Edit tour

Windows Analysis Report
http://url9772.onlinedatareports.com/ls/click?upn=u001.ixzAc7ho4QPh1ym7GP1v7N8jbteRIgHYy3r13L-2Bxr-2BGNizhKtAWG4WsSaJnHYPG80577_3SwlBiW7haPbr-2F-2BqkjZhZHoWqX-2BW8wdxT8icvQSk-2FNptP5BEOKfRY-2B1Rds5JxogEjAzYGQuo7CfOLZ4FJOOusEyXQcaDvPBy8PXt9nDzeHOGiBNUeTQpW36n1snQjTedeEOPOZpIgHlJcHKc7PWmbriqEzgflRnimC

Overview

General Information

Sample URL:	http://url9772.onlinedatareports.com/ls/click?upn=u001.ixzAc7ho4QPh1ym7GP1v7N8jbteRIgHYy3r13L-2Bxr-2BGNizhKtAWG4WsSaJnHYPG80577_3SwlBiW7haPbr-2F-2BqkjZhZHoWqX-2BW8wdxT8icvQSk-2FNptP5BEOKfRY-2B1Rds5Jxo
Analysis ID:	1417001

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Found iframes

HTML body contains low number of good links

HTML title does not match URL

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 5736 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://url9772.onlinedatareports.com/ls/click?upn=u001.ixzAc7ho4QPh1ym7GP1v7N8jbteRIgHYy3r13L-2Bxr-2BGNizhKtAWG4WsSaJnHYPG80577_3SwlBiW7haPbr-2F-2BqkjZhZHoWqX-2BW8wdxT8icvQSk-2FNptP5BEOKfRY-2B1Rds5JxogEjAzYGQuo7CfOLZ4FJOOusEyXQcaDvPBy8PXt9nDzeHOGiBNUeTQpW36n1snQjTedeEOPOZpIgHlJcHKc7PWmbriqEzgflRnimClKO-2BzMDAZrQsD-2BTLH7O1eEkGpGPahzhBfByMr9XRQw-2FfEC-2FscM2A-3D-3D MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 3724 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=2004,i,8079371699346967328,3022499890895460892,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://www.onlinedatareports.com/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-N57LZGJ
Source: https://www.onlinedatareports.com/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-N57LZGJ
Source: https://www.onlinedatareports.com/	HTTP Parser: Iframe src: https://secure.livechatinc.com/customer/action/open_chat?license_id=7139371&group=0&embedded=1&widget_version=3&unique_groups=0

Source: https://www.onlinedatareports.com/

HTTP Parser: Number of links: 0

Source: https://www.onlinedatareports.com/

HTTP Parser: Title: OnlineDataReports.com does not match URL

Source: https://www.onlinedatareports.com/	HTTP Parser: No favicon
Source: https://secure.livechatinc.com/customer/action/open_chat?license_id=7139371&group=0&embedded=1&widget_version=3&unique_groups=0	HTTP Parser: No favicon

Source: https://www.onlinedatareports.com/	HTTP Parser: No <meta name="author".. found
Source: https://www.onlinedatareports.com/	HTTP Parser: No <meta name="author".. found

Source: https://www.onlinedatareports.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.onlinedatareports.com/	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.72.156.109:443 -> 192.168.2.17:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.72.156.109:443 -> 192.168.2.17:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.151.68:443 -> 192.168.2.17:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.17:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49795 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 184.30.122.249
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.222.123
Source: unknown	TCP traffic detected without corresponding DNS query: 184.30.122.249
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.222.123
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157

Source: unknown

DNS traffic detected: queries for: url9772.onlinedatareports.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.72.156.109:443 -> 192.168.2.17:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.72.156.109:443 -> 192.168.2.17:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.151.68:443 -> 192.168.2.17:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.17:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49795 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@15/49@60/274

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://url9772.onlinedatareports.com/ls/click?upn=u001.ixzAc7ho4QPh1ym7GP1v7N8jbteRIgHYy3r13L-2Bxr-2BGNizhKtAWG4WsSaJnHYPG80577_3SwlBiW7haPbr-2F-2BqkjZhZHoWqX-2BW8wdxT8icvQSk-2FNptP5BEOKfRY-2B1Rds5JxogEjAzYGQuo7CfOLZ4FJOOusEyXQcaDvPBy8PXt9nDzeHOGiBNUeTQpW36n1snQjTedeEOPOZpIgHlJcHKc7PWmbriqEzgflRnimClKO-2BzMDAZrQsD-2BTLH7O1eEkGpGPahzhBfByMr9XRQw-2FfEC-2FscM2A-3D-3D
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=2004,i,8079371699346967328,3022499890895460892,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=2004,i,8079371699346967328,3022499890895460892,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	3 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://url9772.onlinedatareports.com/ls/click?upn=u001.ixzAc7ho4QPh1ym7GP1v7N8jbteRIgHYy3r13L-2Bxr-2BGNizhKtAWG4WsSaJnHYPG80577_3SwlBiW7haPbr-2F-2BqkjZhZHoWqX-2BW8wdxT8icvQSk-2FNptP5BEOKfRY-2B1Rds5JxogEjAzYGQuo7CfOLZ4FJOOusEyXQcaDvPBy8PXt9nDzeHOGiBNUeTQpW36n1snQjTedeEOPOZpIgHlJcHKc7PWmbriqEzgflRnimClKO-2BzMDAZrQsD-2BTLH7O1eEkGpGPahzhBfByMr9XRQw-2FfEC-2FscM2A-3D-3D	0%	Avira URL Cloud	safe
http://url9772.onlinedatareports.com/ls/click?upn=u001.ixzAc7ho4QPh1ym7GP1v7N8jbteRIgHYy3r13L-2Bxr-2BGNizhKtAWG4WsSaJnHYPG80577_3SwlBiW7haPbr-2F-2BqkjZhZHoWqX-2BW8wdxT8icvQSk-2FNptP5BEOKfRY-2B1Rds5JxogEjAzYGQuo7CfOLZ4FJOOusEyXQcaDvPBy8PXt9nDzeHOGiBNUeTQpW36n1snQjTedeEOPOZpIgHlJcHKc7PWmbriqEzgflRnimClKO-2BzMDAZrQsD-2BTLH7O1eEkGpGPahzhBfByMr9XRQw-2FfEC-2FscM2A-3D-3D	0%	Virustotal		Browse

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Link
jsdelivr.map.fastly.net	0%	Virustotal	Browse
app.posthog.com	0%	Virustotal	Browse
us.i.posthog.com	0%	Virustotal	Browse
www.onlinedatareports.com	0%	Virustotal	Browse
b2723a579581.38f2a8b0.us-east-1.token.awswaf.com	0%	Virustotal	Browse
url9772.onlinedatareports.com	0%	Virustotal	Browse

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
jsdelivr.map.fastly.net	151.101.1.229	true	false	0%, Virustotal, Browse	unknown
rs.fullstory.com	35.186.194.58	true	false		high
sendgrid.net	167.89.115.150	true	false		high
www.google.com	142.251.16.104	true	false		high
posthog-ingress-prod-us-256455477.us-east-1.elb.amazonaws.com	52.2.56.108	true	false		high
edge.fullstory.com	35.201.112.186	true	false		high
www.onlinedatareports.com	99.84.108.109	true	false	0%, Virustotal, Browse	unknown
b2723a579581.38f2a8b0.us-east-1.token.awswaf.com	18.173.219.112	true	false	0%, Virustotal, Browse	unknown
unpkg.com	104.16.122.175	true	false		high
www.woopra.com	162.55.95.218	true	false		high
url9772.onlinedatareports.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
us.i.posthog.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
cdn.jsdelivr.net	unknown	unknown	false		high
secure.livechatinc.com	unknown	unknown	false		high
api.livechatinc.com	unknown	unknown	false		high
app.posthog.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
accounts.livechatinc.com	unknown	unknown	false		high
cdn.livechatinc.com	unknown	unknown	false		high
static.woopra.com	unknown	unknown	false		high
cdn-4.convertexperiments.com	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://secure.livechatinc.com/customer/action/open_chat?license_id=7139371&group=0&embedded=1&widget_version=3&unique_groups=0	false		high
https://www.onlinedatareports.com/	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.249.39.126	unknown	United States	16509	AMAZON-02US	false
104.16.122.175	unpkg.com	United States	13335	CLOUDFLARENETUS	false
142.251.111.101	unknown	United States	15169	GOOGLEUS	false
162.55.95.218	www.woopra.com	United States	35893	ACPCA	false
23.222.79.202	unknown	United States	20940	AKAMAI-ASN1EU	false
99.84.108.109	www.onlinedatareports.com	United States	16509	AMAZON-02US	false
35.186.194.58	rs.fullstory.com	United States	15169	GOOGLEUS	false
151.101.1.91	unknown	United States	54113	FASTLYUS	false
172.253.62.94	unknown	United States	15169	GOOGLEUS	false
23.48.203.199	unknown	United States	24319	AKAMAI-TYO-APAkamaiTechnologiesTokyoASNSG	false
52.2.56.108	posthog-ingress-prod-us-256455477.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
99.84.108.90	unknown	United States	16509	AMAZON-02US	false
172.253.122.113	unknown	United States	15169	GOOGLEUS	false
167.89.115.150	sendgrid.net	United States	11377	SENDGRIDUS	false
142.251.16.138	unknown	United States	15169	GOOGLEUS	false
142.251.167.94	unknown	United States	15169	GOOGLEUS	false
172.253.62.97	unknown	United States	15169	GOOGLEUS	false
99.84.108.111	unknown	United States	16509	AMAZON-02US	false
142.251.163.95	unknown	United States	15169	GOOGLEUS	false
151.101.1.229	jsdelivr.map.fastly.net	United States	54113	FASTLYUS	false
23.222.79.139	unknown	United States	20940	AKAMAI-ASN1EU	false
3.211.0.126	unknown	United States	14618	AMAZON-AESUS	false
23.61.11.170	unknown	United States	20940	AKAMAI-ASN1EU	false
167.89.115.120	unknown	United States	11377	SENDGRIDUS	false
142.251.16.104	www.google.com	United States	15169	GOOGLEUS	false
52.203.3.42	unknown	United States	14618	AMAZON-AESUS	false
18.173.219.112	b2723a579581.38f2a8b0.us-east-1.token.awswaf.com	United States	3	MIT-GATEWAYSUS	false
23.53.35.104	unknown	United States	20940	AKAMAI-ASN1EU	false
172.253.63.102	unknown	United States	15169	GOOGLEUS	false
23.53.35.106	unknown	United States	20940	AKAMAI-ASN1EU	false
184.31.74.253	unknown	United States	20940	AKAMAI-ASN1EU	false
35.201.112.186	edge.fullstory.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
99.84.108.106	unknown	United States	16509	AMAZON-02US	false
23.48.104.108	unknown	United States	20940	AKAMAI-ASN1EU	false
23.222.79.177	unknown	United States	20940	AKAMAI-ASN1EU	false
172.253.115.84	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.17

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1417001
Start date and time:	2024-03-28 13:27:27 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	http://url9772.onlinedatareports.com/ls/click?upn=u001.ixzAc7ho4QPh1ym7GP1v7N8jbteRIgHYy3r13L-2Bxr-2BGNizhKtAWG4WsSaJnHYPG80577_3SwlBiW7haPbr-2F-2BqkjZhZHoWqX-2BW8wdxT8icvQSk-2FNptP5BEOKfRY-2B1Rds5JxogEjAzYGQuo7CfOLZ4FJOOusEyXQcaDvPBy8PXt9nDzeHOGiBNUeTQpW36n1snQjTedeEOPOZpIgHlJcHKc7PWmbriqEzgflRnimClKO-2BzMDAZrQsD-2BTLH7O1eEkGpGPahzhBfByMr9XRQw-2FfEC-2FscM2A-3D-3D
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	20
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean2.win@15/49@60/274

Warnings

Exclude process from analysis (whitelisted): TextInputHost.exe
Excluded IPs from analysis (whitelisted): 142.251.167.94, 172.253.63.102, 172.253.63.113, 172.253.63.139, 172.253.63.100, 172.253.63.138, 172.253.63.101, 172.253.115.84, 34.104.35.123, 184.31.74.253, 172.253.62.97, 142.251.111.101, 142.251.111.100, 142.251.111.138, 142.251.111.102, 142.251.111.139, 142.251.111.113, 23.222.79.202, 23.222.79.162, 23.222.79.177, 23.222.79.139, 142.251.163.95, 142.251.16.95, 172.253.63.95, 142.251.167.95, 172.253.62.95, 172.253.115.95, 142.251.111.95, 172.253.122.95, 23.53.35.104, 23.53.35.106, 23.61.11.170, 23.61.11.155
Excluded domains from analysis (whitelisted): accounts.google.com, e39296.f.akamaiedge.net, content-autofill.googleapis.com, cdn-4.convertexperiments.com.edgekey.net, clientservices.googleapis.com, secure.livechat.com.edgekey.net, e5289.dscb.akamaiedge.net, e39296.b.akamaiedge.net, clients2.google.com, edgedl.me.gvt1.com, www.googletagmanager.com, clients.l.google.com, cdn.livechat.com.edgekey.net, api.livechat.com.edgekey.net, www.google-analytics.com
Not all processes where analyzed, report is missing behavior information

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 11:28:04 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.986569937505464
Encrypted:	false
SSDEEP:
MD5:	5A0B3D44DD379445F2384C0CDBE910F1
SHA1:	6A5E4015D544EC6FC6CE6FDBC56DABBC0B09CF03
SHA-256:	42FC10D998FD69C7653E6BB728A2C940959B99F6095925E1437D6F1F9D755519
SHA-512:	81A4F2D1B454D2E2175F10BE3F95A616FBAF4752FE9C3B395BC93D120B442AF0CF51FEE7068078B6B7D6F7DBFBE40793A1B443891F0A86B82439FEF068357E4A
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....g.a........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I\|Xyc....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V\|X.c....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V\|X.c....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V\|X.c...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V\|X.c...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........6.u......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 11:28:04 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.002784808504526
Encrypted:	false
SSDEEP:
MD5:	1B206B1F501CA3872F1D4C0E963352D9
SHA1:	21A078E500D76CD0FCEF67A6C83A2FFC7835108A
SHA-256:	52A61BBCA2FABE78A6F13C35D7158B99D065064D456314617AF8A79F68861B16
SHA-512:	F419E60EFC7A7104B2D3FADED13277C4D1081B9A777F08C3F0502E9E689874A16BD0A9E1F1D5294EF339DA35B6827BCCF9BC31A5C8F068C0BD04BB6053AD59A5
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......wa........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I\|Xyc....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V\|X.c....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V\|X.c....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V\|X.c...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V\|X.c...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........6.u......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.013511099048905
Encrypted:	false
SSDEEP:
MD5:	42DE1D9D78C2E3532DC66893677C6EB2
SHA1:	7A0FDAE9F113D5EDD34CBEC59D773E87AA565A3F
SHA-256:	173D3DB9E97D477AF79B3C2B26BF9D532183C74EC16EBCEB73E12CC8E1F7A929
SHA-512:	EB3C861529EBAA3C8B8D6D5DC09260D7D3E41B1F23A0EC22391DEEB7D6FF70E34EB19317498DB92CE777DF3D0CD4F9AAE9DE9B262922991C05900CCA70E540ED
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....v. ;.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I\|Xyc....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V\|X.c....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V\|X.c....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V\|X.c...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.N...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........6.u......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 11:28:04 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	4.000867927531164
Encrypted:	false
SSDEEP:
MD5:	EA3EF62D9715FCF8051BE94717F1726C
SHA1:	4FF0B446FDD019E502A50B52EBF2F4A141FD146D
SHA-256:	D0EEBA83A0F208FF9EFB328B74614BBA2EC9C8B7A418257C41CB2D9DAD580B59
SHA-512:	07234D746A06A27F69DC4941A01892E4C8E0039701A5FF39F84A1BE545074FCFE4FC3B47C0542863795CD82169DE493521B994BB9A501CD7CD02AADB1F8200E4
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......pa........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I\|Xyc....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V\|X.c....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V\|X.c....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V\|X.c...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V\|X.c...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........6.u......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 11:28:04 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9870343535318256
Encrypted:	false
SSDEEP:
MD5:	20E5E58C0E783EB3F2518367ABAAC498
SHA1:	998494219742F8E30268491B15D71974CEB0579F
SHA-256:	B18F97FE837ED5DA5A4A3F24E8E376EA988DEB30FC76308B40F143973E9A09A9
SHA-512:	BF3DB3B9A3EE65D67A43A5427D6CE57C72327CBD15C80C3AF053EEF27AA865B200D4309E5FF25FDE3C957264F0861ED585791BF0B0AD68B2CC0152E93BA3DCC1
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....H\|a........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I\|Xyc....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V\|X.c....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V\|X.c....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V\|X.c...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V\|X.c...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........6.u......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 11:28:03 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.999133636688683
Encrypted:	false
SSDEEP:
MD5:	9A503BB2D28C4E54B2254FC9A09619AE
SHA1:	5206423E68DF26D386BDA0908CCEA5280BCA4D54
SHA-256:	1741D21E4596E68024A0D6C2F513BBC115C3772D1D6831A8BF106FB04C9BC4B3
SHA-512:	15ADAD0A9149F9C40AD1CC5BA54E1DBDF2E07B430F1377A5762B884717DB63B3D988A27ECD5C6D4D980369918AA15EF1DF352F455B398E4C028ACE6A5413BD01
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....$Ofa........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I\|Xyc....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V\|X.c....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V\|X.c....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V\|X.c...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V\|X.c...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........6.u......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65397)
Category:	downloaded
Size (bytes):	1094986
Entropy (8bit):	5.141674212555581
Encrypted:	false
SSDEEP:
MD5:	117A0293F33B4043A4778ABE2D7BBB46
SHA1:	4067D0281CC6127C21CB43A84762294986C706B7
SHA-256:	C8D8CD29AEF41228AF33306C8B7EC2DF2A64706B0E71C60EA1B562513949F0C9
SHA-512:	6027A29E8F6A69D058F0D44427AFBD064BFE585C97D2D12663C911010EB61FD779B611BD48F7AE038406A835D64EB6C827816CB8A2ABBEAF34E24C6401B5E154
Malicious:	false
Reputation:	unknown
URL:	https://b2723a579581.38f2a8b0.us-east-1.token.awswaf.com/b2723a579581/5108d44f345a/2cfda0766689/challenge.js
Preview:	/! <!-@preserve AWS WAF Integration Developer Guide <https://docs.aws.amazon.com/waf/latest/developerguide/waf-javascript-sdk.html>--> /.var a2_0x7ffe=['master\x20secret','Engravers\x20MT','setItem','major','bytesToIP','encoding','actualIssuer','scrollBy','1795QKEOcd','Secure\x20random\x20number\x20generation\x20is\x20not\x20supported\x20by\x20this\x20browser','Mesquite\x20Std','digestLength','sha512-256','CONTEXT_SPECIFIC','voucherAndUpdateToken','testBit','challengePassword','rsaEncryption','Certificate\x20is\x20not\x20trusted.','email','Shift','handleInteractionEvent','setBit','mousemove','paste','HASH_BYTE_LENGTH','Adobe\x20Kaiti\x20Std\x20R','https:','X509\x20CERTIFICATE','2.5.4.42','formatSeed','ElementTelemetry','WHICH_PROPERTIES','oscillator','bagValue','record_iv_length','Encryption\x20block\x20is\x20invalid.','Integer\x20too\x20large;\x20max\x20is\x2032-bits.','yes','bindWafInputTelemetry','Verdana','scrypt:\x20N\x20is\x20out\x20of\x20range','TOUCH_EVENT','openid.assoc_hand

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (432)
Category:	downloaded
Size (bytes):	15291
Entropy (8bit):	4.829530571053295
Encrypted:	false
SSDEEP:
MD5:	41B884169BEEA8D5214D180D513C86DD
SHA1:	29B0D2E71AA40F9B97637BE976837D138DAC557C
SHA-256:	3D5D6660F89168E6C1065A990F2DC434590682C04D6C2CAE3048F003C8AA3E84
SHA-512:	0A160319F76BAB3718D3B8EE109C5322CC7FD7A73898CAFF3DED37E2C3A6CC5C59AF4BA462589F1E1DBCDE3146A4274BC4C7BCE4DBD2F0B0ABC337C4D9FBF936
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/utils.js
Preview:	// Description: This file contains utility functions for the application...export function createStore(initialState, subscribers = []) {. return new Proxy(initialState, {. get: function (obj, prop) {. return obj[prop];. },.. set(state, key, value) {. const oldState = { ...state };.. state[key] = value;.. subscribers.length > 0 &&. subscribers.forEach((callback) => callback(state, oldState, key));.. return state;. },. });.}..export function addClass(el, classes = []) {. classes.length && el.classList.add(...classes);.}..export function removeClass(el, classes = []) {. classes.length && el.classList.remove(...classes);.}..export function handleInputFormat({ target, formatter }) {. const node = target; // vanilla javascript element. let cursor = node.selectionStart; // store cursor position. const lastValue = target.value; // get value before formatting.. const formattedValue = formatter({ value: lastValue, input: node });. target.value

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	69
Entropy (8bit):	4.215030923737321
Encrypted:	false
SSDEEP:
MD5:	1E07B1F0561718948A8C5D4E27BF35FE
SHA1:	BE52BE187FD676107EE0109A67FB5E71F3CB8865
SHA-256:	86445D043D040DD3C7DE24A05603172D85196DD7991F0F5EB7104C7CA1FB6710
SHA-512:	D0FA84AF9A4E68F8B8E5B6EBCFA1E1B9FC8D500611F1E7B595B13D705A27C7B2CA5F2E4D20ACD797E00F63975267DEBB75890830DDC1FD45E37F5F0AABCFFB50
Malicious:	false
Reputation:	unknown
Preview:	failed to parse request: EOF while parsing a value at line 1 column 0

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	19
Entropy (8bit):	3.6818808028034042
Encrypted:	false
SSDEEP:
MD5:	595E88012A6521AAE3E12CBEBE76EB9E
SHA1:	DA3968197E7BF67AA45A77515B52BA2710C5FC34
SHA-256:	B16E15764B8BC06C5C3F9F19BC8B99FA48E7894AA5A6CCDAD65DA49BBF564793
SHA-512:	FD13C580D15CC5E8B87D97EAD633209930E00E85C113C776088E246B47F140EFE99BDF6AB02070677445DB65410F7E62EC23C71182F9F78E9D0E1B9F7FDA0DC3
Malicious:	false
Reputation:	unknown
Preview:	404 page not found.

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (20033)
Category:	downloaded
Size (bytes):	20122
Entropy (8bit):	5.258931209414637
Encrypted:	false
SSDEEP:
MD5:	31032B08BD8E72220462D3F54F8BD69A
SHA1:	871D6EF1070BD363EA390E0C8C384E47DCE7F389
SHA-256:	C212F4B505A86352AED62B24A8F16F999F821ECBE6456C7F3C8A04BC87968782
SHA-512:	4CF8763B1960D73A7E933DE7140D02E6F542EA5786FFA9A6D73F7E980F35308E5E69456A6AC3CB3BC0AE93880C1788147CFE5EB51EF7AE053FF0F34CB127ACA1
Malicious:	false
Reputation:	unknown
URL:	https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js
Preview:	/*. @popperjs/core v2.11.8 - MIT License. /..!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e\|\|self).Popper={})}(this,(function(e){"use strict";function t(e){if(null==e)return window;if("[object Window]"!==e.toString()){var t=e.ownerDocument;return t&&t.defaultView\|\|window}return e}function n(e){return e instanceof t(e).Element\|\|e instanceof Element}function r(e){return e instanceof t(e).HTMLElement\|\|e instanceof HTMLElement}function o(e){return"undefined"!=typeof ShadowRoot&&(e instanceof t(e).ShadowRoot\|\|e instanceof ShadowRoot)}var i=Math.max,a=Math.min,s=Math.round;function f(){var e=navigator.userAgentData;return null!=e&&e.brands&&Array.isArray(e.brands)?e.brands.map((function(e){return e.brand+"/"+e.version})).join(" "):navigator.userAgent}function c(){return!/^((?!chrome\|android).)safari/i.test(f())}function p(e,o,i){void 0===o&&(o=!1),

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65462)
Category:	downloaded
Size (bytes):	214663
Entropy (8bit):	5.343586314852058
Encrypted:	false
SSDEEP:
MD5:	01CF65BD25484EE1F4279B0B280A3DCD
SHA1:	168810F12DD5E87040F0BB249F073E11BBB29AF5
SHA-256:	75060A4E7D446728CC58BF2D672D0FEAAB5C76D87F4A1A6E7C1312E2D6C6B0ED
SHA-512:	D8A2B74E72DB23B624FD48911C1ADD99C635DDCBCC296B23B8F2D610169439A4144B1EE449A4C8429F1B67C5651A578C1612BF3EC062400F95DECE117511C58A
Malicious:	false
Reputation:	unknown
URL:	https://cdn.livechatinc.com/widget/static/js/0.ab0f66ca.chunk.js
Preview:	/! For license information please see 0.ab0f66ca.chunk.js.LICENSE.txt /.(this["webpackJsonp@livechat/chat-widget"]=this["webpackJsonp@livechat/chat-widget"]\|\|[]).push([[0],{0:function(e,t,n){"use strict";e.exports=n(467)},1:function(e,t,n){"use strict";function r(){return(r=Object.assign\|\|function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var r in n)Object.prototype.hasOwnProperty.call(n,r)&&(e[r]=n[r])}return e}).apply(this,arguments)}n.d(t,"a",(function(){return r}))},101:function(e,t){e.exports=function(){for(var e=arguments.length,t=new Array(e),n=0;n<e;n++)t[n]=arguments[n];for(var r=t[0],o=1,a=t.length;o<a;o++)r=t[o](r);return r}},110:function(e,t){e.exports=function(){var e=[];return function(t,n){if(0===t){var r=n;e.push(r),r(0,(function(t){if(2===t){var n=e.indexOf(r);n>-1&&e.splice(n,1)}}))}else for(var o,a=e.slice(0),i=0,u=a.length;i<u;i++)o=a[i],e.indexOf(o)>-1&&o(t,n)}}},12:function(e,t,n){"use strict";function r(e,t){return t\|\|(t=e.slice(0)),e.raw=t,

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text
Category:	downloaded
Size (bytes):	512
Entropy (8bit):	4.636384607447266
Encrypted:	false
SSDEEP:
MD5:	FF51C4827E2451438F11E16546E0F68C
SHA1:	2A98274157F263EE7BBB2E23BC0B4AA7DA0AE8C3
SHA-256:	671950C46A92135B2065475D34EC5E1957B280D79F5C731D65D1B501C8F196E1
SHA-512:	C0CBE0B5FBAA2E45B9F752A1529B24C33C707F7E1C3A05C3BFF61A358E8CFA4CADA4018EF7A6D759AC817C848457E05E7137F64A4CECEEFA485264D03F48B447
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/footerJS.js?v=99.91
Preview:	/* eslint-disable */..class Footer {. async init() {. if (!window.options.hasToken) {. this.initLiveChat();. }. }.. initLiveChat() {. const liveChatEls = document.querySelectorAll('.live-chat');.. for (const liveChatEl of liveChatEls) {. liveChatEl.addEventListener('click', () => {. if (typeof LiveChatWidget !== 'undefined') {. LiveChatWidget.call('maximize');. }. });. }. }.}..(async () => {. const footer = new Footer();. await footer.init();.})();.

Chrome Cache Entry: 114

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text
Category:	downloaded
Size (bytes):	1155
Entropy (8bit):	4.6347407870044
Encrypted:	false
SSDEEP:
MD5:	159B4FAB855460DED82768D65CEA7126
SHA1:	1B10055FA8B409CB7B4CB5B21460C54AB6557CE4
SHA-256:	C4081FE59A702BBE95E354596B8A2E86AD4E8C797A565EF896371772AD9E0759
SHA-512:	57462DA0941A6DA9ED11E1FFE58FADBF66C29B7238CED95D66C03A9B7663897EA92BB998B423369485A0D1B95CA5DBA031BC199AC7F4F58BA020D7E82A05BBF3
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/licenseSearch.js
Preview:	import { validateForm, validators, replaceChars } from './utils.js';..class LicenseSearch {. licenseForm = null;. VALIDATION = {. license: validators('license'),. state: validators('state'),. };.. async init() {. this.licenseForm = document.getElementById('licenseForm');.. if (!this.licenseForm) {. return;. }.. this.licenseForm?.addEventListener('submit', (e) => {. e.preventDefault();. let data = {. license: '',. state: '',. };.. let formData = new FormData(e.currentTarget);.. const isValid = validateForm({. form: this.licenseForm,. formData,. validations: this.VALIDATION,. });.. if (!isValid) {. return;. }.. for (const [key, value] of formData.entries()) {. data[key] = replaceChars({ str: value });. }.. this.licenseForm.classList.add('loading');.. const url =. `/report/license-plate/${data.state}/${data.license}`.toLowerCase();.. window.lo

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (11177), with no line terminators
Category:	downloaded
Size (bytes):	11187
Entropy (8bit):	4.803346094631711
Encrypted:	false
SSDEEP:
MD5:	6D2E5B84AFCC736BAE37AB6B8FD7136C
SHA1:	DC22B4A3DE90190A2E0B6D1DF8E38936E2D1263A
SHA-256:	F3EED13CCD710FFAF4EF95F14DDC049DDADB04DDD3F9757DF83473B78A1B0EA8
SHA-512:	7870F14B03FD0DCD6860FEE0454DE9B9EF010975F72DB5CDE8E2D04965F0B6BEAB30300E1F64A58A355482DF632A95718AF24E971E5DF19C1188D00B13F53E34
Malicious:	false
Reputation:	unknown
URL:	https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=fbfa97e0-9676-4eb0-ae25-20a2fe455f1b&version=8b4136637a184fd9fc32b59b8d4ec45a_fac0d8e99347586364d322fba4bcc707&language=en&group_id=0&jsonp=__lc_localization
Preview:	__lc_localization({"Add_alternative_text":"Add alternative text","Add_image_alternative_text_confirmation":"Add alternative text to the %name% image","Agents_currently_not_available":"Our agents are not available at the moment.","Agents_not_available":"Our agents are not available at the moment.","Agents_not_available_continuous":"Our agents are not available right now, but you can still send messages. We'll notify you at your email address when you get a reply.","Alt_text":"alt text","Alternative_text_description":"Alternative text is essential for people with disabilities who use screen readers","Ask_for_email_confirmation":"Thanks! You'll hear from us at:","Ask_for_email_question":"Sorry, but I won't be able to reply as soon as I thought. Please leave your email so I can get back to you later.","Assistly_ticket_created":"A support ticket has been created for your case.","Assistly_ticket_notification":"You will be emailed at %email% when it's resolved.","Attach_screenshot":"Attach a

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text
Category:	downloaded
Size (bytes):	3138
Entropy (8bit):	4.768507757564804
Encrypted:	false
SSDEEP:
MD5:	16B666C59C40D77D9CE50D9510BD669D
SHA1:	D67FC9014A926855CA9B2A5A315BFE3FD5FE5B89
SHA-256:	35CAF170D4B23A7B9ED388AEC0068A12115B5B8D9E9113145BF9245B7B26BA2E
SHA-512:	3BDB76406827A4C14374C944A8B00C9259175CFD729038130308A05859EB15E06E66A200CE1850DB244BD59794E34C4B0B089BAAF1BFB43B38CBAE78524CDC3C
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/backgroundSearch.js
Preview:	import { validateForm, validators } from './utils.js';..class BackgroundSearch {. backgroundCheckForm = null;. VALIDATION = {. name: validators('name'),. first: validators('first'),. last: validators('last'),. middle: validators('middle'),. city: validators('city'),. min: validators('min'),. max: validators('max'),. state: validators('state'),. };.. async init() {. this.checkFormEvent({. baseUrl: '/report/background-check/search',. formEl: document.getElementById('backgroundCheckForm'),. });. this.checkFormEvent({. baseUrl: '/report/dmv-records/search',. formEl: document.getElementById('dmvForm'),. });. }.. dialogInit() {. this.dialog = document.getElementById(`spell-check-dialog`);. this.dialogContent = document.getElementById(`spell-check-dialog-content`);. }.. spellCheckDialog(resp) {. this.dialog?.showModal();. this.dialog?.classList.remove('hidden');.. // eslint-disable-next-line no-undef. Common.fet

Chrome Cache Entry: 117

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (481)
Category:	downloaded
Size (bytes):	3472
Entropy (8bit):	4.799165027293966
Encrypted:	false
SSDEEP:
MD5:	1F417FD7BB1F7538943722AE0A1DB33A
SHA1:	59BE4B2CF2F21A720D7A12E86DACAC3D848717C6
SHA-256:	49D1F38F9F93D5AD64479F97EC09ED6C4BE93E74D70004D3525D796ACD0598F9
SHA-512:	B6C451711874687B73D3F516442AF98F5D12F347B35C07724D72237A61BA6A6196400362ECB622BD0CFB3927F4566D739D80C7143FB402110DCA0887BC6670A0
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/icons.js
Preview:	export function getSvgPath({ name, className = '', viewBox = '0 0 24 24' }) {. const icons = {. accountBox:. '<path d="M6,17C6,15 10,13.9 12,13.9C14,13.9 18,15 18,17V18H6M15,9A3,3 0 0,1 12,12A3,3 0 0,1 9,9A3,3 0 0,1 12,6A3,3 0 0,1 15,9M3,5V19A2,2 0 0,0 5,21H19A2,2 0 0,0 21,19V5A2,2 0 0,0 19,3H5C3.89,3 3,3.9 3,5Z" />',. clear:. '<path fill-rule="evenodd" d="M10 18a8 8 0 100-16 8 8 0 000 16zM8.707 7.293a1 1 0 00-1.414 1.414L8.586 10l-1.293 1.293a1 1 0 101.414 1.414L10 11.414l1.293 1.293a1 1 0 001.414-1.414L11.414 10l1.293-1.293a1 1 0 00-1.414-1.414L10 8.586 8.707 7.293z" clip-rule="evenodd"></path>',. clock:. '<path d="M12,20A8,8 0 0,0 20,12A8,8 0 0,0 12,4A8,8 0 0,0 4,12A8,8 0 0,0 12,20M12,2A10,10 0 0,1 22,12A10,10 0 0,1 12,22C6.47,22 2,17.5 2,12A10,10 0 0,1 12,2M12.5,7V12.25L17,14.92L16.25,16.15L11,13V7H12.5Z" />',. close:. '<path d="M19,6.41L17.59,5L12,10.59L6.41,5L5,6.41L10.59,12L5,17.59L6.41,19L12,13.41L17.59,19L19,17.59L13.41,12L19,6.41Z" />',. cu

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	32
Entropy (8bit):	4.601409765557392
Encrypted:	false
SSDEEP:
MD5:	882984D13316EF6543B9D416BC8FF2EB
SHA1:	8F52A50440F9761F7FB0268D242B2E08E0F1926B
SHA-256:	4DA5B7769D048A8B981CA03ED5303A176723B1148375B147F3EE1E8E6F65FBC9
SHA-512:	533165DBB0B8B49CB565A3EDB8C350A79E8514B31BD6C5A177018456DC78E174384607A31EEC89CB945AE6C4EBFC4BC4683405372F5A26FABA1380802595BC68
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAmIReqLETS9yBIFDXhvEhkSEAmQzOWqUF7aSxIFDRfYX5s=?alt=proto
Preview:	CgkKBw14bxIZGgAKCQoHDRfYX5saAA==

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	116460
Entropy (8bit):	5.142261070568073
Encrypted:	false
SSDEEP:
MD5:	FBD67794D76BB805F0410267EF0953B6
SHA1:	7DE3E228F06114FAB60E1AA25168ECCB720E3743
SHA-256:	3B727C583D8F6E2AE53A17D255CCCC3AC0789206F29A6A99C379DC755B392EA0
SHA-512:	0CCB78AD67E4F53F259FA9F890FFB710F4A1ABFE6D2E5478F866EB69DF865820D7FC61B2B43FFAE4832EF673838801CEA42A49DA16FA80ED74F738F8B2CAA654
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/_next/static/css/a8feb2fa26c08fc4.css
Preview:	/! tailwindcss v3.4.1 \| MIT License \| https://tailwindcss.com/*,:after,:before{border:0 solid #e5e7eb;box-sizing:border-box}:after,:before{--tw-content:""}:host,html{line-height:1.5;-webkit-text-size-adjust:100%;font-family:ui-sans-serif,system-ui,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji;font-feature-settings:normal;font-variation-settings:normal;tab-size:4;-webkit-tap-highlight-color:transparent}body{line-height:inherit;margin:0}hr{border-top-width:1px;color:inherit;height:0}abbr:where([title]){-webkit-text-decoration:underline dotted;text-decoration:underline dotted}h1,h2,h3,h4,h5,h6{font-size:inherit;font-weight:inherit}a{color:inherit;text-decoration:inherit}b,strong{font-weight:bolder}code,kbd,pre,samp{font-family:ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,Liberation Mono,Courier New,monospace;font-feature-settings:normal;font-size:1em;font-variation-settings:normal}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relati

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text
Category:	downloaded
Size (bytes):	4408
Entropy (8bit):	4.712125385158325
Encrypted:	false
SSDEEP:
MD5:	EC18FEFFD31CD2E2745765F905B8FDA0
SHA1:	7A530A8B90741BD1A11FED84A64BE5E1074D4D35
SHA-256:	6F3EA63117791E2532BEB989875E8DF453A0CE4EA49A2C39606A9ED4D444114A
SHA-512:	19DA2ADD0B89F080BA76538621C3DD645570C30E6EA68332F5F7442162F5D6D507B9BCE215A000DA58E00C52F849C11B9851040150089AC1C91100C432E85FE6
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/signIn.js?v=99.91
Preview:	import { handleErrors, validateForm, validators } from './utils.js';.import emailSpellChecker from 'https://cdn.jsdelivr.net/npm/@zootools/email-spell-checker/+esm';.const VALIDATION = {. email: validators('email'),.};.class SignIn {. signInForm = null;. emailField = null;.. async init() {. this.signInForm = document.getElementById('signInForm');. this.loginSuggestionEl = document.getElementById('loginSuggestion');. this.emailField = this.signInForm?.querySelector('input[name="email"]');.. if (!this.signInForm) {. return;. }.. this.signInForm?.addEventListener('submit', async (e) => {. e.preventDefault();. await this.handleSubmit(e);. });.. const debouncedValue = this.debounce(async (event) => {. event.target.value = event.target.value.trim();.. this.setSuggestion(event.target.value);. this.suggestionEvent();. });.. this.emailField.addEventListener('input', debouncedValue);. }.. setSuggestion(value) {. const suggestio

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65462)
Category:	downloaded
Size (bytes):	336110
Entropy (8bit):	5.505839168964963
Encrypted:	false
SSDEEP:
MD5:	2B3C8D6B828FE4015E5F830E20AAD26E
SHA1:	B8D5D7A7F0D88C353848716628D62FA033582E07
SHA-256:	CDBD96360D396C9DC4174BDA775E43C570DAFF9618D299C350B8C11BA27A88DD
SHA-512:	0CD0C071FF2D218543247E6EC31E171E29CC8CE7E73756115522B45B71E277A8BEA1BB124F15251CD909933752FE3141963D79D8A46C46864071BD56A1C1427E
Malicious:	false
Reputation:	unknown
URL:	https://cdn.livechatinc.com/widget/static/js/1.732937b7.chunk.js
Preview:	/! For license information please see 1.732937b7.chunk.js.LICENSE.txt /.(this["webpackJsonp@livechat/chat-widget"]=this["webpackJsonp@livechat/chat-widget"]\|\|[]).push([[1],{10:function(e,t,n){e.exports=n(501)()},100:function(e,t,n){"use strict";var r=n(0),i=function(e,t){"function"!==typeof e?e.current=t:e(t)};t.a=function(e,t){var n=Object(r.useRef)();return Object(r.useCallback)((function(r){e.current=r,n.current&&i(n.current,null),n.current=t,t&&i(t,r)}),[t])}},120:function(e,t,n){"use strict";function r(){return(r=Object.assign\|\|function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var r in n)Object.prototype.hasOwnProperty.call(n,r)&&(e[r]=n[r])}return e}).apply(this,arguments)}var i=n(0),u=n(135),o=n(88),a=n(179),s=n(193),c=u.a,l=function(e){return"theme"!==e},f=function(e){return"string"===typeof e&&e.charCodeAt(0)>96?c:l},d=function(e,t,n){var r;if(t){var i=t.shouldForwardProp;r=e.__emotion_forwardProp&&i?function(t){return e.__emotion_forwardProp(t)&&i(t)}:i

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, was "tmpc32vauyc", last modified: Mon Mar 25 18:18:55 2024, max compression, original size modulo 2^32 258414
Category:	downloaded
Size (bytes):	83656
Entropy (8bit):	7.996812845137281
Encrypted:	true
SSDEEP:
MD5:	A638BF7F47EA9A583AF982BF50D8CF41
SHA1:	EA4A1A95DEA1FA130CA6A067AB08DCD617C66496
SHA-256:	3827A7E78F4BB513D10331ABB351FA6170325DD398C48412DA8FE17EAE3D806F
SHA-512:	6081A4F4E876F87427CB14E8D368C856886421D7CF62F8C3160B943DFC97F62282549A10E87F9C7E313300F7263A2919D7C5A2B4AFFA43336238CD4D65C72949
Malicious:	false
Reputation:	unknown
URL:	https://edge.fullstory.com/s/fs.js
Preview:	.......f..tmpc32vauyc..k[...(.}...7..=.cC.v:..&8.6..I./.....t{..!..~.J.V_L2....}.Z....RUI.....\.da.....N.8]....+.....q....1....l2.Q\|..z........&P>.... .Q.....@\./x..F.Wi:M........$.J...zu./..j...d%..+.(...$Y.....GQL....5..nw...cl.`..&..V..:..U,..SC.p(.4.%....F.#]..N.)i,F..Y.....q......MD.w..4.C7....Q.Hxz.Gi..M..........gg..p&.$.....m.qp..djKY......g...T..E..te!.T.S.\.H.oCh~....8.L..%7......o.Q...^P=.....E.k.0..R......K...v!..'..c....I....<.'.7.$...r../.t... z.Q....B..l.....a........D7.\|0.)....>.....5....)...nle..7C.coF..[s*...TU..q..#..;..X...ev..4iLxx.^u..#..=......p..s...-...^G...h......!b.j{"cD.&Xl...v..+\|h.Z$..\.3.....aO...>.1.a>!..FA:.....f&wd..8.........(v..8...w....L[.o.s./....q.k..`..........Y....b0..!d.n.L^...K......e..$8.v.%0.m.;`M....9T.........1...V6...3......#..15>.hA@...7c.......].G.@.d ?...d..aX....3.%.kn".j.....7gY..l..o0..6..U.GY.......u...o....>3..y,.x..X9.......f..dQ...u...@S.ge....=....-!v....h..S.....$...0..84....>....A

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, original size modulo 2^32 4263
Category:	dropped
Size (bytes):	1268
Entropy (8bit):	7.821470090724944
Encrypted:	false
SSDEEP:
MD5:	8FC658E422BCB51B66C5E3C93CFA089A
SHA1:	EB865B83B5B6D646C3847E58990618EC9364ED45
SHA-256:	BB451E0D112513B9A5CAFA2C9D4C00EB481CF833C27950515C601C89348CBA3D
SHA-512:	D907E0E4675D7CEEA7FDA9E53170D80DA441723C8C4E44A3F693EDD549022AF594270CC0017850D9D72CCDC6AA0C5975FCC68094999428C3E00F49E72209163B
Malicious:	false
Reputation:	unknown
Preview:	...........W_o.....C.e+...v/..{...;.v..v.C...2mk.%....E...l'uR.i...O...M.^.....`Ub....~......T..>..^5M3..<....D...H.9G.9..h..._..(5..E.u...=5.5k6...}.Hs0.[..zq..wX.vt.......-.H..G..Z~g......E">...m..Y3.l]cW2....&..^\.A.D..5_...[.!4..k.........r.Q.G.d...Y....+..)Wy..?.%....A.L.:....Fs.j..G...){j...t...-..:....I.'[!..]....3.7.X{!..gEx...g.....H...gD.7.J....N.7..t.L..fl..k.{q.T ..0..P.T..P.HE %.q.X;...)..1....Ga.Q;=....q2`.w2wT.\....F.`x.sU...^.bx....>.....i..zi.c.p.T.....Nv.X..`..;0.V......<U.1.u>..2./.N.f.v.6S5.p..P.n......"R.j..6x.9L.....h.Y..O.{..F.1{.=.].h.............2.0..]..........T%P.=...r....-j(.A..#.j).!..&g$u....t.v}.E(..f`..kg-...Q...A[p9.T....x/.I.i...G.O.;j....rr....Q.sY....u..5f2h...YgqhC`.^U.G..f.....H.:....6..Nq...lC......./.........v.......u&V..>...Z.'..N......m.rxl.3......... ..;2..:......../....E...,.z..2...zC:`..k.t.J?..l...e.....a.7.Z.2..k5..l..@.gq.m....{..lG...l..fs.5....s.......\..h.dd.K.%.p..t......CZq$......&.

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	186
Entropy (8bit):	4.712496643099425
Encrypted:	false
SSDEEP:
MD5:	B6BA82C37C780E791616F8F4D5CA5772
SHA1:	EFA54D817926FA08DEAA77DB53DBD93521D97B39
SHA-256:	7B23628656640102C1C313D5CC07B5C4747AEBE0C14B8AA0F2B0773E5B0FD197
SHA-512:	0F91EBBA603879CCFE270DB25ADD89134FE8D36205F05683DF6272EA82FE017FF582D3F26D46F50F5483C2AF46E2686B66FEFD7944B583D93E99C56577EE67AF
Malicious:	false
Reputation:	unknown
Preview:	{"config": {"enable_collect_everything": true}, "toolbarParams": {}, "isAuthenticated": false, "supportedCompression": ["gzip", "gzip-js"], "featureFlags": [], "sessionRecording": false}

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Java source, ASCII text
Category:	downloaded
Size (bytes):	3419
Entropy (8bit):	4.858412385039098
Encrypted:	false
SSDEEP:
MD5:	E6A18A39A3E18F0C7FB72B27D2C71C2C
SHA1:	9FA30224A1BE10D0FF1C9F4371CE748B22B9249A
SHA-256:	1915C28609ED0BA17ABBBCC5A69E7CF64C0669AED78FA160E01765D07CB54870
SHA-512:	A9E63FC6BD28B1542D0F2A6B55CD20FF443C07D8F4EE8FA9CB2798B924E8BE5C8A9C8110F42FC83F474FCAD70945EC0E66453B06CA95DDCAB1CA528CCE017D50
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/input.js
Preview:	import { getSvgPath } from './icons.js';.import { createStore } from './utils.js';..const clearSVG = () =>. getSvgPath({. name: 'clear',. className: 'w-5 h-5 flex-shrink-0 text-gray-500 cursor-pointer',. viewBox: '0 0 20 20',. });..export function createInput({. attrs = [],. className = '',. clear = true,. inputClass = '',. id,. placeholder,. type = 'text',. value = '',. variation = 'primary',.}) {. const inputAttrs = [. `id="${id}"`,. `name="${id}"`,. `type="${type}"`,. inputClass ? `class="px-4 ${inputClass}"` : `class="px-4"`,. placeholder ? `placeholder="${placeholder}"` : '',. `value="${value}"`,. attrs.length ? attrs.join(' ') : '',. ];. const clearBtn = clear. ? `<div id="${id}-clear" class="absolute inset-y-0 right-0 flex items-center rounded-r-md px-2 focus:outline-none hidden">. ${clearSVG()}. </div>`. : '';. return `. <div class="relative textbox ${variation} ${className}">. <input ${inputAttrs.join('

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text
Category:	downloaded
Size (bytes):	15037
Entropy (8bit):	4.748737549807445
Encrypted:	false
SSDEEP:
MD5:	B18AD4AB5B06DEB7AAF90E85D1149520
SHA1:	4D75E82A22112F55916FFA7FFC47414AF0B99065
SHA-256:	4F616132C432A8399FAF0C0DCC582999C5E6BC6C7A5F1AA14DE6E6A0328147B8
SHA-512:	1BDB98C3A221F90C5BCB3DA67ED1AF8C0C0F323E12557B0C776816C2FE8D1FED1F328A17133881581CC6DB089C0FCC993FB871F827596E9CC3214D448C461133
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/modal.js
Preview:	export const VanillaModal = () => {. const FOCUSABLE_ELEMENTS = [. 'a[href]',. 'area[href]',. 'input:not([disabled]):not([type="hidden"]):not([aria-hidden])',. 'select:not([disabled]):not([aria-hidden])',. 'textarea:not([disabled]):not([aria-hidden])',. 'button:not([disabled]):not([aria-hidden])',. 'iframe',. 'object',. 'embed',. '[contenteditable]',. '[tabindex]:not([tabindex^="-"])',. ];.. class Modal {. constructor({. targetModal,. triggers = [],. onShow = () => {},. onClose = () => {},. openOnLoad = false,. disableOutsideClick = false,. header = true,. openTrigger = 'data-modal-trigger',. closeTrigger = 'data-modal-close',. openClass = 'is-open',. disableScroll = true,. disableFocus = false,. awaitCloseAnimation = true,. awaitOpenAnimation = true,. debugMode = false,. }) {. // Save a reference of the modal. this.modal = document.getElementById(targetModal);

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6667)
Category:	downloaded
Size (bytes):	7034
Entropy (8bit):	5.408636707232574
Encrypted:	false
SSDEEP:
MD5:	0FD091E722879EB7F37FB6973EE29DA7
SHA1:	D394A7E90FB4A03BC1EF06537DE2AC49F4AB0728
SHA-256:	7CA33522EA393D846A5FF8084F4D660AF0AD3A946248A05AC6E78F038BF149AC
SHA-512:	2D0CCCE88ACB7DE31883DCC13B5F608B71A2DDE4BA5F63F50C24563B251B52ECD65EF4182E2197918B26F38D35824BD258FAA4432DBE09BD2C8958488D814E41
Malicious:	false
Reputation:	unknown
URL:	https://cdn.jsdelivr.net/npm/@zootools/email-spell-checker/+esm
Preview:	/*. Bundled by jsDelivr using Rollup v2.79.1 and Terser v5.19.2.. * Original file: /npm/@zootools/email-spell-checker@1.12.0/dist/index.js. . Do NOT use SRI with dynamically generated files! More information: https://www.jsdelivr.com/using-sri-with-dynamic-files. */.var e="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{},t={},o={},n={},l={};Object.defineProperty(l,"__esModule",{value:!0}),l.default=function(e,t){if(!e)throw new Error(t)};var a=e&&e.__importDefault\|\|function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(n,"__esModule",{value:!0});const r=a(l);n.default=function(e){r.default(Array.isArray(e.domains),"domains must be an array"),r.default(Array.isArray(e.topLevelDomains),"topLevelDomains must be an array"),r.default(Array.isArray(e.secondLevelDomains),"secondLevelDomains must be an array"),r.default("function"==typeof e.distanceFunction,"distanceFunction must

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text
Category:	downloaded
Size (bytes):	457
Entropy (8bit):	4.694396473480766
Encrypted:	false
SSDEEP:
MD5:	DCD6C51F84332AD850ECD52DCC737346
SHA1:	050B6847A2E2A43A37E3F2B6A5F9FDCB384706FE
SHA-256:	26D91E36B34E39DA40D0A5BF20CB6E3F1DD5F9354D93009A156EE9FFCD42DAE7
SHA-512:	3F67DB556D2CC6EA6B9BFF5D5D5A84B5E200DCC94C167898F4A761E3C9E9CD9C0DD101926CAB0E5B2D1C979FF45B209193C4BBAFE23CB424AEE7D4154166FECC
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/searchJS.js?v=99.91
Preview:	import { initSimpleSearch } from './simpleSearch.js';.import { initVinSearch } from './vinSearch.js';.import { initLicenseSearch } from './licenseSearch.js';.import { initBackgroundSearch } from './backgroundSearch.js';..class SearchJS {. init() {. initSimpleSearch().then();. initBackgroundSearch().then();. initVinSearch().then();. initLicenseSearch().then();. }.}..(async () => {. const searchJS = new SearchJS();. searchJS.init();.})();.

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5955)
Category:	downloaded
Size (bytes):	304317
Entropy (8bit):	5.5695889435783
Encrypted:	false
SSDEEP:
MD5:	281B665DCE0E872B5BE62FF32A602F7D
SHA1:	32431178D12007C1C501A73E1F5F78F5A93037C1
SHA-256:	0536A74C92731288AF93B44CED417F17163C38CD1ABB26D476C489261F722219
SHA-512:	C69ED44A68BDB275A39A0432827B75C6F1CB6E3113BB6FFDBF0D54D09F83B3C99C294E015FED76E4E864AF57F8DEC5F672EDBB39CFEBBA7056006DEB922267DB
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/js?id=G-LNZJZ8PED8&l=dataLayer&cx=c
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"vtp_signal":0,"function":"__c","vtp_value":0},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0},{"vtp_signal":0,"function":"__c","vtp_value":0},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_1p_data_v2","priority":14,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_email

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text
Category:	downloaded
Size (bytes):	1728
Entropy (8bit):	4.522027969690421
Encrypted:	false
SSDEEP:
MD5:	567231BFC075F516D904E9588F3DF267
SHA1:	563D5B543C2947B2DE7C46E5B2CDAA9E9AA2EA4E
SHA-256:	489FDB668B5D4312E047E914959B656ED2E85860F530F027102CD941609468A5
SHA-512:	B598F41AD14D531EB9272161901E454A7F82D84F7FD72194201C85B4D94FBBD1CBA0517442834388B1055785470C24A25C3F1339791219934B07B99D73965DCC
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/vinSearch.js
Preview:	import {. handleErrors,. handleInputFormat,. replaceChars,. validateForm,. validators,.} from './utils.js';..class VinSearch {. vinForm = null;. vinInput = null;. VALIDATION = {. vin: validators('vin'),. };.. async init() {. this.vinForm = document.getElementById('vinForm');. this.vinInput = this.vinForm?.querySelector('input#vin');.. if (!this.vinForm) {. return;. }.. this.vinInput?.addEventListener('input', ({ target }) =>. handleInputFormat({. target,. formatter: ({ value }) => {. const v = replaceChars({ str: value });. return v.length > 17 ? v.slice(0, 17) : v;. },. }). );.. this.vinForm?.addEventListener('submit', (e) => {. e.preventDefault();. let data = {. vin: '',. };.. let formData = new FormData(e.currentTarget);.. const isValid = validateForm({. form: this.vinForm,. formData,. validations: this.VALIDATION,. cb: ({ isValid, field

Chrome Cache Entry: 135

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text
Category:	downloaded
Size (bytes):	1300
Entropy (8bit):	4.790127162105703
Encrypted:	false
SSDEEP:
MD5:	ADF4EE33D1E5527BFCBC3BFBFA71144C
SHA1:	688185031A717E235EC4C3142F3757CA52F4A314
SHA-256:	297F8E95808A63E724ECA9B326F8DDA412E115E7243E587BAF8046BCA571AB27
SHA-512:	0FDFA0BAC92E1FF053E25BB31AC72B62A2431C446C694C516C0DE2F70A2A59E9AEA86A0ED0382EEA827C2182E4E3223455F16747B27AF9742DC38E41B5A6E958
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/menuJS.js?v=99.91
Preview:	/* eslint-disable */.class MenuJS {. constructor({ user }) {. const test = 'balls';. this.pageName = window.options.pageName;. this.user = user;. }.. menuActivator = [];.. async init() {. this.menuActivator = document.querySelectorAll('[data-type="modal"]');. this.logoutBtns = document.querySelectorAll('[data-logout]');.. this.enabledMenu();.. if (this.user) {. this.menuActivator.forEach((activator) => activator?.remove());. this.logoutBtns?.forEach((btn) =>. btn?.addEventListener('click', this.handleLogout). );. }.. if (!this.user) {. await Common.loadCustomScript({. name: 'accountJS',. id: 'accountJS',. module: true,. });.. this.menuActivator.forEach((el) => {. this.loggedOutMenu({ el, id: el.dataset.modalId });. });. }. }.. async handleLogout() {. await Common.createData('/api/cookie/remove?name=odrUser');. location.reload();. }.. enabledMenu() {. this.menuActivator.f

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	554637
Entropy (8bit):	5.444656673468298
Encrypted:	false
SSDEEP:
MD5:	733A24C1CD86BB9F077F2AF39F92B6E3
SHA1:	8DC6CE5083A0CD32057B7C25EBD6A7CC9FADCB7C
SHA-256:	4CF0C8DBF0403D072C35B9747E500B10B07835386FD677B5A026104574C6572D
SHA-512:	1D0DE418DBDB70E740BEE8B1B2C97113B4C798DF1CB9FEF09BDBBFE80079C0D5689E71CE1F12F0B5D8687768B7C7FF13A569D6206B36512A6D81C1A345A3BB63
Malicious:	false
Reputation:	unknown
URL:	https://cdn.livechatinc.com/widget/static/js/iframe.6d8e8de9.chunk.js
Preview:	(this["webpackJsonp@livechat/chat-widget"]=this["webpackJsonp@livechat/chat-widget"]\|\|[]).push([[13,7,20],[,,function(e,t,n){"use strict";function r(e,t){return e+t}n.d(t,"a",(function(){return a})),n.d(t,"c",(function(){return c})),n.d(t,"d",(function(){return s})),n.d(t,"e",(function(){return m})),n.d(t,"b",(function(){return b})),n.d(t,"f",(function(){return v})),n.d(t,"g",(function(){return h})),n.d(t,"h",(function(){return g})),n.d(t,"i",(function(){return O})),n.d(t,"j",(function(){return y})),n.d(t,"k",(function(){return j})),n.d(t,"l",(function(){return w})),n.d(t,"m",(function(){return C})),n.d(t,"n",(function(){return x})),n.d(t,"p",(function(){return _})),n.d(t,"q",(function(){return E})),n.d(t,"r",(function(){return L})),n.d(t,"s",(function(){return I})),n.d(t,"o",(function(){return k})),n.d(t,"t",(function(){return u})),n.d(t,"u",(function(){return A})),n.d(t,"v",(function(){return z})),n.d(t,"w",(function(){return M})),n.d(t,"x",(function(){return P})),n.d(t,"y",(function

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	downloaded
Size (bytes):	91233
Entropy (8bit):	5.1783540555636245
Encrypted:	false
SSDEEP:
MD5:	A935D79C6D851F85A1B0E0E57D4FD5B5
SHA1:	81039B3F982CD0D7904DF754AED9982AA63DAFDC
SHA-256:	D58914292E70FD4EF272AE4933983440B44A37AAB23C61F6BEAE77765DECAAA8
SHA-512:	45991CC0589D47B0C3B1337EEDFDB0B6214B53947E0BE9CE6F118BA6517E8EB87EFA5E377B9C464DCBC92F90DF835F25C828A13BBA7C1534222C5A1AD4FE166B
Malicious:	false
Reputation:	unknown
URL:	https://cdn.livechatinc.com/tracking.js
Preview:	!function(){"use strict";var e=function(){var e=setTimeout;function t(){}function n(e){if(!(this instanceof n))throw new TypeError("Promises must be constructed via new");if("function"!=typeof e)throw new TypeError("not a function");this._state=0,this._handled=!1,this._value=void 0,this._deferreds=[],c(e,this)}function i(e,t){for(;3===e._state;)e=e._value;0!==e._state?(e._handled=!0,n._immediateFn((function(){var n=1===e._state?t.onFulfilled:t.onRejected;if(null!==n){var i;try{i=n(e._value)}catch(e){return void o(t.promise,e)}r(t.promise,i)}else(1===e._state?r:o)(t.promise,e._value)}))):e._deferreds.push(t)}function r(e,t){try{if(t===e)throw new TypeError("A promise cannot be resolved with itself.");if(t&&("object"==typeof t\|\|"function"==typeof t)){var i=t.then;if(t instanceof n)return e._state=3,e._value=t,void a(e);if("function"==typeof i)return void c((r=i,u=t,function(){r.apply(u,arguments)}),e)}e._state=1,e._value=t,a(e)}catch(t){o(e,t)}var r,u}function o(e,t){e._state=2,e._value=

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32087)
Category:	downloaded
Size (bytes):	217290
Entropy (8bit):	5.416547450443907
Encrypted:	false
SSDEEP:
MD5:	5AB36F2873642A1312D01D82AEA25220
SHA1:	5FA8040DF2E5E8502C2500B4FD870D14DB71C7DF
SHA-256:	8213DB20FBEF6AB3F2A9AA5E8CA2220EA9FCA0DA391C45C04EABBAB02293F98A
SHA-512:	2FB9182EA5B29A491F01AFB82CBD127BA258A8F5B548529A59D117C9B3869BD514B177DDDCC1FAEFE76F8508AFC93FF997707403211410FDB51EF7EBCF57B90F
Malicious:	false
Reputation:	unknown
URL:	https://cdn-4.convertexperiments.com/js/10042119-10045919.js
Preview:	if(typeof(window['convert'])=='undefined' \|\| typeof(window['convert']['doUseBackupData'])=='undefined') {.window['convertData']={"device":{"mobile":false,"tablet":false,"desktop":true},"geo":{"country":"US","city":"WASHINGTON","continent":"NA","state":"DC"}};.var convert_temp = convert_temp \|\| {}; convert_temp.data = {"u_id":"10042119","prj":{"utc_of":"0","extset":{"ga":{"on":false,"type":"ga4"},"g_jq":false,"autlnk":false,"ecommerce":true,"d_anon":true,"gdprw":true,"dnt":"0","maxordv":99999,"minvis":5,"minconv":5,"stopTrackingGoalsAfterDays":30,"srm_check":false,"smart_recommendations":true,"stats_engine_processing":{"stats_type":"frequentist","power":80,"test_type":"one_tail","multiple_comparison_correction":"sidak","power_calculation_type":"none","fixed_mde":1,"decision_threshold":95},"mindays":999,"csmb":"$","gaUA":[],"minordv":0},"id":"10045919","name":"Project #10045919","global_d":{"js":"","css":""},"domains":{"propertyrecs.com":["propertyrecs.com"]},"domainsCount":1},"experimen

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	48
Entropy (8bit):	4.321854365656768
Encrypted:	false
SSDEEP:
MD5:	06FCFF9AD2CFBF648406A13875BD7E38
SHA1:	1C3620D1038C1578A3B5E21E80C0523123E1E304
SHA-256:	9A970E1A236FE3E8F4A13AC7FF4E00C30809380E97B856FF6575BC2A38BBBDD6
SHA-512:	DC781A227E30ED8C62D42029B2E81100CFF50D1991FF577A2F17C1039533E7A84596121A43E627D821D9F4804A6E88A9EBE8635C558E01F72595BB4A59DA75C1
Malicious:	false
Reputation:	unknown
Preview:	{"code":400,"message":"HTTP method not allowed"}

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	174
Entropy (8bit):	4.4435858534741
Encrypted:	false
SSDEEP:
MD5:	0133A1F266F4740A5D50DE1410FC1CA5
SHA1:	64955AA4F31415A69929B984665530F3C8C65E1D
SHA-256:	94C5140FFBCABF14891B919CB87810EF0B7307CFE424DFFE47D25FB5FD6A551C
SHA-512:	D6534F3C3305B72BDAEEE3C11CF0C193832E07DE6BBC2D41F577B7C25927BEB2F69DA987E57953BAACE421A805A91A26CDB2125ACAE99C3B7E84272B219E91EE
Malicious:	false
Reputation:	unknown
Preview:	{"type": "validation_error", "code": "no_data", "detail": "No data found. Make sure to use a POST request when sending the payload in the body of the request.", "attr": null}

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (419), with no line terminators
Category:	downloaded
Size (bytes):	419
Entropy (8bit):	5.109592665893999
Encrypted:	false
SSDEEP:
MD5:	F5568B124141679926DC7E3153A453AF
SHA1:	AF6A0188BCE0D4741E2B3763D9E678C9219A07AA
SHA-256:	2732BE75DF9AFDB1177400C68800A770D29ACFAAEC2FD16C052194909CC015FB
SHA-512:	77540D7E3CE43450B9384DCD291CCA09E92A62B01237ED5CA8B73A96C783A4C9544A725407F0A286A7DF5745609D54717EE7737EC26A9FCDA65D8DF616B3DA3E
Malicious:	false
Reputation:	unknown
URL:	https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=7139371&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fwww.onlinedatareports.com%2F&channel_type=code&jsonp=__1yrpdsq2m7r
Preview:	__1yrpdsq2m7r({"organization_id":"fbfa97e0-9676-4eb0-ae25-20a2fe455f1b","livechat_active":true,"livechat":{"group_id":0,"client_limit_exceeded":false,"domain_allowed":true,"online_group_ids":[0,1,2,3,4,5,6,7,8,9,10,11,12,13],"config_version":"3358.8.8.664.196.22.10.21.9.8.9.14.2","localization_version":"8b4136637a184fd9fc32b59b8d4ec45a_fac0d8e99347586364d322fba4bcc707","language":"en"},"default_widget":"livechat"});

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text
Category:	downloaded
Size (bytes):	4003
Entropy (8bit):	4.45876219763689
Encrypted:	false
SSDEEP:
MD5:	953BD0BE9019BE176DF46BF60BE4E250
SHA1:	9CCE71283347F585CD8EFD592E4539E4750C58E8
SHA-256:	BE6F6C27F27274B739DCC73252750E85C5E54F7EC30AF304030CC2ED8C759AE6
SHA-512:	E6267E849636023EED607FA3C3AD8DAE395F861BFA54A2721BE857A4539A5257350723A2C3BE3F92A840E4511BB74FF9268AA11D0BCDD4784A56D8C27088AE62
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/reportPopper.js?v=99.91
Preview:	/* eslint-disable */.class ReportPopper {. init({ id, placement, open }) {. this.poppers = [];. this.popperEls = document.querySelectorAll(`${id ? `#${id}` : '.popover'}`);. this.id = id;. this.open = open;. this.options = {. modifiers: [. {. name: 'arrow',. options: {. padding: 8,. },. },. {. name: 'offset',. options: {. offset: [0, 12],. },. },. {. name: 'preventOverflow',. options: {. padding: 8,. },. },. ],. placement,. strategy: 'absolute',. };.. this.getPopperElements();. this.handleOutsideClick();.. return this.poppers;. }.. getPopperElements() {. this.popperEls?.forEach((popperEl, idx) => {. const activator = document.getElementById(`${popperEl.id}-activator`);. const popper = Popper.createPopper(activator, popperEl, this.options);. this.poppers.push(popper)

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	124074
Entropy (8bit):	5.332501046360603
Encrypted:	false
SSDEEP:
MD5:	0E6E6F4CDE03FD2F120CCB8390B5C744
SHA1:	09C97325ACDB05D1E22D2C3847A9F6F5BC6C5B6A
SHA-256:	E080965FB244B4AD1A49D3F81039AAA85B994616C9D201005D719BF20D6CCC69
SHA-512:	78D6767017C70BAF91AAE1F1EF921D06DFD8B8AB3DA63DC67CDBF6D76AB5CBDCC1EA8A4E0DA97CFD89AFB8594C59D68BA64DDCF25F6D5A1E89A4D9AE0ECD7972
Malicious:	false
Reputation:	unknown
URL:	https://app.posthog.com/static/array.js
Preview:	!function(){"use strict";function e(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);t&&(i=i.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,i)}return n}function t(t){for(var n=1;n<arguments.length;n++){var i=null!=arguments[n]?arguments[n]:{};n%2?e(Object(i),!0).forEach((function(e){o(t,e,i[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(i)):e(Object(i)).forEach((function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(i,e))}))}return t}function n(e){return n="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},n(e)}function i(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}function r(e,t){for(var n=0;n<t.length;n++){var i=t[n];i.enumerable=i.enumer

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7471), with no line terminators
Category:	downloaded
Size (bytes):	7471
Entropy (8bit):	5.135374209152143
Encrypted:	false
SSDEEP:
MD5:	9D99E4B0E32837D363AB1AC852A965A9
SHA1:	6D8E0E4776D6F7D57A4EFE7FD4E32F245506C984
SHA-256:	B256A4B825999B59C79C48FEA373A012C75537C37B5A5D70C9A3FD6E538B866A
SHA-512:	27853A70CC8B8A0459B9B17B6019DF5DF118219CF0320D9CE6417BEB9DE30835DAE825FA81B60CC5C7713B70219B5C2FDC42DBE4ABCD44F69F21E674F4A02868
Malicious:	false
Reputation:	unknown
URL:	https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=fbfa97e0-9676-4eb0-ae25-20a2fe455f1b&version=3358.8.8.664.196.22.10.21.9.8.9.14.2&group_id=0&jsonp=__lc_static_config
Preview:	__lc_static_config({"buttons":[{"id":"662550aeb3","type":"image","online_value":"https://cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Flivechat.s3.amazonaws.com%2Fdefault%2Fbuttons%2Fbutton_online007.png","offline_value":"https://cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Flivechat.s3.amazonaws.com%2Fdefault%2Fbuttons%2Fbutton_offline007.png"},{"id":"79079a76e6","type":"text","online_value":"Live chat now","offline_value":"Leave us a message"},{"id":"eeXMes8SCkz","type":"image","online_value":"https://cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Flivechat.s3.amazonaws.com%2Fdefault%2Fbuttons%2Fset_15%2Fw_green_on.png","offline_value":"https://cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Flivechat.s3.amazonaws.com%2Fdefault%2Fbuttons%2Fset_15%2Fw_green_off.png"},{"id":"eP5lXxuYULx","type":"image","online_value":"https://cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Flivechat.s3.amazonaws.com%2Fdefault%2Fbuttons%2Fbutton_online002.png","offline_value":"https://cdn.livechatinc.com/cloud/?uri=

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (8911), with no line terminators
Category:	downloaded
Size (bytes):	8911
Entropy (8bit):	5.658715676446487
Encrypted:	false
SSDEEP:
MD5:	639DED0028835007B6FB6598ED8A8971
SHA1:	794D0BB33F6F9615E10677F7F681102397753EA5
SHA-256:	C5E24AAF7357F17D5C951F656EB9BB0F04B835E70CD39FBDFDB14C7407EDB80A
SHA-512:	422896CE9BBA4088E23001437A954ED82C9CDCC9A7C4229B676D7A2950BAE24742D0A3C8100FE61E696CF4F097A8D445744349DA8B765246236E341ECFBF03DC
Malicious:	false
Reputation:	unknown
URL:	https://secure.livechatinc.com/customer/action/open_chat?license_id=7139371&group=0&embedded=1&widget_version=3&unique_groups=0
Preview:	<!doctype html><html lang="en"><head><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no"/><meta name="theme-color" content="#000000"/><meta name="google" value="notranslate"/><link rel="canonical" href="https://secure.livechatinc.com/"/><link rel="preconnect" href="https://cdn.livechatinc.com"/><link rel="preconnect" href="https://api.livechatinc.com"/><title>Contact us via LiveChat!</title><meta name="description" content="Have any questions? Talk with us directly using LiveChat."/><meta property="og:type" content="website"/><meta property="og:title" content="Contact us via LiveChat!"/><meta property="og:description" content="Have any questions? Talk with us directly using LiveChat."/><meta property="og:image" content="https://cdn.livechatinc.com/direct-link/livechat-chat-with-us.png"/><meta name="twitter:card" content="summary_large_image"/><meta name="twitter:title" value="Contact us via LiveChat!"/><meta name="twitter:descripti

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	571
Entropy (8bit):	4.997458443665004
Encrypted:	false
SSDEEP:
MD5:	B01FBC12F390BC2E887EE7AA9E7F4B7E
SHA1:	EC881C993A14055D26542A45DD2EB6130D45BA85
SHA-256:	27A6FBF70F156DD3EEB00B6161B06092E1B8A72D525D9501CA5DEB0D939B43CD
SHA-512:	D4FD647B3AAB75D2ED71B2EF5F7496BB6A73E935A3E93EF29847E7988759B22B0869DE370568338FC540B761AE7CE708FC40736EE44E32C085A104D25E838485
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/manifest.json
Preview:	{"name":"onlinedatareports, Property Records Lookup \| Property Owner Records By Address","short_name":"onlinedatareports","description":"Search Property History Ownership Records & More! Try Our Online Database Now. View Detailed & Reliable Property Records Online. Get Verified Results Now.","icons":[{"src":"/android-chrome-192x192.png","sizes":"192x192","type":"image/png"},{"src":"/android-chrome-512x512.png","sizes":"512x512","type":"image/png"}],"theme_color":"#FFFFFF","background_color":"#FFFFFF","start_url":"/","display":"standalone","orientation":"portrait"}.

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	52419
Entropy (8bit):	7.987274917798557
Encrypted:	false
SSDEEP:
MD5:	765C172D0422922DFB6960CF93FA8B02
SHA1:	E49115FD67231F2ED81B00747BA91EAADF12BE99
SHA-256:	A466FFD8FE7D30E63460B37950D31FB803AEF73DD73A8152CFA6DB14CA15A2CE
SHA-512:	18423F1A81881066224C157105425C1662C657E01F17F0FD2A979E2D2641A5EA316930C243FC167499E93C7F71F20864B704766A368749182AB7CFF5D52069FF
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/android-chrome-192x192.png
Preview:	.PNG........IHDR.............R.l.....sRGB....... .IDATx^.K.e.q.VU.z..O..$.dS..umJ0p-.T..C.0...L..k.i...d....22`#...2.@....2.5.#V._^YV..n._.w.y..^k.U.Wk....W.%.[..............o...ykkK.,.[[[.c..................[o...JJD...f.'I.UU.%..U].!,.......of.cKUuLD.!....6.EdGDJ3.D."R.jdf.1r.......4M..k..x>^....LD...kB.E].si.....D.GDs..3s....."...hdf.......yHD......~Y...w..=...9sF......g......7.\|.g.w:......mll.......+..?f......X.~...U./R`.[.8{.l8y.e)u]K.$:....<...?.A\|.dqq1..z.t:u.^.u.B...c.{+@..`e...+.3..W.f...VU....cfU.$1..a...-.2.Y..'.........,.......!................^"....V.f..Uj("..CX.l..X...`?.N..^o.e...}...U.......Y_.VVV..+...n_.{.....W^q.___.......!.2...[.....).....,S.>1.,.4.X03.......9......"..!D4a.~.a.D....i:.....U5X.j!.+K.$1af.*..L"..f.>.\|.N.....k.....s...j...c.r.P.U.;......c.23.ubf..>........U...,..t:.....H;.N...+......../...~..n.[o.e..........w..g.M......B...a...(.Xw.....U.J.B..Na.C..41F.:\|i(B.Z.".._.D..b7{..x..C..'.(.t.$.$....).~.!.f.

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (38062)
Category:	downloaded
Size (bytes):	38224
Entropy (8bit):	5.245265694070223
Encrypted:	false
SSDEEP:
MD5:	9658EE950C87FCBDBB0C48DE33A17CD9
SHA1:	813E936E5C044B4D20365FDCBA5AD89409DA1BE7
SHA-256:	E1800623C74046E01E90BD3F29A3939F4DF7D51316C975A00281265F5AB9A8DE
SHA-512:	4E74FAD78D3E57B991018FF878780EAA7698D15CCF346FEC1BD20201E5E4AFCD75676DA62851D12BA7E6E4753EAD3BADF5EFCA5032B549F770F4955F1363F17F
Malicious:	false
Reputation:	unknown
URL:	https://static.woopra.com/js/w.js
Preview:	/!. Copyright (c) 2024 Woopra, Inc.. . For license information please see https://static.woopra.com/js/w.js.LICENSE.txt. */..!function(){"use strict";function t(t){return void 0===t}var e="object"==typeof global&&global&&global.Object===Object&&global,n="object"==typeof self&&self&&self.Object===Object&&self,i=e\|\|n\|\|Function("return this")(),o=i.Symbol,a=Object.prototype,r=a.hasOwnProperty,s=a.toString,c=o?o.toStringTag:void 0;var u=Object.prototype.toString;var l=o?o.toStringTag:void 0;function h(t){return null==t?void 0===t?"[object Undefined]":"[object Null]":l&&l in Object(t)?function(t){var e=r.call(t,c),n=t[c];try{t[c]=void 0;var i=!0}catch(t){}var o=s.call(t);return i&&(e?t[c]=n:delete t[c]),o}(t):function(t){return u.call(t)}(t)}function d(t){var e=typeof t;return null!=t&&("object"==e\|\|"function"==e)}function f(t){if(!d(t))return!1;var e=h(t);return"[object Function]"==e\|\|"[object GeneratorFunction]"==e\|\|"[object AsyncFunction]"==e\|\|"[object Proxy]"==e}var p=function(){r

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text
Category:	downloaded
Size (bytes):	13862
Entropy (8bit):	4.799558060158127
Encrypted:	false
SSDEEP:
MD5:	1B3D077F3BB7C97F294D232714C642D8
SHA1:	4C4629F14477B50684903ABFA8DDF1F66EC97FE6
SHA-256:	C3FFC38913C07D19FDB055FE08DF1BA85B28A9F5DD62FAFF6B1D35AD7FC8F70C
SHA-512:	5E07DE74BE1521406D9338469875814DF42DB66C03A9BD325E6CAF4B43DB084C1B9B3AA8B56370086A0F8425D236B6D62DA700097B58B07BEA153CBC8967404A
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/simpleSearch.js
Preview:	/* eslint-disable no-unused-vars /./ eslint-disable no-undef */..class SimpleSearch {. constructor() {. this.inputEl = null;. this.dropdownEl = null;. this.loadingEl = null;. this.clearEl = null;. this.searchResults = [];. this.stateEl = null;. this.state = null;. this.headerHtml = null;.. this.useAddressSearch = false;. this.useCitySearch = false;. this.useNameSearch = false;. this.useVinSearch = false;. this.useLicenseSearch = false;.. this.user = window.options.user;. this.isLoggedIn = false;. }.. setDefaults(el) {. this.inputEl = el.querySelector('[data-id="search-input"]');. this.page = el.querySelector('[data-name]');. this.dropdownEl = el.querySelector('[data-id="search-dropdown"]');. this.dropdownHeaderEl = el.querySelector(. '[data-id="search-dropdown-header"]'. );. this.dropdownBodyEl = el.querySelector('[data-id="search-dropdown-body"]');. this.loadingEl = el.querySelector('[data-id="search-loading"]

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text
Category:	downloaded
Size (bytes):	3267
Entropy (8bit):	4.685926325517405
Encrypted:	false
SSDEEP:
MD5:	76200595AD6B5469201835C91A1A8B51
SHA1:	2ADDBB11C79466E65F12513A53BC010C7660ADE1
SHA-256:	E2F66E34CA383F66CCBD00D98746CAED383873CC7E96CF30A473CFB694010CA6
SHA-512:	89583FC0BA0E27660539F3EE7BCC5E22731930CDCE8BD4480F447324BCBD16CF722814F52B84DF63DB8D46924812D7BEC8F88A27B11B2F62C5DFE349622C49E7
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/contactUs.js?v=99.91
Preview:	/* eslint-disable */.import { validateForm, addClass, removeClass, validators } from './utils.js';..class ContactUs {. contactForms = null;. user = null;. VALIDATION = {. 'contact-email': validators('contact-email'),. 'contact-name': validators('contact-name'),. 'contact-message': validators('contact-message'),. };. async init({ user } = {}) {. this.contactForms = document.querySelectorAll('.contact-form');. this.user = user;.. this.contactForms?.forEach((form, idx) => {. const contactForm = form;. const submitBtn = contactForm.querySelector('button');. const { toEmail } = form.dataset;.. submitBtn?.addEventListener('click', async (e) => {. e.preventDefault();. let data = {. 'contact-email': '',. 'contact-name': '',. 'contact-message': '',. };.. let formData = new FormData(contactForm);.. const isValid = validateForm({. form: contactForm,. formData,. valid

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5557)
Category:	downloaded
Size (bytes):	207596
Entropy (8bit):	5.535068208192378
Encrypted:	false
SSDEEP:
MD5:	B4E2745D17EEC199D4EE4708714E2A3C
SHA1:	DF17500844D2A13FCB2A2E0926384A697F3F2997
SHA-256:	187BEA2752D6F7562867F31CC83F7548A12D40866E72D684C2EC515089EC6F39
SHA-512:	5A6B9280FD2326538C0A79BAD730ADDC53F220B3E4F602DBB6AE68FD663F5926448DC9D3708390AA1DE52313F6766638CA3403D82FB4EBC37DCC2B4E75050124
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtm.js?id=GTM-N57LZGJ
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"134",. . "macros":[{"function":"__e"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"click_value"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"click_tracking"},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__f","vtp_component":"URL"},{"function":"__e"},{"function":"__v","vtp_name":"gtm.element","vtp_dataLayerVersion":1},{"function":"__v","vtp_name":"gtm.elementClasses","vtp_dataLayerVersion":1},{"function":"__v","vtp_name":"gtm.elementId","vtp_dataLayerVersion":1},{"function":"__v","vtp_name":"gtm.e

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
Category:	dropped
Size (bytes):	34494
Entropy (8bit):	4.357322900802312
Encrypted:	false
SSDEEP:
MD5:	E2E00681524827329EC6E6724A9F3F65
SHA1:	D940FA946DC33B8A4862905B8FBDF415F69D78BA
SHA-256:	16983963FEDF4C36135CFF37C7A2B380B3953C0B801731AC507A87F4E3849481
SHA-512:	14C39B8D3D7C9B415760AAA86B48361B65731072730039F8FF99749826F28727BB043846FFDFBAED9FD139E4710ACCE7B5656A68AA15E1696F3B428F8EF1070D
Malicious:	false
Reputation:	unknown
Preview:	............ .h...V......... ......... .... .....F...00.... ..%......@@.... .(B...D..(....... ..... ................................................L............h....................................................................<.........................................T.......H......................................t.......V.......F.......8.......2....................................H.......>.......0.......&...........V...............r...............................................................X...8.............................`...*.......&...................f...b...2...&...V...>...4...\...f..........j.......X......$..........................&...r................~...z...<.......&......J...~...H...T...r...H..............n...$...............0......V...................&...............R...........................,..................................................................................r.......D...^..............n...2...............(..

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C++ source, ASCII text
Category:	downloaded
Size (bytes):	13465
Entropy (8bit):	4.724617161754813
Encrypted:	false
SSDEEP:
MD5:	AB00CAA054B8719DE495B413C22C70A3
SHA1:	6A36931F1BB5DCFC841737BF3E507249F879622C
SHA-256:	EDD11F645B35649E35F73514ECFD7F59233854C42BE4BFEBCFC97807D6483091
SHA-512:	97DC7A1C36872C596653C0FB3045DE5114EB9AF0DF82682EEA5ACB6B22E91DAF74FD22A48262CA38DFEF976334B028074EECAE1D8948BAA292FCFCB810D3857C
Malicious:	false
Reputation:	unknown
URL:	https://www.onlinedatareports.com/scripts/accountJS.js?v=99.91
Preview:	/* eslint-disable */.import { VanillaModal } from './modal.js';.import { getSvgPath } from './icons.js';.import { clearInput, createInput, handleInput } from './input.js';.import { createStore, validateEmail } from './utils.js';..class AccountJS {. init(id) {. this.id = id;. this.type = null;. this.modalEl = null;. this.modalState = createStore(. {. value: 'login',. loading: false,. },. [this.updateModalState.bind(this)]. );.. this.formState = {. email: '',. pin0: '',. pin1: '',. pin2: '',. pin3: '',. };.. this.modalInstance = VanillaModal();.. this.modalInstance.init({. disableOutsideClick: true,. header: false,. openOnLoad: true,. openTrigger: `data-modal-${id}`,. onClose: () => {. this.setModalState('login');. this.clearFormState();. this.removeErrors();. this.removeSuccessMessages();. },. });.. this.createModalElements();.. return this

Static File Info

⊘No static file info

Description:	Adversaries may gain access to a system through a user visiting a website over the normal course of browsing. With this technique, the user's web browser is typically targeted for exploitation, but adversaries may also use compromised websites for non-exploitation behavior such as acquiring Application Access Token .
Tactics:	Initial Access
Data Sources:	Application Log: Application Log Content, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Process: Process Creation
Platforms:	Linux, macOS, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Chrome Cache Entry: 131

Chrome Cache Entry: 133

Chrome Cache Entry: 135

Chrome Cache Entry: 136

Chrome Cache Entry: 137

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 143

Chrome Cache Entry: 144

Chrome Cache Entry: 145

Chrome Cache Entry: 146