Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://us-west-2.protection.sophos.com/?d=venmo.com&u=aHR0cHM6Ly92ZW5tby5jb20vaWRlbnRpdHkvdW5zdWJzY3JpYmU_dj0zJmNvZGU9MmI3MDFhZjQwYzc4NzMwYTYyMTFhNWFhMzQwYTRiMWYwNzk5ZDE1OGU4YzIxZGZlYWE2MjYzMDZlZDQ2YTE3MCZ1YT1maQ==&p=m&i=NjI3Mjc4OTk0MGU3YTAxM2U2ZWIxMDY3&t=bU1WbGVZYlp3UnR5S2JybzBreHV4dXRpaWFMV2M5Rks

Overview

General Information

Sample URL:	https://us-west-2.protection.sophos.com/?d=venmo.com&u=aHR0cHM6Ly92ZW5tby5jb20vaWRlbnRpdHkvdW5zdWJzY3JpYmU_dj0zJmNvZGU9MmI3MDFhZjQwYzc4NzMwYTYyMTFhNWFhMzQwYTRiMWYwNzk5ZDE1OGU4YzIxZGZlYWE2MjYzMDZlZDQ2Y
Analysis ID:	1432116

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Found iframes

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden URLs or javascript code

Stores files to the Windows start menu directory

Classification

×

Process Tree

System is w10x64_ra

chrome.exe (PID: 6948 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://us-west-2.protection.sophos.com/?d=venmo.com&u=aHR0cHM6Ly92ZW5tby5jb20vaWRlbnRpdHkvdW5zdWJzY3JpYmU_dj0zJmNvZGU9MmI3MDFhZjQwYzc4NzMwYTYyMTFhNWFhMzQwYTRiMWYwNzk5ZDE1OGU4YzIxZGZlYWE2MjYzMDZlZDQ2YTE3MCZ1YT1maQ==&p=m&i=NjI3Mjc4OTk0MGU3YTAxM2U2ZWIxMDY3&t=bU1WbGVZYlp3UnR5S2JybzBreHV4dXRpaWFMV2M5RkszZUNMdWp2UkVaVT0=&h=4ce9b067fcbf486e8f27561ce3d3058e&s=AVNPUEhUT0NFTkNSWVBUSVaS8c9jSpZcrH9uvMBTWALM8OUVCaCMDIwUwmubUWsN9g MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6688 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1892,i,3655692631994588421,10116829612921713129,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://id.venmo.com/signin?country.x=US&locale.x=en&ctxId=AAFqUKczEO2Mzi6hqpJdn-Xx0dXM7bawZ5Fjg4OpBcOC-np1pt4kDmQfLr3i2QO6W-noUKfbwNF2PGao5AsbV98=#/lgn	HTTP Parser: Iframe src: /auth/recaptcha/grcenterprise_v3.html
Source: https://id.venmo.com/signin?country.x=US&locale.x=en&ctxId=AAFqUKczEO2Mzi6hqpJdn-Xx0dXM7bawZ5Fjg4OpBcOC-np1pt4kDmQfLr3i2QO6W-noUKfbwNF2PGao5AsbV98=#/lgn	HTTP Parser: Iframe src: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Source: https://id.venmo.com/signin?country.x=US&locale.x=en&ctxId=AAFqUKczEO2Mzi6hqpJdn-Xx0dXM7bawZ5Fjg4OpBcOC-np1pt4kDmQfLr3i2QO6W-noUKfbwNF2PGao5AsbV98=#/lgn

HTTP Parser: Number of links: 0

Source: https://id.venmo.com/signin?country.x=US&locale.x=en&ctxId=AAFqUKczEO2Mzi6hqpJdn-Xx0dXM7bawZ5Fjg4OpBcOC-np1pt4kDmQfLr3i2QO6W-noUKfbwNF2PGao5AsbV98=#/lgn

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://id.venmo.com/auth/recaptcha/grcenterprise_v3.html

HTTP Parser: Base64 decoded: https://id.venmo.com:443

Source: https://id.venmo.com/signin?country.x=US&locale.x=en&ctxId=AAFqUKczEO2Mzi6hqpJdn-Xx0dXM7bawZ5Fjg4OpBcOC-np1pt4kDmQfLr3i2QO6W-noUKfbwNF2PGao5AsbV98=#/lgn

HTTP Parser: <input type="password" .../> found

Source: https://id.venmo.com/auth/recaptcha/grcenterprise_v3.html	HTTP Parser: No favicon
Source: https://id.venmo.com/auth/recaptcha/grcenterprise_v3.html	HTTP Parser: No favicon
Source: https://id.venmo.com/auth/recaptcha/grcenterprise_v3.html	HTTP Parser: No favicon
Source: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly9pZC52ZW5tby5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=tnbgrglpioih	HTTP Parser: No favicon

Source: https://id.venmo.com/signin?country.x=US&locale.x=en&ctxId=AAFqUKczEO2Mzi6hqpJdn-Xx0dXM7bawZ5Fjg4OpBcOC-np1pt4kDmQfLr3i2QO6W-noUKfbwNF2PGao5AsbV98=#/lgn

HTTP Parser: No <meta name="author".. found

Source: https://id.venmo.com/signin?country.x=US&locale.x=en&ctxId=AAFqUKczEO2Mzi6hqpJdn-Xx0dXM7bawZ5Fjg4OpBcOC-np1pt4kDmQfLr3i2QO6W-noUKfbwNF2PGao5AsbV98=#/lgn

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.193.120.112:443 -> 192.168.2.16:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.193.120.112:443 -> 192.168.2.16:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49871 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.208.86.113
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	DNS traffic detected: DNS query: us-west-2.protection.sophos.com
Source: global traffic	DNS traffic detected: DNS query: venmo.com
Source: global traffic	DNS traffic detected: DNS query: account.venmo.com
Source: global traffic	DNS traffic detected: DNS query: www.paypalobjects.com
Source: global traffic	DNS traffic detected: DNS query: jssdkcdns.mparticle.com
Source: global traffic	DNS traffic detected: DNS query: identity.mparticle.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: cdn.optimizely.com
Source: global traffic	DNS traffic detected: DNS query: c.paypal.com
Source: global traffic	DNS traffic detected: DNS query: c6.paypal.com
Source: global traffic	DNS traffic detected: DNS query: b.stats.paypal.com
Source: global traffic	DNS traffic detected: DNS query: id.venmo.com
Source: global traffic	DNS traffic detected: DNS query: slc.stats.paypal.com
Source: global traffic	DNS traffic detected: DNS query: www.recaptcha.net
Source: global traffic	DNS traffic detected: DNS query: t.paypal.com
Source: global traffic	DNS traffic detected: DNS query: www.paypal.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 23.193.120.112:443 -> 192.168.2.16:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.193.120.112:443 -> 192.168.2.16:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49871 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@18/75@60/288

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://us-west-2.protection.sophos.com/?d=venmo.com&u=aHR0cHM6Ly92ZW5tby5jb20vaWRlbnRpdHkvdW5zdWJzY3JpYmU_dj0zJmNvZGU9MmI3MDFhZjQwYzc4NzMwYTYyMTFhNWFhMzQwYTRiMWYwNzk5ZDE1OGU4YzIxZGZlYWE2MjYzMDZlZDQ2YTE3MCZ1YT1maQ==&p=m&i=NjI3Mjc4OTk0MGU3YTAxM2U2ZWIxMDY3&t=bU1WbGVZYlp3UnR5S2JybzBreHV4dXRpaWFMV2M5RkszZUNMdWp2UkVaVT0=&h=4ce9b067fcbf486e8f27561ce3d3058e&s=AVNPUEhUT0NFTkNSWVBUSVaS8c9jSpZcrH9uvMBTWALM8OUVCaCMDIwUwmubUWsN9g
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1892,i,3655692631994588421,10116829612921713129,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1892,i,3655692631994588421,10116829612921713129,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://us-west-2.protection.sophos.com/?d=venmo.com&u=aHR0cHM6Ly92ZW5tby5jb20vaWRlbnRpdHkvdW5zdWJzY3JpYmU_dj0zJmNvZGU9MmI3MDFhZjQwYzc4NzMwYTYyMTFhNWFhMzQwYTRiMWYwNzk5ZDE1OGU4YzIxZGZlYWE2MjYzMDZlZDQ2YTE3MCZ1YT1maQ==&p=m&i=NjI3Mjc4OTk0MGU3YTAxM2U2ZWIxMDY3&t=bU1WbGVZYlp3UnR5S2JybzBreHV4dXRpaWFMV2M5RkszZUNMdWp2UkVaVT0=&h=4ce9b067fcbf486e8f27561ce3d3058e&s=AVNPUEhUT0NFTkNSWVBUSVaS8c9jSpZcrH9uvMBTWALM8OUVCaCMDIwUwmubUWsN9g	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
about:blank	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
mparticle.map.fastly.net	151.101.2.133	true	false		unknown
paypal.map.fastly.net	151.101.2.133	true	false		unknown
dualstack.paypal-dynamic-2.map.fastly.net	151.101.1.35	true	false		unknown
paypal-dynamic-2.map.fastly.net	151.101.1.35	true	false		unknown
account.venmo.com	52.84.150.58	true	false		high
paypal-dynamic.map.fastly.net	151.101.65.21	true	false		unknown
www.recaptcha.net	192.178.50.35	true	false		unknown
slc.stats.paypal.com	34.106.92.18	true	false		high
d2t07dpvw9bt1v.cloudfront.net	99.84.252.113	true	false		high
venmo.com	52.84.150.50	true	false		high
www.google.com	142.250.64.164	true	false		high
jssdkcdns.mparticle.com	151.101.130.133	true	false		high
stats.glb.paypal.com	34.106.92.18	true	false		high
c.paypal.com	unknown	unknown	false		high
us-west-2.protection.sophos.com	unknown	unknown	false		high
c6.paypal.com	unknown	unknown	false		high
b.stats.paypal.com	unknown	unknown	false		high
id.venmo.com	unknown	unknown	false		high
www.paypal.com	unknown	unknown	false		high
cdn.optimizely.com	unknown	unknown	false		high
identity.mparticle.com	unknown	unknown	false		high
t.paypal.com	unknown	unknown	false		high
www.paypalobjects.com	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js	false		high
https://id.venmo.com/signin?country.x=US&locale.x=en&ctxId=AAFqUKczEO2Mzi6hqpJdn-Xx0dXM7bawZ5Fjg4OpBcOC-np1pt4kDmQfLr3i2QO6W-noUKfbwNF2PGao5AsbV98=	false		high
https://id.venmo.com/auth/recaptcha/grcenterprise_v3.html	false		high
about:blank	false	Avira URL Cloud: safe	low
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly9pZC52ZW5tby5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=tnbgrglpioih	false		unknown
https://account.venmo.com/identity/unsubscribe?v=3&code=2b701af40c78730a6211a5aa340a4b1f0799d158e8c21dfeaa626306ed46a170&ua=fi	false		high
https://id.venmo.com/signin?country.x=US&locale.x=en&ctxId=AAFqUKczEO2Mzi6hqpJdn-Xx0dXM7bawZ5Fjg4OpBcOC-np1pt4kDmQfLr3i2QO6W-noUKfbwNF2PGao5AsbV98=#/lgn	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
142.250.189.142	unknown	United States		15169	GOOGLEUS	false
151.101.193.35	unknown	United States		54113	FASTLYUS	false
151.101.130.133	jssdkcdns.mparticle.com	United States		54113	FASTLYUS	false
192.178.50.35	www.recaptcha.net	United States		15169	GOOGLEUS	false
52.84.150.50	venmo.com	United States		16509	AMAZON-02US	false
151.101.1.35	dualstack.paypal-dynamic-2.map.fastly.net	United States		54113	FASTLYUS	false
142.250.64.164	www.google.com	United States		15169	GOOGLEUS	false
142.250.64.163	unknown	United States		15169	GOOGLEUS	false
142.251.35.238	unknown	United States		15169	GOOGLEUS	false
172.217.15.206	unknown	United States		15169	GOOGLEUS	false
142.251.162.84	unknown	United States		15169	GOOGLEUS	false
151.101.194.133	unknown	United States		54113	FASTLYUS	false
151.101.193.21	unknown	United States		54113	FASTLYUS	false
192.178.50.67	unknown	United States		15169	GOOGLEUS	false
1.1.1.1	unknown	Australia		13335	CLOUDFLARENETUS	false
142.250.217.227	unknown	United States		15169	GOOGLEUS	false
151.101.1.21	unknown	United States		54113	FASTLYUS	false
99.84.252.113	d2t07dpvw9bt1v.cloudfront.net	United States		16509	AMAZON-02US	false
142.250.217.232	unknown	United States		15169	GOOGLEUS	false
52.84.150.58	account.venmo.com	United States		16509	AMAZON-02US	false
151.101.129.21	unknown	United States		54113	FASTLYUS	false
142.250.217.174	unknown	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
151.101.2.133	mparticle.map.fastly.net	United States		54113	FASTLYUS	false
151.101.65.21	paypal-dynamic.map.fastly.net	United States		54113	FASTLYUS	false
184.84.136.157	unknown	United States		16625	AKAMAI-ASUS	false
34.106.92.18	slc.stats.paypal.com	United States		15169	GOOGLEUS	false
142.250.217.170	unknown	United States		15169	GOOGLEUS	false

Private

IP
192.168.2.16
192.168.2.4

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1432116
Start date and time:	2024-04-26 14:20:09 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://us-west-2.protection.sophos.com/?d=venmo.com&u=aHR0cHM6Ly92ZW5tby5jb20vaWRlbnRpdHkvdW5zdWJzY3JpYmU_dj0zJmNvZGU9MmI3MDFhZjQwYzc4NzMwYTYyMTFhNWFhMzQwYTRiMWYwNzk5ZDE1OGU4YzIxZGZlYWE2MjYzMDZlZDQ2YTE3MCZ1YT1maQ==&p=m&i=NjI3Mjc4OTk0MGU3YTAxM2U2ZWIxMDY3&t=bU1WbGVZYlp3UnR5S2JybzBreHV4dXRpaWFMV2M5RkszZUNMdWp2UkVaVT0=&h=4ce9b067fcbf486e8f27561ce3d3058e&s=AVNPUEhUT0NFTkNSWVBUSVaS8c9jSpZcrH9uvMBTWALM8OUVCaCMDIwUwmubUWsN9g
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	12
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean2.win@18/75@60/288

Warnings

Exclude process from analysis (whitelisted): SIHClient.exe, SgrmBroker.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 192.178.50.67, 142.250.189.142, 142.251.162.84, 34.104.35.123, 184.84.136.157, 142.250.217.232, 199.232.210.172, 142.251.35.238, 172.217.15.206
Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, www.googletagmanager.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, cdn.o6.edgekey.net, e5048.dsca.akamaiedge.net, www.google-analytics.com
Not all processes where analyzed, report is missing behavior information

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 11:20:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.985428433824409
Encrypted:	false
SSDEEP:
MD5:	73C8200EF6EA10266B37FA31B1A2C123
SHA1:	CA1C56C431987C6AEE20BE80C02535FA4FDEACB2
SHA-256:	AF8300F06019AB9A3704EBE6685B1AD5D193A515D00748304BA37A156CF3F49A
SHA-512:	212F46FEFBC210C9B3A80FC4157F8EBAD84AE9FD27204C13543EE66F550EF91A9191DC5C127F3EC8167FE4EC260145CA13EFE679DA2AD4D75B8D733644D1DFD3
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....v.&...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.b....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.b....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.b....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.b..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.b...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 11:20:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	3.9997667962045447
Encrypted:	false
SSDEEP:
MD5:	7D7B18B4B5621920BDA9025CCEE8B52E
SHA1:	ECEEE898812D654CDF6C942EB00189A199B4C8F4
SHA-256:	B927631F029043AC854C3ACC7799E922FCAE1E0C511DCA9A940805655673214E
SHA-512:	471EFBF5D1375FB1A00C19F898AA377F37A33989C1DC1734BCB9B8E8ED5A4A31716FC9E5C8F717A51CD92B3664DFD3BC2F28BB5D48C74658002034C7980D7662
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....Fz.&...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.b....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.b....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.b....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.b..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.b...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.0047089618369585
Encrypted:	false
SSDEEP:
MD5:	9FC777D2BAB4864FAA2748B7C2E3D5C3
SHA1:	F9D2498D1294AF573BA0959907E305F009557151
SHA-256:	37F0CA1C176D5E119502E1B06F021E0249A9D1C94DB0D98D71B3893EC2EF014F
SHA-512:	66CE77976BEDE0291C4495659E7DB5B23D907FC6610C7EB448C5CC721D6399B7690D82A82DE00D5003D3A7DEE46DBA9BE152BFF67B0691E5A17DEAE5906EB455
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.b....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.b....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.b....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.b..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 11:20:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.999498764957857
Encrypted:	false
SSDEEP:
MD5:	16E221E9D068CA39BBEC21996C4A40E7
SHA1:	D04EACB94BB52BB838E4D312D2FF27CB9DE3F1AC
SHA-256:	143ABD4F527394DBB0A3BAE58AD55DB103140BCC6C27E9797C434082A7026C42
SHA-512:	72B9FCBD1337E76972E645181C73646DAF6BF97F2539E5EB9C3FDDADED158E00DA09E9459FD7560F89AC7A7989D92169B93EB6BA12AEF5AC656F3DCB0641A4AE
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......&...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.b....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.b....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.b....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.b..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.b...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 11:20:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9864871708017726
Encrypted:	false
SSDEEP:
MD5:	05173E975616091CC265110FFF79B704
SHA1:	B807562E9C6A21409FA81522C9E8E6251229E507
SHA-256:	68B286720DCD618D5615397D33BB9825ED7E12AD01643E03839561DAA05346A9
SHA-512:	C80AA565C6234F6BB6E36B9C22F47F8229604A6E2109D3B393BE65A0434477E95DA1BE250A5282408CA28EEC5AAAC038E41C381522F976547407A1EB00125458
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....y..&...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.b....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.b....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.b....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.b..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.b...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 11:20:39 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.000711168470819
Encrypted:	false
SSDEEP:
MD5:	39AAB26ADAA1517031565B6949A794E0
SHA1:	BE79270F178DA0918E4B8FB7C9D49129EC52F5B5
SHA-256:	D5DA3CEB91D54AE2D11AF5843DA43846C293F2E83D3E473186DAD9CA49073AB8
SHA-512:	C0D701D657A0386267D72BD28D1D015639A3E33CDDE56290520792C53F195DF1F68D9F1A52A9795B6814D75B97DFBD879AC806CAEBB174E9A043255D7AC2B45F
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....&...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.b....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.b....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.b....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.b..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.b...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 143

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (318)
Category:	downloaded
Size (bytes):	9894
Entropy (8bit):	4.981124226726379
Encrypted:	false
SSDEEP:
MD5:	3AD1FA5B0F1C4A72D44414C819B16620
SHA1:	A15A051F27E9F6DEA5666D845227E6FAC541CCE1
SHA-256:	EB76C0E09E9360F7A76D746D302F5FFE738AB07C19E52733C96568A704B3F5DD
SHA-512:	807EBEE97234389E055E64AD4995F166AF28370773BEBAD3D959E75A95ABA51209E460AC51D4D56E55D988863C8948518F3CBF6DB457C1017A493DE6CEAE1F15
Malicious:	false
Reputation:	unknown
URL:	https://account.venmo.com/_next/static/chunks/9744.04c9c3ae7494be82.js
Preview:	"use strict";.(self["webpackChunk_N_E"] = self["webpackChunk_N_E"] \|\| []).push([[9744],{../*/ 59744:.// (function(__unused_webpack_module, __webpack_exports__, __webpack_require__) {..__webpack_require__.r(__webpack_exports__);./ harmony import / var react__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(67294);./ harmony import / var _hooks_useMParticle__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(58470);...var MParticle = function(param) {. var profile = param.profile;. var ref = (0,_hooks_useMParticle__WEBPACK_IMPORTED_MODULE_1__/ .useMParticle / .R)(), login = ref.login, getCurrentUser = ref.getCurrentUser;. /. Every time the APIs are invoked, the SDK will immediately upload an HTTP request.. * Because of this, these APIs must only be invoked when the user actually logs in, logs out, or otherwise changes state.. * A common mistake is to call an API such as identify or login on every page load - this is not necessary and will result in high netw

Chrome Cache Entry: 144

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (29584)
Category:	downloaded
Size (bytes):	62803
Entropy (8bit):	5.346538898025892
Encrypted:	false
SSDEEP:
MD5:	7D5D8BA7C444D65DE632009EC3D111F5
SHA1:	6B8D044917AEE31BB9C0E8236615E22CF3F24E34
SHA-256:	341F44A2485EA5F0ADBBB0706FF327E7179AB8D21AE65D6EA8B75449F2A744D1
SHA-512:	8E06837FA5781F37402A4DA37903747A6E0A6C889814AA177A3695DCE0A2B39FC0376163B012B1F2E3DB6A807A6AEFD929A10B8C85F70114CF79A3089D7D4E17
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendor3.58593f5f5e8f1c345472.js
Preview:	(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[3],{59591:(t,e,r)=>{var n=r(50008).default;function o(){"use strict";./! regenerator-runtime -- Copyright (c) 2014-present, Facebook, Inc. -- license (MIT): https://github.com/facebook/regenerator/blob/main/LICENSE /t.exports=o=function(){return e},t.exports.__esModule=!0,t.exports.default=t.exports;var e={},r=Object.prototype,i=r.hasOwnProperty,u="function"==typeof Symbol?Symbol:{},f=u.iterator\|\|"@@iterator",a=u.asyncIterator\|\|"@@asyncIterator",s=u.toStringTag\|\|"@@toStringTag";function c(t,e,r){return Object.defineProperty(t,e,{value:r,enumerable:!0,configurable:!0,writable:!0}),t[e]}try{c({},"")}catch(t){c=function(t,e,r){return t[e]=r}}function h(t,e,r,n){var o=e&&e.prototype instanceof d?e:d,i=Object.create(o.prototype),u=new _(n\|\|[]);return i._invoke=function(t,e,r){var n="suspendedStart";return function(o,i){if("executing"===n)throw new Error("Generator is already running");if("comp

Chrome Cache Entry: 145

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (844)
Category:	downloaded
Size (bytes):	487736
Entropy (8bit):	4.941429396572523
Encrypted:	false
SSDEEP:
MD5:	FC23723EC305F9E4751AFC58788A4D65
SHA1:	1260BE3CEC21DD05C92FAFFD93B426E473871D49
SHA-256:	3F695DBDA1C4CD16F1EAAD764AF783B68AA0D0341E95FD2F9FA8044548E56690
SHA-512:	1F14BC29CC575A43808C889517659EDFAB21FE02E6F0F6CE14EAD13657DF03211677F90312D65B6B13B175EAD0B19493CE0EE03A83A09BC1C1F9E572DC513FAF
Malicious:	false
Reputation:	unknown
URL:	https://account.venmo.com/_next/static/chunks/main-6922df91ee43af36.js
Preview:	/****/ (function() { // webpackBootstrap./**/ .var __webpack_modules__ = ({..// 96086:.// (function(module) {.."use strict";..var assign = Object.assign.bind(Object);.module.exports = assign;.module.exports["default"] = module.exports;..//# sourceMappingURL=object-assign.js.map..// }),..// 40037:.// (function() {.."trimStart"in String.prototype\|\|(String.prototype.trimStart=String.prototype.trimLeft),"trimEnd"in String.prototype\|\|(String.prototype.trimEnd=String.prototype.trimRight),"description"in Symbol.prototype\|\|Object.defineProperty(Symbol.prototype,"description",{configurable:!0,get:function(){var t=/\((.)\)/.exec(this.toString());return t?t[1]:void 0}}),Array.prototype.flat\|\|(Array.prototype.flat=function(t,r){return r=this.concat.apply([],this),t>1&&r.some(Array.isArray)?r.flat(t-1):r},Array.prototype.flatMap=function(t,r){return this.map(t,r).flat()}),Promise.prototype.finally\|\|(Promise.prototype.finally=function(t){if("function"!=typeof t)return this.then

Chrome Cache Entry: 147

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1719), with no line terminators
Category:	downloaded
Size (bytes):	1719
Entropy (8bit):	5.88128059420581
Encrypted:	false
SSDEEP:
MD5:	273365E531157209CEC95A80C2747CCB
SHA1:	75FBA4A2D9B711E630D8DA19409C191DEC38A10F
SHA-256:	99BD47186634A4D2FF8E1260FB0ED973CFF95D8E0555F2BD2AC3102CA2FD7E59
SHA-512:	02532DBA3E9C76DF3E214059469DE42FB73D2FF11FB9C230B9815497F1F0346CD0117813150CB698B96BDE58760F6863036B0E331CBC8FDFBCA4023E48EBF8C8
Malicious:	false
Reputation:	unknown
URL:	https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en
Preview:	/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var E='enterprise',a=w[N]=w[N]\|\|{},gr=a[E]=a[E]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.recaptcha.net/recaptcha/enterprise/';(cfg['enterprise']=cfg['enterprise']\|\|[]).push(true);(cfg['enterprise2fa']=cfg['enterprise2fa']\|\|[]).push(true);(cfg['render']=cfg['render']\|\|[]).push('6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true;var m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='A89JPrWYXvEpNQ/xE+PjjlGJiBu/L2GfQcplC/QkDJOS1fBoX5Q4/HLfT1dXpD1td7C2peXE3bSCJiYdwoFcNgQAAACSeyJvcmlnaW4iOiJodHRwczovL3JlY2FwdGNoYS5uZXQ6NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZyIsImV4cGlyeSI6MTcyNTQwNzk5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=';d.head.pre

Chrome Cache Entry: 148

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (16759), with no line terminators
Category:	downloaded
Size (bytes):	16759
Entropy (8bit):	5.285851883590624
Encrypted:	false
SSDEEP:
MD5:	4D52B7A8968C41C3B7B71287D56A73C9
SHA1:	5A3DCEE4E10973966A71FDE19BD936B55A9E4C44
SHA-256:	DB3DB800F6D644D0F4598A98BFB67E1BD351AFA721956620B8C0975D95EC0803
SHA-512:	1086CB398E06C67DDA33B3D4960987DDC2991918265317F27A8786A50B91283ABC3F16BEFBECE450575DDF700271390998A520BF02EF10E39855A67946487F1E
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo35.8a7a4e709b77ea3ea16a.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[35],{15921:(e,t,r)=>{r.d(t,{Z:()=>p});var n=r(87462),o=r(15671),a=r(43144),s=r(35776),i=r(54013),c=r(26975),u=r(5034),p=function(){function e(){var t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(0,o.Z)(this,e),this.options=t}return(0,a.Z)(e,[{key:"collect",value:function(e){var t=new Map;this.sheetsRegistry=new i.xE;var r=(0,u.Z)();return s.default.createElement(c.ZP,(0,n.Z)({sheetsManager:t,serverGenerateClassName:r,sheetsRegistry:this.sheetsRegistry},this.options),e)}},{key:"toString",value:function(){return this.sheetsRegistry?this.sheetsRegistry.toString():""}},{key:"getStyleElement",value:function(e){return s.default.createElement("style",(0,n.Z)({id:"jss-server-side",key:"jss-server-side",dangerouslySetInnerHTML:{__html:this.toString()}},e))}}]),e}()},26975:(e,t,r)=>{r.d(t,{NU:()=>f,ZP:()=>d});var n,o=r(87462),a=r(45987),s=r(35776),i=r(5034),c=r(54013),u=r(5

Chrome Cache Entry: 150

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	244562
Entropy (8bit):	6.002228072830874
Encrypted:	false
SSDEEP:
MD5:	49AC4D4F24C8B48697A427251A708BF4
SHA1:	DF51700FB378DD2CE15E5AFDCF7879B470B9C3AE
SHA-256:	36AEE5EE6BFEED64716166F65A78D595E8ECE8F85C49EA0A4AD19435516638B7
SHA-512:	0880290F3618B9B87E4D2AC7BDA358508678546FB3A5CD0AEC1F49EF68C8CCC278AA6790D3A3FF18ED80415B43D894794305F68E69FAFAEEB21991ED1FE67F31
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo30.8afd5eb5bf057a663262.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[30],{70922:A=>{A.exports="data:font/woff;base64,d09GRk9UVE8AAL+YAAsAAAABbVgAAQAAAAC9vAAAAXQAAAMPAAC/MAAAAGhDRkYgAAAJPAAAZP8AAIJlJs1+/EdQT1MAAHW0AABIBwAAy+pyccBcR1NVQgAAcjQAAAN+AAAHsmCpS1JPUy8yAAABbAAAAFcAAABgkgFj9GNtYXAAAAQwAAAE9QAABuaeAc5EaGVhZAAAAQgAAAA2AAAANhBLJ2loaGVhAAABQAAAACEAAAAkCBEFhGhtdHgAAG48AAAD9wAACMYizmHRbWF4cAAAAWQAAAAGAAAABgIzUABuYW1lAAABxAAAAmsAAAX/lB12N3Bvc3QAAAkoAAAAEwAAACD/ZwAnAAEAAAABAABilsRqXw889QADA+gAAAAA1lb13AAAAADW4u3x/zj/AwTCA7kAAAADAAIAAAAAAAB42mNgZGBgVvhvwfCF5fF/i/8WLIcYgCLIgMkAAJ99Bp4AAAAAAFAAAjMAAHjaY2BmimTaw8DKwMLUxRTBwMDgDaEZ4xjUGTUZGJi4OViZGUFgAQODvgODSjUDFAQ7h/gDKYXfTMwK/y0YvjAfYxRTYGCYDJJj/MC0jUEBCJkAUFAN3wB42rWSTWsTQRjH/5vd9IW2ocGbBBkU9JTdpFAoLR6SgD1WbNqTKEN2kwz7MmF22pCjR7+J/QIe/BYe9Dt48qZXn5kM6bZgA4IZduc3z/P8n5edAHjiFfCw/H2iZ8keGnRacg0BPjv20cIXxwEe4bvjOvbww/EGmvjleBOht+l4C3veoePtCu+g5fUd71a4gWfeO8f7lX6ath8fXrBNjb72Pjj28Lz21XENjdpvxz6O/LrjAE

Chrome Cache Entry: 151

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (15682)
Category:	downloaded
Size (bytes):	285078
Entropy (8bit):	5.6031444263056
Encrypted:	false
SSDEEP:
MD5:	1272D401D4C28F6BCCFCA853B0EA0DC3
SHA1:	CA4A87DB933A2A4121049577112C09DA06906A0B
SHA-256:	94918854309EABF0D17C847A04F8CEBEE3603D9559BCC57F4089A1DCC49122F4
SHA-512:	D423A7AAE9907BDC2B6C7E7B5F311A82C372C9C2158F019ABCDF701D95DA5DC63A04E6B5A73922A1013EA35E8AE13C3F898BC75C473EF140A9020054D909FA4D
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/js?id=G-ZCV327BG16&l=dataLayer&cx=c
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"3",. . "macros":[{"function":"__e"},{"vtp_signal":2,"function":"__c","vtp_value":2},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0},{"function":"__c","vtp_value":false},{"vtp_signal":2,"function":"__c","vtp_value":2},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_ga_send","priority":21,"vtp_value":true,"tag_id":18},{"function":"__ogt_ip_mark","priority":21,"vtp_instanceOrder":0,"vtp_paramValue":"internal","vtp_ruleResult":["macro",4],"vtp_enableIpRegex":true,"tag_id":20},{"function":"__ogt_referral_exclusion","priority":21,"vtp_includeConditions":["list","venmo\\.com"],"tag_id":21},{"function":"__ogt_session_timeout","priority":21,"vtp_sessionMinutes":30,"vtp_sessionHours":0,"tag_id":22},{"function":"__ogt_dma","priority":21,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":23},{"function":"__ogt_1

Chrome Cache Entry: 152

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	77066
Entropy (8bit):	5.334883871350616
Encrypted:	false
SSDEEP:
MD5:	F504E97BEE1D065133E3092038ECD0A6
SHA1:	15DA8DB802566968AF1FD517981B12C3A9B6D374
SHA-256:	152D119A21E8FEEA3C1B7C3CAED9EC51DCE3325610B23DB18A35BEFC275F1DB5
SHA-512:	5CE00241ABE68F68F4F4F7777F1D5AA2F8A3BC5912FF2B4E40A78F1A61F21076FC074B2ADBAEA5C3111543C0E8D8589F1C15D7686D12588CD2DF434015EEDEEB
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo34.1ac1cc6ce8985ed3f498.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[34],{36939:(e,t,a)=>{a.d(t,{Z:()=>h});var o=a(87462),r=a(84506),n=a(29439),i=a(45987),l=a(35776),s=(a(59864),a(86010)),c=a(66037),d=a(79895),p=a(52543),u=a(88078),m=a(22775),f=l.forwardRef((function(e,t){var a=e.children,p=e.classes,f=e.className,h=e.defaultExpanded,g=void 0!==h&&h,b=e.disabled,v=void 0!==b&&b,y=e.expanded,x=e.onChange,Z=e.square,k=void 0!==Z&&Z,C=e.TransitionComponent,E=void 0===C?c.Z:C,R=e.TransitionProps,S=(0,i.Z)(e,["children","classes","className","defaultExpanded","disabled","expanded","onChange","square","TransitionComponent","TransitionProps"]),w=(0,m.Z)({controlled:y,default:g,name:"Accordion",state:"expanded"}),N=(0,n.Z)(w,2),T=N[0],z=N[1],P=l.useCallback((function(e){z(!T),x&&x(e,!T)}),[T,x,z]),$=l.Children.toArray(a),I=(0,r.Z)($),B=I[0],M=I.slice(1),D=l.useMemo((function(){return{expanded:T,disabled:v,toggle:P}}),[T,v,P]);return l.createElement(d.Z,

Chrome Cache Entry: 153

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	14920
Entropy (8bit):	4.878065921497952
Encrypted:	false
SSDEEP:
MD5:	13BCEEEAF84DF39CC5FBBDDF19B3D3FB
SHA1:	499E4B12C5B8F8DBFA0A73B46E996817545F4AD4
SHA-256:	4673C229C2C1D356B98C232C599AFDB44C85E7279C63C3EF962B4BA677378BA9
SHA-512:	C366932331DD195CD9A856F71751107774CA214A0A53FB72B6E49B4A0705D10A43A7B6E9B8F187DDA37D9F894B03C84A430106408C490B2B05125B3865606ED6
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ncs/ncs.js
Preview:	(function ncs(window) {. const getCookiePref = (cookiePrefsString) => {. let cookiePrefsValueString;. let match = document.cookie.match(new RegExp('(^\| )' + (cookiePrefsString \|\| 'cookie_prefs') + '=([^;]+)'));. if (match) { cookiePrefsValueString = match[2]; }. return cookiePrefsValueString. }.. const getCookiePrefValue = (cookiePrefsString) => {. const cookiePrefsValueString = getCookiePref(cookiePrefsString). cookiePrefsValue = cookiePrefsValueString &&. decodeURIComponent(cookiePrefsValueString) &&. decodeURIComponent(cookiePrefsValueString).split(',').reduce((acc, val) => {. const [k, v] = val.split('=');. if (k && v) { acc[k] = v; }. return acc;. }, {});. return cookiePrefsValue;. }.. const serverSideCookieFiltering = (cookieList, filterAPI) => {. const xhr = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP');. xhr.open('POST', filterAPI, true);. const data = {. cookieLi

Chrome Cache Entry: 154

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5534), with no line terminators
Category:	downloaded
Size (bytes):	5534
Entropy (8bit):	5.370999499940656
Encrypted:	false
SSDEEP:
MD5:	761DDDD6122707AC9E98C4DDD253208F
SHA1:	3D9F90F8B438F8916CD38174A27A8F5E4C4956E7
SHA-256:	8B202D5BD55968CE4BFC21C063166EAEBE62104275CE7EC362D78B64B2581C95
SHA-512:	3D83CD74241715BDCFE7C33244B5B585573E04124E066578F04D3F3840060F9D316D9FF05CEFBEA0D2EBFAAD3FB1C7355355AC4E4EAE387F1CEB69BDAB244316
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/assets/fn-sync-telemetry-min.js
Preview:	var PAYPAL=window.PAYPAL\|\|{};!function(){"use strict";function i(e){for(var t=0,n=0;n<e.length;n++)t+=e.charCodeAt(n);return t&=t}function s(e,t,n){"undefined"!=typeof e.removeEventListener?e.removeEventListener(t,n,!1):"undefined"!=typeof e.detachEvent&&e.detachEvent("on"+t,n)}function o(e,t,n){"undefined"!=typeof e.addEventListener?e.addEventListener(t,n,!1):"undefined"!=typeof e.attachEvent&&e.attachEvent("on"+t,n)}var e,t,n={},r=(e={idForHiddenField:null,isExceptionThrown:!1,startTime:(new Date).getTime()},t={SC_VERSION:"2.0.1",syncStatus:"data"},{initSync:function(i){try{i=i\|\|{},e.startTime=i.tStamp\|\|e.startTime,e.idForHiddenField=i.fname,t.f=i.fnSessionId,t.s=i.sourceId,t.chk={},t.chk.ts=e.startTime,t.chk.eteid=n.chk.init(t.f,e.startTime.toString()),t.chk.tts=(new Date).getTime()-t.chk.ts,t.dc=JSON.stringify(function(){var t,n=["colorDepth","pixelDepth","height","width","availHeight","availWidth"],r={screen:{}};for(r.ua=window.navigator.userAgent,t=0;t<n.length;t+=1)r.screen[n[t]

Chrome Cache Entry: 155

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), CFF, length 18320, version 1.6553
Category:	downloaded
Size (bytes):	18320
Entropy (8bit):	7.987553757416452
Encrypted:	false
SSDEEP:
MD5:	8A41B4550D23B462AF63FC46FABB46A4
SHA1:	50359B7126ED92C33EFCBF673C286F105D9AE5E7
SHA-256:	AF93D1D952B2DC42C029871CBBB92988835B31C86D4F0CB6A9674B1D1714A20F
SHA-512:	35B08DAFF0A4F929F16113E2FD68C8282DF5F661DD8383DF1545113E1112465DAA9ED11B81C5202BD20CAE9E9F1B7197FB33E6184B097498F82F30C4E3ED9FE8
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
Preview:	wOF2OTTO..G.......}...GB..........................n.R.......`..4.6.$..r....#. ..}5xC..7'...V.F.n.T.eGG!.q..x......!.......Rd....E.I^H..M....d..Q.P......:xG.FD.d.=M..".+..Q......z.I..4~.k-.7..,893......5;.`A$$D.`..$.30.h..wB...........C}.<5y...y~n..{oQo.,`lcDm0.C@f ...lm..D..0.?edc...._V\|)....z.}.Hjc............g..P.{I.\..F......./?U..{..&..GPB....yH.0....I...}R..N.M..TQ.....q....2B.S1..[^.1................{...nO....`.RiaDa....l#......^...i.a..[.....8(.e..9.K`...}x~....^...y..~...D..Q.1.0...H....'.hp0.t@$....{F..9.9...-AA...K.@.d.w.B.......~..y.8."n.3%a..`...z....Y.'...1.T,......+......2(,($.c..+...j.....,.E.R.{:..}.#].X&.&.M.}....H.]b.xWS...F.,.4^..d..%z..........Z\|..z.sO..UO.....84...&3.(...8?..0. /....<]...%..Uv.=+.)C..X...(.._..q..l...#M...V.]..T..&O.....Kaw..%...EHHD...0.H.......:'C.._...:...K.-'..MP......hO........k.0N....IN`MQ.\..'.....d-...Z....].Y.g.....$..g0H.p...m.<%......l.S....nO..._......>...(.......VQu.[.......X....

Chrome Cache Entry: 156

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10652), with no line terminators
Category:	downloaded
Size (bytes):	10652
Entropy (8bit):	5.492387766307282
Encrypted:	false
SSDEEP:
MD5:	DC7833D541C2C0130D74005845CF3D6F
SHA1:	65A71D83098B095FB393CE81DF20529BD8AA3BF3
SHA-256:	80773F4F67DC3CB5F590A8AC2F8377DF4B7AD0410D098A6B44D67CEDC91A113B
SHA-512:	BDF0C25005D9CC64A96FD27D36BBF374CF1ED2C5DEB02BA99B5BF61816DDCE936EC9006587A32E4697E24C5D7D89FE27F1678D608FE0037B67A17AAF02D8AA9C
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/runtime.db57914c5d92b0ff4de7.js
Preview:	(()=>{"use strict";var e,a,d,c={},o={};function t(e){var a=o[e];if(void 0!==a)return a.exports;var d=o[e]={id:e,exports:{}};return c[e].call(d.exports,d,d.exports,t),d.exports}t.m=c,e=[],t.O=(a,d,c,o)=>{if(!d){var r=1/0;for(l=0;l<e.length;l++){for(var[d,c,o]=e[l],f=!0,n=0;n<d.length;n++)(!1&o\|\|r>=o)&&Object.keys(t.O).every((e=>t.O[e](d[n])))?d.splice(n--,1):(f=!1,o<r&&(r=o));if(f){e.splice(l--,1);var b=c();void 0!==b&&(a=b)}}return a}o=o\|\|0;for(var l=e.length;l>0&&e[l-1][2]>o;l--)e[l]=e[l-1];e[l]=[d,c,o]},t.n=e=>{var a=e&&e.__esModule?()=>e.default:()=>e;return t.d(a,{a}),a},t.d=(e,a)=>{for(var d in a)t.o(a,d)&&!t.o(e,d)&&Object.defineProperty(e,d,{enumerable:!0,get:a[d]})},t.f={},t.e=e=>Promise.all(Object.keys(t.f).reduce(((a,d)=>(t.f[d](e,a),a)),[])),t.u=e=>(({10:"vendorPaypal-046cf405",11:"vendorPaypal-14b2ef91",12:"vendorPaypal-2ad50bf0",13:"vendorPaypal-30b2836a",14:"vendorPaypal-3e128fe0",15:"vendorPaypal-6cb9285f",16:"vendorPaypal-6d3a2882",17:"vendorPaypal-6fac6b1a",18:"vendorP

Chrome Cache Entry: 157

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (353), with no line terminators
Category:	downloaded
Size (bytes):	353
Entropy (8bit):	5.273066239437083
Encrypted:	false
SSDEEP:
MD5:	93BE6D757F28230900FD2FFB4091E349
SHA1:	98FE6DA7DBB0EAC7B1D05D12C7257F99758543AB
SHA-256:	D0675FEF3CE35AD654F94CC2B675DE2729BD86874EC0A912FEC89575700513C5
SHA-512:	876E28AA82F5A156EA605E1F1996C26DD3C181B49CA23190FF4C92F4DBC4FCD0450D4F86086FB4B52EAD7E781865CC1464B8A6B3364186EDFB972A5569065CC6
Malicious:	false
Reputation:	unknown
URL:	https://account.venmo.com/_next/static/KayRtQ_1ym5_-NM6DR61r/_middlewareManifest.js
Preview:	self.__MIDDLEWARE_MANIFEST=(function(a){return [["\u002F",a],["\u002Faccount",a],["\u002Fcharity\u002Fdonate",a],["\u002Fcreditcard",a],["\u002Fdownload-app",a],["\u002Fpayment-link",a],["\u002Fsettings\u002Fpayment-methods",a],["\u002Fstory",a],["\u002Fu",a],["\u002Fwebviews",a]]}(false));self.__MIDDLEWARE_MANIFEST_CB&&self.__MIDDLEWARE_MANIFEST_CB()

Chrome Cache Entry: 158

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	70998
Entropy (8bit):	5.296856014963618
Encrypted:	false
SSDEEP:
MD5:	776E6ADE025A7EB5917DA74DF07EF9EF
SHA1:	666A972444A5DC4AD5C73E66FB942290ECCBBED5
SHA-256:	A1602962888CFA57AFB6B37A761C37FBC59AB03913CF46812350CB0DBA8EC2D1
SHA-512:	87254C65FD4D0989FD5705550AE092D34AA3E70B43FA7D1EE61149371E77937D029496BD6FAB9BC8374BE2FD4D4129162A0ED1BFCC512B6DD6EBECDDB9785B1C
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendor8.3458659a4a33819095f2.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[8],{80132:(t,e,n)=>{function r(t){if(null===t\|\|!0===t\|\|!1===t)return NaN;var e=Number(t);return isNaN(e)?e:e<0?Math.ceil(e):Math.floor(e)}function a(t){return a="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t},a(t)}function o(t,e){if(e.length<t)throw new TypeError(t+" argument"+(t>1?"s":"")+" required, but only "+e.length+" present")}function i(t){o(1,arguments);var e=Object.prototype.toString.call(t);return t instanceof Date\|\|"object"===a(t)&&"[object Date]"===e?new Date(t.getTime()):"number"==typeof t\|\|"[object Number]"===e?new Date(t):("string"!=typeof t&&"[object String]"!==e\|\|"undefined"==typeof console\|\|(console.warn("Starting with v2.0.0-beta.1 date-fns doesn't accept strings as date arguments. Please use `parseISO` to p

Chrome Cache Entry: 159

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (24178), with no line terminators
Category:	downloaded
Size (bytes):	24178
Entropy (8bit):	5.356542304325167
Encrypted:	false
SSDEEP:
MD5:	CC4BC884E0397A571B44CB6B74A0F448
SHA1:	1F2FBA9075FD0B6707A53F286432F0BA7B207148
SHA-256:	1B1C8F6075A2C19861F5F2E4CD34F68A8B544376CDE708C448DFBB2E095E739D
SHA-512:	C7231B1720C482F352E19A6AB4134D68FC52B8B303561E7B795AFCF87F4177AF8F319FB4A508CFB986ACF7D32ED93BE16068291AB55D9A4C5DE430CE913BD9D7
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/Venmo_Form_Page_Template.d93cb7f386b09f5aebb5.js
Preview:	(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[125],{1380:(t,n,e)=>{"use strict";e.r(n),e.d(n,{default:()=>q});var o=e(29439),a=e(35776),i=e(71641),l=e(75259),r=e(4942),d=e(24070),s=e(93379),c=e.n(s),u=e(7795),p=e.n(u),m=e(90569),g=e.n(m),f=e(3565),C=e.n(f),h=e(19216),b=e.n(h),w=e(44589),S=e.n(w),k=e(57339),x={};x.styleTagTransform=S(),x.setAttributes=C(),x.insert=g().bind(null,"head"),x.domAPI=p(),x.insertStyleElement=b();c()(k.Z,x);k.Z&&k.Z.locals&&k.Z.locals;var v=e(64979),E=e(2969),y=e.n(E),P=e(16301),H=e.n(P),N="sign_up",A="next",B="login",O="getCode",R="submitOtp",L="loginWithPassordInstead",I=e(27227),_=e(16695);const T=function(t){var n,e,o=t.showTransition,s=t.children,c=t.cancelAndReturnUrl,u=t.onSubmitFormHandler,p=t.onClickSignUpButtonHandler,m=t.onClickCancelLinkHandler,g=t.onClickChangePublicCredentialHandler,f=t.otpPageState,C=t.pubCredState,h=t.buttonClickedState,b=t.pageNotificationState,w=t.setButtonClickedState,S=t.se

Chrome Cache Entry: 160

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (949)
Category:	downloaded
Size (bytes):	1377646
Entropy (8bit):	5.248077964617634
Encrypted:	false
SSDEEP:
MD5:	53E18315DF414DCFCE2B74F84093114F
SHA1:	2ADAFA68CE537637057D7988B723F219B3623CF5
SHA-256:	9768F97AAFC86828FE13833784A6A06B01E107551F121CAD19DDA6DAB9678C41
SHA-512:	620CA81720564F9189727060EF17EB3A8159C14D2714AD523774B1F818F7745B8E8C9D78EFCD7D0F74E29A858CB868CDDCC3A34823C46B6EDDADEDEE58A88384
Malicious:	false
Reputation:	unknown
URL:	https://account.venmo.com/_next/static/chunks/pages/settings/notifications-9ce5fa012f8267ad.js
Preview:	(self["webpackChunk_N_E"] = self["webpackChunk_N_E"] \|\| []).push([[4682],{../*/ 23983:.// (function(__unused_webpack_module, __webpack_exports__, __webpack_require__) {.."use strict";.// ESM COMPAT FLAG.__webpack_require__.r(__webpack_exports__);..// EXPORTS.__webpack_require__.d(__webpack_exports__, {. "default": function() { return / binding */ index_esm; }.});..;// CONCATENATED MODULE: ./node_modules/date-fns/esm/_lib/toInteger/index.js.function toInteger(dirtyNumber) {. if (dirtyNumber === null \|\| dirtyNumber === true \|\| dirtyNumber === false) {. return NaN;. }. var number = Number(dirtyNumber);. if (isNaN(number)) {. return number;. }. return number < 0 ? Math.ceil(number) : Math.floor(number);.}.// EXTERNAL MODULE: ./node_modules/@babel/runtime/helpers/esm/typeof.js.var esm_typeof = __webpack_require__(71002);.;// CONCATENATED MODULE: ./node_modules/date-fns/esm/_lib/requiredArgs/index.js.function requiredArgs(required, args) {. if (args.length < required) {.

Chrome Cache Entry: 161

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8581), with no line terminators
Category:	downloaded
Size (bytes):	8581
Entropy (8bit):	5.3824607143919625
Encrypted:	false
SSDEEP:
MD5:	8B60916E701B2FBBBC4445C1284F8F43
SHA1:	F54C8BBF3B7101A7FEF91D0F67D4DE9D3832704C
SHA-256:	35B3DFFD21B027E0455AB8429BFED6C243C18161EFB372781C851CDC0985DB26
SHA-512:	56A56A6975E2FBD9FAD46822DE4EC603AD83BD5AD9C3A10E0A9FE6A82617FCD82F576169E787DFDD04C83DD06F3A8691FCFF0D1F2AC8CB83B94BB07FEC58EDD7
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendor2.de67a7244c5b0a8f94eb.js
Preview:	(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[2],{93379:e=>{"use strict";var t=[];function r(e){for(var r=-1,n=0;n<t.length;n++)if(t[n].identifier===e){r=n;break}return r}function n(e,n){for(var c={},a=[],s=0;s<e.length;s++){var i=e[s],o=n.base?i[0]+n.base:i[0],f=c[o]\|\|0,l="".concat(o," ").concat(f);c[o]=f+1;var p=r(l),d={css:i[1],media:i[2],sourceMap:i[3],supports:i[4],layer:i[5]};if(-1!==p)t[p].references++,t[p].updater(d);else{var v=u(d,n);n.byIndex=s,t.splice(s,0,{identifier:l,updater:v,references:1})}a.push(l)}return a}function u(e,t){var r=t.domAPI(t);r.update(e);return function(t){if(t){if(t.css===e.css&&t.media===e.media&&t.sourceMap===e.sourceMap&&t.supports===e.supports&&t.layer===e.layer)return;r.update(e=t)}else r.remove()}}e.exports=function(e,u){var c=n(e=e\|\|[],u=u\|\|{});return function(e){e=e\|\|[];for(var a=0;a<c.length;a++){var s=r(c[a]);t[s].references--}for(var i=n(e,u),o=0;o<c.length;o++){var f=r(c[o]);0===t[f].referen

Chrome Cache Entry: 162

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23093), with no line terminators
Category:	downloaded
Size (bytes):	23093
Entropy (8bit):	5.245149224886793
Encrypted:	false
SSDEEP:
MD5:	7BD369E3384E9D3AD0173877F8BCF402
SHA1:	5CE0D9D3CF502B29FA7C28A926A459AF181A9A08
SHA-256:	0EC34B2C64CF8AC9E34F0AB429C9B2909B504C4C4FFC9A550A4A39771D410EC8
SHA-512:	1C9B5C7B7238107043E35008204667C3829AE1BB018A36EF1BEA6A2B42B899B6EBF571697377E9C7ACA51234D91AAEA64EF0C24C8F7AC560444647D699384BD6
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Preview:	!function(e){var t={};function n(r){if(t[r])return t[r].exports;var a=t[r]={i:r,l:!1,exports:{}};return e[r].call(a.exports,a,a.exports,n),a.l=!0,a.exports}n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var a in e)n.d(r,a,function(t){return e[t]}.bind(null,a));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=6)}([function(e,t,n){var r=n(1);e.exports.find=function(e,t){if(Array.isArray(e)\|\|void 0!==e.

Chrome Cache Entry: 163

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (56412), with no line terminators
Category:	downloaded
Size (bytes):	56412
Entropy (8bit):	5.907540404138125
Encrypted:	false
SSDEEP:
MD5:	2C00B9F417B688224937053CD0C284A5
SHA1:	17B4C18EBC129055DD25F214C3F11E03E9DF2D82
SHA-256:	1E754B107428162C65A26D399B66DB3DAAEA09616BF8620D9DE4BC689CE48EED
SHA-512:	8DC644D4C8E6DA600C751975AC4A9E620E26179167A4021DDB1DA81B452ECF420E459DD1C23D1F2E177685B4E1006DBC5C8736024C447D0FF65F75838A785F57
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Preview:	.goog-inline-block{position:relative;display:-moz-inline-box;display:inline-block}* html .goog-inline-block{display:inline}*:first-child+html .goog-inline-block{display:inline}.recaptcha-checkbox{border:none;font-size:1px;height:28px;margin:4px;width:28px;overflow:visible;outline:0;vertical-align:text-bottom}.recaptcha-checkbox-border{-webkit-border-radius:2px;-moz-border-radius:2px;border-radius:2px;background-color:#fff;border:2px solid #c1c1c1;font-size:1px;height:24px;position:absolute;width:24px;z-index:1}.recaptcha-checkbox-borderAnimation{background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFQAAANICAYAAABZl8i8AAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAABIAAAASABGyWs+AAAACXZwQWcAAABUAAADSAC4K4y8AAA4oElEQVR42u2dCZRV1ZX3q5iE4IQIiKQQCKBt0JLEIUZwCCk7pBNFiRMajZrIl9aOLZ8sY4CWdkDbT2McooaAEmNixFhpaYE2dCiLScWiQHCgoGQoGQuhGArKKl7V+c5/n33fO/V4w733nVuheXuv9V/rrnvP2Xud3zvTPee+ewsKxMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExP4OdtlT6ztAbRWvvLy8A3QkwxzH6tBGMMexI

Chrome Cache Entry: 164

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (949)
Category:	downloaded
Size (bytes):	1321651
Entropy (8bit):	5.245235748662314
Encrypted:	false
SSDEEP:
MD5:	BB949FBFF809E012431A4D973F485663
SHA1:	4A65C8B167A60C1DFA239D12B83F2113F7DD5CE0
SHA-256:	E8AC132CC09DF55E9FBAC5921CC5817BF204D150653B381802DD31A89FC86A99
SHA-512:	A379B4927CDDC9514AEE3C3B5776361EBAFF01CE793BF6DB98865254D0755C25C16BE0A47C9293315BAE9A400252579552762129A3D0C4D695D6A2BA068EE9AD
Malicious:	false
Reputation:	unknown
URL:	https://account.venmo.com/_next/static/chunks/pages/index-33aaf4f439c82a26.js
Preview:	(self["webpackChunk_N_E"] = self["webpackChunk_N_E"] \|\| []).push([[5405],{../*/ 23983:.// (function(__unused_webpack_module, __webpack_exports__, __webpack_require__) {.."use strict";.// ESM COMPAT FLAG.__webpack_require__.r(__webpack_exports__);..// EXPORTS.__webpack_require__.d(__webpack_exports__, {. "default": function() { return / binding */ index_esm; }.});..;// CONCATENATED MODULE: ./node_modules/date-fns/esm/_lib/toInteger/index.js.function toInteger(dirtyNumber) {. if (dirtyNumber === null \|\| dirtyNumber === true \|\| dirtyNumber === false) {. return NaN;. }. var number = Number(dirtyNumber);. if (isNaN(number)) {. return number;. }. return number < 0 ? Math.ceil(number) : Math.floor(number);.}.// EXTERNAL MODULE: ./node_modules/@babel/runtime/helpers/esm/typeof.js.var esm_typeof = __webpack_require__(71002);.;// CONCATENATED MODULE: ./node_modules/date-fns/esm/_lib/requiredArgs/index.js.function requiredArgs(required, args) {. if (args.length < required) {.

Chrome Cache Entry: 165

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
Category:	downloaded
Size (bytes):	107053
Entropy (8bit):	5.337592264259358
Encrypted:	false
SSDEEP:
MD5:	5CA5548040AEF5477DA16D682D3A08E1
SHA1:	E9ED3289D11A3DF4BBC4C1AF0D374CCCE69B9A75
SHA-256:	82C8116340DC4703C43E0F746EFB6D0D0BE995EE0E206B0134BA61FE504D927F
SHA-512:	A2517F4DC65EBF9F1C625E13D5D42C3C47A8CE57CD219A96CEFC80FE54235625799EE28E0848EDD8BB17D6F35547D445D49D39E48F6263109FBF4832BB4F1443
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo31.5a9959c341dbc4604a67.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[31],{4912:(e,t,a)=>{function r(e){return e&&"object"==typeof e&&"default"in e?e.default:e}var n=r(a(35776)),o=a(54288),i=a(84395),l=r(a(86010)),s=a(39427),c=a(91042),u=a(37722),d=r(a(10390)),p=r(a(45947)),m=r(a(1152)),g=o.makeStyles((function(e){return{accordionRootNoPadding:{padding:"0"},accordion:{boxShadow:"none","&:before":{display:"none"},"&.Mui-expanded":{margin:0},"&:after":{padding:0}},accordionSummaryIcon:{color:e.palette.grey[400]},chevron:{color:e.palette.grey[400],transform:"rotate(-90deg)"},accordionSummary:{"&:focus":{background:"none"},"&.Mui-focusVisible":{outline:"1px auto "+e.palette.primary.main}},accordionSummaryContentClass:{margin:e.spacing(2,0),"&.MuiAccordionSummary-content.Mui-expanded":{margin:e.spacing(2,0)}},accordionDetailsWithLeftPadding:{paddingLeft:e.spacing(3.5),paddingBottom:e.spacing(1.8)},accordionDetailsWithSmallLeftPadding:{paddingLeft:e.sp

Chrome Cache Entry: 166

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2483), with no line terminators
Category:	downloaded
Size (bytes):	2483
Entropy (8bit):	5.0183567131501885
Encrypted:	false
SSDEEP:
MD5:	2D69C274EA163D08CE15DE9BC7FF09E3
SHA1:	2C47C7F6609C40942416CDB8134E8507F39860E5
SHA-256:	6AA4FBBA3C03D71461376E31733D1BB5B8C5A8042D8DCB58ED5A3548819506B8
SHA-512:	AB9AA65F9DCA48E97933CAF0503E690B2C55EB179AD3C9A88B7A2E4E8971D0483FB28A84F52262786B2A9FCBC26327082B80A080B8BEA5B7B36F678D535D2593
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/2-0-0/fonts-and-normalize.min.css
Preview:	@font-face{font-display:swap;font-family:PayPalOpen-Regular;font-style:normal;src:url(https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2) format("woff2"),url(https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff) format("woff")}@font-face{font-display:swap;font-family:PayPalOpen-Bold;font-style:normal;src:url(https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Bold.woff2) format("woff2"),url(https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Bold.woff) format("woff")}html{box-sizing:border-box}*,:after,:before{box-sizing:inherit}body,html{font-family:PayPalOpen-Regular,Helvetica Neue,Arial,sans-serif;height:100%}html{-webkit-text-size-adjust:100%;line-height:1.15}body{-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;margin:0}main{display:block}h1{font-size:2em;margin:.67em 0}hr{box-sizing:content-box;height:0;overflow:visible}pre{font-family:monospace;font-size:1em}a{background-color:transparent}abbr[title]{border-botto

Chrome Cache Entry: 167

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	536
Entropy (8bit):	4.8987338142402
Encrypted:	false
SSDEEP:
MD5:	BCC633011A257BF4B4C3893529027331
SHA1:	6509ECBA575E2D12BD2BF91C5008DD67FDD2DE08
SHA-256:	F54ED96AB522EBEB2F90A83A0E640F6133D78A3FF0F62BAFA77751C42E880AC3
SHA-512:	867AD33E6AFE2593109BC1A61F143FF1C66CCB53CA6A77D1C267FA7C6B5B05F6DD099C3B14264B4F54E37E17F1B4713383F34135BE0CA18EB2A9BB8FCACA5489
Malicious:	false
Reputation:	unknown
Preview:	<svg viewBox="0 0 40 40" fill="none" xmlns="http://www.w3.org/2000/svg">. <style>. path {. fill: #0074DE;. }. @media (prefers-color-scheme: dark) {. path {. fill: #fff;. }. }. </style>. <path d="M34.5771 0.822021C35.9974 3.16733 36.6377 5.58301 36.6377 8.63451C36.6377 18.3672 28.3277 31.0107 21.5832 39.8888H6.17825L0 2.95296L13.4887 1.67258L16.7552 27.9548C19.8074 22.9834 23.5738 15.171 23.5738 9.84453C23.5738 6.92902 23.0743 4.94318 22.2935 3.30806L34.5771 0.822021Z" fill="#008CFF"/>.</svg>.

Chrome Cache Entry: 168

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (29464), with no line terminators
Category:	downloaded
Size (bytes):	29464
Entropy (8bit):	4.623396272181911
Encrypted:	false
SSDEEP:
MD5:	3DFA5814B4BE91C0047934998A54F03D
SHA1:	0DF1CD7FC4C4BD1C1B83403A4CB186950F78410F
SHA-256:	288470A05F4B8A3759884A275302AD49677FFB0BD0AA6FE15364A930FD3D2FA8
SHA-512:	BB2E4ACF8C429CAD99D0A2BD738A22A2DAA030D25D3F6EAD786266BBF5B84041DBA638DFB7D31308AB2F9C474989C79CAC58ABB857F748E903BF53CD100B880E
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo33.c787738d7252865aa635.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[33],{27584:a=>{a.exports='<svg id="livetype" xmlns="http://www.w3.org/2000/svg" width="119.66407" height="40" viewBox="0 0 119.66407 40">\n <title>Download_on_the_App_Store_Badge_US-UK_RGB_blk_4SVG_092917</title>\n <g>\n <g>\n <g>\n <path d="M110.13477,0H9.53468c-.3667,0-.729,0-1.09473.002-.30615.002-.60986.00781-.91895.0127A13.21476,13.21476,0,0,0,5.5171.19141a6.66509,6.66509,0,0,0-1.90088.627A6.43779,6.43779,0,0,0,1.99757,1.99707,6.25844,6.25844,0,0,0,.81935,3.61816a6.60119,6.60119,0,0,0-.625,1.90332,12.993,12.993,0,0,0-.1792,2.002C.00587,7.83008.00489,8.1377,0,8.44434V31.5586c.00489.3105.00587.6113.01515.9219a12.99232,12.99232,0,0,0,.1792,2.0019,6.58756,6.58756,0,0,0,.625,1.9043A6.20778,6.20778,0,0,0,1.99757,38.001a6.27445,6.27445,0,0,0,1.61865,1.1787,6.70082,6.70082,0,0,0,1.90088.6308,13.45514,13.45514,0,0,0,2.0039.1768c.30909.0068.6128.0107.91895.0107C8.80

Chrome Cache Entry: 169

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	42
Entropy (8bit):	3.122714743434665
Encrypted:	false
SSDEEP:
MD5:	ACCBA0B69F352B4C9440F05891B015C5
SHA1:	9D01CC5DC8E042C0D4AD6CFB8B3AC38E84A5EF9F
SHA-256:	47043E4823A6C21A8881DE789B4185355330B5804629D23F6B43DD93F5265292
SHA-512:	D3C4A5427BF645CC226106B0E8C28A76B0B91F50FA6D77E962A3B59B85BE2A0CFDB94EC0F40742F10C18025573D8FBFADECDDF60F4652BAE671F6031C02A7CB5
Malicious:	false
Reputation:	unknown
Preview:	GIF89a.............!.......,........@..D.;

Chrome Cache Entry: 170

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (63869)
Category:	downloaded
Size (bytes):	180956
Entropy (8bit):	5.2051203103374695
Encrypted:	false
SSDEEP:
MD5:	8C15583A4A43453584F560A54AD69AC5
SHA1:	EE1F186FBBA965DFBAD41B3D25DAB20C7C29008B
SHA-256:	E69E6074B3E838A4BBEB4A20F2A96E77BE67703EA606415AEDEE2FA073B634C4
SHA-512:	FA6C9706346A3BCA0946CFE2F30FE4A8CD590F76B825676C9C2705E47E049538E643B53355A86F0243F57464B7BFBAEFB1B13ED6469AA4AFED9BE1FBDB81543F
Malicious:	false
Reputation:	unknown
URL:	https://jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/mparticle.js?env=0
Preview:	//.// Copyright 2019 mParticle, Inc..//.// Licensed under the Apache License, Version 2.0 (the "License");.// you may not use this file except in compliance with the License..// You may obtain a copy of the License at.//.// http://www.apache.org/licenses/LICENSE-2.0.//.// Unless required by applicable law or agreed to in writing, software.// distributed under the License is distributed on an "AS IS" BASIS,.// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied..// See the License for the specific language governing permissions and.// limitations under the License..//.// Uses portions of code from jQuery.// jQuery v1.10.2 \| (c) 2005, 2013 jQuery Foundation, Inc. \| jquery.org/license..window.mParticle = window.mParticle \|\| {};;.window.mParticle.config = window.mParticle.config \|\| {};;.window.mParticle.config.serviceUrl = 'jssdk.mparticle.com/v2/JS/';;.window.mParticle.config.secureServiceUrl = 'jssdks.mparticle.com/v2/JS/';;.window.mParticle.config.app

Chrome Cache Entry: 172

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5856)
Category:	downloaded
Size (bytes):	10756
Entropy (8bit):	5.561127511226338
Encrypted:	false
SSDEEP:
MD5:	71F01186A59DB552AB4BB5B273082EC7
SHA1:	0A5909E2AE3BF149D17D08A758B1B07E44AC22A9
SHA-256:	600D62EE9CE08AE19531DAE5C0CCE8A63427AD0BE308803605645AA8C9F55990
SHA-512:	F8321866638BDA4EF1A5D468C1E19A77B8BF4981991729B7DACE0C75BAD5AC2DC675E47BD70EDE6C19657234E1C51DE444BA83532BF614F37E030D6CA3D9402D
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo39.b4f63a3af68bb0c60ccb.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[39],{74905:(e,r,t)=>{Object.defineProperty(r,"__esModule",{value:!0});var n=t(24113),o=t(56775),a=t(39149),i=t(49396),c=t(96656),u=t(88954),l=t(73240),f=t(5499),s=t(36249),v=t(8895),p=t(22537),y=t(48877),d=t(96869),h=t(19235),_=t(84237),b=t(88362),w=t(23468),m=t(19034),P=t(57175),g=t(48528),S=t(20621),O=t(39427),x=t(77879),k=t(82532),j=t(51508),C=t(65459),M=t(41915),D=t(2706),E=t(59037),I=t(90807),T=t(30532),B=t(96730),R=t(9510),F=t(78351),G=t(75567),H=t(1802),L=t(18442),A=t(1004),V=t(70705),z=t(8545),U=t(84031),W=t(25572),N=t(62315),Q=t(75260),J=t(48258),Z=t(60649),q=t(52442),K=t(5071),X=t(61470),Y=t(74394),$=t(19321),ee=t(52477),re=t(85475),te=t(24926),ne=t(62277),oe=t(84944),ae=t(79225),ie=t(83958),ce=t(65278),ue=t(64037),le=t(91042),fe=t(4541),se=t(7548),ve=t(13942),pe=t(99804),ye=t(67849),de=t(38200),he=t(99488),_e=t(70431),be=t(1186),we=t(20436),me=t(61756),Pe=t(3810),ge=

Chrome Cache Entry: 173

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (58556), with no line terminators
Category:	downloaded
Size (bytes):	58556
Entropy (8bit):	5.3214033197332915
Encrypted:	false
SSDEEP:
MD5:	15D472F7461198E2C9A5C56ED18FA65D
SHA1:	BEE0F4766C9B35D3E8672555267E912E9D26C9EF
SHA-256:	07DD261281DF778A63C2400E038CE34D00424C49F09BE4975F3B8C552C8BCACE
SHA-512:	148565737B22CEC82E53DD67F32128D746DDCAEA96854FF6A1AE8D3CEA3A3B64C8FBEA23F8D0CB9E04B515E8390CFA732F66D53C94FA5251F9A7B497CD704C58
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo37.ac605bb7b8c8fbbc0b96.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[37],{79895:(e,t,n)=>{n.d(t,{Z:()=>s});var r=n(45987),a=n(87462),o=n(35776),i=n(86010),l=n(52543),c=o.forwardRef((function(e,t){var n=e.classes,l=e.className,c=e.component,s=void 0===c?"div":c,u=e.square,d=void 0!==u&&u,p=e.elevation,f=void 0===p?1:p,m=e.variant,v=void 0===m?"elevation":m,h=(0,r.Z)(e,["classes","className","component","square","elevation","variant"]);return o.createElement(s,(0,a.Z)({className:(0,i.default)(n.root,l,"outlined"===v?n.outlined:n["elevation".concat(f)],!d&&n.rounded),ref:t},h))}));const s=(0,l.Z)((function(e){var t={};return e.shadows.forEach((function(e,n){t["elevation".concat(n)]={boxShadow:e}})),(0,a.Z)({root:{backgroundColor:e.palette.background.paper,color:e.palette.text.primary,transition:e.transitions.create("box-shadow")},rounded:{borderRadius:e.shape.borderRadius},outlined:{border:"1px solid ".concat(e.palette.divider)}},t)}),{name:"MuiPap

Chrome Cache Entry: 174

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23204), with no line terminators
Category:	downloaded
Size (bytes):	23204
Entropy (8bit):	5.311666444124577
Encrypted:	false
SSDEEP:
MD5:	2527B8DD7558265B787200FE2F07C8A6
SHA1:	5B96611966E522981FF617C36398EB7A344136B3
SHA-256:	55F989C9D5AB1ADFDA0208546EEAFED403CCF2E9F131AD93112AB20D4E02037D
SHA-512:	71F6DD8287F6CE5D922F574E068C36E3314D4EBE2D61D1F04880A8F6DBA02B98610C4233DD2C149B1C4A9909876F8568AE47098D77BBD97ECD03782AE25D73F1
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/app.58a7141f7004e7633af8.js
Preview:	(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[151],{4458:(e,n,t)=>{"use strict";var r=t(4942),o=t(35776),c=t(64979),i=t(53768),a=t(53221),l=t(73688),u=t(9669),s=t.n(u),d=function(e){var n=e.contentUrlBase,t=e.country,r=e.language;return s()({method:"GET",url:"".concat(n,"/").concat(t,"/").concat(r,".json"),headers:{Accept:"application/json","Content-Type":"application/json"}})},p=t(93581),f=t(48216),m=t(41719),g=t(28330),y=t(44649);function h(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);n&&(r=r.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,r)}return t}var b=function(e){var n,t=e.getContext();if(null!=t&&null!==(n=t.response)&&void 0!==n&&n.headers)return t.response.headers.get("Paypal-Debug-Id")},v=new p.i((function(e,n){return new f.y((function(t){var r=n(e).subscribe(function(e){var n=e.operation,t=e.observer;return{next:function(e){va

Chrome Cache Entry: 175

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3868)
Category:	downloaded
Size (bytes):	3873
Entropy (8bit):	5.813815878954414
Encrypted:	false
SSDEEP:
MD5:	837D70110BEF2C6615E39BF7F6D546F6
SHA1:	AC9CF59F4664948BC49A24999FEB498471DE2327
SHA-256:	95671F6246E3CD6CD0874780D814C3424F1DF0067E57C4CC96209F2E4A65A176
SHA-512:	0BB850C3EC1E53B15FAB12409DE934718E6FDA779024222ABF6792E8CE8E4AEBEDC01E5E77F71A39FCF1D042F627AA4F11AC31FC6888A609D7135B7D12DF38FE
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["",["nfl draft","challengers movie","pittsburgh upmc layoffs","apple iphone 16 pro max","nasa mars spiders","utah hockey team nhl","aries daily horoscope today","clear airport security userfornia"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"google:entityinfo":"Cg0vZy8xMXEzeWJ3M2tqEhlDaGFsbGVuZ2VycyDigJQgMjAyNCBmaWxtMv8QZGF0YTppbWFnZS9qcGVnO2Jhc2U2NCwvOWovNEFBUVNrWkpSZ0FCQVFBQUFRQUJBQUQvMndDRUFBa0dCd2dIQmdrSUJ3Z0tDZ2tMRFJZUERRd01EUnNVRlJBV0lCMGlJaUFkSHg4a0tEUXNKQ1l4Sng4ZkxUMHRNVFUzT2pvNkl5cy9SRDg0UXpRNU9qY0JDZ29LRFF3TkdnOFBHamNsSHlVM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOLy9BQUJFSUFFQUFRQU1CSWdBQ0VRRURFUUgveEFBYUFBQUNBd0VCQUFBQUFBQUFBQUFBQUFBRkJnSURCQWNCLzhRQU5SQUFBZ0VEQWdRREJRY0VBd0FBQUFBQUFRSURCQVVSQUNFR0VqRkJFeUpoVVhHQm9kRVVGU015VXBHeGNzSFM0UWNXa3YvRUFCZ0JBQU1CQVFBQUFBQUFBQUFBQUFBQUFBRURCQUlBLzhRQ

Chrome Cache Entry: 176

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9205)
Category:	downloaded
Size (bytes):	13819
Entropy (8bit):	5.250518720063889
Encrypted:	false
SSDEEP:
MD5:	ED986C614E112597FB14A2E2603ECD03
SHA1:	A5DD4C44019B7A5BB9198EEF0EC27269E61A08B7
SHA-256:	88B89C0871529ED5D3F58A2203231B375B5DED89AE4DD2BF33656B03FB6BB4FB
SHA-512:	0820C5E1A11B2E87470E8A762BE399418484BF08F36ABE1CBFB585C5C4CCC77120E10C3ADE83B562DE1F1DCE3988B0336594DD81DE21F6733F8C7EBD95055DB8
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendor4.be50f34cce539da04c25.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[4],{38751:(t,e,r)=>{r.d(e,{g7:()=>a});var n=null,o={},i=1,c="@wry/context:Slot",u=Array,a=u[c]\|\|function(){var t=function(){function t(){this.id=["slot",i++,Date.now(),Math.random().toString(36).slice(2)].join(":")}return t.prototype.hasValue=function(){for(var t=n;t;t=t.parent)if(this.id in t.slots){var e=t.slots[this.id];if(e===o)break;return t!==n&&(n.slots[this.id]=e),!0}return n&&(n.slots[this.id]=o),!1},t.prototype.getValue=function(){if(this.hasValue())return n.slots[this.id]},t.prototype.withValue=function(t,e,r,o){var i,c=((i={__proto__:null})[this.id]=t,i),u=n;n={parent:u,slots:c};try{return e.apply(o,r)}finally{n=u}},t.bind=function(t){var e=n;return function(){var r=n;try{return n=e,t.apply(this,arguments)}finally{n=r}}},t.noContext=function(t,e,r){if(!n)return t.apply(r,e);var o=n;try{return n=null,t.apply(r,e)}finally{n=o}},t}();try{Object.defineProperty(u,c,{valu

Chrome Cache Entry: 177

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (38457)
Category:	downloaded
Size (bytes):	38486
Entropy (8bit):	5.345618194155939
Encrypted:	false
SSDEEP:
MD5:	3867690CF65CF9B04E72472455F34CF9
SHA1:	6972D67129AB146E710023E97F8343DFF85AFC83
SHA-256:	A70DAA1ECB6FDD37C71466675790D54B8BB70227CD2E397DB7EBCDE9D1432FB9
SHA-512:	2A5C2744617662E27C602FCF9295D4CB19F85B27F7DB09FBB136B0E7F7F456D6A22B3A2A74E8F07306A767DB8FAA3FB30C4E1F39246FF56A4C18A8068DA85812
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/pa/js/pa_venmo.js
Preview:	/@ 2024 PayPal (v1.8.16) /.!function(){"use strict";var R="venmo";function o(){return(new Date).getTime()}function m(t){return Math.round(parseFloat(t))\|\|0}function a(t){if(!t\|\|t.constructor!==Object&&t.constructor!==Array)return t;var e,n=t.constructor();for(e in t)n[e]=a(t[e]);return n}function c(t,e,n){for(var r in void 0===n&&(n=!0),t=t\|\|{},e=e\|\|{})"undefined"!=typeof e[r]&&(n\|\|!n&&"undefined"==typeof t[r])&&(t[r]=e[r]);return t}function q(t,e){e=e\|\|{};var n,r=a(t=t\|\|{});for(n in e)try{e[n].constructor===Object&&r[n]&&r[n].constructor===Object?r[n]=q(r[n],e[n]):r[n]=e[n]}catch(i){r[n]=e[n]}return r}function u(){var i,a=window.crypto\|\|window.msCrypto;return(i=function i(){var t,e=2147483647;try{var n=new Uint32Array(1);a.getRandomValues(n),t=n[0]&e}catch(r){t=Math.round(e*Math.random())}return t.toString(16)})()+i()}window.PAYPAL=window.PAYPAL\|\|{},window.fpti=window.fpti\|\|{},window.fptiserverurl=window.fptiserverurl\|\|"https://t.paypal.com/ts";var F,e=function e(){},U=function U(){

Chrome Cache Entry: 178

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, CFF, length 41894, version 1.0
Category:	downloaded
Size (bytes):	41894
Entropy (8bit):	7.990845032653063
Encrypted:	true
SSDEEP:
MD5:	93CDAD39D3EA2F9B37B403665A006419
SHA1:	0E986C6F2443007EE37DA358A8D3A06BC67DF3C3
SHA-256:	58F03520078F42B5339BF2DC379A7426BD432BC8902FD47F577E5A0DEF8331D9
SHA-512:	32EB9E04B976D2D81ED7B1FD480CE7550E39A8AEAF56E1F441CCB64FACFE95200A18DD987F3534FA7DA6A63D03633D164D81346EE3BF08BD527892288E80A6A7
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/assets/venmo/fonts/Scto-Grotesk-A-Regular.woff
Preview:	wOFFOTTO..........C@...........u.......8...nCFF ...@..]...yR.Z.bGPOS..n...35....f.L.GSUB..k....~....`.KROS/2...l...Y...`..a.cmap...4..........Dhead.......6...6.G'.hhea...@...!...$...whmtx..g(..........r=maxp...d.........3P.name.......i.....P..post...,....... .g.'.........@.{_.<..........V...........8.#................x.c`d``V.o.........,...".I...\|.......P..3..x.c`frb.........................YY..A`......J5...;..380(.fbV.o..........d...k.m..@...>......x..Mn.1....I?..Q.".P... 3IWU#!E.tGQ.v...8...8.8.....5W..`.M..p.xv.tR..B"....~o..O..../....F.W....C<.7..<.w...O.kx.....{.7...=WK.........,x.y....'DP.R.o.O...X..y....9........W.8..y.._.......Z.M.V.=o....W.w._..y...Q...aW..<dg....d....9{..(...ID>F.c..(R.f.`....1.:e..3.y.'f..,D.zTQ...4..D.e...r...$.K..6..21.Y.\.T.&....h..:...{s...7......[...#...1.8.N.Q..u3..=5....!ct.0......a.pE...4qHt...%.)I].D)8"...h.R\|.$A......y.<....I...O.r0..q..!+......y(.....9..d.......>.$.........2r......8.l!I?Y.<..c........1....lYj

Chrome Cache Entry: 179

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (58188), with no line terminators
Category:	downloaded
Size (bytes):	58188
Entropy (8bit):	5.40080022067763
Encrypted:	false
SSDEEP:
MD5:	383F03BA52E9DF852BE533BB6CF4212A
SHA1:	0A3476D0C768A955738AC7A63F092229BA39A14C
SHA-256:	F76FDDDD39C7DC1D5DD0D2A981F725A76127F65B6C8F6BE54D76A6579F228899
SHA-512:	F74FDF8EDF5FB2F8AD14055E986E51742FCAAC54E704C170C3414E251755BFD0F81AE5602958405CCA703A00E1A2B965066A1B5622DA2C40A0CCC57F6CFE1499
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendor7.1044927e5ff102e2510c.js
Preview:	(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[7],{12489:(e,t,n)=>{"use strict";n.d(t,{Ps:()=>B});var i=function(){return i=Object.assign\|\|function(e){for(var t,n=1,i=arguments.length;n<i;n++)for(var r in t=arguments[n])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e},i.apply(this,arguments)};Object.create;Object.create;var r=n(25821),a=n(37826),o=n(45695);function s(e){var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:e.prototype.toString;e.prototype.toJSON=t,e.prototype.inspect=t,o.Z&&(e.prototype[o.Z]=t)}function c(e){return c="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},c(e)}function u(e,t){for(var n,i=/\r\n\|[\n\r]/g,r=1,a=t+1;(n=i.exec(e.body))&&n.index<t;)r+=1,a=t+1-(n.index+n[0].length);return{line:r,column:a}}function l(e){return p(e.source,u(e.sou

Chrome Cache Entry: 180

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	168596
Entropy (8bit):	6.001337100724995
Encrypted:	false
SSDEEP:
MD5:	BC32D8C18E004FED6E90510E65260912
SHA1:	1A0998D6A6C2D0AA63DB89286BA6D01AE774F54B
SHA-256:	5D55EDC3BDB93EA6CD5DFA8FF5C0A80CE46B6FBEFFEC60AB2DE521DD554FEA50
SHA-512:	CDDE8E6200F34082658072CBF4FCCFC3D72EC00E9C01AED0ED9B8457B5419245E4EF7ADA770B62B3B57C25BF5CD27997105D8EA8377996CCB4BAE1F19DC87068
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo43.bbd5f60f16ee575715aa.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[43],{86073:A=>{A.exports="data:font/woff;base64,d09GRgABAAAAAKIEABIAAAABabwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEU0lHAACh/AAAAAgAAAAIAAAAAUdERUYAAAGUAAAAfQAAAJQXNRcpR1BPUwAAAhQAAB1FAABSTorsIWRHU1VCAAAfXAAAB6IAABN+WqNSOk9TLzIAACcAAAAAUwAAAGAp7SsiY21hcAAAJ1QAAAO3AAAFGskDr9ZjdnQgAACazAAAAEYAAACOCqAhLGZwZ20AAJsUAAAGSAAADW1BHo58Z2FzcAAAmsQAAAAIAAAACAAAABBnbHlmAAArDAAAXPwAAMemPAdMY2hlYWQAAIgIAAAANgAAADYNobMoaGhlYQAAiEAAAAAgAAAAJAYhBW1obXR4AACIYAAAAxEAAAle78Q9hGxvY2EAAIt0AAAEqQAABL6KM1VMbWF4cAAAkCAAAAAgAAAAIAOODkxuYW1lAACQQAAAAiMAAAVtFITT13Bvc3QAAJJkAAAIXwAAEjgiOzTScHJlcAAAoVwAAACfAAAAsWXzMzR4AQ3EtVkDUBiG0fe796GjZgBkAZwKr3FocCYgyTKRJlJHtogLsT7eRJAB+E9xELAMADhW8KwhNji2T7m1H3izPwjYISJ2jISdImPnKNgl6vYXfXvCt/0nj7SkfftARzid6xypoYbdVMvuqmvPNENuy53g3aV7wv8DoosXdgAAAHgB7JgFVFzX9od/Z+bONAwkuERXrBa3eurexp67u9Xd3d0l7laipS4rjwQNqZcIUkgpDZTIfwIttt/3n976rNhzuaxvn322nXP2PYPJSYpopatR4KRTxn1T3f74swvOUi954j

Chrome Cache Entry: 181

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	70282
Entropy (8bit):	5.610888531809971
Encrypted:	false
SSDEEP:
MD5:	6C1C07469419241DA6911CD84B1A1A0D
SHA1:	558B0B84DDFFA299A7A7BBE08583F5E08EC9D485
SHA-256:	86502A17BCA8813CAF18EA999F51E1A0C19C73480F794F3FFDD60B8B16342785
SHA-512:	A3862FCA1594C4ACFEFB70B7E2C958F69504C337ACC011A7FCF9CBB76847813F2E8453B9F110E1991AFD45478D153317E5D70D7393892E615D423634CE3370E9
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/Login.dfe4e44db7dc076499b3.js
Preview:	(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[88],{94108:(e,n,t)=>{"use strict";t.d(n,{_1:()=>r,EZ:()=>i,O1:()=>a,Yb:()=>o,C4:()=>c,eB:()=>l,r8:()=>_});var r={TRY_ANOTHER_WAY:"/authflow",AUTHFLOW:"/authflow",VERIFICATION_FAILED:"/authflow/verification-failed",MAX_ATTEMPTS:"/authflow/max-attempts",ERROR:"/authflow/error",VERIFY:"/authflow/verify",DONE:"/authflow/done",PWR_CHANGE:"/password-recovery/change",LOGIN:"/lgn",PAYPAL:{CONTACT_US:"/smarthelp/contact-us"},VENMO:{CONTACT_US:"/contact-us/ "},XOOM:{CONTACT_US:"https://help.xoom.com/s/contactsupport"}},i={SMS:"SMS",EMAIL:"EMAIL",IVR:"IVR"},a={NAP_FAILURE:"NAP_FAILURE",VERIFY_OTP_FAILURE:"VALIDATION_ERROR",CHALLENGE_FAILED:"FAILED",AUTHFLOW_FAILED:"CHALLENGES_FAILED",UNKNOWN:"UNKNOWN"},o={ACTIVE:"ACTIVE"},c={CREATE:"CREATE",SELECT:"SELECT",ANSWER:"ANSWER",RESEND:"RESEND",VERIFY:"VERIFY"},l="logo",_="NoChallengesAvailableError"},27227:(e,n,t)=>{"use strict";t.d(n,{x3:()=>$,mV:()=>j,HE:

Chrome Cache Entry: 182

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	646
Entropy (8bit):	4.768262924160781
Encrypted:	false
SSDEEP:
MD5:	F95326881ACA6EE557D3D5D8A669A8B5
SHA1:	BFBB8C936C2556086BBAF75F76B6B4AC5248F2A9
SHA-256:	A5FBBC45491760741144B2D841B6CFC6A44719B155039C439AD74338B2F4346E
SHA-512:	02A75BC89367BA6D3DC6A46434E8D50A1751A7CFBFCE9FE7E3C936A3B7992BA53007483F425FB65564E1165EF888AD9F506A1B93B626949AB798FE48B2710F15
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ncs/venmo/mapping.js
Preview:	(function(){. if(window){. window.cookiemapping = {. "venmo":{. "isClientCookies": true,. "filterAPI": "",. "essential":["cookie_prefs","tsrce","ts","ts_c","x-pp-s","l7_az","LANG","enforce_policy","tenant_ts","v_id","KHcl0EuY7AKSMgfvHl7J5E7hPtK","TLTSID","_csrf","api_access_token","w_fc"],. "functional":["amp_8f6a82","_dd_s","login_email"],. "performance":["sc_f"],. "marketing":["_gat_contentPageTracker","_gid","_ga","_gat","_ga_9EEMPVZPSW","_gat_gtag_UA_15492939_15","_gat_gtag_UA_15492939_14"]. }. }. }.})();

Chrome Cache Entry: 183

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	704343
Entropy (8bit):	5.0532185398015566
Encrypted:	false
SSDEEP:
MD5:	76538B7BF4E06AC0EDBAE9D664B5AFD1
SHA1:	0FE395FA5D13A1FD867EB1E6BE152B8EE3431DDF
SHA-256:	04DA9656E4EF637A466F9A1F4C9B3465F0A742190E062B356E3ED2339BA5DDDD
SHA-512:	C3E66BCB7C3A339FC83D251E91DD1BF560E03DFEA19899E050C937D4531E4EEB6FD68B7A3EE00286040352AEAF519CB0FB286CE983DCA5BA6179C51628DA6698
Malicious:	false
Reputation:	unknown
Preview:	{"accountId":"17574920715","projectId":"17574920715","revision":"12494","attributes":[{"id":"18157315162","key":"device_name"},{"id":"18164490425","key":"device_os"},{"id":"18175701833","key":"os_version"},{"id":"18222852632","key":"identity_has_submitted"},{"id":"18236841636","key":"is_blocked"},{"id":"18238852342","key":"cip_status"},{"id":"18242491672","key":"needs_verification"},{"id":"18244572215","key":"is_group"},{"id":"18244801617","key":"is_active"},{"id":"18244872354","key":"available_instant_transfer_capabilities"},{"id":"18249981645","key":"is_limited_account"},{"id":"18250251116","key":"is_web_authorized"},{"id":"18252761666","key":"identity_type"},{"id":"18254440426","key":"is_balance_upgrade_user"},{"id":"18259381627","key":"is_suspended_for_disputes"},{"id":"18259672092","key":"is_venmo_team"},{"id":"18262190830","key":"is_goods_services_limited"},{"id":"18265142697","key":"is_indebted"},{"id":"18269021962","key":"friends_count"},{"id":"18269181752","key":"automatic_tra

Chrome Cache Entry: 184

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21249), with no line terminators
Category:	downloaded
Size (bytes):	21249
Entropy (8bit):	5.314737275899317
Encrypted:	false
SSDEEP:
MD5:	3F10BC4B346BCB2957B005B171BAB326
SHA1:	8EBC09D5E333A560FC598C703C6953A4983D1CAF
SHA-256:	2DCA66097C5549D9D0A36DBECB46BB73364786CF80EAE2960986491BA4CE9BF3
SHA-512:	327CEEFE97BC2AC298592DA1D8D7B80A94C020944574ABA1120A49094DCBD5AD48E14DBF8C1605DB181F029DD7ACC50E437C2281AD687976313D56516D344B8A
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendor5.9d5ed3531243aee5e049.js
Preview:	(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[5],{23541:(e,t,r)=>{"use strict";r.d(t,{Ry:()=>f});var n=function(e){return"undefined"==typeof document?null:(Array.isArray(e)?e[0]:e).ownerDocument.body},o=new WeakMap,i=new WeakMap,s={},a=0,u=function(e){return e&&(e.host\|\|u(e.parentNode))},c=function(e,t,r,n){var c=function(e,t){return t.map((function(t){if(e.contains(t))return t;var r=u(t);return r&&e.contains(r)?r:(console.error("aria-hidden",t,"in not contained inside",e,". Doing nothing"),null)})).filter((function(e){return Boolean(e)}))}(t,Array.isArray(e)?e:[e]);s[r]\|\|(s[r]=new WeakMap);var f=s[r],l=[],p=new Set,d=new Set(c),h=function(e){e&&!p.has(e)&&(p.add(e),h(e.parentNode))};c.forEach(h);var m=function(e){e&&!d.has(e)&&Array.prototype.forEach.call(e.children,(function(e){if(p.has(e))m(e);else{var t=e.getAttribute(n),s=null!==t&&"false"!==t,a=(o.get(e)\|\|0)+1,u=(f.get(e)\|\|0)+1;o.set(e,a),f.set(e,u),l.push(e),1===a&&s&&i.set(e,!0

Chrome Cache Entry: 185

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	127013
Entropy (8bit):	5.024667878330557
Encrypted:	false
SSDEEP:
MD5:	226640CAE8DD928FA4EA8D1AEC3C3229
SHA1:	4D3E8C45DACCFEFD83A36599DAB1B80CCE53E3C8
SHA-256:	5D2F3227A9F5CA5F23488E20141DEB181FDABD8032EAD4E79E194D0C7D0A2BCF
SHA-512:	C5ECE01E8E09B70C89BE6835269E13A6888B56C5AB4174BE2853A24347652B90E0416D23DD4758E63B7C1AF2D88EB10D35183F8E315B1D95F1461121D10CF9C3
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo38.18ef90e268efd5088cd9.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[38],{19531:(e,t,n)=>{function l(e){return e&&"object"==typeof e&&"default"in e?e.default:e}var r=l(n(35776)),a=n(84395),i=l(n(62015));e.exports=function(e){return r.createElement(i,a.__assign({titleAccess:"Amex"},e),r.createElement("path",{fillRule:"evenodd",clipRule:"evenodd",d:"M18 0C19.1046 0 20 0.89543 20 2V18C20 19.1046 19.1046 20 18 20H2C0.89543 20 0 19.1046 0 18V2C0 0.89543 0.89543 0 2 0H18ZM14.1966 10.3636L7.90259 10.3635V15.577H14.1452L15.6508 13.9081L17.172 15.577H19.0022V15.5031L16.6082 12.9673L19.0022 10.4046V10.3636H17.1903L15.6913 12.016L14.1966 10.3636ZM12.323 10.384L14.7494 12.9673L12.323 15.556L12.3232 14.3616H9.33391V13.5608H12.252V12.3798H9.33391V11.5645H12.3232L12.323 10.384ZM13.7251 9.63204V6.0539L15.056 9.63204H16.3167L17.6205 6.06613V9.64427L19.0016 9.63204V4.42296H16.8552L15.7002 7.63305L14.5526 4.43063L12.3224 4.42296L12.322 9.587L10.0387 4.42379H8.2057

Chrome Cache Entry: 187

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (29698)
Category:	downloaded
Size (bytes):	75682
Entropy (8bit):	5.4739280453671375
Encrypted:	false
SSDEEP:
MD5:	7FC4DA63A9F61404758B98541CB68C13
SHA1:	D2D204FFA5CEDB7DCE315BA840AD7E138C445620
SHA-256:	562F9615C7771FD153577743C42474A2A4B8C7C1906D7FE57D7DF779CBBACD8C
SHA-512:	8100DDFB7361B4799172B320C39B13F71D24D182E28D6110D6F4698E46EEECB1F614730DE1FBE97982E85BCAC6B65D428864A2674BEF89F2DAADFB87A1390DEC
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo40.6b9396492b9ecd85d966.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[40],{98660:(e,t,n)=>{n.r(t),n.d(t,{Accordion:()=>x.Z,AccordionActions:()=>w.Z,AccordionDetails:()=>O.Z,AccordionSummary:()=>E.Z,AppBar:()=>C.Z,Avatar:()=>S.Z,Backdrop:()=>T.Z,Badge:()=>k.Z,BottomNavigation:()=>L.Z,BottomNavigationAction:()=>M.Z,Box:()=>I.Z,Breadcrumbs:()=>A.Z,Button:()=>F.Z,ButtonBase:()=>D.Z,ButtonGroup:()=>R.Z,Card:()=>N.Z,CardActionArea:()=>B.Z,CardActions:()=>z.Z,CardContent:()=>H.Z,CardHeader:()=>W.Z,CardMedia:()=>V.Z,Checkbox:()=>$.Z,Chip:()=>j.Z,CircularProgress:()=>U.Z,ClickAwayListener:()=>q.Z,Collapse:()=>G.Z,Container:()=>Y.Z,CssBaseline:()=>_.ZP,Dialog:()=>K.Z,DialogActions:()=>X.Z,DialogContent:()=>J.Z,DialogContentText:()=>Q.Z,DialogTitle:()=>ee.Z,Divider:()=>te.Z,Drawer:()=>ne.ZP,ExpansionPanel:()=>re.Z,ExpansionPanelActions:()=>oe.Z,ExpansionPanelDetails:()=>ie.Z,ExpansionPanelSummary:()=>ae.Z,Fab:()=>le.Z,Fade:()=>ue.Z,FilledInput:()=>se.Z,Form

Chrome Cache Entry: 189

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	40
Entropy (8bit):	4.462814895472355
Encrypted:	false
SSDEEP:
MD5:	6E315155A0646B455D3DAF58844E8FDA
SHA1:	6C5DBB9057BC2E762C8867E6C29C9E690149B1B1
SHA-256:	E2405FED5764E80BFD34342402CC15736FC404D2CAB624CBB6D22CEED91EC59D
SHA-512:	6C401DB77C2D3533C384DEBEC5CB21F5A13E7B4BAFD09B3F8CAB7F18EA2CBCAB02E96684C0220187E4989E4EC45093BA5C2A837508B8D5BBDEF995A2A3BAFA8D
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwllmVVltdWNqhIFDTWGVBwSBQ2Saqy-?alt=proto
Preview:	ChoKCw01hlQcGgQISxgCCgsNkmqsvhoECFYYAg==

Chrome Cache Entry: 190

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.75
Encrypted:	false
SSDEEP:
MD5:	AFB69DF47958EB78B4E941270772BD6A
SHA1:	D9FE9A625E906FF25C1F165E7872B1D9C731E78E
SHA-256:	874809FB1235F80831B706B9E9B903D80BD5662D036B7712CC76F8C684118878
SHA-512:	FD92B98859FFCCFD12AD57830887259F03C7396DA6569C0629B64604CD964E0DF15D695F1A770D2E7F8DF238140F0E6DA7E7D176B54E31C3BB75DDE9B9127C45
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAl-0UiH02feWxIFDVNaR8U=?alt=proto
Preview:	CgkKBw1TWkfFGgA=

Chrome Cache Entry: 191

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (63464)
Category:	dropped
Size (bytes):	680185
Entropy (8bit):	5.486090438268409
Encrypted:	false
SSDEEP:
MD5:	075A4AF6EA7E3CE15FAB8E2FD9AE3A3E
SHA1:	A6D3789675C15E3B2B74CAAA38AA14325EECD11C
SHA-256:	02E744A715FE1D9BA8A967A0D577D4144C9C415C4B4460D9ECCBD0BBBC90EF28
SHA-512:	248A88F37F1FCA9DF66D7844A8E87EF74A2751215E1720F3CA4D3EB0FB6C15548AAE6F5A97F90DCBB577DE157F20D9BDA648810083998E91CD6155C7C575E3DE
Malicious:	false
Reputation:	unknown
Preview:	<!DOCTYPE html><html lang="en-US"><head><meta charSet="utf-8"/><meta http-equiv="x-ua-compatible" content="ie=edge"/><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"/><link rel="icon" href="/favicon.ico"/><link rel="apple-touch-icon" href="/favicon.ico"/><link rel="apple-touch-icon-precomposed" href="/favicon.ico"/><script>. // Avoids iframing for old browsers: if iFrame is being loaded cross-domain,. // do a soft redirect.. // Regex matches https://.venmo.com or https://.venmo.biz. if (top != self && document && document.referrer && document.referrer.length > 0 && !document.referrer.match(new RegExp('https://([a-z0-9]+.)*venmo.(com\|biz)', 'g'))) {. window.onload = function() { document.body.innerHTML = ""; }. top.location = location;. }. </script><script async="" src="https://www.googletagmanager.com/gtag/js?G-NM9TNT36E1"></script><script>window.dataLayer = wi

Chrome Cache Entry: 193

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4867)
Category:	downloaded
Size (bytes):	42776
Entropy (8bit):	5.227517739177675
Encrypted:	false
SSDEEP:
MD5:	1538CA5547A9BB24D4C4AB09CE1789D1
SHA1:	F404580CFF998B18272283938166433508D683C3
SHA-256:	D223C57B8C1618650127CFD2F2932D45B6B2A636D12D37918D284FB46414B0F8
SHA-512:	DAF4CB709C031B00C10DB17CD3FF2DA7A693EEF8A9E9906D7B13C20A09F38877942FCDF5FE7B8291F497063D1EEB5300D948C92E8A02961CCA5197AD636A7D14
Malicious:	false
Reputation:	unknown
URL:	https://account.venmo.com/_next/static/css/14e9b33511a2b142.css
Preview:	@font-face{font-family:"Scto Grotesk A";font-style:normal;font-weight:400;src:local("Scto Grotesk A"),url("/static/fonts/Scto-Grotesk-A-Regular.woff") format("woff")}@font-face{font-family:"Scto Grotesk A Italic";font-style:italic;font-weight:400;src:local("Scto Grotesk A Italic"),url("/static/fonts/Scto-Grotesk-A-Regular-Italic.woff") format("woff")}@font-face{font-family:"Scto Grotesk A Medium";font-style:normal;font-weight:500;src:local("Scto Grotesk A Medium"),url("/static/fonts/Scto-Grotesk-A-Medium.woff") format("woff")}@font-face{font-family:"Scto Grotesk A Bold";font-style:normal;font-weight:700;src:local("Scto Grotesk A Bold"),url("/static/fonts/Scto-Grotesk-A-Bold.woff") format("woff")}@font-face{font-family:"Athletics Regular";font-style:normal;font-weight:400;src:local("Athletics"),url("/static/fonts/Athletics-Regular.woff") format("woff")}@font-face{font-family:"Athletics Medium";font-style:normal;font-weight:500;src:local("Athletics"),url("/static/fonts/Athletics-Medium.w

Chrome Cache Entry: 194

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5762)
Category:	downloaded
Size (bytes):	10283
Entropy (8bit):	5.35566149591199
Encrypted:	false
SSDEEP:
MD5:	37AADB605A5073402B4D4348108821FC
SHA1:	D6A53322D1CE7C096A16907CC42D623507A6DFE7
SHA-256:	C00273097FCC653A04461C4BAF69C033C96DD9098C77AF0A3BE8E4F96EEDCC04
SHA-512:	733E56E9FEC8C0D2526FB8B4F6C43810BD5C1EB7089414BF67DB95051448BFC5A366B2EAA18B1967361DF5CBED80DBC066EA3E8A41B4488970CCCB2FFED72C86
Malicious:	false
Reputation:	unknown
URL:	https://account.venmo.com/_next/static/css/6c9663029f270459.css
Preview:	@font-face{font-family:"Scto Grotesk A";font-style:normal;font-weight:400;src:local("Scto Grotesk A"),url("/static/fonts/Scto-Grotesk-A-Regular.woff") format("woff")}@font-face{font-family:"Scto Grotesk A Italic";font-style:italic;font-weight:400;src:local("Scto Grotesk A Italic"),url("/static/fonts/Scto-Grotesk-A-Regular-Italic.woff") format("woff")}@font-face{font-family:"Scto Grotesk A Medium";font-style:normal;font-weight:500;src:local("Scto Grotesk A Medium"),url("/static/fonts/Scto-Grotesk-A-Medium.woff") format("woff")}@font-face{font-family:"Scto Grotesk A Bold";font-style:normal;font-weight:700;src:local("Scto Grotesk A Bold"),url("/static/fonts/Scto-Grotesk-A-Bold.woff") format("woff")}@font-face{font-family:"Athletics Regular";font-style:normal;font-weight:400;src:local("Athletics"),url("/static/fonts/Athletics-Regular.woff") format("woff")}@font-face{font-family:"Athletics Medium";font-style:normal;font-weight:500;src:local("Athletics"),url("/static/fonts/Athletics-Medium.w

Chrome Cache Entry: 196

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4179)
Category:	downloaded
Size (bytes):	203018
Entropy (8bit):	5.541856804843727
Encrypted:	false
SSDEEP:
MD5:	92076C027153C47A84BEBEEAD17E7D91
SHA1:	96082B9F288933ED176F38EB82EB335F86B204EF
SHA-256:	B3A62B020EC4402D4FC85C9A4802ACE19E0D33EADDA0B805560F3DDAAC95A06E
SHA-512:	DB10CAB4B487514B0EECB8EEA9E72BAFCF7618234108003B67882E5117A75706508AA1CABA75AD132A625D78C9B32D20564BE4C104F117D3B5B4BE51EEF409D8
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/js?id=UA-15492939-15&l=dataLayer&cx=c
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_1p_data_v2","priority":2,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_streetValue":"","vtp_lastNameType":"CSS_SELECTOR","vtp_autoAddressEnabled":false,"vtp_regionValue":"","vtp_countryValue":"","vtp_isAutoCollectPiiEnabledFlag":false,"tag_id":6},{"function":"__c

Chrome Cache Entry: 197

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2343)
Category:	downloaded
Size (bytes):	52916
Entropy (8bit):	5.51283890397623
Encrypted:	false
SSDEEP:
MD5:	575B5480531DA4D14E7453E2016FE0BC
SHA1:	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1
SHA-256:	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
SHA-512:	174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A
Malicious:	false
Reputation:	unknown
URL:	https://www.google-analytics.com/analytics.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var n=this\|\|self,p=function(a,b){a=a.split(".");var c=n;a[0]in c\|\|"undefined"==typeof c.execScript\|\|c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length\|\|void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};function q(){for(var a=r,b={},c=0;c<a.length;++c)b[a[c]]=c;return b}function u(){var a="ABCDEFGHIJKLMNOPQRSTUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;.function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r\|\|u();v=v\|\|q();for(var c="",d=0;;){var e=b(-1),f=b(0),h=b(64),g=b(64);if(64===g&&-1===e)return c;c+=String.fromCharCode(e<<2\|f>>4);64!=h&&(c+=String.fromCharCode(f<<4&240\|h>>2),64!=g&&(c+=String.fromCharCode(h<<6&192\|g)))}};var w={},y=function(a){w.TAGGING=w.TAGGING\|\|[];w.TAGGING[a]=!0};var ba=Array.isArray,c

Chrome Cache Entry: 198

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (64534)
Category:	downloaded
Size (bytes):	118285
Entropy (8bit):	5.211957238985907
Encrypted:	false
SSDEEP:
MD5:	3733BAE913AE75BC992C070E4A79D721
SHA1:	3145773BEFA3B0743DE267234E320C3CAFB09B9E
SHA-256:	DCF38E4CB319F4E81B5F5802655CF9FCCF0D11B8E2868F756DC079E0413F0616
SHA-512:	BDB4F11B2D00CC2D552ED41CFDA6E5999A0E79105C547F91BDC490AACE11815841F793BFC87738D551D711628D8AB0FBED056CEEDBB53E76E6CBF6A128974AAD
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendor6.0d835df92abd25f3083d.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[6],{23564:(e,t,r)=>{r.d(t,{ZT:()=>i,pi:()=>o,_T:()=>a,mG:()=>s,Jh:()=>c,ev:()=>u});./! **************************************************************************.Copyright (c) Microsoft Corporation...Permission to use, copy, modify, and/or distribute this software for any.purpose with or without fee is hereby granted...THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH.REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY.AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,.INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM.LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR.OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR.PERFORMANCE OF THIS SOFTWARE..*************************************************************************** *

Chrome Cache Entry: 199

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (949)
Category:	downloaded
Size (bytes):	1008213
Entropy (8bit):	5.281514191529744
Encrypted:	false
SSDEEP:
MD5:	9A5C9C9E4ACF78530702F05C8812D924
SHA1:	E8C9A0427A8B38BE81D1627598BDE66E8E0C76E0
SHA-256:	8F9A3097712FA8D19853A48B6194C7FCA692E113E5F49B3FF1D4B4358D03CB2B
SHA-512:	6AA86FAB9A2586D64B695BCBE25512C5855EA18E9922B2F5F69FDF28BCF3CDCAF429B80DF3D2D2F7C39551C52BEFAB9238B951E9B86342F2AC34D24BFF6D6730
Malicious:	false
Reputation:	unknown
URL:	https://account.venmo.com/_next/static/chunks/pages/identity/unsubscribe-cee025d58534df91.js
Preview:	(self["webpackChunk_N_E"] = self["webpackChunk_N_E"] \|\| []).push([[3842],{../*/ 23983:.// (function(__unused_webpack_module, __webpack_exports__, __webpack_require__) {.."use strict";.// ESM COMPAT FLAG.__webpack_require__.r(__webpack_exports__);..// EXPORTS.__webpack_require__.d(__webpack_exports__, {. "default": function() { return / binding */ index_esm; }.});..;// CONCATENATED MODULE: ./node_modules/date-fns/esm/_lib/toInteger/index.js.function toInteger(dirtyNumber) {. if (dirtyNumber === null \|\| dirtyNumber === true \|\| dirtyNumber === false) {. return NaN;. }. var number = Number(dirtyNumber);. if (isNaN(number)) {. return number;. }. return number < 0 ? Math.ceil(number) : Math.floor(number);.}.// EXTERNAL MODULE: ./node_modules/@babel/runtime/helpers/esm/typeof.js.var esm_typeof = __webpack_require__(71002);.;// CONCATENATED MODULE: ./node_modules/date-fns/esm/_lib/requiredArgs/index.js.function requiredArgs(required, args) {. if (args.length < required) {.

Chrome Cache Entry: 200

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4179)
Category:	downloaded
Size (bytes):	276373
Entropy (8bit):	5.564823627050393
Encrypted:	false
SSDEEP:
MD5:	1459E68E51098E307A5C7E9F7C38F414
SHA1:	7FEDE05B247AF4C4E1CA9B24B6740F49754B3182
SHA-256:	3805F827924D33DA5BA7C2E04C36DC945F02D5B8EE8D2E6531001C63B8045B40
SHA-512:	3F046ED6B7D3C007129BE03A5B55557F9165BB309AB46C0B03B8B0F4072553093C62F30B79D8DC9404A6011F909CBE41C926A00DFD646D69A1E6E9AFAE39B640
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/js?id=G-9EEMPVZPSW
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"vtp_signal":0,"function":"__c","vtp_value":0},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_dma","priority":11,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":105},{"function":"__ogt_1p_data_v2","priority":11,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","

Chrome Cache Entry: 201

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (20103), with no line terminators
Category:	downloaded
Size (bytes):	20105
Entropy (8bit):	5.323668866957911
Encrypted:	false
SSDEEP:
MD5:	FC04B20BA02FD08D6AAB6D8A43CF5DD5
SHA1:	D338E99E42AE3E31ACF28AAABB4623A53CBACEED
SHA-256:	E2E7E41C547B7FD56955D9720C466F82C0E9A6A67BB6135D0BE10A37ED16E9A1
SHA-512:	9A5187962B315CB76C12FE2A7DB1C325DE464F37C4F15CDF332BBE0DF8CB668FD8381B7288244F366F5E1BD3D927ED0CAF26ABB07007B45C57BF03B0E81EF0C0
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo32.82f13c5642468dd4c86e.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[32],{59446:(e,t,n)=>{n.d(t,{Z:()=>c});var o=n(87462),r=n(45987),i=n(35776),a=n(86010),l=n(41598),s=n(52543),d=i.forwardRef((function(e,t){var n=e.disableUnderline,s=e.classes,d=e.fullWidth,c=void 0!==d&&d,u=e.inputComponent,f=void 0===u?"input":u,p=e.multiline,m=void 0!==p&&p,g=e.type,v=void 0===g?"text":g,h=(0,r.Z)(e,["disableUnderline","classes","fullWidth","inputComponent","multiline","type"]);return i.createElement(l.Z,(0,o.Z)({classes:(0,o.Z)({},s,{root:(0,a.default)(s.root,!n&&s.underline),underline:null}),fullWidth:c,inputComponent:f,multiline:m,ref:t,type:v},h))}));d.muiName="Input";const c=(0,s.Z)((function(e){var t="light"===e.palette.type,n=t?"rgba(0, 0, 0, 0.42)":"rgba(255, 255, 255, 0.7)",o=t?"rgba(0, 0, 0, 0.09)":"rgba(255, 255, 255, 0.09)";return{root:{position:"relative",backgroundColor:o,borderTopLeftRadius:e.shape.borderRadius,borderTopRightRadius:e.shape.bord

Chrome Cache Entry: 203

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (62481)
Category:	downloaded
Size (bytes):	62614
Entropy (8bit):	5.2597467350599425
Encrypted:	false
SSDEEP:
MD5:	41D3B3BC1A2E1EE9C93F4C705BEF8DD7
SHA1:	1D4FEB4895221A1BB7CA66E8C04007C3FB809B5B
SHA-256:	A1254B1BE1DC79A2411FB8323846F7B30CD32354CB0697091D58706C1D97E030
SHA-512:	FE2092F18B36E95597956EAB413460E7D51EEB9CCA5A4EF222B3ADE84EF6BD48BEF710B8DAADB9EA99D1CD5A7164C5F5EC66C94478807695C08E23BEF3F22BD9
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendor0.267c78b402a2d355f293.js
Preview:	(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[0],{56573:(t,e,n)=>{var r=n(34155);./! For license information please see dfp-paypal.js.LICENSE.txt /(()=>{var e={98:function(t,e){var n="undefined"!=typeof self?self:this,r=function(){function t(){this.fetch=!1,this.DOMException=n.DOMException}return t.prototype=n,new t}();!function(t){!function(e){var n="URLSearchParams"in t,r="Symbol"in t&&"iterator"in Symbol,o="FileReader"in t&&"Blob"in t&&function(){try{return new Blob,!0}catch(t){return!1}}(),i="FormData"in t,u="ArrayBuffer"in t;if(u)var a=["[object Int8Array]","[object Uint8Array]","[object Uint8ClampedArray]","[object Int16Array]","[object Uint16Array]","[object Int32Array]","[object Uint32Array]","[object Float32Array]","[object Float64Array]"],s=ArrayBuffer.isView\|\|function(t){return t&&a.indexOf(Object.prototype.toString.call(t))>-1};function c(t){if("string"!=typeof t&&(t=String(t)),/[^a-z0-9\-#$%&'*+.^_`\|~]/i.test(t))throw ne

Chrome Cache Entry: 205

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (487), with no line terminators
Category:	downloaded
Size (bytes):	487
Entropy (8bit):	5.011010059657267
Encrypted:	false
SSDEEP:
MD5:	7F957852C00F1EE8B6A624D47DD1C3D1
SHA1:	0674A57F083EBFC29092A38B9D1AFD10CE746A24
SHA-256:	82740F58436E87CEB41CFBDE0FB1FC04EB09252F72C7E8E96B94F2F842AF2652
SHA-512:	B770BAC02AF588E93780646EDF7DA50DFE469D2ED14A3DA466B6DD0AFEB06F694EA427A1CCC497456BF871BF1BB018B14B6F383C2DD2703AB43BDCF3A9060DFA
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/paypal-ui/web/icon-font/0-0-1/icon-font.min.css
Preview:	@font-face{font-family:PPUI-Icons;src:url(https://www.paypalobjects.com/paypal-ui/icons/font_icon/0-0-29/PPUI-Icons.woff2) format('woff2'),url(https://www.paypalobjects.com/paypal-ui/icons/font_icon/0-0-29/PPUI-Icons.woff) format('woff'),url(https://www.paypalobjects.com/paypal-ui/icons/font_icon/0-0-29/PPUI-Icons.eot?#iefix) format('embedded-opentype'),url(https://www.paypalobjects.com/paypal-ui/icons/font_icon/0-0-29/PPUI-Icons.svg) format('svg');font-style:normal;font-weight:500}

Chrome Cache Entry: 206

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (28467)
Category:	downloaded
Size (bytes):	28641
Entropy (8bit):	5.125354299012714
Encrypted:	false
SSDEEP:
MD5:	FBDA8C2C0D1530F65284126E2E067BC7
SHA1:	847807C07238C03EB0BB88132197BE0CACE7760F
SHA-256:	41014892C8DC3B0294E22A5EB65CCD2197FA44F73DF28EFE98AD48013B9A3976
SHA-512:	D9905267C97CB0319300D7F05505733970BB30D61825D8402E73A989AAE1AC5108ACF25E78871337C2A2F09BF4F54CD4AF8905AFE965F83315E5FDB7AF7213C3
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendor9.2d8760f4fc1a0aa6631b.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[9],{30314:(e,t,r)=>{r.d(t,{Z:()=>s});var n=r(25477);function i(e){var t={};for(var r in e){t[0===r.indexOf("--")?r:(0,n.Z)(r)]=e[r]}return e.fallbacks&&(Array.isArray(e.fallbacks)?t.fallbacks=e.fallbacks.map(i):t.fallbacks=i(e.fallbacks)),t}const s=function(){return{onProcessStyle:function(e){if(Array.isArray(e)){for(var t=0;t<e.length;t++)e[t]=i(e[t]);return e}return i(e)},onChangeValue:function(e,t,r){if(0===t.indexOf("--"))return e;var i=(0,n.Z)(t);return t===i?e:(r.prop(i,e),null)}}}},83961:(e,t,r)=>{r.d(t,{Z:()=>h});var n=r(54013),i=n.HZ&&CSS?CSS.px:"px",s=n.HZ&&CSS?CSS.ms:"ms",o=n.HZ&&CSS?CSS.percent:"%";function a(e){var t=/(-[a-z])/g,r=function(e){return e[1].toUpperCase()},n={};for(var i in e)n[i]=e[i],n[i.replace(t,r)]=e[i];return n}var u=a({"animation-delay":s,"animation-duration":s,"background-position":i,"background-position-x":i,"background-position-y":i,"backgrou

Chrome Cache Entry: 207

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (461)
Category:	downloaded
Size (bytes):	4618992
Entropy (8bit):	5.319670039207031
Encrypted:	false
SSDEEP:
MD5:	CA89A6EBA361A01B47C6FD3283A76A03
SHA1:	6EFD22AB0D4BD4C801A062A60135C5C524B34EF0
SHA-256:	EA6951F25B736EFF00E9D62AB99414EA0956F4350389337EC2DFE8C0284D72EA
SHA-512:	E9B8A3CC4EB05CB05BE149C379C028612849DB7A802B70FF5BD8E77FBFD382065C7BAD4BDF537D19FD4F62C33A31597732E488097FD90CC5764A9F592E564032
Malicious:	false
Reputation:	unknown
URL:	https://account.venmo.com/_next/static/chunks/pages/_app-0a560d71483f9f85.js
Preview:	(self["webpackChunk_N_E"] = self["webpackChunk_N_E"] \|\| []).push([[2888],{../*/ 83974:.// (function(__unused_webpack_module, __webpack_exports__, __webpack_require__) {.."use strict";./ harmony export / __webpack_require__.d(__webpack_exports__, {./ harmony export / "QS": function() { return / binding / makeVar; },./ harmony export / "_v": function() { return / binding / recallCache; },./ harmony export / "ab": function() { return / binding / cacheSlot; },./ harmony export / "li": function() { return / binding / forgetCache; }./ harmony export / });./ harmony import / var optimism__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(95039);./ harmony import / var _wry_context__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(38751);...var cacheSlot = new _wry_context__WEBPACK_IMPORTED_MODULE_1__/ .Slot */ .g7();.var cacheInfoMap = new WeakMap();.function getCacheInfo(cache) {. var info = cacheInfoMap.get(cache);. if (!info) {. cacheInfo

Chrome Cache Entry: 208

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (36413), with no line terminators
Category:	downloaded
Size (bytes):	36413
Entropy (8bit):	4.990076726898436
Encrypted:	false
SSDEEP:
MD5:	C49C6FA73F057CE06A4316A972F1C2D8
SHA1:	B6FA8F33CD86D1495ADF8EA73898A94BD09B193A
SHA-256:	8B340B5D80A2189043370D26C3FD88767FE0E237BA13E60CDB3BAC0C22E87474
SHA-512:	8E567CDBDF87306315E0D655CC41DEB76412BBB4B611E6046D5F4F895936AC0A3EF1E7BC44DAF560C0B5F69D8D88E121C26D963D3422B997FFEA836E58F253B1
Malicious:	false
Reputation:	unknown
URL:	https://account.venmo.com/_next/static/KayRtQ_1ym5_-NM6DR61r/_buildManifest.js
Preview:	self.__BUILD_MANIFEST = (function(a,b,c,d,e,f,g,h,i,j){return {__rewrites:{beforeFiles:[{source:"\u002F:nextInternalLocale(en)\u002Fsignup",destination:"\u002F:nextInternalLocale\u002Fsignup\u002Flogged-in-sign-up",has:[{type:"cookie",key:"api_access_token"}]},{source:e,destination:c}],afterFiles:[{source:"\u002F:nextInternalLocale(en)\u002Fincentives",destination:"\u002F:nextInternalLocale"},{source:"\u002F:nextInternalLocale(en)\u002Faccount\u002Fpassword-reset",destination:"\u002F:nextInternalLocale\u002Fpassword-reset"},{source:"\u002F:nextInternalLocale(en)\u002Faccount\u002Fpassword-new",destination:"\u002F:nextInternalLocale\u002Fpassword-new"},{source:"\u002F:nextInternalLocale(en)\u002Forganization-accounts\u002Fsign-in",destination:d},{source:"\u002F:nextInternalLocale(en)\u002Fgroups\u002Fsign-in",destination:d},{source:"\u002F:nextInternalLocale(en)\u002Fwebviews\u002Fsettings\u002Ftaxdocuments",destination:"\u002F:nextInternalLocale\u002Fsettings\u002Ftax-document"},{sourc

Chrome Cache Entry: 209

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	68275
Entropy (8bit):	4.987890583723378
Encrypted:	false
SSDEEP:
MD5:	23C6EE2E2F8D5092136B3D64F53B129B
SHA1:	46AB168628B6C3E017C23F4F39C69347DF9CD502
SHA-256:	EDA54B0C1DA33BD1926916880A1CFB826E307543A2F85EFCD39728E7EC84C6EF
SHA-512:	742E71DD149D9C886EF5F92A6122DF162D07FD66FEFDAAE75DD4BCE4275B9B66BA6B05A62D273AA7105E236C94B2F04DF309AB2A036B90BD10195AA3BC35E436
Malicious:	false
Reputation:	unknown
Preview:	{"authButton":{"button":{"connect":"Connect with PayPal","logIn":"Log in with PayPal","signUp":"Sign up with PayPal","continue":"Continue with PayPal"}},"authflow":{"paypal":{"challengeList":{"header":"Quick security check","subheader":"We just need some additional info to confirm it's you.","sms":{"use":"We sent a security code to {otpDestination}.","info":"By continuing, you confirm that you are authorized to use this phone number and agree to receive text messages to confirm your identity in this session. Carrier fees may apply.","info2":"By continuing, you confirm that you are authorized to use this phone number and agree to receive text messages to confirm your identity in this session. Carrier fees may apply. We will receive subscriber and device details from your wireless operator to use for risk and fraud purposes."},"email":{"use":"We sent a security code to {otpDestination}. You may need to check your Junk or Spam folder.","description":"We just need to confirm it's you. To c

Chrome Cache Entry: 210

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	7277
Entropy (8bit):	5.510647900804331
Encrypted:	false
SSDEEP:
MD5:	2A6BFC52436D5C21F009EC6B733575CE
SHA1:	BB1F981AAF38E1AF5280CFAF4F02C82178FC18BF
SHA-256:	6D83FACF72CE5936179DF63290D2C0AA31B4D9BAA719E6C1BB722190CD6255B2
SHA-512:	35A01C867904271285D8FA577309FFC7913AFD3B65DA83B8BBBCDC3E325B1E8E7B1EEA7E48115A0EB47EF21DBA1C662D88A2BBC4AD9ADD3E74CEBF6E6B80E03C
Malicious:	false
Reputation:	unknown
URL:	https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly9pZC52ZW5tby5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=tnbgrglpioih
Preview:	<!DOCTYPE HTML><html dir="ltr"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.<meta http-equiv="X-UA-Compatible" content="IE=edge">.<style type="text/css">./* cyrillic-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu72xKOzY.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7mxKOzY.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Roboto';. f

Chrome Cache Entry: 211

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4559)
Category:	downloaded
Size (bytes):	42933
Entropy (8bit):	5.231470427715636
Encrypted:	false
SSDEEP:
MD5:	F436A7577063FA3DE7C4DA91B1098377
SHA1:	3F0F986B1218B6BF06E0B0C5D35BE5EBBEA42FFF
SHA-256:	7B3DC2FE8CE9887A750BCEAB72DDB8EAA2DB8EF82B25DF6C72B0628206E15FD1
SHA-512:	DE38F34A96CB4DB9A368F8A01DB2B2576E8B34E6E03FA08F9F302C0E9461EC8FA219D380364432CB444A578B5215A8340966A6A3F09BFD74AD7B19C444A5180D
Malicious:	false
Reputation:	unknown
URL:	https://account.venmo.com/_next/static/css/ce80a052d4932c39.css
Preview:	@font-face{font-family:"Scto Grotesk A";font-style:normal;font-weight:400;src:local("Scto Grotesk A"),url("/static/fonts/Scto-Grotesk-A-Regular.woff") format("woff")}@font-face{font-family:"Scto Grotesk A Italic";font-style:italic;font-weight:400;src:local("Scto Grotesk A Italic"),url("/static/fonts/Scto-Grotesk-A-Regular-Italic.woff") format("woff")}@font-face{font-family:"Scto Grotesk A Medium";font-style:normal;font-weight:500;src:local("Scto Grotesk A Medium"),url("/static/fonts/Scto-Grotesk-A-Medium.woff") format("woff")}@font-face{font-family:"Scto Grotesk A Bold";font-style:normal;font-weight:700;src:local("Scto Grotesk A Bold"),url("/static/fonts/Scto-Grotesk-A-Bold.woff") format("woff")}@font-face{font-family:"Athletics Regular";font-style:normal;font-weight:400;src:local("Athletics"),url("/static/fonts/Athletics-Regular.woff") format("woff")}@font-face{font-family:"Athletics Medium";font-style:normal;font-weight:500;src:local("Athletics"),url("/static/fonts/Athletics-Medium.w

Chrome Cache Entry: 212

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (47731), with no line terminators
Category:	downloaded
Size (bytes):	47731
Entropy (8bit):	5.348665290899702
Encrypted:	false
SSDEEP:
MD5:	DB2AD5C199391E0404D78E293CFEBB8D
SHA1:	21B7BC44C6A01F8F1FF81F8FA7FB3642362FCE46
SHA-256:	6C381C41ACAAFA8CF502237534E9B5286CEC0EA902B77EC17B8304031A63B7E0
SHA-512:	C072A858977330DDA19C0AD05AD55EC59D7A59B9F6387BB36DA055E932D39B1AA46CFA7E6E3EB1B014A46AB712656315E7E02380E1C247ED78C61FAF757539CE
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo44.443f4f43a85bbfae67ed.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[44],{82598:(e,t,n)=>{n.d(t,{Z:()=>v});var o=n(87462),r=n(45987),a=n(35776),i=n(45697),l=n.n(i),s=n(97148),d=n(8920);function c(e){var t=e.children,n=e.only,o=e.width,r=(0,d.Z)(),a=!0;if(n)if(Array.isArray(n))for(var i=0;i<n.length;i+=1){if(o===n[i]){a=!1;break}}else n&&o===n&&(a=!1);if(a)for(var l=0;l<r.breakpoints.keys.length;l+=1){var c=r.breakpoints.keys[l],u=e["".concat(c,"Up")],p=e["".concat(c,"Down")];if(u&&(0,s.yJ)(c,o)\|\|p&&(0,s.Vf)(c,o)){a=!1;break}}return a?t:null}c.propTypes={children:l().node,className:l().string,implementation:l().oneOf(["js","css"]),initialWidth:l().oneOf(["xs","sm","md","lg","xl"]),lgDown:l().bool,lgUp:l().bool,mdDown:l().bool,mdUp:l().bool,only:l().oneOfType([l().oneOf(["xs","sm","md","lg","xl"]),l().arrayOf(l().oneOf(["xs","sm","md","lg","xl"]))]),smDown:l().bool,smUp:l().bool,width:l().string.isRequired,xlDown:l().bool,xlUp:l().bool,xsDown:l().

Chrome Cache Entry: 213

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), CFF, length 18360, version 1.6553
Category:	downloaded
Size (bytes):	18360
Entropy (8bit):	7.9907545598911085
Encrypted:	true
SSDEEP:
MD5:	687B74C9A69AF269C66B34BA18D6ABD0
SHA1:	2BC090ADC07A731F3C13DA7969CA0A4409CEE081
SHA-256:	0D4D4B0EE4BDBBBFDF2FA8CC4C0BA0332A3798C2629CB806D249712F6A7063E3
SHA-512:	76DBEEBE46152856A68F6FBED9CE59619B07A68B3F2FDD20A9E697F659CA62147566689CCCFEB881B4AF4B234DDAA94EDA2774851550066AE36BE86CDB80B10A
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Light.woff2
Preview:	wOF2OTTO..G.......}...Gf...........................I.R..J..6.`..4.6.$......... ..\|5lS.Y...@sm...vp...cf3.K..&5....$'2.{....".$.D.J....=.9..DN..Z=Qd.(...../4.2.l...l.p.l....].\|..Sl.H8).d,.!lg`..zP.E..'].J..J.O.D..%2....D[.CE.PO\a.}....../..HP.....3..&.......?>\|PP...o/:.Y.........F.H.m..V_.hP00o$...^.#:....?.._.y..'f.YuZ.X.,...=m..~...J'i.......X.A.......9.hq.M.Oa..'.......i.5...'..SJ..#...S..w.a...!..d.nfw.t.]..C!1..qHE..UK...\|....\|..HlR....V...\|.f......>..."".X...t &N.#...D~................\Q.... ..b.iSL....ELkf.7..-..gK.B.L...T. O..JP0.@.._..Z]xYy....".H!.2P...D..../W+.Nz.._.{.i...TC'.J...i\|..(..>.>P.-.]...'.".&Q.,]...^.7 =..k8.a#.....4.....(...WU..........t.E.q...\|....2.E.Ad..P....a.e..-#@..L...BJ.R.6e...SJ.k.W.._a.jm.....f7{....^>ASN9.d.9....`....v....UH[x..-.......;.%....d..L60}..H..T"a..P.-...].].+.T.5{...!....DR.6Z)q........k..dB...zZ;..x.._...[..'....x"v..#p........C^SeS...&..}.?...T.y.Ox..O\|./...p.....CuwPz.t...''....S..@.-

Chrome Cache Entry: 214

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6668), with no line terminators
Category:	downloaded
Size (bytes):	6668
Entropy (8bit):	5.2494101687484855
Encrypted:	false
SSDEEP:
MD5:	DF802C4C5770B6202C2F3BE6022EA966
SHA1:	2B70D037B54ABE60308410690B4262D30B9EE2BB
SHA-256:	367C1C3E74BA79DE2CD1D54D5FF86F663751F298697FCAABF1BDF7A0EDD9E8A6
SHA-512:	969E95E617DC4462431E3908014067DB2FFC91AD1AE90015819AF8969EF39571B54D715C6A03C1E0E2A4CF3C2F0121E20A305A30A14F0691968DF8547137D15C
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo41.09e9e80f30091690ed55.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[41],{75445:(e,t,n)=>{n.d(t,{W:()=>p,Z:()=>f});var i=n(87462),a=n(45987),o=n(35776),l=n(99386),r=n(52543),d=n(89345),s=n(22601),c=n(25201),u=n(38799),p=function(e){return{root:{},select:{"-moz-appearance":"none","-webkit-appearance":"none",userSelect:"none",borderRadius:0,minWidth:16,cursor:"pointer","&:focus":{backgroundColor:"light"===e.palette.type?"rgba(0, 0, 0, 0.05)":"rgba(255, 255, 255, 0.05)",borderRadius:0},"&::-ms-expand":{display:"none"},"&$disabled":{cursor:"default"},"&[multiple]":{height:"auto"},"&:not([multiple]) option, &:not([multiple]) optgroup":{backgroundColor:e.palette.background.paper},"&&":{paddingRight:24}},filled:{"&&":{paddingRight:32}},outlined:{borderRadius:e.shape.borderRadius,"&&":{paddingRight:32}},selectMenu:{height:"auto",minHeight:"1.1876em",textOverflow:"ellipsis",whiteSpace:"nowrap",overflow:"hidden"},disabled:{},icon:{position:"absolute",righ

Chrome Cache Entry: 215

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (52145), with no line terminators
Category:	downloaded
Size (bytes):	52145
Entropy (8bit):	5.26950933663614
Encrypted:	false
SSDEEP:
MD5:	612654743950CA7CC66F03442A21365A
SHA1:	033D583467F9E80DF1D89DCDC0D6F87C1A387103
SHA-256:	8291CCC401C44A82198EB764B095006F2AAB420DAC34000B8FF15138C7EE36C5
SHA-512:	628C3BBB2323652BF0776FCEEB69E1B1955A9DB0E14BD1015F36B44DCC2B67504AB0146C1A32375E3BB14D04A204E6B9B708E6251E3367007385F8874EAE57DC
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo36.7650ba577c53d9e0f615.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[36],{5276:(e,t,n)=>{n.r(t),n.d(t,{Calendar:()=>pe,Clock:()=>ke,ClockView:()=>Se,DatePicker:()=>kt,DateTimePicker:()=>Qt,Day:()=>_,KeyboardDatePicker:()=>Mt,KeyboardDateTimePicker:()=>qt,KeyboardTimePicker:()=>Lt,MuiPickersContext:()=>a,MuiPickersUtilsProvider:()=>o,Picker:()=>_e,TimePicker:()=>jt,TimePickerView:()=>Ie,makePickerWithState:()=>yt,useKeyboardPickerState:()=>bt,usePickerState:()=>ht,useStaticState:()=>Xt,useUtils:()=>i,validate:()=>ct});var r=n(35776),a=(0,r.createContext)(null),o=function(e){var t=e.utils,n=e.children,o=e.locale,i=e.libInstance,l=(0,r.useMemo)((function(){return new t({locale:o,instance:i})}),[t,i,o]);return(0,r.createElement)(a.Provider,{value:l,children:n})};function i(){var e=(0,r.useContext)(a);return function(e){if(!e)throw new Error("Can not find utils in context. You either a) forgot to wrap your component tree in MuiPickersUtilsProvider; o

Chrome Cache Entry: 216

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (42469), with no line terminators
Category:	downloaded
Size (bytes):	42470
Entropy (8bit):	5.430574714885579
Encrypted:	false
SSDEEP:
MD5:	C11E7097828201E102899BE99E77D2C2
SHA1:	C93A86F91CCDC668A8B80F93C206EC2D4EE4BB55
SHA-256:	5C0EEDA9D48EFC5CF30A6C517FED53D177D454E9DA800680782A0578CFAE89B3
SHA-512:	0F90B85EBA7B013EE7FD34C30E92EF46E8E0952DEA6BB3B22601F09F55D816128455B6FF07AB14FA5462911E66959478A57599A9F9D1AF5B77118385C7C3F85D
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendorVenmo42.db2dd660920af1943272.js
Preview:	"use strict";(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[42],{41423:(e,t,o)=>{o.d(t,{Z:()=>u});var n=o(45987),r=o(4942),a=o(87462),i=o(35776),l=o(86010),c=o(52543),s=o(32467),d=o(93871),f=i.forwardRef((function(e,t){var o=e.classes,r=e.className,c=e.disabled,f=void 0!==c&&c,u=e.disableFocusRipple,p=void 0!==u&&u,m=e.fullWidth,v=e.icon,h=e.indicator,g=e.label,b=e.onChange,y=e.onClick,Z=e.onFocus,x=e.selected,w=e.selectionFollowsFocus,E=e.textColor,C=void 0===E?"inherit":E,A=e.value,R=e.wrapped,T=void 0!==R&&R,P=(0,n.Z)(e,["classes","className","disabled","disableFocusRipple","fullWidth","icon","indicator","label","onChange","onClick","onFocus","selected","selectionFollowsFocus","textColor","value","wrapped"]);return i.createElement(s.Z,(0,a.Z)({focusRipple:!p,className:(0,l.default)(o.root,o["textColor".concat((0,d.Z)(C))],r,f&&o.disabled,x&&o.selected,g&&v&&o.labelIcon,m&&o.fullWidth,T&&o.wrapped),ref:t,role:"tab","aria-selected":x,d

Chrome Cache Entry: 217

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	135
Entropy (8bit):	5.077581773106507
Encrypted:	false
SSDEEP:
MD5:	E2A244D69BD948F5AA1E6AABCE97E635
SHA1:	15C84419D83DA9B0F33989D85CDCB0138EC469E2
SHA-256:	94F95366B3F5664D687C03C7E150B70AD8DA3222FA4554303224C5B1530BEC1F
SHA-512:	13BC5A629C3BA6695BF99416A81B230BF826A2274FB09A8FCD3E99F27BE619591E2A0D4BDC399F8CA1AC9AA736F69C78BD4C884499211E98F3293F5225C8B65D
Malicious:	false
Reputation:	unknown
URL:	https://account.venmo.com/_next/static/KayRtQ_1ym5_-NM6DR61r/_ssgManifest.js
Preview:	self.__SSG_MANIFEST=new Set(["\u002Fwebviews","\u002F404","\u002Flogin-return-error"]);self.__SSG_MANIFEST_CB&&self.__SSG_MANIFEST_CB()

Chrome Cache Entry: 218

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (62368)
Category:	downloaded
Size (bytes):	91751
Entropy (8bit):	5.384493941392022
Encrypted:	false
SSDEEP:
MD5:	7290D5D6AD366078FFDF0E80CF188239
SHA1:	9F0BC8B3BA87113732D524B861247AD7B8B41555
SHA-256:	3E685400F0CAC1F57A85EAE22B1BF541C347D1A9D463633C1830C99D06E96012
SHA-512:	2F4D92BE887ED68B90E2161FB9FC47918D0631763CBC674F675623E699A27C71ED1D8C8D0D5A6CFD65E31380F15EF92A58E7514CA6BD9C11D682FDF324FB5953
Malicious:	false
Reputation:	unknown
URL:	https://www.paypalobjects.com/ice/vendor1.2558024aca1e717b5875.js
Preview:	(self.webpackChunkidentityclientexperience=self.webpackChunkidentityclientexperience\|\|[]).push([[1],{3655:(e,t,n)=>{var r=n(32792);function o(e){this.mode=r.MODE_8BIT_BYTE,this.data=e}o.prototype={getLength:function(e){return this.data.length},write:function(e){for(var t=0;t<this.data.length;t++)e.put(this.data.charCodeAt(t),8)}},e.exports=o},27321:e=>{function t(){this.buffer=new Array,this.length=0}t.prototype={get:function(e){var t=Math.floor(e/8);return 1==(this.buffer[t]>>>7-e%8&1)},put:function(e,t){for(var n=0;n<t;n++)this.putBit(1==(e>>>t-n-1&1))},getLengthInBits:function(){return this.length},putBit:function(e){var t=Math.floor(this.length/8);this.buffer.length<=t&&this.buffer.push(0),e&&(this.buffer[t]\|=128>>>this.length%8),this.length++}},e.exports=t},49381:e=>{e.exports={L:1,M:0,Q:3,H:2}},32832:(e,t,n)=>{var r=n(11518);function o(e,t){if(null==e.length)throw new Error(e.length+"/"+t);for(var n=0;n<e.length&&0==e[n];)n++;this.num=new Array(e.length-n+t);for(var r=0;r<e.lengt

Chrome Cache Entry: 219

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (631)
Category:	downloaded
Size (bytes):	517649
Entropy (8bit):	5.713376874006511
Encrypted:	false
SSDEEP:
MD5:	E2E79D6B927169D9E0E57E3BAECC0993
SHA1:	1299473950B2999BA0B7F39BD5E4A60EAFD1819D
SHA-256:	231336ED913A5EBD4445B85486E053CAF2B81CAB91318241375F3F7A245B6C6B
SHA-512:	D6A2ED7B19E54D1447EE9BBC684AF7101B48086945A938A5F9B6AE74ACE30B9A98CA83D3183814DD3CC40F251AB6433DC7F8B425F313EA9557B83E1C2E035DFF
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. SPDX-License-Identifier: Apache-2.0././.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT././*.. Apache License. Version 2.0, January 2004. https://www.apache.org/licenses/.. TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION.. 1. Definitions... "License" shall mean the terms and conditions for use, reproduction,. and distribution as defined by Sections 1 through 9 of this document... "Licensor" shall mean the copyright owner or entity authorized by. the copyright owner that is granting the License... "Legal Entity" shall mean the union of the acting entity and all. other entities that contro

Chrome Cache Entry: 220

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2757)
Category:	downloaded
Size (bytes):	9251
Entropy (8bit):	5.240729206371443
Encrypted:	false
SSDEEP:
MD5:	088FA7DB8243C2C7B39F0A523AC0A86D
SHA1:	44D814F1B33CEC7AA06A5FC49B7A39B5240B60E0
SHA-256:	7E0D73FC4CD402BDF341113BFF6F06071565DF06D0085CE467FF42BA78DEBFCC
SHA-512:	7C3D5696065ACA65B86DFB95AE7F3431857BC6C0C368C5DB7884B10D9C5AE54134D875466504F5D738795AE3DBF03C574674F5854FCB2ADEEF1107E0B728B14B
Malicious:	false
Reputation:	unknown
URL:	https://account.venmo.com/_next/static/css/d2e0235ec2abf5c3.css
Preview:	@font-face{font-family:"Scto Grotesk A";font-style:normal;font-weight:400;src:local("Scto Grotesk A"),url("/static/fonts/Scto-Grotesk-A-Regular.woff") format("woff")}@font-face{font-family:"Scto Grotesk A Italic";font-style:italic;font-weight:400;src:local("Scto Grotesk A Italic"),url("/static/fonts/Scto-Grotesk-A-Regular-Italic.woff") format("woff")}@font-face{font-family:"Scto Grotesk A Medium";font-style:normal;font-weight:500;src:local("Scto Grotesk A Medium"),url("/static/fonts/Scto-Grotesk-A-Medium.woff") format("woff")}@font-face{font-family:"Scto Grotesk A Bold";font-style:normal;font-weight:700;src:local("Scto Grotesk A Bold"),url("/static/fonts/Scto-Grotesk-A-Bold.woff") format("woff")}@font-face{font-family:"Athletics Regular";font-style:normal;font-weight:400;src:local("Athletics"),url("/static/fonts/Athletics-Regular.woff") format("woff")}@font-face{font-family:"Athletics Medium";font-style:normal;font-weight:500;src:local("Athletics"),url("/static/fonts/Athletics-Medium.w

Static File Info

⊘No static file info