Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report http://test-for-coronavirus.service.gov.uk

Overview

General Information

Sample URL:http://test-for-coronavirus.service.gov.uk
Analysis ID:348814

Most interesting Screenshot:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

HTML title does not match URL

Classification

Startup

  • System is w10x64
  • iexplore.exe (PID: 5188 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)
    • iexplore.exe (PID: 5832 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5188 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://www.gov.uk/browse/businessHTTP Parser: Title: Browse: Business and self-employed - GOV.UK does not match URL
Source: https://www.gov.uk/browse/benefitsHTTP Parser: Title: Browse: Benefits - GOV.UK does not match URL
Source: https://www.gov.uk/help/cookie-detailsHTTP Parser: Title: Details about cookies on GOV.UK - GOV.UK does not match URL
Source: https://www.gov.uk/coronavirusHTTP Parser: Title: Coronavirus (COVID-19): guidance and support - GOV.UK does not match URL
Source: https://www.gov.uk/browse/childcare-parentingHTTP Parser: Title: Browse: Childcare and parenting - GOV.UK does not match URL
Source: https://www.gov.uk/transitionHTTP Parser: Title: Brexit - GOV.UK does not match URL
Source: https://www.gov.uk/browse/citizenshipHTTP Parser: Title: Browse: Citizenship and living in the UK - GOV.UK does not match URL
Source: https://www.gov.uk/help/cookiesHTTP Parser: Title: Cookies on GOV.UK does not match URL
Source: https://www.gov.uk/HTTP Parser: Title: Welcome to GOV.UK does not match URL
Source: https://www.gov.uk/browse/births-deaths-marriagesHTTP Parser: Title: Browse: Births, deaths, marriages and care - GOV.UK does not match URL
Source: https://www.gov.uk/help/cookies#contentHTTP Parser: Title: Cookies on GOV.UK does not match URL
Source: https://www.gov.uk/help/cookiesHTTP Parser: Title: Cookies on GOV.UK does not match URL
Source: https://www.gov.uk/browse/businessHTTP Parser: Title: Browse: Business and self-employed - GOV.UK does not match URL
Source: https://www.gov.uk/browse/benefitsHTTP Parser: Title: Browse: Benefits - GOV.UK does not match URL
Source: https://www.gov.uk/help/cookie-detailsHTTP Parser: Title: Details about cookies on GOV.UK - GOV.UK does not match URL
Source: https://www.gov.uk/coronavirusHTTP Parser: Title: Coronavirus (COVID-19): guidance and support - GOV.UK does not match URL
Source: https://www.gov.uk/browse/childcare-parentingHTTP Parser: Title: Browse: Childcare and parenting - GOV.UK does not match URL
Source: https://www.gov.uk/transitionHTTP Parser: Title: Brexit - GOV.UK does not match URL
Source: https://www.gov.uk/browse/citizenshipHTTP Parser: Title: Browse: Citizenship and living in the UK - GOV.UK does not match URL
Source: https://www.gov.uk/help/cookiesHTTP Parser: Title: Cookies on GOV.UK does not match URL
Source: https://www.gov.uk/HTTP Parser: Title: Welcome to GOV.UK does not match URL
Source: https://www.gov.uk/browse/births-deaths-marriagesHTTP Parser: Title: Browse: Births, deaths, marriages and care - GOV.UK does not match URL
Source: https://www.gov.uk/help/cookies#contentHTTP Parser: Title: Cookies on GOV.UK does not match URL
Source: https://www.gov.uk/help/cookiesHTTP Parser: Title: Cookies on GOV.UK does not match URL
Source: https://www.gov.uk/browse/businessHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/browse/benefitsHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/help/cookie-detailsHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/coronavirusHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/browse/childcare-parentingHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/transitionHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/browse/citizenshipHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/help/cookiesHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/HTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/browse/births-deaths-marriagesHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/help/cookies#contentHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/help/cookiesHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/browse/businessHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/browse/benefitsHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/help/cookie-detailsHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/coronavirusHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/browse/childcare-parentingHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/transitionHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/browse/citizenshipHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/help/cookiesHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/HTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/browse/births-deaths-marriagesHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/help/cookies#contentHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/help/cookiesHTTP Parser: No <meta name="author".. found
Source: https://www.gov.uk/browse/businessHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/browse/benefitsHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/help/cookie-detailsHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/coronavirusHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/browse/childcare-parentingHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/transitionHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/browse/citizenshipHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/help/cookiesHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/HTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/browse/births-deaths-marriagesHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/help/cookies#contentHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/help/cookiesHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/browse/businessHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/browse/benefitsHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/help/cookie-detailsHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/coronavirusHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/browse/childcare-parentingHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/transitionHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/browse/citizenshipHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/help/cookiesHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/HTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/browse/births-deaths-marriagesHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/help/cookies#contentHTTP Parser: No <meta name="copyright".. found
Source: https://www.gov.uk/help/cookiesHTTP Parser: No <meta name="copyright".. found

Compliance:

barindex
Uses new MSVCR DllsShow sources
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeFile opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll
Uses secure TLS version for HTTPS connectionsShow sources
Source: unknownHTTPS traffic detected: 13.225.78.60:443 -> 192.168.2.4:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.0.144:443 -> 192.168.2.4:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.0.144:443 -> 192.168.2.4:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.0.144:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: test-for-coronavirus.service.gov.ukConnection: Keep-Alive
Source: transition[1].htm.2.drString found in binary or memory: <a target="_blank" rel="noopener noreferrer external" data-track-category="social media" data-track-action="facebook" class="gem-c-share-links__link " href="https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.gov.uk%2Ftransition"> equals www.facebook.com (Facebook)
Source: transition[1].htm.2.drString found in binary or memory: <a target="_blank" rel="noopener noreferrer external" data-track-category="social media" data-track-action="linkedin" class="gem-c-share-links__link " href="http://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.gov.uk%2Ftransition&amp;title=UK's%20new%20start:%20let's%20get%20going-%20GOV.UK"> equals www.linkedin.com (Linkedin)
Source: transition[1].htm.2.drString found in binary or memory: <a target="_blank" rel="noopener noreferrer external" data-track-category="social media" data-track-action="twitter" class="gem-c-share-links__link " href="https://twitter.com/share?url=https%3A%2F%2Fwww.gov.uk%2Ftransition"> equals www.twitter.com (Twitter)
Source: coronavirus[1].htm.2.drString found in binary or memory: <a class="covid__topic-list-link govuk-link" data-module="track-click" data-track-category="pageElementInteraction" data-track-action="CoronavirusInformation" data-track-label="https://www.youtube.com/user/Number10gov/videos" href="https://www.youtube.com/user/Number10gov/videos">Press conferences (YouTube)</a> equals www.youtube.com (Youtube)
Source: transition[1].htm.2.drString found in binary or memory: <a href="https://www.youtube.com/watch?v=AesZZsO9mm4" class="govuk-body govuk-link" data-youtube-player-analytics="true" data-youtube-player-analytics-category="EmbeddedYoutube"> equals www.youtube.com (Youtube)
Source: msapplication.xml0.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0x41841c90,0x01d6fb12</date><accdate>0x41841c90,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook)
Source: msapplication.xml0.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0x41841c90,0x01d6fb12</date><accdate>0x41841c90,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook)
Source: msapplication.xml5.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0x419e5667,0x01d6fb12</date><accdate>0x419e5667,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter)
Source: msapplication.xml5.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0x419e5667,0x01d6fb12</date><accdate>0x419e5667,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter)
Source: msapplication.xml7.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0x41a0b8a2,0x01d6fb12</date><accdate>0x41a0b8a2,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube)
Source: msapplication.xml7.1.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0x41a0b8a2,0x01d6fb12</date><accdate>0x41a0b8a2,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube)
Source: unknownDNS traffic detected: queries for: test-for-coronavirus.service.gov.uk
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: http://feross.org
Source: childcare-parenting[1].htm.2.dr, get-coronavirus-test[1].htm.2.drString found in binary or memory: http://schema.org
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: http://underscorejs.org/LICENSE
Source: msapplication.xml.1.drString found in binary or memory: http://www.amazon.com/
Source: msapplication.xml1.1.drString found in binary or memory: http://www.google.com/
Source: transition[1].htm.2.drString found in binary or memory: http://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.gov.uk%2Ftransition&amp;title=UK
Source: msapplication.xml2.1.drString found in binary or memory: http://www.live.com/
Source: msapplication.xml3.1.drString found in binary or memory: http://www.nytimes.com/
Source: msapplication.xml4.1.drString found in binary or memory: http://www.reddit.com/
Source: msapplication.xml5.1.drString found in binary or memory: http://www.twitter.com/
Source: msapplication.xml6.1.drString found in binary or memory: http://www.wikipedia.com/
Source: msapplication.xml7.1.drString found in binary or memory: http://www.youtube.com/
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://111.wales.nhs.uk/coronavirus(2019ncov)
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://ads-prd-gov-1-sp.test-for-coronavirus.service.gov.uk
Source: analytics[1].js.2.drString found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://api.key-worker-coronavirus-home-testing.service.gov.uk
Source: transition[1].htm.2.drString found in binary or memory: https://api.whatsapp.com/send?text=https://www.gov.uk%2Ftransition
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://assets.adobedtm.com/launch-ENe7f6cdd7cc05409b86547d9153429788.min.js
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://auth.login.nhs.uk/authorize
Source: coronavirus[1].htm.2.drString found in binary or memory: https://coronavirus.data.gov.uk/
Source: B3G463H9.htm.2.drString found in binary or memory: https://covid19.nhs.uk/
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
Source: coronavirus[1].htm.2.drString found in binary or memory: https://gov.wales/coronavirus
Source: coronavirus[1].htm.2.drString found in binary or memory: https://gov.wales/covid-19-alert-levels?priority-taxon=774cee22-d896-44c1-a611-e3109cce8eae
Source: cookie-details[1].htm.2.drString found in binary or memory: https://ico.org.uk/for-the-public/online/cookies
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://key-worker-coronavirus-home-testing.service.gov.uk/
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://lodash.com/
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://lodash.com/license
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://mcmw.abilitynet.org.uk/
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://nhsdigital.eu.qualtrics.com/jfe/form/SV_0cbv0CQlMVz4RDL
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://nhsdigital.eu.qualtrics.com/jfe/form/SV_3aat0cpPDmep4pL?Q_PopulateResponse=
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://nhsdigital.eu.qualtrics.com/jfe/form/SV_9LY9JqjldpcO1cF
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://nhsdigital.eu.qualtrics.com/jfe/form/SV_9nlBZPMlvhP4wSx
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://npms.io/search?q=ponyfill.
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://openjsf.org/
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://organisation-number-lookup.test-for-coronavirus.service.gov.uk/
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://organisations.test-for-coronavirus.service.gov.uk
Source: coronavirus[1].htm.2.drString found in binary or memory: https://phw.nhs.wales/topics/immunisation-and-vaccines/covid-19-vaccination-information/?priority-ta
Source: coronavirus[1].htm.2.drString found in binary or memory: https://schema.org
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://sdsapi-prd-gov-1-sp.test-for-coronavirus.service.gov.uk
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://self-referral.test-for-coronavirus.service.gov.uk/antigen
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://self-referral.test-for-coronavirus.service.gov.uk/test-type
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://serapi-prd-gov-1-sp.test-for-coronavirus.service.gov.uk
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://settings.login.nhs.uk/
Source: analytics[1].js.2.drString found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chunk-vendors.33f4ad10[1].js.2.drString found in binary or memory: https://tdsapi-prd-gov-1-sp.test-for-coronavirus.service.gov.uk
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://test-for-coronavirus.service.gov.uk/
Source: {71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat.1.drString found in binary or memory: https://test-for-coronavirus.service.gov.uk/Root
Source: imagestore.dat.2.drString found in binary or memory: https://test-for-coronavirus.service.gov.uk/de7abc5226925203ac10b0a4a94af949.ico
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://test-for-coronavirus.service.gov.uk/register
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://test-for-coronavirus.service.gov.uk/register-home-test
Source: coronavirus[1].htm.2.drString found in binary or memory: https://test-for-coronavirus.service.gov.uk/register/validate-code?priority-taxon=774cee22-d896-44c1
Source: transition[1].htm.2.drString found in binary or memory: https://twitter.com/share?url=https%3A%2F%2Fwww.gov.uk%2Ftransition
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.citizensadvice.org.uk/work/coronavirus-if-youre-worried-about-working?priority-taxon=774
Source: analytics[1].js.2.drString found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.2.drString found in binary or memory: https://www.google.%/ads/ga-audiences
Source: analytics[1].js.2.drString found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.gov.scot/coronavirus-covid-19/
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.gov.scot/publications/coronavirus-covid-19-protection-levels/pages/protection-levels-by-
Source: cookies[1].htm.2.dr, cookie-details[1].htm.2.dr, core-layout-print-c5e97d0ed0feb1d1fc703ef0ed5201026330ec091e02c33fb1db277df068ede5[1].css.2.drString found in binary or memory: https://www.gov.uk
Source: transition[1].htm.2.drString found in binary or memory: https://www.gov.uk%2Ftransition/&amp;subject=UK
Source: B3G463H9.htm.2.drString found in binary or memory: https://www.gov.uk/
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.gov.uk/apply-coronavirus-test
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://www.gov.uk/apply-coronavirus-test-essential-workers
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/collections/nhs-logo-56b9384aa9a842b9de96d72c468fbbdb1d6a1455124cf382f7524
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/collections/stay-at-home-social-share-b88ff9b9ed377a3204bd07cfc8386d62db73
Source: transition[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/collections/transition-period-0159975f0ff8e8a74b9a758d6b20b731cc8d416f5cc4
Source: cookie-details[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/government-frontend/govuk_publishing_components/govuk-logo-e5962881254c9ad
Source: cookie-details[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/government-frontend/govuk_publishing_components/govuk-schema-placeholder-1
Source: cookie-details[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/government-frontend/govuk_publishing_components/govuk-schema-placeholder-4
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/apple-touch-icon-152x152-02457fcdcee8d309276305af2233d41bfb8fd055e8
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/apple-touch-icon-167x167-181e404a50c572923285fb83f0fbd78da6b4e38e3c
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/apple-touch-icon-180x180-ea1cbb1cbbeddfff275dfa6e8e46b84cd530892df7
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/apple-touch-icon-a318f305290c523aed80082456175b46c95350c0eeac93f42e
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/core-layout-5c9e91c1edfd49978562c26e27d70735f37888ac7de52549466b18d
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/core-layout-ie8-773f4cacc5b2d19e924e37800dca2a1e66acd94c661e1cd95a8
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/core-layout-print-c5e97d0ed0feb1d1fc703ef0ed5201026330ec091e02c33fb
Source: imagestore.dat.2.drString found in binary or memory: https://www.gov.uk/assets/static/favicon-8d811b8c3badbc0b0e2f6e25d3660a96cc0cca7993e6f32e98785f205fc
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464
Source: fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drString found in binary or memory: https://www.gov.uk/assets/static/fonts/v1-2c037cf7e1-light-1a1bd902f82aaab4185bc1995206ccdead57a5b0a
Source: fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drString found in binary or memory: https://www.gov.uk/assets/static/fonts/v1-357fdfbcc3-tabular-bold-0cff7dfafbfd65a765046861e6967892b2
Source: fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drString found in binary or memory: https://www.gov.uk/assets/static/fonts/v1-458f8ea81c-light-048b93884a1b51d20f2a3140541d450cb6b82c6c2
Source: fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drString found in binary or memory: https://www.gov.uk/assets/static/fonts/v1-498ea8ffe2-tabular-light-c45387d8b19c716ac713adceddbbfaafc
Source: fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drString found in binary or memory: https://www.gov.uk/assets/static/fonts/v1-62cc6f0a28-tabular-light-b36c2402a99df8f8195129efa8edbd6ec
Source: fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drString found in binary or memory: https://www.gov.uk/assets/static/fonts/v1-784c21afb8-tabular-bold-d75e574d251becd00e5f90b6b4698042f9
Source: fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drString found in binary or memory: https://www.gov.uk/assets/static/fonts/v1-851b10ccdd-tabular-light-5f44884b5bbefe279fb3529a09941c7c1
Source: fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drString found in binary or memory: https://www.gov.uk/assets/static/fonts/v1-a2452cb66f-bold-be83c947da6c602697be56d5f04bab2074ad9e8e7f
Source: fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drString found in binary or memory: https://www.gov.uk/assets/static/fonts/v1-b89238d840-tabular-bold-93bffa08f1c078b5d95e15683b5e77b9b3
Source: fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drString found in binary or memory: https://www.gov.uk/assets/static/fonts/v1-f38ad40456-light-b98fe790388f58c950f2bed1ca8ad02fa168d6eff
Source: fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drString found in binary or memory: https://www.gov.uk/assets/static/fonts/v1-f38c792ac2-bold-01c73d5dd84423dd2fc30aabd1de09a86b36b6de9e
Source: fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drString found in binary or memory: https://www.gov.uk/assets/static/fonts/v1-fb2676462a-bold-a49a59a7c9fc3873b9b864f9185ba79d7848db4b4e
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/global-bar-init-8937018756a61669aeb0eb79274b88cfdcb3ef4b32093b7a72b
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/gov.uk_logotype_crown-de738c3fcce8ce2a91b67e89787090dc24a5cda0275ab
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/gov.uk_logotype_crown_invert_trans-203e1db49d3eff430d7dc450ce723c10
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/govuk-template-3e3f4a131aca72f9b2e458dfd318f65420aef6ada35539243aac
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/govuk-template-ie8-e4fff1a2ce0e93e66e96db6eedae992a3859b1e608aa46bd
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/govuk-template-print-1076519521c2fffbbf75ab3b0d3b32ee2d96ac7e9778f1
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/header-footer-only-f3ca9f5744a1346a673f6e1f6e4718387458bf7290b2f8e8
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/ie-a4524544a53d57a7e259b4bb966b9c32557c98c920b77e52d09304642b68401a
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/libs/jquery/jquery-1.12.4-c731c20e2995c576b0509d3bd776f7ab64a66b953
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/opengraph-image-a1f7d89ffd0782738b1aeb0da37842d8bd0addbd724b8e58c3e
Source: cookies[1].htm.2.drString found in binary or memory: https://www.gov.uk/assets/static/surveys-b5737b46c55d5682514456a1bf0cea2075accf1fb9a09c790d988346bda
Source: {71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat.1.drString found in binary or memory: https://www.gov.uk/bro
Source: ~DFAF42DC3D297B44A5.TMP.1.dr, benefits[1].htm.2.drString found in binary or memory: https://www.gov.uk/browse/benefits
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/browse/benefits2Browse:
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/browse/benefitsls
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/browse/benefitslsf
Source: ~DFAF42DC3D297B44A5.TMP.1.dr, births-deaths-marriages[1].htm.2.drString found in binary or memory: https://www.gov.uk/browse/births-deaths-marriages
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/browse/births-deaths-marriagesfBrowse:
Source: ~DFAF42DC3D297B44A5.TMP.1.dr, business[1].htm.2.drString found in binary or memory: https://www.gov.uk/browse/business
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/browse/businessVBrowse:
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/browse/businessths-marriages
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/browse/businessths-marriagesf
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/browse/childcare-parenting
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/browse/childcare-parentingPBrowse:
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/browse/childcare-parentingges
Source: ~DFAF42DC3D297B44A5.TMP.1.dr, citizenship[1].htm.2.drString found in binary or memory: https://www.gov.uk/browse/citizenship
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/browse/citizenshipbBrowse:
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/browse/citizenshiprentingey
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/browse/citizenshiprentingl
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.gov.uk/check-school-closure
Source: {71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat.1.drString found in binary or memory: https://www.gov.uk/cor
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.gov.uk/coronavirus
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.gov.uk/coronavirus-taxon
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.gov.uk/coronavirus-taxon/rules-and-restrictions
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.gov.uk/coronavirus-taxon/testing
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/coronaviruscontentbc0b0e2f6e25d3660a96cc0cca7993e6f32e98785f205fc40907.ico
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/coronavirusjCoronavirus
Source: {71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat.1.drString found in binary or memory: https://www.gov.uk/el
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/elp/cookiescontent
Source: {71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat.1.drString found in binary or memory: https://www.gov.uk/get
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.gov.uk/get-coronavirus-test
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.gov.uk/get-coronavirus-test#get-a-free-test-online
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.gov.uk/get-coronavirus-test#get-help-applying
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.gov.uk/get-coronavirus-test#get-tested-as-soon-as-possible-if-you-have-symptoms
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.gov.uk/get-coronavirus-test#getting-a-test-for-someone-else
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.gov.uk/get-coronavirus-test#if-you-have-no-symptoms
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.gov.uk/get-coronavirus-test#if-you-need-medical-advice-about-your-symptoms
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.gov.uk/get-coronavirus-test#if-youre-going-into-hospital
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.gov.uk/get-coronavirus-test#stay-at-home-if-you-have-symptoms
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.gov.uk/get-coronavirus-test#what-the-test-involves
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/get-coronavirus-test.uk/
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/get-coronavirus-test.uk/p
Source: {71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat.1.drString found in binary or memory: https://www.gov.uk/get-coronavirus-testzGet
Source: {71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat.1.drString found in binary or memory: https://www.gov.uk/getavirus.service.gov.uk/-coronavirus-test.uk/Root
Source: cookies[1].htm.2.dr, cookie-details[1].htm.2.drString found in binary or memory: https://www.gov.uk/government/organisations/government-digital-service
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.gov.uk/government/publications/coronavirus-outbreak-faqs-what-you-can-and-cant-do/corona
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.gov.uk/government/publications/covid-19-track-coronavirus-cases
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.gov.uk/guidance/coronavirus-covid-19-uk-transport-and-travel-advice
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.gov.uk/guidance/get-a-test-for-coronavirus-covid-19-if-you-do-not-have-symptoms
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.gov.uk/guidance/travel-advice-novel-coronavirus
Source: {71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat.1.drString found in binary or memory: https://www.gov.uk/hel
Source: cookie-details[1].htm.2.drString found in binary or memory: https://www.gov.uk/help/cookie-details
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/help/cookie-detailsPDetails
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/help/cookies
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/help/cookies#content
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/help/cookies#content.uk/(()
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/help/cookiescontent
Source: ~DFAF42DC3D297B44A5.TMP.1.drString found in binary or memory: https://www.gov.uk/help/cookiesus-test.uk/
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://www.gov.uk/report-covid19-result
Source: {71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat.1.drString found in binary or memory: https://www.gov.uk/tra
Source: transition[1].htm.2.drString found in binary or memory: https://www.gov.uk/transition
Source: transition[1].htm.2.drString found in binary or memory: https://www.gov.uk/transition-check/login
Source: {71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat.1.drString found in binary or memory: https://www.gov.uunknown
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.legislation.gov.uk/coronavirus
Source: cookies[1].htm.2.drString found in binary or memory: https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/
Source: cookies[1].htm.2.drString found in binary or memory: https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/uk-gov
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.nhs.uk/
Source: get-coronavirus-test[1].htm.2.dr, coronavirus[1].htm.2.drString found in binary or memory: https://www.nhs.uk/conditions/coronavirus-covid-19/
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.nhs.uk/conditions/coronavirus-covid-19/coronavirus-vaccination/coronavirus-vaccine/?prio
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.nhs.uk/conditions/coronavirus-covid-19/self-isolation-and-treatment/when-to-self-isolate
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://www.nhs.uk/conditions/coronavirus-covid-19/testing-and-tracing/nhs-test-and-trace-if-youre-c
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.nhsinform.scot/healthy-living/immunisation/vaccines/coronavirus-covid-19-vaccine?priorit
Source: get-coronavirus-test[1].htm.2.drString found in binary or memory: https://www.nhsinform.scot/illnesses-and-conditions/infections-and-poisoning/coronavirus-covid-19
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.nidirect.gov.uk/articles/coronavirus-covid-19-regulations-guidance-what-restrictions-mea
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.nidirect.gov.uk/campaigns/coronavirus-covid-19
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.publichealth.hscni.net/covid-19-coronavirus/northern-ireland-covid-19-vaccination-progra
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://www.royalmail.com/services-near-you
Source: cookie-details[1].htm.2.drString found in binary or memory: https://www.smartsurvey.co.uk/
Source: cookie-details[1].htm.2.drString found in binary or memory: https://www.smartsurvey.co.uk/how-we-use-cookies
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.wikidata.org/wiki/Q81068910
Source: coronavirus[1].htm.2.drString found in binary or memory: https://www.youtube.com/user/Number10gov/videos
Source: transition[1].htm.2.drString found in binary or memory: https://www.youtube.com/watch?v=AesZZsO9mm4
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://youtu.be/eYETUcSFXmw
Source: app.f6cc719e[1].js.2.drString found in binary or memory: https://youtu.be/zCqo7MhQT6U
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownHTTPS traffic detected: 13.225.78.60:443 -> 192.168.2.4:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.0.144:443 -> 192.168.2.4:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.0.144:443 -> 192.168.2.4:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.0.144:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: classification engineClassification label: clean0.win@3/84@3/2
Source: C:\Program Files\internet explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71C4B54A-6705-11EB-90EB-ECF4BBEA1588}.datJump to behavior
Source: C:\Program Files\internet explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Temp\~DFF1BBD90A9C4D4EBC.TMPJump to behavior
Source: C:\Program Files\internet explorer\iexplore.exeFile read: C:\Users\desktop.iniJump to behavior
Source: unknownProcess created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: unknownProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5188 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exeProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5188 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exeAutomated click: Accept
Source: C:\Program Files\internet explorer\iexplore.exeAutomated click: Accept
Source: C:\Program Files\internet explorer\iexplore.exeAutomated click: Accept
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeFile opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection1Masquerading1OS Credential DumpingFile and Directory Discovery1Remote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol2Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol3Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled TransferIngress Tool Transfer1SIM Card SwapCarrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://test-for-coronavirus.service.gov.uk0%VirustotalBrowse
http://test-for-coronavirus.service.gov.uk0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
test-for-coronavirus.service.gov.uk0%VirustotalBrowse
www-gov-uk.map.fastly.net0%VirustotalBrowse
www.gov.uk0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
https://www.gov.uk/assets/static/gov.uk_logotype_crown_invert_trans-203e1db49d3eff430d7dc450ce723c100%Avira URL Cloudsafe
https://www.gov.uk%2Ftransition/&amp;subject=UK0%Avira URL Cloudsafe
https://www.nhs.uk/conditions/coronavirus-covid-19/self-isolation-and-treatment/when-to-self-isolate0%Avira URL Cloudsafe
https://serapi-prd-gov-1-sp.test-for-coronavirus.service.gov.uk0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/fonts/v1-458f8ea81c-light-048b93884a1b51d20f2a3140541d450cb6b82c6c20%Avira URL Cloudsafe
https://www.gov.uk/assets/static/fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea4640%Avira URL Cloudsafe
https://www.gov.uk/coronavirus-taxon0%Avira URL Cloudsafe
https://www.gov.uk/get-coronavirus-test#get-a-free-test-online0%Avira URL Cloudsafe
https://www.citizensadvice.org.uk/work/coronavirus-if-youre-worried-about-working?priority-taxon=7740%Avira URL Cloudsafe
https://www.gov.uk/apply-coronavirus-test0%Avira URL Cloudsafe
https://www.gov.uk/coronaviruscontentbc0b0e2f6e25d3660a96cc0cca7993e6f32e98785f205fc40907.ico0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/govuk-template-ie8-e4fff1a2ce0e93e66e96db6eedae992a3859b1e608aa46bd0%Avira URL Cloudsafe
https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/0%Avira URL Cloudsafe
http://test-for-coronavirus.service.gov.uk/0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/fonts/v1-f38ad40456-light-b98fe790388f58c950f2bed1ca8ad02fa168d6eff0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/fonts/v1-62cc6f0a28-tabular-light-b36c2402a99df8f8195129efa8edbd6ec0%Avira URL Cloudsafe
https://www.gov.uk/get-coronavirus-test#getting-a-test-for-someone-else0%Avira URL Cloudsafe
https://openjsf.org/0%URL Reputationsafe
https://openjsf.org/0%URL Reputationsafe
https://openjsf.org/0%URL Reputationsafe
https://www.gov.uk/get-coronavirus-testzGet0%Avira URL Cloudsafe
https://www.gov.uk/browse/citizenshipbBrowse:0%Avira URL Cloudsafe
https://sdsapi-prd-gov-1-sp.test-for-coronavirus.service.gov.uk0%Avira URL Cloudsafe
https://test-for-coronavirus.service.gov.uk/register-home-test0%Avira URL Cloudsafe
https://www.gov.uk/assets/government-frontend/govuk_publishing_components/govuk-logo-e5962881254c9ad0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/surveys-b5737b46c55d5682514456a1bf0cea2075accf1fb9a09c790d988346bda0%Avira URL Cloudsafe
https://www.gov.uk/government/organisations/government-digital-service0%Avira URL Cloudsafe
https://www.gov.uunknown0%Avira URL Cloudsafe
https://www.nidirect.gov.uk/campaigns/coronavirus-covid-190%Avira URL Cloudsafe
https://www.gov.uk/help/cookiesus-test.uk/0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/apple-touch-icon-a318f305290c523aed80082456175b46c95350c0eeac93f42e0%Avira URL Cloudsafe
https://test-for-coronavirus.service.gov.uk/0%Avira URL Cloudsafe
https://www.gov.uk/browse/citizenshiprentingl0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/header-footer-only-f3ca9f5744a1346a673f6e1f6e4718387458bf7290b2f8e80%Avira URL Cloudsafe
https://phw.nhs.wales/topics/immunisation-and-vaccines/covid-19-vaccination-information/?priority-ta0%Avira URL Cloudsafe
https://www.gov.uk/browse/births-deaths-marriagesfBrowse:0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/opengraph-image-a1f7d89ffd0782738b1aeb0da37842d8bd0addbd724b8e58c3e0%Avira URL Cloudsafe
https://www.gov.uk/assets/government-frontend/govuk_publishing_components/govuk-schema-placeholder-10%Avira URL Cloudsafe
https://www.gov.uk/assets/static/favicon-8d811b8c3badbc0b0e2f6e25d3660a96cc0cca7993e6f32e98785f205fc0%Avira URL Cloudsafe
https://www.nhs.uk/conditions/coronavirus-covid-19/0%Avira URL Cloudsafe
https://www.gov.uk/assets/government-frontend/govuk_publishing_components/govuk-schema-placeholder-40%Avira URL Cloudsafe
https://www.gov.uk/coronavirusjCoronavirus0%Avira URL Cloudsafe
https://www.nhs.uk/0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/fonts/v1-357fdfbcc3-tabular-bold-0cff7dfafbfd65a765046861e6967892b20%Avira URL Cloudsafe
https://www.gov.uk/browse/childcare-parentingges0%Avira URL Cloudsafe
https://www.smartsurvey.co.uk/0%Avira URL Cloudsafe
https://www.nidirect.gov.uk/articles/coronavirus-covid-19-regulations-guidance-what-restrictions-mea0%Avira URL Cloudsafe
https://organisation-number-lookup.test-for-coronavirus.service.gov.uk/0%Avira URL Cloudsafe
https://www.gov.uk/getavirus.service.gov.uk/-coronavirus-test.uk/Root0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/apple-touch-icon-152x152-02457fcdcee8d309276305af2233d41bfb8fd055e80%Avira URL Cloudsafe
https://www.gov.uk/assets/static/ie-a4524544a53d57a7e259b4bb966b9c32557c98c920b77e52d09304642b68401a0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/fonts/v1-2c037cf7e1-light-1a1bd902f82aaab4185bc1995206ccdead57a5b0a0%Avira URL Cloudsafe
https://www.nhs.uk/conditions/coronavirus-covid-19/testing-and-tracing/nhs-test-and-trace-if-youre-c0%Avira URL Cloudsafe
https://www.gov.uk/government/publications/coronavirus-outbreak-faqs-what-you-can-and-cant-do/corona0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/fonts/v1-fb2676462a-bold-a49a59a7c9fc3873b9b864f9185ba79d7848db4b4e0%Avira URL Cloudsafe
https://www.gov.uk/coronavirus-taxon/testing0%Avira URL Cloudsafe
https://tdsapi-prd-gov-1-sp.test-for-coronavirus.service.gov.uk0%Avira URL Cloudsafe
https://www.gov.uk/coronavirus-taxon/rules-and-restrictions0%Avira URL Cloudsafe
https://www.gov.uk/browse/benefits2Browse:0%Avira URL Cloudsafe
https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/uk-gov0%Avira URL Cloudsafe
https://www.gov.uk/report-covid19-result0%Avira URL Cloudsafe
https://www.gov.uk/check-school-closure0%Avira URL Cloudsafe
https://test-for-coronavirus.service.gov.uk/register0%Avira URL Cloudsafe
https://www.gov.uk/browse/businessths-marriagesf0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/fonts/v1-851b10ccdd-tabular-light-5f44884b5bbefe279fb3529a09941c7c10%Avira URL Cloudsafe
https://www.gov.uk/help/cookie-detailsPDetails0%Avira URL Cloudsafe
https://settings.login.nhs.uk/0%Avira URL Cloudsafe
https://auth.login.nhs.uk/authorize0%Avira URL Cloudsafe
https://www.gov.uk/get-coronavirus-test#get-help-applying0%Avira URL Cloudsafe
https://www.gov.uk/assets/collections/nhs-logo-56b9384aa9a842b9de96d72c468fbbdb1d6a1455124cf382f75240%Avira URL Cloudsafe
https://www.gov.uk/get-coronavirus-test#stay-at-home-if-you-have-symptoms0%Avira URL Cloudsafe
https://www.gov.uk/assets/static/fonts/v1-498ea8ffe2-tabular-light-c45387d8b19c716ac713adceddbbfaafc0%Avira URL Cloudsafe
https://www.gov.uk/get-coronavirus-test#what-the-test-involves0%Avira URL Cloudsafe
http://www.wikipedia.com/0%URL Reputationsafe
http://www.wikipedia.com/0%URL Reputationsafe
http://www.wikipedia.com/0%URL Reputationsafe
https://ads-prd-gov-1-sp.test-for-coronavirus.service.gov.uk0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
test-for-coronavirus.service.gov.uk
13.225.78.60
truefalseunknown
www-gov-uk.map.fastly.net
151.101.0.144
truefalseunknown
www.gov.uk
unknown
unknownfalseunknown

Contacted URLs

NameMaliciousAntivirus DetectionReputation
http://test-for-coronavirus.service.gov.uk/false
  • Avira URL Cloud: safe
unknown
https://www.gov.uk/browse/births-deaths-marriagesfalse
    		unknown
    https://www.gov.uk/browse/citizenshipfalse
      		unknown
      https://www.gov.uk/browse/businessfalse
        		unknown
        https://www.gov.uk/browse/childcare-parentingfalse
          		unknown
          https://www.gov.uk/help/cookiesfalse
            		unknown
            https://www.gov.uk/browse/benefitsfalse
              		unknown

              URLs from Memory and Binaries

              NameSourceMaliciousAntivirus DetectionReputation
              https://www.gov.uk/assets/static/gov.uk_logotype_crown_invert_trans-203e1db49d3eff430d7dc450ce723c10cookies[1].htm.2.drfalse
              • Avira URL Cloud: safe
              		unknown
              https://www.gov.uk%2Ftransition/&amp;subject=UKtransition[1].htm.2.drfalse
              • Avira URL Cloud: safe
              		low
              https://www.nhs.uk/conditions/coronavirus-covid-19/self-isolation-and-treatment/when-to-self-isolateget-coronavirus-test[1].htm.2.drfalse
              • Avira URL Cloud: safe
              		unknown
              https://serapi-prd-gov-1-sp.test-for-coronavirus.service.gov.ukchunk-vendors.33f4ad10[1].js.2.drfalse
              • Avira URL Cloud: safe
              		unknown
              https://gov.wales/covid-19-alert-levels?priority-taxon=774cee22-d896-44c1-a611-e3109cce8eaecoronavirus[1].htm.2.drfalse
                		high
                https://www.gov.uk/assets/static/fonts/v1-458f8ea81c-light-048b93884a1b51d20f2a3140541d450cb6b82c6c2fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drfalse
                • Avira URL Cloud: safe
                		unknown
                https://www.publichealth.hscni.net/covid-19-coronavirus/northern-ireland-covid-19-vaccination-progracoronavirus[1].htm.2.drfalse
                  		high
                  https://www.youtube.com/watch?v=AesZZsO9mm4transition[1].htm.2.drfalse
                    		high
                    https://youtu.be/zCqo7MhQT6Uapp.f6cc719e[1].js.2.drfalse
                      		high
                      https://www.gov.uk/assets/static/fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464cookies[1].htm.2.drfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://www.gov.uk/coronavirus-taxonget-coronavirus-test[1].htm.2.drfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://www.gov.uk/get-coronavirus-test#get-a-free-test-onlineget-coronavirus-test[1].htm.2.drfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://www.citizensadvice.org.uk/work/coronavirus-if-youre-worried-about-working?priority-taxon=774coronavirus[1].htm.2.drfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://www.gov.uk/apply-coronavirus-testcoronavirus[1].htm.2.drfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://www.gov.uk/coronaviruscontentbc0b0e2f6e25d3660a96cc0cca7993e6f32e98785f205fc40907.ico~DFAF42DC3D297B44A5.TMP.1.drfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://www.gov.uk/assets/static/govuk-template-ie8-e4fff1a2ce0e93e66e96db6eedae992a3859b1e608aa46bdcookies[1].htm.2.drfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://nhsdigital.eu.qualtrics.com/jfe/form/SV_9nlBZPMlvhP4wSxapp.f6cc719e[1].js.2.drfalse
                        		high
                        https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/cookies[1].htm.2.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://nhsdigital.eu.qualtrics.com/jfe/form/SV_3aat0cpPDmep4pL?Q_PopulateResponse=app.f6cc719e[1].js.2.drfalse
                          		high
                          https://stats.g.doubleclick.net/j/collectanalytics[1].js.2.drfalse
                            		high
                            https://www.gov.uk/assets/static/fonts/v1-f38ad40456-light-b98fe790388f58c950f2bed1ca8ad02fa168d6efffonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://www.gov.uk/assets/static/fonts/v1-62cc6f0a28-tabular-light-b36c2402a99df8f8195129efa8edbd6ecfonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://www.gov.uk/get-coronavirus-test#getting-a-test-for-someone-elseget-coronavirus-test[1].htm.2.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            http://www.reddit.com/msapplication.xml4.1.drfalse
                              		high
                              https://openjsf.org/chunk-vendors.33f4ad10[1].js.2.drfalse
                              • URL Reputation: safe
                              • URL Reputation: safe
                              • URL Reputation: safe
                              		unknown
                              https://www.gov.uk/get-coronavirus-testzGet{71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat.1.drfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://www.gov.uk/browse/citizenshipbBrowse:~DFAF42DC3D297B44A5.TMP.1.drfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://sdsapi-prd-gov-1-sp.test-for-coronavirus.service.gov.ukchunk-vendors.33f4ad10[1].js.2.drfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://test-for-coronavirus.service.gov.uk/register-home-testapp.f6cc719e[1].js.2.drfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://www.gov.uk/assets/government-frontend/govuk_publishing_components/govuk-logo-e5962881254c9adcookie-details[1].htm.2.drfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://www.gov.uk/assets/static/surveys-b5737b46c55d5682514456a1bf0cea2075accf1fb9a09c790d988346bdacookies[1].htm.2.drfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://www.gov.uk/government/organisations/government-digital-servicecookies[1].htm.2.dr, cookie-details[1].htm.2.drfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://schema.orgcoronavirus[1].htm.2.drfalse
                                		high
                                https://www.gov.uunknown{71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat.1.drfalse
                                • Avira URL Cloud: safe
                                		unknown
                                https://www.nidirect.gov.uk/campaigns/coronavirus-covid-19coronavirus[1].htm.2.drfalse
                                • Avira URL Cloud: safe
                                		unknown
                                http://underscorejs.org/LICENSEchunk-vendors.33f4ad10[1].js.2.drfalse
                                  		high
                                  https://www.nhsinform.scot/healthy-living/immunisation/vaccines/coronavirus-covid-19-vaccine?prioritcoronavirus[1].htm.2.drfalse
                                    		high
                                    https://www.gov.uk/help/cookiesus-test.uk/~DFAF42DC3D297B44A5.TMP.1.drfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://www.gov.uk/assets/static/apple-touch-icon-a318f305290c523aed80082456175b46c95350c0eeac93f42ecookies[1].htm.2.drfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://test-for-coronavirus.service.gov.uk/~DFAF42DC3D297B44A5.TMP.1.drfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://www.gov.uk/browse/citizenshiprentingl~DFAF42DC3D297B44A5.TMP.1.drfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://www.gov.uk/assets/static/header-footer-only-f3ca9f5744a1346a673f6e1f6e4718387458bf7290b2f8e8cookies[1].htm.2.drfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://www.gov.uk/browse/births-deaths-marriages~DFAF42DC3D297B44A5.TMP.1.dr, births-deaths-marriages[1].htm.2.drfalse
                                      		unknown
                                      https://phw.nhs.wales/topics/immunisation-and-vaccines/covid-19-vaccination-information/?priority-tacoronavirus[1].htm.2.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://www.gov.uk/browse/births-deaths-marriagesfBrowse:~DFAF42DC3D297B44A5.TMP.1.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://www.gov.uk/assets/static/opengraph-image-a1f7d89ffd0782738b1aeb0da37842d8bd0addbd724b8e58c3ecookies[1].htm.2.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://www.gov.uk/assets/government-frontend/govuk_publishing_components/govuk-schema-placeholder-1cookie-details[1].htm.2.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://www.gov.uk/assets/static/favicon-8d811b8c3badbc0b0e2f6e25d3660a96cc0cca7993e6f32e98785f205fcimagestore.dat.2.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://www.nhs.uk/conditions/coronavirus-covid-19/get-coronavirus-test[1].htm.2.dr, coronavirus[1].htm.2.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://www.gov.uk/assets/government-frontend/govuk_publishing_components/govuk-schema-placeholder-4cookie-details[1].htm.2.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://www.gov.uk/coronavirusjCoronavirus~DFAF42DC3D297B44A5.TMP.1.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://www.nhs.uk/coronavirus[1].htm.2.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://npms.io/search?q=ponyfill.chunk-vendors.33f4ad10[1].js.2.drfalse
                                        		high
                                        https://www.gov.uk/assets/static/fonts/v1-357fdfbcc3-tabular-bold-0cff7dfafbfd65a765046861e6967892b2fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drfalse
                                        • Avira URL Cloud: safe
                                        		unknown
                                        https://www.youtube.com/user/Number10gov/videoscoronavirus[1].htm.2.drfalse
                                          		high
                                          https://www.gov.uk/browse/childcare-parentingges~DFAF42DC3D297B44A5.TMP.1.drfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://www.amazon.com/msapplication.xml.1.drfalse
                                            		high
                                            https://www.smartsurvey.co.uk/cookie-details[1].htm.2.drfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://www.nidirect.gov.uk/articles/coronavirus-covid-19-regulations-guidance-what-restrictions-meacoronavirus[1].htm.2.drfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            http://www.twitter.com/msapplication.xml5.1.drfalse
                                              		high
                                              https://organisation-number-lookup.test-for-coronavirus.service.gov.uk/app.f6cc719e[1].js.2.drfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              https://www.gov.uk/getavirus.service.gov.uk/-coronavirus-test.uk/Root{71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat.1.drfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              https://www.gov.uk/assets/static/apple-touch-icon-152x152-02457fcdcee8d309276305af2233d41bfb8fd055e8cookies[1].htm.2.drfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              http://schema.orgchildcare-parenting[1].htm.2.dr, get-coronavirus-test[1].htm.2.drfalse
                                                		high
                                                https://www.gov.uk/assets/static/ie-a4524544a53d57a7e259b4bb966b9c32557c98c920b77e52d09304642b68401acookies[1].htm.2.drfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://www.gov.uk/assets/static/fonts/v1-2c037cf7e1-light-1a1bd902f82aaab4185bc1995206ccdead57a5b0afonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://www.nhs.uk/conditions/coronavirus-covid-19/testing-and-tracing/nhs-test-and-trace-if-youre-capp.f6cc719e[1].js.2.drfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://www.gov.scot/coronavirus-covid-19/coronavirus[1].htm.2.drfalse
                                                  		high
                                                  https://www.gov.uk/government/publications/coronavirus-outbreak-faqs-what-you-can-and-cant-do/coronacoronavirus[1].htm.2.drfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://www.gov.uk/assets/static/fonts/v1-fb2676462a-bold-a49a59a7c9fc3873b9b864f9185ba79d7848db4b4efonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://www.gov.uk/coronavirus-taxon/testingget-coronavirus-test[1].htm.2.drfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://tdsapi-prd-gov-1-sp.test-for-coronavirus.service.gov.ukchunk-vendors.33f4ad10[1].js.2.drfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://www.gov.uk/coronavirus-taxon/rules-and-restrictionscoronavirus[1].htm.2.drfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://www.nytimes.com/msapplication.xml3.1.drfalse
                                                    		high
                                                    https://www.gov.uk/browse/benefits2Browse:~DFAF42DC3D297B44A5.TMP.1.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/uk-govcookies[1].htm.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://www.gov.uk/report-covid19-resultapp.f6cc719e[1].js.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://www.gov.uk/check-school-closurecoronavirus[1].htm.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://test-for-coronavirus.service.gov.uk/registerapp.f6cc719e[1].js.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://www.gov.uk/browse/businessths-marriagesf~DFAF42DC3D297B44A5.TMP.1.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://www.gov.uk/help/cookies~DFAF42DC3D297B44A5.TMP.1.drfalse
                                                      		unknown
                                                      https://www.gov.uk/assets/static/fonts/v1-851b10ccdd-tabular-light-5f44884b5bbefe279fb3529a09941c7c1fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drfalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://youtu.be/eYETUcSFXmwapp.f6cc719e[1].js.2.drfalse
                                                        		high
                                                        https://www.gov.uk/help/cookie-detailsPDetails~DFAF42DC3D297B44A5.TMP.1.drfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://settings.login.nhs.uk/chunk-vendors.33f4ad10[1].js.2.drfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://auth.login.nhs.uk/authorizechunk-vendors.33f4ad10[1].js.2.drfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://www.gov.uk/get-coronavirus-test#get-help-applyingget-coronavirus-test[1].htm.2.drfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://www.gov.uk/assets/collections/nhs-logo-56b9384aa9a842b9de96d72c468fbbdb1d6a1455124cf382f7524coronavirus[1].htm.2.drfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://www.gov.uk/get-coronavirus-test#stay-at-home-if-you-have-symptomsget-coronavirus-test[1].htm.2.drfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://www.gov.uk/assets/static/fonts/v1-498ea8ffe2-tabular-light-c45387d8b19c716ac713adceddbbfaafcfonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css.2.drfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://www.gov.uk/get-coronavirus-test#what-the-test-involvesget-coronavirus-test[1].htm.2.drfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        http://www.wikipedia.com/msapplication.xml6.1.drfalse
                                                        • URL Reputation: safe
                                                        • URL Reputation: safe
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://ads-prd-gov-1-sp.test-for-coronavirus.service.gov.ukchunk-vendors.33f4ad10[1].js.2.drfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown

                                                        Contacted IPs

                                                        • No. of IPs < 25%
                                                        • 25% < No. of IPs < 50%
                                                        • 50% < No. of IPs < 75%
                                                        • 75% < No. of IPs

                                                        Public

                                                        IPDomainCountryFlagASNASN NameMalicious
                                                        151.101.0.144
                                                        		unknownUnited States
                                                        		54113FASTLYUSfalse
                                                        13.225.78.60
                                                        		unknownUnited States
                                                        		16509AMAZON-02USfalse

                                                        General Information

                                                        Joe Sandbox Version:31.0.0 Emerald
                                                        Analysis ID:348814
                                                        Start date:04.02.2021
                                                        Start time:17:23:38
                                                        Joe Sandbox Product:CloudBasic
                                                        Overall analysis duration:0h 4m 27s
                                                        Hypervisor based Inspection enabled:false
                                                        Report type:light
                                                        Cookbook file name:browseurl.jbs
                                                        Sample URL:http://test-for-coronavirus.service.gov.uk
                                                        Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                        Number of analysed new started processes analysed:4
                                                        Number of new started drivers analysed:0
                                                        Number of existing processes analysed:0
                                                        Number of existing drivers analysed:0
                                                        Number of injected processes analysed:0
                                                        Technologies:
                                                        • HCA enabled
                                                        • EGA enabled
                                                        • AMSI enabled
                                                        Analysis Mode:default
                                                        Analysis stop reason:Timeout
                                                        Detection:CLEAN
                                                        Classification:clean0.win@3/84@3/2
                                                        Cookbook Comments:
                                                        • Adjust boot time
                                                        • Enable AMSI
                                                        • Browsing link: https://www.gov.uk/help/cookies#content
                                                        • Browsing link: https://www.gov.uk/help/cookies
                                                        • Browsing link: https://www.gov.uk/
                                                        • Browsing link: https://www.gov.uk/coronavirus
                                                        • Browsing link: https://www.gov.uk/transition
                                                        • Browsing link: https://www.gov.uk/help/cookie-details
                                                        • Browsing link: https://www.gov.uk/browse/benefits
                                                        • Browsing link: https://www.gov.uk/browse/births-deaths-marriages
                                                        • Browsing link: https://www.gov.uk/browse/business
                                                        • Browsing link: https://www.gov.uk/browse/childcare-parenting
                                                        • Browsing link: https://www.gov.uk/browse/citizenship
                                                        Warnings:
                                                        Show All
                                                        • Exclude process from analysis (whitelisted): taskhostw.exe, ielowutil.exe
                                                        • TCP Packets have been reduced to 100
                                                        • Excluded IPs from analysis (whitelisted): 168.61.161.212, 13.88.21.125, 88.221.62.148, 172.217.23.46, 152.199.19.161, 2.20.142.210, 2.20.142.209
                                                        • Excluded domains from analysis (whitelisted): au.download.windowsupdate.com.edgesuite.net, www-google-analytics.l.google.com, ie9comview.vo.msecnd.net, skypedataprdcolcus17.cloudapp.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, go.microsoft.com, blobcollector.events.data.trafficmanager.net, go.microsoft.com.edgekey.net, audownload.windowsupdate.nsatc.net, watson.telemetry.microsoft.com, skypedataprdcolwus15.cloudapp.net, au-bg-shim.trafficmanager.net, www.google-analytics.com, cs9.wpc.v0cdn.net

                                                        Simulations

                                                        Behavior and APIs

                                                        No simulations

                                                        Joe Sandbox View / Context

                                                        IPs

                                                        No context

                                                        Domains

                                                        No context

                                                        ASN

                                                        No context

                                                        JA3 Fingerprints

                                                        No context

                                                        Dropped Files

                                                        No context

                                                        Created / dropped Files

                                                        C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71C4B54A-6705-11EB-90EB-ECF4BBEA1588}.dat
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:Microsoft Word Document
                                                        Category:dropped
                                                        Size (bytes):30296
                                                        Entropy (8bit):1.8479537129707035
                                                        Encrypted:false
                                                        SSDEEP:192:r2ZtZR2n9W8tfifI7FzMKNBnHDisf57IjX:ryDgnUI4F0jxu
                                                        MD5:00045990DAD6633180B9E1112A1D2795
                                                        SHA1:8D946FFD094B7E9CABFD2953C283C23F8A0EBA5E
                                                        SHA-256:7160570B0F577E1EF858610A9241E8F958033072F92C08FEA9C66BE31281081C
                                                        SHA-512:69CF1BF02068472C3C35436802449D3DEC0B0892E9739AE8EE49B5E9CE4CC8769F2274355A6A077FE2523D84E2DFB9A902A6BA58A09D8DCB0BE7A93EB5CAF927
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                        C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71C4B54C-6705-11EB-90EB-ECF4BBEA1588}.dat
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:Microsoft Word Document
                                                        Category:dropped
                                                        Size (bytes):182738
                                                        Entropy (8bit):2.502282898157289
                                                        Encrypted:false
                                                        SSDEEP:768:7j5ChDbJx0SxXYC6Y4sOcmMGbx7yYNSQlbp:7FajGcmDLSQlbp
                                                        MD5:2F0E71F851FC1CC463C4F25B77267CD9
                                                        SHA1:605C21F210EA46266DFFE09EFB4B21AD20B9193A
                                                        SHA-256:23304F0FA4D596ADF2BA25ABE56E1E50FB8B9C4C448DCFD2E3CBE30A915FB9A0
                                                        SHA-512:520B34AF33122A23A6D4058D1B6C9CD1D1BE746BAD7FCFDA44A4675B315AFC0051C3A42BA11088CF32B1F4F382F91D45844F3B68717A4A1DBF000622EC22D54C
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                        C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71C4B54D-6705-11EB-90EB-ECF4BBEA1588}.dat
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:Microsoft Word Document
                                                        Category:dropped
                                                        Size (bytes):16984
                                                        Entropy (8bit):1.5637537697781616
                                                        Encrypted:false
                                                        SSDEEP:48:Iw6Gcpr3GwpaoG4pQ8GrapbS5rGQpKfG7HpRVsTGIpG:r+ZhQ466BS5FAuTV4A
                                                        MD5:BB4CAEC1F8BF1B3E1D3BFEB44AB0F8C0
                                                        SHA1:F59818767B4AFBE1878177AD973E90646BD382DF
                                                        SHA-256:2B966AF9C56455C84AA634E6D99DD1CA7AB7BDEB1E68A920AA021A49B68A5C1D
                                                        SHA-512:ED5A7510965491954B4501A1E0BDF3D9FD7D1323292AF7C48F2197D3B9884827D63AE163862B6A9337AA68D4778D94FACD4126A07CF1DD2B433724B32135E7D3
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                        C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                        Category:dropped
                                                        Size (bytes):656
                                                        Entropy (8bit):5.131834458904829
                                                        Encrypted:false
                                                        SSDEEP:12:TMHdNMNxOEM616cnWimI002EtM3MHdNMNxOEM616cnWimI00OYGVbkEtMb:2d6NxOWEcSZHKd6NxOWEcSZ7YLb
                                                        MD5:C3558B398ADF238459A5159534BC0E32
                                                        SHA1:85948D247350E6211E2A3DD6A47D9FD592888E28
                                                        SHA-256:83E85AB50DC79391E9DE31AB635061FB3E0DBD79BFB8D9154A42F7ED024711C1
                                                        SHA-512:A11E151B1BF20ABDFCAF994D14EE374634FC9E8CF8B55A668B41F7EB6CCC4799D238B72AF472C4D05AA30E3B211194B4675B8D77C27AE576CD3523061BF46B33
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0x419e5667,0x01d6fb12</date><accdate>0x419e5667,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0x419e5667,0x01d6fb12</date><accdate>0x419e5667,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig>..
                                                        C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                        Category:dropped
                                                        Size (bytes):653
                                                        Entropy (8bit):5.160213770325517
                                                        Encrypted:false
                                                        SSDEEP:12:TMHdNMNxe2k7nWimI002EtM3MHdNMNxe2k7nWimI00OYGkak6EtMb:2d6Nxr+SZHKd6Nxr+SZ7Yza7b
                                                        MD5:9AF7BFE8C8F437F9EB96C729898E1B7A
                                                        SHA1:FE20F841218CCF2CE5F39B0CD800827F4834DDAB
                                                        SHA-256:72FDEE251297DFAD0E5A5549AAD568E4B2AD2F0B8784353D3008C82D81085918
                                                        SHA-512:C863EC1F47CFF1ECA3B2868D5E7F5EAE6E2E5610E082ADB8B5966D5667F74D4192DD487C0E847676D2156B5DEBD337A5C35FAD8BB9FF87C5011F61CC2455888C
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.amazon.com/"/><date>0x41736bf9,0x01d6fb12</date><accdate>0x41736bf9,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.amazon.com/"/><date>0x41736bf9,0x01d6fb12</date><accdate>0x41736bf9,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Amazon.url"/></tile></msapplication></browserconfig>..
                                                        C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                        Category:dropped
                                                        Size (bytes):662
                                                        Entropy (8bit):5.1518124455970105
                                                        Encrypted:false
                                                        SSDEEP:12:TMHdNMNxvLM616cnWimI002EtM3MHdNMNxvLM616cnWimI00OYGmZEtMb:2d6NxvNEcSZHKd6NxvNEcSZ7Yjb
                                                        MD5:126C38401F03099D2CC2938D7C516168
                                                        SHA1:359291697E76EBD491CFB9192D850887089A71E7
                                                        SHA-256:D8EF379ED91CB0B80879828465260446392009F83BCD578324F2A6C235988BC4
                                                        SHA-512:EC9CE282CDC39D41A76139BDFD963F61B5451DC11ED5E1B59A010E91A1B3D64E505216C83CCD1F6D6EC76061A800E4873A98E924DCD89C5DAABF3EB63D1008F4
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.wikipedia.com/"/><date>0x419e5667,0x01d6fb12</date><accdate>0x419e5667,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.wikipedia.com/"/><date>0x419e5667,0x01d6fb12</date><accdate>0x419e5667,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Wikipedia.url"/></tile></msapplication></browserconfig>..
                                                        C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                        Category:dropped
                                                        Size (bytes):647
                                                        Entropy (8bit):5.133938643549611
                                                        Encrypted:false
                                                        SSDEEP:12:TMHdNMNxi05gnWimI002EtM3MHdNMNxi05gnWimI00OYGd5EtMb:2d6NxsSZHKd6NxsSZ7YEjb
                                                        MD5:7CDF4D953611976337C69354ADA4D5A1
                                                        SHA1:A7BE605835F1155036BA887AC2AE01C6280DCAB7
                                                        SHA-256:E0CF820EE594DD33D852760EB32397C87A4285870A77B8B4BE22E80447C9B8BD
                                                        SHA-512:0D088C6864785174D5CDADCB48E369CE1AF0AAD36EBF7BEF72D8E3B07F9C52AC5B03581F8A1E0CA70241C4CC183D86A1673054BF86C0C2ECC268F3C5F31AF214
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.live.com/"/><date>0x419991a2,0x01d6fb12</date><accdate>0x419991a2,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.live.com/"/><date>0x419991a2,0x01d6fb12</date><accdate>0x419991a2,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Live.url"/></tile></msapplication></browserconfig>..
                                                        C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                        Category:dropped
                                                        Size (bytes):656
                                                        Entropy (8bit):5.121800343996001
                                                        Encrypted:false
                                                        SSDEEP:12:TMHdNMNxhGww6N6+nWimI002EtM3MHdNMNxhGww6N6+nWimI00OYG8K075EtMb:2d6NxQwM+SZHKd6NxQwM+SZ7YrKajb
                                                        MD5:41F1FCBF6F3D72F04C75DE08CC8DAE89
                                                        SHA1:37B2A63930841B609449E92F1752D2BB22E851A4
                                                        SHA-256:A3DCB1346FDE52ABFD093E416D6271613937ADCC28E761010EEE11B08C43CC30
                                                        SHA-512:B58B67F5F2020647628E9B5C80BA7B85EA2AB0E347AF8D58C2155C73D542FCFCF302D7A88D35CF3DF930B2A093B8CF8B940C0746C7BB4E440D0323E0E781BF75
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0x41a0b8a2,0x01d6fb12</date><accdate>0x41a0b8a2,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0x41a0b8a2,0x01d6fb12</date><accdate>0x41a0b8a2,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig>..
                                                        C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                        Category:dropped
                                                        Size (bytes):653
                                                        Entropy (8bit):5.112660676135579
                                                        Encrypted:false
                                                        SSDEEP:12:TMHdNMNx0nENwUKNwU1nWimI002EtM3MHdNMNx0nENwUKNwU1nWimI00OYGxEtMb:2d6Nx0ENw9Nw+SZHKd6Nx0ENw9Nw+SZ9
                                                        MD5:7549A26B63DE0489BCF0B6B55D369E33
                                                        SHA1:A63DE6455176CBE9DB48C5C3DFAA84EA3F68BF33
                                                        SHA-256:9993B9F9D5CF54697A95397E2B2B40DC4C3F9E6E0909E4E33F04319FEB0D1978
                                                        SHA-512:97409095AB8532A13DFC50F5E6004C4233103227423F805C668057D02C6F5319CC87EE86DAEC3A1EEEB2C971636EDF068DB1063F32F7BA4EA9F478A1972EDB51
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.reddit.com/"/><date>0x419bf410,0x01d6fb12</date><accdate>0x419bf410,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.reddit.com/"/><date>0x419bf410,0x01d6fb12</date><accdate>0x419bf410,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Reddit.url"/></tile></msapplication></browserconfig>..
                                                        C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                        Category:dropped
                                                        Size (bytes):656
                                                        Entropy (8bit):5.15777512495312
                                                        Encrypted:false
                                                        SSDEEP:12:TMHdNMNxx05gnWimI002EtM3MHdNMNxx05gnWimI00OYG6Kq5EtMb:2d6NxtSZHKd6NxtSZ7Yhb
                                                        MD5:8EA9E3ACC55203BC5234C2A6C506E4EC
                                                        SHA1:9EACACABC76EAADC86ECB5517B42E300AE0531D2
                                                        SHA-256:8BA88E4AB6F6F95E990C0DB369448A39E55BE9E00FA7BD8F619FF22FB0E8DC46
                                                        SHA-512:46FFB36ABBAEA0158278C3B8941DBE61B90FE6E296C746816244A89DD84E09408C0C05CDBF8F9A7FFA24F28CF82BAF798F174D58F18BCB9B6179208374596949
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.nytimes.com/"/><date>0x419991a2,0x01d6fb12</date><accdate>0x419991a2,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.nytimes.com/"/><date>0x419991a2,0x01d6fb12</date><accdate>0x419991a2,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\NYTimes.url"/></tile></msapplication></browserconfig>..
                                                        C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                        Category:dropped
                                                        Size (bytes):659
                                                        Entropy (8bit):5.127908082840484
                                                        Encrypted:false
                                                        SSDEEP:12:TMHdNMNxcLnWimI002EtM3MHdNMNxcLnWimI00OYGVEtMb:2d6Nx+SZHKd6Nx+SZ7Ykb
                                                        MD5:9FE6004F2185ABFA2075A7FA6AD972CC
                                                        SHA1:39A2D3A2D43DA5BA34153136D4D2224E1794EEFB
                                                        SHA-256:FE2BD0CA877C7BC8B94A50FB1C00EA0C8D027E76267FBE3C1B0168BB84A7B111
                                                        SHA-512:0C39F053AF646AC88BB8D15C7DFB399DFA538D25F47E308967C0D8A9E483385D4D5F131F71B6F00EEC980B19CBCCDDBAC952390E40F70001DE56B2C193CDF33B
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0x41841c90,0x01d6fb12</date><accdate>0x41841c90,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0x41841c90,0x01d6fb12</date><accdate>0x41841c90,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig>..
                                                        C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
                                                        Category:dropped
                                                        Size (bytes):653
                                                        Entropy (8bit):5.113408004377333
                                                        Encrypted:false
                                                        SSDEEP:12:TMHdNMNxfnLnWimI002EtM3MHdNMNxfnLnWimI00OYGe5EtMb:2d6NxzSZHKd6NxzSZ7YLjb
                                                        MD5:22E4D2A898EC355350E30760B15F8B29
                                                        SHA1:DA40200C3B0851D7DDCF31E75A9FA9BF22B98517
                                                        SHA-256:F656040789732581655B3A22210D6AE47A50CD8580A10286A14BB0FA0962B16B
                                                        SHA-512:B54DEE715C2791BF2B2210C5000B296ED00FC2D0FF8C5EB50D6D1FDF72452F8ABFBC0D12A679109E1FC8ADFB5D529519F8F89768538010C060D3F60885213D38
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: <?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.google.com/"/><date>0x41841c90,0x01d6fb12</date><accdate>0x41841c90,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.google.com/"/><date>0x41841c90,0x01d6fb12</date><accdate>0x41841c90,0x01d6fb12</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Google.url"/></tile></msapplication></browserconfig>..
                                                        C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:data
                                                        Category:dropped
                                                        Size (bytes):12040
                                                        Entropy (8bit):4.999862122295024
                                                        Encrypted:false
                                                        SSDEEP:96:4ktUIJkcKhaoOtBRQmk8Fis8KnJhebftkojFxzDwYkTWJ+LbVNHzF1gUzQ88pn8r:btU2Khot0Jps8ZdyLrHzrgsS8ynCaOL/
                                                        MD5:B8EDF20CB1D97DE3DF1375E3337045BC
                                                        SHA1:4B6DD94DE1781030351EA37E7F125EFC6C21378C
                                                        SHA-256:16A12C58E9F624C4BCD12FCC71312791C85C34002A5C65741B23D4B0CE7B42A9
                                                        SHA-512:FAB33CE5FA9277776E7BF479B61C553496E613BBF61FDE865C5E0D3EEDCE2140AE28248D660C5A6A6A78D432A537EA9EEBAA788DFA8ECD77BA22EE9AE6103061
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: P.h.t.t.p.s.:././.t.e.s.t.-.f.o.r.-.c.o.r.o.n.a.v.i.r.u.s...s.e.r.v.i.c.e...g.o.v...u.k./.d.e.7.a.b.c.5.2.2.6.9.2.5.2.0.3.a.c.1.0.b.0.a.4.a.9.4.a.f.9.4.9...i.c.o.>.................(.......(....... ...................................................................tsv.feh.XWZ.JIL.<;?..-1. .#...........................DDDB....Aa..:.."4uFB$..)&b8C..._...O............|....EsFrK............o..............................................................................................................`.......`....P.h.t.t.p.s.:././.t.e.s.t.-.f.o.r.-.c.o.r.o.n.a.v.i.r.u.s...s.e.r.v.i.c.e...g.o.v...u.k./.d.e.7.a.b.c.5.2.2.6.9.2.5.2.0.3.a.c.1.0.b.0.a.4.a.9.4.a.f.9.4.9...i.c.o........... ..............(... ...@...............................................................................................................................................................................................................................................................................................
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\EHM9IL5G.htm
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, ASCII text, with CRLF line terminators
                                                        Category:dropped
                                                        Size (bytes):183
                                                        Entropy (8bit):4.588847634298986
                                                        Encrypted:false
                                                        SSDEEP:3:qVoB3tUROGclXqyvXboAc9FKEIHiHby4AqWSZUXqXlIVLmEUjA/CqwcWWGu:q43tISl6kXiWHiHuwWSU6XlI5KktpfGu
                                                        MD5:E4E384D6672787C1BB2A9B500114F1F5
                                                        SHA1:CF909E7937CD3F312C434367B732A53D7A6CBF14
                                                        SHA-256:80785F5520097DDE3B28C617171415CD690CBF1E0353A5F3E348C83A4656EA0F
                                                        SHA-512:BD99B87EEF90595068F7DBB5944DAD8137D8B601F3C5A2DB2CBFB5DFDD526F80E03DED110003E77893570A72C3629CC244F965105AA53EB2CEA2395755A18007
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: <html>..<head><title>301 Moved Permanently</title></head>..<body bgcolor="white">..<center><h1>301 Moved Permanently</h1></center>..<hr><center>CloudFront</center>..</body>..</html>..
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\action-link-arrow--simple-light-404cfd5992e74d48ac785545369ce0368ef54590a692afa37b1b50035b13a0e8[1].svg
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:SVG Scalable Vector Graphics image
                                                        Category:downloaded
                                                        Size (bytes):431
                                                        Entropy (8bit):5.0247503550683925
                                                        Encrypted:false
                                                        SSDEEP:12:trNb7uvfM65wmmZnrGULv6cJvgTmZb8uufM65jR7oG6S5oGUA89:txb7uHMMwprGKRf8ukMMxBvBUA89
                                                        MD5:96A1454B060490A6AA15B94F34996860
                                                        SHA1:6381D73A3FBBA8A8E85AB540F040C916DBDD8911
                                                        SHA-256:404CFD5992E74D48AC785545369CE0368EF54590A692AFA37B1B50035B13A0E8
                                                        SHA-512:161C3D8712B85DEA2A63BB01051AD53A6A311460ED40E3B115092C86A8BD470F6978CCF5AD6772142F9784E322B75A670209DB29A26A0D186EC1978B2561E098
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/collections/govuk_publishing_components/action-link-arrow--simple-light-404cfd5992e74d48ac785545369ce0368ef54590a692afa37b1b50035b13a0e8.svg
                                                        Preview: <svg width="23" height="23" viewBox="0 0 23 23" fill="none" xmlns="http://www.w3.org/2000/svg">. <path fill-rule="evenodd" clip-rule="evenodd" d="M14.9429 11.7949L10.4402 7.29222L11.7327 5.99967L17.528 11.7949L11.7327 17.5902L10.4402 16.2976L14.9429 11.7949Z" fill="#ffffff"/>. <path fill-rule="evenodd" clip-rule="evenodd" d="M3.95631 10.881L15.4414 10.881L15.4414 12.709L3.95631 12.709L3.95631 10.881Z" fill="#ffffff"/>.</svg>.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\application-4f43482b9f6ae15fcc694ae1eed5151184ae405b9f2839659981cf24a440ff81[1].css
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:UTF-8 Unicode (with BOM) text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):285979
                                                        Entropy (8bit):5.148744544589327
                                                        Encrypted:false
                                                        SSDEEP:6144:73OM53WHCrn3KZbC5nInsGfxoBEtWK++9+J+M+M+Di3boUDPYWwYFYnYhYyYrYxc:73OM5UCrn3KZbC5nInsGfxoBEtWK++9p
                                                        MD5:FFEEF8186C439080B1EC2D9A12D2B52C
                                                        SHA1:AE7B9656A4BB02E04613A79C4BE9CC89EBEF3D67
                                                        SHA-256:4F43482B9F6AE15FCC694AE1EED5151184AE405B9F2839659981CF24A440FF81
                                                        SHA-512:8FA156B722A5AA6603E6ECD5EEE6490C82017549830AED83CDD0D7821767646AAEC867B3387256FF7A5137EED41B24E46D3D50A1FD368BF4198D4F28C9C23616
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/collections/application-4f43482b9f6ae15fcc694ae1eed5151184ae405b9f2839659981cf24a440ff81.css
                                                        Preview: ..gem-c-translation-nav__link,.gem-c-subscription-links__item,.gem-c-step-nav-related__link,.gem-c-share-links__link,.gem-c-related-navigation__section-link,.gem-c-pagination__link,.gem-c-notice__title a,.gem-c-image-card__list .gem-c-image-card__list-item-link,.gem-c-image-card__title-link,.gem-c-contextual-sidebar__brexit-cta .gem-c-contextual-sidebar__brexit-text,.govuk-link{font-family:"nta",arial,sans-serif;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}@media print{.gem-c-translation-nav__link,.gem-c-subscription-links__item,.gem-c-step-nav-related__link,.gem-c-share-links__link,.gem-c-related-navigation__section-link,.gem-c-pagination__link,.gem-c-notice__title a,.gem-c-image-card__list .gem-c-image-card__list-item-link,.gem-c-image-card__title-link,.gem-c-contextual-sidebar__brexit-cta .gem-c-contextual-sidebar__brexit-text,.govuk-link{font-family:sans-serif}}.gem-c-translation-nav__link:focus,.gem-c-subscription-links__item:focus,.gem-c-step-nav-related
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\application-770051122f7036d2e18191b049a9a550df0aec8ed74b4dadd1e5dfabf87a1eef[1].css
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:UTF-8 Unicode (with BOM) text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):254750
                                                        Entropy (8bit):5.147325083382084
                                                        Encrypted:false
                                                        SSDEEP:1536:R8xj1GseS4DWRwbKzNU2YzJjOXQHxNGnVoB3oJ:WxjU53WRw35OA3oJ
                                                        MD5:54037EE5FA45D3D7BD3556E843073F15
                                                        SHA1:87CB0DFE033DD1356D8D8A5A85F3BC85BE5B24FA
                                                        SHA-256:770051122F7036D2E18191B049A9A550DF0AEC8ED74B4DADD1E5DFABF87A1EEF
                                                        SHA-512:ECF7B92AE157B47E2235F34AB300CFB22F74FACB2AB9553DE27BD8FB8F66FD47F2AAEE899B05A0E59641BFE2B6D0119D66C813918AA73DF33C3CB119512CB265
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/government-frontend/application-770051122f7036d2e18191b049a9a550df0aec8ed74b4dadd1e5dfabf87a1eef.css
                                                        Preview: ..app-c-brexit-notice__link,.gem-c-translation-nav__link,.gem-c-subscription-links__item,.gem-c-step-nav-related__link,.gem-c-share-links__link,.gem-c-related-navigation__section-link,.gem-c-pagination__link,.gem-c-notice__title a,.gem-c-contextual-sidebar__brexit-cta .gem-c-contextual-sidebar__brexit-text,.govuk-link{font-family:"nta",arial,sans-serif;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}@media print{.app-c-brexit-notice__link,.gem-c-translation-nav__link,.gem-c-subscription-links__item,.gem-c-step-nav-related__link,.gem-c-share-links__link,.gem-c-related-navigation__section-link,.gem-c-pagination__link,.gem-c-notice__title a,.gem-c-contextual-sidebar__brexit-cta .gem-c-contextual-sidebar__brexit-text,.govuk-link{font-family:sans-serif}}.app-c-brexit-notice__link:focus,.gem-c-translation-nav__link:focus,.gem-c-subscription-links__item:focus,.gem-c-step-nav-related__link:focus,.gem-c-share-links__link:focus,.gem-c-related-navigation__section-link:focus
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\application-fdd87be62b9f4ff1d54836999198a70a4315c6e5bdc9c95cec3a6f9cb14bcac2[1].js
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):121640
                                                        Entropy (8bit):5.256945869323351
                                                        Encrypted:false
                                                        SSDEEP:1536:uc4O1pViEJiYe7GAN1nN19UQeaN1U8qe7IvL0kzsvP4:uMpVM7GAnnnbean2e0v4keQ
                                                        MD5:93D3880913D9D1944D8954B6E60FEBF9
                                                        SHA1:B0D97E4BBC5DBDDE80229E48EBF50E06BCD48A46
                                                        SHA-256:FDD87BE62B9F4FF1D54836999198A70A4315C6E5BDC9C95CEC3A6F9CB14BCAC2
                                                        SHA-512:4688E194DDF733F65599A98B907F02B4543E25BE6AFA65B0E31D41687FD566B705DCDD3C7FB648C5560B910A4A4EE1D726B578621FD5581DDE20C7F99C91A7E8
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/frontend/application-fdd87be62b9f4ff1d54836999198a70a4315c6e5bdc9c95cec3a6f9cb14bcac2.js
                                                        Preview: this.Element&&function(t){t.matches=t.matches||t.matchesSelector||t.webkitMatchesSelector||t.msMatchesSelector||function(t){for(var e=this,n=(e.parentNode||e.document).querySelectorAll(t),o=-1;n[++o]&&n[o]!=e;);return!!n[o]}}(Element.prototype),this.Element&&function(t){t.closest=t.closest||function(t){for(var e=this;e.matches&&!e.matches(t);)e=e.parentNode;return e.matches?e:null}}(Element.prototype),Array.prototype.indexOf||(Array.prototype.indexOf=function(t,e){for(var n=e||0,o=this.length;n<o;n++)if(this[n]===t)return n;return-1}),function(t){"use strict";var s=t.GOVUK||{};s.Modules=s.Modules||{},s.Modules.AutoTrackEvent=function(){this.start=function(t){var e={nonInteraction:1},n=t.data("track-category"),o=t.data("track-action"),i=t.data("track-label"),r=t.data("track-value");"string"==typeof i&&(e.label=i),(r||0===r)&&(e.value=r),s.analytics&&s.analytics.trackEvent&&s.analytics.trackEvent(n,o,e)}},t.GOVUK=s}(window),function(){"use strict";window.GOVUK=window.GOVUK||{};var i={ess
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\bold-affa96571d-v2-5a2a925237869837d1afdd0a70ffded0717296d2d25885865d19c0da7f3ece5d[1].woff
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:Web Open Font Format, TrueType, length 40816, version 1.0
                                                        Category:downloaded
                                                        Size (bytes):40816
                                                        Entropy (8bit):7.987002925295704
                                                        Encrypted:false
                                                        SSDEEP:768:8oLaHYRjQaPgHAKWMAsfjDBOaxhPB4ozsJoDyuZNcDntXo5kiU:8P0SASfjoAG6DyuZNQntX2U
                                                        MD5:AFFA96571D94A9AB7D95B0850B26EDDE
                                                        SHA1:1117D82D9030E93F62E8C70B525097C1B1801138
                                                        SHA-256:5A2A925237869837D1AFDD0A70FFDED0717296D2D25885865D19C0DA7F3ECE5D
                                                        SHA-512:CC43082269124A7B8B78371F3F57BAFB9F8AB4B7861B8BF40605D8A0B40C66663A09B796AB9231E4FFFF6760C3BA53F15CB28F13BACFCAE99AC8A1AB943DF552
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/frontend/bold-affa96571d-v2-5a2a925237869837d1afdd0a70ffded0717296d2d25885865d19c0da7f3ece5d.woff
                                                        Preview: wOFF.......p......:................n........DSIG...|............GPOS..........-.d..GSUB...........P5...LTSH............4...OS/2.......Y...`.@Qqcmap..%....\...L...qgasp................glyf..-...I....D`+9Ghdmx...|...T..R...q|head.......6...6....hhea.......!...$....hmtx...X..........7loca..*4........H.i.maxp........... ...,name..w........n....post..y.........a...prep..*,........h............;.._.<...................J....................x.c`d``......W..y..p.a.. ...........x.c`d``|.x...!............6..5.x.c`a.g......:....Q.B3_d..t.........X.00..`X.....F.....~....{...}.S.PX.$..:.H)0p...9.....x..]H.Q.....Tb.6....&6Dj.....c...DdD..$".Q.>.E....B.1"*.....B.D....../"0.."$..M....k..}.{>..9.s...L...|........"..PV/I...l.DY.Q..h...Q6s..._.Vo..ac..U........,.jy..Z...R..0..9...3......z...C.6.N!&.#..PE..@V..9.O..g...2.n...;G...[t..:.wFmA..k+...r.q... ..!.mn...c\.9..`s.i.....!.{.Pc...Y..{...\.^_.../.s..5..A.W..s.{.nr......W.w\.V+/.f...n#.5X.zl...o.../N.^..u.6...M...uT..?.:.R.7Tug.0M.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\citizenship[1].htm
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):37802
                                                        Entropy (8bit):5.0096946591507105
                                                        Encrypted:false
                                                        SSDEEP:384:xLF5N1xhbXaupV2P1ea0mhDb9leFDUpUWzr1tDgdPvPvGd6D8gO6WFP0iCdOqtAv:p7Db3VtaRr1tEGAj1Oqt+WGd
                                                        MD5:EBCD1947D77A32767D57F5C2D8F4FA01
                                                        SHA1:AC8CD9CBFBA4B8DDED44CD471A33B0874097A624
                                                        SHA-256:7CAFC26F32DEC61FDBA5F07D41F495082C1C7DCF5F0E45BCA19CBA93490E37A8
                                                        SHA-512:38A5B6CFCE74738E6636E7E2930C362498EA5688D91E0DD1992920B2B28B1EAD524734B28719C29F5B43E31E94DA84840E7D32680214858B07D64FCE28E87228
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/browse/citizenship
                                                        Preview: <!DOCTYPE html>. [if lt IE 9]><html class="lte-ie8" lang="en"><![endif]--> [if gt IE 8]> ><html lang="en">. <![endif]-->. <head>.<meta http-equiv="Content-Type" content="text/html; charset=utf-8">.<meta name="Cookieless-Variant" content="B" data-module="track-variant">.<meta name="govuk:ab-test" content="CookielessAATest:B" data-analytics-dimension="49" data-allowed-variants="A,B,Z">.<meta name="govuk:content-id" content="764a2ce0-eae5-414a-a4a9-2217507165fb">.<meta name="govuk:schema-name" content="mainstream_browse_page">.<meta name="govuk:publishing-application" content="collections-publisher">.<meta name="govuk:format" content="mainstream_browse_page">.<meta name="govuk:navigation-page-type" content="First Level Browse">.<meta name="description" content="Voting, community participation, life in the UK, international projects">.<meta name="csrf-token" content="sPCDUPmPrC59j6vJxgxbEYWPrTnc5dVvUu+PSb2ZhKMJOfjDh6WuaRDeX6Q5qlNcXxVWckev/dM6p+2mWTBnmA==">.<meta name="csrf-par
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\collect[1].gif
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:GIF image data, version 89a, 1 x 1
                                                        Category:dropped
                                                        Size (bytes):35
                                                        Entropy (8bit):2.9889227488523016
                                                        Encrypted:false
                                                        SSDEEP:3:CUdrllHh/:HJ/
                                                        MD5:28D6814F309EA289F847C69CF91194C6
                                                        SHA1:0F4E929DD5BB2564F7AB9C76338E04E292A42ACE
                                                        SHA-256:8337212354871836E6763A41E615916C89BAC5B3F1F0ADF60BA43C7C806E1015
                                                        SHA-512:1D68B92E8D822FE82DC7563EDD7B37F3418A02A89F1A9F0454CCA664C2FC2565235E0D85540FF9BE0B20175BE3F5B7B4EAE1175067465D5CCA13486AAB4C582C
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: GIF89a.............,...........D..;
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\cookies[1].htm
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):36709
                                                        Entropy (8bit):4.966992796466722
                                                        Encrypted:false
                                                        SSDEEP:384:xKSN1xhbXaur5X2YV2P1ea0mhDo4JP+W1BDwpkVjWzr1RDg7zvPvid6D8I26QFP+:0SDbt5tVtaa3kor1RqGAvjOqt+WGo
                                                        MD5:F48C9F4AEF02DA04C2D43AAE744C38D5
                                                        SHA1:6AAAFDA909C7BD63AE9AC02763C5C73100E3CC96
                                                        SHA-256:EF82F333714ADA2F5DD2D5034E8F601D1CFE5052476B16ECBA6F7A5A3D25B0B0
                                                        SHA-512:82DAC09A4E6DB75CC67879737E6C54CFA1B9ABF5192D13FB6B7A4D5443226C95A2504BA462B44E2CDA8D45BE3F87485B8818B62D767FDCB5F95025A1D8104BC8
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/help/cookies
                                                        Preview: <!DOCTYPE html>. [if lt IE 9]><html class="lte-ie8" lang="en"><![endif]--> [if gt IE 8]> ><html lang="en">. <![endif]-->. <head>.<meta http-equiv="Content-Type" content="text/html; charset=utf-8">.<meta name="Cookieless-Variant" content="B" data-module="track-variant">.<meta name="govuk:ab-test" content="CookielessAATest:B" data-analytics-dimension="49" data-allowed-variants="A,B,Z">.<meta name="govuk:content-id" content="220f39ad-d4ad-4b0c-9d40-6c417a1341c0">.<meta name="govuk:schema-name" content="special_route">.<meta name="govuk:publishing-application" content="frontend">.<meta name="govuk:format" content="special_route">. <meta charset="utf-8">. <title>Cookies on GOV.UK</title>.. [if gt IE 8]> ><link rel="stylesheet" media="screen" href="https://www.gov.uk/assets/static/govuk-template-3e3f4a131aca72f9b2e458dfd318f65420aef6ada35539243aac38ebbbbcc64f.css">. <![endif]-->. [if IE 8]><link rel="stylesheet" media="screen" href="https://www.gov.uk/a
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\get-coronavirus-test[1].htm
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):52384
                                                        Entropy (8bit):5.075326764209535
                                                        Encrypted:false
                                                        SSDEEP:768:pDb1VtaZ4b0L53r1dsCAb1Oqt+WG7UBGxm:pDb1Lb0lr1dsnb1Oqt+PIBG0
                                                        MD5:B8D46BF43EDF5E6EF310EC2404464860
                                                        SHA1:45616227533121201C029908E720AD8DDE784FD6
                                                        SHA-256:2E06DB642E777F0996446AA2C235CB1817774E30F73E91ABFB51C4E9B527B474
                                                        SHA-512:74460032ACF98FFE04E1E9A1670A0F0D5CEC635D9CBCD2AE468AA1DF1CAEB8C329EA8ECBC943E3873B11867BB69FE3B7D90D7D004BE3DFE7BC24F80327B09A85
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/get-coronavirus-test
                                                        Preview: <!DOCTYPE html>. [if lt IE 9]><html class="lte-ie8" lang="en"><![endif]--> [if gt IE 8]> ><html lang="en">. <![endif]-->. <head>.<meta http-equiv="Content-Type" content="text/html; charset=utf-8">.<meta property="og:description" content="Choose a drive-through or walk-through test centre for a quick test, or order a home test kit..">.<meta property="og:title" content="Get a free NHS test to check if you have coronavirus">.<meta property="og:url" content="https://www.gov.uk/get-coronavirus-test">.<meta property="og:type" content="article">.<meta property="og:site_name" content="GOV.UK">.<meta name="twitter:card" content="summary">.<meta name="Cookieless-Variant" content="B" data-module="track-variant">.<meta name="govuk:ab-test" content="CookielessAATest:B" data-analytics-dimension="49" data-allowed-variants="A,B,Z">.<meta name="description" content="Choose a drive-through or walk-through test centre for a quick test, or order a home test kit..">.<meta name="govuk:taxon
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\light-f591b13f7d-v2-091aa3008e57dfeea899e33243c1d4ea95bab658f1cc2191679193bcbfac0b7b[1].woff
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:Web Open Font Format, TrueType, length 43425, version 1.2
                                                        Category:downloaded
                                                        Size (bytes):43425
                                                        Entropy (8bit):7.989601336086822
                                                        Encrypted:false
                                                        SSDEEP:768:VdmGpPErEPKbpDyqLm0FmW4xKpnLlmsr4jHPuwuVgpiU:VdmGpPE+MNi0FmW4xscNjv3uVdU
                                                        MD5:F591B13F7DAAD512CF0DFA0DDCB2960E
                                                        SHA1:3DDAA91B2256C7AAB9786D3E2B4C97ABEDC91930
                                                        SHA-256:091AA3008E57DFEEA899E33243C1D4EA95BAB658F1CC2191679193BCBFAC0B7B
                                                        SHA-512:F284851390E80E6429A15D0C40E0D008642027BDDFBC1F2C5E585FC281228669A5D470206BEC34280DD8F7C4770D705D5BC40F7B140CA6107DCD19FA3ACEC4A0
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/government-frontend/light-f591b13f7d-v2-091aa3008e57dfeea899e33243c1d4ea95bab658f1cc2191679193bcbfac0b7b.woff
                                                        Preview: wOFF..............N................o........DSIG................GPOS......#...D....GSUB...........P5...LTSH.............[fiOS/2.......X...`..M.cmap..%....U...F....gasp................glyf......H.....$@.hdmx.......k..R.O...head.......6...6...thhea.......!...$.".Whmtx...T............loca..*L..........8.maxp........... ...<name..v........n... post..x.........`Y.hprep..*D........h............S^T_.<...................J....................x.c`d``......W....59.0.E...{..u.....x.c`d``|.x................8..E.x.c`a)c.a`e`a..j...(.../2.b..........,.....0,.f..G#.o.....,.{..c``........1.c..........x.._h.W....._..F..(...D.Z...]).PD..)U$.]p%D%+Y."Q|......#..2PJ.Q...DB(](..c..}..@D..)8.....~F.}3......{......./..<.d.C..%.D.(.<9..].7PR..#h3B..tp...<.Z.p.*...s.K......r..d..9.dx..S..1eJHq.....A\.......>$..c...1..u.C..^H.\..s.s./io.k.U.z.1./.9vS/..<......t.{8..".T.;.Cr.C..Z.8csO...L.....:...G....Fx..Y.........`-..Y..{K.-...'{I....<]b.?WAl.....c0.5..6.\..y..V.A<}..V.Xml..M#VG.....,..
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\light-f591b13f7d-v2-091aa3008e57dfeea899e33243c1d4ea95bab658f1cc2191679193bcbfac0b7b[2].woff
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:Web Open Font Format, TrueType, length 43425, version 1.2
                                                        Category:downloaded
                                                        Size (bytes):43425
                                                        Entropy (8bit):7.989601336086822
                                                        Encrypted:false
                                                        SSDEEP:768:VdmGpPErEPKbpDyqLm0FmW4xKpnLlmsr4jHPuwuVgpiU:VdmGpPE+MNi0FmW4xscNjv3uVdU
                                                        MD5:F591B13F7DAAD512CF0DFA0DDCB2960E
                                                        SHA1:3DDAA91B2256C7AAB9786D3E2B4C97ABEDC91930
                                                        SHA-256:091AA3008E57DFEEA899E33243C1D4EA95BAB658F1CC2191679193BCBFAC0B7B
                                                        SHA-512:F284851390E80E6429A15D0C40E0D008642027BDDFBC1F2C5E585FC281228669A5D470206BEC34280DD8F7C4770D705D5BC40F7B140CA6107DCD19FA3ACEC4A0
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/frontend/light-f591b13f7d-v2-091aa3008e57dfeea899e33243c1d4ea95bab658f1cc2191679193bcbfac0b7b.woff
                                                        Preview: wOFF..............N................o........DSIG................GPOS......#...D....GSUB...........P5...LTSH.............[fiOS/2.......X...`..M.cmap..%....U...F....gasp................glyf......H.....$@.hdmx.......k..R.O...head.......6...6...thhea.......!...$.".Whmtx...T............loca..*L..........8.maxp........... ...<name..v........n... post..x.........`Y.hprep..*D........h............S^T_.<...................J....................x.c`d``......W....59.0.E...{..u.....x.c`d``|.x................8..E.x.c`a)c.a`e`a..j...(.../2.b..........,.....0,.f..G#.o.....,.{..c``........1.c..........x.._h.W....._..F..(...D.Z...]).PD..)U$.]p%D%+Y."Q|......#..2PJ.Q...DB(](..c..}..@D..)8.....~F.}3......{......./..<.d.C..%.D.(.<9..].7PR..#h3B..tp...<.Z.p.*...s.K......r..d..9.dx..S..1eJHq.....A\.......>$..c...1..u.C..^H.\..s.s./io.k.U.z.1./.9vS/..<......t.{8..".T.;.Cr.C..Z.8csO...L.....:...G....Fx..Y.........`-..Y..{K.-...'{I....<]b.?WAl.....c0.5..6.\..y..V.A<}..V.Xml..M#VG.....,..
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\light-f591b13f7d-v2.f591b13f[1].woff
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:Web Open Font Format, TrueType, length 43425, version 1.2
                                                        Category:downloaded
                                                        Size (bytes):43425
                                                        Entropy (8bit):7.989601336086822
                                                        Encrypted:false
                                                        SSDEEP:768:VdmGpPErEPKbpDyqLm0FmW4xKpnLlmsr4jHPuwuVgpiU:VdmGpPE+MNi0FmW4xscNjv3uVdU
                                                        MD5:F591B13F7DAAD512CF0DFA0DDCB2960E
                                                        SHA1:3DDAA91B2256C7AAB9786D3E2B4C97ABEDC91930
                                                        SHA-256:091AA3008E57DFEEA899E33243C1D4EA95BAB658F1CC2191679193BCBFAC0B7B
                                                        SHA-512:F284851390E80E6429A15D0C40E0D008642027BDDFBC1F2C5E585FC281228669A5D470206BEC34280DD8F7C4770D705D5BC40F7B140CA6107DCD19FA3ACEC4A0
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://test-for-coronavirus.service.gov.uk/fonts/light-f591b13f7d-v2.f591b13f.woff
                                                        Preview: wOFF..............N................o........DSIG................GPOS......#...D....GSUB...........P5...LTSH.............[fiOS/2.......X...`..M.cmap..%....U...F....gasp................glyf......H.....$@.hdmx.......k..R.O...head.......6...6...thhea.......!...$.".Whmtx...T............loca..*L..........8.maxp........... ...<name..v........n... post..x.........`Y.hprep..*D........h............S^T_.<...................J....................x.c`d``......W....59.0.E...{..u.....x.c`d``|.x................8..E.x.c`a)c.a`e`a..j...(.../2.b..........,.....0,.f..G#.o.....,.{..c``........1.c..........x.._h.W....._..F..(...D.Z...]).PD..)U$.]p%D%+Y."Q|......#..2PJ.Q...DB(](..c..}..@D..)8.....~F.}3......{......./..<.d.C..%.D.(.<9..].7PR..#h3B..tp...<.Z.p.*...s.K......r..d..9.dx..S..1eJHq.....A\.......>$..c...1..u.C..^H.\..s.s./io.k.U.z.1./.9vS/..<......t.{8..".T.;.Cr.C..Z.8csO...L.....:...G....Fx..Y.........`-..Y..{K.-...'{I....<]b.?WAl.....c0.5..6.\..y..V.A<}..V.Xml..M#VG.....,..
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\nhs-logo-56b9384aa9a842b9de96d72c468fbbdb1d6a1455124cf382f752466d9dcee087[1].svg
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:SVG Scalable Vector Graphics image
                                                        Category:downloaded
                                                        Size (bytes):553
                                                        Entropy (8bit):4.702799739049013
                                                        Encrypted:false
                                                        SSDEEP:12:t41lICafIcIBuf30kZpGzruA8lIDIWxp/38hH1kiBabVi2cUBM:t41GfaEkeGzrl8SDL/MDkrAUBM
                                                        MD5:97529391ECB3C119860C0FDCF7E541CB
                                                        SHA1:90C7895A6B54AC24265686E41E6F10DF5D1ECBA1
                                                        SHA-256:56B9384AA9A842B9DE96D72C468FBBDB1D6A1455124CF382F752466D9DCEE087
                                                        SHA-512:18CC945795E1710DF2EF8A3AC275518769AF614CA0F575E1958CDE01F659B0169FA04A96A66F94D9A4EF36358933704CAE15695185BCBCA2A4A3C084B6EED55B
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/collections/nhs-logo-56b9384aa9a842b9de96d72c468fbbdb1d6a1455124cf382f752466d9dcee087.svg
                                                        Preview: <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 69.2 28">. <desc>NHS</desc>. <defs/>. <path fill="#005eb8" d="M0 0h69.2v28H0z"/>. <path fill="#fff" d="M6.8 2.7h7.5l4.6 15.6h.1l3.1-15.6h5.7L23 25.2h-7.4L10.8 9.6h-.1L7.6 25.2H2L6.8 2.7zm23.2 0h6l-1.7 8.6h7.1l1.8-8.6h6l-4.7 22.5h-6l2-9.6h-7.2l-2 9.6h-6L30 2.7zm35.1 5.1c-1.6-.7-3.3-1.1-5-1-2.4 0-4.3.3-4.3 2.2 0 3.2 8.8 2 8.8 8.9 0 6.2-5.8 7.9-11 7.9-2.4-.1-4.7-.4-7-1.2L48 20c1.7.9 3.6 1.3 5.5 1.3s4.8-.4 4.8-2.7c0-3.6-8.8-2.3-8.8-8.6 0-5.8 5.1-7.6 10-7.6 2.3-.1 4.7.2 6.9 1l-1.3 4.4z"/>.</svg>.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\print-87286b175ef4a7b195cf3798d8c97cdc8a3efefd09eecc15c0675f8627aab2ff[1].css
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):15712
                                                        Entropy (8bit):5.075888849308546
                                                        Encrypted:false
                                                        SSDEEP:192:/TtCHyGCpmk7nxojJ3kEmve77xH2zO/r9dIx+L3DOOxK/f20uHythScH8VAcGHOH:L00EmvgQiV3Cy
                                                        MD5:53118A0F6410FC1D9F0DD803AAEF2341
                                                        SHA1:08A20099374A076A4ACB3819C09A711F98808209
                                                        SHA-256:87286B175EF4A7B195CF3798D8C97CDC8A3EFEFD09EECC15C0675F8627AAB2FF
                                                        SHA-512:FD643926F098DA5309271B1FE5B85BE42DA3843BC4127F7EAE110D55164E6DAF4C32CB9DAE5FB249E6F248E879DCCED0B37336D8AF7CBA91F938DFD4E9EAF0A5
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/collections/print-87286b175ef4a7b195cf3798d8c97cdc8a3efefd09eecc15c0675f8627aab2ff.css
                                                        Preview: .govuk-accordion{margin-bottom:20px}@media (min-width: 40.0625em){.govuk-accordion{margin-bottom:30px}}.govuk-accordion__section{padding-top:15px}.govuk-accordion__section-header{padding-top:15px;padding-bottom:15px}.govuk-accordion__section-heading{font-family:"GDS Transport",arial,sans-serif;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;font-weight:400;font-size:18px;font-size:1.125rem;line-height:1.1111111111;margin-top:0;margin-bottom:0}/*! Copyright (c) 2011 by Margaret Calvert & Henrik Kubel. All rights reserved. The font has been customised for exclusive use on gov.uk. This cut is not commercially available. */@font-face{font-family:"GDS Transport";font-style:normal;font-weight:normal;src:url(/assets/collections/light-94a07e06a1-v2-eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0.woff2) format("woff2"),url(/assets/collections/light-f591b13f7d-v2-091aa3008e57dfeea899e33243c1d4ea95bab658f1cc2191679193bcbfac0b7b.woff) format("woff");font-displ
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\search-button-ca89b2a79f944909ceb7370d3f0b78811d32b96e883348fcd8886f63dd619585[1].png
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:PNG image data, 105 x 70, 8-bit colormap, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):540
                                                        Entropy (8bit):7.083355343699964
                                                        Encrypted:false
                                                        SSDEEP:12:6v/7y0aJMBAq39gOt8qQwWuijk3glgHqr+natr4CTK2:vpMBAqrt8NwIo3glgKr+na1R
                                                        MD5:3FACD83F86A29947AD9E45C2F7A77924
                                                        SHA1:1BBE2499F71D809CCCE802FBC65B69657876AAB1
                                                        SHA-256:CA89B2A79F944909CEB7370D3F0B78811D32B96E883348FCD8886F63DD619585
                                                        SHA-512:AEA0416A3E2C39A634B12B5C749C4CF618D64BE1B5413FE6DF4291F62B981A5B3D46ADC5D3C44BF58F2E8DA2944DFBE07005B704C48D7A9157350E7672AEBA99
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/govuk_publishing_components/search-button-ca89b2a79f944909ceb7370d3f0b78811d32b96e883348fcd8886f63dd619585.png
                                                        Preview: .PNG........IHDR...i...F.......J....3PLTE...........................................................tRNS .P...0p`..@....W.e.....IDATx^.... ...Q..R...n..4.....\..~R.._..eI.Y....%-iI.(h)g.*e...........z.H..S.N.:..nt75A:..J."..s6.A....-RM.+.[kw>....R-@!b..!....T.r...L...%.T)..1.#%...".@.....E...R.5..&.J...dU")7. ...M......-..KN./.S.H.=.2.2...O.W...(..s8x^..*]..gJE..2......UB..l..'v.Q.,.!..^.@.......P......j..R.WK.(.>.DO.VI..(.#.:+.].oY$B.%{"C.......p..M.PS...v..!I.Hs(.+..~.$.@s$......%-iIKZ.~....n..+.....IEND.B`.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\search-button-ca89b2a79f944909ceb7370d3f0b78811d32b96e883348fcd8886f63dd619585[2].png
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:PNG image data, 105 x 70, 8-bit colormap, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):540
                                                        Entropy (8bit):7.083355343699964
                                                        Encrypted:false
                                                        SSDEEP:12:6v/7y0aJMBAq39gOt8qQwWuijk3glgHqr+natr4CTK2:vpMBAqrt8NwIo3glgKr+na1R
                                                        MD5:3FACD83F86A29947AD9E45C2F7A77924
                                                        SHA1:1BBE2499F71D809CCCE802FBC65B69657876AAB1
                                                        SHA-256:CA89B2A79F944909CEB7370D3F0B78811D32B96E883348FCD8886F63DD619585
                                                        SHA-512:AEA0416A3E2C39A634B12B5C749C4CF618D64BE1B5413FE6DF4291F62B981A5B3D46ADC5D3C44BF58F2E8DA2944DFBE07005B704C48D7A9157350E7672AEBA99
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/search-button-ca89b2a79f944909ceb7370d3f0b78811d32b96e883348fcd8886f63dd619585.png
                                                        Preview: .PNG........IHDR...i...F.......J....3PLTE...........................................................tRNS .P...0p`..@....W.e.....IDATx^.... ...Q..R...n..4.....\..~R.._..eI.Y....%-iI.(h)g.*e...........z.H..S.N.:..nt75A:..J."..s6.A....-RM.+.[kw>....R-@!b..!....T.r...L...%.T)..1.#%...".@.....E...R.5..&.J...dU")7. ...M......-..KN./.S.H.=.2.2...O.W...(..s8x^..*]..gJE..2......UB..l..'v.Q.,.!..^.@.......P......j..R.WK.(.>.DO.VI..(.#.:+.].oY$B.%{"C.......p..M.PS...v..!I.Hs(.+..~.$.@s$......%-iIKZ.~....n..+.....IEND.B`.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\transition-2021-header-background-897cf522ad2d5dfbdd3d6364e6f602e55798923ca7311f721d275dcd0499f22e[1].jpg
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1920, frames 3
                                                        Category:downloaded
                                                        Size (bytes):151198
                                                        Entropy (8bit):7.950341604773541
                                                        Encrypted:false
                                                        SSDEEP:3072:43d1KiImXRTxTWkKd+/vqeQQFq2KlgKTf7gQLjNdHffwm3A7By:ceiIuRt/I2KlgKX3DnRv
                                                        MD5:06BFA0EF5781CACD575E272D9DA5B092
                                                        SHA1:B81D65DED6236D1AC5D6D13CCA44DFF4F789FB7B
                                                        SHA-256:897CF522AD2D5DFBDD3D6364E6F602E55798923CA7311F721D275DCD0499F22E
                                                        SHA-512:90AF9B895CC1B2FDAC142974D0528519CF2CE493E24D987D46AF66D4C52733CADFA1BD962E853BEF7629246DBD8C045CBC66E2579F2100BE9AD1DBD7CB7DAF4D
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/collections/transition-2021-header-background-897cf522ad2d5dfbdd3d6364e6f602e55798923ca7311f721d275dcd0499f22e.jpg
                                                        Preview: ......JFIF..............................................&.#. . .#.&.9.).,.).,.).9.W.6.?.6.6.?.6.W.M.].K.F.K.].M...l.`.`.l.......~...................=.=..................................&.#. . .#.&.9.).,.).,.).9.W.6.?.6.6.?.6.W.M.].K.F.K.].M...l.`.`.l.......~...................=.=............."...............................................F...~w.6 ..W..c...vk.9....&.;{z7....^o..@.Kok...A!-{zny.<~<.Nn.i..V8...g(...t..t.B.U..iS./...[m..M...r.r@.:N..H.......y..8.~..m.q....W]~....0..|...k`..}.........@.T=.......)Y.jp..:.....x..;..Z..]..}...{......:.....Jd....yY$.J6.;z..!)..z.\..?..3..t..}=.s.y|0!.V....=..HEi..S./.....K..'>|9.....I.tm.6P..=...<.|<..=..l'.9..C~.k.[.......+V..B.....ma.7>...]d..nt.C=....hf..eS........9('.N.nI.J.z_E.o@.PN<...z=7}.[.a....a)...vuiNa'.......1I.i............vz].;...I.mw8rp..0...k,p......}=;i@4.5....8.x.w.......^\...=^.41.g.?6F.2d.q....,8....:..aO..=.)e...:Fz.zc..7.|.}......O'..A..w....hHv....{..6.F.....)..]..^...W..s.....^.=t.wZ<0..8`
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\app.b210efc9[1].css
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                        Category:downloaded
                                                        Size (bytes):111445
                                                        Entropy (8bit):5.308428790048825
                                                        Encrypted:false
                                                        SSDEEP:1536:KSJnJVJBpZg79WMBACfzl7dr6qYIubkeQvVuP:LZwkOfzdMbkeQ0P
                                                        MD5:7992E9599B9A7428238C49B38537BCB8
                                                        SHA1:352E318B8F9B1C8CA779913D6D3A2AD9403CD431
                                                        SHA-256:86792C4160727147BBEE0235C2913FCDB0DFA07C84365276128786D5CDD02A25
                                                        SHA-512:B2947432E13775C097BB39C6913163FB65ECAAE03BEA3FB5C254EE6D3A3A7315FA78629F5DDEC81D822A8FE2C24D2A6D97A22F981116377859087A9A57603051
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://test-for-coronavirus.service.gov.uk/css/app.b210efc9.css
                                                        Preview: .pass[data-v-4eb2274e]{text-align:center}.pass__qrcode[data-v-4eb2274e]{margin:24px auto}.govuk-radios__divider[data-v-7af3e24c]{width:100%;text-align:left}.autocomplete__iosposinset{position:absolute;border:0;clip:rect(0 0 0 0);height:1px;margin-bottom:-1px;margin-right:-1px;overflow:hidden;padding:0;white-space:nowrap;width:1px}.autocomplete__wrapper[data-v-5a137df5]{position:relative}.autocomplete__hint[data-v-5a137df5],.autocomplete__input[data-v-5a137df5]{-webkit-appearance:none;border:2px solid #0b0c0c;border-radius:0;box-sizing:border-box;-moz-box-sizing:border-box;-webkit-box-sizing:border-box;margin-bottom:0;width:100%}.autocomplete__input[data-v-5a137df5]{background-color:transparent;position:relative}.autocomplete__input--error[data-v-5a137df5]:not(.autocomplete__input--focused){border-color:#d4351c;-webkit-box-shadow:inset 0 0 0 2px #d4351c;box-shadow:inset 0 0 0 2px #d4351c}.autocomplete__input--default[data-v-5a137df5]{padding:5px}.autocomplete__input--focused[data-v-5a13
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\application-09c2711b945df4f236974198f4f548b96c1e36db334900caddc2454ee0dd0b0e[1].js
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):97357
                                                        Entropy (8bit):5.26423447182041
                                                        Encrypted:false
                                                        SSDEEP:1536:uc4O1zViEJiYe7nB19UQsB1N8jB1U8xsND:uMzVM7nDbsDejDQD
                                                        MD5:7F3F2115DE6F32880003310E3D234B78
                                                        SHA1:3D5A082C0A950D87F8E9E806A4816DDDC39CA906
                                                        SHA-256:09C2711B945DF4F236974198F4F548B96C1E36DB334900CADDC2454EE0DD0B0E
                                                        SHA-512:7349E81EA2CFF7CA6011759A676115BAD50263E7606EFBFB22CEB072D27F96A00AD0CAD1F2E9A80E01903883A2D5514A56309136F0BD2A8BEEBE731D5985BD08
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/government-frontend/application-09c2711b945df4f236974198f4f548b96c1e36db334900caddc2454ee0dd0b0e.js
                                                        Preview: this.Element&&function(t){t.matches=t.matches||t.matchesSelector||t.webkitMatchesSelector||t.msMatchesSelector||function(t){for(var e=this,n=(e.parentNode||e.document).querySelectorAll(t),o=-1;n[++o]&&n[o]!=e;);return!!n[o]}}(Element.prototype),this.Element&&function(t){t.closest=t.closest||function(t){for(var e=this;e.matches&&!e.matches(t);)e=e.parentNode;return e.matches?e:null}}(Element.prototype),Array.prototype.indexOf||(Array.prototype.indexOf=function(t,e){for(var n=e||0,o=this.length;n<o;n++)if(this[n]===t)return n;return-1}),function(t){"use strict";var s=t.GOVUK||{};s.Modules=s.Modules||{},s.Modules.AutoTrackEvent=function(){this.start=function(t){var e={nonInteraction:1},n=t.data("track-category"),o=t.data("track-action"),i=t.data("track-label"),r=t.data("track-value");"string"==typeof i&&(e.label=i),(r||0===r)&&(e.value=r),s.analytics&&s.analytics.trackEvent&&s.analytics.trackEvent(n,o,e)}},t.GOVUK=s}(window),function(){"use strict";window.GOVUK=window.GOVUK||{};var i={ess
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\business[1].htm
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):45220
                                                        Entropy (8bit):4.99379579588758
                                                        Encrypted:false
                                                        SSDEEP:384:xlN1xhbXauXV2P1ea0mhDbJAWAHe1yFcTg2hLLKM8W83VFUDu6lLmD4pUWzr1LDz:PDbVVtaKVCrr1LcmAL1Oqt+WGd
                                                        MD5:92DF39D322A305F782BE1C680C29F1BB
                                                        SHA1:DC1A3812046CB0686727539AD1E9E3D95FDAB829
                                                        SHA-256:0F575DF7127AC29A319B1AF5DA969D7BBE2A38011C8D56C6EA5CF2BD410740F8
                                                        SHA-512:BB4E2CDDFEC9AE29F7639CDA11E238500C67701B587ED7F8E56C23ED326E9F06C924EB05EA97776B1B67FAF38902265A5B7E7A6BB4562558C19013350EA2EC8C
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/browse/business
                                                        Preview: <!DOCTYPE html>. [if lt IE 9]><html class="lte-ie8" lang="en"><![endif]--> [if gt IE 8]> ><html lang="en">. <![endif]-->. <head>.<meta http-equiv="Content-Type" content="text/html; charset=utf-8">.<meta name="Cookieless-Variant" content="B" data-module="track-variant">.<meta name="govuk:ab-test" content="CookielessAATest:B" data-analytics-dimension="49" data-allowed-variants="A,B,Z">.<meta name="govuk:content-id" content="2e47e500-8d91-4747-b6d8-cf6524d570f1">.<meta name="govuk:schema-name" content="mainstream_browse_page">.<meta name="govuk:publishing-application" content="collections-publisher">.<meta name="govuk:format" content="mainstream_browse_page">.<meta name="govuk:navigation-page-type" content="First Level Browse">.<meta name="description" content="Information about starting up and running a business in the UK, including help if you're self employed or a sole trader.">.<meta name="csrf-token" content="Xc10ECl0/YZ6UBmcAN1sIEBDKXzJMGJEtXByXMq1vZ9wamMiq3thlUVeQBl23Q
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\chunk-vendors.33f4ad10[1].js
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
                                                        Category:downloaded
                                                        Size (bytes):1788873
                                                        Entropy (8bit):5.898475489909004
                                                        Encrypted:false
                                                        SSDEEP:12288:1OAZIfGo9pHAtIk4Rr8NmtjiGhjCZEmZDpQE4bYiLTwxkSnk9RhQbIqEEPYaoo4k:QAZqGojIx6zsZgTwx0R4iLJsdvpnh
                                                        MD5:C86FC37D3734653B5A9BB749A5F41E88
                                                        SHA1:528066152992D1AC5E3FA45DF9A64D5B39B6249A
                                                        SHA-256:C3A519EBE4A5B43C808634EB863EBBE34CFCEFB7F3CEF040743E93671B02DB27
                                                        SHA-512:2A68ED5A39C8F39413E7627A3DCC5364CB691BC0442C8001F7979651ACD72EA82681C88E5EE5F7605B3742EBF2D285B089496754973861D929FAA18255DD111A
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://test-for-coronavirus.service.gov.uk/js/chunk-vendors.33f4ad10.js
                                                        Preview: (window["webpackJsonp"]=window["webpackJsonp"]||[]).push([["chunk-vendors"],{"00b4":function(e,t,n){"use strict";n("ac1f");var r=n("23e7"),o=n("861d"),i=function(){var e=!1,t=/[ac]/;return t.exec=function(){return e=!0,/./.exec.apply(this,arguments)},!0===t.test("abc")&&e}(),a=/./.test;r({target:"RegExp",proto:!0,forced:!i},{test:function(e){if("function"!==typeof this.exec)return a.call(this,e);var t=this.exec(e);if(null!==t&&!o(t))throw new Error("RegExp exec method returned something other than an Object or null");return!!t}})},"00ee":function(e,t,n){var r=n("b622"),o=r("toStringTag"),i={};i[o]="z",e.exports="[object z]"===String(i)},"00fd":function(e,t,n){var r=n("9e69"),o=Object.prototype,i=o.hasOwnProperty,a=o.toString,s=r?r.toStringTag:void 0;function u(e){var t=i.call(e,s),n=e[s];try{e[s]=void 0;var r=!0}catch(u){}var o=a.call(e);return r&&(t?e[s]=n:delete e[s]),o}e.exports=u},"010e":function(e,t,n){(function(e,t){t(n("c1df"))})(0,(function(e){"use strict";.//! moment.js locale
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\core-layout-5c9e91c1edfd49978562c26e27d70735f37888ac7de52549466b18d1672c7733[1].css
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):62361
                                                        Entropy (8bit):5.10639837127047
                                                        Encrypted:false
                                                        SSDEEP:768:+6NMS90wOQdMSYhQPjDoJGmxWpJ8R3UxkzCqUqKO49NTQu+E5JfpODxPQwtz1VUw:+6LiwBJNW
                                                        MD5:FA4345259C5CA565CF7C57D321193145
                                                        SHA1:D48ED4CC4FE69DE5CDD358CB56711E3C10BC96D2
                                                        SHA-256:5C9E91C1EDFD49978562C26E27D70735F37888AC7DE52549466B18D1672C7733
                                                        SHA-512:B353061C48131133FAF8A170980DBC8DC2EFB1DC6BBEFC648B275A75C249416370F015873D04EC96CDBA46C64EFD314CD1B843D34387C2189FE59CF97AE8C68A
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/core-layout-5c9e91c1edfd49978562c26e27d70735f37888ac7de52549466b18d1672c7733.css
                                                        Preview: .js-enabled .gem-c-cookie-banner{display:none}.gem-c-cookie-banner{font-family:"nta",arial,sans-serif;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;font-weight:400;font-size:14px;line-height:1.1428571429;padding:10px 0;background-color:#f3f2f1}@media print{.gem-c-cookie-banner{font-family:sans-serif}}@media (min-width: 40.0625em){.gem-c-cookie-banner{font-size:16px;line-height:1.25}}@media print{.gem-c-cookie-banner{font-size:14pt;line-height:1.2}}.gem-c-cookie-banner--services{display:none}.gem-c-cookie-banner__message{display:inline-block;padding-bottom:10px;font-family:"nta",arial,sans-serif;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;font-weight:400;font-size:14px;line-height:1.1428571429}@media print{.gem-c-cookie-banner__message{font-family:sans-serif}}@media (min-width: 40.0625em){.gem-c-cookie-banner__message{font-size:16px;line-height:1.25}}@media print{.gem-c-cookie-banner__message{font-size:14pt;line-height:1.2}}@media (min-wid
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\covid-19-promo-stay-home-5f631a879aa33cbd5d583aef098037076e279ba4c929b4fd4833072229b78129[1].png
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:PNG image data, 600 x 400, 8-bit colormap, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):5736
                                                        Entropy (8bit):7.833994781635246
                                                        Encrypted:false
                                                        SSDEEP:96:Go8d20rC1Our7xUiPyqgWvD6dkovuC3v81baXyo0JvyeF5r96i6:geOurdUhWvDMkovobaXT0JKTH
                                                        MD5:42E728D757A1D4930486B8E7F5E2E2F6
                                                        SHA1:73B2DB8FAC07BF98605AFDAFB4CD6E7F61A3B0DD
                                                        SHA-256:5F631A879AA33CBD5D583AEF098037076E279BA4C929B4FD4833072229B78129
                                                        SHA-512:AAC93177E4D48D57135D36E4F9AC05BE7CC023A805C93B061BB5F20237228C61922CBA1CCB3FE8C176BF025F943B82D219D4C8D47A302671420C2B28A05F2EE0
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/frontend/homepage/covid-19-promo-stay-home-5f631a879aa33cbd5d583aef098037076e279ba4c929b4fd4833072229b78129.png
                                                        Preview: .PNG........IHDR...X.........E.....QPLTE................._V......UI.y:.62..~.....9.....I.PH..e..........}o....e....nc.*/......IDATx............................................f..{...0...R...7g_....k..(........4l.....B.!..B.!..B.!..B.!..B.!.V7..e...t...i..*..L.|.t6.)...).*....2}~........... %..d.'....X...]...,.....d..`..Wb..K..+1Y.%.m..,.....JL.`.E.q%&..d......X".f\...,."X.S..2...L.\.K"R...=t1.U>...'..Ng.X....N`....JG3W..5.........I.`....]..d.V.....`M...d.]...$...F...aM...\.\.`U.F..q......a..Z.....~y.5.....[....G..VQ&..d.V..]%..P...^).q.A....g)...Z......K.Z^_W.Y..,_;.[EUsX,..JE.a......u..S/?..n5..[,t5).!<.c.X.`......Z....q...r8...;.\gxV....,..X.z;d`.x_....o.t6....6.aY^.e.Y.U..1X.....`..uZk..yXu..........A..M..U...X.+...1nG..m.W...F6..1.....f%,....'5.eX.I....,..l......]Y.......|....d...b.S:..>"`I..U%GH..3.s..U.....UE..?6<.....X..7X..X.Q.b.../..U..R..@yV....`m..`.5.FwNy...C.;\r...0<A...#n...P..~..i)...y.8-.e.gHJ.....VX]<........`X.....R.f.`.T..U<e.q
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\global-bar-init-8937018756a61669aeb0eb79274b88cfdcb3ef4b32093b7a72b00776d61b1135[1].js
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines, with no line terminators
                                                        Category:downloaded
                                                        Size (bytes):5500
                                                        Entropy (8bit):5.338424218351102
                                                        Encrypted:false
                                                        SSDEEP:96:aMSI7651BMoeExMRSlSZJGEK5GO2I64tqMpT8g:TDmuoVyu0mp
                                                        MD5:FEF33F2F8D3B5DC61B66F602D0995A14
                                                        SHA1:ED3FEDBEAF7D8840031CCAFC935C029250456390
                                                        SHA-256:8937018756A61669AEB0EB79274B88CFDCB3EF4B32093B7A72B00776D61B1135
                                                        SHA-512:5ACB8CE7A9F2CB424FCBB1416E34D12FA8F5B25A64FD182B6C426919FC8B173D303F812C44DB5ABB8D25682FA80F77B0334079A7027D2B37C32329FE05E2EC24
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/global-bar-init-8937018756a61669aeb0eb79274b88cfdcb3ef4b32093b7a72b00776d61b1135.js
                                                        Preview: function parseCookie(e){var o=JSON.parse(e);return"object"!=typeof o&&(o=JSON.parse(o)),o}!function(){"use strict";window.GOVUK=window.GOVUK||{};var t={essential:!0,settings:!1,usage:!1,campaigns:!1},a={cookies_policy:"essential",seen_cookie_message:"essential",cookie_preferences_set:"essential",cookies_preferences_set:"essential","_email-alert-frontend_session":"essential",licensing_session:"essential",govuk_contact_referrer:"essential",multivariatetest_cohort_coronavirus_extremely_vulnerable_rate_limit:"essential",dgu_beta_banner_dismissed:"settings",global_bar_seen:"settings",govuk_browser_upgrade_dismisssed:"settings",govuk_not_first_visit:"settings",analytics_next_page_call:"usage",_ga:"usage",_gid:"usage",_gat:"usage","JS-Detection":"usage",TLSversion:"usage"};window.GOVUK.cookie=function(e,o,n){return void 0!==o?!1===o||null===o?window.GOVUK.setCookie(e,"",{days:-1}):(void 0===n&&(n={days:30}),window.GOVUK.setCookie(e,o,n)):window.GOVUK.getCookie(e)},window.GOVUK.setDefaultConse
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\gov.uk_logotype_crown_invert_trans-203e1db49d3eff430d7dc450ce723c1002542fe1d2bce661b6d8571f14c1043c[1].png
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:PNG image data, 72 x 64, 8-bit colormap, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):1049
                                                        Entropy (8bit):7.692615349855654
                                                        Encrypted:false
                                                        SSDEEP:24:Ev3pXvHH8bu/iTurAPBYkyZY6hR+MasWJqMy:EtPcbu/wkO+RY6hRBMJqH
                                                        MD5:B67C8964CDDFF14C05D04DB0AFA4855F
                                                        SHA1:61D80D9443BC10FDA38F0DFCCBD0961AF3047E66
                                                        SHA-256:203E1DB49D3EFF430D7DC450CE723C1002542FE1D2BCE661B6D8571F14C1043C
                                                        SHA-512:5253B3ECFE13EF5DB5CE00E806D422F59B33D5BCB285724261C1F9715ECF4F439653E8DA89F1E5C14685DC73B6C81F848EEDA92CE7DD49C8AC1BCCA014A3BFE0
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/gov.uk_logotype_crown_invert_trans-203e1db49d3eff430d7dc450ce723c1002542fe1d2bce661b6d8571f14c1043c.png
                                                        Preview: .PNG........IHDR...H...@......`......tEXtSoftware.Adobe ImageReadyq.e<...3PLTE......@@@............000 ```...PPPppp...........7.......tRNS.................%..b..._IDATx..W..0..-.N......!.4.m.~$.RI*-../.......|..S>.k ,@.}.$.._...g/.v.6....).T>.6%{...7@DF.z..J......z......}...+..X....g..' 'N..;......?.."......_.K..8.f...$...N..-....Q.6.....7...*..A..".32.c...x,[.b.h..Y...Y..H....L.....G.g.!...,6.M...........nf.8...A.@..5.{V....I..FK_..w..v.(.Ff<..k`..o{.........g..We.:.m...C..k....7Zm.Im...R..c.7.l`..%S).... X.....D.^!Q.8\...(.../.j..^....H..cz.....U.i..A.....z..*.T.c/.9.K6.R..=S. ..&.~r.N..S:..tA..f..<..>6..M.h..#...3S..h..k!N1*w57....U....y.{.=..4.8B.@....9>b1.Z...mJJ. .|..%...y.M^*J..dt._..E.|.S>Mi.......+..BB...3...3P.h..\v.M...;.+b..V....Ce..(l..g!@..R.!Im.0.z.M...nE~..j....J.r..C.Z.]f.V...a..]..#V.4Bi.....XI(NS.E...<`Z7....c.Q.0m".n.e..e.@[)....2.[.a.S:f....{|XkBo.5. .........+...q?.R.....q..u:.e....7@...p.......)..#o....{.....^..
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\header-footer-only-f3ca9f5744a1346a673f6e1f6e4718387458bf7290b2f8e80be700fd1ef1e786[1].js
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):69609
                                                        Entropy (8bit):5.265236187592381
                                                        Encrypted:false
                                                        SSDEEP:1536:4b82SqVA9oDw9s81t2HDPrbO3+QsSaY8ZNP:4b8FqVA9oDwm81t2HDPrC3+8aY8T
                                                        MD5:8B4C0CEC1C09B33F2EA7ACBFB19F716F
                                                        SHA1:E9E18E5971B6D1AF74712EBF46C4EED2783871F9
                                                        SHA-256:F3CA9F5744A1346A673F6E1F6E4718387458BF7290B2F8E80BE700FD1EF1E786
                                                        SHA-512:903254BC2124A9823CB563E986910194669CB661DB1180F3679BD503CCAA7691127BBFC48992623A2D7132CFC3A4A27FA534BCADF4C00390C6D8EAE55C4D72AD
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/header-footer-only-f3ca9f5744a1346a673f6e1f6e4718387458bf7290b2f8e80be700fd1ef1e786.js
                                                        Preview: function parseCookie(e){var t=JSON.parse(e);return"object"!=typeof t&&(t=JSON.parse(t)),t}!function(e){var l="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",d=function(e){e=e.replace(/\x0d\x0a/g,"\n");for(var t="",n=0;n<e.length;n++){var i=e.charCodeAt(n);i<128?t+=String.fromCharCode(i):(127<i&&i<2048?t+=String.fromCharCode(i>>6|192):(t+=String.fromCharCode(i>>12|224),t+=String.fromCharCode(i>>6&63|128)),t+=String.fromCharCode(63&i|128))}return t},u=function(e){for(var t="",n=0,i=c1=c2=0;n<e.length;)(i=e.charCodeAt(n))<128?(t+=String.fromCharCode(i),n++):191<i&&i<224?(c2=e.charCodeAt(n+1),t+=String.fromCharCode((31&i)<<6|63&c2),n+=2):(c2=e.charCodeAt(n+1),c3=e.charCodeAt(n+2),t+=String.fromCharCode((15&i)<<12|(63&c2)<<6|63&c3),n+=3);return t};e.extend({base64Encode:function(e){var t,n,i,o,a,r,s,c="",u=0;for(e=d(e);u<e.length;)o=(t=e.charCodeAt(u++))>>2,a=(3&t)<<4|(n=e.charCodeAt(u++))>>4,r=(15&n)<<2|(i=e.charCodeAt(u++))>>6,s=63&i,isNaN(n)?r=s=64:isNaN(i)&&(s=64),c=
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\jquery-1.12.4-c731c20e2995c576b0509d3bd776f7ab64a66b95363a3b5fae9864299ee594ed[1].js
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):97830
                                                        Entropy (8bit):5.2664056215049735
                                                        Encrypted:false
                                                        SSDEEP:1536:tdEjMeKcsiCKewTHQ/jf6ZxzsVuWiam2TAZ9P+tTFIbUFMkBthlVxV8Z4bpvvwaH:tg9QJa9iie/f8Z49vx1z1
                                                        MD5:310C748E2013720C61973AF9E134B239
                                                        SHA1:12937459D8BDB4544853B8AE48D2C9DBF27A03C0
                                                        SHA-256:C731C20E2995C576B0509D3BD776F7AB64A66B95363A3B5FAE9864299EE594ED
                                                        SHA-512:CF45BF2AC4D7099DCA4CE5C8989D52F9FDEE32CAB7323CCEE6BBEB2A0FE522426D0471EF5A6366AD387BF991A764E0568C688F4F9BADF5D7886FF8886D92B3CC
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/libs/jquery/jquery-1.12.4-c731c20e2995c576b0509d3bd776f7ab64a66b95363a3b5fae9864299ee594ed.js
                                                        Preview: !function(e,t){"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){function s(e){var t=!!e&&"length"in e&&e.length,n=pe.type(e);return"function"!==n&&!pe.isWindow(e)&&("array"===n||0===t||"number"==typeof t&&0<t&&t-1 in e)}function t(e,n,r){if(pe.isFunction(n))return pe.grep(e,function(e,t){return!!n.call(e,t,e)!==r});if(n.nodeType)return pe.grep(e,function(e){return e===n!==r});if("string"==typeof n){if(Ce.test(n))return pe.filter(n,e,r);n=pe.filter(n,e)}return pe.grep(e,function(e){return-1<pe.inArray(e,n)!==r})}function n(e,t){for(;(e=e[t])&&1!==e.nodeType;);return e}function c(e){var n={};return pe.each(e.match(je)||[],function(e,t){n[t]=!0}),n}function i(){re.addEventListener?(re.removeEventListener("DOMContentLoaded",o),C.removeEventListener("load",o)):(re.detachEvent("onreadystatechan
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\nhs-app--480w-0289cc69ab921551cf45466e1d55843784f93082f5f5484c34a8721e86f2d4f3[1].jpg
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x322, frames 3
                                                        Category:downloaded
                                                        Size (bytes):31443
                                                        Entropy (8bit):7.972978405308459
                                                        Encrypted:false
                                                        SSDEEP:768:dPIE57cWu8Ao2VwaqsbN3Ns0A4Eaq3/iEqcCalPhQXGx:5IE57cI2wa/NNsl6zExJ8Wx
                                                        MD5:7D81C0D58459146BCA448CC7408DE390
                                                        SHA1:FD7D2E862EA306DBF54B05E1C79F8CBB1C426500
                                                        SHA-256:0289CC69AB921551CF45466E1D55843784F93082F5F5484C34A8721E86F2D4F3
                                                        SHA-512:604024735828DF8E155940EA9DCAFA5A8C0D5BC1621D5321AB4F58814F1AC281BCE068FE77604CB361C2E29EC32DDCA7CA4D0BB21FE8FF677C05ECC829C608CE
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/frontend/homepage/nhs-app--480w-0289cc69ab921551cf45466e1d55843784f93082f5f5484c34a8721e86f2d4f3.jpg
                                                        Preview: ......JFIF.....................................................................&""&0-0>>T.......................................................&""&0-0>>T......B.......................................................`.........................4b.%.P.M<...Y........9@MR........ D..`#Zp..R....HB..Q..j.....S...^t!.@F1.B......F..e.....K.BII..M.........1.hR.....|..}...4.B...V.JA5Z.....~..4..*P.Z.....~.....z'.O5I.F.*..R.....Y).Ns....m.<.f...k...O]......^_q._..R.I.,.".R...$.3.4.o..<O.....5J.MJQq1,..........%J.n.O..V....eI.$.xNn...6..3.zz....D.........q.X.....E{.....1....&...a^..5....A2.T.Vjr+.K$.x?}.v.....U...l...5j.mV.GV....\...D._|t..ZU.L..!$.u.......xO/..[HZ../.*....<..k......y.}.;.F.i..\.J.p>...a....i.....y..._@.|....../.<7...f.~\.&.......V.I'...\..?.G.....>..g5/;....?.~.{N...k.\r`..u.v....kB..dW.{.bJ.....[.1....?.........OI.....-j..I,u......:42........'.e./....z.........T..d.~ ...h..<.s.....!..........R.;...Z.t...G....m..#5<.o....9..?.z..Q.n....<W
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\print-c01e429d41f73399d834c2cd00c8ce3304065c2ddea267f84e2e2fc1ce033990[1].css
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):7749
                                                        Entropy (8bit):5.047687967091753
                                                        Encrypted:false
                                                        SSDEEP:192:8XrRTtX3dIx+L3DOOxK/f2Mw0uDHythScH8VAcGHO1dfSdfYdfBdfh6rw4uQ5W4A:gF1z36LyZ6tZi
                                                        MD5:2792427A7A85FE22C14BE3D127C9DB63
                                                        SHA1:A98FDE83AE7CA00A5AD18C438F4AE70158B2AB88
                                                        SHA-256:C01E429D41F73399D834C2CD00C8CE3304065C2DDEA267F84E2E2FC1CE033990
                                                        SHA-512:21889A815AFF0D7107AE2ABE25681669E8BCC998099E60C2555C8F426C2AC9E267ED8822DF70F6B8534D116CDB15073D7A62738B40207F229194148C942B0E96
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/government-frontend/print-c01e429d41f73399d834c2cd00c8ce3304065c2ddea267f84e2e2fc1ce033990.css
                                                        Preview: .gem-c-attachment__thumbnail-image{display:none}.gem-c-back-link{display:none}.gem-c-button{font-family:"GDS Transport",arial,sans-serif;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;font-weight:400;font-size:12px;font-size:.75rem;line-height:1.25;display:inline-block;padding:5px;border:solid 1px #0b0c0c;color:#0b0c0c;text-decoration:none}/*! Copyright (c) 2011 by Margaret Calvert & Henrik Kubel. All rights reserved. The font has been customised for exclusive use on gov.uk. This cut is not commercially available. */@font-face{font-family:"GDS Transport";font-style:normal;font-weight:normal;src:url(/assets/government-frontend/light-94a07e06a1-v2-eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0.woff2) format("woff2"),url(/assets/government-frontend/light-f591b13f7d-v2-091aa3008e57dfeea899e33243c1d4ea95bab658f1cc2191679193bcbfac0b7b.woff) format("woff");font-display:fallback}@font-face{font-family:"GDS Transport";font-style:normal;font-weight:bold;sr
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\surveys-b5737b46c55d5682514456a1bf0cea2075accf1fb9a09c790d988346bdadba95[1].js
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines, with no line terminators
                                                        Category:downloaded
                                                        Size (bytes):14540
                                                        Entropy (8bit):5.275061979649383
                                                        Encrypted:false
                                                        SSDEEP:384:MM6twtkEivPv3huIqk9reoIuQxDZeZNFid3OS:MMi0ffIfdLZnS
                                                        MD5:28CF3B818917EFA39EE612AE18BE5957
                                                        SHA1:F1F4D350DA3EF88FFAD5079274D4CAB688E663D9
                                                        SHA-256:B5737B46C55D5682514456A1BF0CEA2075ACCF1FB9A09C790D988346BDADBA95
                                                        SHA-512:DA6BE17F46984985EA128B0EF009CEAA9534CA018FCAE9F9BAFA24197AAB0BF8F60EC9047B809A2D3D01997CC1A93376F690247E29E2565B2FE6E9DC31AEB7EB
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/surveys-b5737b46c55d5682514456a1bf0cea2075accf1fb9a09c790d988346bdadba95.js
                                                        Preview: !function(){"use strict";window.GOVUK=window.GOVUK||{};var i={essential:!0,settings:!1,usage:!1,campaigns:!1},o={cookies_policy:"essential",seen_cookie_message:"essential",cookie_preferences_set:"essential",cookies_preferences_set:"essential","_email-alert-frontend_session":"essential",licensing_session:"essential",govuk_contact_referrer:"essential",multivariatetest_cohort_coronavirus_extremely_vulnerable_rate_limit:"essential",dgu_beta_banner_dismissed:"settings",global_bar_seen:"settings",govuk_browser_upgrade_dismisssed:"settings",govuk_not_first_visit:"settings",analytics_next_page_call:"usage",_ga:"usage",_gid:"usage",_gat:"usage","JS-Detection":"usage",TLSversion:"usage"};window.GOVUK.cookie=function(e,n,r){return void 0!==n?!1===n||null===n?window.GOVUK.setCookie(e,"",{days:-1}):(void 0===r&&(r={days:30}),window.GOVUK.setCookie(e,n,r)):window.GOVUK.getCookie(e)},window.GOVUK.setDefaultConsentCookie=function(){window.GOVUK.setConsentCookie(i)},window.GOVUK.approveAllCookieTypes=f
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\take-action-amber-ed37d78dd940d181c13d2689c7ca16a10891d89e5d278eef21e0e0001fb5a477[1].svg
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:SVG Scalable Vector Graphics image
                                                        Category:downloaded
                                                        Size (bytes):233
                                                        Entropy (8bit):5.058258124740444
                                                        Encrypted:false
                                                        SSDEEP:6:tnrqsWwumc4slWQ1SBK5VVieXIdkucCkAHw6+n:trqsWwubSIn4pkAHFw
                                                        MD5:F5A7290BAB7ADCB44698E51F8C7E6D01
                                                        SHA1:361DC4A9C2A566CF42F06297DF59E3771513360D
                                                        SHA-256:ED37D78DD940D181C13D2689C7CA16A10891D89E5D278EEF21E0E0001FB5A477
                                                        SHA-512:5D0F4C7875F57FCBD59CE31C9A98AC37727F608B53144F97216D36F33C69EC4476E159976B34267966CBFBB70B0E0D24D7B37C218D3CBF8555360F2E1F2C4D01
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/collections/take-action-amber-ed37d78dd940d181c13d2689c7ca16a10891d89e5d278eef21e0e0001fb5a477.svg
                                                        Preview: <svg width="35" height="35" viewBox="0 0 35 35" fill="none" xmlns="http://www.w3.org/2000/svg">.<circle cx="17.5" cy="17.5" r="17.5" fill="#FF5800"/>.<path d="M28.5 10L13.6739 24L6.5 17.2258" stroke="white" stroke-width="3"/>.</svg>.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\take-action-red-5117cea61725753ad21e17234e1d12f5605c1ab8df1eab37bd7d557d200a5006[1].svg
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:SVG Scalable Vector Graphics image
                                                        Category:downloaded
                                                        Size (bytes):237
                                                        Entropy (8bit):5.051880864080255
                                                        Encrypted:false
                                                        SSDEEP:6:tnrqsWwumc4slWQ1SBK2vEXIHpPLrwlkAHw6+n:trqsWwubSIb4HprqkAHFw
                                                        MD5:1DD220D448FF150C2E3F7286138BA61D
                                                        SHA1:66812F2CBCC51970B6B7378DB50244083DE86D63
                                                        SHA-256:5117CEA61725753AD21E17234E1D12F5605C1AB8DF1EAB37BD7D557D200A5006
                                                        SHA-512:28F663166ED1771FB8B755399C9884E9B7368E200FC244D58EF9B50DDF35FC9D03BB9127FD083F01418D308CA308AE79971B2A96B962FDA74314E23E45807102
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/collections/take-action-red-5117cea61725753ad21e17234e1d12f5605c1ab8df1eab37bd7d557d200a5006.svg
                                                        Preview: <svg width="35" height="35" viewBox="0 0 35 35" fill="none" xmlns="http://www.w3.org/2000/svg">.<circle cx="17.5" cy="17.5" r="17.5" fill="#FF003B"/>.<path d="M28.5 10.5L13.6739 24.5L6.5 17.7258" stroke="white" stroke-width="3"/>.</svg>.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\transition[1].htm
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):54020
                                                        Entropy (8bit):5.027874509509531
                                                        Encrypted:false
                                                        SSDEEP:768:I7DbDVHPB1MT2wup9z+r1Rs4AH7Oqt+WGX:I7DbDX1MTtu+r1RsRH7Oqt+PX
                                                        MD5:98BB5B520D964DE21176698E2A9E0BE4
                                                        SHA1:ACC51A8119DA74943A38B0C9DB2D71D5BF9DAB8D
                                                        SHA-256:D850E0886BDABFDC4A333F4D9E2C1435E97656C02565DA4BEE1E159ABBA34C8E
                                                        SHA-512:0B1214016F684EBA89A726C18FD074B8ADE50BA9809AE05DA5C1C2B8558A1EBB5B9D3BD33F4C1F76373909D43AEA283F58B0FAE0A79987717B387162E72DB4EA
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/transition
                                                        Preview: <!DOCTYPE html>. [if lt IE 9]><html class="lte-ie8" lang="en"><![endif]--> [if gt IE 8]> ><html lang="en">. <![endif]-->. <head>.<meta http-equiv="Content-Type" content="text/html; charset=utf-8">.<meta property="og:image" content="https://www.gov.uk/assets/collections/transition-period-0159975f0ff8e8a74b9a758d6b20b731cc8d416f5cc46c6cd10c57eb62f05228.png">.<meta property="og:description" content="The Brexit transition period has ended. Check how the new rules affect you.">.<meta property="og:title" content="Brexit">.<meta property="og:url" content="https://www.gov.uk/transition">.<meta property="og:site_name" content="GOV.UK">.<meta property="og:type" content="website">.<meta name="Cookieless-Variant" content="B" data-module="track-variant">.<meta name="govuk:ab-test" content="CookielessAATest:B" data-analytics-dimension="49" data-allowed-variants="A,B,Z">.<meta name="govuk:taxon-slugs" content="transition">.<meta name="govuk:taxon-slug" content="transition">.<meta name="g
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\B3G463H9.htm
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):41994
                                                        Entropy (8bit):4.967864799059223
                                                        Encrypted:false
                                                        SSDEEP:384:zlON1xhbXaur5m2AV2P100mhDenWICXiWxMiHVD/YIOilx2KWzr1ADgdRvPvBd6/:JODbtoXVVcWJIr1AkXADjOqt+WGo
                                                        MD5:CE2B12287440D067F4C4B24CF695EF9E
                                                        SHA1:0D42B35913812FC6DDFA7F366DD2D6F8A95B5BD7
                                                        SHA-256:F441629829A7A301EE5529BE12BF909642C3C0D2FDA62BEDF2629B4F06934402
                                                        SHA-512:145C9F52611B4A4C801C6C03E94162FDE687F4B2C08A606706B4BC9979661B1CFB9FA851D5C82416440842C678806D8D1F3F7752E37181344D3324A1A4D9E038
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/
                                                        Preview: <!DOCTYPE html>. [if lt IE 9]><html class="lte-ie8" lang="en"><![endif]--> [if gt IE 8]> ><html lang="en">. <![endif]-->. <head>.<meta http-equiv="Content-Type" content="text/html; charset=utf-8">.<meta name="Cookieless-Variant" content="B" data-module="track-variant">.<meta name="govuk:ab-test" content="CookielessAATest:B" data-analytics-dimension="49" data-allowed-variants="A,B,Z">.<meta name="govuk:analytics:organisations" content="&lt;OT1056&gt;">.<meta name="govuk:content-id" content="f3bbdec2-0e62-4520-a7fd-6ffd5d36e03a">.<meta name="govuk:schema-name" content="homepage">.<meta name="govuk:publishing-application" content="frontend">.<meta name="govuk:format" content="homepage">.<meta name="description" content="GOV.UK - The place to find government services and information - Simpler, clearer, faster">. <meta charset="utf-8">. <title>Welcome to GOV.UK</title>.. [if gt IE 8]> ><link rel="stylesheet" media="screen" href="https://www.gov.uk/assets/static/
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\analytics[1].js
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):47051
                                                        Entropy (8bit):5.516264124030958
                                                        Encrypted:false
                                                        SSDEEP:768:ryOveCSBZfsnt5XqY/yPndFTkoWY3SoavqVy2rlebYUDTJC6g0stZm:ryJNDfs5hYdFTwY3SorSg0su
                                                        MD5:53EE95B384D866E8692BB1AEF923B763
                                                        SHA1:A82812B87B667D32A8E51514C578A5175EDD94B4
                                                        SHA-256:E441C3E2771625BA05630AB464275136A82C99650EE2145CA5AA9853BEDEB01B
                                                        SHA-512:C1F98A09A102BB1E87BFDF825A725B0E2CC1DBEDB613D1BD9E8FD9D8FD8B145104D5F4CACA44D96DB14AC20F2F51B4C653278BFC87556E7F00E48A5FA6231FAD
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.google-analytics.com/analytics.js
                                                        Preview: (function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var l=this||self,m=function(a,b){a=a.split(".");var c=l;a[0]in c||"undefined"==typeof c.execScript||c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length||void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};var q=function(a,b){for(var c in b)b.hasOwnProperty(c)&&(a[c]=b[c])},r=function(a){for(var b in a)if(a.hasOwnProperty(b))return!0;return!1};var t=/^(?:(?:https?|mailto|ftp):|[^:/?#]*(?:[/?#]|$))/i;var u=window,v=document,w=function(a,b){v.addEventListener?v.addEventListener(a,b,!1):v.attachEvent&&v.attachEvent("on"+a,b)};var x={},y=function(){x.TAGGING=x.TAGGING||[];x.TAGGING[1]=!0};var z=/:[0-9]+$/,A=function(a,b,c){a=a.split("&");for(var d=0;d<a.length;d++){var e=a[d].split("=");if(decodeURIComponent(e[0]).replace(/\+/g," ")===b)return b=e.slice(1).join("="),c?b:decodeURIComponent(b).replace(/\+/g," ")}},D=function(a,b){b&&(b=String(b).toLowerCase());if("p
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\app.f6cc719e[1].js
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:UTF-8 Unicode text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):740729
                                                        Entropy (8bit):5.340148218620132
                                                        Encrypted:false
                                                        SSDEEP:6144:yghqAXXXSfqAsr9e71Dzav4Ld0BUc7/oy1tm+B2gsAjtOThY717h7o6LItrN09YA:ydjXD+5rj
                                                        MD5:08B78B7613C15EA18D12B71BB4A94923
                                                        SHA1:0859AF9C0DA1D8BF7EDD8B3F2DC10B191AEEED1B
                                                        SHA-256:9BD8C29F998732033B9A15F14C2EA947AEEDC8824EC13E97F1890DB06B82299F
                                                        SHA-512:0D389A9E8137E94E57EC1E3FD99F61101D38415CF1C4786B6EDDE7F7722C1AA1B470D8C8449058A2CC8E5B9274B2EB42DF2E2C038D6D8558402342835EBA97B6
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://test-for-coronavirus.service.gov.uk/js/app.f6cc719e.js
                                                        Preview: (function(t){function e(e){for(var n,o,s=e[0],u=e[1],c=e[2],l=0,d=[];l<s.length;l++)o=s[l],Object.prototype.hasOwnProperty.call(a,o)&&a[o]&&d.push(a[o][0]),a[o]=0;for(n in u)Object.prototype.hasOwnProperty.call(u,n)&&(t[n]=u[n]);p&&p(e);while(d.length)d.shift()();return i.push.apply(i,c||[]),r()}function r(){for(var t,e=0;e<i.length;e++){for(var r=i[e],n=!0,o=1;o<r.length;o++){var s=r[o];0!==a[s]&&(n=!1)}n&&(i.splice(e--,1),t=u(u.s=r[0]))}return t}var n={},o={app:0},a={app:0},i=[];function s(t){return u.p+"js/"+({"tracking-reference-scanner":"tracking-reference-scanner","barcode-scanner":"barcode-scanner"}[t]||t)+"."+{"tracking-reference-scanner":"21153941","barcode-scanner":"5874a103"}[t]+".js"}function u(e){if(n[e])return n[e].exports;var r=n[e]={i:e,l:!1,exports:{}};return t[e].call(r.exports,r,r.exports,u),r.l=!0,r.exports}u.e=function(t){var e=[],r={"tracking-reference-scanner":1,"barcode-scanner":1};o[t]?e.push(o[t]):0!==o[t]&&r[t]&&e.push(o[t]=new Promise((function(e,r){for(var
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\application-61879034ce7a0faaef322b8f1c486203d3e4db4114fe3af0878643f5443ec8a9[1].css
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):236741
                                                        Entropy (8bit):5.1708516059355665
                                                        Encrypted:false
                                                        SSDEEP:1536:yaxjUGLbAM/eWRwmzNUKYkUOmewVwI4K03CvWFY2zN:xxj3fKWRwXYmewVwI4K03CoY2zN
                                                        MD5:EA2BBC165765E5D8C0D2BD02F3F9D5A5
                                                        SHA1:C0A7AB0B921E2DAF474AAC762F59ACD4E336C2E3
                                                        SHA-256:61879034CE7A0FAAEF322B8F1C486203D3E4DB4114FE3AF0878643F5443EC8A9
                                                        SHA-512:48A2CEBD1496E1C4232EC1D8A235E7D6D68BAE66AEF08704BE1C470640210C18FC9426A52FDC3867DE368AB27B025D404CC1B5A766663A6A6AAA2CEB9958BFB0
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/frontend/application-61879034ce7a0faaef322b8f1c486203d3e4db4114fe3af0878643f5443ec8a9.css
                                                        Preview: .gem-c-subscription-links__item,.gem-c-step-nav-related__link,.gem-c-related-navigation__section-link,.gem-c-contextual-sidebar__brexit-cta .gem-c-contextual-sidebar__brexit-text,.govuk-link{font-family:"nta",arial,sans-serif;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}@media print{.gem-c-subscription-links__item,.gem-c-step-nav-related__link,.gem-c-related-navigation__section-link,.gem-c-contextual-sidebar__brexit-cta .gem-c-contextual-sidebar__brexit-text,.govuk-link{font-family:sans-serif}}.gem-c-subscription-links__item:focus,.gem-c-step-nav-related__link:focus,#global-header .gem-c-search__input.gem-c-subscription-links__item[type="search"]:focus,#global-header .gem-c-search__input.gem-c-step-nav-related__link[type="search"]:focus,.gem-c-related-navigation__section-link:focus,#global-header .gem-c-related-navigation__section-link.gem-c-search__input[type="search"]:focus,.gem-c-contextual-sidebar__brexit-cta .gem-c-contextual-sidebar__brexit-text:focus,.gem
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\benefits[1].htm
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):39995
                                                        Entropy (8bit):5.011937800153046
                                                        Encrypted:false
                                                        SSDEEP:384:xZN1xhbXauxV2P1ea0mhDbFHnGpBh6d5Q+SGH2B6V2pUWzr1tDgdVvPvId6D81z/:HDbTVtaI7uK5r1tAOAP1Oqt+WGd
                                                        MD5:066DBBCFA316B73157BEF346C0C75B57
                                                        SHA1:6136A3EBE590E808DE43BCC15A7FBBE75E26C3BD
                                                        SHA-256:5BBC385A593F25A09FB78C27FD45B7433A633D5CB4C3EF50676F1D5EED2405F4
                                                        SHA-512:7FE43AEE2C7D14BF04B7D08C2380FD6C8FAC495497DCA7214FA14F1397DC6A9D7BCA9D0EE2D5B3A7F7FC99B4752490D0C74BC9CC13226FE11B973CCAB96EAEF2
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/browse/benefits
                                                        Preview: <!DOCTYPE html>. [if lt IE 9]><html class="lte-ie8" lang="en"><![endif]--> [if gt IE 8]> ><html lang="en">. <![endif]-->. <head>.<meta http-equiv="Content-Type" content="text/html; charset=utf-8">.<meta name="Cookieless-Variant" content="B" data-module="track-variant">.<meta name="govuk:ab-test" content="CookielessAATest:B" data-analytics-dimension="49" data-allowed-variants="A,B,Z">.<meta name="govuk:content-id" content="f141fa95-0d79-4aed-8429-ed223a8f106a">.<meta name="govuk:schema-name" content="mainstream_browse_page">.<meta name="govuk:publishing-application" content="collections-publisher">.<meta name="govuk:format" content="mainstream_browse_page">.<meta name="govuk:navigation-page-type" content="First Level Browse">.<meta name="description" content="Includes eligibility, appeals, tax credits and Universal Credit">.<meta name="csrf-token" content="3XMMl6JFpsCSQnGcvbmpODjgN6rpTiMctDQGzQWJKfgjlDnK+dWe0JEPR7TcE95DoumBxsWy4CS/n0nXTReZpA==">.<meta name="csrf-param" cont
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\bold-affa96571d-v2-5a2a925237869837d1afdd0a70ffded0717296d2d25885865d19c0da7f3ece5d[1].woff
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:Web Open Font Format, TrueType, length 40816, version 1.0
                                                        Category:downloaded
                                                        Size (bytes):40816
                                                        Entropy (8bit):7.987002925295704
                                                        Encrypted:false
                                                        SSDEEP:768:8oLaHYRjQaPgHAKWMAsfjDBOaxhPB4ozsJoDyuZNcDntXo5kiU:8P0SASfjoAG6DyuZNQntX2U
                                                        MD5:AFFA96571D94A9AB7D95B0850B26EDDE
                                                        SHA1:1117D82D9030E93F62E8C70B525097C1B1801138
                                                        SHA-256:5A2A925237869837D1AFDD0A70FFDED0717296D2D25885865D19C0DA7F3ECE5D
                                                        SHA-512:CC43082269124A7B8B78371F3F57BAFB9F8AB4B7861B8BF40605D8A0B40C66663A09B796AB9231E4FFFF6760C3BA53F15CB28F13BACFCAE99AC8A1AB943DF552
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/collections/bold-affa96571d-v2-5a2a925237869837d1afdd0a70ffded0717296d2d25885865d19c0da7f3ece5d.woff
                                                        Preview: wOFF.......p......:................n........DSIG...|............GPOS..........-.d..GSUB...........P5...LTSH............4...OS/2.......Y...`.@Qqcmap..%....\...L...qgasp................glyf..-...I....D`+9Ghdmx...|...T..R...q|head.......6...6....hhea.......!...$....hmtx...X..........7loca..*4........H.i.maxp........... ...,name..w........n....post..y.........a...prep..*,........h............;.._.<...................J....................x.c`d``......W..y..p.a.. ...........x.c`d``|.x...!............6..5.x.c`a.g......:....Q.B3_d..t.........X.00..`X.....F.....~....{...}.S.PX.$..:.H)0p...9.....x..]H.Q.....Tb.6....&6Dj.....c...DdD..$".Q.>.E....B.1"*.....B.D....../"0.."$..M....k..}.{>..9.s...L...|........"..PV/I...l.DY.Q..h...Q6s..._.Vo..ac..U........,.jy..Z...R..0..9...3......z...C.6.N!&.#..PE..@V..9.O..g...2.n...;G...[t..:.wFmA..k+...r.q... ..!.mn...c\.9..`s.i.....!.{.Pc...Y..{...\.^_.../.s..5..A.W..s.{.nr......W.w\.V+/.f...n#.5X.zl...o.../N.^..u.6...M...uT..?.:.R.7Tug.0M.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\childcare-parenting[1].htm
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):38901
                                                        Entropy (8bit):5.002050308046177
                                                        Encrypted:false
                                                        SSDEEP:384:x7hN1xhbXauRV2P1ea0mhDbUNiok0arDYpUWzr1lDghhvPvid6D8U26WFP0iCdOz:NhDbLVtaSicr1lcMA31Oqt+WGd
                                                        MD5:D5162DFB2A0B348A3F096CFCB1FA60EB
                                                        SHA1:439FCD7B370C42730E149619550AAD4AB2C75934
                                                        SHA-256:7F6C6B4DE29129E044F3AC514DDB5D714696051F7C6EA1390C5B92A366884E67
                                                        SHA-512:FB086DFA92490CF1D8A871C20D6A923E2A1344C15B8608E83B2EDBE15D59BFD259C6EC0605C5DAEF8D09EF52F639F35CB885AB81908C9D04454CD72C8D8A17FC
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/browse/childcare-parenting
                                                        Preview: <!DOCTYPE html>. [if lt IE 9]><html class="lte-ie8" lang="en"><![endif]--> [if gt IE 8]> ><html lang="en">. <![endif]-->. <head>.<meta http-equiv="Content-Type" content="text/html; charset=utf-8">.<meta name="Cookieless-Variant" content="B" data-module="track-variant">.<meta name="govuk:ab-test" content="CookielessAATest:B" data-analytics-dimension="49" data-allowed-variants="A,B,Z">.<meta name="govuk:content-id" content="451c8029-6fe3-41cf-80e8-717debd317bd">.<meta name="govuk:schema-name" content="mainstream_browse_page">.<meta name="govuk:publishing-application" content="collections-publisher">.<meta name="govuk:format" content="mainstream_browse_page">.<meta name="govuk:navigation-page-type" content="First Level Browse">.<meta name="description" content="Includes giving birth, fostering, adopting, benefits for children, childcare and schools">.<meta name="csrf-token" content="7QPWeYMEBkCC5AhGLVZeynvfja0CrFUnXz3LWSagD473xsqV4nNp/AaeJfDQcUE5ci/KMhvNskzDQZ8B4QalLA==">.<me
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\collect[1].gif
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:GIF image data, version 89a, 1 x 1
                                                        Category:dropped
                                                        Size (bytes):35
                                                        Entropy (8bit):2.9889227488523016
                                                        Encrypted:false
                                                        SSDEEP:3:CUdrllHh/:HJ/
                                                        MD5:28D6814F309EA289F847C69CF91194C6
                                                        SHA1:0F4E929DD5BB2564F7AB9C76338E04E292A42ACE
                                                        SHA-256:8337212354871836E6763A41E615916C89BAC5B3F1F0ADF60BA43C7C806E1015
                                                        SHA-512:1D68B92E8D822FE82DC7563EDD7B37F3418A02A89F1A9F0454CCA664C2FC2565235E0D85540FF9BE0B20175BE3F5B7B4EAE1175067465D5CCA13486AAB4C582C
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: GIF89a.............,...........D..;
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\core-layout-print-c5e97d0ed0feb1d1fc703ef0ed5201026330ec091e02c33fb1db277df068ede5[1].css
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):2609
                                                        Entropy (8bit):5.047678511382118
                                                        Encrypted:false
                                                        SSDEEP:48:TZEeGDu4keGD7eGDAeGDneGDEnK1eGDiCcqL7/:O+5Lw3UnK1SCV7/
                                                        MD5:A18BBA06EC0FE19AE0B70FB79743B106
                                                        SHA1:B3AD6C3106320F6B3BCC8A8A18B087C8EF6F19BE
                                                        SHA-256:C5E97D0ED0FEB1D1FC703EF0ED5201026330EC091E02C33FB1DB277DF068EDE5
                                                        SHA-512:42156AC7B0EE6C2CA9ED06AF05B0644C5FB4E9C798DC0CB2F5ED96ECCCAC210CFCB01A4FFAF73E20870A3D937F5A952710D4047D04950F573360D2D4E2D4E44F
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/core-layout-print-c5e97d0ed0feb1d1fc703ef0ed5201026330ec091e02c33fb1db277df068ede5.css
                                                        Preview: a{text-decoration:none}a[href^="/"]:after{content:" (https://www.gov.uk" attr(href) ")"}h1,h2,h3,h4,h5,h6{font-weight:bold}h2,h3,h4,p,ul{orphans:3;widows:3}h2,h3,h4{page-break-after:avoid}h2{font-family:"nta",arial,sans-serif;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;font-weight:700;font-size:16px;line-height:1.25;padding-top:7pt}@media print{h2{font-family:sans-serif}}@media (min-width: 40.0625em){h2{font-size:19px;line-height:1.3157894737}}@media print{h2{font-size:14pt;line-height:1.15}}h3{font-family:"nta",arial,sans-serif;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;font-weight:700;font-size:14px;line-height:1.1428571429}@media print{h3{font-family:sans-serif}}@media (min-width: 40.0625em){h3{font-size:16px;line-height:1.25}}@media print{h3{font-size:14pt;line-height:1.2}}h4{font-family:"nta",arial,sans-serif;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;font-weight:700;font-size:12px;line-height:1.25}@media
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\coronavirus[1].htm
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):110977
                                                        Entropy (8bit):5.100812393586688
                                                        Encrypted:false
                                                        SSDEEP:3072:w7Vh7zIUlbnwSJr1nkTX3t+PYh2DF5XeMdja:Yh7zIUtnwSJr1nkTX3trh0F5XeMZa
                                                        MD5:C854FBF38B03A4B79734ED0F26929F72
                                                        SHA1:1A9E126F53A3D6F5A14847B9C69A9EB8D4AA4D24
                                                        SHA-256:E194DDECD3A515749039868F1111EEA51D5E17385E9308187DE641A7D3A69C0B
                                                        SHA-512:A746FA9811F8D931D6490EB00A7A6EA5F257F6DC672E8C02A80E69527E0F503676B077268D8D7EEF38256E02820D796BA0BEF4F527EB169B54FCB8348C27F79C
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/coronavirus
                                                        Preview: <!DOCTYPE html>. [if lt IE 9]><html class="lte-ie8" lang="en"><![endif]--> [if gt IE 8]> ><html lang="en">. <![endif]-->. <head>.<meta http-equiv="Content-Type" content="text/html; charset=utf-8">.<meta property="og:image" content="https://www.gov.uk/assets/collections/stay-at-home-social-share-b88ff9b9ed377a3204bd07cfc8386d62db732601cbcc3ddba4e77579f66f15ae.png">.<meta property="og:description" content="Find information on coronavirus, including guidance, support, announcements and statistics.">.<meta property="og:title" content="Coronavirus (COVID-19): guidance and support">.<meta property="og:url" content="https://www.gov.uk/coronavirus">.<meta property="og:site_name" content="GOV.UK">.<meta property="og:type" content="website">.<meta name="Cookieless-Variant" content="B" data-module="track-variant">.<meta name="govuk:ab-test" content="CookielessAATest:B" data-analytics-dimension="49" data-allowed-variants="A,B,Z">.<meta name="govuk:taxon-slugs" content="rules-and-restr
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\de7abc5226925203ac10b0a4a94af949[1].ico
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:MS Windows icon resource - 3 icons, 16x16, 4 bits/pixel, 32x32, 8 bits/pixel
                                                        Category:downloaded
                                                        Size (bytes):6318
                                                        Entropy (8bit):4.49536052182057
                                                        Encrypted:false
                                                        SSDEEP:96:6tUKcKhaoOtBRQmk8Fis8KeebftkojFxzDwYk:6tU5Khot0Jps84d
                                                        MD5:DE7ABC5226925203AC10B0A4A94AF949
                                                        SHA1:F56CDBB947DAE5EF70F410639C06C034BC2DB511
                                                        SHA-256:6921A31B023A41929073393BDAD00077436C3835994079BCD2E437261875B2FC
                                                        SHA-512:AB7701CEE73A0BFACDCC12FC3F9FADFFF19489AF98737A1A772A90BE2D6BBF2F07BA9BB6F5A4CE7B4A52BEE91C4962829A7350246E59BEB4C9A59CB58A223C8D
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://test-for-coronavirus.service.gov.uk/de7abc5226925203ac10b0a4a94af949.ico
                                                        Preview: ..............(...6... ..........^...00..............(....... ...................................................................tsv.feh.XWZ.JIL.<;?..-1. .#...........................DDDB....Aa..:.."4uFB$..)&b8C..._...O............|....EsFrK............o...........................................................................................(... ...@...................................................................................................................................................................................................................................................................................................................................................................................................................................................................{zz.zyy.xww.www.vuu.sss.srr.rrr.rqq.onn.nmm.mll.kkk.jii.hhh.hgg.gff.fff.fee.dcc.baa.a``.`__.___.]]].]\\.[ZZ.XWW.WVV.VUU.UTT.RQQ.POO.PNN.ONN.NNN.LLL.KKK.KJJ.JJJ.IHH.GFF.FEE.EEE.EDD.DDD.DCC.CB
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\favicon-8d811b8c3badbc0b0e2f6e25d3660a96cc0cca7993e6f32e98785f205fc40907[1].ico
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:MS Windows icon resource - 2 icons, 16x16, 16 colors, 4 bits/pixel, 32x32, 32 bits/pixel
                                                        Category:dropped
                                                        Size (bytes):4598
                                                        Entropy (8bit):4.801306796439084
                                                        Encrypted:false
                                                        SSDEEP:48:WiV1T4pNHrnFjhgUzjE8Sp3DNn6dV6n6YnVkX5Yv5GXtAFcf4Y8+sKumaRxB8x4:HyNHzF1gUzQ88pn8I/n45YxUptaqK
                                                        MD5:F76D9BE9FD953A7D98B393747B7B1457
                                                        SHA1:64CBF9D9A7828AADCFC3409D11F344B4DB0E1D45
                                                        SHA-256:8D811B8C3BADBC0B0E2F6E25D3660A96CC0CCA7993E6F32E98785F205FC40907
                                                        SHA-512:14B9A5E75C1769EA13A46707F3D7231D9FD1F8B1756E8F087B2351587DA0B3F83F9A945E533299C81CF8966D34AA42A09AA49B1C1ED385A2C9EB8857C858C2F6
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: ..............(...&... .... .....N...(....... ................................-1. .#.....tsv.....feh.XWZ.....JIL.........................<;?...............................!..<.tGN...........{..;...F..4....a....1.#..J.21.m........*.......q...........................................................................................(... ...@..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\light-f591b13f7d-v2-091aa3008e57dfeea899e33243c1d4ea95bab658f1cc2191679193bcbfac0b7b[1].woff
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:Web Open Font Format, TrueType, length 43425, version 1.2
                                                        Category:downloaded
                                                        Size (bytes):43425
                                                        Entropy (8bit):7.989601336086822
                                                        Encrypted:false
                                                        SSDEEP:768:VdmGpPErEPKbpDyqLm0FmW4xKpnLlmsr4jHPuwuVgpiU:VdmGpPE+MNi0FmW4xscNjv3uVdU
                                                        MD5:F591B13F7DAAD512CF0DFA0DDCB2960E
                                                        SHA1:3DDAA91B2256C7AAB9786D3E2B4C97ABEDC91930
                                                        SHA-256:091AA3008E57DFEEA899E33243C1D4EA95BAB658F1CC2191679193BCBFAC0B7B
                                                        SHA-512:F284851390E80E6429A15D0C40E0D008642027BDDFBC1F2C5E585FC281228669A5D470206BEC34280DD8F7C4770D705D5BC40F7B140CA6107DCD19FA3ACEC4A0
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/collections/light-f591b13f7d-v2-091aa3008e57dfeea899e33243c1d4ea95bab658f1cc2191679193bcbfac0b7b.woff
                                                        Preview: wOFF..............N................o........DSIG................GPOS......#...D....GSUB...........P5...LTSH.............[fiOS/2.......X...`..M.cmap..%....U...F....gasp................glyf......H.....$@.hdmx.......k..R.O...head.......6...6...thhea.......!...$.".Whmtx...T............loca..*L..........8.maxp........... ...<name..v........n... post..x.........`Y.hprep..*D........h............S^T_.<...................J....................x.c`d``......W....59.0.E...{..u.....x.c`d``|.x................8..E.x.c`a)c.a`e`a..j...(.../2.b..........,.....0,.f..G#.o.....,.{..c``........1.c..........x.._h.W....._..F..(...D.Z...]).PD..)U$.]p%D%+Y."Q|......#..2PJ.Q...DB(](..c..}..@D..)8.....~F.}3......{......./..<.d.C..%.D.(.<9..].7PR..#h3B..tp...<.Z.p.*...s.K......r..d..9.dx..S..1eJHq.....A\.......>$..c...1..u.C..^H.\..s.s./io.k.U.z.1./.9vS/..<......t.{8..".T.;.Cr.C..Z.8csO...L.....:...G....Fx..Y.........`-..Y..{K.-...'{I....<]b.?WAl.....c0.5..6.\..y..V.A<}..V.Xml..M#VG.....,..
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\print-201d42d936c6b04f842cfb5c884991d16baeccdfe7cc9724bcb0b1b63229e154[1].css
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):6755
                                                        Entropy (8bit):5.096721790641607
                                                        Encrypted:false
                                                        SSDEEP:192:XrRTbxDIx+L3DOOxK/f2LHythScH8VAcGHO1dfSdfYdfBdfh6rw4uQ5W406D+HZP:bFdd3sc
                                                        MD5:58669A0154372E576115CA861B5E473B
                                                        SHA1:D7B0C00D6CDE0AF7B67EB645FBAC01B7FD2D5107
                                                        SHA-256:201D42D936C6B04F842CFB5C884991D16BAECCDFE7CC9724BCB0B1B63229E154
                                                        SHA-512:680268CE8C4797F64C31928B920CCE235F3550B1B8F517D927411882994B6BD1FF8B156CDD0923C0D9529842657F00780E33D0714A84F8C2EBB3036840DC1D71
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/frontend/print-201d42d936c6b04f842cfb5c884991d16baeccdfe7cc9724bcb0b1b63229e154.css
                                                        Preview: .gem-c-back-link{display:none}.gem-c-button{font-family:"GDS Transport",arial,sans-serif;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;font-weight:400;font-size:12px;font-size:.75rem;line-height:1.25;display:inline-block;padding:5px;border:solid 1px #0b0c0c;color:#0b0c0c;text-decoration:none}/*! Copyright (c) 2011 by Margaret Calvert & Henrik Kubel. All rights reserved. The font has been customised for exclusive use on gov.uk. This cut is not commercially available. */@font-face{font-family:"GDS Transport";font-style:normal;font-weight:normal;src:url(/assets/frontend/light-94a07e06a1-v2-eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0.woff2) format("woff2"),url(/assets/frontend/light-f591b13f7d-v2-091aa3008e57dfeea899e33243c1d4ea95bab658f1cc2191679193bcbfac0b7b.woff) format("woff");font-display:fallback}@font-face{font-family:"GDS Transport";font-style:normal;font-weight:bold;src:url(/assets/frontend/bold-b542beb274-v2-06eba01b1af0f4014b484c711771
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\take-action-green-201c5dfb37cd72eb3603b1afe36c913fecfda46ecb6221f1ed8c59708bc103e0[1].svg
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:SVG Scalable Vector Graphics image
                                                        Category:downloaded
                                                        Size (bytes):233
                                                        Entropy (8bit):5.076016068277426
                                                        Encrypted:false
                                                        SSDEEP:6:tnrqsWwumc4slWQ1SBKntXIdkucCkAHw6+n:trqsWwubSIt4pkAHFw
                                                        MD5:272A055BE693E6B09B99C6C73D0B32B3
                                                        SHA1:881D0CCBA6A6B4BE1D8E338DB140FF798EEF0073
                                                        SHA-256:201C5DFB37CD72EB3603B1AFE36C913FECFDA46ECB6221F1ED8C59708BC103E0
                                                        SHA-512:618B9EA66A71A49C5C1D7B6278E7D68E064A6F05043A4DECC7C971E484B338EBB60FFD30D4020EECCA0F32E188397DC7739A34C790570EDD93A161FC22699EB5
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/collections/take-action-green-201c5dfb37cd72eb3603b1afe36c913fecfda46ecb6221f1ed8c59708bc103e0.svg
                                                        Preview: <svg width="35" height="35" viewBox="0 0 35 35" fill="none" xmlns="http://www.w3.org/2000/svg">.<circle cx="17.5" cy="17.5" r="17.5" fill="#0EBA72"/>.<path d="M28.5 10L13.6739 24L6.5 17.2258" stroke="white" stroke-width="3"/>.</svg>.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\v1-2c037cf7e1-light-1a1bd902f82aaab4185bc1995206ccdead57a5b0adc91ff8403468fe7047c1b4[1].eot
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:Embedded OpenType (EOT), NTA family
                                                        Category:downloaded
                                                        Size (bytes):91936
                                                        Entropy (8bit):7.974799362035419
                                                        Encrypted:false
                                                        SSDEEP:1536:lkXXOCVn2+jcfbA0Fzrf2Nh0PTh2W7jSiTlU1V+TFusvjW1Jd4wVi0bQVk1uI:ajcDrFzrfu092WfSv+kEj+JWxVo9
                                                        MD5:2C037CF7E1D0990C066AADEDF9CCAC76
                                                        SHA1:68880D19B20AE5A949A5196014F09909EA6073A4
                                                        SHA-256:1A1BD902F82AAAB4185BC1995206CCDEAD57A5B0ADC91FF8403468FE7047C1B4
                                                        SHA-512:E6DDE050DB7E6B5875F812EA648DEA0B9BD19B3F1E52E30200AEBEACC27BFAB06FC6C2311908869148C65BD5AFC3D8C2FC91BF5DC32987CD78B30DF716678F1C
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/fonts/v1-2c037cf7e1-light-1a1bd902f82aaab4185bc1995206ccdead57a5b0adc91ff8403468fe7047c1b4.eot?
                                                        Preview: g..hf............................LP....[ .P........... ...@.h.O....................N.T.A.......L.i.g.h.t.......V.e.r.s.i.o.n. .1...0.0.2.....N.T.A. .L.i.g.h.t.....BSGP...................D.[..^C.[.....c.g.i9..C.L..y.)@w........1...{h.l..2$?^*Ve....r .f....,....V..Z..j...[=A9GSp...@.....z....O.*+.e...{ITg......."./m..fz.3,..F...XI.7.....y.I...@6k.#|..[.QG...SQ..<n...X.....u:..rJ%.....#B....fa.~..j..o.A.W.)Q. ........4...~..[ ..V....5.w......3..U.S.KR......Zc..L.73K>.4.OX.}....*c`S.`.&V`.'..M..hC......-&..l...U.]...$B;..;>....&h........@....@.HC..#.Nc...ez....~C..e.d.X.EjY.C..8.xC.2h.....!.].c. .>.8,;%X...,..9 ..,...;.b 76'.D...L....EE..@..P.-.n..0R^...V.L.E..U.=...b.-..x.J....R.%.0."..#.....r....@1...1....'.k.C.....k:4.lsIL....F}k.lS.qR.(....Q.:.~.)Fs.*....~6...6..'W.\....(............ .!x..h...f...7%.%(...u.p3.P+.i..~)|..F....O..G..=.0.B..D.<HY.....jx..).z.8..V.|&.j#.4.....I.......NYKO..BOTp...9*r.2...h.....p....Q.....DDPF.+....).......A.....U.'..
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\v1-fb2676462a-bold-a49a59a7c9fc3873b9b864f9185ba79d7848db4b4e0f248ce87a819ee48fff93[1].eot
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:Embedded OpenType (EOT), NTA family
                                                        Category:downloaded
                                                        Size (bytes):72382
                                                        Entropy (8bit):7.975227647984602
                                                        Encrypted:false
                                                        SSDEEP:1536:6eHQxyrGY5M0fLezw8BsXkCiGLs3BBTfwewKAnsu:7QxyyYqVCiG43BlfwewKAnsu
                                                        MD5:FB2676462AF7535AE6B867CE7279CD52
                                                        SHA1:BF93BD778644E77A87E42D9688EF104FD690A223
                                                        SHA-256:A49A59A7C9FC3873B9B864F9185BA79D7848DB4B4E0F248CE87A819EE48FFF93
                                                        SHA-512:937CA3F18EFB57E64BD6422BD3B1814D26D0D7E7FEF04E1E8746D2C06113CB77B251777BBB21BCC3C42BAFFF70299C7AC319945A318C8C28B3B86B822BB60D9A
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/fonts/v1-fb2676462a-bold-a49a59a7c9fc3873b9b864f9185ba79d7848db4b4e0f248ce87a819ee48fff93.eot?
                                                        Preview: ..................................LP....[ .P........... ...@........................N.T.A.......B.o.l.d.......V.e.r.s.i.o.n. .1...0.0.0.....N.T.A. .B.o.l.d.....BSGP..................6(.S..V..PB....c.g.i9..C.L..OH)@w...Hwx^d...i...u...2....Ve...z!k.f....D...Wa4.q.."..#..%^n.6..n.1.}..b$..............lGz\<...u.......A.^...i....).H........'.l..R..2...t..k0.4P3....y....p.........4.....$G....... .4M./zX....z.=..F..d^Cs~.IA.*PX......V..3'.PB!1S...V.......V.~l0.J.:;.......q.y|..N*...L..@O...N.......,..O5tV..ZN-F..d.t..:.I.6iF.X..aC...J3[7...D.RHP.h...F..E...$.?.l-$..~...=...u...(b.....]..#....#B......"w..J~...U...Y..F..<W*S..Y...!t.t.HsV."r....v.8.(.9.....@........6*.#...jB.0.L....0.-`T.N...15M.M.~B..:...E.DEPF....+:HI.....E...hc.O3M.(.............e.^...Gx!.{..(2.Ki.....d.O......5...e....Aj8|..PDe.X.....FG.....,`..?.{#..A..`..y.g...J...Tn..j........36.9!0..l....s..r.....1.q=.A=...+..V..[..k...dd...[..'0..m.0.]~.^..0.*w...e.!1.V..A....?X&.a$/Q....K...
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\XL83A0L9.htm
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, ASCII text, with very long lines, with no line terminators
                                                        Category:downloaded
                                                        Size (bytes):931
                                                        Entropy (8bit):5.028251875627646
                                                        Encrypted:false
                                                        SSDEEP:24:hO1kOZX1CvokoRFo9om0lpFRGku5T7AYAVLsVI:aX1wokoRFo9onRRGkGTEY+
                                                        MD5:B18CA7605FC6D8FB34290D987D84525F
                                                        SHA1:0A7CBC1AEFBD79628AE54BB58018677B722E9DBD
                                                        SHA-256:061CBC573BC2572D02561F07B54F99F2852BC3F371128D30047CA9B7F9B2C5D5
                                                        SHA-512:90097C9B1497058692F7FA8D81FC8D916D836C86591E3DEBE1FDEFF6099729FBC33DBBFF191A1DBD0CAC31CAEAA6004FCC56A8B9FD91A3B9AF20C2977157F2CB
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://test-for-coronavirus.service.gov.uk/
                                                        Preview: <!DOCTYPE html><html lang="en" class="govuk-template"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><title>Book a drive-through test</title><link href="/css/barcode-scanner.d6f80d93.css" rel="prefetch"><link href="/css/tracking-reference-scanner.0154b2ba.css" rel="prefetch"><link href="/js/barcode-scanner.5874a103.js" rel="prefetch"><link href="/js/tracking-reference-scanner.21153941.js" rel="prefetch"><link href="/css/app.b210efc9.css" rel="preload" as="style"><link href="/js/app.f6cc719e.js" rel="preload" as="script"><link href="/js/chunk-vendors.33f4ad10.js" rel="preload" as="script"><link href="/css/app.b210efc9.css" rel="stylesheet"></head><body class="govuk-template__body js-enabled"><div id="app"></div><script src="/js/chunk-vendors.33f4ad10.js"></script><script src="/js/app.f6cc719e.js"></script></body></html>
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\action-link-arrow--dark-369062711cc40dfad1a70748d783b77cb2a3a7c410e2a8aaf361b21003a685dc[1].svg
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:SVG Scalable Vector Graphics image
                                                        Category:downloaded
                                                        Size (bytes):487
                                                        Entropy (8bit):5.022606011861398
                                                        Encrypted:false
                                                        SSDEEP:12:trNb7u0bcviufM65wmmZnrGULv6cJvgTmZbEufM65jR7oG6S5oGUAD:txb7uqcvikMMwprGKRfEkMMxBvBUAD
                                                        MD5:3D614BCAFFF49B2EF005A2F382590F74
                                                        SHA1:B0CF6893EB6E48F7A25D674D9D73250FFB9C6957
                                                        SHA-256:369062711CC40DFAD1A70748D783B77CB2A3A7C410E2A8AAF361B21003A685DC
                                                        SHA-512:20C4AF40277B86C8CBF1F2FDA803FDA1C615EABA6C8C64125049FE94AB6C5A74D158C86D05F8C6C5194E9C1A1D8D5DF72FA34FF7F8A2ABA66EB5C639CD0A86B8
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/collections/govuk_publishing_components/action-link-arrow--dark-369062711cc40dfad1a70748d783b77cb2a3a7c410e2a8aaf361b21003a685dc.svg
                                                        Preview: <svg width="23" height="23" viewBox="0 0 23 23" fill="none" xmlns="http://www.w3.org/2000/svg">. <circle cx="11.5" cy="11.5" r="11.5" fill="#272828"/>. <path fill-rule="evenodd" clip-rule="evenodd" d="M14.9429 11.7949L10.4402 7.29222L11.7327 5.99967L17.528 11.7949L11.7327 17.5902L10.4402 16.2976L14.9429 11.7949Z" fill="#fff500"/>. <path fill-rule="evenodd" clip-rule="evenodd" d="M3.95631 10.881L15.4414 10.881L15.4414 12.709L3.95631 12.709L3.95631 10.881Z" fill="#fff500"/>.</svg>.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\action-link-arrow--simple-light-404cfd5992e74d48ac785545369ce0368ef54590a692afa37b1b50035b13a0e8[1].svg
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:SVG Scalable Vector Graphics image
                                                        Category:downloaded
                                                        Size (bytes):431
                                                        Entropy (8bit):5.0247503550683925
                                                        Encrypted:false
                                                        SSDEEP:12:trNb7uvfM65wmmZnrGULv6cJvgTmZb8uufM65jR7oG6S5oGUA89:txb7uHMMwprGKRf8ukMMxBvBUA89
                                                        MD5:96A1454B060490A6AA15B94F34996860
                                                        SHA1:6381D73A3FBBA8A8E85AB540F040C916DBDD8911
                                                        SHA-256:404CFD5992E74D48AC785545369CE0368EF54590A692AFA37B1B50035B13A0E8
                                                        SHA-512:161C3D8712B85DEA2A63BB01051AD53A6A311460ED40E3B115092C86A8BD470F6978CCF5AD6772142F9784E322B75A670209DB29A26A0D186EC1978B2561E098
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/govuk_publishing_components/action-link-arrow--simple-light-404cfd5992e74d48ac785545369ce0368ef54590a692afa37b1b50035b13a0e8.svg
                                                        Preview: <svg width="23" height="23" viewBox="0 0 23 23" fill="none" xmlns="http://www.w3.org/2000/svg">. <path fill-rule="evenodd" clip-rule="evenodd" d="M14.9429 11.7949L10.4402 7.29222L11.7327 5.99967L17.528 11.7949L11.7327 17.5902L10.4402 16.2976L14.9429 11.7949Z" fill="#ffffff"/>. <path fill-rule="evenodd" clip-rule="evenodd" d="M3.95631 10.881L15.4414 10.881L15.4414 12.709L3.95631 12.709L3.95631 10.881Z" fill="#ffffff"/>.</svg>.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\action-link-arrow--transparent-bec06cc283979226b8f511bb8ab9f76acba7ef2496cfd75f9feeecc7dc33cdb3[1].svg
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:SVG Scalable Vector Graphics image
                                                        Category:downloaded
                                                        Size (bytes):333
                                                        Entropy (8bit):4.6896013337911375
                                                        Encrypted:false
                                                        SSDEEP:6:tnrWnnumc4slm+BM9+w1WhvkQckncQoQ1LruqFVUZRhFVHTM7d:trOnuIaM9+7hvkQckz1L6qFSTFi7d
                                                        MD5:34C748A52B1DFF4FBFE603FE240B9BD1
                                                        SHA1:F8FE2F2BB9E52C74C13C4546D107ADC048A56A28
                                                        SHA-256:BEC06CC283979226B8F511BB8AB9F76ACBA7EF2496CFD75F9FEEECC7DC33CDB3
                                                        SHA-512:3C230DF9257043B1802B226A90CEB090268F71006007BFB8F346C7A35028B6C6796B59A0F63B7A67EC1CBBD3B070D7795A3890D32BD51F879CB19320B1CCC819
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/collections/govuk_publishing_components/action-link-arrow--transparent-bec06cc283979226b8f511bb8ab9f76acba7ef2496cfd75f9feeecc7dc33cdb3.svg
                                                        Preview: <svg width="39" height="39" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M17.01 6.818l-2.828 2.828 7.853 7.854-22 .066L0 21.5h22.035l-7.853 7.854 2.828 2.828L29.69 19.5zM39 19.5C39 30.27 30.27 39 19.5 39 9.373 39 1.05 31.28.092 21.405A19.737 19.737 0 010 19.5C0 8.73 8.73 0 19.5 0S39 8.73 39 19.5z" fill="#fff500"/></svg>.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\application-52ff18f344c18eb902c183228cb909a4b6d12f8515ceec07260d629b04658a22[1].js
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):114969
                                                        Entropy (8bit):5.25518657546817
                                                        Encrypted:false
                                                        SSDEEP:1536:cPc4O1TViEJiKsNYG7Mg19UQsc8Jg1NeQw7xZsqF:cPMTVFaB7MubsVuFQxJ
                                                        MD5:3312D472A3DA491BD791F43A6545E482
                                                        SHA1:B8F789DE2645EB84C421E8274F5AE1BE87A4D9B6
                                                        SHA-256:52FF18F344C18EB902C183228CB909A4B6D12F8515CEEC07260D629B04658A22
                                                        SHA-512:8BFC745D4662D18783FB3602A6D2F8D7A0D81F84A5494B239EDFF8E39DDB65A2A4F78D2FDE80A06B4439BD237663E55C6BC9523E7EC9947CF0D3C823F85E5975
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/collections/application-52ff18f344c18eb902c183228cb909a4b6d12f8515ceec07260d629b04658a22.js
                                                        Preview: !function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e():"function"==typeof define&&define.amd?define("GOVUKFrontend",e):e()}(0,function(){"use strict";(function(){var a,c,l,u;"defineProperty"in Object&&function(){try{var t={};return Object.defineProperty(t,"test",{value:42}),!0}catch(e){return!1}}()||(a=Object.defineProperty,c=Object.prototype.hasOwnProperty("__defineGetter__"),l="Getters & setters cannot be defined on this javascript engine",u="A property cannot both have accessors and be writable or have a value",Object.defineProperty=function d(t,e,n){if(a&&(t===window||t===document||t===Element.prototype||t instanceof Element))return a(t,e,n);if(null===t||!(t instanceof Object||"object"==typeof t))throw new TypeError("Object.defineProperty called on non-object");if(!(n instanceof Object))throw new TypeError("Property description must be an object");var o=String(e),i="value"in n||"writable"in n,r="get"in n&&typeof n.get,s="set"in n&&typeof n.set;if(r){if("function"!=
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\births-deaths-marriages[1].htm
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):39041
                                                        Entropy (8bit):5.002713279067462
                                                        Encrypted:false
                                                        SSDEEP:384:xsN1xhbXauNV2P1ea0mhDb4p+vV9DgpUWzr1JDgZzvPvWd6D8LR6WFP0iCdOqtAv:CDbbVtaEr1J8SAr1Oqt+WGd
                                                        MD5:71AFABC8B92A5493BF56300332D4FC09
                                                        SHA1:0174F7FE41BBD4B6DE7F2E786F5ECAF829E1B92A
                                                        SHA-256:6838ABFF076C6A28A7D6F0768AF93E029B0DBF3EB18BDC829E830AA45DC60244
                                                        SHA-512:1E43E1AD6BE4F788F4949360DA3631F106F543490FA59CC5A82B566B68039A691D840D822A849D81917107E6C9022C67DC542292312D37C57DEE6924DEC64375
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/browse/births-deaths-marriages
                                                        Preview: <!DOCTYPE html>. [if lt IE 9]><html class="lte-ie8" lang="en"><![endif]--> [if gt IE 8]> ><html lang="en">. <![endif]-->. <head>.<meta http-equiv="Content-Type" content="text/html; charset=utf-8">.<meta name="Cookieless-Variant" content="B" data-module="track-variant">.<meta name="govuk:ab-test" content="CookielessAATest:B" data-analytics-dimension="49" data-allowed-variants="A,B,Z">.<meta name="govuk:content-id" content="f5fe5c9e-e5f1-4b76-9b07-a0af649c440c">.<meta name="govuk:schema-name" content="mainstream_browse_page">.<meta name="govuk:publishing-application" content="collections-publisher">.<meta name="govuk:format" content="mainstream_browse_page">.<meta name="govuk:navigation-page-type" content="First Level Browse">.<meta name="description" content="Parenting, civil partnerships, divorce and lasting power of attorney">.<meta name="csrf-token" content="TJ09dGBAEpYd0k8PE/Prvthor0wOWO8UWDupDZSnExijGb2jrNJOJRHJO2RUi+b04AYKucmmH4Y3X8z/chNHeA==">.<meta name="csrf-param"
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\bold-affa96571d-v2-5a2a925237869837d1afdd0a70ffded0717296d2d25885865d19c0da7f3ece5d[1].woff
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:Web Open Font Format, TrueType, length 40816, version 1.0
                                                        Category:downloaded
                                                        Size (bytes):40816
                                                        Entropy (8bit):7.987002925295704
                                                        Encrypted:false
                                                        SSDEEP:768:8oLaHYRjQaPgHAKWMAsfjDBOaxhPB4ozsJoDyuZNcDntXo5kiU:8P0SASfjoAG6DyuZNQntX2U
                                                        MD5:AFFA96571D94A9AB7D95B0850B26EDDE
                                                        SHA1:1117D82D9030E93F62E8C70B525097C1B1801138
                                                        SHA-256:5A2A925237869837D1AFDD0A70FFDED0717296D2D25885865D19C0DA7F3ECE5D
                                                        SHA-512:CC43082269124A7B8B78371F3F57BAFB9F8AB4B7861B8BF40605D8A0B40C66663A09B796AB9231E4FFFF6760C3BA53F15CB28F13BACFCAE99AC8A1AB943DF552
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/government-frontend/bold-affa96571d-v2-5a2a925237869837d1afdd0a70ffded0717296d2d25885865d19c0da7f3ece5d.woff
                                                        Preview: wOFF.......p......:................n........DSIG...|............GPOS..........-.d..GSUB...........P5...LTSH............4...OS/2.......Y...`.@Qqcmap..%....\...L...qgasp................glyf..-...I....D`+9Ghdmx...|...T..R...q|head.......6...6....hhea.......!...$....hmtx...X..........7loca..*4........H.i.maxp........... ...,name..w........n....post..y.........a...prep..*,........h............;.._.<...................J....................x.c`d``......W..y..p.a.. ...........x.c`d``|.x...!............6..5.x.c`a.g......:....Q.B3_d..t.........X.00..`X.....F.....~....{...}.S.PX.$..:.H)0p...9.....x..]H.Q.....Tb.6....&6Dj.....c...DdD..$".Q.>.E....B.1"*.....B.D....../"0.."$..M....k..}.{>..9.s...L...|........"..PV/I...l.DY.Q..h...Q6s..._.Vo..ac..U........,.jy..Z...R..0..9...3......z...C.6.N!&.#..PE..@V..9.O..g...2.n...;G...[t..:.wFmA..k+...r.q... ..!.mn...c\.9..`s.i.....!.{.Pc...Y..{...\.^_.../.s..5..A.W..s.{.nr......W.w\.V+/.f...n#.5X.zl...o.../N.^..u.6...M...uT..?.:.R.7Tug.0M.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\bold-affa96571d-v2.affa9657[1].woff
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:Web Open Font Format, TrueType, length 40816, version 1.0
                                                        Category:downloaded
                                                        Size (bytes):40816
                                                        Entropy (8bit):7.987002925295704
                                                        Encrypted:false
                                                        SSDEEP:768:8oLaHYRjQaPgHAKWMAsfjDBOaxhPB4ozsJoDyuZNcDntXo5kiU:8P0SASfjoAG6DyuZNQntX2U
                                                        MD5:AFFA96571D94A9AB7D95B0850B26EDDE
                                                        SHA1:1117D82D9030E93F62E8C70B525097C1B1801138
                                                        SHA-256:5A2A925237869837D1AFDD0A70FFDED0717296D2D25885865D19C0DA7F3ECE5D
                                                        SHA-512:CC43082269124A7B8B78371F3F57BAFB9F8AB4B7861B8BF40605D8A0B40C66663A09B796AB9231E4FFFF6760C3BA53F15CB28F13BACFCAE99AC8A1AB943DF552
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://test-for-coronavirus.service.gov.uk/fonts/bold-affa96571d-v2.affa9657.woff
                                                        Preview: wOFF.......p......:................n........DSIG...|............GPOS..........-.d..GSUB...........P5...LTSH............4...OS/2.......Y...`.@Qqcmap..%....\...L...qgasp................glyf..-...I....D`+9Ghdmx...|...T..R...q|head.......6...6....hhea.......!...$....hmtx...X..........7loca..*4........H.i.maxp........... ...,name..w........n....post..y.........a...prep..*,........h............;.._.<...................J....................x.c`d``......W..y..p.a.. ...........x.c`d``|.x...!............6..5.x.c`a.g......:....Q.B3_d..t.........X.00..`X.....F.....~....{...}.S.PX.$..:.H)0p...9.....x..]H.Q.....Tb.6....&6Dj.....c...DdD..$".Q.>.E....B.1"*.....B.D....../"0.."$..M....k..}.{>..9.s...L...|........"..PV/I...l.DY.Q..h...Q6s..._.Vo..ac..U........,.jy..Z...R..0..9...3......z...C.6.N!&.#..PE..@V..9.O..g...2.n...;G...[t..:.wFmA..k+...r.q... ..!.mn...c\.9..`s.i.....!.{.Pc...Y..{...\.^_.../.s..5..A.W..s.{.nr......W.w\.V+/.f...n#.5X.zl...o.../N.^..u.6...M...uT..?.:.R.7Tug.0M.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\cookie-details[1].htm
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):64825
                                                        Entropy (8bit):5.0715792070990515
                                                        Encrypted:false
                                                        SSDEEP:768:NDbhVtaeYwJXHiKr1X0GAf1Oqt+WGxV7NbL/se8+:NDbh1Vr1X0bf1Oqt+P9r
                                                        MD5:7695300BDF2ABF9F940CDF9695424A14
                                                        SHA1:436C4AC140209C4C03E76BDFF9289842335ECB08
                                                        SHA-256:9078FE80F510B33CAA865697341FFFEF8F75E9B1F03C17E80C906F48AD34D6FF
                                                        SHA-512:59C6C06854A968A463250F8874A83B2E9DDB3EA05CB7EF658362BFD22902491206068AF257A45785D4802AEB995A4402BDEEF32548FB154E3919561FAE72AB5F
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/help/cookie-details
                                                        Preview: <!DOCTYPE html>. [if lt IE 9]><html class="lte-ie8" lang="en"><![endif]--> [if gt IE 8]> ><html lang="en">. <![endif]-->. <head>.<meta http-equiv="Content-Type" content="text/html; charset=utf-8">.<meta property="og:description" content="GOV.UK uses cookies to collect anonymised information about how users browse the site">.<meta property="og:title" content="Details about cookies on GOV.UK">.<meta property="og:url" content="https://www.gov.uk/help/cookie-details">.<meta property="og:type" content="article">.<meta property="og:site_name" content="GOV.UK">.<meta name="robots" content="noindex">.<meta name="twitter:card" content="summary">.<meta name="Cookieless-Variant" content="B" data-module="track-variant">.<meta name="govuk:ab-test" content="CookielessAATest:B" data-analytics-dimension="49" data-allowed-variants="A,B,Z">.<meta name="description" content="GOV.UK uses cookies to collect anonymised information about how users browse the site">.<meta name="govuk:analytics:or
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01[1].css
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):3081
                                                        Entropy (8bit):5.226033681998451
                                                        Encrypted:false
                                                        SSDEEP:96:FtTGh4hzNHeLwiCB2tNH0jkmdNH+BYDdA7NHsVjr:DTGibHpi62/H0jkmPH+SDdA5HEr
                                                        MD5:1132E82A091D569EE31E7E45C3C7DB7F
                                                        SHA1:8CE67C469B3F45002ADD3592340568EB5EA1D06B
                                                        SHA-256:C57AB80A95F2B1764162611B3C98A4C098B356F8E30BAF1E50CD63EDEA464C01
                                                        SHA-512:24FD205E23E2A8A93892B55F7C9359C200130E33FCF91804F3D884C5F3ACBD86012FEDBC699183672701EBF03C4BC9A78E2ADFAA4276B990B5C615C47A8FD2BE
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/fonts-c57ab80a95f2b1764162611b3c98a4c098b356f8e30baf1e50cd63edea464c01.css
                                                        Preview: /*! Copyright (c) 2011 by Margaret Calvert & Henrik Kubel. All rights reserved. The font has been customised for exclusive use on gov.uk. This cut is not commercially available. */@font-face{font-family:'nta';src:url("https://www.gov.uk/assets/static/fonts/v1-2c037cf7e1-light-1a1bd902f82aaab4185bc1995206ccdead57a5b0adc91ff8403468fe7047c1b4.eot");src:url("https://www.gov.uk/assets/static/fonts/v1-2c037cf7e1-light-1a1bd902f82aaab4185bc1995206ccdead57a5b0adc91ff8403468fe7047c1b4.eot?#iefix") format("embedded-opentype"),url("https://www.gov.uk/assets/static/fonts/v1-f38ad40456-light-b98fe790388f58c950f2bed1ca8ad02fa168d6effa7aae7cb7fee81e51183f46.woff2") format("woff2"),url("https://www.gov.uk/assets/static/fonts/v1-458f8ea81c-light-048b93884a1b51d20f2a3140541d450cb6b82c6c2cf69128ea1d09fdd9699f30.woff") format("woff");font-weight:normal;font-style:normal;font-display:fallback}@font-face{font-family:'nta';src:url("https://www.gov.uk/assets/static/fonts/v1-fb2676462a-bold-a49a59a7c9fc3873b9b
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\govuk-crest-bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b[1].png
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:PNG image data, 125 x 102, 8-bit colormap, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):3584
                                                        Entropy (8bit):7.9024732991837725
                                                        Encrypted:false
                                                        SSDEEP:96:R/2H+EXSvh8hr/cLa0zSs7K1GCRkj2monjSP87Btiv/d+BmFOL:EHgh8azdO1GCiWjsYiHdpOL
                                                        MD5:BCD5768BD7721641EE71BA103BB38900
                                                        SHA1:42A8D445A3446DEE17CC6684EA055703E490BF5E
                                                        SHA-256:BB9E22AFF7881B895C2CEB41D9340804451C474B883F09FE1B4026E76456F44B
                                                        SHA-512:867D29EDEE10328D2B9E24BF3D8F2ABBEB7E8B7555A6AF17121A482E9627B57B9FB4F2AD67DE7E7D9EF2A1DFEA10A896661FB3A17E9A10FB00AC9AC20B8C1B3B
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/images/govuk-crest-bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b.png
                                                        Preview: .PNG........IHDR...}...f......OnO...3PLTEnwznwznwznwznwznwznwznwznwznwznwznwznwznwznwz...nwz).a.....tRNSP.p. .`@0.......j..K...lIDATx^..n.<.FU.......@..;Ny......c..Z..II...T ._...9LF._.aF......y.|c../...;.a.....lg......"JV..a.O....d...A...#..K.Js.h.-.P..w(&........K.o..........n..jO.x.../tvUw/.(.\C.wC<_._.....&.{..).@.....2.Yy......p.NF..?..T..*$..FQ..qcC......f..lYf..<ZM..6vk...}t..M.....K....QP.bK......~........4....{.[_3 )..|.>..U.;..{.aN..o..`q.=!.l7.w[..........%.VwH.Z.......r...j.....c....E7........q..w;7.I...,...R...6w.......D...=..)...j.9.....Y...;R3.3..{;.....lr6.3....k...s..6...k.....%......,."..=......!:....Y..!..Z.a....^.....'uG.k...e.Ip1#.E....I.A..nXd.QqB{.....=.4`\.....4.....8I?.;>.O...j+c..2....H..G..w.Z..J.dd../.'.`c..5.*..|.r$4.S..............<.....OXaXI..>(?.#"..Z.y.X.7.....K....-.l..:..........Y^Am.4w....2.P....<.(.D#...HY....E..o./.9.{Z..~|../$..._.7....#....AU.....5k+..-.b.?... ...8j. .!=..rnmR.>!8Q.-v.\.w.`.09.....s`....I.9
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\govuk-template-3e3f4a131aca72f9b2e458dfd318f65420aef6ada35539243aac38ebbbbcc64f[1].css
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):14658
                                                        Entropy (8bit):5.000891887418713
                                                        Encrypted:false
                                                        SSDEEP:192:hCYS9Q7ont+m6OXrT9pqrnVYHqHYW6RoYuYUYoYVzYLpFlYKYLWPH:hMQy7BaY9R4f9f
                                                        MD5:FE4B2968B96499B45E003CD31546BD5A
                                                        SHA1:DAC675C3E260D3420A4A55284AD21E5691F55D69
                                                        SHA-256:3E3F4A131ACA72F9B2E458DFD318F65420AEF6ADA35539243AAC38EBBBBCC64F
                                                        SHA-512:DBDACD526BFEFCDEA3BEE1CBCD160EBCADBB99F6ED73ABEE366EE03CB1149BD7080708F56C18F271B7C0D2A065CCBBD72923D69F970F4C58FD43813888565DAF
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/govuk-template-3e3f4a131aca72f9b2e458dfd318f65420aef6ada35539243aac38ebbbbcc64f.css
                                                        Preview: #global-header .header-wrapper:after,#global-header .header-wrapper .header-global:after,#global-header .header-wrapper .header-global .header-logo:after,#global-header .header-proposition #proposition-link:after,#global-header .header-proposition #proposition-links:after,#footer .footer-meta:after{content:"";display:block;clear:both}#global-header-bar,#global-cookie-message p,#footer .footer-wrapper{max-width:960px;margin:0 15px}@media (min-width: 641px){#global-header-bar,#global-cookie-message p,#footer .footer-wrapper{margin:0 30px}}@media (min-width: 1020px){#global-header-bar,#global-cookie-message p,#footer .footer-wrapper{margin:0 auto}}#global-header .header-wrapper:after,#global-header .header-wrapper .header-global:after,#global-header .header-wrapper .header-global .header-logo:after,#global-header .header-proposition #proposition-link:after,#global-header .header-proposition #proposition-links:after,#footer .footer-meta:after{content:"";display:block;clear:both}@-ms-viewpo
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\govuk-template-print-1076519521c2fffbbf75ab3b0d3b32ee2d96ac7e9778f1cdfac1771eefd1a1c0[1].css
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:ASCII text, with very long lines
                                                        Category:downloaded
                                                        Size (bytes):1070
                                                        Entropy (8bit):5.039718079600993
                                                        Encrypted:false
                                                        SSDEEP:12:e/TKVec+sKVZjNV0RACrP8QtUm2r23AoQno2pAdhJRTHTmEjfUEPpVM1dVgpzT/a:hVeceV6PRf2efMExcaFi
                                                        MD5:8A0295C5255E60C631E401124C89F0F7
                                                        SHA1:D4CC05AFB6A1F303A3C335145B7672E2CE2F3C38
                                                        SHA-256:1076519521C2FFFBBF75AB3B0D3B32EE2D96AC7E9778F1CDFAC1771EEFD1A1C0
                                                        SHA-512:D52A0BE1C3B662057EF08F0D49F0795FF50A169A7751244B6C0C6BDF66B1244708BD58F3AFFF2EC3E77B776DEF3AC75F88829D909C8D49EF229F84BEA3CF3F49
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/govuk-template-print-1076519521c2fffbbf75ab3b0d3b32ee2d96ac7e9778f1cdfac1771eefd1a1c0.css
                                                        Preview: html{font-size:62.5%}*{background:transparent;color:black;text-shadow:none;filter:none;-ms-filter:none}body{font-family:sans-serif;font-weight:400;text-transform:none;font-size:11pt;line-height:1.42857;margin:0;padding:0;width:100%}a,a:visited{word-wrap:break-word}a[href^="/"]:after,a[href^="http://"]:after,a[href^="https://"]:after{content:" (" attr(href) ")";font-size:90%}a[href^="javascript:"]:after,a[href^="#"]:after{content:""}img{max-width:100% !important}select{background:white}#global-header{margin:3px 0 1em}#global-header #logo{font-family:sans-serif;font-weight:700;text-transform:none;font-size:18pt;line-height:1.04167;font-size:28pt;text-rendering:optimizeLegibility}#global-header #logo img{width:45px;height:40px;position:relative;top:-3px;vertical-align:bottom}#global-header .content{margin:0 !important}#global-header a,#global-header a:visited{text-decoration:none}#global-header a:after{content:""}#global-header img{border:0;vertical-align:middle}body footer,.visuallyhidde
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\open-government-licence-c1aedc8257961b938b4c7a21a2b0db3f2716dd9ef782cea73110dc69107c9042[1].png
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:PNG image data, 41 x 17, 8-bit/color RGBA, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):761
                                                        Entropy (8bit):7.489364736228464
                                                        Encrypted:false
                                                        SSDEEP:12:6v/7xs/6Tl4S4wqlVZDHqmq374gomx3VmtypKI5yy36UnQ/iYMxQVYCWGuBNnwbA:os/6uEqDZrqL7jx8AQNfYuhcW+c8GQ
                                                        MD5:B506AE6B6AC1305CFBB6502E9E14D912
                                                        SHA1:402B5E6316000BDAD290ACA5F41258EAC40EAE1F
                                                        SHA-256:C1AEDC8257961B938B4C7A21A2B0DB3F2716DD9EF782CEA73110DC69107C9042
                                                        SHA-512:0CF9C64AE5A8DD0C1B94953FE905BEE2F591274157B42B4273AE3DB7BEA1C7C757D7A5E03C6EF701BE1A5A1334F82EA6833E3855B98D737C67A6A0384A3F61D8
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/static/images/open-government-licence-c1aedc8257961b938b4c7a21a2b0db3f2716dd9ef782cea73110dc69107c9042.png
                                                        Preview: .PNG........IHDR...).........@I.6....bKGD..............pHYs.................tIME.....3....a....IDATH..KhT1....+..PQ)S......B.`..h0.n.h7.t.J.".Zp%.{.a.u'.@.E....Q.(X..Z...Zm}1ua.\...=..'.....s..3!U............i.~,...M.{.P@W.=..F/...`.FH..l.F_.c2^.......8.|."..`..&...{......p.%.5.....6..@.n`.hv.~.A........+&.(0.....>..#.M...bJ..*.....4..............[...@%...Jb.......Y.g.|.!.....d...R.+...m.....^...:.._Rf., ...D.[l........@g..6k.j ..H.V.7.e0`..\oB8.....REn.|.Zd....wK..HM.=..k...V%p...'.5......i2....G.>`..\9!U..')..\2............"p9.+.|.R5{.S)...E..j......@.h.........N....qw..^..1.../n.(.R..#.+...)..7..J7...#...d..vw.w...^j....v..u0W..:.K`=..n..P...E-(n..B.^..{.T.)...c.....5z..'...N.{\.O...5..n.I!.@Lx....?.@.8}RM;....IEND.B`.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\search-button-ca89b2a79f944909ceb7370d3f0b78811d32b96e883348fcd8886f63dd619585[1].png
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:PNG image data, 105 x 70, 8-bit colormap, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):540
                                                        Entropy (8bit):7.083355343699964
                                                        Encrypted:false
                                                        SSDEEP:12:6v/7y0aJMBAq39gOt8qQwWuijk3glgHqr+natr4CTK2:vpMBAqrt8NwIo3glgKr+na1R
                                                        MD5:3FACD83F86A29947AD9E45C2F7A77924
                                                        SHA1:1BBE2499F71D809CCCE802FBC65B69657876AAB1
                                                        SHA-256:CA89B2A79F944909CEB7370D3F0B78811D32B96E883348FCD8886F63DD619585
                                                        SHA-512:AEA0416A3E2C39A634B12B5C749C4CF618D64BE1B5413FE6DF4291F62B981A5B3D46ADC5D3C44BF58F2E8DA2944DFBE07005B704C48D7A9157350E7672AEBA99
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/frontend/govuk_publishing_components/search-button-ca89b2a79f944909ceb7370d3f0b78811d32b96e883348fcd8886f63dd619585.png
                                                        Preview: .PNG........IHDR...i...F.......J....3PLTE...........................................................tRNS .P...0p`..@....W.e.....IDATx^.... ...Q..R...n..4.....\..~R.._..eI.Y....%-iI.(h)g.*e...........z.H..S.N.:..nt75A:..J."..s6.A....-RM.+.[kw>....R-@!b..!....T.r...L...%.T)..1.#%...".@.....E...R.5..&.J...dU")7. ...M......-..KN./.S.H.=.2.2...O.W...(..s8x^..*]..gJE..2......UB..l..'v.Q.,.!..^.@.......P......j..R.WK.(.>.DO.VI..(.#.:+.].oY$B.%{"C.......p..M.PS...v..!I.Hs(.+..~.$.@s$......%-iIKZ.~....n..+.....IEND.B`.
                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\transition-period-66a6f30ec259bbe404b654f89b5fa78e5d4823dbfc64ab475a39ebe40da75e20[1].png
                                                        Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        File Type:PNG image data, 600 x 400, 8-bit colormap, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):5299
                                                        Entropy (8bit):7.876956524280981
                                                        Encrypted:false
                                                        SSDEEP:96:GfOGTV9No6Ai0RqhkwZKbJZZFCdZJKmLovN53q2unWFRTkySv3S4yQMV:NGTV9NPZkr1XFCdLcvNkv2kySviv
                                                        MD5:C17D5D0B58E305C94860FC6195C96B0E
                                                        SHA1:78446B737875CFCC11DD6A9978FA9D2F06983B13
                                                        SHA-256:66A6F30EC259BBE404B654F89B5FA78E5D4823DBFC64AB475A39EBE40DA75E20
                                                        SHA-512:22AFE11F9CF3C7DDB58E490304B8EA6BE7298D7424B33040B7B5DA8E89DFABD173592D7553F41F523AF13353727F96ED39EDF49AB4373E2A3F2E6FDBA8D3EFFB
                                                        Malicious:false
                                                        Reputation:low
                                                        IE Cache URL:https://www.gov.uk/assets/frontend/homepage/transition-period-66a6f30ec259bbe404b654f89b5fa78e5d4823dbfc64ab475a39ebe40da75e20.png
                                                        Preview: .PNG........IHDR...X.........E..... PLTE..H.....r.X...;...:0_VNv.....,!S...rl...........z.H?j.....d].,.E..=.... T.m ....(M:.F..>.O..VY.F..{b.f]:.?..,..:QP.Ep,......J.>..S......o..A..m..go.C..<n...G.5$.b......@V$6....B;..1(...........{..j.3b.q_.x2...H ;....: .........._..A......_.....GU.B...?..=.........O..p...p.J...ed.?....NIDATx...;N.@...Az..!..*.]Zr*..C....@.H.".$.....6W.&......................................................n........m.....~..&.E.q...S.9kUt...6...D...1.......8....s.z{m.U..k..C..[Z.mI{H,o...Y....O.S..*.....V'..#.i..3]."..p.L.N.=}...".C..aEeU<@...EEQ..1...t......._.L6.0.U.t'..DJb.)W..ff....Ib.#...#X.>..}.$..rf..}.SZ.&.....H..x.h.k.xs..**....._...q.....J.y^W..J.k..8.......]..9.b..[Mb.....`....+.q^..7...?,.x.s......7.%.X.,%...R...JIb.+.Ex..[..,{.V.<....e....$...'Cd.TM~2k..&(...i...V........}.Kt.0 ../..N._..r.]r.j..7jX,i.5.b'.y...^.......c.....o.t..X;...... ..L.Jx........0..Vyb..Q..2Ih..R->.....X.jW....O....w.2...7..o....y.(\,.:....
                                                        C:\Users\user\AppData\Local\Temp\~DF54BDC0B4AB2DE106.TMP
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:data
                                                        Category:dropped
                                                        Size (bytes):25441
                                                        Entropy (8bit):0.27918767598683664
                                                        Encrypted:false
                                                        SSDEEP:24:c9lLh9lLh9lIn9lIn9lRx/9lRJ9lTb9lTb9lSSU9lSSU9laAa/9laA:kBqoxxJhHWSVSEab
                                                        MD5:AB889A32AB9ACD33E816C2422337C69A
                                                        SHA1:1190C6B34DED2D295827C2A88310D10A8B90B59B
                                                        SHA-256:4D6EC54B8D244E63B0F04FBE2B97402A3DF722560AD12F218665BA440F4CEFDA
                                                        SHA-512:BD250855747BB4CEC61814D0E44F810156D390E3E9F120A12935EFDF80ACA33C4777AD66257CCA4E4003FEF0741692894980B9298F01C4CDD2D8A9C7BB522FB6
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                        C:\Users\user\AppData\Local\Temp\~DFAF42DC3D297B44A5.TMP
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:data
                                                        Category:dropped
                                                        Size (bytes):158517
                                                        Entropy (8bit):1.8091117972108908
                                                        Encrypted:false
                                                        SSDEEP:384:kBqoxKAuqR+MqwRahTDBTG/xAtJCBrOKGNY6HneDZhkRiqYndNizea0azBzUracx:AO7Z1SonaZTx0SxXY/8BGbxpVFYuYCA
                                                        MD5:2D9F56D8F281B5B5A3D45FED6D9026C0
                                                        SHA1:E59F43BD923DA73DBFA3875D9D801FC3D62CECBF
                                                        SHA-256:6694A3669E50FC3431BBA5F932580AEF414E1B5F3B70041753E2EEE188C7B445
                                                        SHA-512:BDD0DF1B25A57F89FA385E3901F2221B73438132CD9DD0AF22CDA15BA533E5E96766960BBA6A0325359F197AE5F67A4BC81E1EE5D275DF43B358AA005EE3C2D1
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                        C:\Users\user\AppData\Local\Temp\~DFF1BBD90A9C4D4EBC.TMP
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:data
                                                        Category:dropped
                                                        Size (bytes):13029
                                                        Entropy (8bit):0.47759188993657714
                                                        Encrypted:false
                                                        SSDEEP:12:c9lCg5/9lCgeK9l26an9l26an9l8fRWdF9l8fRW39lTqWRJVi7hyVwi8wVV7n7hp:c9lLh9lLh9lIn9lIn9loE9loU9lWAk8
                                                        MD5:67A52C4A7CAB2B9B4F2FE755286BBDCC
                                                        SHA1:29D7EF6691B26FE4A4E4956D70D38BB3BC360A81
                                                        SHA-256:896939E09351B2542D1745AFD94CA48528C216F7B59293BAA8C9D9992DF696ED
                                                        SHA-512:A1AC3FC943A9E51EA7294C5DBC2BB8F82913371BE2C9FB06B0EB1E64A4D12E5D3F2AFFEED74A2EF22B3570B79FF63E451585B56F5297563A77DCD38F5FE82ED5
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\P86I5XZXMDLUFB2S3TKL.temp
                                                        Process:C:\Program Files\internet explorer\iexplore.exe
                                                        File Type:data
                                                        Category:dropped
                                                        Size (bytes):5149
                                                        Entropy (8bit):3.1796031697389404
                                                        Encrypted:false
                                                        SSDEEP:48:8ddiePZIFC9GrIoPAsASF1diePZIFh683GrIoPAczKdiePZIFx9GrIoPAV1H:85PZj9SvAJ6PZg3SvAvPZ09SvAf
                                                        MD5:1777F6A038D0A2697953973A4C5A9EDC
                                                        SHA1:B8C72A72BA44EF51F2936AED2F273842BDEFDCB1
                                                        SHA-256:B1E3F0DB7EE2D1DAE9131CD45A8B45C6BB365CAF97C4DB196958260BF7C0DC68
                                                        SHA-512:9136DF9F940EA9CAE137B0BA20C88003E2496AF1556C128D42E65D3EB8353C1A05C1E55E8B2D613A316BE80B3F215002DC4E23CE025807D8FF12279459DE4308
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview: ...................................FL..................F.@.. .....@.>....=.4......?.c................................P.O. .:i.....+00.../C:\.....................1.....>Q.;..PROGRA~1..t......L.>Qs<....E...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....l.1......L.J..INTERN~1..T......L.DR................................i.n.t.e.r.n.e.t. .e.x.p.l.o.r.e.r.....f.2......L.9 .iexplore.exe..J......L.JDR.......R..........x.............i.e.x.p.l.o.r.e...e.x.e.......^...............-.......]...........C*.W.....C:\Program Files\internet explorer\iexplore.exe....-.p.r.i.v.a.t.e...C.:.\.W.i.n.d.o.w.s.\.S.Y.S.T.E.M.3.2.\.I.E.F.R.A.M.E...d.l.l.........%SystemRoot%\SYSTEM32\IEFRAME.dll...................................................................................................................................................................................................................................%.S.y.s.t.e.m.R.o.o.t.%.\.S.Y.S.T.E.M.3.2.\.I

                                                        Static File Info

                                                        No static file info

                                                        Network Behavior

                                                        Network Port Distribution

                                                        TCP Packets

                                                        TimestampSource PortDest PortSource IPDest IP
                                                        Feb 4, 2021 17:24:26.822930098 CET4972280192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:26.823803902 CET4972380192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:26.861849070 CET804972213.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:26.862009048 CET4972280192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:26.862194061 CET804972313.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:26.862276077 CET4972380192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:26.863384008 CET4972280192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:26.901320934 CET804972213.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:26.903372049 CET804972213.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:26.903465033 CET4972280192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:26.921291113 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:26.959379911 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:26.959552050 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:26.965430021 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.003305912 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.006160975 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.006217957 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.006254911 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.006479025 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.009526968 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.009639025 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.057020903 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.063402891 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.063549995 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.095299006 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.095592022 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.095626116 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.095737934 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.095793009 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.097872019 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.101293087 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.101322889 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.101635933 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.101805925 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.106826067 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.106857061 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.106910944 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.106987953 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.107050896 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.135786057 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.169019938 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.169444084 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.169989109 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.209336042 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.209847927 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.210352898 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.212445021 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.212482929 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.212605953 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.212658882 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.212924957 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.212966919 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.212999105 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.213020086 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.214014053 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.214055061 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.214097023 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.214121103 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.215089083 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.215130091 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.215168953 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.215193987 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.216142893 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.216185093 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.216228962 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.216254950 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.217247009 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.217288017 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.217324972 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.217345953 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.218272924 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.218312025 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.218348026 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.218369007 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.219351053 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.219391108 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.219448090 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.219472885 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.220496893 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.220541000 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.220586061 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.220607042 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.221479893 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.221537113 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.221577883 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.221604109 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.222582102 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.222623110 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.222671032 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.222692013 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.223643064 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.223680973 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.223723888 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.223747015 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.224674940 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.224724054 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.224761963 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.224781990 CET49724443192.168.2.413.225.78.60
                                                        Feb 4, 2021 17:24:27.225763083 CET4434972413.225.78.60192.168.2.4
                                                        Feb 4, 2021 17:24:27.225806952 CET4434972413.225.78.60192.168.2.4

                                                        UDP Packets

                                                        TimestampSource PortDest PortSource IPDest IP
                                                        Feb 4, 2021 17:24:23.200925112 CET5057953192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:23.249125004 CET53505798.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:24.201700926 CET5170353192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:24.247400045 CET53517038.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:25.344470024 CET6524853192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:25.393228054 CET53652488.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:25.741163969 CET5372353192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:25.798378944 CET53537238.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:26.746309996 CET6464653192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:26.811799049 CET53646468.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:26.962502956 CET6529853192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:27.008198023 CET53652988.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:28.434597015 CET5912353192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:28.488902092 CET53591238.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:29.837359905 CET5453153192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:29.896300077 CET53545318.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:29.982374907 CET4971453192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:30.038068056 CET53497148.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:30.948313951 CET5802853192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:30.994803905 CET53580288.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:31.914438963 CET5309753192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:31.962903976 CET53530978.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:33.200732946 CET4925753192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:33.249315977 CET53492578.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:34.358690977 CET6238953192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:34.413914919 CET53623898.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:35.339337111 CET4991053192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:35.396356106 CET53499108.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:36.294775963 CET5585453192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:36.343797922 CET53558548.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:37.525841951 CET6454953192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:37.574532986 CET53645498.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:38.656003952 CET6315353192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:38.705893040 CET53631538.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:43.047065973 CET5299153192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:43.102057934 CET53529918.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:55.735924006 CET5370053192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:55.793786049 CET53537008.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:56.400711060 CET5172653192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:56.456497908 CET53517268.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:56.743025064 CET5370053192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:56.791840076 CET53537008.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:57.420701027 CET5172653192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:57.477466106 CET53517268.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:58.223735094 CET5370053192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:58.280776978 CET53537008.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:24:58.434736967 CET5172653192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:24:58.482753992 CET53517268.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:25:00.289921999 CET5370053192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:25:00.338682890 CET53537008.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:25:00.444437981 CET5172653192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:25:00.490407944 CET53517268.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:25:04.288887978 CET5370053192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:25:04.346168041 CET53537008.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:25:04.445014954 CET5172653192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:25:04.501730919 CET53517268.8.8.8192.168.2.4
                                                        Feb 4, 2021 17:25:10.552567959 CET5679453192.168.2.48.8.8.8
                                                        Feb 4, 2021 17:25:10.608552933 CET53567948.8.8.8192.168.2.4

                                                        DNS Queries

                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                        Feb 4, 2021 17:24:26.746309996 CET192.168.2.48.8.8.80x14eeStandard query (0)test-for-coronavirus.service.gov.ukA (IP address)IN (0x0001)
                                                        Feb 4, 2021 17:24:28.434597015 CET192.168.2.48.8.8.80x2900Standard query (0)www.gov.ukA (IP address)IN (0x0001)
                                                        Feb 4, 2021 17:24:43.047065973 CET192.168.2.48.8.8.80xec4bStandard query (0)www.gov.ukA (IP address)IN (0x0001)

                                                        DNS Answers

                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                        Feb 4, 2021 17:24:26.811799049 CET8.8.8.8192.168.2.40x14eeNo error (0)test-for-coronavirus.service.gov.uk13.225.78.60A (IP address)IN (0x0001)
                                                        Feb 4, 2021 17:24:26.811799049 CET8.8.8.8192.168.2.40x14eeNo error (0)test-for-coronavirus.service.gov.uk13.225.78.62A (IP address)IN (0x0001)
                                                        Feb 4, 2021 17:24:26.811799049 CET8.8.8.8192.168.2.40x14eeNo error (0)test-for-coronavirus.service.gov.uk13.225.78.16A (IP address)IN (0x0001)
                                                        Feb 4, 2021 17:24:26.811799049 CET8.8.8.8192.168.2.40x14eeNo error (0)test-for-coronavirus.service.gov.uk13.225.78.63A (IP address)IN (0x0001)
                                                        Feb 4, 2021 17:24:28.488902092 CET8.8.8.8192.168.2.40x2900No error (0)www.gov.ukwww-cdn.production.govuk.service.gov.ukCNAME (Canonical name)IN (0x0001)
                                                        Feb 4, 2021 17:24:28.488902092 CET8.8.8.8192.168.2.40x2900No error (0)www-cdn.production.govuk.service.gov.ukwww-gov-uk.map.fastly.netCNAME (Canonical name)IN (0x0001)
                                                        Feb 4, 2021 17:24:28.488902092 CET8.8.8.8192.168.2.40x2900No error (0)www-gov-uk.map.fastly.net151.101.0.144A (IP address)IN (0x0001)
                                                        Feb 4, 2021 17:24:28.488902092 CET8.8.8.8192.168.2.40x2900No error (0)www-gov-uk.map.fastly.net151.101.64.144A (IP address)IN (0x0001)
                                                        Feb 4, 2021 17:24:28.488902092 CET8.8.8.8192.168.2.40x2900No error (0)www-gov-uk.map.fastly.net151.101.128.144A (IP address)IN (0x0001)
                                                        Feb 4, 2021 17:24:28.488902092 CET8.8.8.8192.168.2.40x2900No error (0)www-gov-uk.map.fastly.net151.101.192.144A (IP address)IN (0x0001)
                                                        Feb 4, 2021 17:24:43.102057934 CET8.8.8.8192.168.2.40xec4bNo error (0)www.gov.ukwww-cdn.production.govuk.service.gov.ukCNAME (Canonical name)IN (0x0001)
                                                        Feb 4, 2021 17:24:43.102057934 CET8.8.8.8192.168.2.40xec4bNo error (0)www-cdn.production.govuk.service.gov.ukwww-gov-uk.map.fastly.netCNAME (Canonical name)IN (0x0001)
                                                        Feb 4, 2021 17:24:43.102057934 CET8.8.8.8192.168.2.40xec4bNo error (0)www-gov-uk.map.fastly.net151.101.0.144A (IP address)IN (0x0001)
                                                        Feb 4, 2021 17:24:43.102057934 CET8.8.8.8192.168.2.40xec4bNo error (0)www-gov-uk.map.fastly.net151.101.64.144A (IP address)IN (0x0001)
                                                        Feb 4, 2021 17:24:43.102057934 CET8.8.8.8192.168.2.40xec4bNo error (0)www-gov-uk.map.fastly.net151.101.128.144A (IP address)IN (0x0001)
                                                        Feb 4, 2021 17:24:43.102057934 CET8.8.8.8192.168.2.40xec4bNo error (0)www-gov-uk.map.fastly.net151.101.192.144A (IP address)IN (0x0001)

                                                        HTTP Request Dependency Graph

                                                        • test-for-coronavirus.service.gov.uk

                                                        HTTP Packets

                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                        0192.168.2.44972213.225.78.6080C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        TimestampkBytes transferredDirectionData
                                                        Feb 4, 2021 17:24:26.863384008 CET38OUTGET / HTTP/1.1
                                                        Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                        Accept-Language: en-US
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
                                                        Accept-Encoding: gzip, deflate
                                                        Host: test-for-coronavirus.service.gov.uk
                                                        Connection: Keep-Alive
                                                        Feb 4, 2021 17:24:26.903372049 CET38INHTTP/1.1 301 Moved Permanently
                                                        Server: CloudFront
                                                        Date: Thu, 04 Feb 2021 16:24:26 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 183
                                                        Connection: keep-alive
                                                        Location: https://test-for-coronavirus.service.gov.uk/
                                                        X-Cache: Redirect from cloudfront
                                                        Via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
                                                        X-Amz-Cf-Pop: FRA2-C2
                                                        X-Amz-Cf-Id: x4WwX9ju_gLyuAgKgeCgOMDra62wNTiappCE03C3zwtmTncbeUuv0g==
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>301 Moved Permanently</title></head><body bgcolor="white"><center><h1>301 Moved Permanently</h1></center><hr><center>CloudFront</center></body></html>


                                                        HTTPS Packets

                                                        TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
                                                        Feb 4, 2021 17:24:27.009526968 CET13.225.78.60443192.168.2.449724CN=*.test-for-coronavirus.service.gov.uk CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USFri Apr 03 02:00:00 CEST 2020 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Mon May 03 14:00:00 CEST 2021 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
                                                        CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                        CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                        CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034
                                                        Feb 4, 2021 17:24:28.819541931 CET151.101.0.144443192.168.2.449727CN=www.gov.uk, O=Government Digital Service, OU=Government Digital Service, L=London, ST=Greater London, C=GB CN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BECN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3Fri Oct 23 18:31:03 CEST 2020 Wed Nov 21 01:00:00 CET 2018Wed Nov 24 17:31:03 CET 2021 Tue Nov 21 01:00:00 CET 2028771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
                                                        CN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BECN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3Wed Nov 21 01:00:00 CET 2018Tue Nov 21 01:00:00 CET 2028
                                                        Feb 4, 2021 17:24:28.824357033 CET151.101.0.144443192.168.2.449726CN=www.gov.uk, O=Government Digital Service, OU=Government Digital Service, L=London, ST=Greater London, C=GB CN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BECN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3Fri Oct 23 18:31:03 CEST 2020 Wed Nov 21 01:00:00 CET 2018Wed Nov 24 17:31:03 CET 2021 Tue Nov 21 01:00:00 CET 2028771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
                                                        CN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BECN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3Wed Nov 21 01:00:00 CET 2018Tue Nov 21 01:00:00 CET 2028
                                                        Feb 4, 2021 17:24:43.191191912 CET151.101.0.144443192.168.2.449739CN=www.gov.uk, O=Government Digital Service, OU=Government Digital Service, L=London, ST=Greater London, C=GB CN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BECN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3Fri Oct 23 18:31:03 CEST 2020 Wed Nov 21 01:00:00 CET 2018Wed Nov 24 17:31:03 CET 2021 Tue Nov 21 01:00:00 CET 2028771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                        CN=GlobalSign RSA OV SSL CA 2018, O=GlobalSign nv-sa, C=BECN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3Wed Nov 21 01:00:00 CET 2018Tue Nov 21 01:00:00 CET 2028

                                                        Code Manipulations

                                                        Statistics

                                                        Behavior

                                                        Click to jump to process

                                                        System Behavior

                                                        Analysis Process: iexplore.exe PID: 5188 Parent PID: 800

                                                        General

                                                        Start time:17:24:25
                                                        Start date:04/02/2021
                                                        Path:C:\Program Files\internet explorer\iexplore.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
                                                        Imagebase:0x7ff78b6b0000
                                                        File size:823560 bytes
                                                        MD5 hash:6465CB92B25A7BC1DF8E01D8AC5E7596
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:low

                                                        Analysis Process: iexplore.exe PID: 5832 Parent PID: 5188

                                                        General

                                                        Start time:17:24:25
                                                        Start date:04/02/2021
                                                        Path:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                        Wow64 process (32bit):true
                                                        Commandline:'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5188 CREDAT:17410 /prefetch:2
                                                        Imagebase:0x1190000
                                                        File size:822536 bytes
                                                        MD5 hash:071277CC2E3DF41EEEA8013E2AB58D5A
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:low

                                                        Disassembly

                                                        Reset < >