Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://kucoinlloiinn8.godaddysites.com/

Overview

General Information

Sample URL:	https://kucoinlloiinn8.godaddysites.com/
Analysis ID:	1521950
Tags:	openphish
Infos:

Detection

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Phishing site detected (based on logo match)

HTML body contains low number of good links

HTML title does not match URL

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 1848 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 1836 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 --field-trial-handle=2340,i,1429752358186918888,16718431658222597420,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6332 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kucoinlloiinn8.godaddysites.com/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://kucoinlloiinn8.godaddysites.com/

SlashNext: detection malicious, Label: Fraudulent Website type: Phishing & Social Engineering

Phishing

AI detected phishing page

Source: https://kucoinlloiinn8.godaddysites.com/

LLM: Score: 9 Reasons: The legitimate domain for KuCoin is kucoin.com., The provided URL kucoinlloiinn8.godaddysites.com does not match the legitimate domain., The URL contains suspicious elements such as 'kucoinlloiinn8' which is not associated with the legitimate KuCoin domain., The use of 'godaddysites.com' as a domain extension is unusual for a well-known brand like KuCoin., The presence of input fields for username and password on a suspicious URL increases the risk of phishing. DOM: 0.0.pages.csv

Phishing site detected (based on logo match)

Source: https://kucoinlloiinn8.godaddysites.com/

Matcher: Template: apple matched

Source: https://kucoinlloiinn8.godaddysites.com/

HTTP Parser: Number of links: 0

Source: https://kucoinlloiinn8.godaddysites.com/

HTTP Parser: Title: KCOIN LOGIN | BITCOIN & CRYPTO does not match URL

Source: https://kucoinlloiinn8.godaddysites.com/

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49776 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: kucoinlloiinn8.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: kucoinlloiinn8.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://kucoinlloiinn8.godaddysites.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /manifest.webmanifest HTTP/1.1Host: kucoinlloiinn8.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://kucoinlloiinn8.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: kucoinlloiinn8.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://kucoinlloiinn8.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1
Source: global traffic	HTTP traffic detected: GET /eJlMkP-Oo HTTP/1.1Host: gtly.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: gtly.toConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://gtly.to/eJlMkP-OoAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: kucoinlloiinn8.godaddysites.com
Source: global traffic	DNS traffic detected: DNS query: img1.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: isteam.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: gtly.to

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-powered-by: Expresscache-control: private, no-cache, no-store, must-revalidatereferer: content-type: text/html; charset=utf-8etag: W/"188-ze4DTuXMy5nJCVqsdQu1C2/PUow"X-Cloud-Trace-Context: cc740df0aacdf594fafba7995bd47ffcDate: Sun, 29 Sep 2024 04:19:53 GMTServer: Google FrontendContent-Length: 392Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-powered-by: Expresscache-control: private, no-cache, no-store, must-revalidatecontent-type: text/html; charset=utf-8etag: W/"188-ze4DTuXMy5nJCVqsdQu1C2/PUow"X-Cloud-Trace-Context: 8efbab38335ad929a7116948115b7d05Date: Sun, 29 Sep 2024 04:19:54 GMTServer: Google FrontendContent-Length: 392Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close

Source: chromecache_85.2.dr, chromecache_91.2.dr, chromecache_120.2.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_84.2.dr	String found in binary or memory: http://scripts.sil.org/OFL
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/JulietaUla/Montserrat)
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/clauseggers/Playfair-Display)
Source: chromecache_84.2.dr	String found in binary or memory: https://gtly.to/eJlMkP-Oo
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WRhyzbi.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgFE_.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7jsDJT9g.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7ksDJT9g.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7osDJT9g.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7psDJT9g.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7qsDJT9g.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7rsDJT9g.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lqDY.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNK7lqDY.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNa7lqDY.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qO67lqDY.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidg18Smxg.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidh18Smxg.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidi18Smxg.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidj18Smxg.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkido18Smxg.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidv18Smxg.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdg18Smxg.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdh18Smxg.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdi18Smxg.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdj18Smxg.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdo18Smxg.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdv18Smxg.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlBduz8A.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBduz8A.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmhduz8A.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmxduz8A.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwkxduz8A.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlBduz8A.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmBduz8A.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmRduz8A.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmhduz8A.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmxduz8A.woff2)
Source: chromecache_84.2.dr	String found in binary or memory: https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc
Source: chromecache_84.2.dr	String found in binary or memory: https://kucoinlloiinn.godaddysites.com/

Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49776 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@17/96@12/7

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 --field-trial-handle=2340,i,1429752358186918888,16718431658222597420,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kucoinlloiinn8.godaddysites.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 --field-trial-handle=2340,i,1429752358186918888,16718431658222597420,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://kucoinlloiinn8.godaddysites.com/	100%	SlashNext	Fraudulent Website type: Phishing & Social Engineering

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
http://jedwatson.github.io/classnames	0%	URL Reputation	safe
http://scripts.sil.org/OFL	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
bg.microsoft.map.fastly.net	199.232.210.172	true	false		unknown
gtly.to	34.107.207.124	true	false		unknown
kucoinlloiinn8.godaddysites.com	13.248.243.5	true	true		unknown
www.google.com	142.250.185.68	true	false		unknown
isteam.wsimg.com	3.64.248.63	true	false		unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false		unknown
img1.wsimg.com	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://kucoinlloiinn8.godaddysites.com/	true		unknown
https://gtly.to/eJlMkP-Oo	false		unknown
https://gtly.to/favicon.ico	false		unknown
https://kucoinlloiinn8.godaddysites.com/manifest.webmanifest	true		unknown
https://kucoinlloiinn8.godaddysites.com/sw.js	true		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7osDJT9g.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNa7lqDY.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7qsDJT9g.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdh18Smxg.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7ksDJT9g.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlBduz8A.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmRduz8A.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdv18Smxg.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidi18Smxg.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgFE_.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidg18Smxg.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlBduz8A.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lqDY.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qO67lqDY.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmhduz8A.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmBduz8A.woff2)	chromecache_84.2.dr	false		unknown
https://github.com/JulietaUla/Montserrat)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmhduz8A.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkido18Smxg.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2)	chromecache_84.2.dr	false		unknown
http://jedwatson.github.io/classnames	chromecache_85.2.dr, chromecache_91.2.dr, chromecache_120.2.dr	false	URL Reputation: safe	unknown
https://github.com/clauseggers/Playfair-Display)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7psDJT9g.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7rsDJT9g.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdg18Smxg.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdi18Smxg.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBduz8A.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7jsDJT9g.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmxduz8A.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdo18Smxg.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwkxduz8A.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidv18Smxg.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNK7lqDY.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidj18Smxg.woff2)	chromecache_84.2.dr	false		unknown
https://kucoinlloiinn.godaddysites.com/	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidh18Smxg.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WRhyzbi.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmxduz8A.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2)	chromecache_84.2.dr	false		unknown
http://scripts.sil.org/OFL	chromecache_84.2.dr	false	URL Reputation: safe	unknown
https://img1.wsimg.com/gfonts/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2)	chromecache_84.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdj18Smxg.woff2)	chromecache_84.2.dr	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
142.250.185.68	www.google.com	United States		15169	GOOGLEUS	false
13.248.243.5	kucoinlloiinn8.godaddysites.com	United States		16509	AMAZON-02US	true
34.107.207.124	gtly.to	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
3.64.248.63	isteam.wsimg.com	United States		16509	AMAZON-02US	false

Private

IP
192.168.2.4
192.168.2.5

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1521950
Start date and time:	2024-09-29 06:18:44 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 16s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://kucoinlloiinn8.godaddysites.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal60.phis.win@17/96@12/7
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://gtly.to/eJlMkP-Oo

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.184.227, 142.250.186.78, 108.177.15.84, 34.104.35.123, 142.250.181.234, 142.250.185.227, 23.38.98.78, 23.38.98.114, 13.85.23.86, 199.232.210.172, 192.229.221.95, 13.95.31.18, 40.69.42.241, 142.250.185.195
Excluded domains from analysis (whitelisted): fonts.googleapis.com, e40258.g.akamaiedge.net, fs.microsoft.com, accounts.google.com, fonts.gstatic.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, global-wildcard.wsimg.com.sni-only.edgekey.net, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
VT rate limit hit for: https://kucoinlloiinn8.godaddysites.com/

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: https://gtly.to/eJlMkP-Oo Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://kucoinlloiinn8.godaddysites.com/ Model: jbxai	{ "brand":["KuCoin"], "contains_trigger_text":true, "trigger_text":"Sign Up", "prominent_button_name":"Sign Up", "text_input_field_labels":["username", "password"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://kucoinlloiinn8.godaddysites.com/ Model: jbxai	{ "phishing_score":9, "brands":"KuCoin", "legit_domain":"kucoin.com", "classification":"known", "reasons":["The legitimate domain for KuCoin is kucoin.com.", "The provided URL kucoinlloiinn8.godaddysites.com does not match the legitimate domain.", "The URL contains suspicious elements such as 'kucoinlloiinn8' which is not associated with the legitimate KuCoin domain.", "The use of 'godaddysites.com' as a domain extension is unusual for a well-known brand like KuCoin.", "The presence of input fields for username and password on a suspicious URL increases the risk of phishing."], "brand_matches":[false], "url_match":false, "brand_input":"KuCoin", "input_fields":"username, password"}

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 100

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	266
Entropy (8bit):	5.182741116673583
Encrypted:	false
SSDEEP:	6:F9oNS2BSyRbWsCJwvYtMe1mGHr9EJiKWaO6SZF:HgS2BSyEsCJB1THr+pWIS7
MD5:	8578A331AD09BB2EF6359FEC3916BEFC
SHA1:	38B68F5C02CBDB6E29C50F8858710E0392B0B8D6
SHA-256:	3D7E7552E3801941A408C504AA732223FE2BED5D12E248680847D772182CB639
SHA-512:	B034DDDA04F8DEE0D174651D13A89AF9FE5ED28E1E81FAB229AFA119B9B0A9C418E324FFCE28E909D8D596BEAE98FA1AC0BA09C74E7E7689B945C032088C5E18
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js
Preview:	define("@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js",["exports"],(function(e){"use strict";const n=global.React\|\|guac.react;e._=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_react_commonjs-external-a1351e34.js.map.

Chrome Cache Entry: 101

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32954), with no line terminators
Category:	downloaded
Size (bytes):	32954
Entropy (8bit):	5.234851688621422
Encrypted:	false
SSDEEP:	768:8QMz7Xi7utc79QusIPgexnKnPxPC7JWU/VHeLNsiQk/c4ur2McV2xdnGYeCjWQTA:si79wq0xPCFWsHuCleZ0j/TsmUv
MD5:	B388C18392B5C76B6CACC4E4CB7518F5
SHA1:	ECAF972EF8AEB067A3156529F61A0FD1EC5285D9
SHA-256:	C70F02DBD23061E8E75AA448BE7420F5A4B592CB33AF463AE23626ED764532A0
SHA-512:	E859DE819B034BB477554B57BE9C001953FFD422D505D0D21187BDA2345864C01DE45063E68490A4F5B4683171C5CC949F97597623310AA7B20CCDFDE5E7083F
Malicious:	false
Reputation:	low
URL:	https://kucoinlloiinn8.godaddysites.com/sw.js
Preview:	(()=>{"use strict";var e={895:()=>{try{self["workbox:cacheable-response:6.4.1"]&&_()}catch(e){}},259:(e,t,s)=>{s.d(t,{B:()=>a}),s(913);class a{constructor(){this.promise=new Promise(((e,t)=>{this.resolve=e,this.reject=t}))}}},125:(e,t,s)=>{s.d(t,{V:()=>a}),s(913);class a extends Error{constructor(e,t){super(((e,...t)=>{let s=e;return t.length>0&&(s+=` :: ${JSON.stringify(t)}`),s})(e,t)),this.name=e,this.details=t}}},524:(e,t,s)=>{s.d(t,{h:()=>a}),s(125),s(913);const a=null},594:(e,t,s)=>{function a(e,t){const s=new URL(e);for(const e of t)s.searchParams.delete(e);return s.href}async function n(e,t,s,n){const r=a(t.url,s);if(t.url===r)return e.match(t,n);const i=Object.assign(Object.assign({},n),{ignoreSearch:!0}),c=await e.keys(t,i);for(const t of c)if(r===a(t.url,s))return e.match(t,n)}s.d(t,{F:()=>n}),s(913)},536:(e,t,s)=>{s.d(t,{x:()=>r}),s(913);const a={googleAnalytics:"googleAnalytics",precache:"precache-v2",prefix:"workbox",runtime:"runtime",suffix:"undefined"!=typeof registratio

Chrome Cache Entry: 102

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (12251)
Category:	dropped
Size (bytes):	12309
Entropy (8bit):	4.691953487987274
Encrypted:	false
SSDEEP:	192:Y9hgK/4PoduPprRZ14Iwh0DyTDE7JPKSlrZWbFQJJZ7FFS3DQwNp/A+Qd:YoKwodgpehxTMPKSlrAMrLS38UKd
MD5:	DFB4BEE7C6378574342CDFCE62FDD1D7
SHA1:	75679AE1470880C7209353283879CB58C010621B
SHA-256:	BFF3C0C2907BCFFD63DEDC687B8FCA61197E8B783C644B3D665AC3620C383E3C
SHA-512:	76C8042532A9F0FF590606A920713515356C9B9C6366A1447C2D184F6AAA4D5880A399570D5764E84100C7619DB5EF061BA6C4E535FA2473E69060F76112DF4B
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-humanisticFilled-91edd0e1.js",["exports"],(function(e){"use strict";const a=(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M16.056 8.255a4.254 4.254 0 1 1-8.507 0 4.254 4.254 0 0 1 8.507 0zm3.052 11.71H4.496a.503.503 0 0 1-.46-.693 8.326 8.326 0 0 1 7.766-5.328 8.326 8.326 0 0 1 7.766 5.328.503.503 0 0 1-.46.694z"});var l={__proto__:null,account:a,person:a,magGlass:(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M15.659 14.107c1.048.434 3.446 3.209 3.446 3.209a1.263 1.263 0 0 1 0 1.789 1.263 1.263 0 0 1-1.789 0s-2.775-2.371-3.209-3.419c-.077-.185 0-.591 0-.591l-.369-.362a6.111 6.111 0 0 1-3.656 1.211C6.729 15.944 4 13.265 4 9.972 4 6.679 6.729 4 10.082 4c3.354 0 6.082 2.679 6.082 5.972a5.88 5.88 0 0 1-1.466 3.878l.261.257s.483-.09.7 0zm-5.577.546c2.628 0 4.767-2.1 4.767-4.681s-2.139-4.681-4.767-4.681c-2.628 0-4.767 2.1-4.767 4.681s2.139 4.681 4.767 4.681z"}),cart1:(global.React\|\|guac.react).createElement("path",

Chrome Cache Entry: 103

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	43144
Entropy (8bit):	7.992156043872244
Encrypted:	true
SSDEEP:	768:eFsgXUH0OfBGW6H5YO4rQCp3dNno5Elm52VJ2++xNbcbYHFWnEQMFJIPs:uJoGVLCp3d1o5EzN+xEmWe8s
MD5:	7A87115743E40427861B2D0DDE348702
SHA1:	F199B17D0AD2B013F63F2E6C4055736460E794F2
SHA-256:	031623D0CEAE4CD2E3206A94096B7DFF16EADE6F3912D70DEF7C821A1ACB3361
SHA-512:	759CA99FB81DA525C1BF5350888D55DFF23A296D0FC7D1185765209C0EAE918746E9A0312F2BF51C020578D1A05FE534EC6FB54D9BF7335A6860A581D37C7FE5
Malicious:	false
Reputation:	low
URL:	"https://img1.wsimg.com/isteam/ip/2392c2d7-8085-4053-96dd-10ede78cd7d9/kucoin%20ligin%201.png/:/cr=t:0%25,l:3.71%25,w:92.58%25,h:100%25/rs=w:1240,h:620,cg:true"
Preview:	RIFF....WEBPVP8X...........k..VP8 ....pe.....l.>m6.H$#;...zKp..cn..,....7}....ew...3./...i.I...u............(.;.....O._9?...................T...{.-.g..i.'.O._Q?........R...../........._...;....l..?...?......;......../.......?.~...."...........~.~.y..w._.</..........~.../...............z.~].k.?.8........{..K...3...?.}S..........M.L.l.x.S<[).-....g.e3....L.l.x.S<[).-...<Y.3..r...h]..L..>.cr...L.l.x.S<[).-....giJ........q..$....q......a:.}L....r\..k..-.m;..."0+s...R.T..........@....]..........>5=Y...:\|$u\.P.>.)...M@B..Y...=...:.;j5....g.#...S.......Gm....@'7!.:.?.r..&.x\..`.e<....Q.]..;s......INS0]...P.`..$..nNs...p.j}.q}........g.e3....%7.....\.Z.....(...i.4.v.....U.rMV7.2...[.(........D#..l...R....~.."..5`.I..V..J....Dt.....R.[5..-2W....../.(...tJ.\.Sw..v.($...4[..(\|...3.....{......d...V..^...2...~..x.k....F..<...u6.v.....]..i.#N....\|.Y.2...-..J.F...ti..?......Wa.m.W...{...Q?lO..3.=..Vu.Ne]2LIo1.4{5.....#...P9..j.-O>.}h.~...o.W

Chrome Cache Entry: 104

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (330)
Category:	downloaded
Size (bytes):	390
Entropy (8bit):	5.206764812811324
Encrypted:	false
SSDEEP:	6:F9o8fAX7s4Bszv4yA5FKJyR8aBzzNWLc3oqcqAdfFwC6emGHr9EJiKWayfAX7A:HGs4Bkv4yA5sy+go9Hf+eTHr+pWOA
MD5:	C86B7F8224FA45FB1682AC94D8F75AC6
SHA1:	9561F67AAE74B14702DB79C22F9C7F9E6F3B3239
SHA-256:	010083B88E95F18CEFDB90796ACCE02073E91FC8DFEFB27A7F5F3F75529E4906
SHA-512:	B239BAC43D973D0076F4E0C0720906560B0AED76472F50202841B2EABB66C5AD5774E35449007AA2DC3E6A096330AB14D1AA9374645136C89A20B45E4BBDBC52
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js
Preview:	define("@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js",["exports","~/c/_commonjsHelpers"],(function(e,o){"use strict";var t=o.c((function(e){e.exports=function(e){return e&&e.__esModule?e:{default:e}},e.exports.__esModule=!0,e.exports.default=e.exports}));e.i=t})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=interopRequireDefault-c83974f7.js.map.

Chrome Cache Entry: 105

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	266
Entropy (8bit):	5.182741116673583
Encrypted:	false
SSDEEP:	6:F9oNS2BSyRbWsCJwvYtMe1mGHr9EJiKWaO6SZF:HgS2BSyEsCJB1THr+pWIS7
MD5:	8578A331AD09BB2EF6359FEC3916BEFC
SHA1:	38B68F5C02CBDB6E29C50F8858710E0392B0B8D6
SHA-256:	3D7E7552E3801941A408C504AA732223FE2BED5D12E248680847D772182CB639
SHA-512:	B034DDDA04F8DEE0D174651D13A89AF9FE5ED28E1E81FAB229AFA119B9B0A9C418E324FFCE28E909D8D596BEAE98FA1AC0BA09C74E7E7689B945C032088C5E18
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js",["exports"],(function(e){"use strict";const n=global.React\|\|guac.react;e._=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_react_commonjs-external-a1351e34.js.map.

Chrome Cache Entry: 106

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 38372, version 1.0
Category:	downloaded
Size (bytes):	38372
Entropy (8bit):	7.994078494945525
Encrypted:	true
SSDEEP:	768:+Yxdr2O1OKvIsc1wqo4CyJBZk0eFs+rCFBVkvQjQRQRjvv+mv9:nV1OKvIBwktQEFB/Rjn/v9
MD5:	16ECEC131289CA4925D35C0515B28D9F
SHA1:	E2CBE7EC2BB494226EA423C7A7353B0E18B304C2
SHA-256:	CB8CAC32D5CEF83E7674916378C2F47BDBBA7E6E6BD936F8026A58AC4E71FA53
SHA-512:	A7ED6208086801275997FCBA3779084400914C74F454FE992FD0AF6E38F4F2F975D2CC63CBE5C1CBA35FE439EC25B0C6B64DD858D036329A2DE720124E70C512
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Preview:	wOF2..............PX...r.........................._...f...?HVAR.l.`?STAT....,/`.....$..)..~.0..\.6.$..`. .....s..[.3q.f.e..v..V<..L..58.......n..q..7......IEd. .q.4.+..[.(.H(M..W.#.{.c."....n..Y..P.\|.(K.o..C.....2..H..x.(.x.M.W.K...-C.@b..p."I.!..N..........N. ..4.."...C.v.;J^.'et....,n.._..G'..n(....r.ON....U.MGf.F(.o...t'.K...........r^_.....<n...[o..o.../.k..uj{.....vk.0.c.Cy.......l........@.. H.Aj........5.V.L..w..zp.._.'V..yu.%t.4i~.4c.6M..g6.YMW...(..!.]..Ap1dmEAEOOQ..B8.jY.............G.bL&..@ Tmm..][)..^.....g...re...UQ..J...r....i?d,g.c...p.].....nn.".....#w.rt!.!.."..w.PD.]....n!:...m..?** HHT.&..."{.u.U.^.n..\|Q}.q..."n.....(.-s,.....>.v.q.2.u..........m.O.4.&..R.!...;.f.>..B........YR.eD....;.G.........{h.....c.l.P.) g^7N7..Z._.x..P.....".+I.!..q.G..M.....0..(..t.k./..A..._........v.:3.2pH..\./...WFYE...nRFaT.f.p.....9.K....e....{.3Qg..}....CM.J.....l.-.%S..@.{?....B.....^FBK6&g...9..R~....d.l..........*;]-....Z.7.$..J...B..P.b...i+

Chrome Cache Entry: 107

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3043)
Category:	dropped
Size (bytes):	3092
Entropy (8bit):	5.221416224205306
Encrypted:	false
SSDEEP:	96:/NSXU/vuELNSXtiF7ANSXTJrrBNSXt7X5wqh:VcKncc7ycd3cd5w8
MD5:	852CBC5322260E00B44F2C682F88B2C7
SHA1:	BCAF229E6134F43EB5F974C9891E4D16FAF1D344
SHA-256:	BAE437DBEFE58377D88C9D579DB7C59F4202F3FBF88866D0005FB375BE6B2CD7
SHA-512:	F031B43F7FA0DA001F71DDCFFE5E322A94C5F1F52F7C4D67D34880243D9D361AC55C0E5001DD004390867CB31E5DEF5D4D9282E6E2ECB9AEC0E880AA5B786BA3
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-loaders-fffeeba5.js",["exports","~/c/bs-index3"],(function(e,a){"use strict";e.B=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).createElement((global.React\|\|guac.react).Fragment,null,(global.React\|\|guac.react).createElement(c,{viewBox:"0 0 44 44",width:"3em",height:"3em",fill:"currentColor"},(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M31.968 23H12.032c-.57 0-1.032-.448-1.032-1 0-.553.462-1 1.032-1h19.936c.57 0 1.032.447 1.032 1 0 .552-.462 1-1.032 1"})),(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX.Style,null,a.k.loaderBalance)),style:{"> svg":{animation:"balance 1s infinite cubic-bezier(.62,.06,.33,.79);",transformOrigin:"center"}}},e)},e.C=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).crea

Chrome Cache Entry: 108

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (330)
Category:	dropped
Size (bytes):	390
Entropy (8bit):	5.206764812811324
Encrypted:	false
SSDEEP:	6:F9o8fAX7s4Bszv4yA5FKJyR8aBzzNWLc3oqcqAdfFwC6emGHr9EJiKWayfAX7A:HGs4Bkv4yA5sy+go9Hf+eTHr+pWOA
MD5:	C86B7F8224FA45FB1682AC94D8F75AC6
SHA1:	9561F67AAE74B14702DB79C22F9C7F9E6F3B3239
SHA-256:	010083B88E95F18CEFDB90796ACCE02073E91FC8DFEFB27A7F5F3F75529E4906
SHA-512:	B239BAC43D973D0076F4E0C0720906560B0AED76472F50202841B2EABB66C5AD5774E35449007AA2DC3E6A096330AB14D1AA9374645136C89A20B45E4BBDBC52
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js",["exports","~/c/_commonjsHelpers"],(function(e,o){"use strict";var t=o.c((function(e){e.exports=function(e){return e&&e.__esModule?e:{default:e}},e.exports.__esModule=!0,e.exports.default=e.exports}));e.i=t})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=interopRequireDefault-c83974f7.js.map.

Chrome Cache Entry: 109

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (786)
Category:	dropped
Size (bytes):	842
Entropy (8bit):	5.258991916821592
Encrypted:	false
SSDEEP:	24:caBL+qMLVRGqawadlH0rVRrkAeT25Z2HrIY/:jKqSVMqzarH0brkAeq5ZSrI+
MD5:	31B521136207C11FF1F9985264424E8A
SHA1:	9EAF6B9717979CAEB5C7E846E17B2A89A08DC266
SHA-256:	C818B56446AE5A8D0466FC9C51D85104584E36F6D8B1C77E08A2D354E845E2CD
SHA-512:	DB2A8825F8C67B6361B86F5BB1DEE38089DD57E5E74ECBA335EF7D82D9D5E5AD3F64C07195FCDF700415F6F09B11BDB6A20410462ABAEC443335F19ACF8265B1
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-themeOverrides-e736c017.js",["exports"],(function(e){"use strict";(global.Core\|\|guac["@wsb/guac-widget-core"]).constants;e.a=e=>{let{sectionHeadingHR:t}=e;return t?{sectionHeadingHR:t}:{}},e.b=e=>{let{sectionHeadingColor:t}=e;return{HIGHLIGHT:{style:{color:"highlight"}},HIGH_CONTRAST:{style:{color:"highContrast"}}}[t]\|\|{}},e.c=e=>{let{sectionHeadingSize:t}=e;return t?{style:{fontSize:t}}:{}},e.s=e=>{let{sectionHeadingAlignment:t}=e;return{LEFT:{style:{textAlign:"left","@md":{textAlign:"left"}},alignmentOption:"left"},CENTER:{style:{textAlign:"center","@md":{textAlign:"center"}},alignmentOption:"center"},RIGHT:{style:{textAlign:"right","@md":{textAlign:"right"}},alignmentOption:"right"}}[t]\|\|{}}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-themeOverrides-e736c017.js.map.

Chrome Cache Entry: 110

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	976
Entropy (8bit):	7.080721807731527
Encrypted:	false
SSDEEP:	12:4mwnvFWs9as1mUeaaCa3uYi8uomeTFQlRM2v32Eo23qRFTda25I3/SATwYGkvyn5:rwdN0Ugh1bNFV2e5FYaI3jdan6GpbSl
MD5:	6A5941770996B284EE07E76950DF106E
SHA1:	2DF835CA9BD5AB85373696E851BFC66A93DB9421
SHA-256:	EFFAC9B3C6BCF5763B3B1DB89F0F4D46D397CC86AAE4470AE52F4F2BCD041EA4
SHA-512:	9E58C4F31410163DF5D8F3DF0833F6A43B8833678760CB25B6F88A72BBFCE0E7C046B81BAA5F22B5D7DCE1E88BDD787E21F9CBA94E111AF1CDD1970EB538D115
Malicious:	false
Reputation:	low
URL:	"https://img1.wsimg.com/isteam/ip/2392c2d7-8085-4053-96dd-10ede78cd7d9/favicon/f7121541-bc4d-4155-9a79-02bc7622be64.png/:/rs=w:32,h:32,m"
Preview:	RIFF....WEBPVP8X..............ALPHZ.....m.i.m..RJ.....m.m#f...m...R....R[DL.!...v,..o.Hbt.........i.....q.[i....0..w:.1q(D..j....7...bb...k..f.{)D....\."\h..z.f.....................J.2...LD\|...q...e...Q...O..}.,....}k.....,o......A..\|q._S...Y..L...e.fG...f-..H!..:......c..f.Z..0.:..X...f.^..-N..x.+.....\|.....i... =..65D.Xl....iI$.r..<.DH)0^..$vw..y2...P.5[.^H0.W....B.b........7.v.2.....(.f.j.6#]`8$&....r....I..O....:.{I{....d.7.f.Z....c..#...U.1k..U..X......5.,..Y..fL.J.......M.....^lZ-..yY....:fx..z.....l>....c.....77...f.......ej.$...l..ONN.[..C..p.........W\.1.F8..W......8.8J.^...1.....N......VP8 ......... . .>m2.G$#!.(.....d..'.....x#...d..V.........T.h..C..^'.....Y_.{0...H..w..........6'..S...fh...Nr....__ #"T(.I.......,.X.^....EXIF....Exif..II*...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100.................... ........... .......

Chrome Cache Entry: 111

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3043)
Category:	downloaded
Size (bytes):	3092
Entropy (8bit):	5.221416224205306
Encrypted:	false
SSDEEP:	96:/NSXU/vuELNSXtiF7ANSXTJrrBNSXt7X5wqh:VcKncc7ycd3cd5w8
MD5:	852CBC5322260E00B44F2C682F88B2C7
SHA1:	BCAF229E6134F43EB5F974C9891E4D16FAF1D344
SHA-256:	BAE437DBEFE58377D88C9D579DB7C59F4202F3FBF88866D0005FB375BE6B2CD7
SHA-512:	F031B43F7FA0DA001F71DDCFFE5E322A94C5F1F52F7C4D67D34880243D9D361AC55C0E5001DD004390867CB31E5DEF5D4D9282E6E2ECB9AEC0E880AA5B786BA3
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-fffeeba5.js
Preview:	define("@widget/LAYOUT/c/bs-loaders-fffeeba5.js",["exports","~/c/bs-index3"],(function(e,a){"use strict";e.B=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).createElement((global.React\|\|guac.react).Fragment,null,(global.React\|\|guac.react).createElement(c,{viewBox:"0 0 44 44",width:"3em",height:"3em",fill:"currentColor"},(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M31.968 23H12.032c-.57 0-1.032-.448-1.032-1 0-.553.462-1 1.032-1h19.936c.57 0 1.032.447 1.032 1 0 .552-.462 1-1.032 1"})),(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX.Style,null,a.k.loaderBalance)),style:{"> svg":{animation:"balance 1s infinite cubic-bezier(.62,.06,.33,.79);",transformOrigin:"center"}}},e)},e.C=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).crea

Chrome Cache Entry: 112

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	242081
Entropy (8bit):	5.517740449222352
Encrypted:	false
SSDEEP:	3072:Eu8xUu8gpdmSOvTdTK4Tn9TnatTn9TnApfeVH0pdmSO3iTIT7JlDnDQj3jPGIXST:382/6bbCx0FMKhd
MD5:	EE94D93E4A0EB3D2C41B8C7EE1BB25F6
SHA1:	3C52577F309D7C76DE7EA4E0A40CBB358886A1B4
SHA-256:	22F0A029FD70E639CC74C49BE1071F7710AE42E70CA2AD71C08EB6075B53D4BC
SHA-512:	6605DB1B03094066E506775B6E5B88B72EB928993FC1268F08250F13D66EEABC656FF1203D51527C19D64D6A2358BFF7358E2AC2E5AE474A3C71A53E5535A255
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-index3-6c39b3c7.js",["radpack","exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-overlayTypes","~/c/bs-index2","~/c/bs-index","~/c/bs-dataAids","@wsb/guac-widget-shared@^1/lib/components/ColorSwatch","@wsb/guac-widget-shared@^1/lib/components/Carousel","~/c/bs-navigationDrawer","~/c/bs-searchFormLocations"],(function(e,t,a,r,o,l,n,i,c,s,g){"use strict";class p extends((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.utils.createElement("Background")){}a._(p,"propTypes",{className:(global.PropTypes\|\|guac["prop-types"]).string,backgroundSize:(global.PropTypes\|\|guac["prop-types"]).string,backgroundPosition:(global.PropTypes\|\|guac["prop-types"]).string,style:(global.PropTypes\|\|guac["prop-types"]).object,imageData:(global.PropTypes\|\|guac["prop-types"]).object,mobileWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,desktopWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,blur:(global.PropTypes\|\|guac["prop-types"]).bool}),a._(p,"defaultPr

Chrome Cache Entry: 113

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	221
Entropy (8bit):	5.32955468303281
Encrypted:	false
SSDEEP:	6:FSPD8WUDDSBSyFbNemGHr9EJiKWaEwI8WUDDn:c5UDGBSyCTHr+pWTwGUDr
MD5:	8F12765EB30FBDCFCDC116D13F7FC272
SHA1:	506E45B7D3930756EACCE0DAD449A3C8CDB3EAC6
SHA-256:	265995EB76326E95613750F6F6570B850F5C22280D262DE9B9632A16CEB98B9B
SHA-512:	7AA2F396B105BCCF2B943FD2AC60929D8BF3A0EB8574B77451CB29816DF8ACDCD07694B526D7E4585F849DFDA3A0FE6E95661179E13F682DBF54098D98154BFB
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js",["exports"],(function(i){"use strict";i.N="-249vw"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-navigationDrawer-27f5f1f5.js.map.

Chrome Cache Entry: 114

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1240x620, components 3
Category:	dropped
Size (bytes):	71834
Entropy (8bit):	7.954228550898841
Encrypted:	false
SSDEEP:	1536:SCusUCgHRVffcVsex0VDfL3OtBYSSHfKUNDsUw/EAJefWy/773fKhGoea2r6v:TusURHrfc9xcOkKUNDFQtJTyTTKhGoeY
MD5:	14AF28F6A1C940748B721AFA6D0E5ECC
SHA1:	97E667BBFA1046553160A3A58AD0EC9768F38DD1
SHA-256:	2B9012E3B3727434CB34C22BDC59444F08CF492DAE0776BA94763502A25DF1A7
SHA-512:	814734F7BB1C0BE5453E9C4DC5AD20707421717CFC45BF01CC697AC6FB9CF9194EB6148EB0BCF1A6D2EE7C96F519FD012A230104E0A577E2F40F6623D5CBB00C
Malicious:	false
Reputation:	low
Preview:	......Exif..II...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100................................l..........C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......l....".........................................K..........................!1Q..A.."2Raq...34ST...#5Br.s.$Cb..%6U.7Dt&cd..................................:........................!1..AQ."a..2Rq....#4B...3..$Sb.r............?..J" ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...".Hw.A.)]+.p....(K...$.E..F7<.p...`..kA..D.h.ht.5.<.8Son.........{...';.x...7s......{."..]<..S....O$..Z${Z].d.(..W.:).,l...h<.8C+.....{Y.....{^..89...d(D....Q2.." .......D@...DD....D@...DL....""....&Q.DD....D@.

Chrome Cache Entry: 115

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Category:	downloaded
Size (bytes):	33092
Entropy (8bit):	7.993894754675653
Encrypted:	true
SSDEEP:	768:c+2lFKscxQAuDJ5m/xiYEQNMJjFaf0TteqKt:cZlhcxJuDa/xiMMJhaItzKt
MD5:	057478083C1D55EA0C2182B24F6DD72F
SHA1:	CAF557CD276A76992084EFC4C8857B66791A6B7F
SHA-256:	BB2F90081933C0F2475883CA2C5CFEE94E96D7314A09433FFFC42E37F4CFFD3B
SHA-512:	98FF4416DB333E5A5A8F8F299C393DD1A50F574A2C1C601A0724A8EA7FB652F6EC0BA2267390327185EBEA55F5C5049AB486D88B4C5FC1585A6A975238507A15
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Preview:	wOF2.......D......6...............................a......Z?HVAR...`?STAT.8'2..F/~.....\|.M....0....6.$.... ..x..<..[.%Q.i.<.N..t.Yx..5.A...\|..g#l....5.....D.Bt.......l.Y].)..(..H.s..V..ruM....[.....I.0h.v.Hc.R..]....`$.I)G.+.}....E%.H..\|..%nEE.....+.x..7\|........[..V....[.......0...CA.._....)2.$.....s_fw....+.V.H.B.<?.?..mloc..1.Q....a.r#...)......\|.F>..../6-.......t......>......tO.:f@b....u.I(.Bc..b....7.?A.....vE.}...kb]W7.h..$@......T1t.8.._?...~..,..I..."Y...1..s.V........R.Bf2..I....s.........u.P.&..D./"2qf....p.sv..)b5.yR.$MR3.@.E../>{w.....f...cN...2.v.....]>..Ow...9/!v...r..1.4.n.w...T......=...hRH!.....2`...u..82L...S.v.ik^.V.....@..N....d{..{...NN"'.H...H$..H.<..{?..x.....zv.}.~.N)4.g...X.....8\|}...e,%.:..;.Q..88...@..=UVHe....g..zD?..U...~.J...oMoP..6B"Y.{BN...vY<.o..r.7.7j%.Z%.'...]...........YK...,.a-;.M....>\.......%'+8Z.1K.y...9.(;.5 ..M..L.(..9...T)........hx..i2Y...m..{ulY...d......")^.,.n.~..r..S.o.$.....6=.i...N.....q0 ....

Chrome Cache Entry: 116

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1211)
Category:	downloaded
Size (bytes):	1261
Entropy (8bit):	5.340315611373646
Encrypted:	false
SSDEEP:	24:/BLEQuC0F6lq5lEYwy5WqogVeESgVeId4PXsHrIW:Z4jFYq5lpwW7vdd4PXgrIW
MD5:	CB9BFA0FBDD957FBE7F4841B70341DB2
SHA1:	9CAD12A3580D3E4D340CB867E88B687C75564C5A
SHA-256:	513864FD4EBD1926F3E1E78B436A90C2BC3A5D16835B50415E7B318D7DEEC2A2
SHA-512:	DF98C3262F64DA4EA9CACF75FF7CB685D71B69142D89F726AB3E13CF6F25432DC395D7C0950E1632F0E519F135B02FDA0753739189E51F1C9210ACA6692551DD
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js
Preview:	define("@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js",["exports"],(function(e){"use strict";const o=e=>{let{color:o,isActive:t,inStock:r,isSmall:l}=e;const a=r\|\|void 0===r,c=l?"24px":"38px",n=l?"20px":"32px",i={borderRadius:"50%",borderWidth:"1px",borderStyle:"solid"},s={outer:{...i,display:"flex",alignItems:"center",justifyContent:"center",width:c,height:c,borderColor:t?"lowContrast":"transparent"},inner:{...i,borderColor:"ultraLowContrast",color:"ultraLowContrast",width:n,height:n,background:a?o:`linear-gradient(to left top, ${o} calc(50% - 1px), currentColor, ${o} calc(50% + 1px) )`}};return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.outer},(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.inner}))};o.propTypes={color:(global.PropTypes\|\|guac["prop-types"]).string.isRequired,isActive:(global.PropTypes\|\|guac["prop-types"]).bool,inStock:(

Chrome Cache Entry: 117

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (829)
Category:	dropped
Size (bytes):	876
Entropy (8bit):	5.561256771975726
Encrypted:	false
SSDEEP:	24:cEBLv5pqMIuHMnH7cmo17Jv0ySaUKdei9hJQE2HrIYpb:f75pqaowmWJcySaUKdTfcrIC
MD5:	9219CF782ED219BD3929A51E99503BC2
SHA1:	6AAC399854EC0405949566FAFDCA8C121F0CDA58
SHA-256:	89388608D7BCECED5AD74231681FFCE822AD580ACB9FD7E492970176E3E38347
SHA-512:	D421851026422D46E1561FA852084CE7B41E32C7451DCF85900838265D330F09389DA18F4D8A5FAF3E0A4076508BA7E93EA9C5F8B5B32ACF32205C9B6E65E709
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-index-4e26cd6b.js",["exports"],(function(o){"use strict";const{widgetTypes:e,colorPackCategories:t,themeConstants:n,buttons:l}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,s=(global.keyMirror\|\|guac.keymirror)({NONE:null,SMALL_UNDERLINE:null,FULL_UNDERLINE:null,INLINE:null}),i=24,r=n.DEFAULT_OVERLAY_TEXT_SHADOW,a={about4:i,introduction5:i,content5:i,ordering1:i,payment2:i,zillow1:i,reviews1:i,rss1:i,subscribe3:i,mlsSearch1:i,contact10:i,countdown1:i,quote1:i},c={spotlight:{fill:l.fills.SOLID},external:{fill:l.fills.NONE,decoration:l.decorations.NONE,shadow:l.shadows.NONE}};o.A="365px",o.B="24px",o.C=c,o.D=25,o.I=28,o.M=40,o.O="0px 2px 10px rgba(0, 0, 0, 0.3)",o.S=40,o.W={about1:!0},o.a=r,o.b="18px",o.c=a,o.d="600px",o.e=t,o.s=s})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-index-4e26cd6b.js.map.

Chrome Cache Entry: 118

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23126)
Category:	dropped
Size (bytes):	23189
Entropy (8bit):	4.539345073526186
Encrypted:	false
SSDEEP:	384:7UuK/6kvTqLYddu4bV/yiAhSs1hiAhAiSeG3dvBRU+SMkc6e:QuJ5wI45/c1+ipG3TJSMkU
MD5:	3D092EF4ABA019B14F01C40747E40554
SHA1:	1C26145272FCF4CA91AF501288CCE84B1BFFD38B
SHA-256:	B4C48B77BBE6BBACF7D16BDAA81F5509FB8EA0FBFDDFBF2D12307F7A88518846
SHA-512:	F7180D3D98CF17556E27D62EF719DD9E35041679BAB74BD49BD898EB0FB62018EF6C6B64D06E9E0CAC4A646154DB93A1D35096B098DDCFF7B02CD6889A29DA0A
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-defaultSocialIconPack-91835b99.js",["exports"],(function(a){"use strict";const e=(global.React\|\|guac.react).createElement("path",{d:"M12 2C6.477 2 2 6.477 2 12s4.477 10 10 10 10-4.477 10-10A10 10 0 0 0 12 2zM7.055 13.745a.97.97 0 0 1-.073-.509l.182-2.072a.687.687 0 0 1 .29-.364c.182-.11.582.036.582.036l2.619 1.31s.4.181.4.509c-.037.436-.219.436-.364.509l-3.055.654s-.436.146-.581-.073zm4.945.473l-.036 3.018s.036.437-.219.51c-.144.02-.291.02-.436 0l-2.036-.655a.6.6 0 0 1-.291-.364c-.073-.218.182-.545.182-.545l2.036-2.255s.327-.29.582-.145c.254.145.254.436.218.436zm-.364-3.236a.687.687 0 0 1-.581-.182l-2.51-3.418s-.363-.4-.181-.691a.64.64 0 0 1 .363-.291l2.4-.873c.11-.036.218-.145.582.073.255.145.291.655.291.655l.036 4.145s-.072.51-.4.582zm1.419.582l1.636-2.582s.145-.364.436-.327c.152.002.29.085.364.218l1.382 1.636a.676.676 0 0 1 .072.473c-.072.218-.472.363-.472.363l-2.91.837s-.4.073-.545-.182c-.145-.255 0-.51.037-.436zm3.781 3.309L15.6 16.655a.815.815 0 0 1-.4

Chrome Cache Entry: 119

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	976
Entropy (8bit):	7.080721807731527
Encrypted:	false
SSDEEP:	12:4mwnvFWs9as1mUeaaCa3uYi8uomeTFQlRM2v32Eo23qRFTda25I3/SATwYGkvyn5:rwdN0Ugh1bNFV2e5FYaI3jdan6GpbSl
MD5:	6A5941770996B284EE07E76950DF106E
SHA1:	2DF835CA9BD5AB85373696E851BFC66A93DB9421
SHA-256:	EFFAC9B3C6BCF5763B3B1DB89F0F4D46D397CC86AAE4470AE52F4F2BCD041EA4
SHA-512:	9E58C4F31410163DF5D8F3DF0833F6A43B8833678760CB25B6F88A72BBFCE0E7C046B81BAA5F22B5D7DCE1E88BDD787E21F9CBA94E111AF1CDD1970EB538D115
Malicious:	false
Reputation:	low
URL:	"https://img1.wsimg.com/isteam/ip/2392c2d7-8085-4053-96dd-10ede78cd7d9/favicon/f7121541-bc4d-4155-9a79-02bc7622be64.png/:/rs=w:192,h:192,m"
Preview:	RIFF....WEBPVP8X..............ALPHZ.....m.i.m..RJ.....m.m#f...m...R....R[DL.!...v,..o.Hbt.........i.....q.[i....0..w:.1q(D..j....7...bb...k..f.{)D....\."\h..z.f.....................J.2...LD\|...q...e...Q...O..}.,....}k.....,o......A..\|q._S...Y..L...e.fG...f-..H!..:......c..f.Z..0.:..X...f.^..-N..x.+.....\|.....i... =..65D.Xl....iI$.r..<.DH)0^..$vw..y2...P.5[.^H0.W....B.b........7.v.2.....(.f.j.6#]`8$&....r....I..O....:.{I{....d.7.f.Z....c..#...U.1k..U..X......5.,..Y..fL.J.......M.....^lZ-..yY....:fx..z.....l>....c.....77...f.......ej.$...l..ONN.[..C..p.........W\.1.F8..W......8.8J.^...1.....N......VP8 ......... . .>m2.G$#!.(.....d..'.....x#...d..V.........T.h..C..^'.....Y_.{0...H..w..........6'..S...fh...Nr....__ #"T(.I.......,.X.^....EXIF....Exif..II*...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100.................... ........... .......

Chrome Cache Entry: 120

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (20947)
Category:	dropped
Size (bytes):	24399
Entropy (8bit):	5.2375624098374
Encrypted:	false
SSDEEP:	384:UNoz5VHqeg0VzpiyiwffnnPacVorjFtteVT36FCLCpKe9plq2D:ME5qeg0Rp8wffnPVEjFtteEFiSbbl3D
MD5:	753CB19EE1A756E46FAA0F118B1B4E01
SHA1:	248885E3BFE7E71989BA9FFFB33B6EFF18166FEC
SHA-256:	ED9FFA2FBA5ECC75AF2F99E6EBADD5B927086F258037C2A848E94449CC579991
SHA-512:	4482C4D5F2F93DE8E095C549994A7783FA55CD1A6C4C9CC5E697CC2E2F00C98B04D5CB958CC1ADC4D0EF67F300BE014E112AE1D992487F40EB25BC93E8B47AAA
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js",["exports","~/c/_rollupPluginBabelHelpers","~/c/_commonjsHelpers","~/c/interopRequireDefault","~/c/_react_commonjs-external"],(function(e,t,n,i,r){"use strict";var s=n.c((function(e){function t(n){return e.exports=t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e.exports.__esModule=!0,e.exports.default=e.exports,t(n)}e.exports=t,e.exports.__esModule=!0,e.exports.default=e.exports})),o=n.c((function(e){var t=s.default;function n(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,i=new WeakMap;return(n=function(e){return e?i:t})(e)}e.exports=function(e,i){if(!i&&e&&e.__esModule)return e;if(null===e\|\|"object"!==t(e)&&"function"!=typeof e)return{default:e};var r=n(i);if(r&&r.has(e))return r.get(e);var s={},o=Object.defineProperty&&Object.getOwnPropertyDescr

Chrome Cache Entry: 121

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (522)
Category:	downloaded
Size (bytes):	586
Entropy (8bit):	5.2378887904744955
Encrypted:	false
SSDEEP:	12:H/QL7ANBSyTUXaPXAbDTc/NeL2QiTj+RVngQ2ofXgYhMYTHr+pWgL7AO:cANBLTUXaPXAPTc/tTj+HngQ2CQY/HrQ
MD5:	FADB3719FFA2A9E96CDC64FFEA0220FA
SHA1:	B9B00833E59E99ECE036B518D8429AF5EFEC1163
SHA-256:	E8A5463FF98210D3017DEEE55D5A287AD01AAA11DBE7DEB7D07F7D15D7F609F2
SHA-512:	C6E3581F7676B3204BC0FC8D4DCCF5A383FDE6F17A27D2F855EBEE3D205459BD9866A219808EAB1D4D4B37676D13B516AF546C7125C3FFA22CA74B995A180644
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js
Preview:	define("@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=n,e.a=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_rollupPluginBabelHelpers-8ce54c82.js.map.

Chrome Cache Entry: 122

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	525
Entropy (8bit):	5.117295440681294
Encrypted:	false
SSDEEP:	12:YWGhtXIoWFJsTPXmktwdPwTPXmktwkwhr/A:YZXIoWofntwPofntOhr/A
MD5:	B74F396517B460A53B6C134F5A80AAFA
SHA1:	389481655C18A3DFD18538CA4C3F0036FEF72B53
SHA-256:	193DB84DEC79C077D7B8A8B006217B029301416D572E80A3DA087164BAE853A2
SHA-512:	7F42B60C31A40AC782E3D5F087DA02EEFC219300562DB058E01FD43F0F17DA2F6412759FBB3F905DE7300D07374294ECA0BFEB3AA897D6E5A324A4FF00DE8984
Malicious:	false
Reputation:	low
URL:	https://kucoinlloiinn8.godaddysites.com/manifest.webmanifest
Preview:	{"scope":"/","start_url":"/","display":"standalone","icons":[{"sizes":"192x192","type":"image/png","src":"//img1.wsimg.com/isteam/ip/2392c2d7-8085-4053-96dd-10ede78cd7d9/favicon/f7121541-bc4d-4155-9a79-02bc7622be64.png/:/rs=w:192,h:192,m"},{"sizes":"512x512","type":"image/png","src":"//img1.wsimg.com/isteam/ip/2392c2d7-8085-4053-96dd-10ede78cd7d9/favicon/f7121541-bc4d-4155-9a79-02bc7622be64.png/:/rs=w:512,h:512,m"}],"name":"kucoinlloiinn","short_name":"kucoinlloiinn","theme_color":"#f7f8fa","background_color":"#f7f8fa"}

Chrome Cache Entry: 123

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6969)
Category:	dropped
Size (bytes):	7039
Entropy (8bit):	5.2361798012427245
Encrypted:	false
SSDEEP:	192:oLb1MP+fzUiru5feyeCVL+izwhVQ9iPzmHFnYJsvIFO/Esh:oLxmCUiru5fneCVL+izwhVQ9ibmHFnYK
MD5:	DAD318033A09F6ABA68D6EE66F1CDACE
SHA1:	F538D0C3973677A6CDF14E9223AFB432FCF1CF8C
SHA-256:	E8FCFB1552D918B5D9FD715F711255465D6DD4348B4DCEDD362CB00DF9D3DBEF
SHA-512:	6024483003089661D9799000202895EC4ACA6CDEC816BDBC786F6800536AA8E6B93D8B8CA81E1EB6B8122C72CD14172C94C6C49953FFA536E49D71DD7F47499F
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/bs-layout13-Theme-publish-Theme-7252afe2.js",["exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-index3","~/c/bs-themeOverrides","~/c/bs-legacyOverrides","~/c/bs-humanisticFilled","~/c/bs-defaultSocialIconPack","~/c/bs-loaders","~/c/bs-index","~/c/bs-overlayTypes"],(function(e,t,r,o,a,n,i,s,l,g){"use strict";const{colorPackCategories:d,buttons:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,{LIGHT:u,LIGHT_ALT:m,LIGHT_COLORFUL:h,DARK:p,DARK_ALT:y,DARK_COLORFUL:f,COLORFUL:b,MVP:x}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants.paintJobs,I={[g.F]:"category-overlay",[g.b]:"category-overlay",[g.I]:"category-solid",[g.B]:"category-overlay",[g.L]:"category-overlay"},S={defaultHeaderTreatment:g.F,imageTreatments:I,heroContentItems:["tagline","tagline2","cta"],nonHeroContentItems:["phone"]};var C={id:"layout13",name:"modern",packs:{color:"005",font:"league-spartan"},logo:{font:"primary"},packCategories:{color:d.ACCENT},headerProperties:{alignmentOption

Chrome Cache Entry: 124

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (12251)
Category:	downloaded
Size (bytes):	12309
Entropy (8bit):	4.691953487987274
Encrypted:	false
SSDEEP:	192:Y9hgK/4PoduPprRZ14Iwh0DyTDE7JPKSlrZWbFQJJZ7FFS3DQwNp/A+Qd:YoKwodgpehxTMPKSlrAMrLS38UKd
MD5:	DFB4BEE7C6378574342CDFCE62FDD1D7
SHA1:	75679AE1470880C7209353283879CB58C010621B
SHA-256:	BFF3C0C2907BCFFD63DEDC687B8FCA61197E8B783C644B3D665AC3620C383E3C
SHA-512:	76C8042532A9F0FF590606A920713515356C9B9C6366A1447C2D184F6AAA4D5880A399570D5764E84100C7619DB5EF061BA6C4E535FA2473E69060F76112DF4B
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-humanisticFilled-91edd0e1.js
Preview:	define("@widget/LAYOUT/c/bs-humanisticFilled-91edd0e1.js",["exports"],(function(e){"use strict";const a=(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M16.056 8.255a4.254 4.254 0 1 1-8.507 0 4.254 4.254 0 0 1 8.507 0zm3.052 11.71H4.496a.503.503 0 0 1-.46-.693 8.326 8.326 0 0 1 7.766-5.328 8.326 8.326 0 0 1 7.766 5.328.503.503 0 0 1-.46.694z"});var l={__proto__:null,account:a,person:a,magGlass:(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M15.659 14.107c1.048.434 3.446 3.209 3.446 3.209a1.263 1.263 0 0 1 0 1.789 1.263 1.263 0 0 1-1.789 0s-2.775-2.371-3.209-3.419c-.077-.185 0-.591 0-.591l-.369-.362a6.111 6.111 0 0 1-3.656 1.211C6.729 15.944 4 13.265 4 9.972 4 6.679 6.729 4 10.082 4c3.354 0 6.082 2.679 6.082 5.972a5.88 5.88 0 0 1-1.466 3.878l.261.257s.483-.09.7 0zm-5.577.546c2.628 0 4.767-2.1 4.767-4.681s-2.139-4.681-4.767-4.681c-2.628 0-4.767 2.1-4.767 4.681s2.139 4.681 4.767 4.681z"}),cart1:(global.React\|\|guac.react).createElement("path",

Chrome Cache Entry: 125

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (852)
Category:	downloaded
Size (bytes):	919
Entropy (8bit):	5.236642015723828
Encrypted:	false
SSDEEP:	24:caBLoXaPXAH5NUM45cl2TxlBWJSqhPuQHrIYf:t8XyXA/UjmkTxjONrIY
MD5:	1CCD3C1052745E96CE686CC6F6143F10
SHA1:	0B19BB42233073967E22FE75572E12908E70A8C9
SHA-256:	F075FEFC90D97DA32D93AB7A2C9660A9D73B41A3B022497C8E6683CB6F98BF88
SHA-512:	0A274F4D70897638F9EC9F0A04D79C0BF6FA94E297A7938F773345395AC64F2CB87B9DA2D265DDC017C3AE0C16B88B207E8688110AE8A5E91FC662767D78587A
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-a2e90765.js
Preview:	define("@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-a2e90765.js",["exports"],(function(e){"use strict";function r(){return r=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])}return e},r.apply(this,arguments)}e._=function(e,r,t){return(r=function(e){var r=function(e,r){if("object"!=typeof e\|\|null===e)return e;var t=e[Symbol.toPrimitive];if(void 0!==t){var n=t.call(e,r\|\|"default");if("object"!=typeof n)return n;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===r?String:Number)(e)}(e,"string");return"symbol"==typeof r?r:String(r)}(r))in e?Object.defineProperty(e,r,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[r]=t,e},e.a=r})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-_rollupPluginBabelHelpers-a2e90765.js.map.

Chrome Cache Entry: 126

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1824)
Category:	dropped
Size (bytes):	1874
Entropy (8bit):	4.934407477113311
Encrypted:	false
SSDEEP:	48:fCEX2kA83zdkJi1lvietWdcy0cy7mdOrxGfrIK:aE33zdkJiDvietWdR0R7mdOFYX
MD5:	EDC15AD5DAAC3CFA744BFFDB1E0174BE
SHA1:	E314A5CA702D0E77B2C2C023ADDADE266EA223B2
SHA-256:	3B54AEACFDA01BE53800632989A82F6F5A7F92E927159A37A4324B38D3DFFEF8
SHA-512:	8B8805D67FF993BD406EEB6682B1578537A3D6B7DC6711BE7152120689C77147D8C24351ACEBD2A06AE9B81D858EAED19C44E6792FE3C147EEAF3133C635589B
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-dataAids-6a839d53.js",["exports"],(function(E){"use strict";var R=(global.keyMirror\|\|guac.keymirror)({BACKGROUND_IMAGE_RENDERED:null,HAMBURGER_MENU_LINK:null,HEADER_WIDGET:null,HEADER_SECTION:null,HEADER_VIDEO:null,HEADER_VIDEO_EMBED_WRAPPER:null,HEADER_VIDEO_EMBED:null,HEADER_VIDEO_EMBED_INSET_POSTER:null,HEADER_VIDEO_EMBED_FILL_POSTER:null,HEADER_VIDEO_BACKGROUND:null,HEADER_SLIDESHOW:null,HEADER_SLIDE:null,HEADER_HERO_SLIDE:null,HEADER_PHONE_RENDERED:null,HEADER_PIPE_RENDERED:null,HEADER_ADDRESS_RENDERED:null,HEADER_LOGO_RENDERED:null,HEADER_LOGO_IMAGE_RENDERED:null,HEADER_LOGO_OVERHANG_CONTAINER:null,HEADER_LOGO_TEXT_RENDERED:null,HEADER_TAGLINE_RENDERED:null,HEADER_TAGLINE2_RENDERED:null,HEADER_NAV_RENDERED:null,HEADER_CTA_BTN:null,CART_ICON_RENDER:null,CART_ICON_COUNT:null,CART_ICON_PIPE:null,CART_TEXT:null,CART_DROPDOWN_RENDERED:null,SEARCH_FORM_RENDERED:null,SEARCH_ICON_RENDERED:null,SEARCH_ICON_RENDERED_OPEN:null,SEARCH_CLOSE_RENDERED:null,SEARCH_FI

Chrome Cache Entry: 127

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (829)
Category:	downloaded
Size (bytes):	876
Entropy (8bit):	5.561256771975726
Encrypted:	false
SSDEEP:	24:cEBLv5pqMIuHMnH7cmo17Jv0ySaUKdei9hJQE2HrIYpb:f75pqaowmWJcySaUKdTfcrIC
MD5:	9219CF782ED219BD3929A51E99503BC2
SHA1:	6AAC399854EC0405949566FAFDCA8C121F0CDA58
SHA-256:	89388608D7BCECED5AD74231681FFCE822AD580ACB9FD7E492970176E3E38347
SHA-512:	D421851026422D46E1561FA852084CE7B41E32C7451DCF85900838265D330F09389DA18F4D8A5FAF3E0A4076508BA7E93EA9C5F8B5B32ACF32205C9B6E65E709
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-4e26cd6b.js
Preview:	define("@widget/LAYOUT/c/bs-index-4e26cd6b.js",["exports"],(function(o){"use strict";const{widgetTypes:e,colorPackCategories:t,themeConstants:n,buttons:l}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,s=(global.keyMirror\|\|guac.keymirror)({NONE:null,SMALL_UNDERLINE:null,FULL_UNDERLINE:null,INLINE:null}),i=24,r=n.DEFAULT_OVERLAY_TEXT_SHADOW,a={about4:i,introduction5:i,content5:i,ordering1:i,payment2:i,zillow1:i,reviews1:i,rss1:i,subscribe3:i,mlsSearch1:i,contact10:i,countdown1:i,quote1:i},c={spotlight:{fill:l.fills.SOLID},external:{fill:l.fills.NONE,decoration:l.decorations.NONE,shadow:l.shadows.NONE}};o.A="365px",o.B="24px",o.C=c,o.D=25,o.I=28,o.M=40,o.O="0px 2px 10px rgba(0, 0, 0, 0.3)",o.S=40,o.W={about1:!0},o.a=r,o.b="18px",o.c=a,o.d="600px",o.e=t,o.s=s})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-index-4e26cd6b.js.map.

Chrome Cache Entry: 128

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (522)
Category:	dropped
Size (bytes):	586
Entropy (8bit):	5.2378887904744955
Encrypted:	false
SSDEEP:	12:H/QL7ANBSyTUXaPXAbDTc/NeL2QiTj+RVngQ2ofXgYhMYTHr+pWgL7AO:cANBLTUXaPXAPTc/tTj+HngQ2CQY/HrQ
MD5:	FADB3719FFA2A9E96CDC64FFEA0220FA
SHA1:	B9B00833E59E99ECE036B518D8429AF5EFEC1163
SHA-256:	E8A5463FF98210D3017DEEE55D5A287AD01AAA11DBE7DEB7D07F7D15D7F609F2
SHA-512:	C6E3581F7676B3204BC0FC8D4DCCF5A383FDE6F17A27D2F855EBEE3D205459BD9866A219808EAB1D4D4B37676D13B516AF546C7125C3FFA22CA74B995A180644
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=n,e.a=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_rollupPluginBabelHelpers-8ce54c82.js.map.

Chrome Cache Entry: 129

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	324
Entropy (8bit):	5.376083689062415
Encrypted:	false
SSDEEP:	6:FSPl39b4BSyRbjGJlI9kXJ3+V0q1EkmGHr9EJiKWaEt39J:cd39MBSyVz0XkTHr+pWTt39J
MD5:	ACD4F2B6117E5054FC9BF848AE8121CA
SHA1:	AE4D5F41D854BA8D99A4A1EC6EE6D6C3C0A859B8
SHA-256:	66774F89FCFA5674BE9AEF60E3FE3CB81E4DD88246BDE4E5392DF8B99FEFD4DB
SHA-512:	906FC9144D4AB81E8000CBE4A7AF7AFF775464347449193337E8738D705888C02B9476E083B3B67BDB3CBC312AAC4644C10737BC1FC5F9F08B38F5F45A2410F9
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-legacyOverrides-42582241.js
Preview:	define("@widget/LAYOUT/c/bs-legacyOverrides-42582241.js",["exports"],(function(e){"use strict";e.g=function(e,i,n){let o={};return"MENU"===i&&"h3"===e&&(o={color:"highlight"},"menu3"===n&&(o.fontSize="large")),o}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-legacyOverrides-42582241.js.map.

Chrome Cache Entry: 130

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 14160, version 1.0
Category:	downloaded
Size (bytes):	14160
Entropy (8bit):	7.984366061864312
Encrypted:	false
SSDEEP:	384:xuSsnqITlR8xFPvcabnz6OjCOntQsJjgaijTs1Q:xRsqsUxFncabzCi/jq6Q
MD5:	6CAF2B9A15E4AE129857767920794068
SHA1:	DC6946A2C472822BC25B5FAD19587B998A62B07E
SHA-256:	500F8AAF69DDCF71A16CEAE58C927F03371B33665185E16DF347B67F7F11BDB9
SHA-512:	9FD2548F0362D28EC755313FA21051105C5651865A67836FB1B368B0065D254F32F3460C07232CC564838FCC984CE0E4C8FD36EE63BF45BF1D3E247F14D62685
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Preview:	wOF2......7P......~...6..........................t..b..&.`..b.....d..\..6.$..4. ........l%.....'J..GQ6Yk.H.....j.!....lmA.q.Fj...w.5c.s.{6tS.q..t.:.i..z..c-..].8Y...q.k.M.....b.e.)../.I~v...@...@..H+kr.w...#.O.Tk......AT@.d.....6.a.U....8..{I-.S..6../j.f.M....\|.L...Q..O..\.M...~.#..ER..S.r;v.n:.w.......;..I......D!.F.4......s?I.....:.L....k."-..O.G..1........V[...../.Bk{E...x..FL.N..hs....2..f...U0..~...jy.E....b........g..VW...p.n.I.....\s....evgayMM>~D.M~[..;.._kl.....D.l..n..*...#v.?......Z&...X.V........V.=.....}...?}.FY}}...s..GC.......^b..v...%....CQ...IQ&.).....}.2.\|._...U\|.:...j...D...V...L$T.V...6....?.E....}.a...."...............Jr......BM.Gem....H.g...F....0"h$....P.q...0.H.`H$.tq.....&SB.\|M..f.ai&.-..s...1....P..(.K.cS...1.......y`..v@...G_.(........E%c.)...v.N...z,............3..S......^'...@....\|.............ln..8.YI...w..?dY.0J..O.c\..\,..Q.z...w......bI3(....j....y9....E..H.S..t.d.5e....u.l...#.A.....@&..j..8z.W.50...

Chrome Cache Entry: 131

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1824)
Category:	downloaded
Size (bytes):	1874
Entropy (8bit):	4.934407477113311
Encrypted:	false
SSDEEP:	48:fCEX2kA83zdkJi1lvietWdcy0cy7mdOrxGfrIK:aE33zdkJiDvietWdR0R7mdOFYX
MD5:	EDC15AD5DAAC3CFA744BFFDB1E0174BE
SHA1:	E314A5CA702D0E77B2C2C023ADDADE266EA223B2
SHA-256:	3B54AEACFDA01BE53800632989A82F6F5A7F92E927159A37A4324B38D3DFFEF8
SHA-512:	8B8805D67FF993BD406EEB6682B1578537A3D6B7DC6711BE7152120689C77147D8C24351ACEBD2A06AE9B81D858EAED19C44E6792FE3C147EEAF3133C635589B
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js
Preview:	define("@widget/LAYOUT/c/bs-dataAids-6a839d53.js",["exports"],(function(E){"use strict";var R=(global.keyMirror\|\|guac.keymirror)({BACKGROUND_IMAGE_RENDERED:null,HAMBURGER_MENU_LINK:null,HEADER_WIDGET:null,HEADER_SECTION:null,HEADER_VIDEO:null,HEADER_VIDEO_EMBED_WRAPPER:null,HEADER_VIDEO_EMBED:null,HEADER_VIDEO_EMBED_INSET_POSTER:null,HEADER_VIDEO_EMBED_FILL_POSTER:null,HEADER_VIDEO_BACKGROUND:null,HEADER_SLIDESHOW:null,HEADER_SLIDE:null,HEADER_HERO_SLIDE:null,HEADER_PHONE_RENDERED:null,HEADER_PIPE_RENDERED:null,HEADER_ADDRESS_RENDERED:null,HEADER_LOGO_RENDERED:null,HEADER_LOGO_IMAGE_RENDERED:null,HEADER_LOGO_OVERHANG_CONTAINER:null,HEADER_LOGO_TEXT_RENDERED:null,HEADER_TAGLINE_RENDERED:null,HEADER_TAGLINE2_RENDERED:null,HEADER_NAV_RENDERED:null,HEADER_CTA_BTN:null,CART_ICON_RENDER:null,CART_ICON_COUNT:null,CART_ICON_PIPE:null,CART_TEXT:null,CART_DROPDOWN_RENDERED:null,SEARCH_FORM_RENDERED:null,SEARCH_ICON_RENDERED:null,SEARCH_ICON_RENDERED_OPEN:null,SEARCH_CLOSE_RENDERED:null,SEARCH_FI

Chrome Cache Entry: 72

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (852)
Category:	dropped
Size (bytes):	919
Entropy (8bit):	5.236642015723828
Encrypted:	false
SSDEEP:	24:caBLoXaPXAH5NUM45cl2TxlBWJSqhPuQHrIYf:t8XyXA/UjmkTxjONrIY
MD5:	1CCD3C1052745E96CE686CC6F6143F10
SHA1:	0B19BB42233073967E22FE75572E12908E70A8C9
SHA-256:	F075FEFC90D97DA32D93AB7A2C9660A9D73B41A3B022497C8E6683CB6F98BF88
SHA-512:	0A274F4D70897638F9EC9F0A04D79C0BF6FA94E297A7938F773345395AC64F2CB87B9DA2D265DDC017C3AE0C16B88B207E8688110AE8A5E91FC662767D78587A
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-a2e90765.js",["exports"],(function(e){"use strict";function r(){return r=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])}return e},r.apply(this,arguments)}e._=function(e,r,t){return(r=function(e){var r=function(e,r){if("object"!=typeof e\|\|null===e)return e;var t=e[Symbol.toPrimitive];if(void 0!==t){var n=t.call(e,r\|\|"default");if("object"!=typeof n)return n;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===r?String:Number)(e)}(e,"string");return"symbol"==typeof r?r:String(r)}(r))in e?Object.defineProperty(e,r,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[r]=t,e},e.a=r})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-_rollupPluginBabelHelpers-a2e90765.js.map.

Chrome Cache Entry: 73

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 14712, version 1.0
Category:	downloaded
Size (bytes):	14712
Entropy (8bit):	7.984524638079703
Encrypted:	false
SSDEEP:	384:J1xXvtvezpO6syafJ+CnNcxHGoY/7NazJq:dXvFysJfcqNqmFDNaM
MD5:	3AFEAE0D768769F5E5F30AC9805C5B70
SHA1:	3ADA17C2B462DB3E7A1FD85C3F4670DFE7704F4D
SHA-256:	0D0A6262C545E8BBC895116E5AFB22579C468D7ABB77E378F377D6FED57C1DCE
SHA-512:	71C361AC0D7B72B222D4F087B46D1BEA318ED6652C4D37EC3403F0B0616482B5040232E06F2FCF13109CDF6151DC209E882C0DB40B2C6ACE4E2E0292FCDCDAB5
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Preview:	wOF2......9x.......8..9..........................n..<....`..b...\|.@..d..6.$..D. ..\|..4..v%.m.... FO.#F"l.d..#......?t..'$.2..n..Ye.1$..]...$s..W.s9.<%.L.1}Yy.6...-. b..[......7!..<K.W\|.ij.f..?.\;.....N.$..T(.}.9."0n..........g)@.WE..@.....ZV..=U...;....}.:.t.H.B..H((2.E%$.@1...s.]..R]T..2..vQ.m.7....bm....T.....To.w..v)...H..).B!@..,.zB.ev.....3..L....[..z...\f[...BUV...^...0..8.....D.......\.$_e;.._../K.0.D..0.@..`...mn.....b......h..#.n?.A..}v.l..]yq.......].#=N..9p..9b.8i.!Hl......(.p.>.....{..`.^}W..Fc.O.~.....f..a.%..k.I..e9@Ov.dH.M......i.T.....K.x\|L1C..j..r.l..#.l/...=.Z...e...,k.<...A.A.I..]..@._...z.o.f2.....8,..?..qDUQ.S....a..L$V........K.d.F=~Ga..`.T.H......e{\...^..4cap...o!`9.-.d......._.k.Na..@.......`>.d..E...N....!.DE....`e.)P.R......Q.H....FA0..[U......I....d.......y{...J^...........]#...kH....0..}..C.\|b}.n.....7$c. ...........y....-.0...}..D..#...>}.Q.....*...=R...?.4....n...5.!93"/<9Ao.v.e..Jw.S..0..RK...L..k..)....-...M.

Chrome Cache Entry: 74

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1352)
Category:	downloaded
Size (bytes):	1400
Entropy (8bit):	5.307032039583678
Encrypted:	false
SSDEEP:	24:c6BLQZSwXZSUcUxQAQId+06QyyU+bHJRWIFSPhXCoiCUPGyTiKNPR138IHrIYf:j+SwJSxAQ0H0OpwUSPhXCoiCUeuiKNPd
MD5:	5CC6B93D41889C0A55C6C4FCD2D89713
SHA1:	51A59C1DAE337817C4EBAC39FBE61C232705A893
SHA-256:	8671CFDFA128168DB2136D7C17F55BA98DDBA221CDD1ACBBE559D4969280FD51
SHA-512:	8BCAAB1399B6D4D7475C4CF1DC45B0477A9D2AD37578DFCCF23C0C9303716DA1DECD5FBA858D5DD609CB89BCC784E04B72A0D7136BC6EE60DC3EF69CAB977C33
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-87bd33e6.js
Preview:	define("@widget/LAYOUT/c/bs-index2-87bd33e6.js",["exports"],(function(t){"use strict";t.a=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginBottom:t}," > :last-child":{marginBottom:"0 !important"}}},t.b=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginRight:t}," > :last-child":{marginRight:"0 !important"}}},t.c=function(t){const e=function(t){if("string"!=typeof t\|\|"{"!==t[0])return null;try{return JSON.parse(t)}catch(t){return null}}(t)\|\|{};let n=0;return e.blocks&&e.blocks.forEach((t=>{const e=t.text.length;n+=(global._\|\|guac.lodash).clamp(e,25,Math.max(e,25))})),n},t.g=()=>{const t=document.getElementsByClassName("ux-scaled");let e=1;return t&&t.length>0&&(e=t[0].getAttribute("data-scale")),e},t.r=t=>{let{count:e=0,fontSizeMap:n={},defaultFontSize:r}=t;const i=(global._\|\|guac.lodash).reduce(n,((t,e,n)=>{let[r,i=Number.MAX_VALUE]=e;return t.push({range:[r,i],

Chrome Cache Entry: 75

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (905)
Category:	dropped
Size (bytes):	960
Entropy (8bit):	5.203352394673048
Encrypted:	false
SSDEEP:	24:pzBLgJHHVvC+dKbywqIN6ttVFRJB1i/uwBrV7DtZHrIvyU:zSkjbQxz3+uQ7RxrIx
MD5:	62A914B2C847D4D02B76164D7A2A54C6
SHA1:	20D9F49A90A51FA6C8420640610DF77F7A96D919
SHA-256:	B08C2864EC27736C507B1CA4B3A225A19147841B861CD8494DAF95FA370FE639
SHA-512:	E67D3D9F68EF3151D93DEDAA3530DF89F0C957F08561E93134B219DEC23C2A1FE0D109AC666619526742C5411E4636ECE416A3AD1148C1AD0861F0050B41D3DE
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js",["exports"],(function(e){"use strict";var n="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};e.a=n,e.b=function(e){if(e.__esModule)return e;var n=Object.defineProperty({},"__esModule",{value:!0});return Object.keys(e).forEach((function(t){var r=Object.getOwnPropertyDescriptor(e,t);Object.defineProperty(n,t,r.get?r:{enumerable:!0,get:function(){return e[t]}})})),n},e.c=function(e,n,t){return e(t={path:n,exports:{},require:function(e,n){return function(){throw new Error("Dynamic requires are not currently supported by @rollup/plugin-commonjs")}(null==n&&t.path)}},t.exports),t.exports},e.g=function(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_commonjsHelpers-67085353.js.map.

Chrome Cache Entry: 76

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 14200, version 1.0
Category:	downloaded
Size (bytes):	14200
Entropy (8bit):	7.9848584303999575
Encrypted:	false
SSDEEP:	384:4x0+gupuyinvn2fLG/YRnzJFXaERndpmwk:x+RuykSvTQepNk
MD5:	8189FC633208846686EEC91EA316D6FE
SHA1:	CE99A5D3A3E51EA1166DE5E664265DB6F7783449
SHA-256:	FAE9EE8DA96BA004F96A5719E3CD323B3248C49A28E56777CE829900D50929ED
SHA-512:	F41D7510F7021E85EB8B57FF27759412BE13BCD40D8992FD4664CD16C6A25D3C8FFCD928F4C44EACBDEA52C12B050D239427DECE751B72C7BDA467A4E0B7D11E
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
Preview:	wOF2......7x......~l..7..........................t..T..&.`..b...$.e..\..6.$..4. ..(.....l%...a...o.(.......F".......&.1F0..j......QM5-0....p.I..&wk.+.b.. .X.I[.}...]N.....?K.-..sa.....;....$....u1.p.3...9a......}nU}.Zz...F......t..Cp.r.G3..gx~...X`!%.. Y.%....Q(V..H]e..bq..-...?.=..>/I,...$....&.L.L0...?./U5.9./.H(..(4.......d.M.r.kt..X...#V..........r.R.....\.M6;I...f'.%.....B...ZS..A.Y.....:...}..h$..7.;NyZ..v..Bh..D=Y....{....'...ou[.E.O..a.p`q.I6..a.~...T.....'....w.3..un.M.....j.......J.....2..JN...t.y..].......,...........Ki.....@....N.cH.]....Tr.TS.........i.....S..j. ...j.....q...C42r..cy .@.{.......&I...y..^.-.$H.l.RD.{.............q..........)9y...@....x. lP..."./.L...H.D.33..7H.b...`j..h.....o...c@...[.....hu.].....7.G3....*.. ....!...m.@].w....M..a@E...`..#...N.7;:.....T3.n.......l.+@...h.56[GrI0P.4...8$.s......d.^.R.^...\.%?..2a...'.(K....$.....ZO4.3...a&.....lt.G#%=......,.l............L[k?...E.v.6_..-A....U.<...?.a......q..$.......

Chrome Cache Entry: 77

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 14104, version 1.0
Category:	downloaded
Size (bytes):	14104
Entropy (8bit):	7.983211435601148
Encrypted:	false
SSDEEP:	384:dnRwbM1OKRQHw6G33Z+b29Nl7MOBj9arc5vK/Z3Gtl:dRwbkOKKHw6m9Nlw+9Tw3u
MD5:	223C4F03708006FDB1F2115D32785A3E
SHA1:	76F4F9FFCAAB85153E403137FE180FC4720E5F45
SHA-256:	C5BF2B44104C6AE4BDC5CCAF16169C7D3BF8EA750CDDE9CAE7CC6DD0973A0DD0
SHA-512:	AEA8BCF421B89123B977B2E614C4A765E6A8D8FAC6C295ABBCB75AE37C77C7846BA0F0CE99EF5355B30B83C3122331927BB89F9FF0EE66CC7A35ED98AAFC0963
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2
Preview:	wOF2......7........p..6..........................t..6..&.`..b...<.d..\..6.$..4. ..0....Um.l\e...`o,'.F..<....2.aN..f..L.C.....N/d..E..T3=LRU....6r.B.q........!..0..NX..I..Nb_...8^(.........C.//.9......s.3..V4u.y....>s.....E...UC..I..~.d:.....i..,F...D..b...6{"+Q......H...D....b`..".].v.e.v..]...].vT.V=g.G..H...#...x.. ..A...?...]...o<.(..(h"9.C?...5}5..Bu`...[`..QRJ.......tL.Fx.9....]...i.t.....Fj.....i........qpw..`.'.\......D@.eg!..z..]9.?>w...wc.ZS...x...C..p..%B...J;3.s....u.2r.B..>_!....h.....$. ....-."T...U......].O.....Pr.C.E.ul..:..........i......F...(:.Pm.:.1^..uW.s............u.]..{.>..Zw....V.15Vv..$A.....x..K.#6D&..pZ......}.#..^$.k..d.H..n._.C.e......Xz..}..m...E...GF.T@.......TD.@.0*L..)...Q.C...dh..F..2t.'C..2.7.c.i...;..8..J..f.G...~m..r.@m......Pd^..o.N..9_c<.1.;...!.XL0..'.{.:...#.CJ..\|#IU...<Y.!.x..-7<[A5d...C.~."t.9]...:..9`;)...r.......T..J..-..c..1.............8-...^....w...b.,(......y....."m.-<.3M.Bt.%..UR.@8&

Chrome Cache Entry: 78

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1352)
Category:	dropped
Size (bytes):	1400
Entropy (8bit):	5.307032039583678
Encrypted:	false
SSDEEP:	24:c6BLQZSwXZSUcUxQAQId+06QyyU+bHJRWIFSPhXCoiCUPGyTiKNPR138IHrIYf:j+SwJSxAQ0H0OpwUSPhXCoiCUeuiKNPd
MD5:	5CC6B93D41889C0A55C6C4FCD2D89713
SHA1:	51A59C1DAE337817C4EBAC39FBE61C232705A893
SHA-256:	8671CFDFA128168DB2136D7C17F55BA98DDBA221CDD1ACBBE559D4969280FD51
SHA-512:	8BCAAB1399B6D4D7475C4CF1DC45B0477A9D2AD37578DFCCF23C0C9303716DA1DECD5FBA858D5DD609CB89BCC784E04B72A0D7136BC6EE60DC3EF69CAB977C33
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-index2-87bd33e6.js",["exports"],(function(t){"use strict";t.a=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginBottom:t}," > :last-child":{marginBottom:"0 !important"}}},t.b=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginRight:t}," > :last-child":{marginRight:"0 !important"}}},t.c=function(t){const e=function(t){if("string"!=typeof t\|\|"{"!==t[0])return null;try{return JSON.parse(t)}catch(t){return null}}(t)\|\|{};let n=0;return e.blocks&&e.blocks.forEach((t=>{const e=t.text.length;n+=(global._\|\|guac.lodash).clamp(e,25,Math.max(e,25))})),n},t.g=()=>{const t=document.getElementsByClassName("ux-scaled");let e=1;return t&&t.length>0&&(e=t[0].getAttribute("data-scale")),e},t.r=t=>{let{count:e=0,fontSizeMap:n={},defaultFontSize:r}=t;const i=(global._\|\|guac.lodash).reduce(n,((t,e,n)=>{let[r,i=Number.MAX_VALUE]=e;return t.push({range:[r,i],

Chrome Cache Entry: 79

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6969)
Category:	downloaded
Size (bytes):	7039
Entropy (8bit):	5.2361798012427245
Encrypted:	false
SSDEEP:	192:oLb1MP+fzUiru5feyeCVL+izwhVQ9iPzmHFnYJsvIFO/Esh:oLxmCUiru5fneCVL+izwhVQ9ibmHFnYK
MD5:	DAD318033A09F6ABA68D6EE66F1CDACE
SHA1:	F538D0C3973677A6CDF14E9223AFB432FCF1CF8C
SHA-256:	E8FCFB1552D918B5D9FD715F711255465D6DD4348B4DCEDD362CB00DF9D3DBEF
SHA-512:	6024483003089661D9799000202895EC4ACA6CDEC816BDBC786F6800536AA8E6B93D8B8CA81E1EB6B8122C72CD14172C94C6C49953FFA536E49D71DD7F47499F
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/bs-layout13-Theme-publish-Theme-7252afe2.js
Preview:	define("@widget/LAYOUT/bs-layout13-Theme-publish-Theme-7252afe2.js",["exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-index3","~/c/bs-themeOverrides","~/c/bs-legacyOverrides","~/c/bs-humanisticFilled","~/c/bs-defaultSocialIconPack","~/c/bs-loaders","~/c/bs-index","~/c/bs-overlayTypes"],(function(e,t,r,o,a,n,i,s,l,g){"use strict";const{colorPackCategories:d,buttons:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,{LIGHT:u,LIGHT_ALT:m,LIGHT_COLORFUL:h,DARK:p,DARK_ALT:y,DARK_COLORFUL:f,COLORFUL:b,MVP:x}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants.paintJobs,I={[g.F]:"category-overlay",[g.b]:"category-overlay",[g.I]:"category-solid",[g.B]:"category-overlay",[g.L]:"category-overlay"},S={defaultHeaderTreatment:g.F,imageTreatments:I,heroContentItems:["tagline","tagline2","cta"],nonHeroContentItems:["phone"]};var C={id:"layout13",name:"modern",packs:{color:"005",font:"league-spartan"},logo:{font:"primary"},packCategories:{color:d.ACCENT},headerProperties:{alignmentOption

Chrome Cache Entry: 80

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (51853)
Category:	dropped
Size (bytes):	60635
Entropy (8bit):	5.351115105327501
Encrypted:	false
SSDEEP:	768:RfLoCGFoLE8vvw4xUC/ib7V/Kc5syj1TRwv/ly3IxKUTGMOumJ66KzElpzwOn2/H:zQ1TRwlyIKUSumJ66KzEnMOn2/zmOT
MD5:	2C9A7CEBFE797FFC97BC3C63821362FD
SHA1:	9C8C97BF7C8C1B5E1CB0A4D5A8D7B8B4A0F7D48A
SHA-256:	1DF934A05162899841118A43ECC5C3920959BCA1A4D0B4C31125BA51AED029D5
SHA-512:	685DBBD57E616ED3DF149B7CF4C11C6EF33FF4B3B85FA7A3BA0C0FD7BDF7D99A8D68B329C84EE81D9D736CA05BEB9127BB73A47D953E8202BFFBB5864A97C39D
Malicious:	false
Reputation:	low
Preview:	navigator&&navigator.connection&&(window.networkInfo=navigator.connection,navigator.connection.addEventListener&&navigator.connection.addEventListener("change",({target:n})=>window.networkInfo=n));.const imageObserver=new IntersectionObserver((e,r)=>{var a=e=>{if(e.hasAttribute("data-lazyimg")){var t=e.getAttribute("data-srclazy");let o=e.getAttribute("data-srcsetlazy")\|\|"";if(t&&(e.src=t),o&&window.networkInfo){var n=window.networkInfo.downlink;const r=[{min:0,max:5,regex:/(.?(?=, ))/,qMod:!0},{min:5,max:8,regex:/(.2x)/}];r.forEach(({min:e,max:t,regex:r,qMod:a})=>{e<=n&&n<t&&(r=o.match(r),o=(r&&r.length?r[0]:o)+(a?"/qt=q:"+Math.round((n-e)/(t-e)*100):""))})}e.srcset=o,e.removeAttribute("sizes"),e.removeAttribute("data-lazyimg"),e.removeAttribute("data-srclazy"),e.removeAttribute("data-srcsetlazy")}};e.forEach(e=>{if(e.isIntersecting){const t=e.target;window.networkInfo&&0===window.networkInfo.downlink\|\|([t].concat(Array.from(t.querySelectorAll("[data-lazyimg]"))).forEach(a),r.unobse

Chrome Cache Entry: 81

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 14892, version 1.0
Category:	downloaded
Size (bytes):	14892
Entropy (8bit):	7.98489201092774
Encrypted:	false
SSDEEP:	384:LKrbeS3uuEGg7o6yDdWa/TQcNc+rAsmnsTJ39cUZi:LKneSe4/6yDFU6rAGJZE
MD5:	9EC6DEAF6BADA919E20B98F9F7B718B1
SHA1:	501D36403AD8205E4644532600019ECB10F5CB0A
SHA-256:	7B348B30EA1FE43857E68FC462C29E5C6E63C97666AF75135C4396A272E54762
SHA-512:	03849431CEF204A1584FFE6F23DBE86730AFD076146AB3D1855B9C3402168A97FAA8A529E69FAE45EA24CFF7110C2930CB4744162BA0ED95D95600F6E777B322
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Preview:	wOF2......:,.......\|..9..........................n..B....`..b...L.4..d..6.$..D. ..f..4..v%..........D..dd.do......:d..M....E.&..J..G....3.Mxp....i....V..u$.[O.;MU.:j.?..{+/<....s....^[..d.d.....t A....`..z....IN^.......2......mY.kF...\...UYU..........$.O=5..2q..L.2.1.c.....`x~n=.'Ur.66V.f]./..L1..P..<.0.<.8.....Z/.+.H....y..F....h5....V.j.....l..O#.:-Q....9g....:..?..8v];u,O..'....c.\r......].&w.....%@..Z.^....$.,dJ....W.{.....h8}4..S/.sZ...f."$..`a.$Mb.....;.W.."..y.H.<.g.......oNS..MO....X.%.8..y.\...ly..w..?-.~.o.ZZ~G.....B.....@...._....g.fF_...d-...aA_..#k.I.....x...P.}z..JQ&E........).P\|."g.#.)Q.T...}.PD.T+<}c+.\|\|0...2.F..hD.X.J.O.eJ:.%ZW.m.K.Jd..c.7.....T.cr.2....DD.........2..y..?/g...... ={..c /.....X.0.F.F.PX.P..!..K..K.....i.%....B.."...A....F.........4..........S........z$`.T..h...E..........._%=..).)......x)...A.J..K...?.V.......w.Y}..N.....}..>.......%.f.O..o.{..=wz.e_&.O\..*..Q..c.'...X&.1wS.R..AY...G.....Q.f...z..E..u8&V

Chrome Cache Entry: 82

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23126)
Category:	downloaded
Size (bytes):	23189
Entropy (8bit):	4.539345073526186
Encrypted:	false
SSDEEP:	384:7UuK/6kvTqLYddu4bV/yiAhSs1hiAhAiSeG3dvBRU+SMkc6e:QuJ5wI45/c1+ipG3TJSMkU
MD5:	3D092EF4ABA019B14F01C40747E40554
SHA1:	1C26145272FCF4CA91AF501288CCE84B1BFFD38B
SHA-256:	B4C48B77BBE6BBACF7D16BDAA81F5509FB8EA0FBFDDFBF2D12307F7A88518846
SHA-512:	F7180D3D98CF17556E27D62EF719DD9E35041679BAB74BD49BD898EB0FB62018EF6C6B64D06E9E0CAC4A646154DB93A1D35096B098DDCFF7B02CD6889A29DA0A
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-defaultSocialIconPack-91835b99.js
Preview:	define("@widget/LAYOUT/c/bs-defaultSocialIconPack-91835b99.js",["exports"],(function(a){"use strict";const e=(global.React\|\|guac.react).createElement("path",{d:"M12 2C6.477 2 2 6.477 2 12s4.477 10 10 10 10-4.477 10-10A10 10 0 0 0 12 2zM7.055 13.745a.97.97 0 0 1-.073-.509l.182-2.072a.687.687 0 0 1 .29-.364c.182-.11.582.036.582.036l2.619 1.31s.4.181.4.509c-.037.436-.219.436-.364.509l-3.055.654s-.436.146-.581-.073zm4.945.473l-.036 3.018s.036.437-.219.51c-.144.02-.291.02-.436 0l-2.036-.655a.6.6 0 0 1-.291-.364c-.073-.218.182-.545.182-.545l2.036-2.255s.327-.29.582-.145c.254.145.254.436.218.436zm-.364-3.236a.687.687 0 0 1-.581-.182l-2.51-3.418s-.363-.4-.181-.691a.64.64 0 0 1 .363-.291l2.4-.873c.11-.036.218-.145.582.073.255.145.291.655.291.655l.036 4.145s-.072.51-.4.582zm1.419.582l1.636-2.582s.145-.364.436-.327c.152.002.29.085.364.218l1.382 1.636a.676.676 0 0 1 .072.473c-.072.218-.472.363-.472.363l-2.91.837s-.4.073-.545-.182c-.145-.255 0-.51.037-.436zm3.781 3.309L15.6 16.655a.815.815 0 0 1-.4

Chrome Cache Entry: 83

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	324
Entropy (8bit):	5.376083689062415
Encrypted:	false
SSDEEP:	6:FSPl39b4BSyRbjGJlI9kXJ3+V0q1EkmGHr9EJiKWaEt39J:cd39MBSyVz0XkTHr+pWTt39J
MD5:	ACD4F2B6117E5054FC9BF848AE8121CA
SHA1:	AE4D5F41D854BA8D99A4A1EC6EE6D6C3C0A859B8
SHA-256:	66774F89FCFA5674BE9AEF60E3FE3CB81E4DD88246BDE4E5392DF8B99FEFD4DB
SHA-512:	906FC9144D4AB81E8000CBE4A7AF7AFF775464347449193337E8738D705888C02B9476E083B3B67BDB3CBC312AAC4644C10737BC1FC5F9F08B38F5F45A2410F9
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-legacyOverrides-42582241.js",["exports"],(function(e){"use strict";e.g=function(e,i,n){let o={};return"MENU"===i&&"h3"===e&&(o={color:"highlight"},"menu3"===n&&(o.fontSize="large")),o}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-legacyOverrides-42582241.js.map.

Chrome Cache Entry: 84

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (4760)
Category:	downloaded
Size (bytes):	41679
Entropy (8bit):	5.692014483353563
Encrypted:	false
SSDEEP:	768:8aKwz01paBww0unaPwm0okT7P9P3TP3s5:nP9P3TP3s5
MD5:	AE872F870E07FE86D28F50C46D4DD3EE
SHA1:	F8C361B976C5CE82D2B08F76BE00D5EF74588183
SHA-256:	DD2F96956CAA738B39A06CE1A13C43DE8978E07CEAC1DB8445408EDC67E7BF09
SHA-512:	5F6CCE58748A12784F71E13260883075335F0CB1B2C5E3FA2BCE40256D9E9131B8550246D1510EFFA8C9115AA3452803AB54689080ECE955EB74C55AD1A8A3A4
Malicious:	false
Reputation:	low
URL:	https://kucoinlloiinn8.godaddysites.com/
Preview:	<!DOCTYPE html><html lang="en-IN"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/2392c2d7-8085-4053-96dd-10ede78cd7d9/favicon/f7121541-bc4d-4155-9a79-02bc7622be64.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com/isteam/ip/2392c2d7-8085-4053-96dd-10ede78cd7d9/favicon/f7121541-bc4d-4155-9a79-02bc7622be64.png/:/rs=w:24,h:24,m" sizes="24x24"/><link rel="icon" href="//img1.wsimg.com/isteam/ip/2392c2d7-8085-4053-96dd-10ede78cd7d9/favicon/f7121541-bc4d-4155-9a79-02bc7622be64.png/:/rs=w:32,h:32,m" sizes="32x32"/><link rel="icon" href="//img1.wsimg.com/isteam/ip/2392c2d7-8085-4053-96dd-10ede78cd7d9/favicon/f7121541-bc4d-4155-9a79-02bc7622be64.png/:/rs=w:48,h:48,m" sizes="48x48"/><link rel="icon" href="//img1.wsimg.com/isteam/ip/2392c2d7-8085-4053-96dd-10ede78cd7d9/favicon/f7121541-bc4d-4155-9a79-02bc7622be64.png/:/rs=w:64,h:64,m" sizes="64x64"/><meta charSet="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="viewport" content="width=d

Chrome Cache Entry: 85

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (63425)
Category:	downloaded
Size (bytes):	315045
Entropy (8bit):	5.470972207090544
Encrypted:	false
SSDEEP:	3072:7aOD2q1BSK7x5jfw71nUNdFIh0qrMdB8pbKQJaZkNeQHUC5SIui/+a:Wzq1Bzc71UNhqrMgpbLaZkNfHHWa
MD5:	D8A1FE8B9FD01233B8A030EA79C21DF0
SHA1:	1B2B4474F72FCEE56977101E7C85A8201F730903
SHA-256:	91DEC32BF6596B875CDEB8C7BFFC8B5029A870657D3D7C790E8939F17E24DC20
SHA-512:	C15DBBD27873E22558239D6671B7FA05107A348D44BEC9CD560B8AA6D443D4A86BBBC38FC6F2C18E4D4C82852741B7C995E3E80A1E95B04A0D2DBDA12DCB6F0F
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js
Preview:	var Core=function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/",n(n.s=68)}([fun

Chrome Cache Entry: 86

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	242081
Entropy (8bit):	5.517740449222352
Encrypted:	false
SSDEEP:	3072:Eu8xUu8gpdmSOvTdTK4Tn9TnatTn9TnApfeVH0pdmSO3iTIT7JlDnDQj3jPGIXST:382/6bbCx0FMKhd
MD5:	EE94D93E4A0EB3D2C41B8C7EE1BB25F6
SHA1:	3C52577F309D7C76DE7EA4E0A40CBB358886A1B4
SHA-256:	22F0A029FD70E639CC74C49BE1071F7710AE42E70CA2AD71C08EB6075B53D4BC
SHA-512:	6605DB1B03094066E506775B6E5B88B72EB928993FC1268F08250F13D66EEABC656FF1203D51527C19D64D6A2358BFF7358E2AC2E5AE474A3C71A53E5535A255
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-6c39b3c7.js
Preview:	define("@widget/LAYOUT/c/bs-index3-6c39b3c7.js",["radpack","exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-overlayTypes","~/c/bs-index2","~/c/bs-index","~/c/bs-dataAids","@wsb/guac-widget-shared@^1/lib/components/ColorSwatch","@wsb/guac-widget-shared@^1/lib/components/Carousel","~/c/bs-navigationDrawer","~/c/bs-searchFormLocations"],(function(e,t,a,r,o,l,n,i,c,s,g){"use strict";class p extends((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.utils.createElement("Background")){}a._(p,"propTypes",{className:(global.PropTypes\|\|guac["prop-types"]).string,backgroundSize:(global.PropTypes\|\|guac["prop-types"]).string,backgroundPosition:(global.PropTypes\|\|guac["prop-types"]).string,style:(global.PropTypes\|\|guac["prop-types"]).object,imageData:(global.PropTypes\|\|guac["prop-types"]).object,mobileWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,desktopWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,blur:(global.PropTypes\|\|guac["prop-types"]).bool}),a._(p,"defaultPr

Chrome Cache Entry: 87

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1411
Entropy (8bit):	7.771356809647831
Encrypted:	false
SSDEEP:	24:2wvREF2x08v0zMFJ9O6OTt2gEu5hkLouYU91Ad8626+zbS:2jFB8v0oFrrOTt2u5cou591AdpYXS
MD5:	0668EC98110A3A89D081D62B4D48128A
SHA1:	4E7D921787F75926353AE6E731DEB55C9BA6C29D
SHA-256:	B775E9734CDCF0E8F7216AA7EF5D878CE861DEFAD0EDC71B51A5E34622F3EE07
SHA-512:	B8C666CE41DA4B169215AC9FF5842B7B77B9F4F1221D249A0BF7A9093FA017E3C79B58C4B3CAE73999DAA4B3A00F7AA01A27D715CB3F9C431FC33C8E8E10DFB3
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....szz.....pHYs..........{Rk...5IDATX..WK.]E.}...O...r.>?.E.....7.....t!D.... n..=w2c..(.F.vef....].".....(.............{.}O}py}..:}..Tu..h4.a.9L...?>.g....b\|N....8H.......1Qct..k..[..W..5q.M?xu@.3....@8.C......d..2...c.q6..iq..1..L..#:.e.....jb.I.f..>...9.1..1"........5.}..we..h.e..8(...Z......P.<.?.)/..g}?.A...zb../Gk...M.....N.$v./".K..e..Z...."...e....2~k..1Z........%.]..T..5?.)s.U..\|._....L.C.@.K...Ia.S.....7b\l.N... .....y.BsW@.c..<..-X.Lp.N....1.....3.....3..-nW......xy.c....nkL8.".....#H...\|...i..+..N..[..q..!.V......G.-...%..C.p<.l.."1...(..1..g..B...[u..L.F......,N.M?..Nb.h.Vv...#qp{p....>...Jy.dV.w...<..d.@.$tM4..,..m....~...Q..p.1V#..,.Z.0(@.i.O[v .I.+...99l..%..b<A.g....tb.K...qYM...66..w-.V.@...\|&.R..d.\|..@.1.~E.L.1.=...c..........%.p..\yC.<V..l..>...=.P....&2..1.fg.&.E...Q.qQ...H...\|'.q8x.sx/.=.K9...27..n......9.S..Y.V.2.@.r...Y.v.L.S..3c...m={..b\S.cb\......H....:./...yfpl......F.w#{_..a!ZP!:J.g.W.\.....o......

Chrome Cache Entry: 88

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1411
Entropy (8bit):	7.771356809647831
Encrypted:	false
SSDEEP:	24:2wvREF2x08v0zMFJ9O6OTt2gEu5hkLouYU91Ad8626+zbS:2jFB8v0oFrrOTt2u5cou591AdpYXS
MD5:	0668EC98110A3A89D081D62B4D48128A
SHA1:	4E7D921787F75926353AE6E731DEB55C9BA6C29D
SHA-256:	B775E9734CDCF0E8F7216AA7EF5D878CE861DEFAD0EDC71B51A5E34622F3EE07
SHA-512:	B8C666CE41DA4B169215AC9FF5842B7B77B9F4F1221D249A0BF7A9093FA017E3C79B58C4B3CAE73999DAA4B3A00F7AA01A27D715CB3F9C431FC33C8E8E10DFB3
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....szz.....pHYs..........{Rk...5IDATX..WK.]E.}...O...r.>?.E.....7.....t!D.... n..=w2c..(.F.vef....].".....(.............{.}O}py}..:}..Tu..h4.a.9L...?>.g....b\|N....8H.......1Qct..k..[..W..5q.M?xu@.3....@8.C......d..2...c.q6..iq..1..L..#:.e.....jb.I.f..>...9.1..1"........5.}..we..h.e..8(...Z......P.<.?.)/..g}?.A...zb../Gk...M.....N.$v./".K..e..Z...."...e....2~k..1Z........%.]..T..5?.)s.U..\|._....L.C.@.K...Ia.S.....7b\l.N... .....y.BsW@.c..<..-X.Lp.N....1.....3.....3..-nW......xy.c....nkL8.".....#H...\|...i..+..N..[..q..!.V......G.-...%..C.p<.l.."1...(..1..g..B...[u..L.F......,N.M?..Nb.h.Vv...#qp{p....>...Jy.dV.w...<..d.@.$tM4..,..m....~...Q..p.1V#..,.Z.0(@.i.O[v .I.+...99l..%..b<A.g....tb.K...qYM...66..w-.V.@...\|&.R..d.\|..@.1.~E.L.1.=...c..........%.p..\yC.<V..l..>...=.P....&2..1.fg.&.E...Q.qQ...H...\|'.q8x.sx/.=.K9...27..n......9.S..Y.V.2.@.r...Y.v.L.S..3c...m={..b\S.cb\......H....:./...yfpl......F.w#{_..a!ZP!:J.g.W.\.....o......

Chrome Cache Entry: 89

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (786)
Category:	downloaded
Size (bytes):	842
Entropy (8bit):	5.258991916821592
Encrypted:	false
SSDEEP:	24:caBL+qMLVRGqawadlH0rVRrkAeT25Z2HrIY/:jKqSVMqzarH0brkAeq5ZSrI+
MD5:	31B521136207C11FF1F9985264424E8A
SHA1:	9EAF6B9717979CAEB5C7E846E17B2A89A08DC266
SHA-256:	C818B56446AE5A8D0466FC9C51D85104584E36F6D8B1C77E08A2D354E845E2CD
SHA-512:	DB2A8825F8C67B6361B86F5BB1DEE38089DD57E5E74ECBA335EF7D82D9D5E5AD3F64C07195FCDF700415F6F09B11BDB6A20410462ABAEC443335F19ACF8265B1
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-themeOverrides-e736c017.js
Preview:	define("@widget/LAYOUT/c/bs-themeOverrides-e736c017.js",["exports"],(function(e){"use strict";(global.Core\|\|guac["@wsb/guac-widget-core"]).constants;e.a=e=>{let{sectionHeadingHR:t}=e;return t?{sectionHeadingHR:t}:{}},e.b=e=>{let{sectionHeadingColor:t}=e;return{HIGHLIGHT:{style:{color:"highlight"}},HIGH_CONTRAST:{style:{color:"highContrast"}}}[t]\|\|{}},e.c=e=>{let{sectionHeadingSize:t}=e;return t?{style:{fontSize:t}}:{}},e.s=e=>{let{sectionHeadingAlignment:t}=e;return{LEFT:{style:{textAlign:"left","@md":{textAlign:"left"}},alignmentOption:"left"},CENTER:{style:{textAlign:"center","@md":{textAlign:"center"}},alignmentOption:"center"},RIGHT:{style:{textAlign:"right","@md":{textAlign:"right"}},alignmentOption:"right"}}[t]\|\|{}}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-themeOverrides-e736c017.js.map.

Chrome Cache Entry: 90

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1211)
Category:	dropped
Size (bytes):	1261
Entropy (8bit):	5.340315611373646
Encrypted:	false
SSDEEP:	24:/BLEQuC0F6lq5lEYwy5WqogVeESgVeId4PXsHrIW:Z4jFYq5lpwW7vdd4PXgrIW
MD5:	CB9BFA0FBDD957FBE7F4841B70341DB2
SHA1:	9CAD12A3580D3E4D340CB867E88B687C75564C5A
SHA-256:	513864FD4EBD1926F3E1E78B436A90C2BC3A5D16835B50415E7B318D7DEEC2A2
SHA-512:	DF98C3262F64DA4EA9CACF75FF7CB685D71B69142D89F726AB3E13CF6F25432DC395D7C0950E1632F0E519F135B02FDA0753739189E51F1C9210ACA6692551DD
Malicious:	false
Reputation:	low
Preview:	define("@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js",["exports"],(function(e){"use strict";const o=e=>{let{color:o,isActive:t,inStock:r,isSmall:l}=e;const a=r\|\|void 0===r,c=l?"24px":"38px",n=l?"20px":"32px",i={borderRadius:"50%",borderWidth:"1px",borderStyle:"solid"},s={outer:{...i,display:"flex",alignItems:"center",justifyContent:"center",width:c,height:c,borderColor:t?"lowContrast":"transparent"},inner:{...i,borderColor:"ultraLowContrast",color:"ultraLowContrast",width:n,height:n,background:a?o:`linear-gradient(to left top, ${o} calc(50% - 1px), currentColor, ${o} calc(50% + 1px) )`}};return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.outer},(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.inner}))};o.propTypes={color:(global.PropTypes\|\|guac["prop-types"]).string.isRequired,isActive:(global.PropTypes\|\|guac["prop-types"]).bool,inStock:(

Chrome Cache Entry: 91

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (20947)
Category:	downloaded
Size (bytes):	24399
Entropy (8bit):	5.2375624098374
Encrypted:	false
SSDEEP:	384:UNoz5VHqeg0VzpiyiwffnnPacVorjFtteVT36FCLCpKe9plq2D:ME5qeg0Rp8wffnPVEjFtteEFiSbbl3D
MD5:	753CB19EE1A756E46FAA0F118B1B4E01
SHA1:	248885E3BFE7E71989BA9FFFB33B6EFF18166FEC
SHA-256:	ED9FFA2FBA5ECC75AF2F99E6EBADD5B927086F258037C2A848E94449CC579991
SHA-512:	4482C4D5F2F93DE8E095C549994A7783FA55CD1A6C4C9CC5E697CC2E2F00C98B04D5CB958CC1ADC4D0EF67F300BE014E112AE1D992487F40EB25BC93E8B47AAA
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js
Preview:	define("@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js",["exports","~/c/_rollupPluginBabelHelpers","~/c/_commonjsHelpers","~/c/interopRequireDefault","~/c/_react_commonjs-external"],(function(e,t,n,i,r){"use strict";var s=n.c((function(e){function t(n){return e.exports=t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e.exports.__esModule=!0,e.exports.default=e.exports,t(n)}e.exports=t,e.exports.__esModule=!0,e.exports.default=e.exports})),o=n.c((function(e){var t=s.default;function n(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,i=new WeakMap;return(n=function(e){return e?i:t})(e)}e.exports=function(e,i){if(!i&&e&&e.__esModule)return e;if(null===e\|\|"object"!==t(e)&&"function"!=typeof e)return{default:e};var r=n(i);if(r&&r.has(e))return r.get(e);var s={},o=Object.defineProperty&&Object.getOwnPropertyDescr

Chrome Cache Entry: 92

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	221
Entropy (8bit):	5.32955468303281
Encrypted:	false
SSDEEP:	6:FSPD8WUDDSBSyFbNemGHr9EJiKWaEwI8WUDDn:c5UDGBSyCTHr+pWTwGUDr
MD5:	8F12765EB30FBDCFCDC116D13F7FC272
SHA1:	506E45B7D3930756EACCE0DAD449A3C8CDB3EAC6
SHA-256:	265995EB76326E95613750F6F6570B850F5C22280D262DE9B9632A16CEB98B9B
SHA-512:	7AA2F396B105BCCF2B943FD2AC60929D8BF3A0EB8574B77451CB29816DF8ACDCD07694B526D7E4585F849DFDA3A0FE6E95661179E13F682DBF54098D98154BFB
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js
Preview:	define("@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js",["exports"],(function(i){"use strict";i.N="-249vw"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-navigationDrawer-27f5f1f5.js.map.

Chrome Cache Entry: 93

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (905)
Category:	downloaded
Size (bytes):	960
Entropy (8bit):	5.203352394673048
Encrypted:	false
SSDEEP:	24:pzBLgJHHVvC+dKbywqIN6ttVFRJB1i/uwBrV7DtZHrIvyU:zSkjbQxz3+uQ7RxrIx
MD5:	62A914B2C847D4D02B76164D7A2A54C6
SHA1:	20D9F49A90A51FA6C8420640610DF77F7A96D919
SHA-256:	B08C2864EC27736C507B1CA4B3A225A19147841B861CD8494DAF95FA370FE639
SHA-512:	E67D3D9F68EF3151D93DEDAA3530DF89F0C957F08561E93134B219DEC23C2A1FE0D109AC666619526742C5411E4636ECE416A3AD1148C1AD0861F0050B41D3DE
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js
Preview:	define("@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js",["exports"],(function(e){"use strict";var n="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};e.a=n,e.b=function(e){if(e.__esModule)return e;var n=Object.defineProperty({},"__esModule",{value:!0});return Object.keys(e).forEach((function(t){var r=Object.getOwnPropertyDescriptor(e,t);Object.defineProperty(n,t,r.get?r:{enumerable:!0,get:function(){return e[t]}})})),n},e.c=function(e,n,t){return e(t={path:n,exports:{},require:function(e,n){return function(){throw new Error("Dynamic requires are not currently supported by @rollup/plugin-commonjs")}(null==n&&t.path)}},t.exports),t.exports},e.g=function(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_commonjsHelpers-67085353.js.map.

Chrome Cache Entry: 94

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (383)
Category:	dropped
Size (bytes):	437
Entropy (8bit):	5.418011449016951
Encrypted:	false
SSDEEP:	12:cTTgBSyk+Jb8KCjoD3BMXkKbr4Si+THr+pWTDTd:cTTgBL3fCjqMXfr4SiSHrIYDTd
MD5:	21AD22788E6CAA18A4E9E57F7372B108
SHA1:	50EBDD2452193BEAB7D1899F788FBBF32D90DD55
SHA-256:	0FE26F07B9E5D49590F55D31CBC381CA9337850F89B09940E3B384FCD6D26464
SHA-512:	4237775466FC3A94FE9FD769B9A186DBF8559FE5E06442EA107872462B1591DA2EBFC2786DD8D05495538428F668D940A4D851AE8E13DAFBBF8B763EAAD2F063
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js",["exports"],(function(e){"use strict";const{headerTreatments:{FILL:n,FIT:t,INSET:o,BLUR:a,LEGACY_BLUR:c}}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants;e.A="accent",e.B=a,e.C="category",e.F=n,e.I=o,e.L=c,e.N="neutral",e.P="primary",e.a="none",e.b=t,e.c="light_dark"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-overlayTypes-e1dbe765.js.map.

Chrome Cache Entry: 95

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	304
Entropy (8bit):	5.609970428503769
Encrypted:	false
SSDEEP:	6:FSPOhWNjZTivBSyv5F/kpIdiEjGWF+ktxRmGHr9EJiKWaEkWNjZTiKF:cUZBSyv5ZdihWF+CRTHr+pWTkAF
MD5:	DAA79AD7558674F6A12D962ABF47F2F6
SHA1:	03EEA0EBEBD11EC14CFA5A651EB0ACA2604829A7
SHA-256:	604281887CD770ED21601933E9636A7A9C8A57A30D7D796AE7D760EEF64D5089
SHA-512:	B335EBCB0C982398C56D9A5F68F5D4E36A850AB139976BD94354C7CD18F1F370866A74F46FCD399F46E410D59AF7FBA890A17003BB4FD456DD43A6DE531D28F9
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js
Preview:	define("@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js",["exports"],(function(o){"use strict";o.D="DESKTOP_NAV_COVER",o.M="MOBILE_NAV",o.N="NAV_DRAWER",o.S="SIDEBAR",o.a="DESKTOP_NAV"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-searchFormLocations-c86f2a99.js.map.

Chrome Cache Entry: 96

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 14780, version 1.0
Category:	downloaded
Size (bytes):	14780
Entropy (8bit):	7.982338554645172
Encrypted:	false
SSDEEP:	384:y1eEXK7BfwOIT30DseNrOrBB3ZjaHg6vIXPSH:y1LXK9wjTGNFU3+gMIXPSH
MD5:	8DAE809192C44690275A3624133293E7
SHA1:	969C98C4D7EB00386EBBD61A63288972D138ECB8
SHA-256:	C3DE27B2CBD6DEDA629C9B442700CF54C0DDA74E494B1C75A57D822068A047F8
SHA-512:	66DDA9008B2E992E8EFB994470338CB0F0A1A17A474AE2CF6ABA12CA5F14A3E6F950446675A4AC5F28DF65FB8878CC000DE5767C1D107271B15826B83177B881
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Preview:	wOF2......9........l..9e.........................n..b....`..b.....~..d..6.$..D. ..j..4..v%.m......{..HD.q0.....i.i...?'.Cl..... .B.......Xv=...MO............'HB.s..?.....Zq+..M3KBbw.0.a......e.....$....l.....<...._{..NV.....n.Uv..'....%!.`.h0.Q.7:...}k'n:<.....9.Q....>Y.)...X.O7.}7{kW..z...p....?`..~...X.Q..Q3..d.F..........HDX.%J Cc.ihf.........0/.Q.W&5<.zR.>.;.3!.K./.B>....9.'.0W......=t.b...G..8ZP.-...7...Vf.......+J..W..V..9.+Y7.\|...L.E0HB.......~o.6.eS7V..Vv...]...R..Ly.R......f..T.@..m..\]....?..;+..z'L5P.43._.\|....i.(m..3T.O.... .\....?...;...Z..skz...+.%....._.,..uh... 4...'...j.F..[Iu{.C.A.....v..W{d..0.:x.=Pf..1..b'............Ah...D..c..{.Gd./........!........."AD......E..D.L.>..B..`...0.......0.F.!C(&.P\.!..K.....`.U..(.4..V..."HW.!=..@........A........s..[..@..b....h.......1.l..Mj........6...s.Zz......k.X.V....9.H \|.<)..'O^.qbZ.M...}...Q....I9......w.P7.o..~..(../....I5.P.C:.1......j=....xU...).rt/Q...v...4i..'....px.:....ip.>-

Chrome Cache Entry: 97

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (51853)
Category:	downloaded
Size (bytes):	60635
Entropy (8bit):	5.351115105327501
Encrypted:	false
SSDEEP:	768:RfLoCGFoLE8vvw4xUC/ib7V/Kc5syj1TRwv/ly3IxKUTGMOumJ66KzElpzwOn2/H:zQ1TRwlyIKUSumJ66KzEnMOn2/zmOT
MD5:	2C9A7CEBFE797FFC97BC3C63821362FD
SHA1:	9C8C97BF7C8C1B5E1CB0A4D5A8D7B8B4A0F7D48A
SHA-256:	1DF934A05162899841118A43ECC5C3920959BCA1A4D0B4C31125BA51AED029D5
SHA-512:	685DBBD57E616ED3DF149B7CF4C11C6EF33FF4B3B85FA7A3BA0C0FD7BDF7D99A8D68B329C84EE81D9D736CA05BEB9127BB73A47D953E8202BFFBB5864A97C39D
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/2392c2d7-8085-4053-96dd-10ede78cd7d9/gpub/922fd4c66e3e3171/script.js
Preview:	navigator&&navigator.connection&&(window.networkInfo=navigator.connection,navigator.connection.addEventListener&&navigator.connection.addEventListener("change",({target:n})=>window.networkInfo=n));.const imageObserver=new IntersectionObserver((e,r)=>{var a=e=>{if(e.hasAttribute("data-lazyimg")){var t=e.getAttribute("data-srclazy");let o=e.getAttribute("data-srcsetlazy")\|\|"";if(t&&(e.src=t),o&&window.networkInfo){var n=window.networkInfo.downlink;const r=[{min:0,max:5,regex:/(.?(?=, ))/,qMod:!0},{min:5,max:8,regex:/(.2x)/}];r.forEach(({min:e,max:t,regex:r,qMod:a})=>{e<=n&&n<t&&(r=o.match(r),o=(r&&r.length?r[0]:o)+(a?"/qt=q:"+Math.round((n-e)/(t-e)*100):""))})}e.srcset=o,e.removeAttribute("sizes"),e.removeAttribute("data-lazyimg"),e.removeAttribute("data-srclazy"),e.removeAttribute("data-srcsetlazy")}};e.forEach(e=>{if(e.isIntersecting){const t=e.target;window.networkInfo&&0===window.networkInfo.downlink\|\|([t].concat(Array.from(t.querySelectorAll("[data-lazyimg]"))).forEach(a),r.unobse

Chrome Cache Entry: 98

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (383)
Category:	downloaded
Size (bytes):	437
Entropy (8bit):	5.418011449016951
Encrypted:	false
SSDEEP:	12:cTTgBSyk+Jb8KCjoD3BMXkKbr4Si+THr+pWTDTd:cTTgBL3fCjqMXfr4SiSHrIYDTd
MD5:	21AD22788E6CAA18A4E9E57F7372B108
SHA1:	50EBDD2452193BEAB7D1899F788FBBF32D90DD55
SHA-256:	0FE26F07B9E5D49590F55D31CBC381CA9337850F89B09940E3B384FCD6D26464
SHA-512:	4237775466FC3A94FE9FD769B9A186DBF8559FE5E06442EA107872462B1591DA2EBFC2786DD8D05495538428F668D940A4D851AE8E13DAFBBF8B763EAAD2F063
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js
Preview:	define("@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js",["exports"],(function(e){"use strict";const{headerTreatments:{FILL:n,FIT:t,INSET:o,BLUR:a,LEGACY_BLUR:c}}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants;e.A="accent",e.B=a,e.C="category",e.F=n,e.I=o,e.L=c,e.N="neutral",e.P="primary",e.a="none",e.b=t,e.c="light_dark"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-overlayTypes-e1dbe765.js.map.

Chrome Cache Entry: 99

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	304
Entropy (8bit):	5.609970428503769
Encrypted:	false
SSDEEP:	6:FSPOhWNjZTivBSyv5F/kpIdiEjGWF+ktxRmGHr9EJiKWaEkWNjZTiKF:cUZBSyv5ZdihWF+CRTHr+pWTkAF
MD5:	DAA79AD7558674F6A12D962ABF47F2F6
SHA1:	03EEA0EBEBD11EC14CFA5A651EB0ACA2604829A7
SHA-256:	604281887CD770ED21601933E9636A7A9C8A57A30D7D796AE7D760EEF64D5089
SHA-512:	B335EBCB0C982398C56D9A5F68F5D4E36A850AB139976BD94354C7CD18F1F370866A74F46FCD399F46E410D59AF7FBA890A17003BB4FD456DD43A6DE531D28F9
Malicious:	false
Reputation:	low
Preview:	define("@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js",["exports"],(function(o){"use strict";o.D="DESKTOP_NAV_COVER",o.M="MOBILE_NAV",o.N="NAV_DRAWER",o.S="SIDEBAR",o.a="DESKTOP_NAV"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-searchFormLocations-c86f2a99.js.map.

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 29, 2024 06:19:29.719518900 CEST	49675	443	192.168.2.4	173.222.162.32
Sep 29, 2024 06:19:39.405858994 CEST	49675	443	192.168.2.4	173.222.162.32
Sep 29, 2024 06:19:40.535718918 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:40.535754919 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:40.535825968 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:40.536257982 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:40.536309004 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:40.536477089 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:40.536654949 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:40.536665916 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:40.536860943 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:40.536875010 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.089080095 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.089885950 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.089906931 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.090317011 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.090660095 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.090683937 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.090958118 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.091022015 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.091716051 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.091762066 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.096070051 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.096144915 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.096455097 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.096518040 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.096744061 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.096760035 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.136885881 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.136894941 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.136910915 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.181813002 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.237584114 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.237611055 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.237641096 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.237660885 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.237705946 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.237716913 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.237724066 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.237770081 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.327685118 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.327708960 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.327805042 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.327825069 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.327891111 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.332075119 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.332113028 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.332155943 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.332159042 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.332211018 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.368426085 CEST	49736	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:41.368452072 CEST	443	49736	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:41.377285004 CEST	49745	443	192.168.2.4	3.64.248.63
Sep 29, 2024 06:19:41.377309084 CEST	443	49745	3.64.248.63	192.168.2.4
Sep 29, 2024 06:19:41.377368927 CEST	49745	443	192.168.2.4	3.64.248.63
Sep 29, 2024 06:19:41.377688885 CEST	49745	443	192.168.2.4	3.64.248.63
Sep 29, 2024 06:19:41.377703905 CEST	443	49745	3.64.248.63	192.168.2.4
Sep 29, 2024 06:19:42.141093016 CEST	443	49745	3.64.248.63	192.168.2.4
Sep 29, 2024 06:19:42.147437096 CEST	49745	443	192.168.2.4	3.64.248.63
Sep 29, 2024 06:19:42.147447109 CEST	443	49745	3.64.248.63	192.168.2.4
Sep 29, 2024 06:19:42.149199963 CEST	443	49745	3.64.248.63	192.168.2.4
Sep 29, 2024 06:19:42.149255037 CEST	49745	443	192.168.2.4	3.64.248.63
Sep 29, 2024 06:19:42.153680086 CEST	49745	443	192.168.2.4	3.64.248.63
Sep 29, 2024 06:19:42.153825998 CEST	443	49745	3.64.248.63	192.168.2.4
Sep 29, 2024 06:19:42.207421064 CEST	49745	443	192.168.2.4	3.64.248.63
Sep 29, 2024 06:19:42.207432985 CEST	443	49745	3.64.248.63	192.168.2.4
Sep 29, 2024 06:19:42.259291887 CEST	49745	443	192.168.2.4	3.64.248.63
Sep 29, 2024 06:19:43.320334911 CEST	49757	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:19:43.320386887 CEST	443	49757	142.250.185.68	192.168.2.4
Sep 29, 2024 06:19:43.320523024 CEST	49757	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:19:43.321273088 CEST	49757	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:19:43.321285009 CEST	443	49757	142.250.185.68	192.168.2.4
Sep 29, 2024 06:19:44.052381039 CEST	443	49757	142.250.185.68	192.168.2.4
Sep 29, 2024 06:19:44.085686922 CEST	49757	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:19:44.085719109 CEST	443	49757	142.250.185.68	192.168.2.4
Sep 29, 2024 06:19:44.087081909 CEST	443	49757	142.250.185.68	192.168.2.4
Sep 29, 2024 06:19:44.087148905 CEST	49757	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:19:44.091444016 CEST	49757	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:19:44.091556072 CEST	443	49757	142.250.185.68	192.168.2.4
Sep 29, 2024 06:19:44.140091896 CEST	49757	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:19:44.140119076 CEST	443	49757	142.250.185.68	192.168.2.4
Sep 29, 2024 06:19:44.188265085 CEST	49757	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:19:44.911355019 CEST	49764	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:44.911467075 CEST	443	49764	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:44.911559105 CEST	49764	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:44.914189100 CEST	49764	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:44.914227962 CEST	443	49764	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:45.611980915 CEST	443	49764	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:45.612076998 CEST	49764	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:45.647974014 CEST	49764	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:45.648006916 CEST	443	49764	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:45.648325920 CEST	443	49764	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:45.757407904 CEST	49764	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:45.799401999 CEST	443	49764	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:45.946331024 CEST	443	49764	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:45.946415901 CEST	443	49764	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:45.946624041 CEST	49764	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:45.946624041 CEST	49764	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:45.946655035 CEST	443	49764	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:45.946682930 CEST	49764	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:45.946691990 CEST	443	49764	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:46.008682013 CEST	49776	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:46.008745909 CEST	443	49776	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:46.008867979 CEST	49776	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:46.013725042 CEST	49776	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:46.013751984 CEST	443	49776	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:46.730235100 CEST	443	49776	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:46.730318069 CEST	49776	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:46.731756926 CEST	49776	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:46.731771946 CEST	443	49776	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:46.732016087 CEST	443	49776	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:46.733155012 CEST	49776	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:46.779405117 CEST	443	49776	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:47.033041954 CEST	443	49776	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:47.033118010 CEST	443	49776	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:47.033159971 CEST	49776	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:47.038239956 CEST	49776	443	192.168.2.4	184.28.90.27
Sep 29, 2024 06:19:47.038254023 CEST	443	49776	184.28.90.27	192.168.2.4
Sep 29, 2024 06:19:49.061944962 CEST	49798	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.061984062 CEST	443	49798	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.062267065 CEST	49798	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.062355042 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.062849998 CEST	49798	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.062858105 CEST	443	49798	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.107404947 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.201001883 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.201066971 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.201086998 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.201116085 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.201138020 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.201158047 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.201179981 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.201179981 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.201230049 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.201251984 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.201251984 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.201286077 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.287022114 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.287076950 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.287154913 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.287154913 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.287194014 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.287313938 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.287322998 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.287364960 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.287513018 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.288594961 CEST	49735	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.288618088 CEST	443	49735	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.309568882 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.309617996 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.309683084 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.310008049 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.310024023 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.592031956 CEST	443	49798	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.592463970 CEST	49798	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.592477083 CEST	443	49798	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.593470097 CEST	443	49798	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.593854904 CEST	49798	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.594114065 CEST	49798	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.594114065 CEST	49798	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.594121933 CEST	443	49798	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.594166040 CEST	443	49798	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.640734911 CEST	49798	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.640755892 CEST	443	49798	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.690184116 CEST	49798	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.727595091 CEST	443	49798	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.727659941 CEST	443	49798	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.729516983 CEST	49798	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.729993105 CEST	49798	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.730005026 CEST	443	49798	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.811299086 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.811588049 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.811602116 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.811969042 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.812488079 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.812488079 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.812560081 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.859493971 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.943708897 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.943806887 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.943837881 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.943842888 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.943852901 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.943866014 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.943867922 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.943897963 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.943898916 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.943911076 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:49.943936110 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:49.944137096 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:50.033730030 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:50.033759117 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:50.033864975 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:50.033864975 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:50.033895016 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:50.037250042 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:50.037323952 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:50.037345886 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:50.040059090 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:50.040978909 CEST	49801	443	192.168.2.4	13.248.243.5
Sep 29, 2024 06:19:50.040993929 CEST	443	49801	13.248.243.5	192.168.2.4
Sep 29, 2024 06:19:53.337471008 CEST	49811	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.337518930 CEST	443	49811	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.337641954 CEST	49812	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.337675095 CEST	443	49812	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.337713003 CEST	49811	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.337745905 CEST	49812	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.338088989 CEST	49811	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.338102102 CEST	443	49811	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.338366985 CEST	49812	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.338378906 CEST	443	49812	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.805563927 CEST	443	49811	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.806035042 CEST	49811	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.806057930 CEST	443	49811	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.807663918 CEST	443	49811	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.807720900 CEST	49811	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.812858105 CEST	443	49812	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.814477921 CEST	49811	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.814594030 CEST	443	49811	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.814954996 CEST	49812	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.814986944 CEST	443	49812	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.815054893 CEST	49811	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.815061092 CEST	443	49811	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.816492081 CEST	443	49812	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.816553116 CEST	49812	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.817461014 CEST	49812	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.817552090 CEST	443	49812	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.858258963 CEST	49811	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.858264923 CEST	49812	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.858294964 CEST	443	49812	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.912053108 CEST	49812	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.939888000 CEST	443	49811	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.940141916 CEST	443	49811	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.940195084 CEST	49811	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.940646887 CEST	49811	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:53.940660000 CEST	443	49811	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:53.991349936 CEST	49812	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:54.008184910 CEST	443	49757	142.250.185.68	192.168.2.4
Sep 29, 2024 06:19:54.008272886 CEST	443	49757	142.250.185.68	192.168.2.4
Sep 29, 2024 06:19:54.008349895 CEST	49757	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:19:54.031423092 CEST	443	49812	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:54.117624998 CEST	443	49812	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:54.117805004 CEST	443	49812	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:54.117885113 CEST	49812	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:54.118308067 CEST	49812	443	192.168.2.4	34.107.207.124
Sep 29, 2024 06:19:54.118338108 CEST	443	49812	34.107.207.124	192.168.2.4
Sep 29, 2024 06:19:54.537187099 CEST	49757	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:19:54.537254095 CEST	443	49757	142.250.185.68	192.168.2.4
Sep 29, 2024 06:19:56.555347919 CEST	49723	80	192.168.2.4	93.184.221.240
Sep 29, 2024 06:19:56.571075916 CEST	80	49723	93.184.221.240	192.168.2.4
Sep 29, 2024 06:19:56.571145058 CEST	49723	80	192.168.2.4	93.184.221.240
Sep 29, 2024 06:20:27.219197989 CEST	49745	443	192.168.2.4	3.64.248.63
Sep 29, 2024 06:20:27.219214916 CEST	443	49745	3.64.248.63	192.168.2.4
Sep 29, 2024 06:20:41.939724922 CEST	443	49745	3.64.248.63	192.168.2.4
Sep 29, 2024 06:20:41.939924955 CEST	443	49745	3.64.248.63	192.168.2.4
Sep 29, 2024 06:20:41.939980030 CEST	49745	443	192.168.2.4	3.64.248.63
Sep 29, 2024 06:20:43.267648935 CEST	49745	443	192.168.2.4	3.64.248.63
Sep 29, 2024 06:20:43.267668962 CEST	443	49745	3.64.248.63	192.168.2.4
Sep 29, 2024 06:20:43.298372030 CEST	49818	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:20:43.298415899 CEST	443	49818	142.250.185.68	192.168.2.4
Sep 29, 2024 06:20:43.298485994 CEST	49818	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:20:43.299053907 CEST	49818	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:20:43.299066067 CEST	443	49818	142.250.185.68	192.168.2.4
Sep 29, 2024 06:20:43.994260073 CEST	443	49818	142.250.185.68	192.168.2.4
Sep 29, 2024 06:20:43.994585037 CEST	49818	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:20:43.994610071 CEST	443	49818	142.250.185.68	192.168.2.4
Sep 29, 2024 06:20:43.994947910 CEST	443	49818	142.250.185.68	192.168.2.4
Sep 29, 2024 06:20:43.995379925 CEST	49818	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:20:43.995451927 CEST	443	49818	142.250.185.68	192.168.2.4
Sep 29, 2024 06:20:44.047000885 CEST	49818	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:20:45.355756044 CEST	49724	80	192.168.2.4	93.184.221.240
Sep 29, 2024 06:20:45.365801096 CEST	80	49724	93.184.221.240	192.168.2.4
Sep 29, 2024 06:20:45.365875006 CEST	49724	80	192.168.2.4	93.184.221.240
Sep 29, 2024 06:20:53.873910904 CEST	443	49818	142.250.185.68	192.168.2.4
Sep 29, 2024 06:20:53.873980045 CEST	443	49818	142.250.185.68	192.168.2.4
Sep 29, 2024 06:20:53.874064922 CEST	49818	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:20:55.268299103 CEST	49818	443	192.168.2.4	142.250.185.68
Sep 29, 2024 06:20:55.268336058 CEST	443	49818	142.250.185.68	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 29, 2024 06:19:39.056879044 CEST	53	57758	1.1.1.1	192.168.2.4
Sep 29, 2024 06:19:39.072823048 CEST	53	61214	1.1.1.1	192.168.2.4
Sep 29, 2024 06:19:40.160619974 CEST	53	59825	1.1.1.1	192.168.2.4
Sep 29, 2024 06:19:40.353938103 CEST	57752	53	192.168.2.4	1.1.1.1
Sep 29, 2024 06:19:40.358628035 CEST	49973	53	192.168.2.4	1.1.1.1
Sep 29, 2024 06:19:40.389987946 CEST	53	49973	1.1.1.1	192.168.2.4
Sep 29, 2024 06:19:40.529187918 CEST	53	57752	1.1.1.1	192.168.2.4
Sep 29, 2024 06:19:41.356128931 CEST	60126	53	192.168.2.4	1.1.1.1
Sep 29, 2024 06:19:41.356280088 CEST	53326	53	192.168.2.4	1.1.1.1
Sep 29, 2024 06:19:41.361685991 CEST	53	60927	1.1.1.1	192.168.2.4
Sep 29, 2024 06:19:41.363137960 CEST	57045	53	192.168.2.4	1.1.1.1
Sep 29, 2024 06:19:41.363289118 CEST	52968	53	192.168.2.4	1.1.1.1
Sep 29, 2024 06:19:41.371778011 CEST	53	52968	1.1.1.1	192.168.2.4
Sep 29, 2024 06:19:41.374074936 CEST	53	57045	1.1.1.1	192.168.2.4
Sep 29, 2024 06:19:42.670798063 CEST	64552	53	192.168.2.4	1.1.1.1
Sep 29, 2024 06:19:42.673285961 CEST	61176	53	192.168.2.4	1.1.1.1
Sep 29, 2024 06:19:43.250433922 CEST	64325	53	192.168.2.4	1.1.1.1
Sep 29, 2024 06:19:43.251214027 CEST	63638	53	192.168.2.4	1.1.1.1
Sep 29, 2024 06:19:43.292658091 CEST	53	64325	1.1.1.1	192.168.2.4
Sep 29, 2024 06:19:43.293303013 CEST	53	63638	1.1.1.1	192.168.2.4
Sep 29, 2024 06:19:53.321116924 CEST	58965	53	192.168.2.4	1.1.1.1
Sep 29, 2024 06:19:53.321378946 CEST	59843	53	192.168.2.4	1.1.1.1
Sep 29, 2024 06:19:53.330879927 CEST	53	59843	1.1.1.1	192.168.2.4
Sep 29, 2024 06:19:53.331912041 CEST	53	58965	1.1.1.1	192.168.2.4
Sep 29, 2024 06:19:56.938544989 CEST	138	138	192.168.2.4	192.168.2.255
Sep 29, 2024 06:19:57.734693050 CEST	53	51335	1.1.1.1	192.168.2.4
Sep 29, 2024 06:20:16.927903891 CEST	53	56664	1.1.1.1	192.168.2.4
Sep 29, 2024 06:20:38.299267054 CEST	53	51944	1.1.1.1	192.168.2.4
Sep 29, 2024 06:20:39.762619972 CEST	53	59064	1.1.1.1	192.168.2.4

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Sep 29, 2024 06:19:41.371874094 CEST	192.168.2.4	1.1.1.1	c27c	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Sep 29, 2024 06:19:40.353938103 CEST	192.168.2.4	1.1.1.1	0xb626	Standard query (0)	kucoinlloiinn8.godaddysites.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:40.358628035 CEST	192.168.2.4	1.1.1.1	0x7bf4	Standard query (0)	kucoinlloiinn8.godaddysites.com	65	IN (0x0001)	false
Sep 29, 2024 06:19:41.356128931 CEST	192.168.2.4	1.1.1.1	0xe3e1	Standard query (0)	img1.wsimg.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:41.356280088 CEST	192.168.2.4	1.1.1.1	0xf2c2	Standard query (0)	img1.wsimg.com	65	IN (0x0001)	false
Sep 29, 2024 06:19:41.363137960 CEST	192.168.2.4	1.1.1.1	0x1043	Standard query (0)	isteam.wsimg.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:41.363289118 CEST	192.168.2.4	1.1.1.1	0x3b25	Standard query (0)	isteam.wsimg.com	65	IN (0x0001)	false
Sep 29, 2024 06:19:42.670798063 CEST	192.168.2.4	1.1.1.1	0x3d5d	Standard query (0)	img1.wsimg.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:42.673285961 CEST	192.168.2.4	1.1.1.1	0xd478	Standard query (0)	img1.wsimg.com	65	IN (0x0001)	false
Sep 29, 2024 06:19:43.250433922 CEST	192.168.2.4	1.1.1.1	0x547c	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:43.251214027 CEST	192.168.2.4	1.1.1.1	0x78e8	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 29, 2024 06:19:53.321116924 CEST	192.168.2.4	1.1.1.1	0x6055	Standard query (0)	gtly.to	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:53.321378946 CEST	192.168.2.4	1.1.1.1	0xf3a7	Standard query (0)	gtly.to	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Sep 29, 2024 06:19:40.529187918 CEST	1.1.1.1	192.168.2.4	0xb626	No error (0)	kucoinlloiinn8.godaddysites.com		13.248.243.5	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:40.529187918 CEST	1.1.1.1	192.168.2.4	0xb626	No error (0)	kucoinlloiinn8.godaddysites.com		76.223.105.230	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:41.363812923 CEST	1.1.1.1	192.168.2.4	0xe3e1	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:19:41.371813059 CEST	1.1.1.1	192.168.2.4	0xf2c2	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:19:41.374074936 CEST	1.1.1.1	192.168.2.4	0x1043	No error (0)	isteam.wsimg.com		3.64.248.63	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:41.374074936 CEST	1.1.1.1	192.168.2.4	0x1043	No error (0)	isteam.wsimg.com		3.121.64.201	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:42.735898972 CEST	1.1.1.1	192.168.2.4	0x3d5d	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:19:42.735912085 CEST	1.1.1.1	192.168.2.4	0xd478	No error (0)	img1.wsimg.com	global-wildcard.wsimg.com.sni-only.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:19:43.292658091 CEST	1.1.1.1	192.168.2.4	0x547c	No error (0)	www.google.com		142.250.185.68	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:43.293303013 CEST	1.1.1.1	192.168.2.4	0x78e8	No error (0)	www.google.com			65	IN (0x0001)	false
Sep 29, 2024 06:19:52.695399046 CEST	1.1.1.1	192.168.2.4	0xd84b	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:52.695399046 CEST	1.1.1.1	192.168.2.4	0xd84b	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:53.331912041 CEST	1.1.1.1	192.168.2.4	0x6055	No error (0)	gtly.to		34.107.207.124	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:54.146296024 CEST	1.1.1.1	192.168.2.4	0x6e64	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:19:54.146296024 CEST	1.1.1.1	192.168.2.4	0x6e64	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:20:06.211694956 CEST	1.1.1.1	192.168.2.4	0x3893	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:20:06.211694956 CEST	1.1.1.1	192.168.2.4	0x3893	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:20:32.009481907 CEST	1.1.1.1	192.168.2.4	0x9a09	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:20:32.009481907 CEST	1.1.1.1	192.168.2.4	0x9a09	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:20:51.708333969 CEST	1.1.1.1	192.168.2.4	0x723d	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:20:51.708333969 CEST	1.1.1.1	192.168.2.4	0x723d	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

kucoinlloiinn8.godaddysites.com

fs.microsoft.com

https:

gtly.to

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49736	13.248.243.5	443	1836	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:19:41 UTC	674	OUT	GET / HTTP/1.1 Host: kucoinlloiinn8.godaddysites.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-29 04:19:41 UTC	1814	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2>; rel=preload; as=fon [TRUNCATED] Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: f2c4a5dda2674cf94a168d9572a94b1e Date: Sun, 29 Sep 2024 04:19:41 GMT Connection: close Transfer-Encoding: chunked
2024-09-29 04:19:41 UTC	14570	IN	Data Raw: 61 32 63 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 49 4e 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 32 33 39 32 63 32 64 37 2d 38 30 38 35 2d 34 30 35 33 2d 39 36 64 64 2d 31 30 65 64 65 37 38 63 64 37 64 39 2f 66 61 76 69 63 6f 6e 2f 66 37 31 32 31 35 34 31 2d 62 63 34 64 2d 34 31 35 35 2d 39 61 37 39 2d 30 32 62 63 37 36 32 32 62 65 36 34 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f Data Ascii: a2cf<!DOCTYPE html><html lang="en-IN"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/2392c2d7-8085-4053-96dd-10ede78cd7d9/favicon/f7121541-bc4d-4155-9a79-02bc7622be64.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com/
2024-09-29 04:19:41 UTC	16384	IN	Data Raw: 6e 74 73 2f 73 2f 73 6f 75 72 63 65 73 61 6e 73 70 72 6f 2f 76 32 32 2f 36 78 4b 77 64 53 42 59 4b 63 53 56 2d 4c 43 6f 65 51 71 66 58 31 52 59 4f 6f 33 71 50 5a 5a 63 6c 53 64 67 31 38 53 6d 78 67 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 31 46 30 30 2d 31 46 46 46 3b 0a 7d 0a 2f 2a 20 67 72 65 65 6b 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 53 6f 75 72 63 65 20 53 61 6e 73 20 50 72 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 69 74 61 6c 69 63 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 Data Ascii: nts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdg18Smxg.woff2) format('woff2'); unicode-range: U+1F00-1FFF;}/* greek */@font-face { font-family: 'Source Sans Pro'; font-style: italic; font-weight: 700; font-display: swap; src: ur
2024-09-29 04:19:41 UTC	10738	IN	Data Raw: 3a 73 63 61 6c 65 28 2e 31 29 3b 6f 70 61 63 69 74 79 3a 2e 37 7d 38 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 3b 6f 70 61 63 69 74 79 3a 31 7d 7d 2e 78 2d 6c 6f 61 64 65 72 20 73 76 67 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 2e 78 2d 6c 6f 61 64 65 72 20 73 76 67 3a 66 69 72 73 74 2d 63 68 69 6c 64 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 3a 6c 6f 61 64 65 72 73 63 61 6c 65 20 2e 37 35 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 2e 32 2c 2e 36 38 2c 2e 31 38 2c 31 2e 30 38 29 20 2d 2e 32 34 73 20 69 6e 66 69 6e 69 74 65 3b 61 6e 69 6d 61 74 69 6f 6e 3a 6c 6f 61 64 65 72 73 63 61 6c 65 20 2e 37 35 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 2e 32 2c 2e 36 38 2c 2e 31 38 2c 31 2e 30 38 29 20 2d Data Ascii: :scale(.1);opacity:.7}80%{transform:scale(1);opacity:1}}.x-loader svg{display:inline-block}.x-loader svg:first-child{-webkit-animation:loaderscale .75s cubic-bezier(.2,.68,.18,1.08) -.24s infinite;animation:loaderscale .75s cubic-bezier(.2,.68,.18,1.08) -

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49764	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:19:45 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-29 04:19:45 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF67) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=131117 Date: Sun, 29 Sep 2024 04:19:45 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49776	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:19:46 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-29 04:19:47 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=131146 Date: Sun, 29 Sep 2024 04:19:46 GMT Content-Length: 55 Connection: close X-CID: 2
2024-09-29 04:19:47 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49735	13.248.243.5	443	1836	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:19:49 UTC	514	OUT	GET /sw.js HTTP/1.1 Host: kucoinlloiinn8.godaddysites.com Connection: keep-alive Cache-Control: max-age=0 Accept: / Service-Worker: script Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: serviceworker Referer: https://kucoinlloiinn8.godaddysites.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1
2024-09-29 04:19:49 UTC	663	IN	HTTP/1.1 200 OK Link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: application/javascript Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: b388c18392b5c76b6cacc4e4cb7518f5 Date: Sun, 29 Sep 2024 04:19:49 GMT Connection: close Transfer-Encoding: chunked
2024-09-29 04:19:49 UTC	15721	IN	Data Raw: 38 30 62 61 0d 0a 28 28 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 3d 7b 38 39 35 3a 28 29 3d 3e 7b 74 72 79 7b 73 65 6c 66 5b 22 77 6f 72 6b 62 6f 78 3a 63 61 63 68 65 61 62 6c 65 2d 72 65 73 70 6f 6e 73 65 3a 36 2e 34 2e 31 22 5d 26 26 5f 28 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 2c 32 35 39 3a 28 65 2c 74 2c 73 29 3d 3e 7b 73 2e 64 28 74 2c 7b 42 3a 28 29 3d 3e 61 7d 29 2c 73 28 39 31 33 29 3b 63 6c 61 73 73 20 61 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 7b 74 68 69 73 2e 70 72 6f 6d 69 73 65 3d 6e 65 77 20 50 72 6f 6d 69 73 65 28 28 28 65 2c 74 29 3d 3e 7b 74 68 69 73 2e 72 65 73 6f 6c 76 65 3d 65 2c 74 68 69 73 2e 72 65 6a 65 63 74 3d 74 7d 29 29 7d 7d 7d 2c 31 32 35 3a 28 65 2c 74 2c 73 29 3d 3e 7b 73 2e 64 28 74 2c 7b 56 3a Data Ascii: 80ba(()=>{"use strict";var e={895:()=>{try{self["workbox:cacheable-response:6.4.1"]&&_()}catch(e){}},259:(e,t,s)=>{s.d(t,{B:()=>a}),s(913);class a{constructor(){this.promise=new Promise(((e,t)=>{this.resolve=e,this.reject=t}))}}},125:(e,t,s)=>{s.d(t,{V:
2024-09-29 04:19:49 UTC	16384	IN	Data Raw: 65 2c 74 29 7c 7c 52 2e 68 61 73 28 65 2c 74 29 7d 2c 73 28 35 35 30 29 3b 63 6f 6e 73 74 20 76 3d 22 63 61 63 68 65 2d 65 6e 74 72 69 65 73 22 2c 62 3d 65 3d 3e 7b 63 6f 6e 73 74 20 74 3d 6e 65 77 20 55 52 4c 28 65 2c 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 29 3b 72 65 74 75 72 6e 20 74 2e 68 61 73 68 3d 22 22 2c 74 2e 68 72 65 66 7d 3b 63 6c 61 73 73 20 78 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 65 29 7b 74 68 69 73 2e 5f 64 62 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 63 61 63 68 65 4e 61 6d 65 3d 65 7d 5f 75 70 67 72 61 64 65 44 62 28 65 29 7b 63 6f 6e 73 74 20 74 3d 65 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 53 74 6f 72 65 28 76 2c 7b 6b 65 79 50 61 74 68 3a 22 69 64 22 7d 29 3b 74 2e 63 72 65 61 74 65 49 6e 64 65 78 28 22 63 61 63 68 65 4e 61 6d 65 22 2c 22 Data Ascii: e,t)\|\|R.has(e,t)},s(550);const v="cache-entries",b=e=>{const t=new URL(e,location.href);return t.hash="",t.href};class x{constructor(e){this._db=null,this._cacheName=e}_upgradeDb(e){const t=e.createObjectStore(v,{keyPath:"id"});t.createIndex("cacheName","
2024-09-29 04:19:49 UTC	862	IN	Data Raw: 7b 72 65 71 75 65 73 74 3a 65 7d 29 3d 3e 22 73 74 79 6c 65 22 3d 3d 3d 65 2e 64 65 73 74 69 6e 61 74 69 6f 6e 7c 7c 22 73 63 72 69 70 74 22 3d 3d 3d 65 2e 64 65 73 74 69 6e 61 74 69 6f 6e 29 2c 6e 65 77 20 74 2e 53 74 61 6c 65 57 68 69 6c 65 52 65 76 61 6c 69 64 61 74 65 28 7b 63 61 63 68 65 4e 61 6d 65 3a 22 73 74 61 74 69 63 2d 72 65 73 6f 75 72 63 65 73 22 2c 70 6c 75 67 69 6e 73 3a 5b 6e 65 77 20 61 2e 43 61 63 68 65 61 62 6c 65 52 65 73 70 6f 6e 73 65 50 6c 75 67 69 6e 28 7b 73 74 61 74 75 73 65 73 3a 5b 32 30 30 5d 7d 29 5d 7d 29 29 2c 28 30 2c 65 2e 72 65 67 69 73 74 65 72 52 6f 75 74 65 29 28 28 28 7b 75 72 6c 3a 65 7d 29 3d 3e 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 22 3d 3d 3d 65 2e 6f 72 69 67 69 Data Ascii: {request:e})=>"style"===e.destination\|\|"script"===e.destination),new t.StaleWhileRevalidate({cacheName:"static-resources",plugins:[new a.CacheableResponsePlugin({statuses:[200]})]})),(0,e.registerRoute)((({url:e})=>"https://fonts.googleapis.com"===e.origi

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49798	13.248.243.5	443	1836	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:19:49 UTC	566	OUT	GET /manifest.webmanifest HTTP/1.1 Host: kucoinlloiinn8.godaddysites.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: manifest Referer: https://kucoinlloiinn8.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-29 04:19:49 UTC	666	IN	HTTP/1.1 200 OK Link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: application/manifest+json Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: b74f396517b460a53b6c134f5a80aafa Date: Sun, 29 Sep 2024 04:19:49 GMT Connection: close Transfer-Encoding: chunked
2024-09-29 04:19:49 UTC	537	IN	Data Raw: 32 30 64 0d 0a 7b 22 73 63 6f 70 65 22 3a 22 2f 22 2c 22 73 74 61 72 74 5f 75 72 6c 22 3a 22 2f 22 2c 22 64 69 73 70 6c 61 79 22 3a 22 73 74 61 6e 64 61 6c 6f 6e 65 22 2c 22 69 63 6f 6e 73 22 3a 5b 7b 22 73 69 7a 65 73 22 3a 22 31 39 32 78 31 39 32 22 2c 22 74 79 70 65 22 3a 22 69 6d 61 67 65 2f 70 6e 67 22 2c 22 73 72 63 22 3a 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 32 33 39 32 63 32 64 37 2d 38 30 38 35 2d 34 30 35 33 2d 39 36 64 64 2d 31 30 65 64 65 37 38 63 64 37 64 39 2f 66 61 76 69 63 6f 6e 2f 66 37 31 32 31 35 34 31 2d 62 63 34 64 2d 34 31 35 35 2d 39 61 37 39 2d 30 32 62 63 37 36 32 32 62 65 36 34 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 39 32 2c 68 3a 31 39 32 2c 6d 22 7d 2c 7b 22 73 69 7a 65 73 22 3a 22 Data Ascii: 20d{"scope":"/","start_url":"/","display":"standalone","icons":[{"sizes":"192x192","type":"image/png","src":"//img1.wsimg.com/isteam/ip/2392c2d7-8085-4053-96dd-10ede78cd7d9/favicon/f7121541-bc4d-4155-9a79-02bc7622be64.png/:/rs=w:192,h:192,m"},{"sizes":"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49801	13.248.243.5	443	1836	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:19:49 UTC	492	OUT	GET / HTTP/1.1 Host: kucoinlloiinn8.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://kucoinlloiinn8.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1
2024-09-29 04:19:49 UTC	1814	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2>; rel=preload; as=fon [TRUNCATED] Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: f2c4a5dda2674cf94a168d9572a94b1e Date: Sun, 29 Sep 2024 04:19:49 GMT Connection: close Transfer-Encoding: chunked
2024-09-29 04:19:49 UTC	14570	IN	Data Raw: 61 32 63 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 49 4e 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 32 33 39 32 63 32 64 37 2d 38 30 38 35 2d 34 30 35 33 2d 39 36 64 64 2d 31 30 65 64 65 37 38 63 64 37 64 39 2f 66 61 76 69 63 6f 6e 2f 66 37 31 32 31 35 34 31 2d 62 63 34 64 2d 34 31 35 35 2d 39 61 37 39 2d 30 32 62 63 37 36 32 32 62 65 36 34 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f Data Ascii: a2cf<!DOCTYPE html><html lang="en-IN"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/2392c2d7-8085-4053-96dd-10ede78cd7d9/favicon/f7121541-bc4d-4155-9a79-02bc7622be64.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com/
2024-09-29 04:19:50 UTC	16384	IN	Data Raw: 6e 74 73 2f 73 2f 73 6f 75 72 63 65 73 61 6e 73 70 72 6f 2f 76 32 32 2f 36 78 4b 77 64 53 42 59 4b 63 53 56 2d 4c 43 6f 65 51 71 66 58 31 52 59 4f 6f 33 71 50 5a 5a 63 6c 53 64 67 31 38 53 6d 78 67 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 31 46 30 30 2d 31 46 46 46 3b 0a 7d 0a 2f 2a 20 67 72 65 65 6b 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 53 6f 75 72 63 65 20 53 61 6e 73 20 50 72 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 69 74 61 6c 69 63 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 Data Ascii: nts/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdg18Smxg.woff2) format('woff2'); unicode-range: U+1F00-1FFF;}/* greek */@font-face { font-family: 'Source Sans Pro'; font-style: italic; font-weight: 700; font-display: swap; src: ur
2024-09-29 04:19:50 UTC	10738	IN	Data Raw: 3a 73 63 61 6c 65 28 2e 31 29 3b 6f 70 61 63 69 74 79 3a 2e 37 7d 38 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 3b 6f 70 61 63 69 74 79 3a 31 7d 7d 2e 78 2d 6c 6f 61 64 65 72 20 73 76 67 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 2e 78 2d 6c 6f 61 64 65 72 20 73 76 67 3a 66 69 72 73 74 2d 63 68 69 6c 64 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 3a 6c 6f 61 64 65 72 73 63 61 6c 65 20 2e 37 35 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 2e 32 2c 2e 36 38 2c 2e 31 38 2c 31 2e 30 38 29 20 2d 2e 32 34 73 20 69 6e 66 69 6e 69 74 65 3b 61 6e 69 6d 61 74 69 6f 6e 3a 6c 6f 61 64 65 72 73 63 61 6c 65 20 2e 37 35 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 2e 32 2c 2e 36 38 2c 2e 31 38 2c 31 2e 30 38 29 20 2d Data Ascii: :scale(.1);opacity:.7}80%{transform:scale(1);opacity:1}}.x-loader svg{display:inline-block}.x-loader svg:first-child{-webkit-animation:loaderscale .75s cubic-bezier(.2,.68,.18,1.08) -.24s infinite;animation:loaderscale .75s cubic-bezier(.2,.68,.18,1.08) -

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	49811	34.107.207.124	443	1836	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:19:53 UTC	639	OUT	GET /eJlMkP-Oo HTTP/1.1 Host: gtly.to Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-29 04:19:53 UTC	437	IN	HTTP/1.1 404 Not Found x-powered-by: Express cache-control: private, no-cache, no-store, must-revalidate referer: content-type: text/html; charset=utf-8 etag: W/"188-ze4DTuXMy5nJCVqsdQu1C2/PUow" X-Cloud-Trace-Context: cc740df0aacdf594fafba7995bd47ffc Date: Sun, 29 Sep 2024 04:19:53 GMT Server: Google Frontend Content-Length: 392 Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-29 04:19:53 UTC	392	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 73 77 2d 77 73 30 74 36 75 68 36 67 64 79 6e 35 31 76 6e 36 6d 71 77 6c 65 36 32 33 76 36 78 6e 6e 6c 6e 78 79 6a 34 69 62 78 6e 39 6e 65 35 76 6b 36 74 6e 38 61 72 71 6a 76 35 75 61 38 77 37 2d 6f 33 71 30 66 6e 77 71 6c 65 39 64 67 37 73 6f 30 79 6d 39 33 6f 6e 34 30 74 6e 61 66 35 35 74 37 67 78 6d 77 65 6a 39 7a 64 30 39 72 68 70 73 76 34 72 70 73 33 6d 31 31 33 70 79 62 67 35 69 68 62 2c 20 6e 73 77 2d 65 38 71 69 68 6f 72 30 6b 62 70 6d 36 65 32 38 33 61 67 75 6d 77 79 36 38 32 67 64 77 7a 68 6a 70 66 73 61 61 71 38 37 66 6a 6e 6a 6a 6b 6a 6c 73 35 31 32 34 74 34 79 71 31 61 34 38 2d 34 39 36 2d 75 34 6d 77 39 75 38 2d Data Ascii: <html><head><meta name="keywords" content="nsw-ws0t6uh6gdyn51vn6mqwle623v6xnnlnxyj4ibxn9ne5vk6tn8arqjv5ua8w7-o3q0fnwqle9dg7so0ym93on40tnaf55t7gxmwej9zd09rhpsv4rps3m113pybg5ihb, nsw-e8qihor0kbpm6e283agumwy682gdwzhjpfsaaq87fjnjjkjls5124t4yq1a48-496-u4mw9u8-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.4	49812	34.107.207.124	443	1836	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:19:53 UTC	579	OUT	GET /favicon.ico HTTP/1.1 Host: gtly.to Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://gtly.to/eJlMkP-Oo Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-29 04:19:54 UTC	426	IN	HTTP/1.1 404 Not Found x-powered-by: Express cache-control: private, no-cache, no-store, must-revalidate content-type: text/html; charset=utf-8 etag: W/"188-ze4DTuXMy5nJCVqsdQu1C2/PUow" X-Cloud-Trace-Context: 8efbab38335ad929a7116948115b7d05 Date: Sun, 29 Sep 2024 04:19:54 GMT Server: Google Frontend Content-Length: 392 Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-29 04:19:54 UTC	392	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 73 77 2d 77 73 30 74 36 75 68 36 67 64 79 6e 35 31 76 6e 36 6d 71 77 6c 65 36 32 33 76 36 78 6e 6e 6c 6e 78 79 6a 34 69 62 78 6e 39 6e 65 35 76 6b 36 74 6e 38 61 72 71 6a 76 35 75 61 38 77 37 2d 6f 33 71 30 66 6e 77 71 6c 65 39 64 67 37 73 6f 30 79 6d 39 33 6f 6e 34 30 74 6e 61 66 35 35 74 37 67 78 6d 77 65 6a 39 7a 64 30 39 72 68 70 73 76 34 72 70 73 33 6d 31 31 33 70 79 62 67 35 69 68 62 2c 20 6e 73 77 2d 65 38 71 69 68 6f 72 30 6b 62 70 6d 36 65 32 38 33 61 67 75 6d 77 79 36 38 32 67 64 77 7a 68 6a 70 66 73 61 61 71 38 37 66 6a 6e 6a 6a 6b 6a 6c 73 35 31 32 34 74 34 79 71 31 61 34 38 2d 34 39 36 2d 75 34 6d 77 39 75 38 2d Data Ascii: <html><head><meta name="keywords" content="nsw-ws0t6uh6gdyn51vn6mqwle623v6xnnlnxyj4ibxn9ne5vk6tn8arqjv5ua8w7-o3q0fnwqle9dg7so0ym93on40tnaf55t7gxmwej9zd09rhpsv4rps3m113pybg5ihb, nsw-e8qihor0kbpm6e283agumwy682gdwzhjpfsaaq87fjnjjkjls5124t4yq1a48-496-u4mw9u8-

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 1848, Parent PID: 908

General

Target ID:	0
Start time:	00:19:34
Start date:	29/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 1836, Parent PID: 1848

General

Target ID:	2
Start time:	00:19:37
Start date:	29/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 --field-trial-handle=2340,i,1429752358186918888,16718431658222597420,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6332, Parent PID: 908

General

Target ID:	3
Start time:	00:19:39
Start date:	29/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kucoinlloiinn8.godaddysites.com/"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly