Edit tour

Windows Analysis Report
https://bit.ly/magahttps://bit.ly/maga-voter-purge-va-voter-purge-va

Overview

General Information

Sample URL:	https://bit.ly/magahttps://bit.ly/maga-voter-purge-va-voter-purge-va
Analysis ID:	1545682

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Detected non-DNS traffic on DNS port

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 6528 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4344 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2012,i,12709574632121131224,9618458437688152117,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5236 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://bit.ly/magahttps://bit.ly/maga-voter-purge-va-voter-purge-va" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly	HTTP Parser: No favicon
Source: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly	HTTP Parser: No favicon
Source: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly	HTTP Parser: No favicon
Source: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly	HTTP Parser: No favicon
Source: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49773 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49915 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 26MB later: 38MB

Source: global traffic	TCP traffic: 192.168.2.16:49803 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49803 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49803 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49803 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49803 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49803 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49803 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49803 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49803 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49803 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:49803 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	DNS traffic detected: DNS query: bit.ly
Source: global traffic	DNS traffic detected: DNS query: bitly.com
Source: global traffic	DNS traffic detected: DNS query: cdn.optimizely.com
Source: global traffic	DNS traffic detected: DNS query: docrdsfx76ssb.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: cdn.cookielaw.org
Source: global traffic	DNS traffic detected: DNS query: cdn.userway.org
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: geolocation.onetrust.com
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: sp.bitly.com
Source: global traffic	DNS traffic detected: DNS query: api.userway.org
Source: global traffic	DNS traffic detected: DNS query: static.hotjar.com
Source: global traffic	DNS traffic detected: DNS query: www.redditstatic.com
Source: global traffic	DNS traffic detected: DNS query: pixel-config.reddit.com
Source: global traffic	DNS traffic detected: DNS query: alb.reddit.com
Source: global traffic	DNS traffic detected: DNS query: public.profitwell.com
Source: global traffic	DNS traffic detected: DNS query: js-eu1.hs-scripts.com
Source: global traffic	DNS traffic detected: DNS query: 12389169.fls.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: ad.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: w3-reporting-nel.reddit.com
Source: global traffic	DNS traffic detected: DNS query: script.hotjar.com
Source: global traffic	DNS traffic detected: DNS query: js-eu1.hs-analytics.net
Source: global traffic	DNS traffic detected: DNS query: js-eu1.hs-banner.com
Source: global traffic	DNS traffic detected: DNS query: bat.bing.net
Source: global traffic	DNS traffic detected: DNS query: adservice.google.com
Source: global traffic	DNS traffic detected: DNS query: track-eu1.hubspot.com
Source: global traffic	DNS traffic detected: DNS query: cdn77.api.userway.org

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49773 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49915 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@20/92@112/673

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2012,i,12709574632121131224,9618458437688152117,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://bit.ly/magahttps://bit.ly/maga-voter-purge-va-voter-purge-va"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2012,i,12709574632121131224,9618458437688152117,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	1 Extra Window Memory Injection	1 Extra Window Memory Injection	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
jsdelivr.map.fastly.net	151.101.1.229	true	false	unknown
dart.l.doubleclick.net	142.250.185.166	true	false	unknown
1667503734.rsc.cdn77.org	207.211.211.27	true	false	unknown
bitly.com	67.199.248.15	true	false	unknown
1784939676.rsc.cdn77.org	195.181.170.18	true	false	unknown
e5de3d23065c4748b155c28e6fa36f3e.pacloudflare.com	172.65.240.166	true	false	unknown
adservice.google.com	142.250.186.162	true	false	unknown
18ea70d2d9a945cfb97d818ba71817dc.pacloudflare.com	172.65.238.60	true	false	unknown
api.userway.org	35.167.128.188	true	false	unknown
script.hotjar.com	13.33.187.109	true	false	unknown
www.google.com	172.217.18.4	true	false	unknown
static-cdn.hotjar.com	13.226.204.54	true	false	unknown
2acdb9b66bb242618283aadb21ede6c1.pacloudflare.com	172.65.208.22	true	false	unknown
sp.bitly.com	34.120.78.44	true	false	unknown
ad.doubleclick.net	216.58.206.38	true	false	unknown
dna8twue3dlxq.cloudfront.net	13.32.121.100	true	false	unknown
ax-0001.ax-msedge.net	150.171.27.10	true	false	unknown
cdn.optimizely.com	104.18.65.57	true	false	unknown
dualstack.reddit.map.fastly.net	151.101.129.140	true	false	unknown
analytics-alv.google.com	216.239.32.181	true	false	unknown
reddit.map.fastly.net	151.101.129.140	true	false	unknown
googleads.g.doubleclick.net	142.250.185.130	true	false	unknown
bit.ly	67.199.248.10	true	false	unknown
docrdsfx76ssb.cloudfront.net	18.239.82.28	true	false	unknown
td.doubleclick.net	172.217.16.130	true	false	unknown
7c7b02d4bc3d48dd81a7c7738d4de1ab.pacloudflare.com	172.65.202.201	true	false	unknown
cdn.cookielaw.org	104.18.86.42	true	false	unknown
geolocation.onetrust.com	104.18.32.137	true	false	unknown
alb.reddit.com	unknown	unknown	false	unknown
track-eu1.hubspot.com	unknown	unknown	false	unknown
cdn.jsdelivr.net	unknown	unknown	false	unknown
js-eu1.hs-analytics.net	unknown	unknown	false	unknown
w3-reporting-nel.reddit.com	unknown	unknown	false	unknown
cdn77.api.userway.org	unknown	unknown	false	unknown
static.hotjar.com	unknown	unknown	false	unknown
pixel-config.reddit.com	unknown	unknown	false	unknown
www.redditstatic.com	unknown	unknown	false	unknown
12389169.fls.doubleclick.net	unknown	unknown	false	unknown
public.profitwell.com	unknown	unknown	false	unknown
js-eu1.hs-scripts.com	unknown	unknown	false	unknown
cdn.userway.org	unknown	unknown	false	unknown
js-eu1.hs-banner.com	unknown	unknown	false	unknown
analytics.google.com	unknown	unknown	false	unknown
bat.bing.net	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.68	unknown	United States	15169	GOOGLEUS	false
142.250.186.67	unknown	United States	15169	GOOGLEUS	false
216.58.212.142	unknown	United States	15169	GOOGLEUS	false
104.18.187.31	unknown	United States	13335	CLOUDFLARENETUS	false
34.120.78.44	sp.bitly.com	United States	15169	GOOGLEUS	false
54.212.160.43	unknown	United States	16509	AMAZON-02US	false
13.32.121.50	unknown	United States	16509	AMAZON-02US	false
104.18.32.137	geolocation.onetrust.com	United States	13335	CLOUDFLARENETUS	false
151.101.65.140	unknown	United States	54113	FASTLYUS	false
172.65.202.201	7c7b02d4bc3d48dd81a7c7738d4de1ab.pacloudflare.com	United States	13335	CLOUDFLARENETUS	false
172.65.238.60	18ea70d2d9a945cfb97d818ba71817dc.pacloudflare.com	United States	13335	CLOUDFLARENETUS	false
142.250.186.34	unknown	United States	15169	GOOGLEUS	false
104.18.65.57	cdn.optimizely.com	United States	13335	CLOUDFLARENETUS	false
13.107.21.237	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.186.38	unknown	United States	15169	GOOGLEUS	false
216.239.32.181	analytics-alv.google.com	United States	15169	GOOGLEUS	false
142.250.184.194	unknown	United States	15169	GOOGLEUS	false
172.217.18.4	www.google.com	United States	15169	GOOGLEUS	false
13.226.204.54	static-cdn.hotjar.com	United States	16509	AMAZON-02US	false
172.64.155.119	unknown	United States	13335	CLOUDFLARENETUS	false
216.58.206.46	unknown	United States	15169	GOOGLEUS	false
142.250.186.106	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.70	unknown	United States	15169	GOOGLEUS	false
172.217.16.194	unknown	United States	15169	GOOGLEUS	false
169.150.255.183	unknown	United States	2711	SPIRITTEL-ASUS	false
13.33.187.109	script.hotjar.com	United States	16509	AMAZON-02US	false
18.66.102.51	unknown	United States	3	MIT-GATEWAYSUS	false
18.239.82.28	docrdsfx76ssb.cloudfront.net	United States	16509	AMAZON-02US	false
169.150.255.180	unknown	United States	2711	SPIRITTEL-ASUS	false
13.32.121.100	dna8twue3dlxq.cloudfront.net	United States	16509	AMAZON-02US	false
35.167.128.188	api.userway.org	United States	16509	AMAZON-02US	false
142.250.186.130	unknown	United States	15169	GOOGLEUS	false
142.250.185.168	unknown	United States	15169	GOOGLEUS	false
142.250.185.166	dart.l.doubleclick.net	United States	15169	GOOGLEUS	false
216.58.206.38	ad.doubleclick.net	United States	15169	GOOGLEUS	false
172.65.240.166	e5de3d23065c4748b155c28e6fa36f3e.pacloudflare.com	United States	13335	CLOUDFLARENETUS	false
172.217.23.99	unknown	United States	15169	GOOGLEUS	false
150.171.28.10	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
67.199.248.14	unknown	United States	396982	GOOGLE-PRIVATE-CLOUDUS	false
142.250.186.132	unknown	United States	15169	GOOGLEUS	false
13.227.219.28	unknown	United States	16509	AMAZON-02US	false
67.199.248.15	bitly.com	United States	396982	GOOGLE-PRIVATE-CLOUDUS	false
67.199.248.10	bit.ly	United States	396982	GOOGLE-PRIVATE-CLOUDUS	false
142.250.186.136	unknown	United States	15169	GOOGLEUS	false
142.250.184.200	unknown	United States	15169	GOOGLEUS	false
151.101.1.229	jsdelivr.map.fastly.net	United States	54113	FASTLYUS	false
142.250.186.162	adservice.google.com	United States	15169	GOOGLEUS	false
172.217.16.206	unknown	United States	15169	GOOGLEUS	false
216.58.206.66	unknown	United States	15169	GOOGLEUS	false
195.181.170.18	1784939676.rsc.cdn77.org	United Kingdom	60068	CDN77GB	false
3.165.112.63	unknown	United States	16509	AMAZON-02US	false
151.101.1.140	unknown	United States	54113	FASTLYUS	false
150.171.27.10	ax-0001.ax-msedge.net	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
64.233.167.84	unknown	United States	15169	GOOGLEUS	false
142.250.185.130	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
207.211.211.27	1667503734.rsc.cdn77.org	United States	14135	NAVISITE-EAST-2US	false
172.65.208.22	2acdb9b66bb242618283aadb21ede6c1.pacloudflare.com	United States	13335	CLOUDFLARENETUS	false
151.101.129.140	dualstack.reddit.map.fastly.net	United States	54113	FASTLYUS	false
104.18.86.42	cdn.cookielaw.org	United States	13335	CLOUDFLARENETUS	false
172.217.16.130	td.doubleclick.net	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1545682
Start date and time:	2024-10-30 20:49:22 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://bit.ly/magahttps://bit.ly/maga-voter-purge-va-voter-purge-va
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	13
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean1.win@20/92@112/673

Warnings

Exclude process from analysis (whitelisted): svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.67, 216.58.212.142, 64.233.167.84, 34.104.35.123, 142.250.186.136
Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, www.googletagmanager.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://bit.ly/magahttps://bit.ly/maga-voter-purge-va-voter-purge-va

LLM Input / Output

Input	Output
URL: Model: claude-3-5-sonnet-latest	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": true, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": false }
URL: URL: https://bit.ly
URL: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly Model: claude-3-haiku-20240307	```json { "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Get a Quote", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: Model: claude-3-5-sonnet-latest	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": true, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": false }
URL: URL: https://bitly.com
URL: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly Model: claude-3-haiku-20240307	```json { "brands": [ "Bitly", "BuzzFeed", "The New York Times", "Gartner", "Bose" ] }

URL: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly Model: claude-3-haiku-20240307	```json { "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Get a Quote", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly Model: claude-3-haiku-20240307	```json { "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Get a Quote", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly Model: claude-3-haiku-20240307	```json { "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Get a Quote", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly Model: claude-3-haiku-20240307	```json { "brands": [ "Bitly", "BuzzFeed", "The New York Times", "Gartner", "Bose" ] }

URL: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly Model: claude-3-haiku-20240307	```json { "brands": [ "Bitly", "BuzzFeed", "The New York Times", "Gartner", "Bose" ] }

URL: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly Model: claude-3-haiku-20240307	```json { "brands": [ "Bitly", "BuzzFeed", "The New York Times", "Gartner", "BOSE" ] }

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 18:49:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.9898395411170355
Encrypted:	false
SSDEEP:
MD5:	03D2F89AFFDA0E8CF7BC8DD42D014D42
SHA1:	782D187111792009548018DF134A3372077D3655
SHA-256:	BFA698FEE3AE998F1358AF85CE4C78B3A8A041C4160AEC0D63F7EEC08BA475E1
SHA-512:	6E0C9221FDDA30C4234FF3D2CBD9BDB6768C66019C3ECC2AE1E9B6117271366DB009C4749440A01A6506B18E7588A91A5E09CD47938B3611C6412342B4AFF7FA
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.......+..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I^Y0.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V^Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V^Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V^Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V^Y;............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............8.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e..C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 18:49:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.0054180086673155
Encrypted:	false
SSDEEP:
MD5:	CE3457F31942C56ABCA4AF39F45F7E17
SHA1:	753A882CB79F2B31B750B37BADCB660697EC7B68
SHA-256:	337607D62CEC93E9B295DA9FE0C2A20839C2BAEF26D00FCC461F9CA8B6FDD295
SHA-512:	6E24BA5A8A78475B84BA43922200996F42A1C8804B615C746345AEF99327FA100E3A4E468D535CF7205E05E7EC55A8F682D1A336749D9BE6B0926E0ED929BD4D
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....T....+..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I^Y0.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V^Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V^Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V^Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V^Y;............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............8.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.012323123067755
Encrypted:	false
SSDEEP:
MD5:	FC26B90D115A2EE68DE1577F6C2094A5
SHA1:	781235695510F85097449C36DED8610E3503434F
SHA-256:	3FEA842FF7F553CFB9054A33EBF409A461653110E6E211742D64D029213C1EB8
SHA-512:	B5B7B2ABB11C22D8D344ED0C09BE71B53E73E520F5893EA07235322A3F1A2065AFA88BC247B2B330CD455FD8ED148695033C923267CBD085E2A35AFCBC72DCA0
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I^Y0.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V^Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V^Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V^Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............8.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 18:49:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	4.002867798097351
Encrypted:	false
SSDEEP:
MD5:	E0B1327F67F2AE6164E1FF77BBC900BD
SHA1:	AAEC3262492597C9669A5CB9E6561321157C7E08
SHA-256:	D569190F4755F82E279173C1B67A7E068E653AEF06C355F76D076A2F1939C129
SHA-512:	B78F6E2F7753ABF8205A47F4A42645A4C2D6DBCFE2D7B1A83AB2760CBFFB25276CCCAFD8577ED25BAB1906B5B66596DF2BB1E0D08BA4CAA4C85F1FE82508F861
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....)...+..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I^Y0.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V^Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V^Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V^Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V^Y;............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............8.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 18:49:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.990722842447399
Encrypted:	false
SSDEEP:
MD5:	25BE21CD3F7D1D73038576C8E21DDD98
SHA1:	1BFEA4B6B91583670817BAE7E611F8441A7CB541
SHA-256:	829F228671123A48CC8A2CDCD9453F232BF51B8DC59A6F442E7C49BF0CF704D4
SHA-512:	EBBE6DE08436CF1641A77C8C5D054C99F08BD4093F43E03826B8D9FF625D642D60869962CD6A5FE62D833F029B741495EF0994F5B61D02C57D81D344AEA02528
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.........+..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I^Y0.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V^Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V^Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V^Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V^Y;............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............8.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 18:49:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9994912452474245
Encrypted:	false
SSDEEP:
MD5:	E7B47AEC98005D4B580C13E9B7F3B320
SHA1:	46F1531BFD07355F98D3D802589AF6E0B8D08B92
SHA-256:	193AC39D5B063B656245DEA5EEB3CCB405394CCFE0FEC8E5EE21F98F573DDAF3
SHA-512:	36605C931904950830887F1FBF02B31C4F06AF119E3C77E6D7CF5B7B4B05DE315E0677363F56BECD018C25BF11E978219751D9221633E6B2B86475B9C393772C
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......x..+..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I^Y0.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V^Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V^Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V^Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V^Y;............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............8.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.577819531114783
Encrypted:	false
SSDEEP:
MD5:	4C8A26E14EDABDD7D6BFBF1472AFC853
SHA1:	F268C3DB54608F753ED9320CB2411B00A40C8D65
SHA-256:	B9224CA870B658AB694ECED1FBB07A971FCE7D0C990E50046929E9968BAF435C
SHA-512:	820B85A739953E8A71E89FEB45BBFB01E2D2F8977D30B0AB11BED28A7CA2B0365595AA7074A3A9780C8DE95E0C8DE839B5C390519F5238E8435F44736CDD497F
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAmHoFMUJy4A5xIFDaWTNiQ=?alt=proto
Preview:	CgkKBw2lkzYkGgA=

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23529), with no line terminators
Category:	dropped
Size (bytes):	23529
Entropy (8bit):	5.462614045763642
Encrypted:	false
SSDEEP:
MD5:	D5BABF1F477D0F7BF4044B0693B956D9
SHA1:	C664607BA1A082E9DC5A89113DCED9C14D1A1DE9
SHA-256:	48EEF7FE61A3E2C7C88AC1C6A263BD851B6A05363607E52FD2BE4E4472D42255
SHA-512:	A55C561474200C31E2D3D5CE0B4B3D014DC68A0B454DE7D499D96816C50F8B962EB646A9C74FD6C937B2EA2BE6909F10A165C5D6D273417EF5D227C29AD89A5B
Malicious:	false
Reputation:	unknown
Preview:	var __values=this&&this.__values\|\|function(e){var n="function"==typeof Symbol&&Symbol.iterator,t=n&&e[n],a=0;if(t)return t.call(e);if(e&&"number"==typeof e.length)return{next:function(){return e&&a>=e.length&&(e=void 0),{value:e&&e[a++],done:!e}}};throw new TypeError(n?"Object is not iterable.":"Symbol.iterator is not defined.")};!function(){function e(e){var n,t;e=e\|\|{};var r=document.querySelector(e.mainNavSelector);if(!r){var l=document.querySelectorAll("nav");r=Array.from(l).find(function(e){return a.isElementVisible(e,{shouldBeInViewport:!1})})}if(r\|\|(r=document.querySelector('[role="navigation"]')),!r)return console.log("Navigation menu was not found!");if(!e.ignoreAriaAttributes&&0!==r.querySelectorAll("[aria-expanded], [aria-haspopup]").length\|\|r.querySelector("[data-uw-rm-mega-nav]"))return console.log("Navigation menu already remediated!");r.setAttribute("role","navigation"),a.injectStylesheet(".userway__menu--show { display: block !important; opacity: 1 !important; visibilit

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	467992
Entropy (8bit):	5.359311088535166
Encrypted:	false
SSDEEP:
MD5:	48DC9F6FD702E560EF1F139A9833F93E
SHA1:	D0A79018CF63EDD11A5AAB8314EEE02E211B6700
SHA-256:	247F3BE41E4D44AFAC56C74180F05CFC753C2C4618A88B4ED63FD84C5996DC2B
SHA-512:	DA38BD038F33BCBDBCA88760B865ABC94F005063EF1D9B090505DC42F2074500B5C7465BAD527647B8F1AE95600F0A2DF6D9236CDCE689107D0B255FFEEC320D
Malicious:	false
Reputation:	unknown
Preview:	!function(){"use strict";var D=function(e,t){return(D=Object.setPrototypeOf\|\|({__proto__:[]}instanceof Array?function(e,t){e.__proto__=t}:function(e,t){for(var o in t)Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o])}))(e,t)};function x(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function o(){this.constructor=e}D(e,t),e.prototype=null===t?Object.create(t):(o.prototype=t.prototype,new o)}var H,R=function(){return(R=Object.assign\|\|function(e){for(var t,o=1,n=arguments.length;o<n;o++)for(var r in t=arguments[o])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e}).apply(this,arguments)};function d(e,s,a,l){return new(a=a\|\|Promise)(function(o,t){function n(e){try{i(l.next(e))}catch(e){t(e)}}function r(e){try{i(l.throw(e))}catch(e){t(e)}}function i(e){var t;e.done?o(e.value):((t=e.value)instanceof a?t:new a(function(e){e(t)})).then(n,r)}i((l=l.apply(e,s\|\|[])).next())})}function F(n,r){var i,s,a

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	1749
Entropy (8bit):	4.650526878130153
Encrypted:	false
SSDEEP:
MD5:	ED5FED36ADD4DC21473748AE548DA449
SHA1:	DE3E38E4C774B335F580C2B812EB010106249A0A
SHA-256:	F116EAB83CE6451BA3677CBFCF54FEFEC0F6A9008EBA14485B0201D020F41E09
SHA-512:	616C4C9D68CBA2F564DF7E7D5CFA26BF7DE9B6919DD5C095324AD8B8C14DE1F6491B57D09461D2F4FF9EF860BD1519AD2FBBA07EC8ACFEAB1EBE22A61B4AAC0A
Malicious:	false
Reputation:	unknown
URL:	https://bat.bing.com/p/action/355015482.js
Preview:	(function(w,d,c,k,a,b,t,e) {. var cs = d.currentScript;. if (cs) {. var uo = cs.getAttribute('data-ueto');. if (uo && w[uo] && typeof w[uo].setUserSignals === 'function') {. w[uo].setUserSignals({'ea': c, 'kc': k, 'at': a, 'bi': b, 'dt': t, 'ec': e});. }. }.})(window, document, false, true, false, false, false, false);..(function(w,d,s,i) {.. var c=d.currentScript;.. if (c) {.. var uo = c.getAttribute('data-ueto');.. if (uo && w[uo] && w[uo].uetConfig && w[uo].uetConfig.deBlock === true).. return;.. }.. var f,j; f=d.getElementsByTagName(s)[0]; j=d.createElement(s); j.async=true;.. j.src='https://bat.bing.com/p/insights/t/'+i;.. j.onload = function () {.. if (!c) return;.. var co = function(u) { return u && typeof u === 'object' && !(u instanceof Array) && u.beaconParams && u.beaconParams.mid && w.webinsights; };.. var r = 40;.. var cl = function() {.. if (r-- < 1)

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (22445)
Category:	dropped
Size (bytes):	22446
Entropy (8bit):	5.308431285952441
Encrypted:	false
SSDEEP:
MD5:	ECCC5D2CDD3EB68851E379F6375456A5
SHA1:	5DD0EA3388B103A873280C0C9EFABC917F320D9A
SHA-256:	7358C5616F671017F307D161644D253F0F81083B0BE68F3A3FEFEFA33B59DE5D
SHA-512:	47B471DA0BAB81A7A1CB304A35635EA5E3329A418BC562E88B66F7E57991A2E889091C7B40503CEBACC40FEAE0CE0C4F797DFDA7EA612C178F48B0FA44523BC5
Malicious:	false
Reputation:	unknown
Preview:	var OneTrustStub=(t=>{var a,o,r,e,l=new function(){this.optanonCookieName="OptanonConsent",this.optanonHtmlGroupData=[],this.optanonHostData=[],this.genVendorsData=[],this.vendorsServiceData=[],this.IABCookieValue="",this.oneTrustIABCookieName="eupubconsent",this.oneTrustIsIABCrossConsentEnableParam="isIABGlobal",this.isStubReady=!0,this.geolocationCookiesParam="geolocation",this.EUCOUNTRIES=["BE","BG","CZ","DK","DE","EE","IE","GR","ES","FR","IT","CY","LV","LT","LU","HU","MT","NL","AT","PL","PT","RO","SI","SK","FI","SE","GB","HR","LI","NO","IS"],this.stubFileName="otSDKStub",this.DATAFILEATTRIBUTE="data-domain-script",this.bannerScriptName="otBannerSdk.js",this.domPurifyScriptName="otDomPurify.js",this.mobileOnlineURL=[],this.isMigratedURL=!1,this.migratedCCTID="[[OldCCTID]]",this.migratedDomainId="[[NewDomainId]]",this.userLocation={country:"",state:"",stateName:""}},s=((g=y=y\|\|{})[g.Days=1]="Days",g[g.Weeks=7]="Weeks",g[g.Months=30]="Months",g[g.Years=365]="Years",(g=e=e\|\|{}).Name="O

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (409), with no line terminators
Category:	dropped
Size (bytes):	409
Entropy (8bit):	5.071644775975722
Encrypted:	false
SSDEEP:
MD5:	B2CB713D9736E814A08353C2FEDCB8E1
SHA1:	E5875894947716625D15D46C92DE1B5A222725A9
SHA-256:	F7BB442B06BFB13ECFEE3C3EC2B6B19440A33E080CA9378F8D6F161281BD01ED
SHA-512:	1F3C9906E4566A4DB12379558A6DA10159F0A8B692C72080D1348EE50FDBA1A8B98A2AE93CA8D1CC4F3925067FB25D33B560F9F7ED5B0AE76655F01BFDAA8C94
Malicious:	false
Reputation:	unknown
Preview:	"use strict";var WPMLLanguageSwitcherDropdown=function(){function t(e){(e=e\|\|window.event).preventDefault&&e.preventDefault(),e.returnValue=!1}return{init:function(){for(var e=document.querySelectorAll(".js-wpml-ls-legacy-dropdown a.js-wpml-ls-item-toggle"),n=0;n<e.length;n++)e[n].addEventListener("click",t)}}}();document.addEventListener("DOMContentLoaded",function(){WPMLLanguageSwitcherDropdown.init()});

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65447)
Category:	downloaded
Size (bytes):	87553
Entropy (8bit):	5.262620498676155
Encrypted:	false
SSDEEP:
MD5:	826EB77E86B02AB7724FE3D0141FF87C
SHA1:	79CD3587D565AFE290076A8D36C31C305A573D18
SHA-256:	CB6F2D32C49D1C2B25E9FFC9AAAFA3F83075346C01BCD4AE6EB187392A4292CF
SHA-512:	FC79FDB76763025DC39FAC045A215FF155EF2F492A0E9640079D6F089FA6218AF2B3AB7C6EAF636827DEE9294E6939A95AB24554E870C976679C25567AD6374C
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-includes/js/jquery/jquery.min.js
Preview:	/! jQuery v3.7.1 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (947)
Category:	downloaded
Size (bytes):	387747
Entropy (8bit):	5.096670713546088
Encrypted:	false
SSDEEP:
MD5:	9EBA1B505E61AE4FD84E547B3B3EFB78
SHA1:	FA58BC1CB88918718D90B9EC2628B7D33DBD90F8
SHA-256:	D66A6C07427AA987D0A17F8878B05274DA836FA09A99F44866D11F82CEFDDE3F
SHA-512:	5A0C27ED40825F1FCEB02C9A833500B57D3A0C7C474110BB2FB4A0F93C13308AD4C4D26E5E9DD6D6BAD2BE704BB98F577420BE51B63A08F539DD5A98A66634A7
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/cache/fvm/min/1729256436-css6a3a42c8ef9b43e1ac5313ba3c0351bad079abf14962a6901d7a3e97a6a07.css
Preview:	body #onetrust-banner-sdk .ot-sdk-row, body #onetrust-pc-sdk .ot-sdk-row, body #ot-sdk-cookie-policy .ot-sdk-row, body #onetrust-consent-sdk #onetrust-banner-sdk {background-color: #edf2fe;}.body #onetrust-banner-sdk, body #onetrust-pc-sdk {-webkit-font-smoothing: antialiased;}.body #onetrust-banner-sdk #onetrust-policy-text, body #onetrust-banner-sdk .ot-b-addl-desc, body #onetrust-banner-sdk .ot-gv-list-handler {font-size: 15px;line-height: 22px;margin: 0 24px;}.body #onetrust-banner-sdk #onetrust-policy-text a {font-weight: 400;}.body #onetrust-banner-sdk #onetrust-policy {margin-top: 20px;margin-bottom: 15px;}.body #onetrust-banner-sdk h2#onetrust-policy-title {padding: 0 24px;font-size: 18px;line-height: 22px;font-weight: 400;font-family: "ProximaNova ExtraBold","Helvetica Neue",Helvetica,Arial,sans-serif;padding-bottom: 0;-webkit-font-smoothing: antialiased;margin-bottom: 5px;}.body #onetrust-banner-sdk #onetrust-button-group-parent {padding: 15px 24px;}.body #onetrust-banner-sdk

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	80592
Entropy (8bit):	5.427025714638547
Encrypted:	false
SSDEEP:
MD5:	3EBBDAE743A4FB31712DEB236588B42D
SHA1:	9FC9F8A1E0A5AB0957637C162C37E84790FFD8D1
SHA-256:	FA23B9B7DC1C4197301E89BA14E65D7E46F9187CED14351277B6EF76AB89131E
SHA-512:	9EAE690CA47B6ED31C0023693B8F278CBEA9E16D6A461D2BC94530BC57FAC184B8435167DA29C24B7D6792D53233E505EDDEB598DCE36D2D6C9E4464214BFAE6
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/consent/26c7d0bf-48ec-4646-8f57-e4e1135d9d05/01926c47-2201-7f65-8a78-a0317182afa0/en.json
Preview:	{"DomainData":{"pclifeSpanYr":"Year","pclifeSpanYrs":"Years","pclifeSpanSecs":"A few seconds","pclifeSpanWk":"Week","pclifeSpanWks":"Weeks","pccloseButtonType":"Icon","pccontinueWithoutAcceptText":"Continue without Accepting","MainText":"We use cookies on our website","MainInfoText":"We use cookies on our website and services to enhance your browsing experience and offer personalized content, including tailored marketing based on your interests. By blocking some types of cookies, you may impact our ability to deliver and improve our services. For more information on cookie categories and your rights, please read our<a href=\"https://bitly.com/pages/cookies\">Cookie Policy</a>.","AboutText":"","AboutCookiesText":"Your Privacy","ConfirmText":"Accept All","AllowAllText":"Save Settings","CookiesUsedText":"Type","CookiesDescText":"Description","AboutLink":"","ActiveText":"Active","AlwaysActiveText":"Always active","AlwaysInactiveText":"Always Inactive","PCShowAlwaysActiveToggle":true,"Alert

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	1977
Entropy (8bit):	5.029287305059752
Encrypted:	false
SSDEEP:
MD5:	8E0A35946BF39D10F46A1F1653366A0A
SHA1:	02B5788AFA6BDD2E146673CC09965750A81BF27C
SHA-256:	C45F637F905E1EA01BA81AA39E8DA62EE7E7F8703C3DA4C3BBA55F6192E5834C
SHA-512:	39EC3E8990B7BEEF84786C1FE8AA8DB98E514FA87DFCB30DB9C7996F99AC21D75C7F77FBE52F9D19823F35246DBBCCAE96A1AE95E594169360F62A3CFC4D1F1F
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="no"?>.<svg xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns="http://www.w3.org/2000/svg" height="40" width="40". version="1.1" xmlns:cc="http://creativecommons.org/ns#" xmlns:dc="http://purl.org/dc/elements/1.1/". viewBox="0 0 40.000001 40.000001">. <g>. <circle stroke-width="0" fill-rule="evenodd" transform="scale(-1,1)" cy="5.2227" cx="-20.033" r="3.5391" fill="#ffffff"/>. </g>. <g opacity=".9">. <circle fill-rule="evenodd" cx="-2.5033" transform="matrix(-.76604 .64279 .64279 .76604 0 0)" cy="13.387" r="3.5391" stroke-width="0" fill="#ffffff"/>. </g>. <g opacity=".8">. <circle stroke-width="0" fill-rule="evenodd" transform="matrix(-.17365 .98481 .98481 .17365 0 0)" cy="8.3722" cx="16.173" r="3.5391" fill="#ffffff"/>. </g>. <g opacity=".7">. <circle fill-rule="evenodd" cx="27.257" transform="matrix(.5 .86603 .86603 -.5 0 0)" cy="-7.474" r="3.5391" stroke-width="0" fil

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	42
Entropy (8bit):	2.9881439641616536
Encrypted:	false
SSDEEP:
MD5:	D89746888DA2D9510B64A9F031EAECD5
SHA1:	D5FCEB6532643D0D84FFE09C40C481ECDF59E15A
SHA-256:	EF1955AE757C8B966C83248350331BD3A30F658CED11F387F8EBF05AB3368629
SHA-512:	D5DA26B5D496EDB0221DF1A4057A8B0285D15592A8F8DC7016A294DF37ED335F3FDE6A2252962E0DF38B62847F8B771463A0124EF3F84299F262ED9D9D3CEE4C
Malicious:	false
Reputation:	unknown
URL:	https://alb.reddit.com/rp.gif?ts=1730317801028&id=a2_fen0j12o3rmb&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=7aa594cb-6d1c-468a-aab2-6c7ff55e9308&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_49267bce&dpm=&dpcc=&dprc=
Preview:	GIF89a.............!.......,...........D.;

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (880), with no line terminators
Category:	downloaded
Size (bytes):	880
Entropy (8bit):	5.624386494366634
Encrypted:	false
SSDEEP:
MD5:	2CE5727FBA31EEB483EF312D71540DC6
SHA1:	F60BAE3D2198B4E09753F0F269A78D3E233CB9FF
SHA-256:	E15965F7C0BF91A8D25FFA5C19427D47BEFEF766377DBEE8B3BBDCD478D6F8CA
SHA-512:	CB8E831010838E7AC57A0AE55F92C2696B438A051158A727FEA9B844B6DF38A17462BF71AF2F58273B6A67F201910E99BEC3C5B0EDEFA67598AFC5561C2DA502
Malicious:	false
Reputation:	unknown
URL:	https://12389169.fls.doubleclick.net/activityi;dc_pre=CKWerZDwtokDFWzzEQgdjnQKjw;src=12389169;type=pagev00;cat=pagev0;ord=820048208007;npa=1;u3=%2Fpages%2Flanding%2Fbranded-short-domains-powered-by-bitly;gdid=dNzMyY2;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gcu=1;auiddc=369945135.1730317801;ps=1;pcor=1614933502;gtm=45fe4as0v9181803210z8846725585za201zb846725585;gcs=G111;gcd=13r3r3r3p5l1;dma=0;tag_exp=101533421~101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fbitly.com%2Fpages%2Flanding%2Fbranded-short-domains-powered-by-bitly%3Fbsd%3Dbit.ly?
Preview:	<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="https://adservice.google.com/ddm/fls/z/dc_pre=CKWerZDwtokDFWzzEQgdjnQKjw;src=12389169;type=pagev00;cat=pagev0;ord=820048208007;npa=1;u3=%2Fpages%2Flanding%2Fbranded-short-domains-powered-by-bitly;gdid=dNzMyY2;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gcu=1;auiddc=*;ps=1;pcor=1614933502;gtm=45fe4as0v9181803210z8846725585za201zb846725585;gcs=G111;gcd=13r3r3r3p5l1;dma=0;tag_exp=101533421~101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fbitly.com%2Fpages%2Flanding%2Fbranded-short-domains-powered-by-bitly%3Fbsd%3Dbit.ly"/></body></html>

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	651
Entropy (8bit):	4.3413895961447135
Encrypted:	false
SSDEEP:
MD5:	A5C5D6146A6E55E4A0FE3567602B1E46
SHA1:	C75FF1B713378AEC779FB248E22DAA513ACA725B
SHA-256:	901BB0E03B8C3C0A1CF4C487A177417328BB7D8C94106ECEFCEEDD7D7F6C4DDC
SHA-512:	D21D979974542243A4D70036F87BFC0549B6793B809ED09044946BE2A25C47811A99E20FDB1F3044082A5509664101D4BCA241A1CA7B09FE80084CEAFA092368
Malicious:	false
Reputation:	unknown
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="348.333" height="348.333" viewBox="0 0 348.333 348.334"><path fill="#565656" d="M336.559 68.611L231.016 174.165l105.543 105.549c15.699 15.705 15.699 41.145 0 56.85-7.844 7.844-18.128 11.769-28.407 11.769-10.296 0-20.581-3.919-28.419-11.769L174.167 231.003 68.609 336.563c-7.843 7.844-18.128 11.769-28.416 11.769-10.285 0-20.563-3.919-28.413-11.769-15.699-15.698-15.699-41.139 0-56.85l105.54-105.549L11.774 68.611c-15.699-15.699-15.699-41.145 0-56.844 15.696-15.687 41.127-15.687 56.829 0l105.563 105.554L279.721 11.767c15.705-15.687 41.139-15.687 56.832 0 15.705 15.699 15.705 41.145.006 56.844z"/></svg>

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1000 x 100, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	21590
Entropy (8bit):	7.9506525546523745
Encrypted:	false
SSDEEP:
MD5:	C934365C36746261345C8EB8314B3D78
SHA1:	79A912E96699300BB41BC7F97E8F4A0BF132481E
SHA-256:	3AB10BE03ABAC85C8555B340E7BEE082B53422FCF59949C5901EC17045FCC711
SHA-512:	DAE67FFCA0C76A3D1C2411DF8C82005B7E1618652B306C4B03841067B10B1BA6A744794C53C026F37ADF43906E665FC411B91ABB6A78DB647F03AB0E24E303CA
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/uploads/2019/06/LP_Unbranded-vs-Branded_Beats_1.png
Preview:	.PNG........IHDR.......d......9......sRGB.......@.IDATx...x.U..OBI ..{.w...JQ@E.EP~..T....(..D....,.t..Z ....@z.....fvvv...$...Yv..m..$..{.Ghtb2.0.&.....`.nM.P.mn=..<.`.L..0.&@......`.L..0.&.....`.L..0..'..z.?....`.L..0.&.....`.L..0..A.w..0.&.....`.L..0.&....+...tWx.<.&.....`.L..0.&.....x..........0.&.....`.L..0.&..\..+...x.L..0.&.....`.L..0.&...`........`.L..0.&.....`.L.....V.].).....`.L..0.&.....`.L..'......0.&.....`.L..0.&.....p......S.90.&.....`.L..0.&.....O...'..`.L..0.&.....`.L..0.&...XAw...s`.L..0.&.....`.L..0.'..+.O.+.....`.L..0.&.....`.L.......O.......`.L..0.&.....`.O<.V..W..0.&.....`.L..0.&....+.`.......0.&.....`.L..0.&...x...?...`.L..0.&.....`.L..0.W .........90.&.....`.V..?....)9..v %.#.(&.(:....)"."...AR.../&?..J......J.\|..0.&.....p......S.90.&......!.\|....I..o\.a{...R.3....lF.c...k2.&.....`..F....C..1.&.....H.@...O.o5%.^K.7/......q%hUD+Z..".;..`.L..0.&...XAw....`.L..0.'.@T8%mY&?...!4.%..a..',)W...0.&.....`.....n.._a.L..0.&.!......_.$.Oy&........-3a

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	77
Entropy (8bit):	4.261301029168016
Encrypted:	false
SSDEEP:
MD5:	806699ED4BB65178112F5BAD2242C52D
SHA1:	F44771599DB97A9EA255845DC886AE69EC293024
SHA-256:	6595E4AA67EA4D50268F53193CBE84B2201B3130DC15F690165007BDB829E068
SHA-512:	01FD5927CB4F6A6C1EA7B91F9ADD3F39AB3CC936FC06D806BF0A7A656E008F4281A96B7F8A850D8D470E8DF832B95A539836D734DC19D33B9946C31C948839FA
Malicious:	false
Reputation:	unknown
Preview:	jsonFeed({"country":"US","state":"TX","stateName":"Texas","continent":"NA"});

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65091)
Category:	downloaded
Size (bytes):	72437
Entropy (8bit):	5.500351233967355
Encrypted:	false
SSDEEP:
MD5:	C49B810E69B94765EC79A22FCAE77CB2
SHA1:	79B1FA2247051F1313660E3FF19903DE8370A7CB
SHA-256:	06B034E823255A66945A09E428E9435975D82A8A5A3E8080CCD7F47179CF144F
SHA-512:	BC1E9056C5BA88611177FE00875CA345D7B09A67F28E7EB4616C1DEE18B55166CB3AEDE2A914B4C09325DDB369E03F6FEEBB557E9C20E29E843D49FC27F57C41
Malicious:	false
Reputation:	unknown
URL:	https://cdn.jsdelivr.net/npm/@snowplow/javascript-tracker@3.4.0/dist/sp.min.js?cl=1
Preview:	/*. Skipped minification because the original files appears to be already minified.. * Original file: /npm/@snowplow/javascript-tracker@3.4.0/dist/sp.js. . Do NOT use SRI with dynamically generated files! More information: https://www.jsdelivr.com/using-sri-with-dynamic-files. /./!. * Web analytics for Snowplow v3.4.0 (http://bit.ly/sp-js). * Copyright 2022 Snowplow Analytics Ltd, 2010 Anthon Pang. * Licensed under BSD-3-Clause. */.."use strict";!function(){function e(e,n){var t,o={};for(t in e)Object.prototype.hasOwnProperty.call(e,t)&&0>n.indexOf(t)&&(o[t]=e[t]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var r=0;for(t=Object.getOwnPropertySymbols(e);r<t.length;r++)0>n.indexOf(t[r])&&Object.prototype.propertyIsEnumerable.call(e,t[r])&&(o[t[r]]=e[t[r]])}return o}function n(e,n,t){if(t\|\|2===arguments.length)for(var o,r=0,a=n.length;r<a;r++)!o&&r in n\|\|(o\|\|(o=Array.prototype.slice.call(n,0,r)),o[r]=n[r]);return e.concat(o\|\|Array.prototype.slice.call(n))}function

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (56495)
Category:	downloaded
Size (bytes):	471050
Entropy (8bit):	5.54390458117101
Encrypted:	false
SSDEEP:
MD5:	732399E6421CA94FBDAB773EF6A55E4E
SHA1:	19145D919F0B6510E1488B8CB3CED6B105CBF252
SHA-256:	4055E2ACA3C585CD18B860C31C67C2E3D95E3D32E789843BE2967C37C2B50CD5
SHA-512:	5B7B613DEF60A115E3CA222AC23764EE1F6D0BCB926246653E78A7528C7417DB3D9829C37186DE682BDC266F4BD5175D6522D5B94BD2380214B1E2FD5C01F925
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtm.js?id=GTM-MWZVBR2
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]\|\|{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"88",. . "macros":[{"function":"__e"},{"function":"__k","vtp_decodeCookie":false,"vtp_name":"_ga"},{"function":"__jsm","vtp_javascript":["template","(function(){return ",["escape",["macro",1],8,16],".slice(6)})();"]},{"function":"__gtes","vtp_userProperties":["list",["map","name","client_id","value",["macro",2]]]},{"function":"__v","vtp_name":"gtm.element","vtp_dataLayerVersion":1},{"function":"__aev","vtp_varType":"TEXT"},{"function":"__v","vtp_name":"gtm.triggers","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":""},{"function":"__v","vtp_name":"gtm.elementId","vtp_dataLayerVersion":1},{"function":"__jsm","vtp_javascript":["template","(function(){var a=",["escape",["macro",4],8,16],";a=a.closest(\"[id]\");return a.id})();"]},{"function":"__v","vtp_name":

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	5430
Entropy (8bit):	3.598095574436548
Encrypted:	false
SSDEEP:
MD5:	CE0260C17B7F1DBDB7726EF7E8FD8C7A
SHA1:	B0C679DEF36E3CCBB3C39A3F84CE47F87FE38BE8
SHA-256:	4260C4CA799132F04BFA7AF774C1A5F4AC12B775E21D380884D7D08B35270679
SHA-512:	A7A20FB2CEC0FD1B5EBB2CCA577C052F42C803D7A4FF4CD6237809329B85618C8C6A748C7FB9FA595F7F14A3901D05C2889CF7DB41A9F665041602FF88F38EDF
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/uploads/2019/02/favicon.ico
Preview:	............ .h...&... .... .........(....... ..... ...................................................:..0vT.0vz.0v`.+v...................................9.......:."`..#a..#a..#a.."`...Z...:.......................;""`...0wX.0vf#a...H.../v6.H..#a..#a.."`....;$..............;."`..!_...8..].#a...0v0........"a.."a.."_."`....;........."`."`....:......U.#a...E.X........"`.#a...=.."`...].......;."`...E.f.........U.#a.."`.../v4./u&"`..#`.......H.."a...q..0vR"`...'k..........U.#a..#a..#a..#a..#a...G.......0v2#a...0vX.0vt"`...............\.#a...H.l"_."`..G.h..6....../r.#a...0vv.0vp"`..............._.#a...0vD.....................-t.#a...0vr.0vP#a...0v...."^.!_.#a...0vB.....................0vD#a...0vR..:.#a...Z......H.x#a.."a....;..................... `.#a....;......].#a...H.J......u..........................H.N"`...Z...........;.#`..#a...G.`..*......................F.Z#`.."`....;...............{,#`..#a.."`...H.t./vH./vJ.E.p"a..#a.."`....;(......................:.._."`..#a

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, CFF, length 59264, version 0.0
Category:	downloaded
Size (bytes):	59264
Entropy (8bit):	7.993844591913054
Encrypted:	true
SSDEEP:
MD5:	D73067AA13E4C72278BF35BEEDFA5DB0
SHA1:	CAF2119603CEE2DA7BB0CC4303AA8E397106448C
SHA-256:	78E43369B4F7065B3BFC9195C771B91E8BB7DD4B21EB4C3F99A9050A3884E325
SHA-512:	C28F57FC0B69B54C051E1D2F3B705466820F111DF7EED5EC4A21A2759E9C9A793B95461AD8BC55A9A7E42E0909CC070BE9CE0A58F3C34ED0A416050FEE05238A
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/wp-content/themes/JointsWP-CSS-master/assets/fonts/bitly_displaay_standard/BitlyDisplaayStandard-SemiBold.woff
Preview:	wOFFOTTO...................................CFF ......y.....f.1(GDEF...........bFt@.GPOS......T....V.&6.GSUB...T..........OS/2...d...Z...`..6.cmap...8...:...B.j..head...$...3...6'.J.hhea...D... ...$....hmtx...X..........'%maxp.............mP.name.......v...0u..post...t....... ...2..P..m..x.c`d```e`.\j.0...+.3... xd......{....30.D.L....x...s.+....Vm.;9...m.m.m.m.m....O.....ou.Vu..L-.7..M.......$.....B.".....3.nj.By..Su...-.(...~.0G...r...]:U. .;hP.a-d....P.$.d!.}.#v.$..^....y...z:...\J.V.....V.L.....wR..?S.$.C.l../..7U+R6!.3.N..._b3./C<..Z..S.$6N..Q9.bnG..3U.:.?xGn...W$xP.'....,...+.q..\|v.wX...h..ltG...%..........W7S9......\TF.....J.{..)....'.;.tw..aF.K.LI.G..{/..2..q_Q:!.3...a.O..... ;...U......\|@.?U...G.._U^...C.C..@{.H.......#.v..]B..Sm...%...jlu...\|[4...r..I.whAYH../..p.I.......n+J........[.<..........~3r}?.. *.F..........WR..&o..{3....>>.O:..m....0............D.9.$...omF..T.[:.prB.Q475..K...re.mKS......Z..=...--.67.qqn3.........7.r..

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	86
Entropy (8bit):	4.779486743739521
Encrypted:	false
SSDEEP:
MD5:	EA03273602AC31C0858FA2D9A1895526
SHA1:	4F8AFE25482A22C6858AF1F58E55D83F9DF9B854
SHA-256:	98D77039EA9249B3DCE91AD7B467EE382F29DAA61213C3E2737BD4A8786C8801
SHA-512:	77FF06E103CA553FAD14E5F865764CDA76777F83800C439ED91B22B26935146863F9D0C3BBBD3EE95E02C69A1A1C29D0C12A5D9B9D1D619CEEBCF1DCCB422238
Malicious:	false
Reputation:	unknown
Preview:	{"version_hash":"49267bce","url":"https://www.redditstatic.com/ads/49267bce/pixel.js"}

Chrome Cache Entry: 169

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	66
Entropy (8bit):	3.9721077567347134
Encrypted:	false
SSDEEP:
MD5:	A20F61BBF661147FA65EC1ABF4093AED
SHA1:	C7306A9A3F8224E2E564FD170242E4B26BBA7047
SHA-256:	EFA3DA3BC784514C792213E4B3C842CF4DA752C0EC3EF14F4592A6A849DBEFCA
SHA-512:	1BD4A45DC90A18265C78720955D80FCAC6A3656C23BBC0C480078D9407ACF205399FBDD22942242642D20EC73759DF5613620BFC27084C71AF448CC2F36D55F6
Malicious:	false
Reputation:	unknown
URL:	https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Preview:	{"country":"US","state":"TX","stateName":"Texas","continent":"NA"}

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	5440
Entropy (8bit):	5.006147178105925
Encrypted:	false
SSDEEP:
MD5:	17E507FC9C7B9EC268739C294BCC79FD
SHA1:	2B57F33D55EB1E48AB3964B6D2C3A6E2FBD7372E
SHA-256:	30CE6E09D5847BD19C37AC5C09D41AB0F9E15EF7499DCA83A88D50A39285242C
SHA-512:	4DE40440D38FD11F7B382FCD7995B4AD9AD4D02EDE78E1421FA1C2F846ECFF34D48B9B4D856EA0F3E3387012B3F9924E84CE54CAE466C5AFEECCFAA5B4A7554E
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/consent/26c7d0bf-48ec-4646-8f57-e4e1135d9d05/26c7d0bf-48ec-4646-8f57-e4e1135d9d05.json
Preview:	{"CookieSPAEnabled":true,"CookieSameSiteNoneEnabled":false,"CookieV2CSPEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"202409.1.0","OptanonDataJSON":"26c7d0bf-48ec-4646-8f57-e4e1135d9d05","GeolocationUrl":"https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location","BulkDomainCheckUrl":"https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck","RuleSet":[{"Id":"01926c47-2531-7d74-b463-64d0a286ff5a","Name":"userfornia","Countries":[],"States":{"us":["ca"]},"LanguageSwitcherPlaceholder":{"de":"de","default":"en","pt":"pt","it":"it","fr":"fr","es":"es"},"BannerPushesDown":false,"Default":false,"Global":false,"Type":"GDPR","UseGoogleVendors":false,"VariantEnabled":false,"TestEndTime":null,"Variants":[],"TemplateName":"GDPR Template - Bitly.com (US)","Conditions":[],"GCEnable":true,"IsGPPEnabled":false,"EnableJWTAuthForKnownUsers":false},{"Id":"01926c47-2201-7f65-8a78-a0317182afa0","Na

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (31989)
Category:	downloaded
Size (bytes):	131621
Entropy (8bit):	5.41877121001479
Encrypted:	false
SSDEEP:
MD5:	0D3BBC5E4E15ED3E882720F2114727FC
SHA1:	967799DE3B102857831313D274ED0618C445AA4B
SHA-256:	448A9C8B699533565CBE0E7DBF95F7B4CDF803424DB86666AF6CC0C1C13DAC1A
SHA-512:	81757BA33C2154DA137D4624969637015874A9DBF7C0CDCB5B6410FDF3E08C947F6A1A2F2F24048FDDB6A04B5C11EBF5161D61E28D3511FD21F011BBAB127A00
Malicious:	false
Reputation:	unknown
URL:	https://cdn.userway.org/widgetapp/2024-10-25-08-38-44/widget_app_base_1729845524407.js
Preview:	!function(e){function t(e){return"[object Array]"===Object.prototype.toString.call(e)}function n(){for(var e=0;e<S.length;e++)S[e][0](S[e][1]);S=[],v=!1}function i(e,t){S.push([e,t]),v\|\|(v=!0,E(n,0))}function r(e,t){function n(e){s(t,e)}function i(e){u(t,e)}try{e(n,i)}catch(e){i(e)}}function o(e){var t=e.owner,n=t.state_,i=t.data_,r=e[n],o=e.then;if("function"==typeof r){n=w;try{i=r(i)}catch(e){u(o,e)}}a(o,i)\|\|(n===w&&s(o,i),n===b&&u(o,i))}function a(e,t){var n;try{if(e===t)throw new TypeError("A promises callback cannot return that same promise.");if(t&&("function"==typeof t\|\|"object"==typeof t)){var i=t.then;if("function"==typeof i)return i.call(t,function(i){n\|\|(n=!0,t!==i?s(e,i):l(e,i))},function(t){n\|\|(n=!0,u(e,t))}),!0}}catch(t){return n\|\|u(e,t),!0}return!1}function s(e,t){e!==t&&a(e,t)\|\|l(e,t)}function l(e,t){e.state_===m&&(e.state_=h,e.data_=t,i(d,e))}function u(e,t){e.state_===m&&(e.state_=h,e.data_=t,i(g,e))}function c(e){var t=e.then_;e.then_=void 0;for(var n=0;n<t.length;n+

Chrome Cache Entry: 175

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (35788), with CRLF line terminators
Category:	dropped
Size (bytes):	35806
Entropy (8bit):	5.354321297607842
Encrypted:	false
SSDEEP:
MD5:	033CB53DBA312C88798BBA579FC68B40
SHA1:	E6A645D3E0680302789C87BABFDDF1A742C7D64A
SHA-256:	A1F8F7541A2982D7DF75F73D0234A3F2AFDC8302F361078F883D25A3A574BAE4
SHA-512:	3CB56D5756C519F72AA24FDF1AC03298CD8010FB6A429A7439A8C19BF75C9C813EB8F224C2A31ECECA53C1EF0101FD74705ADAB86E464E616A0316F5C04DB8FA
Malicious:	false
Reputation:	unknown
Preview:	!function(){"use strict";var t=Object.freeze({__proto__:null,get queue(){return qe},get start(){return Ae},get stop(){return We},get track(){return Se}}),e=Object.freeze({__proto__:null,get clone(){return rn},get compute(){return an},get data(){return Ge},get keys(){return Ze},get reset(){return on},get start(){return en},get stop(){return cn},get trigger(){return nn},get update(){return un}}),n=Object.freeze({__proto__:null,get check(){return pn},get compute(){return vn},get data(){return Be},get start(){return fn},get stop(){return mn},get trigger(){return gn}}),r=Object.freeze({__proto__:null,get compute(){return On},get data(){return wn},get log(){return _n},get reset(){return xn},get start(){return bn},get stop(){return kn},get updates(){return yn}}),a=Object.freeze({__proto__:null,get callbacks(){return Tn},get clear(){return Cn},get consent(){return jn},get data(){return En},get id(){return In},get metadata(){return Sn},get save(){return Hn},get start(){return Nn},get stop(){ret

Chrome Cache Entry: 176

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (509)
Category:	dropped
Size (bytes):	1022
Entropy (8bit):	5.314996697345514
Encrypted:	false
SSDEEP:
MD5:	40DC93FF9CBEBA8126E0BB02B876A7E4
SHA1:	07F1E6AFDEF7DA8E0921930DB351DA1F042ED832
SHA-256:	54191F7E6A0112B02A63B54244410F29859626A18962CEFAA2EE4B1461427B67
SHA-512:	720CD727A95A13AFC86F33F2AF2ADD656239CA8A57975E0F553D1909973117CC254E3B28ADDFCCF777D03D7299AC94BB39BBD7708EFF1730AC03BA6FD6FF7051
Malicious:	false
Reputation:	unknown
Preview:	// HubSpot Script Loader. Please do not block this resource. See more: http://hubs.ly/H0702_H0..!function(e,t){if(!document.getElementById(e)){var c=document.createElement("script");c.src="https://js-eu1.hs-analytics.net/analytics/1730310600000/26740822.js",c.type="text/javascript",c.id=e;var n=document.getElementsByTagName("script")[0];n.parentNode.insertBefore(c,n)}}("hs-analytics");.var _hsp = window._hsp = window._hsp \|\| [];._hsp.push(['addEnabledFeatureGates', []]);._hsp.push(['setBusinessUnitId', 0]);.!function(t,e,r){if(!document.getElementById(t)){var n=document.createElement("script");for(var a in n.src="https://js-eu1.hs-banner.com/v2/26740822/banner.js",n.type="text/javascript",n.id=t,r)r.hasOwnProperty(a)&&n.setAttribute(a,r[a]);var i=document.getElementsByTagName("script")[0];i.parentNode.insertBefore(n,i)}}("cookieBanner-26740822",0,{"data-cookieconsent":"ignore","data-hs-ignore":true,"data-loader":"hs-scriptloader","data-hsjs-portal":26740822,"data-hsjs-env":"prod","data

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (61420)
Category:	dropped
Size (bytes):	73227
Entropy (8bit):	5.328855785443587
Encrypted:	false
SSDEEP:
MD5:	A8007FDEFDA76E6688A4B440CDD7FE90
SHA1:	51ED3D1F3A9EF201A8642A35215EF2C56CDD9E73
SHA-256:	EC122BC25D94EF783B14120F7F4CC25F4B07DE0566722661D50EAE6ADE206635
SHA-512:	733EB9B7E42CC43A2C879389363F089E7F07AFA28AC53497D2131F8A14458E81CBC1AB4E18B682B64F381DE2CC0FFA5294BA3C2592D6B89068C519611133A193
Malicious:	false
Reputation:	unknown
Preview:	/** . * HubSpot Analytics Tracking Code Build Number 1.993. * Copyright 2024 HubSpot, Inc. http://www.hubspot.com. */.var _hsq = _hsq \|\| [];._hsq.push(['setPortalId', 26740822]);._hsq.push(['trackPageView']);._hsq.push(["trackClick", "a#starter-plan-btn-top.button", "pe26740822_pricing_page_starter_get_started_ct", {"url":null,"trackingConfigId":30121800}]);._hsq.push(["trackClick", "a#starter-plan-column-link-top.button.button-primary", "pe26740822_pricing_page_starter_get_started_ct", {"url":null,"trackingConfigId":30124158}]);._hsq.push(["trackClick", "a#starter-plan-column-link-bottom.button.button-primary", "pe26740822_pricing_page_starter_get_started_ct", {"url":null,"trackingConfigId":30124159}]);._hsq.push(["trackClick", "a#free-plan-btn-top.button", "pe26740822_pricing_page_free_cta", {"url":null,"trackingConfigId":30124153}]);._hsq.push(["trackClick", "a#free-plan-column-link-bottom.button.button-primary", "pe26740822_pricing_page_free_cta", {"url":null,"trackingConfigId":30

Chrome Cache Entry: 178

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (815)
Category:	downloaded
Size (bytes):	3501
Entropy (8bit):	5.383873370647921
Encrypted:	false
SSDEEP:
MD5:	147FD3B00C22BA9C939712E9213C24CA
SHA1:	3B48369B86FA0574F35379AACD1F42CC9C98A52B
SHA-256:	70F5B11C1870CF90201A6D5F770CA318A3FA5827C74A8765EDE22B487F7D4532
SHA-512:	E8419A71232EDAC8FD131446777F7D034B3171EFE07B3267479B439E4982650DB65A0D1DDC9F516315D5ED1B01ECFD2F7EB55D75D44AA51EE0AD494D441586D2
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fbitly.com
Preview:	<!DOCTYPE html>.<html>.<head>. <link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon">.</head>.<body>. <script>.'use strict';class m{constructor(a){this.j=a;this.g={};this.h={};this.i=0;this.id=String(Math.floor(Number.MAX_SAFE_INTEGERMath.random()))}}function n(a){return a.performance&&a.performance.now()\|\|Date.now()}.var p=function(a,b){class d{constructor(c,g,f){this.failureType=c;this.data=g;this.g=f;this.h=new m(n(f))}s(c,g){const f=c.clientId;if(c.type===0){c.isDead=!0;var e=this.h,h=n(this.g);e.g[f]==null&&(e.g[f]=0,e.h[f]=h,e.i++);e.g[f]++;c.stats={targetId:e.id,clientCount:e.i,totalLifeMs:Math.round(h-e.j),heartbeatCount:e.g[f],clientLifeMs:Math.round(h-e.h[f])}}c.failure={failureType:this.failureType,data:this.data};g(c)}}return new d(5,a,b)};/.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0.*/.let q=globalThis.trustedTypes,r;function t(){let a=null;if(!q)return a;try{const b=d=>d;a=q.createPolicy("goog#html",{createHTML:b,createScript:b,crea

Chrome Cache Entry: 180

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Category:	dropped
Size (bytes):	70781
Entropy (8bit):	5.377619425450177
Encrypted:	false
SSDEEP:
MD5:	DDF3A3CE773B0D3536183FE743940A17
SHA1:	3E7C27C1076D12BAD9A821D289A49979FCF75A0B
SHA-256:	5DDAF6025D8330154FC2ECAAFA32DC8C2E38ED0E3C949DBD98436A0AE48CADD8
SHA-512:	69740E983CD0E8540BBD7F8E4DF73DB49B1EFCA95D1525E26DA7D8D16ABABC6B8BFEB468865FC363B8C2E22ACECB5DAD18220833E2C592191211979CE5FD81C0
Malicious:	false
Reputation:	unknown
Preview:	var __defProp=Object.defineProperty,__defProps=Object.defineProperties,__getOwnPropDescs=Object.getOwnPropertyDescriptors,__getOwnPropSymbols=Object.getOwnPropertySymbols,__hasOwnProp=Object.prototype.hasOwnProperty,__propIsEnum=Object.prototype.propertyIsEnumerable,__defNormalProp=(e,t,r)=>t in e?__defProp(e,t,{enumerable:!0,configurable:!0,writable:!0,value:r}):e[t]=r,__spreadValues=(e,t)=>{for(var r in t\|\|(t={}))__hasOwnProp.call(t,r)&&__defNormalProp(e,r,t[r]);if(__getOwnPropSymbols)for(var r of __getOwnPropSymbols(t))__propIsEnum.call(t,r)&&__defNormalProp(e,r,t[r]);return e},__spreadProps=(e,t)=>__defProps(e,__getOwnPropDescs(t)),__objRest=(e,t)=>{var r={};for(var n in e)__hasOwnProp.call(e,n)&&t.indexOf(n)<0&&(r[n]=e[n]);if(null!=e&&__getOwnPropSymbols)for(var n of __getOwnPropSymbols(e))t.indexOf(n)<0&&__propIsEnum.call(e,n)&&(r[n]=e[n]);return r},__async=(e,t,r)=>new Promise(((n,i)=>{var o=e=>{try{l(r.next(e))}catch(t){i(t)}},a=e=>{try{l(r.throw(e))}catch(t){i(t)}},l=e=>e.done

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, CFF, length 57944, version 0.0
Category:	downloaded
Size (bytes):	57944
Entropy (8bit):	7.994414296623566
Encrypted:	true
SSDEEP:
MD5:	ACDA3F9256766EEBF4559C8D56A03A73
SHA1:	0845D132EF674566381482C061F035A04B47F424
SHA-256:	C81182F60C6666E966D235EED041E80E932DA9F1AE65748F11022B46A25F6E63
SHA-512:	B1A9124FB4F01ABDEF4FC0F26A039ED08960687C35E515CE8437AF221FDC5760F4288C6565C6EEEAD90808CEFAF9CE1A6AB89BBB4186ACDC0C7F62F260082916
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/wp-content/themes/JointsWP-CSS-master/assets/fonts/bitly_displaay_standard/BitlyDisplaayStandard-Regular.woff
Preview:	wOFFOTTO...X.......,........................CFF ...h..v.........GDEF...........bF.@cGPOS...x..R......m..GSUB...,..........OS/2...X...\...`..4.cmap.......:...B.j..head...$...4...6'XJ.hhea...8... ...$...Zhmtx...X.........w<.maxp.............mP.name.......b....g7..post...T....... ...2..P..m..x.c`d```e`x...Y<..W.f...@..9.F.......E..eg`....{..<x...S........m..m...L..m..S..K.{ol.vnl.veU..l<\|?k.]..fV=q.....%..J...k..k...>R".O.../...._QR.@.....?d.7.B....g.y...8.O.s..1..R..4...e..i>.j....o.....y..Ez<...UN......[...u =.J.<N.k..A~...(.'P.@m......=e~...5K".Hfx3..-...g...j...K.Z..T..'i.d..y..i.v...7...?...K...LT.4...s.#.;L...Fj>...M.'".S=.'./...T8J..#...mC{d......o.....5........}D..M...F.>!o...bv.....&...u.,..9.......-..%.C..:;".!.{..6}......f.2.w......i.....h....A.. .q.x.:...{....L..2r......"[....."......jv.1~&..g.m.@.*[K}7b.I.m.P....qC...C..Fn.!...p6..AQ...B.....,.....O.>cfr....-.h..%..&5...3.g.a.Q/u.J..E...:...mJI.o.v3;..v.!.....2...p..........%.h.lj...(.6..Rl.L

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	5194
Entropy (8bit):	3.976628767895142
Encrypted:	false
SSDEEP:
MD5:	63E737D3544164D2B7F4FBCA416AC807
SHA1:	030370AA38715E4C41589633F69D0BFE8255D46C
SHA-256:	5FA00D047ACD959697B9D7772C31DCD37BEC33C70C6FBF80AB8316205D1D286D
SHA-512:	31EE1BB536C0E50F5568A415EA3308367BFCFD11D2A6F7DFF1C8E3A982F7BE790C240A603CD4C6E187672824B8E5D07646049A28C6A88A7B001EB9A0142F312B
Malicious:	false
Reputation:	unknown
Preview:	<svg height="16" width="136" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 136 14.6"><defs><clipPath id="a"><path fill="none" d="M53.76 0H136v14.6H53.76z"/></clipPath></defs><path d="M0 12.3V5.59h2.27a2.62 2.62 0 011.29.28 1.83 1.83 0 01.74.77 2.25 2.25 0 01.25 1.07 2.26 2.26 0 01-.25 1.08 1.77 1.77 0 01-.74.77 2.55 2.55 0 01-1.28.29H.66v-.72h1.59a1.81 1.81 0 00.87-.19 1.1 1.1 0 00.48-.5 1.73 1.73 0 00.15-.73A1.66 1.66 0 003.6 7a1.1 1.1 0 00-.48-.5 1.86 1.86 0 00-.88-.18H.81v6zm7.74.1a2.29 2.29 0 01-1.2-.32 2.29 2.29 0 01-.8-.91 3.06 3.06 0 01-.28-1.36 3.07 3.07 0 01.28-1.37 2.14 2.14 0 012-1.24 2.14 2.14 0 012 1.24A3.07 3.07 0 0110 9.81a3.06 3.06 0 01-.29 1.36 2.11 2.11 0 01-2 1.23zm0-.69a1.31 1.31 0 00.85-.27 1.6 1.6 0 00.5-.69 2.9 2.9 0 00.16-.94 2.85 2.85 0 00-.16-.94 1.67 1.67 0 00-.5-.71 1.37 1.37 0 00-.85-.26 1.35 1.35 0 00-.85.26 1.67 1.67 0 00-.5.71 2.85 2.85 0 00-.16.94 2.9 2.9 0 00.16.94 1.6 1.6 0 00.5.69 1.29 1.29 0 00.85.27zm4.43.59l-1.54-5h.82l1.08 3

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	1862
Entropy (8bit):	4.226765691147783
Encrypted:	false
SSDEEP:
MD5:	602B8A9C18D45A8098F83E2F84DD1C05
SHA1:	C5A7FF7593B994F2284F1AE89533488D221C0E4C
SHA-256:	DC86E07CB5B4EA81E0978544A4D1EF0B8C2DE4533CD9CBF900A563FD7DAA15A5
SHA-512:	5E874F207549FDB9CB7BC5FAA721D66A7A05240979050A8F1FD92CC143F3A91B01B2AD4DA0A6829BB85B740BC329D9B80BB8E6C98F943CA83A7BE8B4FE331C05
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="UTF-8"?> <svg xmlns="http://www.w3.org/2000/svg" width="120" height="120"><g fill="#252628" fill-rule="evenodd"><path d="M113.404 55.255l-.37 3.698h-1.48c-2.465 0-3.698 1.973-3.698 3.822v8.506h-4.314V55.255h4.068l.123 1.973c.863-1.356 2.342-1.973 4.191-1.973h1.48M83.448 71.281h-4.316v-8.506c0-1.726-.123-3.945-2.712-3.945-2.342 0-3.328 1.726-3.328 3.698v8.753h-4.315V55.255h4.068v2.096c.863-1.356 2.466-2.466 4.808-2.466 4.439 0 5.795 3.082 5.795 6.287v10.109M66.928 67.46l-.246 3.698c-1.11.247-1.973.37-3.083.37-4.068 0-5.3-1.85-5.3-5.548V50.817h4.314v4.438h4.315l-.246 3.698h-4.069v6.657c0 1.48.37 2.342 1.973 2.342.617 0 1.356-.123 2.342-.493M56.943 55.255l-.37 3.698H55.34c-2.342 0-3.575 1.973-3.575 3.822v8.506h-4.314V55.255h4.068l.123 1.973c.863-1.356 2.342-1.973 4.191-1.973h1.11M27.972 69.432c-2.958 1.603-5.917 2.466-9.739 2.466-7.15-.247-12.328-4.685-12.328-12.205 0-7.52 5.178-12.328 12.328-12.451 3.575 0 6.78.863 9.37 3.082l-3.083 3.082c-1.602-1.233-3.821-

Chrome Cache Entry: 185

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3969)
Category:	downloaded
Size (bytes):	292976
Entropy (8bit):	5.561723750822135
Encrypted:	false
SSDEEP:
MD5:	B83079E9DA04E4DA8556B5B8F3C62B06
SHA1:	8ED12AACF2FC0B03D6E68CB5AA3FF8861FAD1008
SHA-256:	190079042ABAEBE53B9B075AEF14E6A91D4C947667F5AA6A149668075031CD60
SHA-512:	00E0FD1BC0354CA87F3B746161667613EC13069932709591BBC0B818B99D69AF12EB0CA3FA3C537237B7493238D4094A51FBE57B7D495F1CA0281E07DA41C9B6
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/js?id=AW-11180849338&l=dataLayer&cx=c
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"4",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_cross_domain","priority":15,"vtp_rules":["list","bitly\\.com","app\\.bitly\\.com"],"tag_id":10},{"function":"__ogt_ads_datatos","priority":15,"vtp_instanceDestinationId":"AW-11180849338","tag_id":19},{"function":"__ogt_ga_send","priority":5,"vtp_value":true,"tag_id":12},{"function":"__ogt_dma","priority":5,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":13},{"function":"__ogt_1p_data_v2","priority":5,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":

Chrome Cache Entry: 186

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	63353
Entropy (8bit):	5.403338302350647
Encrypted:	false
SSDEEP:
MD5:	151E9844CC153239A29BE6557A72AE35
SHA1:	CF9551AFD4911B00981FE7E956A7075777FDF8F2
SHA-256:	7DBC72C3F0511495FDF45D42283A246613DB44B0906199CEF195A773068D822F
SHA-512:	6A7CF00667E8FFD90FA4F095B4E1946486FBEA0DA05FBB9EB1AA524412E8D4EABC0948F67FD2B2E1754BDEC5E38B5A2BEFCD513A1D7BD270E43FDE7C605EBE59
Malicious:	false
Reputation:	unknown
Preview:	. {. "name": "otPcCenter",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtcGMtc2RrIiBjbGFzcz0ib3RQY0NlbnRlciBvdC1oaWRlIG90LWZhZGUtaW4iPjxkaXYgcm9sZT0iZGlhbG9nIiBhcmlhLW1vZGFsPSJ0cnVlIj48IS0tIENsb3NlIEJ1dHRvbiAtLT48ZGl2IGNsYXNzPSJvdC1wYy1oZWFkZXIiPjwhLS0gTG9nbyBUYWcgLS0+PGRpdiBjbGFzcz0ib3QtcGMtbG9nbyIgcm9sZT0iaW1nIiBhcmlhLWxhYmVsPSJDb21wYW55IExvZ28iPjwvZGl2PjxidXR0b24gaWQ9ImNsb3NlLXBjLWJ0bi1oYW5kbGVyIiBjbGFzcz0ib3QtY2xvc2UtaWNvbiIgYXJpYS1sYWJlbD0iQ2xvc2UiPjwvYnV0dG9uPjwvZGl2PjwhLS0gQ2xvc2UgQnV0dG9uIC0tPjxkaXYgaWQ9Im90LXBjLWNvbnRlbnQiIGNsYXNzPSJvdC1wYy1zY3JvbGxiYXIiPjxoMiBpZD0ib3QtcGMtdGl0bGUiPllvdXIgUHJpdmFjeTwvaDI+PGRpdiBpZD0ib3QtcGMtZGVzYyI+PC9kaXY+PGJ1dHRvbiBpZD0iYWNjZXB0LXJlY29tbWVuZGVkLWJ0bi1oYW5kbGVyIj5BbGxvdyBhbGw8L2J1dHRvbj48c2VjdGlvbiBjbGFzcz0ib3Qtc2RrLXJvdyBvdC1jYXQtZ3JwIj48aDMgaWQ9Im90LWNhdGVnb3J5LXRpdGxlIj5NYW5hZ2UgQ29va2llIFByZWZlcmVuY2VzPC9oMz48ZGl2IGNsYXNzPSJvdC1wbGktaGRyIj48c3BhbiBjbGFzcz0ib3QtbGktdGl0bGUiPkNvbnNlbnQ8L3NwYW4+IDxzcGFuIGNsYXNzPSJvdC1saS10aX

Chrome Cache Entry: 188

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11882)
Category:	dropped
Size (bytes):	13185
Entropy (8bit):	5.39211950223249
Encrypted:	false
SSDEEP:
MD5:	3685A737CF29408F9BEB8618B5BE6B46
SHA1:	7DDC3A9FCA6FD12081FEA013B3EFF5B56AA9CA6C
SHA-256:	922BCFEC35839E33349C37AE4EB847C241A2D2AF7F410EBFE3C88B673B2B236D
SHA-512:	049CE195EBFFD83BA7607E003CA3A68FB462433E10EDF126A64C99B99F4EE67CF20BB7584AC7848EE2510340A8BF78F84C6462F79236387B8714999D5B5BA520
Malicious:	false
Reputation:	unknown
Preview:	window.hjSiteSettings = window.hjSiteSettings \|\| {"site_id":3419143,"rec_value":8.191999995688093e-6,"state_change_listen_mode":"automatic","record":true,"continuous_capture_enabled":true,"recording_capture_keystrokes":true,"session_capture_console_consent":false,"anonymize_digits":true,"anonymize_emails":true,"suppress_all":false,"suppress_all_on_specific_pages":[],"suppress_text":false,"suppress_location":false,"user_attributes_enabled":true,"legal_name":"","privacy_policy_url":"","deferred_page_contents":[],"record_targeting_rules":[{"component":"url","match_operation":"simple","pattern":"https://bitly.com/","negate":false}],"feedback_widgets":[],"heatmaps":[],"polls":[],"integrations":{"optimizely":{"tag_recordings":false},"abtasty":{"tag_recordings":false},"kissmetrics":{"send_user_id":false},"mixpanel":{"send_events":false},"unbounce":{"tag_recordings":false},"hubspot":{"enabled":false,"send_recordings":false,"send_surveys":false}},"features":["ask.popover_redesign","client_scrip

Chrome Cache Entry: 189

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3835)
Category:	downloaded
Size (bytes):	264561
Entropy (8bit):	5.562207084458543
Encrypted:	false
SSDEEP:
MD5:	364C1D9C5D10BD0BC82A2500904B5472
SHA1:	933BF6A717E7D316B5E1BCA0BE70EAA458687791
SHA-256:	597EDA5F6D1108D57F1F543AFB5A372585A2EFF4B735F0F27C479826BE9F60F5
SHA-512:	9CB33977BD51974CC4C2262D5D19621E62CA88805A7569B48AA4EF8240985C0AB9D8BC151AED99A88364B426A4D4AECB9FC6A2133E568B3050816F00660BC75D
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/js?id=AW-768371374&l=dataLayer&cx=c
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_ads_datatos","priority":14,"vtp_instanceDestinationId":"AW-768371374","tag_id":111},{"function":"__ogt_dma","priority":4,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":105},{"function":"__ogt_1p_data_v2","priority":4,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameV

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (32000)
Category:	downloaded
Size (bytes):	96553
Entropy (8bit):	5.406694899743588
Encrypted:	false
SSDEEP:
MD5:	6D9C51B538239E4617E1D52290B280BF
SHA1:	41BFB8B1D8C4BB83C7C7D2F2ACACB75DC4CEEB35
SHA-256:	E46C4365656DFB0BBED6F05B4B5C238F50DD854FF47BA09686F17470B4411518
SHA-512:	54671EB6CC8FCD556F01EC3144E81C45760E9859F52E7E4CA0FBD5F42BF6FB0411505B64842408BD88E4294910185A35F473515C53A4DD8B3256F3A8664CE956
Malicious:	false
Reputation:	unknown
URL:	https://cdn.userway.org/widgetapp/2024-10-25-08-38-44/remediation/remediation_1729845524407.js
Preview:	!function(){function e(e){setTimeout(function(){n.totalProcessed.AUTOFOCUS_ON_LOAD=0,t(e),window.addEventListener("popstate",t,!1)},1500)}function t(e){var t=document.activeElement;t&&["INPUT","TEXTAREA"].includes(t.tagName)?(t.blur(),t.setAttribute(n.DATA_ATTRIBUTE_NAME,"autofocus"),i=1):i=0,n.totalProcessed.AUTOFOCUS_ON_LOAD=i,0!==i&&UserWayWidgetApp.ContextHolder.config.services.siteId,e({postMessageAppData:i,backEndData:null,countFixed:i\|\|0,countTodo:i\|\|0})}var r=UserWayWidgetApp.addLib("REMEDIATION_AUTOFOCUS_ON_LOAD"),n=UserWayWidgetApp.getLib("remediation"),i=(UserWayWidgetApp.getLib("util"),0);r.filter=function(e){return[]},r.awaitForResources=function(e,t){return Promise.resolve()},r.doRemediation=function(t,r){return new Promise(function(t,r){try{e(t)}catch(e){r(e)}})}}();var __assign=this&&this.__assign\|\|function(){return __assign=Object.assign\|\|function(e){for(var t,r=1,n=arguments.length;r<n;r++){t=arguments[r];for(var i in t)Object.prototype.hasOwnProperty.call(t,i)&&(e[i]

Chrome Cache Entry: 193

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7915)
Category:	dropped
Size (bytes):	358099
Entropy (8bit):	5.6069120764449645
Encrypted:	false
SSDEEP:
MD5:	FD00C3A44815C12E0CF4E984AF7F0075
SHA1:	C4EA560376B8C80BAF82C047C387DC7D4296A603
SHA-256:	800858233B53067A07C28B8F1EE5597F00DF654871CF929E7E758CEF7D6912F7
SHA-512:	120D1B73283646FAD8C9134CA1B2CF10B701AA4A14945D2924377C94A50950965701DB3495A256CEA35D5E88EB34F04CE6E947001AEF66DB8CE7E4C40985C470
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"9",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_cross_domain","priority":28,"tag_id":109},{"function":"__ogt_referral_exclusion","priority":18,"vtp_includeConditions":["list","accounts\\.google\\.com","accounts\\.google","bitly\\.com"],"tag_id":107},{"function":"__ogt_dma","priority":18,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":110},{"function":"__ogt_1p_data_v2","priority":18,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue"

Chrome Cache Entry: 194

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	2622
Entropy (8bit):	4.509504478992745
Encrypted:	false
SSDEEP:
MD5:	9DADD22F58FE9816F6B0CB6D51BF3DB4
SHA1:	3DDDC7F4865B0B0AD21E30F79D2EB61761F5E1FB
SHA-256:	761EEAD0A16AEF96CA8C7F2DBEDA08AAF19157561BCB8DFDE76804797D9D8B87
SHA-512:	88883E98C508012A0518C1262795C7C1FB7D21B3DA67E3BE34E9D9BE367C6623610D96415AEB112FD664917405E85101F5C1489BB0CCBD568EDD22DEEA06EB10
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="UTF-8"?> <svg xmlns="http://www.w3.org/2000/svg" id="Layer_1" data-name="Layer 1" viewBox="0 0 100 50"><defs><style>.cls-1{fill:#ee6123;}</style></defs><path class="cls-1" d="M86.17,50.51c-5,0-7.79-3-7.79-6.67,0-1.51.07-12.71.07-12.71-1.64,0-2.45-.86-2.45-1.93a2.12,2.12,0,0,1,2.26-2.08s0-3.74,0-5.29a3.17,3.17,0,0,1,3.14-3.23,3.21,3.21,0,0,1,3.18,3.23c0,1.33-.12,3.17-.11,5.21l3.27,0c1.72,0,2.43.94,2.43,2.15a2,2,0,0,1-2.14,2c-1.12,0-3.6,0-3.6,0-.11,3.57-.22,7.88-.22,11.32a2.67,2.67,0,0,0,2.93,2.67c4.76,0,6.13-4.8,6.13-13.85a2.16,2.16,0,0,1,4.32,0C97.6,43.19,94.6,50.51,86.17,50.51Z" transform="translate(-34.1 -16.76)"></path><path class="cls-1" d="M106.47,31.56a8.22,8.22,0,0,1,3.24-1.39c1.21,0,1,.22,1,1.42,0,12.92-2.34,19-10.7,19-3.64,0-7-2.71-7-6,0-1.29.22-3.87.22-5.16,0-12.49-.19-15.13-.19-18.8a3.36,3.36,0,0,1,3.24-3.34,3.09,3.09,0,0,1,3.08,3.18c0,3.66-.4,9-.51,22.78,0,1.15.55,2,2.05,2C105.57,45.13,106.29,39.22,106.47,31.56Z" transform="translate(-34.1 -16.

Chrome Cache Entry: 196

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4855), with no line terminators
Category:	downloaded
Size (bytes):	4855
Entropy (8bit):	5.820656003152725
Encrypted:	false
SSDEEP:
MD5:	E436D8B592A690C9CE09488E918FA3C4
SHA1:	1C4A9B1CA9E38EFD792EAFBB21DEBEF05801C35F
SHA-256:	3B98004382537F737D2021597ADC031DD9AF96C2ABB04C838DB87689B78B09B2
SHA-512:	3748385BE28A6CCD0A8AB0AD22F44C584E6F46907ABFCA79D7C9747447477E70FE2F13B8D03DC6FF6798161A5B8C24BB3C4727E98A2DD2BF4B372AC1EEF563D3
Malicious:	false
Reputation:	unknown
URL:	https://googleads.g.doubleclick.net/pagead/viewthroughconversion/768371374/?random=1730317801480&cv=11&fst=1730317801480&bg=ffffff&guid=ON&async=1&gtm=45be4as0v868422665z8846725585za200zb846725585&gcd=13r3r3r3r5l1&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1280&u_h=1024&url=https%3A%2F%2Fbitly.com%2Fpages%2Flanding%2Fbranded-short-domains-powered-by-bitly%3Fbsd%3Dbit.ly&hn=www.googleadservices.com&frm=0&tiba=Custom%20Domain%20by%20Bitly&did=dNzMyY2&gdid=dNzMyY2&npa=0&pscdl=noapi&auid=369945135.1730317801&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,d){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=d.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var d=a[b];if(d&&d.Math==Math)return d}throw Error("Cannot find global object");} var m=k(this),p=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},v={};function w(a,b,d){if(!d\|\|a!=null){d=v[b];if(d==null)return a[b];d=a[d];return d!==void 0?d:a[b]}} function x(a,b,d){if(b)a:{var c=a.split(".");a=c.length===1;var e=c[0],g;!a&&e in t?g=t:g=m;for(e=0;e<c.length-1;e++){var f=c[e];if(!(f in g))break a;g=g[f]}c=c[c.length-1];d=p&&d==="es6"?g[c]:null;b=b(d);b!=null&&(a?h(t,c,{configurable:!0,writable:!0,value:b}):b!==d&&(v[c]===void 0&&(a=Math.random()*1E9>>>0,v[c]=p?m.Symbol(c):"$jscp$"+a+"$"+c),h(g,v[c],{co

Chrome Cache Entry: 197

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (34384)
Category:	dropped
Size (bytes):	35522
Entropy (8bit):	5.228009072092989
Encrypted:	false
SSDEEP:
MD5:	31FB1886066DA3A5231257484FD62FEA
SHA1:	4DA4A804AE9145BC18B9673ED88A61860A544163
SHA-256:	0FA587A314DC81C64459C4DA3444689EA40EDBD5086B838ACCBF4BC24B9431F3
SHA-512:	B436A9B4732692A617A9457BE49507D8FB8F1AAABBD91BE4F743AEB7AB7A5564C7C12DA01D0B108B4B8192A8F12B6AB05FA92C9A495AA8478DFA0F1671494DE5
Malicious:	false
Reputation:	unknown
Preview:	!function(){"use strict";var t=function(){function t(){}return t.prototype.trackAnonymousCustomer=function(){},t.prototype.getAnonymousId=function(){return null},t}(),e=function(t,r){return(e=Object.setPrototypeOf\|\|{__proto__:[]}instanceof Array&&function(t,e){t.__proto__=e}\|\|function(t,e){for(var r in e)Object.prototype.hasOwnProperty.call(e,r)&&(t[r]=e[r])})(t,r)};./! ****************************************************************************. Copyright (c) Microsoft Corporation... Permission to use, copy, modify, and/or distribute this software for any. purpose with or without fee is hereby granted... THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH. REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY. AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,. INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM. LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, truncated
Category:	downloaded
Size (bytes):	27
Entropy (8bit):	3.169382490786664
Encrypted:	false
SSDEEP:
MD5:	8C843FFB840DECAC646424269B22D78B
SHA1:	823D50FAA2E9D2D75CAEC02C2595C953F165F956
SHA-256:	CF5E566DC08016A63E1667A2726699C3ADE378330F8E073CC4632D0D19B9F51E
SHA-512:	C0C1F5624728CDBC57F55C77F6D59C53584F74731A25B8C2EC7C8CCE72725C7AB7A1E1266A8940F19E6C018D3E4A6FA36602987E7EC3680CFFE501A44289070C
Malicious:	false
Reputation:	unknown
URL:	https://pixel-config.reddit.com/pixels/a2_fen0j12o3rmb/config
Preview:	...........................

Chrome Cache Entry: 203

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (448)
Category:	downloaded
Size (bytes):	19641
Entropy (8bit):	4.601117009009962
Encrypted:	false
SSDEEP:
MD5:	B73E63680E74A69CEF64F881386CDCD0
SHA1:	834762D77A2DF0E0692E1F58F885FF9088B5E199
SHA-256:	F0F0B187F67F3F4C78278175189530E048CFDAB1C3D074DA1398DFEAF48CD652
SHA-512:	04349159ED9B872BC57968288C9F1B5856EBF30B5FE4F28023A2F9762A4CCBCB9F3ED098FB8A78A56DA0199B534D4E3305CC695BF196D8D177DE3A710CB21678
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/themes/JointsWP-CSS-master/assets/scripts/scripts.js
Preview:	jQuery(document).foundation();./.These functions make sure WordPress.and Foundation play nice together../.jQuery(document).ready(function() { // Remove empty P tags created by WP inside of Accordion and Orbit. jQuery('.accordion p:empty, .orbit p:empty').remove(); // Adds Flex Video to YouTube and Vimeo Embeds. jQuery('iframe[src="youtube.com"], iframe[src="vimeo.com"],iframe[data-src="youtube.com"], iframe[data-src="vimeo.com"]').each(function() { if (jQuery(this).innerWidth() / jQuery(this).innerHeight() > 1.5) { jQuery(this).wrap("<div class='widescreen responsive-embed'/>"); } else { jQuery(this).wrap("<div class='responsive-embed'/>"); } });. jQuery('iframe[data-src="g2.com"]').each(function() { jQuery(this).wrap("<div class='reviews-iframe' />") });..});...jQuery(document).ready(function($) {.. $('h1').each(function(){. id = $(this).text().trim().replace(/[\n `~!@#$%^&()_\|+\-=?;:'",.<>\{\}\[\]\\\/]/gi, '_').toLowerCase();. $(this).attr('data-test

Chrome Cache Entry: 204

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 281 x 101, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2545
Entropy (8bit):	7.872027806706295
Encrypted:	false
SSDEEP:
MD5:	5B074126F1FE900203183320936C50FC
SHA1:	C3BDF958403426AE7F03B7ADC24B61515F671805
SHA-256:	AB502AF0C553FAB01BAB54BFCFDDB8EA2B1C3A5349103F7B5524098EE55BEBE5
SHA-512:	4FD5B23E584F764008A11398AF3F5E172A9BBAB81DD462418184B91D73DFB43654AAD44A3C2DE335D5957954872183A2B996B4B53EB5F3C07DAD3ADCE174A92B
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/logos/65c03a89-92c5-4108-a418-9cce52db7454/d212d9fa-946a-4af5-a0f5-a9f3d8b69103/c48dab6d-84a6-47e6-a792-d5f8c057483e/Artboard_2.png
Preview:	.PNG........IHDR.......e.....y.......pHYs...%...%.IR$.....IDATx...Mr..........E.@.A...o.....YA..DZ..!G.v....+ 8..q../.Z...m........\....Oooo "..+@D..!...2D..C...b..QP.."..!CDA1d.((.....!...2D.....@HU......r[......4...U.L....N......(..........z.2U.L.L...&..l.B'./..@.A4h...K.....E.Rij.`...-."....Kfp.r.qU.^.,..m.uE.b.u.H.,..;....(CF.E..~...^...".QT!Se.g.....W..o..v.u%.b.M.H.e.x.F.6p...F.!...U..........N.2.Dt.:o.TY...o..6.>..0{./...(J.........>,.[.m.(.............\.....%.NB&@.......'[....6....H.4t.Z.....Ms.^^....B..+..4t.Z......-..-..C.=G....;.Z..C.!S....=\.<..H.h...x...T...Z..K.P..\|.0.eE....Q.E.E{t5Z..Y3.T...t.z9.ap.w..,.C...!#..k..2.p..Q....}@..o.`..6V.......0.....N.BCc.7.N4hACF..h.z{7.+a.B.4.r...].....bz.0.d@...wf...-dKF;Nq.....V.E3.[.C4HAZ22.U\|.....j.%.L..Y..Yh..%`..`..c....u.%S...2^n....D.%k...5C....I.............:..]..fp.qi./BT..+!.K3EY.;..,Y.....S.7pG2<.(..(H.P.m..0..i......g.N.%+..z>s.....,.?.4.)$.,X.d4/..R.9....QOU..5>gN.o..W.@U!.Y...

Chrome Cache Entry: 205

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (56495)
Category:	dropped
Size (bytes):	471043
Entropy (8bit):	5.543887205291289
Encrypted:	false
SSDEEP:
MD5:	EAF9AD62D0874A8B2B7DBA9DA9F14E17
SHA1:	46B4D469B13C1731D7AC78710CB400A5601502B3
SHA-256:	CF30D270193B25A960220FF9F70EE32026054E9543C94AFFDC0DC49929C0F95F
SHA-512:	0F5BF4DB9F13CC2ACECD2904A19C2567A58B91C52E0F5B0EA39DF735BDC2BDD80702999E47B98E5B995A6AC3AEA9A706A9FFD9C0A3E8F176858EDC9FCB1EFE95
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]\|\|{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"88",. . "macros":[{"function":"__e"},{"function":"__k","vtp_decodeCookie":false,"vtp_name":"_ga"},{"function":"__jsm","vtp_javascript":["template","(function(){return ",["escape",["macro",1],8,16],".slice(6)})();"]},{"function":"__gtes","vtp_userProperties":["list",["map","name","client_id","value",["macro",2]]]},{"function":"__v","vtp_name":"gtm.element","vtp_dataLayerVersion":1},{"function":"__aev","vtp_varType":"TEXT"},{"function":"__v","vtp_name":"gtm.triggers","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":""},{"function":"__v","vtp_name":"gtm.elementId","vtp_dataLayerVersion":1},{"function":"__jsm","vtp_javascript":["template","(function(){var a=",["escape",["macro",4],8,16],";a=a.closest(\"[id]\");return a.id})();"]},{"function":"__v","vtp_name":

Chrome Cache Entry: 207

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3835)
Category:	dropped
Size (bytes):	264561
Entropy (8bit):	5.562194731540148
Encrypted:	false
SSDEEP:
MD5:	BD602604FF458548107D88133AFC61EC
SHA1:	B958A9720EF8EB5AEA0C4A9B410F29A76A2FBE79
SHA-256:	2982770CB681ABCFF12318D78110AC077D10DC4F5DF25838FBDAD537020B2624
SHA-512:	62CB5EED1EEFF5706034F897671CD61E4607C25DF1A1CCFCAE498F0D5BC65DEE947E102DFC897F9834C9C6C88F061141BFA69EA3C198D42B270CB78BE51F926B
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_ads_datatos","priority":14,"vtp_instanceDestinationId":"AW-768371374","tag_id":111},{"function":"__ogt_dma","priority":4,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":105},{"function":"__ogt_1p_data_v2","priority":4,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameV

Chrome Cache Entry: 208

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	7534
Entropy (8bit):	3.921509757808028
Encrypted:	false
SSDEEP:
MD5:	63212512E8DACB085C9FBC629B5A51F8
SHA1:	31A56D5C3BB2C955A69C59C7637D7DA252B25F90
SHA-256:	8A9656C9C1F7A08F8E9CA62ED0640E4C0AB0500753AC6131458372AEC22EF069
SHA-512:	BF39EAADAE06227E3A876F67E70310B5A8E7412334E4DFE9DA4F85B10848B71E221E24B4F65D4804016C33613777AFA0CF9E9DDA9F4464762B9EA52439CEAB5F
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="UTF-8"?> <svg xmlns="http://www.w3.org/2000/svg" width="120" height="120"><path d="M52.71 20.051c0-2.43-2.293-3.135-4.207-3.043v.378c1.15.028 2.03.41 2.03 1.171 0 .526-.38 1.199-1.53 1.199-.912 0-2.677-.526-4.09-.996-1.557-.526-3.03-1.024-4.263-1.024-2.414 0-4.24 1.79-4.24 3.984 0 1.784 1.354 2.43 1.914 2.665l.176-.295c-.352-.23-.704-.498-.704-1.199 0-.53.468-1.378 1.705-1.378 1.117 0 2.59.498 4.531 1.055 1.677.466 3.53.909 4.531 1.024v3.804l-1.885 1.554v.147l1.885 1.642v5.238c-.972.558-2.09.705-3.057.705-1.798 0-3.503-.47-4.86-1.964l5.063-2.43v-8.4l-6.208 2.752c.649-1.642 1.941-2.72 3.266-3.514l-.092-.295c-3.67.996-7.029 4.362-7.029 8.521 0 4.98 4.059 8.668 8.678 8.668 5.004 0 8.182-3.896 8.122-8.022l-.296-.028c-.733 1.581-1.793 3.075-3.174 3.864v-5.095l1.997-1.582-.028-.175-1.97-1.581v-3.809c1.826 0 3.735-1.231 3.735-3.546v.005zM41.97 33.667l-1.5.728c-.853-1.106-1.41-2.605-1.41-4.684 0-.849.089-1.905.353-2.633l2.59-1.144-.032 7.733zm13.094 2.72l-1.65 1.2

Chrome Cache Entry: 209

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	1784
Entropy (8bit):	5.053234799163481
Encrypted:	false
SSDEEP:
MD5:	5022B9C82665F1034B5964E700492092
SHA1:	1EB645929AE433DBD704C0DC8B722CEDE3978CD5
SHA-256:	49E8C5CBBBADB0730DE3AFE177C05C95A5C7E5FAA5DB25CE5054F173CBAF00C4
SHA-512:	EA3AAACA41F92420F7EB7B2BEA60F6F36BD1976CB3956CB44A3BCEC764ADA58CB92AC4444B88700B567F9EF23CD6D845B3DAC413CD1AE708D1EBD0E2DC6041BA
Malicious:	false
Reputation:	unknown
Preview:	{"payload":{"missingAlts":[{"src":"https://cdn.cookielaw.org/logos/65c03a89-92c5-4108-a418-9cce52db7454/d212d9fa-946a-4af5-a0f5-a9f3d8b69103/c48dab6d-84a6-47e6-a792-d5f8c057483e/Artboard_2.png","alt":null,"approved":false,"decorative":false,"metadata":{"skippedForReadOnly":true,"foundCachedResponse":true}},{"src":"https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/uploads/2019/03/recognizable-brands-bose.svg","alt":null,"approved":false,"decorative":false,"metadata":{"skippedForReadOnly":true,"foundCachedResponse":true}},{"src":"https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/uploads/2019/03/recognizable-brands-buzzfeed.svg","alt":null,"approved":false,"decorative":false,"metadata":{"skippedForReadOnly":true,"foundCachedResponse":true}},{"src":"https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/uploads/2019/03/recognizable-brands-gartner.svg","alt":null,"approved":false,"decorative":false,"metadata":{"skippedForReadOnly"

Chrome Cache Entry: 211

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	13554
Entropy (8bit):	5.202959828582905
Encrypted:	false
SSDEEP:
MD5:	23E8424AA65B5CC6F0693EC20C2CEAE0
SHA1:	0F4F59077D295D0799B9B02C0DA2076F7DD73960
SHA-256:	D890ABF66010907C7A0A61236D25C3C98BCB7EDEC34B13DC887F5BE122BFEF7E
SHA-512:	9D649426DB646BCE98E4A3AAB625CB1DE12F2AFAE943ADC7DD9C5B54740A7E14E20B826E6FA7812CA7ADD18E5A12B4FECA99FF864C8BF29349E200B7A8641B48
Malicious:	false
Reputation:	unknown
Preview:	. {. "name": "otFlat",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtYmFubmVyLXNkayIgY2xhc3M9Im90RmxhdCI+PGRpdiByb2xlPSJkaWFsb2ciPjxkaXYgY2xhc3M9Im90LXNkay1jb250YWluZXIiPjxkaXYgY2xhc3M9Im90LXNkay1yb3ciPjxkaXYgaWQ9Im9uZXRydXN0LWdyb3VwLWNvbnRhaW5lciIgY2xhc3M9Im90LXNkay1laWdodCBvdC1zZGstY29sdW1ucyI+PGRpdiBjbGFzcz0iYmFubmVyX2xvZ28iPjwvZGl2PjxkaXYgaWQ9Im9uZXRydXN0LXBvbGljeSI+PGgyIGlkPSJvbmV0cnVzdC1wb2xpY3ktdGl0bGUiPlRpdGxlPC9oMj48ZGl2IGlkPSJvbmV0cnVzdC1wb2xpY3ktdGV4dCI+dGl0bGU8YSBocmVmPSIjIj5wb2xpY3k8L2E+PC9kaXY+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRhaW5lciI+PGgzIGNsYXNzPSJvdC1kcGQtdGl0bGUiPldlIGNvbGxlY3QgZGF0YSBpbiBvcmRlciB0byBwcm92aWRlOjwvaDM+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRlbnQiPjxwIGNsYXNzPSJvdC1kcGQtZGVzYyI+ZGVzY3JpcHRpb248L3A+PC9kaXY+PC9kaXY+PC9kaXY+PC9kaXY+PGRpdiBpZD0ib25ldHJ1c3QtYnV0dG9uLWdyb3VwLXBhcmVudCIgY2xhc3M9Im90LXNkay10aHJlZSBvdC1zZGstY29sdW1ucyI+PGRpdiBpZD0ib25ldHJ1c3QtYnV0dG9uLWdyb3VwIj48YnV0dG9uIGlkPSJvbmV0cnVzdC1wYy1idG4taGFuZGxlciI+Y2hvaWNlPC9idXR0b2

Chrome Cache Entry: 214

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13479)
Category:	downloaded
Size (bytes):	13577
Entropy (8bit):	5.272065782731947
Encrypted:	false
SSDEEP:
MD5:	9FFEB32E2D9EFBF8F70CAABDED242267
SHA1:	3AD0C10E501AC2A9BFA18F9CD7E700219B378738
SHA-256:	5274F11E6FB32AE0CF2DFB9F8043272865C397A7C4223B4CFA7D50EA52FBDE89
SHA-512:	8D6BE545508A1C38278B8AD780C3758AE48A25E4E12EEE443375AA56031D9B356F8C90F22D4F251140FA3F65603AF40523165E33CAE2E2D62FC78EC106E3D731
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-includes/js/jquery/jquery-migrate.min.js
Preview:	/! jQuery Migrate v3.4.1 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /."undefined"==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],function(e){return t(e,window)}):"object"==typeof module&&module.exports?module.exports=t(require("jquery"),window):t(jQuery,window)}(function(s,n){"use strict";function e(e){return 0<=function(e,t){for(var r=/^(\d+)\.(\d+)\.(\d+)/,n=r.exec(e)\|\|[],o=r.exec(t)\|\|[],a=1;a<=3;a++){if(+o[a]<+n[a])return 1;if(+n[a]<+o[a])return-1}return 0}(s.fn.jquery,e)}s.migrateVersion="3.4.1";var t=Object.create(null);s.migrateDisablePatches=function(){for(var e=0;e<arguments.length;e++)t[arguments[e]]=!0},s.migrateEnablePatches=function(){for(var e=0;e<arguments.length;e++)delete t[arguments[e]]},s.migrateIsPatchEnabled=function(e){return!t[e]},n.console&&n.console.log&&(s&&e("3.0.0")&&!e("5.0.0")\|\|n.console.log("JQMIGRATE: jQuery 3.x-4.x REQUIRED"),s.migrateWarnings

Chrome Cache Entry: 216

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	787
Entropy (8bit):	4.466644214473569
Encrypted:	false
SSDEEP:
MD5:	DBCAF3940FBF0C31994E661E8F0676D8
SHA1:	B30B8668EA947628964FF04CBB3208E65B54532E
SHA-256:	36B9B75B104626A8CD77A6C8570A5E1A0FA7C7760012DD91169C82CA2E8750D8
SHA-512:	98A4A75BD6E5E45010D88BA21EEEAB5C4BC7C8BD819083559704ABAE9A0642DC1E32BD19774CBAD269C6BECDBB723F5B8544FF257948E0D1227A258475822389
Malicious:	false
Reputation:	unknown
Preview:	<svg width="16" height="17" viewBox="0 0 16 17" fill="none" xmlns="http://www.w3.org/2000/svg">.<g id="caret-filled">.<path id="Vector" d="M13.3541 6.85375L8.35414 11.8538C8.30771 11.9002 8.25256 11.9371 8.19186 11.9623C8.13117 11.9874 8.0661 12.0004 8.00039 12.0004C7.93469 12.0004 7.86962 11.9874 7.80892 11.9623C7.74823 11.9371 7.69308 11.9002 7.64664 11.8538L2.64664 6.85375C2.57664 6.78382 2.52895 6.6947 2.50963 6.59765C2.4903 6.50061 2.50021 6.40002 2.53808 6.3086C2.57596 6.21719 2.64011 6.13908 2.7224 6.08414C2.8047 6.0292 2.90145 5.99992 3.00039 6H13.0004C13.0993 5.99992 13.1961 6.0292 13.2784 6.08414C13.3607 6.13908 13.4248 6.21719 13.4627 6.3086C13.5006 6.40002 13.5105 6.50061 13.4912 6.59765C13.4718 6.6947 13.4242 6.78382 13.3541 6.85375Z" fill="#031F39"/>.</g>.</svg>.

Chrome Cache Entry: 217

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (30405), with no line terminators
Category:	downloaded
Size (bytes):	30405
Entropy (8bit):	5.023914978788119
Encrypted:	false
SSDEEP:
MD5:	F2AF0550FD876A33DDEA966E61B5093B
SHA1:	6C1D7C6300FABA4E2F4E88EAEA34BC33DE0CDA60
SHA-256:	88774A690C8481144DBB8919E693669B2FE915D3898D78BEED8A0C38673DE186
SHA-512:	8105A4185E351ADCD33312A9D8E5C0639C954EF39CCA19EA130AEF7CC015D84BB9E00B03136876F0EF7285DAC6C9F8D32C171287953F43C951F6CBCCAA6B9531
Malicious:	false
Reputation:	unknown
URL:	https://cdn.userway.org/styles/2024-10-25-08-38-44/widget_base.css?v=1729845524407
Preview:	:root .uai,:root .ulsti,_::-webkit-full-page-media,_:future{outline-offset:-10px}.uw-s10-reading-guide{display:none;box-sizing:border-box;background:#000;width:40vw!important;min-width:200px!important;position:absolute!important;height:12px!important;border:solid 3px #fff300;border-radius:5px;top:20px;z-index:2147483647;transform:translateX(-50%)}.uw-s10-reading-guide__arrow{bottom:100%;left:50%;transform:translateX(-50%);width:20px;height:0;position:absolute}.uw-s10-reading-guide__arrow:after,.uw-s10-reading-guide__arrow:before{content:"";bottom:100%;left:50%;border:solid transparent;height:0;width:0;position:absolute;pointer-events:none}.uw-s10-reading-guide__arrow:after{border-bottom-color:#000;border-width:14px;margin-left:-14px}.uw-s10-reading-guide__arrow:before{border-bottom-color:#fff300;border-width:17px;margin-left:-17px}.uw-s10-left-ruler-guide,.uw-s10-right-ruler-guide{width:16px;height:9px;background:0 0;display:none;position:absolute!important;z-index:2147483647;transform

Chrome Cache Entry: 218

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (5224), with no line terminators
Category:	downloaded
Size (bytes):	5224
Entropy (8bit):	5.721657539111297
Encrypted:	false
SSDEEP:
MD5:	7796AA4AE84B9026A8FBC4CF1C5133B6
SHA1:	6562D6B83239188E1BE50689F3A81D70476EE505
SHA-256:	E61B1BD924026C33D4CC8EF21FA2BD1AB0872190139E5DD2055A797EB65E3E59
SHA-512:	5F54FE0B1031596A0A35DE6A057DE8A59D0B58E930B5F19705247D5FF4E567DE691CFBBC3573D43367400E5D53E3199619B9771A37B91127E8A7F1E862CA546E
Malicious:	false
Reputation:	unknown
URL:	https://td.doubleclick.net/td/rul/768371374?random=1730317801480&cv=11&fst=1730317801480&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4as0v868422665z8846725585za200zb846725585&gcd=13r3r3r3r5l1&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1280&u_h=1024&url=https%3A%2F%2Fbitly.com%2Fpages%2Flanding%2Fbranded-short-domains-powered-by-bitly%3Fbsd%3Dbit.ly&hn=www.googleadservices.com&frm=0&tiba=Custom%20Domain%20by%20Bitly&did=dNzMyY2&gdid=dNzMyY2&npa=0&pscdl=noapi&auid=369945135.1730317801&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
Preview:	<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjk1MTY3OTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0="></head><body><script>var ig_list={"interestGroups":[{"action":0,"expirationTimeInSeconds":2592000,"interestGroupAttributes":{"owner":"https://td.doubleclick.net","name":"4s369945135.1730317801","biddingLogicUrl":"https://td.doubleclick.net/td/bjs","dailyUpdateUrl":"https://td.doubleclick.net/td/update?ig_name=4s369945135.1730317801\u0026ig_key=1sNHMzNjk5NDUxMzUuMTczMDMxNzgwMQ!2sZ0oa6w!3sAAptDV67SHBW","trustedBiddingSignalsUrl":"https://td.doubleclick.net/td/bts","trustedBiddingSignalsKeys":["1shOBRJQ!2sZ0oa6w!3sAAptDV67SHBW"],"userBiddingSignals":[["826702699","783411502"],null,1730317803801918],"ads":[{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=170377431249\u0026cr_id=71

Chrome Cache Entry: 219

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (30788), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	68011
Entropy (8bit):	5.4124057185865375
Encrypted:	false
SSDEEP:
MD5:	5A2D96D0A24081EA8245FBCE4A9E08A6
SHA1:	58CA9BBF11588EC04431459DF4A297927190A871
SHA-256:	2AA67C471CDE797505424D29DFFF358831131C7F032FCC970D3BC3A7721117FB
SHA-512:	1476FAD65DEA4D1524AECC54FB72D9956DF91258E27FD77B8E22C36567B066F198C4FF2C8FB42256861FD914D80E362B0BE1602C586132F0D733477FADEB6CF2
Malicious:	false
Reputation:	unknown
URL:	https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly
Preview:	<!DOCTYPE html>.<html class="no-js" lang="en-US"> .<head>.<meta charset="utf-8">.<link rel="preload" href="//cdn.optimizely.com/js/16488430484.js" as="script"> .<link rel="preload" href="https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/cache/fvm/min/1729256436-css6a3a42c8ef9b43e1ac5313ba3c0351bad079abf14962a6901d7a3e97a6a07.css" as="style" media="all"> .<link rel="preload" href="https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-includes/js/jquery/jquery.min.js" as="script"> .<link rel="preload" href="https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-includes/js/jquery/jquery-migrate.min.js" as="script">.<script data-cfasync="false">if(navigator.userAgent.match(/MSIE\|Internet Explorer/i)\|\|navigator.userAgent.match(/Trident\/7\..*?rv:11/i)){var href=document.location.href;if(!href.match(/[?&]iebrowser/)){if(href.indexOf("?")==-1){if(href.indexOf("#")==-1){document.location.href=href+"?iebrowser=1"}else{document.location.href=href.replace

Chrome Cache Entry: 220

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4874), with no line terminators
Category:	dropped
Size (bytes):	4874
Entropy (8bit):	5.830121267292146
Encrypted:	false
SSDEEP:
MD5:	36699DCF74F0D61F9FF1962E158AC873
SHA1:	8DA441089FB1281122B8684483B4CB10C64A08A2
SHA-256:	78721C3EA91AB97F4A17148A364355A743BA141F0CC3DE92087EA3D25A301EEB
SHA-512:	74BF38F22477E77ADBBDF10EA71F69B3F76E17B1C1361772A3A8A79B3AF1D88C104BB45DE36AF696511755E724B2CC3A6EA872D05283BAF0D5E7797FD646A034
Malicious:	false
Reputation:	unknown
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,d){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=d.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var d=a[b];if(d&&d.Math==Math)return d}throw Error("Cannot find global object");} var m=k(this),p=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},v={};function w(a,b,d){if(!d\|\|a!=null){d=v[b];if(d==null)return a[b];d=a[d];return d!==void 0?d:a[b]}} function x(a,b,d){if(b)a:{var c=a.split(".");a=c.length===1;var e=c[0],g;!a&&e in t?g=t:g=m;for(e=0;e<c.length-1;e++){var f=c[e];if(!(f in g))break a;g=g[f]}c=c[c.length-1];d=p&&d==="es6"?g[c]:null;b=b(d);b!=null&&(a?h(t,c,{configurable:!0,writable:!0,value:b}):b!==d&&(v[c]===void 0&&(a=Math.random()*1E9>>>0,v[c]=p?m.Symbol(c):"$jscp$"+a+"$"+c),h(g,v[c],{co

Chrome Cache Entry: 225

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	6763
Entropy (8bit):	4.705697046024456
Encrypted:	false
SSDEEP:
MD5:	5D9FE236FAE43C4EF4DE896DFCE8D5FC
SHA1:	73EA7F01943B65BA12A0E243E3EE9C9D54528FAB
SHA-256:	ED8C6DABDE99C4E37CF4E32907FE11FC20AFA51007A331E8D460CF42E4AAC0FC
SHA-512:	9A8D22A1B4F04ADD453E8ACDC6786CBA698079E44D04C24AB1EF92A7EFF37236A81AD0D9A8D2147798DA3EC2C56F1ABD7C4DE37366A84844F2CF2C8BD5709627
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/themes/JointsWP-CSS-master/assets/scripts/onetrust.js
Preview:	..window.dataLayer = window.dataLayer \|\| []; function gtag(){dataLayer.push(arguments);} .gtag('set', 'developer_id.dNzMyY2', true); .gtag('consent', 'default', {'analytics_storage': 'denied'}); .gtag('consent', 'default', {'ad_storage': 'denied'});.//consent v2.gtag('consent', 'default', {'ad_user_data': 'denied'}); .gtag('consent', 'default', {'ad_personalization': 'denied'});..window.uetq = window.uetq \|\| [];.window.uetq.push('consent', 'default', {'ad_storage': 'denied'});...function OptanonWrapper() {.. var consentedGroups = 'none';.. if(typeof OptanonWrapperCount == "undefined"){. otGetInitialGrps();. }.. // Get initial OnetrustActiveGroups ids. if (OnetrustActiveGroups.indexOf('C0002') != -1) { . gtag('consent', 'update', {'analytics_storage': 'granted'});. gtag('consent', 'update', {'ad_user_data': 'granted'});.. //console.log('analytics_storage:granted');.. consentedGroups = 'C0002';. } .. if (OnetrustActiveGroups.indexOf

Chrome Cache Entry: 226

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	13
Entropy (8bit):	2.7773627950641693
Encrypted:	false
SSDEEP:
MD5:	C83301425B2AD1D496473A5FF3D9ECCA
SHA1:	941EFB7368E46B27B937D34B07FC4D41DA01B002
SHA-256:	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
SHA-512:	83BAFE4C888008AFDD1B72C028C7F50DEE651CA9E7D8E1B332E0BF3AA1315884155A1458A304F6E5C5627E714BF5A855A8B8D7DB3F4EB2BB2789FE2F8F6A1D83
Malicious:	false
Reputation:	unknown
URL:	https://td.doubleclick.net/td/ga/rul?tid=G-567GCTL9BB&gacid=1314844360.1730317799&gtm=45je4as0v873572655z8846725585za200zb846725585&dma=0&gcs=G111&gcd=13r3r3r3r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629&z=1816143445
Preview:	<html></html>

Chrome Cache Entry: 227

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3835)
Category:	downloaded
Size (bytes):	234252
Entropy (8bit):	5.5602617433217745
Encrypted:	false
SSDEEP:
MD5:	13FDF9912637B2FB52F30D5270EE9B9D
SHA1:	5D0782490E2C565A72E24207111F9F578B557013
SHA-256:	ECBF0B84B998943292B807C27E2621779F4924B8812C27CECE931519BDADB5BE
SHA-512:	8994A40364C9002E500F93351128C3C32A57CCA886DA3F3C921F6B27B2D58DD297EECE7B90EA261C3CDFEA148E4E0E7236A8D96FD366F21B0FDCA5820D2EE5A2
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/destination?id=DC-12389169&l=dataLayer&cx=c
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__rep","vtp_containerId":"DC-12389169","vtp_remoteConfig":["map"],"tag_id":5},{"function":"__ogt_dma","priority":0,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":8},{"function":"__ogt_1p_data_v2","priority":0,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_

Chrome Cache Entry: 231

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (64844)
Category:	downloaded
Size (bytes):	72747
Entropy (8bit):	5.411757264250548
Encrypted:	false
SSDEEP:
MD5:	7F95EE718457194B23C2F8DE73F55DC8
SHA1:	FA7E839EE8FCB1D134847B866528D9B563C80CE1
SHA-256:	123DB9E835968EA2CD53A5377074DABC6D9538BF4C3C5A383174CDBD3E6B16DA
SHA-512:	FA05FDBE01DE763A2AF7A2A7C49A7972A2CD12F5F9BA9396898B592955AF7B7B2CB85D8700B2BA4A2767FEF2B0DFE7F27C3C196AC1933A0A41E50793C16A5CE5
Malicious:	false
Reputation:	unknown
URL:	https://js-eu1.hs-banner.com/v2/26740822/banner.js
Preview:	var _hsp = window['_hsp'] = window['_hsp'] \|\| [];._hsp.push(['setBannerSettings', {}]);._hsp.push(['setCustomizationSettings', {}]);._hsp.push(['addCookieDomain', '.hubspotpagebuilder.eu']);._hsp.push(['addCookieDomain', '.bitly.com']);._hsp.push(['addCookieDomain', '.hsforms.com']);._hsp.push(['addCookieDomain', '.bitly.net']);._hsp.push(['addCookieDomain', '.hubspot.com']);._hsp.push(['addCookieDomain', '.bitly.org']);._hsp.push(['addCookieDomain', '.hs-sites-eu1.com']);._hsp.push(['addCookieDomain', '.qr-code-generator.com']);._hsp.push(['setApiBaseUrl', 'https://js-eu1.hs-banner.com/v2']);./*. HubSpot Cookie Banner Code Copyright 2024 HubSpot, Inc. http://www.hubspot.com. */.!function(){var e=[,function(e,t){var n;function o(){var e,t;t=arguments[0]\|\|{};this.config={};this.config.elements=t.elements?t.elements:[];this.config.attributes=t.attributes?t.attributes:{};this.config.attributes[o.ALL]=this.config.attributes[o.ALL]?this.config.attributes[o.ALL]:[];this.config.allow_comm

Chrome Cache Entry: 232

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (3276), with no line terminators
Category:	downloaded
Size (bytes):	3276
Entropy (8bit):	5.793568260939459
Encrypted:	false
SSDEEP:
MD5:	39F106B3495E40EAAACECF944021184B
SHA1:	1AA7F979F79AC3B3B37B9B2FD60B0C19D744C248
SHA-256:	3A358FE6C9A4EB1B2A3F5831FBA6880EAAF53F35C490E8B2494EABE349C64891
SHA-512:	F5B6CF09952EDBB89F8F466945879EE30A53B6C40339C079FA5ADCD56B5E0F825D893427B077977D15710A407F849F74F36EEC18AB8BFAD57A139147CF6E9ED9
Malicious:	false
Reputation:	unknown
URL:	https://td.doubleclick.net/td/rul/11180849338?random=1730317801485&cv=11&fst=1730317801485&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4as0v9117923533z8846725585za200zb846725585&gcd=13r3r3r3r5l1&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1280&u_h=1024&url=https%3A%2F%2Fbitly.com%2Fpages%2Flanding%2Fbranded-short-domains-powered-by-bitly%3Fbsd%3Dbit.ly&hn=www.googleadservices.com&frm=0&tiba=Custom%20Domain%20by%20Bitly&did=dNzMyY2&gdid=dNzMyY2&npa=0&pscdl=noapi&auid=369945135.1730317801&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
Preview:	<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjk1MTY3OTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0="></head><body><script>var ig_list={"interestGroups":[{"action":0,"expirationTimeInSeconds":2592000,"interestGroupAttributes":{"owner":"https://td.doubleclick.net","name":"4s369945135.1730317801","biddingLogicUrl":"https://td.doubleclick.net/td/bjs","dailyUpdateUrl":"https://td.doubleclick.net/td/update?ig_name=4s369945135.1730317801\u0026ig_key=1sNHMzNjk5NDUxMzUuMTczMDMxNzgwMQ!2sZ0oa6w!3sAAptDV67SHBW","trustedBiddingSignalsUrl":"https://td.doubleclick.net/td/bts","trustedBiddingSignalsKeys":["1shOBRJQ!2sZ0oa6w!3sAAptDV67SHBW"],"userBiddingSignals":[["8459936488"],null,1730317803846460],"ads":[{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=170377431249\u0026cr_id=715630841185\

Chrome Cache Entry: 235

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4859), with no line terminators
Category:	downloaded
Size (bytes):	4859
Entropy (8bit):	5.826548832341981
Encrypted:	false
SSDEEP:
MD5:	E12B97D75C3629BF6EAE8648325614A5
SHA1:	064B0617046CB145D46A2B0E768B35F1DD51AB48
SHA-256:	F0FC2E0AC5B6CABCD6DC960989ECFC940B61BC25D28D649A8BC832D134BEB9D3
SHA-512:	9C6FD77E2837877EBBAEAD284BCE73FF59BB03DB3B1677A448C54DE8733C7A148C26CB4CD943630407766A780EB238DECA934D9A8356D84CCB04C1E28C14F7C7
Malicious:	false
Reputation:	unknown
URL:	https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11180849338/?random=1730317801485&cv=11&fst=1730317801485&bg=ffffff&guid=ON&async=1&gtm=45be4as0v9117923533z8846725585za200zb846725585&gcd=13r3r3r3r5l1&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1280&u_h=1024&url=https%3A%2F%2Fbitly.com%2Fpages%2Flanding%2Fbranded-short-domains-powered-by-bitly%3Fbsd%3Dbit.ly&hn=www.googleadservices.com&frm=0&tiba=Custom%20Domain%20by%20Bitly&did=dNzMyY2&gdid=dNzMyY2&npa=0&pscdl=noapi&auid=369945135.1730317801&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,d){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=d.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var d=a[b];if(d&&d.Math==Math)return d}throw Error("Cannot find global object");} var m=k(this),p=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},v={};function w(a,b,d){if(!d\|\|a!=null){d=v[b];if(d==null)return a[b];d=a[d];return d!==void 0?d:a[b]}} function x(a,b,d){if(b)a:{var c=a.split(".");a=c.length===1;var e=c[0],g;!a&&e in t?g=t:g=m;for(e=0;e<c.length-1;e++){var f=c[e];if(!(f in g))break a;g=g[f]}c=c[c.length-1];d=p&&d==="es6"?g[c]:null;b=b(d);b!=null&&(a?h(t,c,{configurable:!0,writable:!0,value:b}):b!==d&&(v[c]===void 0&&(a=Math.random()*1E9>>>0,v[c]=p?m.Symbol(c):"$jscp$"+a+"$"+c),h(g,v[c],{co

Chrome Cache Entry: 236

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	3532
Entropy (8bit):	4.789448557978463
Encrypted:	false
SSDEEP:
MD5:	1CF8E497D1649348D861416B7552C484
SHA1:	28C0F34CCF10FC2D01515D3A7C96C0A9B682C344
SHA-256:	110A3EDE88E0B4CBDF38FC7AAAC2E617EAFFC90F89F97F12F980BF3C494FE1B1
SHA-512:	B66563BA00266AD4B9198956912A8F6DE29719E9174807326E385364716E88BC0D252AA6A8EF374968DAC562690BE521E3DB9DDA2C18B2F155FA7398837B0A76
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/themes/JointsWP-CSS-master/assets/scripts/mega-menu.js
Preview:	jQuery(document).ready(function ($) {. $(".top-bar .menu-icon").on("click", function () {. var bod = $("html, body");. var navContainer = $(".top-bar .top-bar-right");. var nav = $(".top-bar .nav-wrap");. var announcements = $(".announcements");.. bod.toggleClass("menu-open");. navContainer.toggleClass("nav-open");. nav.toggleClass("open");. announcements.toggleClass("hidden");. });.. $(".top-bar li.menu-item-has-children > a").on(. "click touchend",. function (e) {. if (. e.target.nodeName === "A" &&. !$(e.target).closest(".mega-menu__container-inner").length. ) {. e.preventDefault();. }.. // Check if the closest click was within the mega menu, return if it was. if ($(e.target).closest(".mega-menu__container-inner").length) {. return;. }.. // If the window is above 1023px, bail. if ($(window).width() > 1023) {. return;. }.. var megaMenu = $(this).parent().find(".mega-m

Chrome Cache Entry: 237

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 43473
Category:	downloaded
Size (bytes):	12126
Entropy (8bit):	7.9862712081532035
Encrypted:	false
SSDEEP:
MD5:	5E9AC3A42B557BF8CA38CF2E8BABA70B
SHA1:	384C001B3FA47AD5D2A6001A05C700DF75492609
SHA-256:	C5E0F994B0C6C1C43D0C0FDE35AE8B72D458D31A8B2A17CA6E030C3C8D3C6FF2
SHA-512:	65EE94F5AB3621A8220BECB8AF3F7A348DA789E89F22007D2484B5F6365AD4100EB9178F18C83BEEDFBBDCBADE0683ACFFC94CE5D22A57AC38DBFBE119524D5E
Malicious:	false
Reputation:	unknown
URL:	https://www.redditstatic.com/ads/pixel.js
Preview:	...........;ks.....n..i....k\....<.L..J..P"$F.q....{.%....;;.6.B.}N.w.>.....I.0(EF.J..t$T=4......yc....J...T.4..%......."\..F......d..%...U52..c+>F..f..JV...... ......."tW>..[.x....L.Q.P.u't..\]wF..w=.._.z....Boi...'.c.FIl<m6M..]u.;..K....F..'.Y.R........AK.M..3.c.N.....D....yf..&...Y2oz......uS..Q.j.]&$...8[.i..6cT..L5.....#..Q.&hj;I.=6I.L.^,F..v;z\&...S4.....N.h...\|.].@..D..B.=a..pz.P.....e.5...vQ....G~.fK...2..A.r9ko...ihO...R...[-...}.=.T.39O!.3"....(.....C.....q...8.E..6...}..]t.D...'gN.;.2.>....k.+.S)D.....0...".Q.i.,./r.(....Nn.Tmhz.m.Kx]Zj....y.<...;.D.r..H...U....@%.Kb...W.V.{..`i......._...'.!)5.CGd.....e.+^...E.8.Q..d.....4.#...\|_.7.UCm..I{.{.f['...`..c:mBjMp......N..F..1.>*. YR...N....~te.B.}n....M..q.<...x.....N:.6.....CT..+^.1........!;...8....P..d+>.q",3..qW.....qb....:....C@ey.$..c.D.e..D...-..<...!......$.d...I`sj.;yplf.....<Y.2I.y.L.Du1".K..... gWn.4.2.....l..0ri....I...Q......X.x.}.?.......A.I..).g.a4.....o..-c

Chrome Cache Entry: 238

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	339
Entropy (8bit):	4.922843572619575
Encrypted:	false
SSDEEP:
MD5:	A0438F2CD33A701C54D3BF3AC385E5E9
SHA1:	899E2E48CEEE602E7DB39F1D3E7116BBEE3C7B0E
SHA-256:	D1494C2EF8414FAAA7F0524218E7E96F092F5C08F643956B6647E67D006CF623
SHA-512:	3D2E2EB25242B758D21A9223729EB5CA0D5642E91D6FD23CCB41938E04232D94E39BB785C44042B695A2A10DCFCF1591FBE89D01BECCD652C42C10B5F9A8632A
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="UTF-8"?> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-x"><line x1="18" y1="6" x2="6" y2="18"></line><line x1="6" y1="6" x2="18" y2="18"></line></svg>

Chrome Cache Entry: 239

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1417
Entropy (8bit):	4.319005332007678
Encrypted:	false
SSDEEP:
MD5:	9A838B4CD48BFFCB33B42F828742F926
SHA1:	8AEB01901F7209B9C1A8763A6453F89428F3FEA3
SHA-256:	9EF02A682EDFF50A697E544A6F085B9333460ABC749A0F5746D6B3A6FAC6DCD6
SHA-512:	0E9FD7B926CFEE9213DC311BBA2178B8DECAA1DFE64CF4CF1033DA5720D13CE26DBB30BF26F7B2587431AC800A162A77756ADA8B44FF5D101DE1032D2DF39673
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/uploads/2019/03/recognizable-brands-bose.svg
Preview:	<?xml version="1.0" encoding="UTF-8"?> <svg xmlns="http://www.w3.org/2000/svg" width="120" height="120"><path d="M95.04 56.15H115l-.006-2.15H88.386l-7.931 13h18.523l1.33-2.15H89.717l2.023-3.275h10.592l1.278-2.15H93.07l1.97-3.275zM41.516 54H26.19l-6.605 10.85H5L5.007 67h29.428c1.956 0 2.59-.922 3.013-1.638l1.585-2.661c.423-.717.423-1.536-.423-1.996.848 0 2.008-.563 2.695-1.74l1.586-2.61c.793-1.28-.159-2.355-1.374-2.355zm-7.874 8.752l-.793 1.228c-.211.41-.581.87-1.48.87h-3.91l2.01-3.275h3.803c.687 0 .687.614.37 1.177zm3.329-5.425l-.793 1.228c-.211.41-.581.87-1.48.87h-3.91l2.008-3.275h3.805c.687 0 .687.614.37 1.177zM62.227 54H50.22c-1.647 0-3.772 0-5.047 2.15l-5.313 8.7c-.744 1.177-.106 2.15 1.275 2.15h13.972c1.435 0 2.338-.41 3.453-2.15l5.313-8.7c.69-1.126-.372-2.15-1.646-2.15zm-6.748 3.327l-3.984 6.5c-.531.921-1.01 1.023-2.232 1.023-1.222 0-1.54-.41-1.168-1.024l4.037-6.5c.585-.972 1.275-1.176 2.285-1.176 1.01 0 1.593.307 1.062 1.177zm24.495 2.098c1.641 0 1.907 1.177 1.376 2.15l-2.382 3.

Chrome Cache Entry: 240

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1651
Entropy (8bit):	4.349491397632138
Encrypted:	false
SSDEEP:
MD5:	657B673E13E554CE086DC109E19396EC
SHA1:	A2836FC85C2098943854B72DD035FFD79106C6DD
SHA-256:	3F13638709A113A8BE1B42DC5C7C345F9FFD244A993914188273958D9B9BC70E
SHA-512:	FB832C1D47352A33485BFA1E137D6AAE242CC313EA2A2F3C6B0DD29B0B9926F892AB9C66668B93F7936E482F509C98566AE9DF8D07D7111F451697EFDF9163D8
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/uploads/2019/03/recognizable-brands-buzzfeed.svg
Preview:	<?xml version="1.0" encoding="UTF-8"?> <svg xmlns="http://www.w3.org/2000/svg" width="120" height="120"><path d="M5 70V51h8.363c3.563 0 5.396 2.309 5.396 4.837 0 2.36-1.463 3.986-3.233 4.36 2.024.31 3.602 2.283 3.602 4.643 0 2.877-1.858 5.16-5.447 5.16H5zm9.686-13.44c0-1.174-.84-2-2.189-2h-3.5v3.986h3.5c1.35 0 2.19-.761 2.19-1.987zm.37 7.713c0-1.2-.84-2.167-2.394-2.167H8.997v4.334h3.678c1.477 0 2.38-.8 2.38-2.167zm6.09-.09V56h3.642v8.068c0 1.623.994 2.8 2.931 2.8 1.911 0 2.919-1.177 2.919-2.8V56h3.628v8.17c0 3.426-2.079 5.83-6.534 5.83s-6.585-2.43-6.585-5.817zM35.277 70v-2.755l6.123-8.03h-6.124V56h10.987v2.637l-6.238 8.148h6.352V70h-11.1zm12.11 0v-2.755l6.123-8.03h-6.124V56h10.987v2.637l-6.238 8.148h6.352V70h-11.1zm13.119 0V51h13.119v3.56h-9.089v3.986h6.842v3.56h-6.842V70h-4.03zm11.1-7.013c0-3.862 2.993-6.987 7.182-6.987 4.163 0 6.947 2.987 6.947 7.313v.825H75.417c.26 1.624 1.64 2.987 3.994 2.987 1.184 0 2.784-.475 3.682-1.3l1.64 2.325C83.352 69.362 81.167 70 79.02 70c-4.228 0-7.415-2.

Chrome Cache Entry: 242

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	412006
Entropy (8bit):	5.162940326811082
Encrypted:	false
SSDEEP:
MD5:	F6FE81C1DEF393F5F6B736F307792306
SHA1:	9959AD007C70C58B000D5D9D7F7DFF14AD80AE7D
SHA-256:	3DD84A670D57CC9E806EF731B811FBF0DA4B17A01B9EF5AE70AD3374841DC1CD
SHA-512:	5507471941F10B69FC25FA5EA56EC495ED1D7793D03681810EBC21C291BBEA34588C45052729325E63CA841D29475FBE944E88AB3A5B5A61E21D3DE0B74924FB
Malicious:	false
Reputation:	unknown
URL:	https://cdn.userway.org/remediations/consolidated/3454985/Dd7Vm0on3vGFfcVY.json
Preview:	{"VagueLinks":[],"Headings":[],"Forms":[],"AriaEditorValues":[],"EmptyControls":[],"Language":[],"Contrast":[],"ExternalLink":[],"BrokenLink":[],"Pdfs":[{"id":4988983,"pdf_hash":"3064850669026935"},{"id":4989060,"pdf_hash":"2129155896845266"},{"id":4989173,"pdf_hash":"6905702415665291"},{"id":4989177,"pdf_hash":"4938411763792676"},{"id":4989449,"pdf_hash":"1593571869006626"},{"id":4990344,"pdf_hash":"1487804551220544"},{"id":4990646,"pdf_hash":"6611856952152018"},{"id":4990752,"pdf_hash":"316347875212530"},{"id":4990873,"pdf_hash":"7925529162128800"},{"id":4990888,"pdf_hash":"48639127407174"},{"id":4990889,"pdf_hash":"1240158272038139"},{"id":4991213,"pdf_hash":"677304476465885"},{"id":4991408,"pdf_hash":"6827352676498802"},{"id":4991703,"pdf_hash":"1310964180967395"},{"id":4991729,"pdf_hash":"1026217975095196"},{"id":4992105,"pdf_hash":"1968800929766386"},{"id":4992292,"pdf_hash":"8932046062882648"},{"id":4992305,"pdf_hash":"6029104342420315"},{"id":4992720,"pdf_hash":"497425535222512

Chrome Cache Entry: 244

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	827
Entropy (8bit):	5.234200475843092
Encrypted:	false
SSDEEP:
MD5:	762A4197FF893A346271C576DD574117
SHA1:	29D642B099A98AB7B88F1EFEF8E8B44EB0D126B1
SHA-256:	B2A1950C2DCBF4D2BA5AB3207304C81290B8ADD1FF89F1FC8D9FF3ADC201847F
SHA-512:	1B6D30E9714307C5AC03880447E431160D5E9B546E5240CBDB7A169D2C500C31591DB492B31A04C97B44B5015DFB2333208D7635A7D8D3E7F76513BEA23D0F36
Malicious:	false
Reputation:	unknown
Preview:	{"thisPageItems":[{"href":"file:///C:/Users/Ella/Downloads/mtb_sectional_title_plans.pdf"},{"href":"newtab:https%3A//s17233.pcdn.co/blog/wp-content/uploads/2024/02/Bitly-Accessibility-Conformance-Report-2023-12-21.pdf"},{"href":"http://internal/tab?url=https%3A%2F%2Fs17233.pcdn.co%2Fblog%2Fwp-content%2Fuploads%2F2024%2F02%2FBitly-Accessibility-Conformance-Report-2023-12-21.pdf&referrer=https%3A%2F%2Fbitly.com%2Fpages%2Fhome%2Fbcp%3Futm_source%3Dpreview_page%26utm_tag%3Dhouse_ad&target=_blank"},{"href":"http://internal/tab?url=https%3A%2F%2Fs17233.pcdn.co%2Fblog%2Fwp-content%2Fuploads%2F2024%2F02%2FBitly-Accessibility-Conformance-Report-2023-12-21.pdf&referrer=https%3A%2F%2Fbitly.com%2F%3Futm_source%3Dpreview_page%26utm_tag%3Dhouse_ad&target=_blank"}],"totalNumber":4,"lastPageIndex":1,"pageItemType":"BrokenLinkHref"}

Chrome Cache Entry: 245

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65450)
Category:	downloaded
Size (bytes):	226541
Entropy (8bit):	5.378840825832781
Encrypted:	false
SSDEEP:
MD5:	EC34F7A549BB7B8A0957652DE86E3475
SHA1:	C49251C4A953052F327F76A0275135E102AD8536
SHA-256:	C0D57EFF0936A57E0C8D6BC93314585C734E5ADE88D6DE970E1E305AE5D87224
SHA-512:	805FB48BF271D8960E19B014D07FDEA5A054036636FC4074781418E020DB1CCD8B773853AE3A59F44DBAC0C5E53ABCC70266DF6E908FDC5D46783FB2106BE777
Malicious:	false
Reputation:	unknown
URL:	https://script.hotjar.com/modules.625495a901d247c3e8d4.js
Preview:	/! For license information please see modules.625495a901d247c3e8d4.js.LICENSE.txt /.!function(){var e={4788:function(e,t,n){"use strict";n.d(t,{s:function(){return r}});const r=Object.freeze({IDENTIFY_USER:"identify_user",AUTOTAG_RECORDING:"autotag_recording",TAG_RECORDING:"tag_recording",HEATMAP_HELO:"heatmap_helo",RECORDING_HELO:"recording_helo",REPORT_USER_ID:"report_user_id",MUTATION:"mutation",MOUSE_CLICK:"mouse_click",INPUT_CHOICE_CHANGE:"input_choice_change",KEY_PRESS:"key_press",MOUSE_MOVE:"mouse_move",RELATIVE_MOUSE_MOVE:"relative_mouse_move",CLIPBOARD:"clipboard",PAGE_VISIBILITY:"page_visibility",SCROLL_REACH:"scroll_reach",SCROLL:"scroll",SELECT_CHANGE:"select_change",VIEWPORT_RESIZE:"viewport_resize",SCRIPT_PERFORMANCE:"script_performance",REPORT_CONTENT:"report_content",INSERTED_RULE:"inserted_rule",DELETED_RULE:"deleted_rule"})},6939:function(e,t,n){"use strict";n.d(t,{f:function(){return f},W:function(){return g}});const r=Object.freeze({LIVE:"LIVE",REVIEW_WEBAPP:"REVI

Chrome Cache Entry: 246

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3969)
Category:	dropped
Size (bytes):	292976
Entropy (8bit):	5.561814132499582
Encrypted:	false
SSDEEP:
MD5:	7F44218AB8A943293FE6B8EEF7D2835B
SHA1:	026B1EFD8A2D3ECC93159477BD218568DF683E54
SHA-256:	5782DFDEBAE0D892C25E3DFA1F10B48D401F8E15E1648E2D78424874B2E8475D
SHA-512:	1AAF6EA3B3749FC86B8F35850DCF63F67205A0852B6112A8881CD0B3E52EF8EF13A5035EE7841F7E4F43C50A570B0A332C12AD8BBD1C37B61DD503AA41AE7296
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"4",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_cross_domain","priority":15,"vtp_rules":["list","bitly\\.com","app\\.bitly\\.com"],"tag_id":10},{"function":"__ogt_ads_datatos","priority":15,"vtp_instanceDestinationId":"AW-11180849338","tag_id":19},{"function":"__ogt_ga_send","priority":5,"vtp_value":true,"tag_id":12},{"function":"__ogt_dma","priority":5,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":13},{"function":"__ogt_1p_data_v2","priority":5,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":

Chrome Cache Entry: 247

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (34438), with no line terminators
Category:	downloaded
Size (bytes):	34439
Entropy (8bit):	5.371111832777172
Encrypted:	false
SSDEEP:
MD5:	20B3B806E556954DBACAF87D635D399D
SHA1:	B8CA733F807CDCBA0C6E6F84705273560DDE055E
SHA-256:	6DCEECF8EAA03968E40B767206BE8A36A13D7444557FCED227454AE4F100E5C9
SHA-512:	E0FACAD220665D9963600F0DB65833B1E12280835EB96A765093B2E97B60E75D0E217A47C6B40D5599B5CC2FD98F1AC273FBBD122DC64ED32BA41D53869DE0EB
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/plugins/page-links-to/dist/new-tab.js
Preview:	(()=>{"use strict";var t={6691:(t,r,e)=>{var n=e(884);e(6401),e(1202),e(3275),e(465),t.exports=n},7661:(t,r,e)=>{var n=e(6848);t.exports=n},9281:(t,r,e)=>{e(8706),e(6099),e(2675),e(6412),e(9463),e(193),e(2168),e(2259),e(6964),e(3142),e(3237),e(1833),e(7947),e(1073),e(5700),e(8125),e(326),e(4731),e(479),e(5472);var n=e(9167);t.exports=n.Symbol},2151:(t,r,e)=>{e(3792),e(6099),e(7764),e(2259);var n=e(1951);t.exports=n.f("iterator")},2440:(t,r,e)=>{e(7414)},6004:(t,r,e)=>{e(1750)},7414:(t,r,e)=>{var n=e(6691);e(3070),e(3032),e(3976),e(2793),e(7153),e(3803),e(8999),e(7208),e(3440),t.exports=n},1750:(t,r,e)=>{var n=e(7661);t.exports=n},9306:(t,r,e)=>{var n=e(4901),o=e(6823),i=TypeError;t.exports=function(t){if(n(t))return t;throw new i(o(t)+" is not a function")}},3506:(t,r,e)=>{var n=e(3925),o=String,i=TypeError;t.exports=function(t){if(n(t))return t;throw new i("Can't set "+o(t)+" as a prototype")}},6469:(t,r,e)=>{var n=e(8227),o=e(2360),i=e(4913).f,a=n("unscopables"),u=Array.prototype;voi

Chrome Cache Entry: 249

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7915)
Category:	downloaded
Size (bytes):	358106
Entropy (8bit):	5.606919661825054
Encrypted:	false
SSDEEP:
MD5:	8794BBCA11913CB5479686C2074BD047
SHA1:	59C2487164FC51F76E4A30B7E72B1A062DBF4874
SHA-256:	FB1B987A9FBF6C2A5A385E9E52A221FD010DACFC27605C70143398B69A57FF0F
SHA-512:	B0F8481577FA952C10250222057A0A140180D994D994606602F292CFE2373C7F7F06CCB8F3C296DA033C0FCF008F40D5C3A1525D7EF0DDDA5B27621754D2F643
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/js?id=G-567GCTL9BB&l=dataLayer&cx=c
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"9",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_cross_domain","priority":28,"tag_id":109},{"function":"__ogt_referral_exclusion","priority":18,"vtp_includeConditions":["list","accounts\\.google\\.com","accounts\\.google","bitly\\.com"],"tag_id":107},{"function":"__ogt_dma","priority":18,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":110},{"function":"__ogt_1p_data_v2","priority":18,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue"

Chrome Cache Entry: 257

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (51384), with no line terminators
Category:	downloaded
Size (bytes):	51385
Entropy (8bit):	5.293328685395304
Encrypted:	false
SSDEEP:
MD5:	6626C1362840EBFC8F48294E8F023E18
SHA1:	4EC0DFB37C3E536C1B5EC04B68C9846FDBAF9EEF
SHA-256:	AABC88A6DB8B22022F96CA88E4F0A7BE426ABEF2B35169A71515A2D55246402A
SHA-512:	B037A19B52C1047198EC7F19E99066054E454964380E2354239834260D11248E617D6759B944DDF39A25B883C8F430603D8E13097396E2DEDA9BB6905C1CD42A
Malicious:	false
Reputation:	unknown
URL:	https://bat.bing.com/bat.js
Preview:	function UET(o){this.stringExists=function(n){return n&&n.length>0};this.domain="bat.bing.com";this.domainCl="bat.bing.net";this.URLLENGTHLIMIT=4096;this.pageLoadEvt="pageLoad";this.customEvt="custom";this.pageViewEvt="page_view";o.Ver=o.Ver!==undefined&&(o.Ver==="1"\|\|o.Ver===1)?1:2;this.uetConfig={};this.uetConfig.consent={enabled:!1,adStorageAllowed:!0,adStorageUpdated:!1,hasWaited:!1,waitForUpdate:0,enforced:!1};this.uetConfig.tcf={enabled:!1,vendorId:1126,hasLoaded:!1,timeoutId:null,gdprApplies:undefined,adStorageAllowed:undefined,measurementAllowed:undefined,personalizationAllowed:undefined};this.uetConfig.cusig={hasLoaded:!1,timeoutId:null,blob:{}};this.beaconParams={};this.supportsCORS=this.supportsXDR=!1;this.paramValidations={string_currency:{type:"regex",regex:/^[a-zA-Z]{3}$/,error:"{p} value must be ISO standard currency code"},number:{type:"num",digits:3,max:999999999999},integer:{type:"num",digits:0,max:999999999999},hct_los:{type:"num",digits:0,max:30},date:{type:"regex",

Chrome Cache Entry: 258

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4876), with no line terminators
Category:	dropped
Size (bytes):	4876
Entropy (8bit):	5.826685348745679
Encrypted:	false
SSDEEP:
MD5:	A2E749B36C305F4514EE186032D7CCB8
SHA1:	39343C241ECE64E39CCF522E14F11E305DFD8DC7
SHA-256:	7A596D6F9050236BE63FD5DC800E5C88CF75636B4C4097F44DD82DCB8B35874D
SHA-512:	91115F79452A66C2100BF265388FD0131EA00ABECB7BE4F3D736B210A1AB9D5192852A0B750AB5B1E86EF052556F9F20B1FC3626E1F5A171C3FE543508996CF7
Malicious:	false
Reputation:	unknown
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,d){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=d.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var d=a[b];if(d&&d.Math==Math)return d}throw Error("Cannot find global object");} var m=k(this),p=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},v={};function w(a,b,d){if(!d\|\|a!=null){d=v[b];if(d==null)return a[b];d=a[d];return d!==void 0?d:a[b]}} function x(a,b,d){if(b)a:{var c=a.split(".");a=c.length===1;var e=c[0],g;!a&&e in t?g=t:g=m;for(e=0;e<c.length-1;e++){var f=c[e];if(!(f in g))break a;g=g[f]}c=c[c.length-1];d=p&&d==="es6"?g[c]:null;b=b(d);b!=null&&(a?h(t,c,{configurable:!0,writable:!0,value:b}):b!==d&&(v[c]===void 0&&(a=Math.random()*1E9>>>0,v[c]=p?m.Symbol(c):"$jscp$"+a+"$"+c),h(g,v[c],{co

Chrome Cache Entry: 259

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	607
Entropy (8bit):	4.587573533574872
Encrypted:	false
SSDEEP:
MD5:	971644F50E2020E1FF22E37EDCAD46F6
SHA1:	10520FD82100F31317A449CB6C5E529E1F8BD152
SHA-256:	C46936850CFA993988F2C32B0B04A5C4B0F94C30D36ACA502626BEFBD2B802DE
SHA-512:	6789DCDE069FB6EEBB1EAEF32C2763FA860163F95564022FD25A840A50A810C412CB4E0575101DE7AEC6B42F596ADB469BAA63697A30084DC00F6FD5E221DF27
Malicious:	false
Reputation:	unknown
Preview:	{"widget":{"html_lst_title":"Translations Menu","html_title":"Accessibility Menu","text_icon_small":"Accessibility","text_icon_large":"Accessibility</br>Menu","new_tab":"open in a new tab","broken_links":{"target_site_not_available":"target website may not be available"}},"skip_links":{"open_accessibility_nav":"Open the Accessible Navigation Menu","open_accessibility_menu":"Open the accessibility menu","skip":"Skip to main content","enable_visually_impaired":"Enable accessibility for low vision","disable_visually_impaired":"Disable accessibility for low vision","title":"Quick Accessibility Options"}}

Chrome Cache Entry: 261

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (723)
Category:	downloaded
Size (bytes):	7076
Entropy (8bit):	5.52488676121649
Encrypted:	false
SSDEEP:
MD5:	88A2E0A522036C0B87E03552E56629AA
SHA1:	EC9D1157518E753A84DBDE1333A29B34CF776D63
SHA-256:	788AFB96F2DA68E8729EC35F3D5E381FAD3482D37C54C2195C7311440EE4C27E
SHA-512:	44B953878BD650FE2BCC8B6904620955C3E396B7DC8F41F85D021A8E0404DA41DB15C5499A03F7D4FE9129BB340AA3F6782942CF5327502FD4569BEBBB17073F
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/static/service_worker/4al0/sw.js?origin=https%3A%2F%2Fbitly.com
Preview:	'use strict';var k=function(a){function b(c){return a.next(c)}function e(c){return a.throw(c)}return new Promise(function(c,d){function f(h){h.done?c(h.value):Promise.resolve(h.value).then(b,e).then(f,d)}f(a.next())})};/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var m=this\|\|self;var u,v;a:{for(var x=["CLOSURE_FLAGS"],B=m,C=0;C<x.length;C++)if(B=B[x[C]],B==null){v=null;break a}v=B}var G=v&&v[610401301];u=G!=null?G:!1;var H;const I=m.navigator;H=I?I.userAgentData\|\|null:null;function J(a){return u?H?H.brands.some(({brand:b})=>b&&b.indexOf(a)!=-1):!1:!1}function K(a){var b;a:{const e=m.navigator;if(e){const c=e.userAgent;if(c){b=c;break a}}b=""}return b.indexOf(a)!=-1};function L(){return u?!!H&&H.brands.length>0:!1}function O(){return L()?J("Chromium"):(K("Chrome")\|\|K("CriOS"))&&!(L()?0:K("Edge"))\|\|K("Silk")};!K("Android")\|\|O();O();!K("Safari")\|\|O()\|\|(L()?0:K("Coast"))\|\|(L()?0:K("Opera"))\|\|(L()?0:K("Edge"))\|\|(L()?J("Microsoft Edge"):K("Edg/"))\|\|L()&

Chrome Cache Entry: 262

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1943
Entropy (8bit):	4.089683219880435
Encrypted:	false
SSDEEP:
MD5:	1FF8984BBD018A87A6B06B30A9FFB50A
SHA1:	AA261269EBCB3A008632AC39A34A9062D7F5B549
SHA-256:	0D8912F1B80CBB7EE47E72E879E7D31E17E49B655D476748EC7D437E0B03E819
SHA-512:	7CFA7D96572F27F7A7D8CDD18FCE64ABCAA2FED45BD19EAAAFC3CA1FA2F0A0E2825FD4CABBBB7006B8124AFA4F9A010BE1E26E70BFA8B98CE6C5240A32E9E20C
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/themes/JointsWP-CSS-master/assets/images/globe.svg
Preview:	<svg width="24" height="25" viewBox="0 0 24 25" fill="none" xmlns="http://www.w3.org/2000/svg">.<g id="globe">.<path id="Vector" d="M12 2.75C10.0716 2.75 8.18657 3.32183 6.58319 4.39317C4.97982 5.46451 3.73013 6.98726 2.99218 8.76884C2.25422 10.5504 2.06114 12.5108 2.43735 14.4021C2.81355 16.2934 3.74215 18.0307 5.10571 19.3943C6.46928 20.7579 8.20656 21.6865 10.0979 22.0627C11.9892 22.4389 13.9496 22.2458 15.7312 21.5078C17.5127 20.7699 19.0355 19.5202 20.1068 17.9168C21.1782 16.3134 21.75 14.4284 21.75 12.5C21.747 9.91505 20.7188 7.43683 18.891 5.609C17.0632 3.78116 14.585 2.75298 12 2.75ZM20.25 12.5C20.2507 13.2608 20.1456 14.0181 19.9378 14.75H16.3275C16.5575 13.2588 16.5575 11.7412 16.3275 10.25H19.9378C20.1456 10.9819 20.2507 11.7392 20.25 12.5ZM9.5625 16.25H14.4375C13.9572 17.8237 13.1235 19.2667 12 20.4688C10.877 19.2664 10.0433 17.8235 9.5625 16.25ZM9.19688 14.75C8.93939 13.2611 8.93939 11.7389 9.19688 10.25H14.8106C15.0681 11.7389 15.0681 13.2611 14.8106 14.75H9.19688ZM3.75 1

Chrome Cache Entry: 265

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	174142
Entropy (8bit):	5.166669835077434
Encrypted:	false
SSDEEP:
MD5:	5809E180B837245BC0C0B9E9A7EC9381
SHA1:	A7D96871C7F943B09C832C9CD53280A0E350E697
SHA-256:	5942879CBAC8AF1F1D7B0FFF22948498F37F353DC318012621E3D06081092CBB
SHA-512:	5FD3BED9FD6DCB5AF3049382F005C19EE354772260D26F3130A99BB7D23756EFD4396992839CC6F9DB678DEE30019ACAB64A29CFF3C40C29476752D7C7921E3B
Malicious:	false
Reputation:	unknown
Preview:	!function(t,e){if("object"==typeof exports&&"object"==typeof module)module.exports=e(require("jquery"));else if("function"==typeof define&&define.amd)define(["jquery"],e);else{var n="object"==typeof exports?e(require("jquery")):e(t.jQuery);for(var i in n)("object"==typeof exports?exports:t)[i]=n[i]}}(window,function(n){return function(n){var i={};function o(t){if(i[t])return i[t].exports;var e=i[t]={i:t,l:!1,exports:{}};return n[t].call(e.exports,e,e.exports,o),e.l=!0,e.exports}return o.m=n,o.c=i,o.d=function(t,e,n){o.o(t,e)\|\|Object.defineProperty(t,e,{enumerable:!0,get:n})},o.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},o.t=function(e,t){if(1&t&&(e=o(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(o.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var i in e)o.d(n,i,

Chrome Cache Entry: 268

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1787), with no line terminators
Category:	dropped
Size (bytes):	1787
Entropy (8bit):	5.466192854179339
Encrypted:	false
SSDEEP:
MD5:	C07DC901A625F5292174F9538E4F8AEA
SHA1:	798271EF838CC966E3F8B7663BFF156DFC9DE827
SHA-256:	41D96BBBB0609CEBCEDD8AEBE6B7438E4F8F41CC6DA41381FDE2A0EAD96AB1CC
SHA-512:	45FCB71CC0DB5D2CCF226684337FE2BC62DD59E8D99CD8FE2B52A72879DB42E7242BB3C27B5073CFAEE3E602FF60D7C5388F94D8318FB3187AECAC5443E22E3D
Malicious:	false
Reputation:	unknown
Preview:	!function(){function t(t,e){var n=document.body\|\|document.head,i=document.createElement("script");i.src=t,i.async=!0,i.id="a11yWidgetSrc",e&&(i.crossOrigin="anonymous",i.integrity=e),n.appendChild(i)}function e(){var t=document.createElement("iframe");t.title="Online scanning alert",t.setAttribute("style","width:100%!important;height:100%!important;position:fixed!important;left:0!important;right:0!important;top:0!important;bottom:0!important;z-index:999999"),document.body.appendChild(t),t.src=o+"scan_error.html",window.addEventListener("message",function(e){e.data&&"scan-alert-dismiss"===e.data.action&&a.indexOf(e.origin)>=0&&t.remove()})}try{var n=document.querySelector("html"),i="data-uw-w-loader";if(n&&n.hasAttribute(i))return;n.setAttribute(i,"")}catch(t){}var a="https://cdn.userway.org/",o=a+"widgetapp/",r=o+"2024-10-25-08-38-44/widget_app_base_1729845524407.js",d=o+"2024-10-25-08-38-44/widget_app_1729845524407.js",c="sha256-RIqci2mVM1Zcvg59v5X3tM34A0JNuGZmr2zAwcE9rBo=";if(locatio

Chrome Cache Entry: 269

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	497
Entropy (8bit):	4.684891921463926
Encrypted:	false
SSDEEP:
MD5:	B57C99C9D1E3C50B2114C6DB053D7FF0
SHA1:	ADA8ABFED92BA8A545BBD9D299D74D5972CC4AE8
SHA-256:	691DCDB24853A0F5CE4E6597E5713DEA66799B57FFE2C2A10F28F98E0B569B19
SHA-512:	0DAB6D06F386D922FB28F70F2590D4F9C361E7F4E5D5E581B98E59AAC12B266CBA596FFCCD87203B4330673EE4EC1D459A1ABDFC4B066D243A43B2BF7909F0EE
Malicious:	false
Reputation:	unknown
Preview:	<svg xmlns="http://www.w3.org/2000/svg"><path class="ot-floating-button__svg-fill" d="M14.588 0l.445.328c1.807 1.303 3.961 2.533 6.461 3.688 2.015.93 4.576 1.746 7.682 2.446 0 14.178-4.73 24.133-14.19 29.864l-.398.236C4.863 30.87 0 20.837 0 6.462c3.107-.7 5.668-1.516 7.682-2.446 2.709-1.251 5.01-2.59 6.906-4.016zm5.87 13.88a.75.75 0 00-.974.159l-5.475 6.625-3.005-2.997-.077-.067a.75.75 0 00-.983 1.13l4.172 4.16 6.525-7.895.06-.083a.75.75 0 00-.16-.973z" fill="#FFF" fill-rule="evenodd"/></svg>

Chrome Cache Entry: 272

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	2812
Entropy (8bit):	4.953496128096261
Encrypted:	false
SSDEEP:
MD5:	5BE959EE35DF006006542521D7C6C16F
SHA1:	732FB1A97EF795C44D94BB64B0E600641D767DC4
SHA-256:	C8012F1FA37A39D2F159BA1857E861F895D09BAD86114BA9306656170CA3D754
SHA-512:	54B10B547E00E64D8651C86B4726EA68FEB5627D7DCC269997DAA507077E00371D2E7427B1B8CA6F5EF2D8DF4BE23346E97F838B46AA7261A982974A51C717C4
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/cache/fvm/min/1729256436-css130bf1718192fe66942ef3d04f2775c03a2b8f5c60745f3e9643001f84169.css
Preview:	@font-face {font-display: swap;font-family: "foundation-icons";src: url("/wp-content/themes/JointsWP-CSS-master/assets/foundation-icons/foundation-icons.woff") format("woff");font-weight: 400;font-style: normal;}.@font-face {font-family: "ProximaNova Light";src: url("/wp-content/themes/JointsWP-CSS-master/assets/fonts/bitly_displaay_standard/BitlyDisplaayStandard-Light.woff") format("woff");font-display: swap;font-style: normal;font-weight: 300;font-stretch: normal;}.@font-face {font-family: "ProximaNova Regular";src: url("/wp-content/themes/JointsWP-CSS-master/assets/fonts/bitly_displaay_standard/BitlyDisplaayStandard-Regular.woff") format("woff");font-display: swap;font-style: normal;font-weight: 400;font-stretch: normal;}.@font-face {font-family: "ProximaNova Medium";src: url("/wp-content/themes/JointsWP-CSS-master/assets/fonts/bitly_displaay_standard/BitlyDisplaayStandard-SemiBold.woff") format("woff");font-display: swap;font-style: normal;font-weight: 600;font-stretch: normal;}.@f

Chrome Cache Entry: 273

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, CFF, length 58304, version 0.0
Category:	downloaded
Size (bytes):	58304
Entropy (8bit):	7.992190920673383
Encrypted:	true
SSDEEP:
MD5:	AB202EA040818822AEC054A6B41DBC3C
SHA1:	75858997B029540A2D34BB4F719005AF744BC953
SHA-256:	D8C207D11BA3D1F05E8B37F3E70FA3250FA5169E61AE5DA8920F63C2AC23447A
SHA-512:	01DCE1969295D4777EF5F4CEE215D7F1AA2432F1C833B4A99B98AC207DF8EA8FC76ACE99651317BB7C56C45CA77F806E401156FD3D6D31E94ACC153737EDB0B0
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/wp-content/themes/JointsWP-CSS-master/assets/fonts/bitly_displaay_standard/BitlyDisplaayStandard-Heavy.woff
Preview:	wOFFOTTO....................................CFF ...t..z....s....GDEF...T.......bF.AXGPOS...@..OS....uUuGSUB.............OS/2...\...\...`..8.cmap...$...:...B.j..head...$...4...6(IJ.hhea...<... ...$... hmtx...X........(x.wmaxp.............mP.name.......j....h...post...`....... ...2..P..m..x.c`d```e`X8.=1...+.3... xd......;..E..eg`....^g.ux...ctdK...}.b.M..z.m..m.m.g.m..{..[...o.sU...b..........?..`4.g./.}h"2?Y+.^...D.0_..P/.... %.&}............b......B.,......I...ru....\|4.~..b....Z?........s:.9...j.<{>/.f.<.._@..5f.:.L].............[.zS"...T...Z..,.Q.BK..x>.......S...>U..g.az..'.:....T3..7.p.j.x..U.....d....pN./.Y..ykV..oi..ynE</y.UN...?.,.:.)).{."MnF.M.k.\.....\|.{..L_(..0....../...Z....AW![......!QZ..e.;.H?........e.Dd'.e7D.#(T..X..*.7C..s~.....6.....U.U..\U..u.^...I..0.Q'.S.uP.z...r3.^.t.....B9..r.B.l.\|..../.{..\.OG.....V.......Ob~.\|..~.rW....2....N.@...SQ..(.S2...O.XQTJ.gS.R.0.c.........E..GG.n..}7...\.....F.I.5..s...=Q..B...y.5S.L..,.'..Pz..f.LD.

Chrome Cache Entry: 274

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	4561
Entropy (8bit):	4.330851660596213
Encrypted:	false
SSDEEP:
MD5:	1D8B1582FE82BD329041CC1982AD42E4
SHA1:	AC2A44EBB20CFA5D6998D5D7D3F4E895EEE21DE2
SHA-256:	21EB1E487C899C6192C31800445BFB81CAA7FF1FCA550EA3FDB3444834D85710
SHA-512:	FAAC79ED68DC3E7E6A2EB05CFFCC4500238AD28784DBD145EEB5DE0E0EB2CA6E7EA505A9540EBEEB1766D29F9BAF3D21F8BCC706DD20A0CA5F330B139A01A08C
Malicious:	false
Reputation:	unknown
URL:	https://cdn.userway.org/widgetapp/images/body_wh.svg
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<svg width="60px" height="60px" viewBox="0 0 60 60" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">. <title>man</title>. <g id="Drawer" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">. <g id="man" transform="translate(-30.000000, -30.000000)">. <g transform="translate(30.000000, 30.000000)" id="Group-12">. <circle id="Oval" cx="30" cy="30" r="30"></circle>. <path d="M30,4.42857143 C44.12271,4.42857143 55.5714286,15.87729 55.5714286,30 C55.5714286,44.12271 44.12271,55.5714286 30,55.5714286 C15.87729,55.5714286 4.42857143,44.12271 4.42857143,30 C4.42857143,15.87729 15.87729,4.42857143 30,4.42857143 Z M30,6.42857143 C16.9818595,6.42857143 6.42857143,16.9818595 6.42857143,30 C6.42857143,43.0181405 16.9818595,53.5714286 30,53.5714286 C43.0181405,53.5714286 53.5714286,43.0181405 53.5714286,30 C53.5714286,16.9818595 43.0181405,6.42857143 30,

Chrome Cache Entry: 276

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	271
Entropy (8bit):	4.828102040031845
Encrypted:	false
SSDEEP:
MD5:	C6A55456AF4776C733018888483ABA22
SHA1:	297B53F8538BA3B59D2028F16DE4E14EC90337CE
SHA-256:	20BE9B3C63A01D921697A0EF1C1596F647678498EEFE6DC508E2363BE25277F8
SHA-512:	DBAF5D9A1B0F5D4195D3B9C62650AF622D66F1B68BFEC20CE79E84185C558F91AEEB6718452E1196BF783BB3CA7A0574223726FC4D80076EA9AD115F1FDD1EAB
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/static/1729518575/pages/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js
Preview:	document.addEventListener('DOMContentLoaded', function() {..for(var cookieName in wpml_cookies) {...var cookieData = wpml_cookies[cookieName];...document.cookie = cookieName + '=' + cookieData.value + ';expires=' + cookieData.expires + '; path=' + cookieData.path;..}.});

Chrome Cache Entry: 279

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (24720), with no line terminators
Category:	downloaded
Size (bytes):	24720
Entropy (8bit):	4.791581848112604
Encrypted:	false
SSDEEP:
MD5:	98B5C29CF94D2FE934D0D126C3E3779F
SHA1:	E0B32752F723123C3F157A36D52E81E5184974E6
SHA-256:	6C496FCBE60FEC78DC1B86A9136644D9A97CAE20DF32BE3E9A4A62CE7BD0E6A6
SHA-512:	7AD505F42CD5574A2BF966BA7533F50C254924DF1EBF45023260445E5260AC1212E908CFDED31E18C8091412A58F9328A4562F8AC8A6A526E30578467C404B54
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/otCommonStyles.css
Preview:	#onetrust-banner-sdk .onetrust-vendors-list-handler{cursor:pointer;color:#1f96db;font-size:inherit;font-weight:700;text-decoration:none;margin-left:5px}#onetrust-banner-sdk .onetrust-vendors-list-handler:hover{color:#1f96db}#onetrust-banner-sdk:focus{outline:2px solid #000;outline-offset:-2px}#onetrust-banner-sdk a:focus{outline:2px solid #000}#onetrust-banner-sdk #onetrust-accept-btn-handler,#onetrust-banner-sdk #onetrust-reject-all-handler,#onetrust-banner-sdk #onetrust-pc-btn-handler{outline-offset:1px}#onetrust-banner-sdk.ot-bnr-w-logo .ot-bnr-logo{height:64px;width:64px}#onetrust-banner-sdk .ot-tcf2-vendor-count.ot-text-bold{font-weight:700}#onetrust-banner-sdk .ot-close-icon,#onetrust-pc-sdk .ot-close-icon,#ot-sync-ntfy .ot-close-icon{background-size:contain;background-repeat:no-repeat;background-position:center;height:12px;width:12px}#onetrust-banner-sdk .powered-by-logo,#onetrust-banner-sdk .ot-pc-footer-logo a,#onetrust-pc-sdk .powered-by-logo,#onetrust-pc-sdk .ot-pc-footer-lo

Chrome Cache Entry: 280

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3835)
Category:	dropped
Size (bytes):	234259
Entropy (8bit):	5.560121882847274
Encrypted:	false
SSDEEP:
MD5:	FD54E51DDC8F24979A674FE93D2CF9A2
SHA1:	B5477AA767D670BBF6C8A14D1E0869182F1B9C14
SHA-256:	0DEB42B8A5AA35E5673BA856B4E8DB3E72E9A806FC2CD674FCDD9ABA1B84F4A6
SHA-512:	8DFAD615B511E0500255BD0CDE45645987D8E89D476007F5029C070CF1C5EA9E0F4AF569FC9836954BC2EF91A0F0A4E8C636A1B3E21DDD5EDE0346890600FA44
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__rep","vtp_containerId":"DC-12389169","vtp_remoteConfig":["map"],"tag_id":5},{"function":"__ogt_dma","priority":0,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":8},{"function":"__ogt_1p_data_v2","priority":0,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_

Chrome Cache Entry: 281

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, CFF, length 58520, version 0.0
Category:	downloaded
Size (bytes):	58520
Entropy (8bit):	7.993974975309218
Encrypted:	true
SSDEEP:
MD5:	33E1B3F45D6F15F6A481DE1447FA9605
SHA1:	135B80E993067EE7D9BFD6F26552E4F6D1A49D39
SHA-256:	B089EDD0369156C2FD98EE62D6D64D420785ED941C30523DC2C29D1C6AC307C0
SHA-512:	30AC8E3E5443ECAC0BC2B239CBAE365874AA8C9A79DAA73AE2ECB0EF980D676F39E7A44FAEFA7577B5DD857A030CB46E054957A493BF3720C21789C8A3A4C126
Malicious:	false
Reputation:	unknown
URL:	https://docrdsfx76ssb.cloudfront.net/wp-content/themes/JointsWP-CSS-master/assets/fonts/bitly_displaay_standard/BitlyDisplaayStandard-Medium.woff
Preview:	wOFFOTTO..........h........................CFF ...l..v.....X.U.GDEF...h.......bFK@.GPOS...T..T.....,.WyGSUB...l..........OS/2...X...\...`.z5.cmap.......:...B.j..head...$...4...6'.J.hhea...8... ...$...whmtx...X........./.maxp.............mP.name.......h....jU..post...X....... ...2..P..m..x.c`d```e`.....x~...../....is......5.i.m ....$......x...c..[....=w......m;.m.m.m..WO.......1...p7.....F...F..H.J.E.H.IT..uq.y....U.A.7.:..H..:e#?.....ZjU.-..R.g.H^l.... .d.8z...6x.55.Ir..j..r....NT.m..W..zZ..Wp....a..#IZ.M.....R....g..>'=..;..........+.!k.R...Y.[@....U.J"V.\|$w.........._...1....C.K....P..5a..M..n....W..%}q].......(#Z.$.d....J..D..AD.L.v&..Ab4CVA.p..`...<.l....Y..i.4....{o k..X5.@.2v....CI0.ce..!...Z.OVV....R.A.........O..B.....5...w<qVF..".z..T...<..\|..:.r...Z..h.Q2\Z.Q.I.(...F..O..EG.)...2M....L..:9.k;...C.R\|g...t.#I....+o....v.DR7..w.........J.x.4..%.P.....j.G5.P..\.d.4......<{T..:C..^.[.4......Y..Q...)./Qd.f..N....8.\....&.A.. .%.5*....L..

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject malicious code into process via Extra Window Memory (EWM) in order to evade process-based defenses as well as possibly elevate privileges. EWM injection is a method of executing arbitrary code in the address space of a separate live process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	Process: OS API Execution
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://bit.ly/magahttps://bit.ly/maga-voter-purge-va-voter-purge-va

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 137

Chrome Cache Entry: 140

Chrome Cache Entry: 142

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 153

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 158

Chrome Cache Entry: 160

Chrome Cache Entry: 161

Chrome Cache Entry: 163

Chrome Cache Entry: 164

Chrome Cache Entry: 165

Chrome Cache Entry: 166

Chrome Cache Entry: 167

Chrome Cache Entry: 168

Chrome Cache Entry: 169

Chrome Cache Entry: 170

Chrome Cache Entry: 173

Chrome Cache Entry: 175

Chrome Cache Entry: 176

Chrome Cache Entry: 177

Chrome Cache Entry: 178

Chrome Cache Entry: 180

Chrome Cache Entry: 181

Chrome Cache Entry: 183

Chrome Cache Entry: 184

Windows Analysis Report
https://bit.ly/magahttps://bit.ly/maga-voter-purge-va-voter-purge-va