugin({statuses:[200]})]})),(0,e.registerRoute)((({url:e})=>"https:/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49797	13.248.243.5	443	5284	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 01:33:13 UTC	582	OUT	GET /manifest.webmanifest HTTP/1.1 Host: gemmini-tllogiiess-wrx.godaddysites.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: manifest Referer: https://gemmini-tllogiiess-wrx.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-29 01:33:13 UTC	666	IN	HTTP/1.1 200 OK Link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: application/manifest+json Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: aa98277f37d8c26e40367e6e86674151 Date: Sun, 29 Sep 2024 01:33:13 GMT Connection: close Transfer-Encoding: chunked
2024-09-29 01:33:13 UTC	555	IN	Data Raw: 32 31 66 0d 0a 7b 22 73 63 6f 70 65 22 3a 22 2f 22 2c 22 73 74 61 72 74 5f 75 72 6c 22 3a 22 2f 22 2c 22 64 69 73 70 6c 61 79 22 3a 22 73 74 61 6e 64 61 6c 6f 6e 65 22 2c 22 69 63 6f 6e 73 22 3a 5b 7b 22 73 69 7a 65 73 22 3a 22 31 39 32 78 31 39 32 22 2c 22 74 79 70 65 22 3a 22 69 6d 61 67 65 2f 70 6e 67 22 2c 22 73 72 63 22 3a 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 32 39 38 61 35 64 37 61 2d 36 66 34 31 2d 34 36 63 38 2d 38 38 63 37 2d 31 39 36 66 64 35 33 38 31 38 35 62 2f 66 61 76 69 63 6f 6e 2f 66 61 63 64 65 37 33 66 2d 33 30 61 38 2d 34 62 64 66 2d 39 36 39 61 2d 31 31 65 38 62 35 33 36 30 62 35 64 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 39 32 2c 68 3a 31 39 32 2c 6d 22 7d 2c 7b 22 73 69 7a 65 73 22 3a 22 Data Ascii: 21f{"scope":"/","start_url":"/","display":"standalone","icons":[{"sizes":"192x192","type":"image/png","src":"//img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/favicon/facde73f-30a8-4bdf-969a-11e8b5360b5d.png/:/rs=w:192,h:192,m"},{"sizes":"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49807	13.248.243.5	443	5284	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 01:33:13 UTC	662	OUT	GET / HTTP/1.1 Host: gemmini-tllogiiess-wrx.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://gemmini-tllogiiess-wrx.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=52198e3f-df06-49db-b510-afd341095f7b; _tccl_visit=52198e3f-df06-49db-b510-afd341095f7b; _scc_session=pc=1&C_TOUCH=2024-09-29T01:33:08.989Z
2024-09-29 01:33:14 UTC	1224	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.10.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR84z9ShvucWzsMKyhdTOI.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lusitana/v13/CSR74z9ShvucWzsMKyDmafctaNY.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 5ee5efc7e95f22fe2c55b1513f0982e8 Date: Sun, 29 Sep 2024 01:33:14 GMT Connection: close Transfer-Encoding: chunked
2024-09-29 01:33:14 UTC	15160	IN	Data Raw: 39 36 31 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 32 39 38 61 35 64 37 61 2d 36 66 34 31 2d 34 36 63 38 2d 38 38 63 37 2d 31 39 36 66 64 35 33 38 31 38 35 62 2f 66 61 76 69 63 6f 6e 2f 66 61 63 64 65 37 33 66 2d 33 30 61 38 2d 34 62 64 66 2d 39 36 39 61 2d 31 31 65 38 62 35 33 36 30 62 35 64 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f Data Ascii: 961a<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/298a5d7a-6f41-46c8-88c7-196fd538185b/favicon/facde73f-30a8-4bdf-969a-11e8b5360b5d.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com/
2024-09-29 01:33:14 UTC	16384	IN	Data Raw: 63 31 2d 34 76 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 28 32 31 30 2c 20 34 37 2c 20 33 37 29 7d 2e 78 20 2e 63 31 2d 34 77 7b 6f 76 65 72 66 6c 6f 77 2d 79 3a 61 75 74 6f 7d 2e 78 20 2e 63 31 2d 34 78 7b 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 31 73 20 65 61 73 65 2d 69 6e 7d 2e 78 20 2e 63 31 2d 34 79 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 32 70 78 20 36 70 78 20 30 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 33 29 7d 2e 78 20 2e 63 31 2d 34 7a 7b 63 6f 6e 74 61 69 6e 3a 63 6f 6e 74 65 6e 74 7d 2e 78 20 2e 63 31 2d 35 30 7b 62 6f 74 74 6f 6d 3a 2d 35 30 30 70 78 7d 2e 78 20 2e 63 31 2d 35 38 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 38 70 78 7d 2e 78 20 2e 63 31 2d 35 39 7b 63 6f 6c 6f 72 3a 72 67 62 28 32 35 35 Data Ascii: c1-4v{background-color:rgb(210, 47, 37)}.x .c1-4w{overflow-y:auto}.x .c1-4x{transition:all 1s ease-in}.x .c1-4y{box-shadow:0 2px 6px 0px rgba(0,0,0,0.3)}.x .c1-4z{contain:content}.x .c1-50{bottom:-500px}.x .c1-58{padding-bottom:8px}.x .c1-59{color:rgb(255
2024-09-29 01:33:14 UTC	6895	IN	Data Raw: 69 76 20 64 61 74 61 2d 75 78 3d 22 47 72 69 64 43 65 6c 6c 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 32 68 20 63 31 2d 33 75 20 63 31 2d 32 72 20 63 31 2d 33 76 20 63 31 2d 31 71 20 63 31 2d 32 74 20 63 31 2d 33 77 20 63 31 2d 32 76 20 63 31 2d 33 78 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 33 79 20 63 31 2d 33 7a 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 46 6f 6f 74 65 72 44 65 74 61 69 6c 73 22 20 64 61 74 61 2d 61 69 64 3d 22 46 4f 4f 54 45 52 5f 43 4f 50 59 52 49 47 48 54 5f 52 45 4e 44 45 52 45 44 22 20 64 61 74 61 2d 74 79 70 6f 67 72 61 70 68 79 3d 22 44 65 74 61 69 6c 73 41 6c 70 68 61 22 20 63 6c 61 73 73 3d 22 78 Data Ascii: iv data-ux="GridCell" class="x-el x-el-div c1-1 c1-2 c1-2h c1-3u c1-2r c1-3v c1-1q c1-2t c1-3w c1-2v c1-3x c1-b c1-c c1-d c1-3y c1-3z c1-e c1-f c1-g"><div data-ux="FooterDetails" data-aid="FOOTER_COPYRIGHT_RENDERED" data-typography="DetailsAlpha" class="x

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 3244, Parent PID: 3568

General

Target ID:	0
Start time:	21:32:58
Start date:	28/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 5284, Parent PID: 3244

General

Target ID:	2
Start time:	21:33:00
Start date:	28/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1712 --field-trial-handle=2020,i,14739926256914341888,4208355801869281692,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6392, Parent PID: 3568

General

Target ID:	3
Start time:	21:33:03
Start date:	28/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gemmini-tllogiiess-wrx.godaddysites.com/"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://gemmini-tllogiiess-wrx.godaddysites.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 142

Chrome Cache Entry: 143

Chrome Cache Entry: 144

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 149

Chrome Cache Entry: 150

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 153

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 156

Chrome Cache Entry: 157

Chrome Cache Entry: 158

Chrome Cache Entry: 159

Chrome Cache Entry: 160

Chrome Cache Entry: 161

Chrome Cache Entry: 162

Chrome Cache Entry: 163

Chrome Cache Entry: 164

Chrome Cache Entry: 165

Chrome Cache Entry: 166

Chrome Cache Entry: 167

Chrome Cache Entry: 168

Windows Analysis Report
https://gemmini-tllogiiess-wrx.godaddysites.com/