Play interactive tour

Edit tour

Analysis Report http://r20.rs6.net/tn.jsp?f=001FNPhO8JDr7HCJr8INyeXtPzVPB_9TnVM6pP7y7CfaaqmWzT9strdCERa46BFE5WmzBvG_-57KlB6XVbs1owZ3Vk5-ZM5bNWqtQyqMZVXU_YOfpRgaTIEgS5_O8TC-oYewYUcbLPLxA6PnzI-lJrcqZojiqxyi4x6xW2FKgFGuFQYgZS5ORdxLfrTbgJIF_X4iCcIqg_eYvbRhLSAzQ8u0fT-Bt6XMp1CwVPqZR2KhX8fbYYg8MLTxg==&c=N3CwdpETm6KpZ0q8dumak3CkrZj3BDY6YRoESKDjeo2I_MFrthNZvQ==&ch=bMPvn-rzOdnBp9mViKRNQAQZxlnmEFS5R2EozweW-3APKvk8Dkcpfw==

Overview

General Information

Sample URL:	http://r20.rs6.net/tn.jsp?f=001FNPhO8JDr7HCJr8INyeXtPzVPB_9TnVM6pP7y7CfaaqmWzT9strdCERa46BFE5WmzBvG_-57KlB6XVbs1owZ3Vk5-ZM5bNWqtQyqMZVXU_YOfpRgaTIEgS5_O8TC-oYewYUcbLPLxA6PnzI-lJrcqZojiqxyi4x6xW2FKgFGuFQYgZS5ORdxLfrTbgJIF_X4iCcIqg_eYvbRhLSAzQ8u0fT-Bt6XMp1CwVPqZR2KhX8fbYYg8MLTxg==&c=N3CwdpETm6KpZ0q8dumak3CkrZj3BDY6YRoESKDjeo2I_MFrthNZvQ==&ch=bMPvn-rzOdnBp9mViKRNQAQZxlnmEFS5R2EozweW-3APKvk8Dkcpfw==
Analysis ID:	358591
Infos:
Most interesting Screenshot:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Allocates a big amount of memory (probably used for heap spraying)

Classification

Startup

System is w10x64

iexplore.exe (PID: 2588 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 396 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2588 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Compliance:

Uses new MSVCR Dlls

Show sources

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Uses secure TLS version for HTTPS connections

Show sources

Source: unknown	HTTPS traffic detected: 34.199.206.244:443 -> 192.168.2.5:49701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.33:443 -> 192.168.2.5:49703 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.33:443 -> 192.168.2.5:49702 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.33:443 -> 192.168.2.5:49704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.33:443 -> 192.168.2.5:49705 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.80:443 -> 192.168.2.5:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.80:443 -> 192.168.2.5:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.97:443 -> 192.168.2.5:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.97:443 -> 192.168.2.5:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.97:443 -> 192.168.2.5:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.97:443 -> 192.168.2.5:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.97:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.97:443 -> 192.168.2.5:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.170.25.135:443 -> 192.168.2.5:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.170.25.135:443 -> 192.168.2.5:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.45.157.204:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.45.157.204:443 -> 192.168.2.5:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.199.206.244:443 -> 192.168.2.5:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 146.88.138.51:443 -> 192.168.2.5:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 146.88.138.51:443 -> 192.168.2.5:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 44.236.72.93:443 -> 192.168.2.5:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 44.236.72.93:443 -> 192.168.2.5:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.96.162:443 -> 192.168.2.5:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.96.162:443 -> 192.168.2.5:49755 version: TLS 1.2

Software Vulnerabilities:

Source: iexplore.exe

Memory has grown: Private usage: 0MB later: 275MB

Networking:

Source: global traffic

HTTP traffic detected: GET /tn.jsp?f=001FNPhO8JDr7HCJr8INyeXtPzVPB_9TnVM6pP7y7CfaaqmWzT9strdCERa46BFE5WmzBvG_-57KlB6XVbs1owZ3Vk5-ZM5bNWqtQyqMZVXU_YOfpRgaTIEgS5_O8TC-oYewYUcbLPLxA6PnzI-lJrcqZojiqxyi4x6xW2FKgFGuFQYgZS5ORdxLfrTbgJIF_X4iCcIqg_eYvbRhLSAzQ8u0fT-Bt6XMp1CwVPqZR2KhX8fbYYg8MLTxg==&c=N3CwdpETm6KpZ0q8dumak3CkrZj3BDY6YRoESKDjeo2I_MFrthNZvQ==&ch=bMPvn-rzOdnBp9mViKRNQAQZxlnmEFS5R2EozweW-3APKvk8Dkcpfw== HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: r20.rs6.netConnection: Keep-Alive

Source: safari[1].htm.2.dr	String found in binary or memory: "https://www.facebook.com/Apple", equals www.facebook.com (Facebook)
Source: safari[1].htm.2.dr	String found in binary or memory: "https://www.linkedin.com/company/apple", equals www.linkedin.com (Linkedin)
Source: safari[1].htm.2.dr	String found in binary or memory: "https://www.twitter.com/Apple" equals www.twitter.com (Twitter)
Source: safari[1].htm.2.dr	String found in binary or memory: "https://www.youtube.com/user/Apple", equals www.youtube.com (Youtube)
Source: firefox[1].htm.2.dr	String found in binary or memory: <li><a class="youtube" href="https://www.youtube.com/user/firefoxchannel" data-link-type="footer" data-link-name="YouTube (@firefoxchannel)">YouTube<span> (@firefoxchannel)</span></a></li> equals www.youtube.com (Youtube)
Source: firefox[1].htm.2.dr	String found in binary or memory: <p id="test-fbc" class="js-fx-only"><a class="mzp-c-cta-link" href="https://addons.mozilla.org/firefox/addon/facebook-container/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=firefox-home">Get the Facebook Container extension</a></p> equals www.facebook.com (Facebook)

Source: unknown

DNS traffic detected: queries for: r20.rs6.net

Source: main[1].js.2.dr	String found in binary or memory: http://184.169.133.166/sharing/rest/content/items/
Source: 11M21SCR.htm.2.dr	String found in binary or memory: http://asm.leg.state.nv.us/
Source: firefox[1].htm.2.dr	String found in binary or memory: http://blog.mozilla.org/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=nav&amp
Source: simpleLoader[1].js.2.dr	String found in binary or memory: http://bonsaiden.github.com/JavaScript-Garden
Source: init[1].js0.2.dr	String found in binary or memory: http://dojotoolkit.org/license
Source: commonResources[1].js.2.dr	String found in binary or memory: http://get.webgl.org
Source: commonResources[1].js.2.dr	String found in binary or memory: http://get.webgl.org/troubleshooting/
Source: bootstrap3.3.6.min[1].css.2.dr	String found in binary or memory: http://getbootstrap.com)
Source: CalciteWebCoreIcons[1].eot0.2.dr	String found in binary or memory: http://github.com/esri
Source: CalciteWebCoreIcons[1].eot0.2.dr	String found in binary or memory: http://github.com/esrihttp://github.com/esriApache
Source: commonResources[1].js.2.dr	String found in binary or memory: http://js.arcgis.com/3.15/esri/copyright.txt
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/31st2020Special/legislators/Assembly/Images/DouglassBoone.KasinaDiane
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Assefa.Alex.357.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Backus.Shea.368.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/BenitezThompson.Teresa.149.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/BilbrayAxelrod.Shannon.332.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Carlton.Maggie.46.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Carrillo.Richard.116.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Cohen.Lesley.268.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Daly.Skip.155.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Duran.Bea.373.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Edwards.Chris.279.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Ellison.John.159.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Flores.Edgar.273.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Frierson.Jason.132.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Fumo.Ozzie.320.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Gorelow.Michelle.367.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/HafenII.Gregory.371.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Hambrick.John.90.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Hansen.Alexis.366.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Hardy.Melissa.364.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Jauregui.Sandra.344.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Kramer.Al.342.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Krasner.Lisa.327.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Leavitt.Glen.365.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Martinez.Susie.361.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/McCurdy.William.306.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Miller.Brittney.304.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/MonroeMoreno.Daniele.307.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Munk.Connie.360.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Neal.Dina.129.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Nguyen.Rochelle.372.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Peters.Sarah.356.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Roberts.Tom.362.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Smith.Greg.374.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Spiegel.Ellen.93.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Swank.Heidi.235.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Titus.Robin.281.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Tolles.Jill.326.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Torres.Selena.359.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Watts.Howard.363.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Wheeler.Jim.260.jpg
Source: results[1].pbf1.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Yeager.Steve.310.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Brooks.Chris.311.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Cancela.Yvanna.349.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Cannizzaro.Nicole.347.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Denis.Moises.11.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/DonderoLoop.Marilyn.92.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Goicoechea.Pete.15.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Hammond.Scott.143.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Hansen.Ira.157.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Hardy.Joseph.17.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Harris.Dallas.370.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Kieckhefer.Ben.115.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Ohrenschall.James.67.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Parks.David.34.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Pickard.Keith.322.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Ratti.Julia.294.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Scheible.Melanie.358.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/SeeversGansert.Heidi.12.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Settelmeyer.James.74.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Spearman.Pat.204.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Washington.Marcia.369.jpg
Source: results[1].pbf2.2.dr	String found in binary or memory: http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Woodhouse.Joyce.64.jpg
Source: init[1].js0.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/add-inverted-param/
Source: init[1].js0.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/define-locale/
Source: init[1].js0.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/dst-shifted/
Source: init[1].js0.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/js-date/
Source: init[1].js0.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/min-max/
Source: init[1].js0.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/zone/
Source: 11M21SCR.htm.2.dr	String found in binary or memory: http://nv.gov/privacy-policy/
Source: env[1].js.2.dr	String found in binary or memory: http://people.apache.org/~pmuellr/weinre/docs/latest/Home.html
Source: safari[1].htm.2.dr	String found in binary or memory: http://schema.org
Source: safari[1].htm.2.dr	String found in binary or memory: http://schema.org/
Source: 11M21SCR.htm.2.dr	String found in binary or memory: http://search.leg.state.nv.us/NAC/NAC.html
Source: 11M21SCR.htm.2.dr	String found in binary or memory: http://search.leg.state.nv.us/NRS/NRS.html
Source: 11M21SCR.htm.2.dr	String found in binary or memory: http://search.leg.state.nv.us/Register/Register.html
Source: main[1].js.2.dr	String found in binary or memory: http://services.arcgisonline.com/ArcGIS/rest/services/World_Topo_Map/MapServer
Source: arcgis-html-sanitizer[1].js.2.dr	String found in binary or memory: http://ucdok.com
Source: main[1].js.2.dr	String found in binary or memory: http://utility.arcgis.com/sharing/tools/legend
Source: main[1].js.2.dr	String found in binary or memory: http://utility.arcgisonline.com/arcgis/rest/services/Geometry/GeometryServer
Source: jquery.smartmenus.keyboard.min[1].js.2.dr	String found in binary or memory: http://vadikom.com;
Source: 11M21SCR.htm.2.dr	String found in binary or memory: http://webanalytics.leg.state.nv.us/piwik/matomo.php?idsite=1&rec=1
Source: CalciteWebCoreIcons[1].eot0.2.dr, env[1].js.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: CalciteWebCoreIcons[1].eot0.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0http://www.apache.org/licenses/LICENSE-2.0Version
Source: main[1].js.2.dr	String found in binary or memory: http://www.arcgis.com
Source: main[1].js.2.dr	String found in binary or memory: http://www.arcgis.com/
Source: commonResources[1].js.2.dr	String found in binary or memory: http://www.arcgis.com/apps/webappbuilder/copyright.txt
Source: more_normal[1].svg.2.dr	String found in binary or memory: http://www.bohemiancoding.com/sketch
Source: init[1].js0.2.dr	String found in binary or memory: http://www.esri.com
Source: CalciteWebCoreIcons[1].eot0.2.dr	String found in binary or memory: http://www.esri.com/
Source: CalciteWebCoreIcons[1].eot0.2.dr	String found in binary or memory: http://www.esri.com/http://www.esri.com/CalciteWebCoreIcons
Source: main_en[1].js.2.dr	String found in binary or memory: http://www.esri.com/software/web-appbuilder
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/1
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/10
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/11
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/12
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/13
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/14
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/15
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/16
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/17
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/18
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/19
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/2
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/20
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/21
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/22
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/23
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/24
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/25
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/26
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/27
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/28
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/29
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/3
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/30
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/31
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/32
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/33
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/34
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/35
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/36
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/37
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/38
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/39
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/4
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/40
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/41
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/42
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/5
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/6
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/7
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/8
Source: results[1].pbf1.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/9
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/1
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/10
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/11
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/12
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/13
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/14
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/15
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/16
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/17
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/18
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/19
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/2
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/20
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/21
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/3
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/4
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/5
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/6
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/7
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/8
Source: results[1].pbf2.2.dr	String found in binary or memory: http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/9
Source: 11M21SCR.htm.2.dr	String found in binary or memory: http://www.nevadastateprinting.com
Source: 11M21SCR.htm.2.dr	String found in binary or memory: http://www.nv.gov/
Source: jquery.smartmenus.keyboard.min[1].js.2.dr	String found in binary or memory: http://www.smartmenus.org/
Source: safari[1].htm.2.dr	String found in binary or memory: http://www.wikidata.org/entity/Q312
Source: 11M21SCR.htm.2.dr	String found in binary or memory: https://Youtube.com/c/NVLeg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://accounts.firefox.com.cn/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://accounts.firefox.com.cn/signup?entrypoint=mozilla.org-firefox_home&form_type=button&utm_sour
Source: firefox[1].htm.2.dr	String found in binary or memory: https://accounts.firefox.com.cn/signup?entrypoint=mozilla.org-globalnav&form_type=button&utm_source=
Source: firefox[1].htm.2.dr	String found in binary or memory: https://accounts.firefox.com/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://accounts.firefox.com/signup?entrypoint=mozilla.org-firefox_home&form_type=button&utm_source=
Source: firefox[1].htm.2.dr	String found in binary or memory: https://accounts.firefox.com/signup?entrypoint=mozilla.org-globalnav&form_type=button&utm_source=moz
Source: firefox[1].htm.2.dr	String found in binary or memory: https://addons.mozilla.org/firefox/addon/facebook-container/?utm_source=www.mozilla.org&utm_medi
Source: firefox[1].htm.2.dr	String found in binary or memory: https://app.adjust.com/2uo1qc?redirect=https%3A%2F%2Fitunes.apple.com%2Fus%2Fapp%2Ffirefox-private-s
Source: firefox[1].htm.2.dr	String found in binary or memory: https://app.adjust.com/2uo1qc?redirect=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3
Source: firefox[1].htm.2.dr	String found in binary or memory: https://app.adjust.com/6tteyjo?redirect=https%3A%2F%2Fitunes.apple.com%2Fus%2Fapp%2Fid1314000270%3Fm
Source: firefox[1].htm.2.dr	String found in binary or memory: https://app.adjust.com/6tteyjo?redirect=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%
Source: firefox[1].htm.2.dr	String found in binary or memory: https://app.adjust.com/m54twk?redirect=https%3A%2F%2Fitunes.apple.com%2Fus%2Fapp%2Fpocket-save-read-
Source: firefox[1].htm.2.dr	String found in binary or memory: https://app.adjust.com/m54twk?redirect=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3
Source: safari[1].htm.2.dr	String found in binary or memory: https://appleid.apple.com/us/
Source: safari[1].htm.2.dr	String found in binary or memory: https://apps.apple.com/us/app/apple-store/id375380948
Source: firefox[1].htm.2.dr	String found in binary or memory: https://blog.mozilla.org/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=footer
Source: firefox[1].htm.2.dr	String found in binary or memory: https://blog.mozilla.org/firefox/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaig
Source: firefox[1].htm.2.dr	String found in binary or memory: https://blog.mozilla.org/press/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=
Source: firefox[1].htm.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=fo
Source: firefox[1].htm.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1122305#c8
Source: firefox[1].htm.2.dr	String found in binary or memory: https://careers.mozilla.org
Source: firefox[1].htm.2.dr	String found in binary or memory: https://careers.mozilla.org/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=foo
Source: firefox[1].htm.2.dr	String found in binary or memory: https://careers.mozilla.org/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=nav
Source: main[1].js.2.dr	String found in binary or memory: https://cdn.arcgis.com/sharing/rest/content/items/5e9b3685f4c24d8781073dd928ebda50/resources/styles/
Source: main[1].js.2.dr	String found in binary or memory: https://cdn.arcgis.com/sharing/rest/content/items/747cb7a5329c478cbe6981076cc879c5/resources/styles/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://commonvoice.mozilla.org/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://community.esri
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr, limited-unsupported-browser[1].js.2.dr	String found in binary or memory: https://community.esri.com/community/gis/web-gis/arcgisonline
Source: init[1].js0.2.dr	String found in binary or memory: https://dev.arcgis.com/sharing/generateToken
Source: safari[1].htm.2.dr	String found in binary or memory: https://developer.apple.com/macos/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://developer.mozilla.org/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=n
Source: firefox[1].htm.2.dr	String found in binary or memory: https://developer.mozilla.org/docs/Tools/?utm_source=www.mozilla.org&utm_medium=referral&utm
Source: main[1].js.2.dr, init[1].js0.2.dr	String found in binary or memory: https://devext.arcgis.com
Source: init[1].js0.2.dr	String found in binary or memory: https://devext.arcgis.com/sharing/generateToken
Source: init[1].js0.2.dr	String found in binary or memory: https://dojotoolkit.org/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://donate.mozilla.org/en-US/?presets=50
Source: firefox[1].htm.2.dr	String found in binary or memory: https://download.mozilla.org/?product=firefox-stub&os=win&lang=en-US
Source: main[1].js.2.dr	String found in binary or memory: https://elevation3d.arcgis.com/arcgis/rest/services/WorldElevation3D/Terrain3D/ImageServer
Source: main[1].js.2.dr	String found in binary or memory: https://fengyuanchen.github.io/cropperjs
Source: firefox[1].htm.2.dr	String found in binary or memory: https://firefox.com/set_hsts.gif
Source: firefox[1].htm.2.dr	String found in binary or memory: https://foundation.mozilla.org/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=
Source: firefox[1].htm.2.dr	String found in binary or memory: https://foundation.mozilla.org/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=footer
Source: firefox[1].htm.2.dr	String found in binary or memory: https://fpn.firefox.com/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=nav&amp
Source: firefox[1].htm.2.dr	String found in binary or memory: https://getpocket.com/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=sticky-pr
Source: firefox[1].htm.2.dr	String found in binary or memory: https://getpocket.com/firefox_learnmore/?utm_source=www.mozilla.org&utm_medium=referral&utm_
Source: firefox[1].htm.2.dr	String found in binary or memory: https://getpocket.com/signup/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=fi
Source: firefox[1].htm.2.dr	String found in binary or memory: https://getpocket.com?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=firefox-ho
Source: arcgis-html-sanitizer[1].js.2.dr	String found in binary or memory: https://github.com/leizongmin/js-xss/blob/master/LICENSE
Source: bootstrap3.3.6.min[1].css.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: firefox[1].htm.2.dr	String found in binary or memory: https://hubs.mozilla.com/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=nav&am
Source: safari[1].htm.2.dr	String found in binary or memory: https://investor.apple.com/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://itunes.apple.com/us/app/id1314000270?mt=8
Source: env[1].js.2.dr	String found in binary or memory: https://js.arcgis.com/
Source: env[1].js.2.dr	String found in binary or memory: https://js.arcgis.com/3.35
Source: init[1].js0.2.dr	String found in binary or memory: https://js.arcgis.com/3.35/dojo
Source: pbfDeps_en-us[1].js.2.dr	String found in binary or memory: https://js.arcgis.com/3.35/esri/copyright.txt
Source: arcgis-html-sanitizer[1].js.2.dr	String found in binary or memory: https://js.foundation/
Source: 11M21SCR.htm.2.dr	String found in binary or memory: https://kit.fontawesome.com/d174097705.js
Source: firefox[1].htm.2.dr	String found in binary or memory: https://labs.mozilla.org/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=nav&am
Source: safari[1].htm.2.dr	String found in binary or memory: https://locate.apple.com/
Source: 11M21SCR.htm.2.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Source: firefox[1].htm.2.dr	String found in binary or memory: https://mixedreality.mozilla.org/firefox-reality/?utm_source=www.mozilla.org&utm_medium=referral
Source: firefox[1].htm.2.dr	String found in binary or memory: https://monitor.firefox.com
Source: firefox[1].htm.2.dr	String found in binary or memory: https://monitor.firefox.com/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=fir
Source: firefox[1].htm.2.dr	String found in binary or memory: https://monitor.firefox.com/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=nav
Source: firefox[1].htm.2.dr	String found in binary or memory: https://monitor.firefox.com/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=sti
Source: firefox[1].htm.2.dr	String found in binary or memory: https://monitor.firefox.com?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=fire
Source: firefox[1].htm.2.dr	String found in binary or memory: https://mozilla.design/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=footer&u
Source: data[1].txt.2.dr	String found in binary or memory: https://nvlcb.maps.arcgis.com
Source: data[1].txt.2.dr	String found in binary or memory: https://nvlcb.maps.arcgis.com/sharing/rest/content/items/$
Source: firefox[1].htm.2.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=cn.mozilla.firefox&referrer=utm_source%3Dmozilla%2
Source: firefox[1].htm.2.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=mozilla.lockbox&hl=en
Source: init[1].js0.2.dr	String found in binary or memory: https://premium.arcgisonline.com/server/tokens
Source: main[1].js.2.dr, init[1].js0.2.dr	String found in binary or memory: https://qaext.arcgis.com
Source: init[1].js0.2.dr	String found in binary or memory: https://qaext.arcgis.com/sharing/generateToken
Source: arcgis-html-sanitizer[1].js.2.dr	String found in binary or memory: https://raw.githubusercontent.com/lodash/lodash/4.17.10-npm/LICENSE
Source: firefox[1].htm.2.dr	String found in binary or memory: https://relay.firefox.com/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=nav&a
Source: firefox[1].htm.2.dr	String found in binary or memory: https://research.mozilla.org/webassembly/?utm_source=www.mozilla.org&utm_medium=referral&utm
Source: firefox[1].htm.2.dr	String found in binary or memory: https://schema.org/
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/ArcGIS/rest/services/Canvas/World_Dark_Gray_Base/MapServer
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/ArcGIS/rest/services/Canvas/World_Dark_Gray_Reference/MapServer
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/ArcGIS/rest/services/Canvas/World_Light_Gray_Base/MapServer
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/ArcGIS/rest/services/Canvas/World_Light_Gray_Reference/MapServer
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/ArcGIS/rest/services/NatGeo_World_Map/MapServer
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/ArcGIS/rest/services/Reference/World_Boundaries_and_Places/MapServ
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/ArcGIS/rest/services/Reference/World_Reference_Overlay/MapServer
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/ArcGIS/rest/services/World_Imagery/MapServer
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/ArcGIS/rest/services/World_Street_Map/MapServer
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/ArcGIS/rest/services/World_Terrain_Base/MapServer
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/ArcGIS/rest/services/World_Topo_Map/MapServer
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/arcgis/rest/services/Elevation/World_Hillshade/MapServer
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/arcgis/rest/services/Ocean/World_Ocean_Base/MapServer
Source: init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/arcgis/rest/services/Ocean/World_Ocean_Reference/MapServer
Source: commonResources[1].js.2.dr, init[1].js0.2.dr	String found in binary or memory: https://services.arcgisonline.com/arcgis/rest/services/World_Street_Map/MapServer
Source: data[1].txt.2.dr	String found in binary or memory: https://services9.arcgis.com/UU5yXg9PV67U0ebq/arcgis/rest/services/County_Borders/FeatureServer/0
Source: data[1].txt.2.dr	String found in binary or memory: https://services9.arcgis.com/UU5yXg9PV67U0ebq/arcgis/rest/services/ElectionGeography/FeatureServer/2
Source: data[1].txt.2.dr	String found in binary or memory: https://services9.arcgis.com/UU5yXg9PV67U0ebq/arcgis/rest/services/Sen_Con_Sen_Asm_Reg_County/Featur
Source: 11M21SCR.htm.2.dr	String found in binary or memory: https://shop.leg.state.nv.us
Source: 11M21SCR.htm.2.dr	String found in binary or memory: https://shop.leg.state.nv.us/
Source: safari[1].htm.2.dr	String found in binary or memory: https://support.apple.com
Source: safari[1].htm.2.dr	String found in binary or memory: https://support.apple.com/#organization
Source: safari[1].htm.2.dr	String found in binary or memory: https://support.apple.com/HT201239#safari
Source: safari[1].htm.2.dr	String found in binary or memory: https://support.apple.com/HT202530
Source: safari[1].htm.2.dr	String found in binary or memory: https://support.apple.com/HT211788
Source: safari[1].htm.2.dr	String found in binary or memory: https://support.apple.com/guide/safari/autofill-user-name-and-password-info-ibrwf71ba236/14.0/mac/11
Source: safari[1].htm.2.dr	String found in binary or memory: https://support.apple.com/guide/safari/make-safari-your-default-web-browser-ibrwa008/mac
Source: safari[1].htm.2.dr	String found in binary or memory: https://support.apple.com/guide/safari/view-a-privacy-report-ibrw35004465/mac
Source: safari[1].htm.2.dr	String found in binary or memory: https://support.apple.com/guide/safari/welcome/mac
Source: safari[1].htm.2.dr	String found in binary or memory: https://support.apple.com/safari
Source: firefox[1].htm.2.dr	String found in binary or memory: https://support.mozilla.org/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=foo
Source: firefox[1].htm.2.dr	String found in binary or memory: https://support.mozilla.org/en-US/kb/firefox-fire-tv
Source: firefox[1].htm.2.dr	String found in binary or memory: https://support.mozilla.org/en-US/kb/firefox-monitor
Source: firefox[1].htm.2.dr	String found in binary or memory: https://support.mozilla.org/en-US/kb/get-started-firefox-lite
Source: firefox[1].htm.2.dr	String found in binary or memory: https://support.mozilla.org/en-US/products/firefox
Source: firefox[1].htm.2.dr	String found in binary or memory: https://support.mozilla.org/en-US/products/firefox-lockwise
Source: safari[1].htm.2.dr	String found in binary or memory: https://tv.apple.com/us/movie/the-banker/umc.cmc.2f8qhsa039voq5x0iwn1eixj1
Source: firefox[1].htm.2.dr	String found in binary or memory: https://twitter.com/firefox
Source: firefox[1].htm.2.dr	String found in binary or memory: https://twitter.com/mozilla
Source: config[3].json.2.dr, data[1].txt.2.dr	String found in binary or memory: https://utility.arcgisonline.com/arcgis/rest/services/Geometry/GeometryServer
Source: firefox[1].htm.2.dr	String found in binary or memory: https://vpn.mozilla.org/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=nav&amp
Source: firefox[1].htm.2.dr	String found in binary or memory: https://vpn.mozilla.org/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=sticky-
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr, safari[1].htm.2.dr	String found in binary or memory: https://www.apple.com/
Source: safari[1].htm.2.dr	String found in binary or memory: https://www.apple.com/#organization
Source: safari[1].htm.2.dr	String found in binary or memory: https://www.apple.com/ac/structured-data/images/knowledge_graph_logo.png?202011162134
Source: imagestore.dat.2.dr	String found in binary or memory: https://www.apple.com/favicon.ico
Source: imagestore.dat.2.dr	String found in binary or memory: https://www.apple.com/favicon.ico~
Source: safari[1].htm.2.dr, index[1].htm.2.dr, limited-unsupported-browser[1].js.2.dr	String found in binary or memory: https://www.apple.com/safari/
Source: safari[1].htm.2.dr	String found in binary or memory: https://www.apple.com/safari/#softwareapplication
Source: safari[1].htm.2.dr	String found in binary or memory: https://www.apple.com/v/safari/m/images/meta/og__bwszi9inlzw2.png
Source: safari[1].htm.2.dr	String found in binary or memory: https://www.apple.com/v/safari/m/images/meta/og__bwszi9inlzw2.png?202011162134
Source: info[2].txt.2.dr	String found in binary or memory: https://www.arcgis.com
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.arcgis.com/apps/webaRoot
Source: imagestore.dat.2.dr	String found in binary or memory: https://www.arcgis.com/apps/webappviewer/images/shortcut.ico
Source: imagestore.dat.2.dr	String found in binary or memory: https://www.arcgis.com/apps/webappviewer/images/shortcut.ico~
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.arcgis.com/apps/webappviewer/index.ht.com/community/gis/web-gis/arcgihis
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.arcgis.com/apps/webappviewer/index.htRoot
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.arcgis.com/apps/webappviewer/index.htcom/edge/Root
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.arcgis.com/apps/webappviewer/index.htcom/edgenity/gis/web-gis/arcgihis
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.arcgis.com/apps/webappviewer/index.htg/en-US/firefox//index.htmlRoot
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.arcgis.com/apps/webappviewer/index.hthttps://www.arcgis.com/apps/webappviewer/index.html
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.arcgis.com/apps/webappviewer/index.html
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.arcgis.com/apps/webappviewer/index.html?id=9c2cd4575624417fa56fd084a7ee4dd9
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.arcgis.com/apps/webappviewer/index.html?id=9c2cd4575624417fa56fd084a7ee4dd9PWho
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.arcgis.com/apps/webappviewer/index.html?id=9c2cd4575624417fa56fd084a7ee4dd9Root
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.arcgis.com/apps/webappviewer/index.htsafari/firefox//index.htmlRoot
Source: info[2].txt.2.dr	String found in binary or memory: https://www.arcgis.com/sharing/generateToken
Source: init[1].js0.2.dr	String found in binary or memory: https://www.arcgis.com/sharing/rest/content/items/63c47b7177f946b49902c24129b87252/resources/styles/
Source: init[1].js0.2.dr	String found in binary or memory: https://www.arcgis.com/sharing/rest/content/items/7dc6cea0b1764a1f9af2e679f642f0f5/resources/styles/
Source: init[1].js0.2.dr	String found in binary or memory: https://www.arcgis.com/sharing/rest/content/items/86f556a2d1fd468181855a35e344567f/resources/styles/
Source: init[1].js0.2.dr	String found in binary or memory: https://www.arcgis.com/sharing/rest/content/items/8a2cba3b0ebf4140b7c0dc5ee149549a/resources/styles/
Source: init[1].js0.2.dr	String found in binary or memory: https://www.arcgis.com/sharing/rest/content/items/b266e6d17fc345b498345613930fbd76/resources/styles/
Source: init[1].js0.2.dr	String found in binary or memory: https://www.arcgis.com/sharing/rest/content/items/c11ce4f7801740b2905eb03ddc963ac8/resources/styles/
Source: init[1].js0.2.dr	String found in binary or memory: https://www.arcgis.com/sharing/rest/content/items/de26a3cf4cc9451298ea173c4b324736/resources/styles/
Source: f[1].js.2.dr	String found in binary or memory: https://www.feedbackify.com/in
Source: index[1].htm.2.dr, limited-unsupported-browser[1].js.2.dr	String found in binary or memory: https://www.google.com/chrome/
Source: safari[1].htm.2.dr	String found in binary or memory: https://www.icloud.com
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.instagram.com/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.instagram.com/mozilla/
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.leg.state.
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.leg.state./apps/webappviewer/index.html?id=9c2cd4575624417fa56fd084a7ee4dd9nv.us/bappvie
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.leg.state.nv.us/
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.leg.state.nv.us/$Nevada
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District1.
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District10
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District11
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District12
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District13
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District14
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District15
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District16
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District17
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District18
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District19
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District1_
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District2.
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District20
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District21
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District22
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District23
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District24
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District25
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District26
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District27
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District28
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District29
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District2_
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District3.
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District30
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District31
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District32
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District33
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District34
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District35
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District36
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District37
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District38
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District39
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District3_
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District4.
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District40
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District41
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District42
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District4_
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District5.
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District5_
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District6.
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District6_
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District7.
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District7_
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District8.
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District8_
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District9.
Source: results[1].pbf1.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District9_
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District1.pd
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District10.p
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District10_1
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District11.p
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District11_1
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District12.p
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District12_1
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District13.p
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District13_1
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District14.p
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District14_1
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District15.p
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District15_1
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District16.p
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District16_1
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District17.p
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District17_1
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District18.p
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District18_1
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District19.p
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District19_1
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District1_11
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District2.pd
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District20.p
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District20_1
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District21.p
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District21_1
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District2_11
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District3.pd
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District3_11
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District4.pd
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District4_11
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District5.pd
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District5_11
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District6.pd
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District6_11
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District7.pd
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District7_11
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District8.pd
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District8_11
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District9.pd
Source: results[1].pbf2.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District9_11
Source: 11M21SCR.htm.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Division/Research/Documents/COVID-19Resources.pdf
Source: imagestore.dat.2.dr	String found in binary or memory: https://www.leg.state.nv.us/Home/image/graphic/favicon.ico
Source: data[1].txt.2.dr	String found in binary or memory: https://www.leg.state.nv.us/NRS/NRS-218B.html
Source: data[1].txt.2.dr	String found in binary or memory: https://www.leg.state.nv.us/downloads/research/2011Districts/
Source: safari[1].htm.2.dr	String found in binary or memory: https://www.linkedin.com/company/apple
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.microsoft.
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.mozilla.or
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxandroid
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxbeta
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxbrowser
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxdeveloper
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxenterprise
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxfiretv
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxios
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxlinux
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxlite
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxlockwise
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxmac
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxmonitor
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxnightly
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#firefoxwindows
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/#organization
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/be/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/ca/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/contribute
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/cs/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/cy/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/da/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/de/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/el/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/en-CA/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/en-GB/firefox/
Source: {E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/channel/desktop/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/developer/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/enterprise/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/linux/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/lockwise/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/mac/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/mobile/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/new/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/notes/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/windows/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/es-AR/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/es-CL/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/es-ES/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/es-MX/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/eu/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/fa/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/ff/firefox/
Source: firefox[1].htm.2.dr, index[1].htm.2.dr, limited-unsupported-browser[1].js.2.dr	String found in binary or memory: https://www.mozilla.org/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/fr/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/fy-NL/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/gl/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/gn/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/he/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/hi-IN/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/hr/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/hu/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/hy-AM/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/ia/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/id/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/it/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/ka/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/ko/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/lt/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/css/BUNDLES/common-old-ie.76ce7d58b62c.css
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/css/BUNDLES/daylight-promo-banner.504a9fc18235.css
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/css/BUNDLES/firefox-home-ie9.3af77234f8a0.css
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/css/BUNDLES/firefox-master.1badf054544d.css
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/css/BUNDLES/protocol-firefox.a75069e5fd6a.css
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/favicons/firefox/apple-touch-icon.ac5af768e192.png
Source: firefox[1].htm.2.dr, imagestore.dat.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/favicons/firefox/favicon-196x196.5e474118060e.png
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/favicons/firefox/favicon.4e526382d5a6.ico
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/firefox/home/master/lockwise.2ff0b22bab02.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/firefox/home/master/monitor.db01b0d5a453.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/firefox/home/master/pocket.2085f528220a.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/firefox/home/master/spacer.46533769874a.gif
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/firefox/template/page-image-master.1b6efe3d5631.jpg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/icons/connection.1f5bf9566286.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/l10n/en-US/firefox/android/btn-google-play-high-res.87d9720bbc8b.p
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/l10n/en-US/firefox/android/btn-google-play.77bdbc935c58.png
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/l10n/en-US/firefox/home/browser-high-res.260700570060.jpg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/l10n/en-US/firefox/home/browser.0513d7098d2e.jpg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/l10n/en-US/firefox/ios/btn-app-store.1cfd5dba4a92.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/logos/firefox/logo-reality.6bcc5b8e7099.png
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/logos/pocket/logo.b38718a07101.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/nav/icons/icon-common-voice.127fa3f5dcb0.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/nav/icons/icon-fpn-beta.9e7bc3a29f6e.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/nav/icons/icon-privacy-promise.eee1662acb03.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/img/nav/icons/icon-relay.aca61c9bb349.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/js/BUNDLES/common-ie.dfbbc778feae.js
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/js/BUNDLES/common.28871f85d686.js
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/js/BUNDLES/daylight-promo-banner.8eaf5f4b2482.js
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/js/BUNDLES/firefox-master.43ad00e9ac73.js
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/js/BUNDLES/gtm-snippet.9f9cf2026c5f.js
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/js/BUNDLES/sentry.d4a49ae2b9e1.js
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/js/BUNDLES/site.ddf5d556ecf8.js
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/js/BUNDLES/stub-attribution.8015cb233077.js
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/js/libs/html5shiv.98460818858d.js
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/firefox/browser/developer/logo-sm.d3157a6ac671.png
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/firefox/browser/logo-lg-high-res.fbc7ffbb50fd.png
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/firefox/browser/logo-md.f0603b4c28b4.png
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/firefox/browser/logo-sm.f2523d97cbe0.png
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/firefox/browser/logo.eb1324e44442.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/firefox/lockwise/logo-lg-high-res.97bd3eea43cb.png
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/firefox/lockwise/logo-md.b910dd96c5e1.png
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/firefox/lockwise/logo.339be800ad8d.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/firefox/logo-sm.f26fdae37f50.png
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/firefox/monitor/logo-lg-high-res.3efdead4bb9a.png
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/firefox/monitor/logo-md.00d2ad45480b.png
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/firefox/monitor/logo-sm.0bc3e6ae9d32.png
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/firefox/monitor/logo.d97e5516f9e6.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/mozilla/black.40d1af88c248.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/media/protocol/img/logos/pocket/pocket.f21f7a5dedba.svg
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/mr/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/my/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/nb-NO/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/nl/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/nn-NO/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/pl/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/pt-BR/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/pt-PT/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/ro/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/ru/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/sk/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/sl/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/sq/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/sr/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/sv-SE/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/th/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/tr/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/uk/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/ur/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/vi/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/zh-CN/firefox/
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.mozilla.org/zh-TW/firefox/
Source: safari[1].htm.2.dr	String found in binary or memory: https://www.twitter.com/Apple
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.wikidata.org/wiki/Q64828890
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.wikidata.org/wiki/Q64829394
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.wikidata.org/wiki/Q698
Source: safari[1].htm.2.dr	String found in binary or memory: https://www.youtube.com/user/Apple
Source: firefox[1].htm.2.dr	String found in binary or memory: https://www.youtube.com/user/firefoxchannel

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701

Source: unknown	HTTPS traffic detected: 34.199.206.244:443 -> 192.168.2.5:49701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.33:443 -> 192.168.2.5:49703 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.33:443 -> 192.168.2.5:49702 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.33:443 -> 192.168.2.5:49704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.33:443 -> 192.168.2.5:49705 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.80:443 -> 192.168.2.5:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.80:443 -> 192.168.2.5:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.97:443 -> 192.168.2.5:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.97:443 -> 192.168.2.5:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.97:443 -> 192.168.2.5:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.97:443 -> 192.168.2.5:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.97:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.94.97:443 -> 192.168.2.5:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.170.25.135:443 -> 192.168.2.5:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.170.25.135:443 -> 192.168.2.5:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.45.157.204:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.45.157.204:443 -> 192.168.2.5:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.199.206.244:443 -> 192.168.2.5:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 146.88.138.51:443 -> 192.168.2.5:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 146.88.138.51:443 -> 192.168.2.5:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 44.236.72.93:443 -> 192.168.2.5:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 44.236.72.93:443 -> 192.168.2.5:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.96.162:443 -> 192.168.2.5:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.96.162:443 -> 192.168.2.5:49755 version: TLS 1.2

System Summary:

Source: sf-pro-display_heavy-italic[1].woff.2.dr

Binary or memory string: 9.vBP=va

Source: classification engine

Classification label: clean0.win@3/397@16/11

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E9FCFDE7-77F7-11EB-90E5-ECF4BB570DC9}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF1A69836F7930ACFC.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: unknown	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2588 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2588 CREDAT:17410 /prefetch:2

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	File and Directory Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Extra Window Memory Injection1	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol2	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Extra Window Memory Injection1	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol3	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Scheduled Transfer	Ingress Tool Transfer1	SIM Card Swap		Carrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://r20.rs6.net/tn.jsp?f=001FNPhO8JDr7HCJr8INyeXtPzVPB_9TnVM6pP7y7CfaaqmWzT9strdCERa46BFE5WmzBvG_-57KlB6XVbs1owZ3Vk5-ZM5bNWqtQyqMZVXU_YOfpRgaTIEgS5_O8TC-oYewYUcbLPLxA6PnzI-lJrcqZojiqxyi4x6xW2FKgFGuFQYgZS5ORdxLfrTbgJIF_X4iCcIqg_eYvbRhLSAzQ8u0fT-Bt6XMp1CwVPqZR2KhX8fbYYg8MLTxg==&c=N3CwdpETm6KpZ0q8dumak3CkrZj3BDY6YRoESKDjeo2I_MFrthNZvQ==&ch=bMPvn-rzOdnBp9mViKRNQAQZxlnmEFS5R2EozweW-3APKvk8Dkcpfw==	0%	Avira URL Cloud	safe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

Source	Detection	Scanner	Label
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/15	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/14	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/13	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/12	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/11	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/10	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District5_	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District1.pd	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District6_11	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Nguyen.Rochelle.372.jpg	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District20.p	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District7.	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Denis.Moises.11.jpg	0%	Avira URL Cloud	safe
https://accounts.firefox.com.cn/signup?entrypoint=mozilla.org-globalnav&form_type=button&utm_source=	0%	URL Reputation	safe
https://accounts.firefox.com.cn/signup?entrypoint=mozilla.org-globalnav&form_type=button&utm_source=	0%	URL Reputation	safe
https://accounts.firefox.com.cn/signup?entrypoint=mozilla.org-globalnav&form_type=button&utm_source=	0%	URL Reputation	safe
http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Pickard.Keith.322.jpg	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District1_11	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District4_	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Backus.Shea.368.jpg	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/21	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/20	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/$Nevada	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Ellison.John.159.jpg	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District16.p	0%	Avira URL Cloud	safe
http://getbootstrap.com)	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Hansen.Alexis.366.jpg	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Duran.Bea.373.jpg	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District6.	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District15_1	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/19	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/18	0%	Avira URL Cloud	safe
https://fengyuanchen.github.io/cropperjs	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/17	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/16	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Kieckhefer.Ben.115.jpg	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Kramer.Al.342.jpg	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District7_	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Torres.Selena.359.jpg	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District21.p	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/MonroeMoreno.Daniele.307.jpg	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District9.	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District6.pd	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Fumo.Ozzie.320.jpg	0%	Avira URL Cloud	safe
http://search.leg.state.nv.us/Register/Register.html	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District6_	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District17.p	0%	Avira URL Cloud	safe
https://www.microsoft.	0%	URL Reputation	safe
https://www.microsoft.	0%	URL Reputation	safe
https://www.microsoft.	0%	URL Reputation	safe
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Titus.Robin.281.jpg	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Harris.Dallas.370.jpg	0%	Avira URL Cloud	safe
https://www.feedbackify.com/in	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Ohrenschall.James.67.jpg	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District8.	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District16_1	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/15	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District5.pd	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/14	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District1_	0%	Avira URL Cloud	safe
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Flores.Edgar.273.jpg	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/13	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/12	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/11	0%	Avira URL Cloud	safe
http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/10	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District29	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District28	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District25	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District24	0%	Avira URL Cloud	safe
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District27	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
geocode.arcgis.com	52.45.157.204	true	false	high
www.arcgis.com	34.199.206.244	true	false	high
dzlgdtxcws9pb.cloudfront.net	13.224.96.162	true	false	high
js.arcgis.com	13.224.94.33	true	false	high
rs6.net	208.75.122.11	true	false	high
www.leg.state.nv.us	64.161.36.133	true	false	unknown
cdn.feedbackify.netdna-cdn.com	146.88.138.51	true	false	high
firefox.com	44.236.72.93	true	false	high
nvlcb.maps.arcgis.com	35.170.25.135	true	false	high
static.arcgis.com	13.224.94.80	true	false	high
services9.arcgis.com	13.224.94.97	true	false	high
ka-f.fontawesome.com	unknown	unknown	false	high
www.firefox.com	unknown	unknown	false	high
kit.fontawesome.com	unknown	unknown	false	high
r20.rs6.net	unknown	unknown	false	high
services.arcgisonline.com	unknown	unknown	false	high
cdn.feedbackify.com	unknown	unknown	false	unknown
server.arcgisonline.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://r20.rs6.net/tn.jsp?f=001FNPhO8JDr7HCJr8INyeXtPzVPB_9TnVM6pP7y7CfaaqmWzT9strdCERa46BFE5WmzBvG_-57KlB6XVbs1owZ3Vk5-ZM5bNWqtQyqMZVXU_YOfpRgaTIEgS5_O8TC-oYewYUcbLPLxA6PnzI-lJrcqZojiqxyi4x6xW2FKgFGuFQYgZS5ORdxLfrTbgJIF_X4iCcIqg_eYvbRhLSAzQ8u0fT-Bt6XMp1CwVPqZR2KhX8fbYYg8MLTxg==&c=N3CwdpETm6KpZ0q8dumak3CkrZj3BDY6YRoESKDjeo2I_MFrthNZvQ==&ch=bMPvn-rzOdnBp9mViKRNQAQZxlnmEFS5R2EozweW-3APKvk8Dkcpfw==	false		high
https://www.arcgis.com/apps/webappviewer/index.html	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/15	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/14	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/13	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/12	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/11	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://www.esri.com/software/web-appbuilder	main_en[1].js.2.dr	false		high
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/10	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District5_	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
http://nv.gov/privacy-policy/	11M21SCR.htm.2.dr	false		high
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District1.pd	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District6_11	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Nguyen.Rochelle.372.jpg	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://services.arcgisonline.com/arcgis/rest/services/World_Street_Map/MapServer	commonResources[1].js.2.dr, init[1].js0.2.dr	false		high
https://services.arcgisonline.com/ArcGIS/rest/services/Reference/World_Reference_Overlay/MapServer	init[1].js0.2.dr	false		high
http://www.smartmenus.org/	jquery.smartmenus.keyboard.min[1].js.2.dr	false		high
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District20.p	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
https://dojotoolkit.org/	init[1].js0.2.dr	false		high
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District7.	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
http://github.com/esrihttp://github.com/esriApache	CalciteWebCoreIcons[1].eot0.2.dr	false		high
http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Denis.Moises.11.jpg	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
https://accounts.firefox.com.cn/signup?entrypoint=mozilla.org-globalnav&form_type=button&utm_source=	firefox[1].htm.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://www.arcgis.com/apps/webappviewer/index.htcom/edgenity/gis/web-gis/arcgihis	{E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://www.arcgis.com/apps/webappviewer/index.htcom/edge/Root	{E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://www.arcgis.com/apps/webappviewer/index.htsafari/firefox//index.htmlRoot	{E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Pickard.Keith.322.jpg	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District1_11	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District4_	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Backus.Shea.368.jpg	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/21	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
https://services.arcgisonline.com/arcgis/rest/services/Ocean/World_Ocean_Reference/MapServer	init[1].js0.2.dr	false		high
https://www.arcgis.com/apps/webappviewer/index.hthttps://www.arcgis.com/apps/webappviewer/index.html	{E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/20	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/$Nevada	{E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false	Avira URL Cloud: safe	unknown
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Ellison.John.159.jpg	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District16.p	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
https://www.instagram.com/mozilla/	firefox[1].htm.2.dr	false		high
http://getbootstrap.com)	bootstrap3.3.6.min[1].css.2.dr	false	Avira URL Cloud: safe	low
https://www.arcgis.com/sharing/rest/content/items/b266e6d17fc345b498345613930fbd76/resources/styles/	init[1].js0.2.dr	false		high
http://js.arcgis.com/3.15/esri/copyright.txt	commonResources[1].js.2.dr	false		high
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Hansen.Alexis.366.jpg	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Duran.Bea.373.jpg	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://dev.arcgis.com/sharing/generateToken	init[1].js0.2.dr	false		high
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District6.	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District15_1	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/19	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/18	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
https://fengyuanchen.github.io/cropperjs	main[1].js.2.dr	false	Avira URL Cloud: safe	unknown
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/17	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://www.leg.state.nv.us/App/Legislator/A/Senate/Current/16	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Kieckhefer.Ben.115.jpg	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://momentjs.com/guides/#/warnings/zone/	init[1].js0.2.dr	false		high
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Kramer.Al.342.jpg	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://www.arcgis.com/apps/webappviewer/index.html?id=9c2cd4575624417fa56fd084a7ee4dd9PWho	{E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://twitter.com/mozilla	firefox[1].htm.2.dr	false		high
https://bugzilla.mozilla.org/show_bug.cgi?id=1122305#c8	firefox[1].htm.2.dr	false		high
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District7_	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://devext.arcgis.com	main[1].js.2.dr, init[1].js0.2.dr	false		high
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Torres.Selena.359.jpg	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District21.p	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/MonroeMoreno.Daniele.307.jpg	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District9.	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District6.pd	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Fumo.Ozzie.320.jpg	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
http://search.leg.state.nv.us/Register/Register.html	11M21SCR.htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District6_	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District17.p	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
https://www.microsoft.	{E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://github.com/twbs/bootstrap/blob/master/LICENSE)	bootstrap3.3.6.min[1].css.2.dr	false		high
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Titus.Robin.281.jpg	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Harris.Dallas.370.jpg	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
https://www.feedbackify.com/in	f[1].js.2.dr	false	Avira URL Cloud: safe	unknown
http://leg.state.nv.us/Session/80th2019/legislators/Senators/Images/Ohrenschall.James.67.jpg	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
https://www.arcgis.com	info[2].txt.2.dr	false		high
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District8.	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://qaext.arcgis.com/sharing/generateToken	init[1].js0.2.dr	false		high
https://www.arcgis.com/sharing/rest/content/items/de26a3cf4cc9451298ea173c4b324736/resources/styles/	init[1].js0.2.dr	false		high
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District16_1	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://momentjs.com/guides/#/warnings/min-max/	init[1].js0.2.dr	false		high
http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/15	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://www.arcgis.com/apps/webappviewer/index.ht.com/community/gis/web-gis/arcgihis	{E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Senate/SEN2011_District5.pd	results[1].pbf2.2.dr	false	Avira URL Cloud: safe	unknown
http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/14	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District1_	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
http://leg.state.nv.us/Session/80th2019/legislators/Assembly/Images/Flores.Edgar.273.jpg	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/13	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/12	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/11	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://js.arcgis.com/	env[1].js.2.dr	false		high
http://www.leg.state.nv.us/App/Legislator/A/Assembly/Current/10	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://www.wikidata.org/wiki/Q64829394	firefox[1].htm.2.dr	false		high
https://www.arcgis.com/sharing/rest/content/items/63c47b7177f946b49902c24129b87252/resources/styles/	init[1].js0.2.dr	false		high
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District29	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District28	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://www.arcgis.com/sharing/rest/content/items/7dc6cea0b1764a1f9af2e679f642f0f5/resources/styles/	init[1].js0.2.dr	false		high
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District25	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://support.mozilla.org/en-US/products/firefox-lockwise	firefox[1].htm.2.dr	false		high
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District24	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leg.state.nv.us/Division/Research/Districts/Reapp/2011/Final/Assembly/ASM2011_District27	results[1].pbf1.2.dr	false	Avira URL Cloud: safe	unknown

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
64.161.36.133	unknown	United States	7132	SBIS-ASUS	false
44.236.72.93	unknown	United States	16509	AMAZON-02US	false
34.199.206.244	unknown	United States	14618	AMAZON-AESUS	false
52.45.157.204	unknown	United States	14618	AMAZON-AESUS	false
13.224.94.97	unknown	United States	16509	AMAZON-02US	false
13.224.94.33	unknown	United States	16509	AMAZON-02US	false
13.224.96.162	unknown	United States	16509	AMAZON-02US	false
208.75.122.11	unknown	United States	40444	ASN-CCUS	false
13.224.94.80	unknown	United States	16509	AMAZON-02US	false
35.170.25.135	unknown	United States	14618	AMAZON-AESUS	false
146.88.138.51	unknown	United States	33438	HIGHWINDS2US	false

General Information

Joe Sandbox Version:	31.0.0 Emerald
Analysis ID:	358591
Start date:	25.02.2021
Start time:	21:59:27
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 6m 51s
Hypervisor based Inspection enabled:	false
Report type:	light
Cookbook file name:	browseurl.jbs
Sample URL:	http://r20.rs6.net/tn.jsp?f=001FNPhO8JDr7HCJr8INyeXtPzVPB_9TnVM6pP7y7CfaaqmWzT9strdCERa46BFE5WmzBvG_-57KlB6XVbs1owZ3Vk5-ZM5bNWqtQyqMZVXU_YOfpRgaTIEgS5_O8TC-oYewYUcbLPLxA6PnzI-lJrcqZojiqxyi4x6xW2FKgFGuFQYgZS5ORdxLfrTbgJIF_X4iCcIqg_eYvbRhLSAzQ8u0fT-Bt6XMp1CwVPqZR2KhX8fbYYg8MLTxg==&c=N3CwdpETm6KpZ0q8dumak3CkrZj3BDY6YRoESKDjeo2I_MFrthNZvQ==&ch=bMPvn-rzOdnBp9mViKRNQAQZxlnmEFS5R2EozweW-3APKvk8Dkcpfw==
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	13
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@3/397@16/11
Cookbook Comments:	Adjust boot time Enable AMSI Browsing link: https://www.leg.state.nv.us/ Browsing link: https://www.arcgis.com/apps/webappviewer/ Browsing link: https://www.mozilla.org/firefox/ Browsing link: https://www.apple.com/safari/ Browsing link: https://www.microsoft.com/edge/ Browsing link: https://community.esri.com/community/gis/web-gis/arcgisonline Browsing link: https://www.microsoft.com/edge
Warnings:	Show All Exclude process from analysis (whitelisted): taskhostw.exe, MpCmdRun.exe, ielowutil.exe, SgrmBroker.exe, conhost.exe, svchost.exe TCP Packets have been reduced to 100 Created / dropped Files have been reduced to 100 Excluded IPs from analysis (whitelisted): 52.147.198.201, 204.79.197.200, 13.107.21.200, 93.184.220.29, 104.43.139.144, 52.255.188.83, 88.221.62.148, 168.61.161.212, 2.19.75.241, 184.30.20.56, 104.18.22.52, 104.18.23.52, 172.64.202.28, 172.64.203.28, 152.199.19.161, 104.18.165.34, 104.18.164.34, 142.250.186.136, 142.250.185.174, 23.218.208.211, 2.20.142.210, 2.20.142.209 Excluded domains from analysis (whitelisted): www.apple.com.edgekey.net.globalredir.akadns.net, au.download.windowsupdate.com.edgesuite.net, cs9.wac.phicdn.net, ka-f.fontawesome.com.cdn.cloudflare.net, www.mozilla.org.cdn.cloudflare.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, www.apple.com, e2603.x.akamaiedge.net, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, go.microsoft.com, ocsp.digicert.com, www.googletagmanager.com, www-bing-com.dual-a-0001.a-msedge.net, audownload.windowsupdate.nsatc.net, watson.telemetry.microsoft.com, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, www.google-analytics.com, www.bing.com, kit.fontawesome.com.cdn.cloudflare.net, fs.microsoft.com, www-google-analytics.l.google.com, e6858.dsce9.akamaiedge.net, dual-a-0001.a-msedge.net, ie9comview.vo.msecnd.net, www-googletagmanager.l.google.com, skypedataprdcolcus17.cloudapp.net, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, skypedataprdcolcus16.cloudapp.net, a767.dscg3.akamai.net, skypedataprdcoleus16.cloudapp.net, skypedataprdcoleus17.cloudapp.net, a-0001.a-afdentry.net.trafficmanager.net, wildcard.arcgisonline.com.edgekey.net, blobcollector.events.data.trafficmanager.net, go.microsoft.com.edgekey.net, www.apple.com.edgekey.net, www.mozilla.org, cs9.wpc.v0cdn.net Report size getting too big, too many NtCreateFile calls found. Report size getting too big, too many NtDeviceIoControlFile calls found. Report size getting too big, too many NtWriteFile calls found. VT rate limit hit for: http://r20.rs6.net/tn.jsp?f=001FNPhO8JDr7HCJr8INyeXtPzVPB_9TnVM6pP7y7CfaaqmWzT9strdCERa46BFE5WmzBvG_-57KlB6XVbs1owZ3Vk5-ZM5bNWqtQyqMZVXU_YOfpRgaTIEgS5_O8TC-oYewYUcbLPLxA6PnzI-lJrcqZojiqxyi4x6xW2FKgFGuFQYgZS5ORdxLfrTbgJIF_X4iCcIqg_eYvbRhLSAzQ8u0fT-Bt6XMp1CwVPqZR2KhX8fbYYg8MLTxg==&c=N3CwdpETm6KpZ0q8dumak3CkrZj3BDY6YRoESKDjeo2I_MFrthNZvQ==&ch=bMPvn-rzOdnBp9mViKRNQAQZxlnmEFS5R2EozweW-3APKvk8Dkcpfw==

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DURNCK2N\www.arcgis[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	281
Entropy (8bit):	4.37924756229483
Encrypted:	false
SSDEEP:	6:JFK1rFK1rFK1rUF6W3XJqqwPW3XTR3wXH3IQVF1rFK1rUF6W3XJqqwPW3XTR3w+0:JsrsrsrUAWp72W93CIQprsrUAWp72W9k
MD5:	B4D6177663419403A80CFA02D155CCFA
SHA1:	3E1414177D20F681A8F8E606A7B60DB56BE36812
SHA-256:	BAE543195FF1136FBBB75A6E0C064FF8D09806E8717FC501A6BAB307E1C1A1DD
SHA-512:	97D6CEFDE1CC184FA88F00EB91B1DE462021B78A3AF82C2DC09B0E55393C30D7F2D461316A06C0F03F71A3376A8282C18B1B8D268C4BB58E1F6E4B5878D0B13C
Malicious:	false
Reputation:	low
Preview:	<root></root><root></root><root></root><root><item name="__storejs__test__" value="__storejs__test__" ltime="3239108528" htime="30870532" /></root><root></root><root><item name="__storejs__test__" value="__storejs__test__" ltime="3239268528" htime="30870532" /></root><root></root>

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\QALADACS\www.apple[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	476
Entropy (8bit):	5.0745993278759185
Encrypted:	false
SSDEEP:	12:JsrsrUCoMQsKrqtjcREdAOlEt/UCKB83fiKdaER49gIQn:W0U2QsKMWMf+UCKB83fpdaEcLQn
MD5:	4BA470E337BC3ABDFC51618F0FD45BE1
SHA1:	7CE5B8A1F2868A7914F61CE764D327AFD02D2DE5
SHA-256:	91BFA57075D4A70703ED2C9BB98A18BA41495E6593C23A9B1718AECB7A1C5F01
SHA-512:	0BA921C096DF47027A50A7027B5AC3C90F67F3DA97086B036443E0F547E32989636BAB957D920828465C9A4DB795612F0E956B071325BC1C08F0AD828CF19956
Malicious:	false
Reputation:	low
Preview:	<root></root><root></root><root><item name="ac-storage-ac-store-cache" value="{"e":3739,"v":{"ttl":1614319446123,"items":0,"cn":null,"api":{"flyout":"/%5Bstorefront%5D/shop/bag/flyout","addToBag":"/%5Bstorefront%5D/shop/bag/add?product=%5Bpart%5D"},"key":"SFX9YPYY9PPXCU9KH","sfLoc":"us"}}" ltime="3325478528" htime="30870532" /></root>

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E9FCFDE7-77F7-11EB-90E5-ECF4BB570DC9}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	30296
Entropy (8bit):	1.85500540720058
Encrypted:	false
SSDEEP:	96:reZyTZB2nW7t2bf/I/KMxnqGNQOxfeIm6X:reZyTZB2nW7t2f/RM8RQfeMX
MD5:	0E9B6C3EF629598FA12E8CC2BA0DA336
SHA1:	BD6C3FC9AADE0E8A98B8F54C7953A620BDB8930D
SHA-256:	73223DD8204CD3DE7D149009FD19720A3ED5988C1F5DACDCFE7BE51354017969
SHA-512:	BA1F4593E4893ACC477EFD84254F3E1E95CB61F7D492E34D78714702A99BC1AC745BE0A4FD66B89C045DE0CA976655450883DE4CE0E5AD2E3C559BA9ABC96F0B
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E9FCFDE9-77F7-11EB-90E5-ECF4BB570DC9}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	148304
Entropy (8bit):	2.4538266702408937
Encrypted:	false
SSDEEP:	768:f2lZib3cyBRkmrkMkqrfykrO/NMol1sw0bNOaC+:f3/NXC+
MD5:	05E8CA2F74345BDB204F96EEDDCEDB63
SHA1:	DEFF74B9621D415FF078F3A552BE8527D627B8C9
SHA-256:	54109E300065D0E1DFC677AF60D4840F5C7AFF40482903991822B87C05A7A736
SHA-512:	747EEF01955EBFD48FC8FB506F52658491ED5B8BF2EC1037C5CDD7A545D61A88AC856E9F13155B9C159C5330A2D0A9B8225CF049C9C93185FA4ABCA6B927C600
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F0697D1D-77F7-11EB-90E5-ECF4BB570DC9}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	16984
Entropy (8bit):	1.5647974577852741
Encrypted:	false
SSDEEP:	48:Iww1GcprCOZGwpa9G4pQzGrapbSTGQpKi5G7HpRETGIpG:rWZBTQ/6XBStAiYTAA
MD5:	18A8300B7A16C57D381D847DE67D3660
SHA1:	91DEFBEDB3BAC6C0BAE527292A6CCD613F67FA2D
SHA-256:	E58CA88FD803D04C221C2BFB44F73926C5C68DA6E0E67DE31E63288106502F8C
SHA-512:	2B33E8883DC6918D5A2040925C9FC63FB7D8A1A63C28E74D6B608FA4587E350C6FFE885EB1B5DFCB8184E3747F965CE4D7392033FE4DBC08B7BB5F698BF6175D
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\dikxvqf\imagestore.dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	36494
Entropy (8bit):	4.495609163475742
Encrypted:	false
SSDEEP:	384:mu6559MHXMQd6/vXOULSWzHOK4gEw9jEp+r:459M39g+kuWvjNr
MD5:	C6B3CC3F25DF4ABEE91A3AC861493B89
SHA1:	B215126696554C7DC8F70C80E2D7FCA65CB5CCCC
SHA-256:	CB7D1EF2025F8A986AD10F481219C36DF5AD243E7A208D2B9525664ED64838FE
SHA-512:	818B090343D81D3EF87F024E295D16B9B1D0A858E8F43CE53F84B10C7B973A09E023BC8511066ED59155C6957A814788680E2678AC10E9C3444F9F9705DEB57A
Malicious:	false
Reputation:	low
Preview:	<.h.t.t.p.s.:././.w.w.w...a.r.c.g.i.s...c.o.m./.a.p.p.s./.w.e.b.a.p.p.v.i.e.w.e.r./.i.m.a.g.e.s./.s.h.o.r.t.c.u.t...i.c.o.~............... .h.......(....... ..... .....@.....................................#...S.............\..........................3...'4...p................................s...#..............+...&..."...#...p......................................1....../ .....&...O......p..............w........................./ ..-...)......,...A... ..Q...............T............... ../ ..1...+...O..........<...........q..........-............ ..7 ..4.............P.......m...k......\......<...G......."..7 ..8...1..........1...h...........^..4......*......2...$..? ..;...4.........4...]...........V......).........-...#..? ..>...7.........8.....I..L...'..[...........~........"..G ..B...:.........=...[..F..O..............i...'........ ..G ..E...>.........I....................7...%...&...".... ..K...I...C...T.........;...x......Q.../.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\10[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, frames 3
Category:	downloaded
Size (bytes):	22681
Entropy (8bit):	7.963971616476937
Encrypted:	false
SSDEEP:	384:6wWreMletGstmZCJZF719nL/yLTv19JVgfL+Lxh9XkXvhvqdJ2syhfFUOz81Occw:65reMlUmMJf1dTyLTvV+L+LxAvEAvFUX
MD5:	896843A12D2955760BD465DE1B92268B
SHA1:	CECDDF9C049714A39FCB83BB2A2C388D6B33CD87
SHA-256:	FAC6B2D0835B2753BE9FBA2705446615EA5E9049AFE1610CE38F0E004C903D21
SHA-512:	E5F69C159E0F7FA0EBB5F7394482AAA38E779F8627FB12E3FFED72149FA73630BDF9C8430D9E72FD729936E2EF0A5FD1E5C8F4645E695F99FF1D2EDE6EE32EB9
Malicious:	false
Reputation:	low
IE Cache URL:	https://server.arcgisonline.com/ArcGIS/rest/services/World_Street_Map/MapServer/tile/6/23/10
Preview:	......JFIF.....`.`.....C....................................................................C.........................................................................................................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..........27t...N.;...v.k....u.G......+.%..WQ.F..t...2WF..V."w.2..DM.f..={...k.SZ&..FR.(.v...~.\|8.e..?U.4.\|5..^]kk....-.;.mk#4../+....$..#=.}.J3w.........7.9?.?..%...^+.......k.l......gq.].d............UJ.p.8$..~`.5.].K.z....[k.NM>....X.V..i..#.Tr<...\|.J.YClr..omM..b....~..".~..:R..5.~._i.[.F..".o.....F>.A.....Q,E.v._wQ.`.o.Z@.H.C....u..g.'9.W.V......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\11[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, frames 3
Category:	downloaded
Size (bytes):	21569
Entropy (8bit):	7.95855331683852
Encrypted:	false
SSDEEP:	384:6Rg0sKUoP5ewZLVFcThcGG5OlTIyOBbuNg/6y8Nw3dwfKJBi/b/bYA1Eh:6RefCe0V4Sz5OlTIBIi6y8wtHJu/bYW+
MD5:	692360FE67EDD072BB3F7C81A3B79EB3
SHA1:	A0A7040347A6E4DD76777E5F8A7177AF351DCE30
SHA-256:	6E6F45D813B47C2A71A55E4BBC9F22D69B82DACF51AF0C062B57BC238D52F399
SHA-512:	A6FA91A5DE9372F8CF193157636508296D6359381E5710D5D4767E71114798E6F611CB3F8138C8833E63EAF2A4BFBDAD3CC11F3D72A27F855FE396C6D2F679E1
Malicious:	false
Reputation:	low
IE Cache URL:	https://server.arcgisonline.com/ArcGIS/rest/services/World_Street_Map/MapServer/tile/6/23/11
Preview:	......JFIF.....`.`.....C....................................................................C.........................................................................................................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?......k..6r....?...6...>.f..X....U..\|.@0.:d.:..;Wd4V.u.W..[K_._!e...s6.0........%'tr..s..N.l..$....#".......U.u=.q.bHV..Y2.s...8\...-.....s,%..\|..Fl..:..>....n......p<....I._...QX4..T./....h.....QIb:.r..}y..T.....=..?..W..A.t_n...l#*.!{.`.........BZ...........l......c.h..v...n.-.n...}...A.?Q..+Q.z.{.r7JR5..yfO.q..N.g".N....,....@..yM.#.-....<w...&....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\12[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, frames 3
Category:	downloaded
Size (bytes):	24143
Entropy (8bit):	7.960817538072894
Encrypted:	false
SSDEEP:	384:6TLi3loPO1M3OspZt3A0y91FRI6G4HMh4ch1s/f7/xSYhhaXx4nMx4EZXa9qYrTh:6feoKGOspr3Ar9K4HMhJ1s/f7/xVjyO5
MD5:	EB2BD0ED1023FDAFC08E134D6503E9A1
SHA1:	F1B9887E1954617EED555D69B4F654381E67AAD4
SHA-256:	4EF3F760035A567409D0452A6AD53A9AC98FED02CA69B7EDD119AEA92CF0D9A9
SHA-512:	A58EC78536B6882174C71FF8618655E3F2261E7E41D59C1EC62F0F158691A2E331202D0570332EBC38AE89DD8498873E6DF5C55C26225437908FB8FA19B2D87C
Malicious:	false
Reputation:	low
IE Cache URL:	https://server.arcgisonline.com/ArcGIS/rest/services/World_Street_Map/MapServer/tile/6/23/12
Preview:	......JFIF.....`.`.....C....................................................................C.........................................................................................................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.....a..`...2c.....;..-.${..../..e...l&G^H.~u..,lL......5..%.UQ2...'.\om...gt..<...x....Q.}k...._W.......k.}.E./.be...9...}..)s......;l..8A,.),.}....s.qY.C..W.H...I9....Q~...T.[.......#D.....\....9.t*:]..4..k..........x .;I.nF?..F..O........ig.... .,.;zq.9..z5....j.{..~i...9...\........&TK......c.._.....y..a5.....]....?...u.G..O..M.. pO9<......TFZkri

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\13[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, frames 3
Category:	downloaded
Size (bytes):	18806
Entropy (8bit):	7.934921054313212
Encrypted:	false
SSDEEP:	384:69w+8bM2aTTgXKEkcmX8ncahnnreSGgz0edwd7S7xtqvl3f:6gM2ITg6EkcmscahnnreSzdRTqvl3f
MD5:	922ED7B588BA8D2A01E68FC6FA2B2038
SHA1:	9000E1E4267D70D9173B6F52C4744153192BB079
SHA-256:	F42F8B732D0289D35529449AB424E1547BABAF78D4A13EABD1D2B6F96EF26D96
SHA-512:	133ADCFC2BE07A53F8364820C18F4C90063156EDA5879F19682FCB639C5E146365A5226DA1049D651E0836B5CF144CF5170AD7A85D31921B7A7278740EDBEA0E
Malicious:	false
Reputation:	low
IE Cache URL:	https://services.arcgisonline.com/ArcGIS/rest/services/World_Street_Map/MapServer/tile/6/24/13
Preview:	......JFIF.....`.`.....C....................................................................C.........................................................................................................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..........3........hy-.J.1 2......].a.7..5...C.......U.K....binlc.Iv...n......Zr...z.....(...)@p$Rz...+..]...f...Y.../....t.Jq.4n..2..x.%.q.m...wRMZ.\|..Gi.....=.l.{..E.q..CN.n:y..?:.\|....J.U.......k[..u$Zn.qv..8.iH...<......u&.......i.....D.c......qVI1..../.(..sL.x...?*v..%.\|..J.P.......Bn.Q.q@.b.."..R..!...~T.x.N.@?Jv.........}....&.....I8.UF2

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\14[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, frames 3
Category:	downloaded
Size (bytes):	19776
Entropy (8bit):	7.95353810857605
Encrypted:	false
SSDEEP:	384:6+6eiQyRy4p1zv6+9N9OLZ/y23QJ9Cwe2UCU8eDpL6dtXPW12J1HvdEz:6WP4Vi+9N9OLsgvhCsW526HQ
MD5:	C57A133769C6C65279CD0686A7825D4A
SHA1:	44794FE00D5D265D0B50AD869B18F093CE936892
SHA-256:	998C932AA6DFD85806E6DF5C06F9CC7909850931E0FD706E20AF925C9FABA762
SHA-512:	431270485D15C0AE9F95332D93F61151E894852F93D998A4B74CA426C65EFA477FCA924EF5A2705A592AF09E234EE305A1234E12A875A9673B6D4F989FB7F273
Malicious:	false
Reputation:	low
IE Cache URL:	https://server.arcgisonline.com/ArcGIS/rest/services/World_Street_Map/MapServer/tile/6/25/14
Preview:	......JFIF.....`.`.....C....................................................................C.........................................................................................................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...>).=t.C..!...u.........).....E....zV.....B..U...B....-....;.........g...J=K....Yw..........?./.8.._.]...........bZ.............>+......=.....E..j...z...h...cr..qI.;...)....q@.<..h...R@'.....IPq..i-@p.\|S.....(....H.........Z`e.g.:...Y]...I....q...._........h...0.`..9X-.9.....P....+........z..J.]..Q....J-=.Z...~..q..d*..A.<c...W<U)..G.[.~...N..cj.v.i..O

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\3a42a252-67ff-4186-88cf-762f56719ca1[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 33492, version 1.0
Category:	downloaded
Size (bytes):	33492
Entropy (8bit):	7.988120939904732
Encrypted:	false
SSDEEP:	768:VpBB5lkJR+39V4mGXy9iPwbpS7r4r0TeTFRT35StXN0SC:Hh39mvXy9iAEor0Te535ZSC
MD5:	C534DE4C92BEBEE3F678DEFBC9B85EED
SHA1:	332BCFD3CB244F2BFBBCD525ED3EADB7D38C8957
SHA-256:	22444383046608AF28AF03E3CB9DFB889EB03FFD85705EF6B99103B342949F1A
SHA-512:	3239B8DEC8F1980382EEE7C086E81AAA1648FE897B7ED2BD5AB37EF24E669041293A22A971F196C3B90AEDEAACD391823D55056976747D0A67F9CBD533F47DD9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/jimu.js/css/fonts/avenir-next/3a42a252-67ff-4186-88cf-762f56719ca1.woff
Preview:	wOFF..............,,......{........y........GPOS...l...f.."....OS/2.......V...`f%{.VDMX...,........n.v-cmap...........t....cvt .......O........fpgm.......+...P...gasp...0............glyf...8..U.......3.head..j....6...6...ghhea..k.... ...$....hmtx..k4.........JIOloca..n...........9.maxp..q.... ... ....name..r..........5.`post..z........ ...2prep..z......../..[.x..yl\W...g..x..L.&^.%..=..:N..iK..omM....$.%..K.......*)m#(&.J...V.R...@1..l..#..`Be!=....{l...L.....;w...........y.......j..x..h.=2T.....V...M.W........,...Wq.).5..r.iH....:M...5..G.^V.u&LM.Y....^.M.;.K.6.V..N... ....F.G1.3x...+..t...p........B..8....I.......q.5-.I..9.s..qk.5.Z3..jj..tJ.L..,.......m.akq....EJ....\.;....u.D.....;..{.$.=..ik.Z....5.V....,G..q...%uIh..\|....&..Y.!.."W.kxp=...-..p.0G'/+)}..m.9..9.h...D7z.rO..8.C...}p5..\.:#Z...p.n.....%V.`.o..a.O..h....k..a]q.z..f...:Q.\|..,.....Sz...[.W..:....=.....5..B..O7.l.NT.b..9.......+..d..fd.NSzeGS..8.@MR.....3Z.k].h..=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\9[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, frames 3
Category:	downloaded
Size (bytes):	9939
Entropy (8bit):	7.8854759094753
Encrypted:	false
SSDEEP:	192:6b/Lsu2AC7X97dCAYUFxiM8Re2tI7iMsZAvA/rKssK/8bGXVBIC:6bCRXyABRsZA5ssK//XVL
MD5:	055C60EAE891281D38BDC1919AEDD2E4
SHA1:	0B79951D0D010ECFA6243BE7F9DAAA8781FCC241
SHA-256:	68F1424B3B1A7170A20E5E929371A69A4AA14C67B861692CEEF685B5A4DB6ECF
SHA-512:	182AED1A54F86FD0E24BBC887C78E9ABF33AFAF148B4164CD5E6E3E24CEB076EDEE87D48423131F6234027A8D9081A9363DEB218418F20F6A2474874BBBFDA84
Malicious:	false
Reputation:	low
IE Cache URL:	https://server.arcgisonline.com/ArcGIS/rest/services/World_Street_Map/MapServer/tile/6/23/9
Preview:	......JFIF.....`.`.....C....................................................................C.........................................................................................................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..b....(......(......B..LB....!...Mv%..H......(......(...F..[......<...rp...{...BxU]..Fz..P.5.M.6.....bu-...(......V5..6....\.Q.x....C..i.LX...\.}pk.T...6.2.a...h....._,w.5.q..P.@....P.@....P.@.y.:/v..-.>.A@....P.@....P.@..k[...e.W..sK}....e.F@.0....W7...z.:B.....(.i7mF...."....rI.;....%IG3....w{T2.$K..2..\|.\|~mQJ.".z.x...&c..0F...?L...:...:.o?3..(......(.....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\VersionManager[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with CRLF, CR, LF line terminators
Category:	downloaded
Size (bytes):	1376
Entropy (8bit):	4.956258183311072
Encrypted:	false
SSDEEP:	24:HyUwv9HoK10T93893V93+93v934934193z93R9Bo93P393O93l93M93j93S93J3m:HyU+HoKmTt8tVt+tvt4t41tztRPotP3p
MD5:	72405DD9095599A665AB6B332FB7BF41
SHA1:	1B15947E25605F2350BB8355680D300CB91B224B
SHA-256:	1CD4782DA3D7F1331341D5464F8177204E044B4743A5929FA1BA8C7AC57C7AD1
SHA-512:	180B44844239656992843662F8A7042B59305197CBB3EC7753E6E824A9A01B161C10D7377774B94F90CE03191B2DEFB720DB838D895E0A5F5550B307F4172BCA
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/widgets/Scalebar/VersionManager.js?wab_dv=2.19
Preview:	// All material copyright ESRI, All Rights Reserved, unless otherwise specified...// See http://js.arcgis.com/3.15/esri/copyright.txt and http://www.arcgis.com/apps/webappbuilder/copyright.txt for details....//>>built.define(["jimu/shared/BaseVersionManager"],function(c){function b(){this.versions=[{version:"1.0",upgrader:function(a){return a}},{version:"1.1",upgrader:function(a){return a}},{version:"1.2",upgrader:function(a){return a}},{version:"1.3",upgrader:function(a){return a}},{version:"1.4",upgrader:function(a){return a}},{version:"2.0Beta",upgrader:function(a){return a}},{version:"2.0",upgrader:function(a){return a}},{version:"2.0.1",upgrader:function(a){return a}},{version:"2.1",upgrader:function(a){return a}},.{version:"2.2",upgrader:function(a){return a}},{version:"2.3",upgrader:function(a){return a}},{version:"2.4",upgrader:function(a){return a}},{version:"2.5",upgrader:function(a){return a}},{version:"2.6",upgrader:function(a){return a}},{version:"2.7",upgrader:function(a)

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\VersionManager[2].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with CRLF, CR, LF line terminators
Category:	downloaded
Size (bytes):	1373
Entropy (8bit):	4.9532223316581465
Encrypted:	false
SSDEEP:	24:HyUwv9HoK10T93893V93+93v934934193z93R9Bo93P393O93l93M93j93S93J3c:HyU+HoKmTt8tVt+tvt4t41tztRPotP3N
MD5:	F383F36A6B7336CC6150FF6C302E21E7
SHA1:	62EDCBB10BD484CF8E7F40300646AE15C3B31DD0
SHA-256:	295D4EA551088A954778362BC4960E984904604DB17DBA633A6C2D6AB4ADCB9D
SHA-512:	4AD353B76BB8897473F85798E1195946AA699450A367DE395DA2F566737D42E4708EE23C05BC01D84B205CC3790CB317EF3B4B9B4E5D701FC21A7458F66E727C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/widgets/OverviewMap/VersionManager.js?wab_dv=2.19
Preview:	// All material copyright ESRI, All Rights Reserved, unless otherwise specified...// See http://js.arcgis.com/3.15/esri/copyright.txt and http://www.arcgis.com/apps/webappbuilder/copyright.txt for details....//>>built.define(["jimu/shared/BaseVersionManager"],function(c){function b(){this.versions=[{version:"1.0",upgrader:function(a){return a}},{version:"1.1",upgrader:function(a){return a}},{version:"1.2",upgrader:function(a){return a}},{version:"1.3",upgrader:function(a){return a}},{version:"1.4",upgrader:function(a){return a}},{version:"2.0Beta",upgrader:function(a){return a}},{version:"2.0",upgrader:function(a){return a}},{version:"2.0.1",upgrader:function(a){return a}},{version:"2.1",upgrader:function(a){return a}},.{version:"2.2",upgrader:function(a){return a}},{version:"2.3",upgrader:function(a){return a}},{version:"2.4",upgrader:function(a){return a}},{version:"2.5",upgrader:function(a){return a}},{version:"2.6",upgrader:function(a){return a}},{version:"2.7",upgrader:function(a)

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\VersionManager[3].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with CRLF, CR, LF line terminators
Category:	downloaded
Size (bytes):	2463
Entropy (8bit):	5.262502416508214
Encrypted:	false
SSDEEP:	48:HyU+HoKDTt8PCteVt+tvt4t41tzPRjotP3tOtllXidc3HerkDR4tgRMFsG:HyUUx6Cte/0V64f7FqlE3Uc3+ry4GRjG
MD5:	01A895DB47E11956BEA5C643A792DC4D
SHA1:	1B3A19C0B8313ADA656C381D1FFDB24DDDCB7BE6
SHA-256:	2F4F36FE27A4C734C11D98B3A13DBFB225759B551C3F9E7702B6D1EA28C386EB
SHA-512:	E4F0A77A4D32F4834F65E6A0E85D17CC4CDF9E735D3CCF8AD212E64398CE157C1F747188E55017588A3DF01B7153CE78A654992AEF2C40126F433937A3EA2F6B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/widgets/Chart/VersionManager.js?wab_dv=2.19
Preview:	// All material copyright ESRI, All Rights Reserved, unless otherwise specified...// See http://js.arcgis.com/3.15/esri/copyright.txt and http://www.arcgis.com/apps/webappbuilder/copyright.txt for details....//>>built.define(["jimu/shared/BaseVersionManager"],function(k){function e(){this.versions=[{version:"1.0",upgrader:function(b){return b}},{version:"1.1",upgrader:function(b){for(var a=null,c=null,d=null,f=null,h="#5d9cd3 #eb7b3a #a5a5a5 #febf29 #4673c2 #72ad4c".split(" "),g=0;g<b.charts.length;g++)a=b.charts[g],f=a.mode,c=a.types,d=a.colors,delete a.types,delete a.colors,d="feature"===f\|\|"category"===f?1===a.valueFields.length?[d[0]]:h:[d[0]],0<=c.indexOf("column")&&(a.column={horizontalAxis:!0,verticalAxis:!0,.colors:d}),0<=c.indexOf("bar")&&(a.bar={horizontalAxis:!0,verticalAxis:!0,colors:d}),0<=c.indexOf("line")&&(a.line={horizontalAxis:!0,verticalAxis:!0,colors:d}),0<=c.indexOf("pie")&&(a.pie={label:!0,colors:h});return b}},{version:"1.2",upgrader:function(b){return b}},{versi

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\VersionManager[4].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with CRLF, CR, LF line terminators
Category:	downloaded
Size (bytes):	1436
Entropy (8bit):	5.0488673932323795
Encrypted:	false
SSDEEP:	24:HyUwv9HoK1dT93893V93+93v934934193z93R9OOULCHFpo9gKYP393O93l93M9Q:HyU+HoKbTt8tVt+tvt4t41tztRsCHFpq
MD5:	4B4A8058AA8B37EDEDDBF4B3C958A32A
SHA1:	AA481268EF3D2BC138C1DE5045EA420CDAFE245F
SHA-256:	81E49AF9EC75975632A25393184BD2DC68E57CC633A4B9BF22B61A29FD087F76
SHA-512:	2651C5377FB5FE376309C8726E4D56E52721C9C220CD067FA021A1A2C2ED6D8C87918E3886B153E1E1FD9963B0FDE0942FAF82E80639610092EFD08A2CD3DD1E
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/widgets/Edit/VersionManager.js?wab_dv=2.19
Preview:	// All material copyright ESRI, All Rights Reserved, unless otherwise specified...// See http://js.arcgis.com/3.15/esri/copyright.txt and http://www.arcgis.com/apps/webappbuilder/copyright.txt for details....//>>built.define(["jimu/shared/BaseVersionManager"],function(f){function d(){this.versions=[{version:"1.0",upgrader:function(a){return a}},{version:"1.1",upgrader:function(a){return a}},{version:"1.2",upgrader:function(a){return a}},{version:"1.3",upgrader:function(a){return a}},{version:"1.4",upgrader:function(a){return a}},{version:"2.0Beta",upgrader:function(a){return a}},{version:"2.0",upgrader:function(a){return a}},{version:"2.0.1",upgrader:function(a){return a}},{version:"2.1",upgrader:function(a){a.editor.snappingTolerance=.15;a.editor.popupTolerance=5;a.editor.stickyMoveTolerance=0;return a}},{version:"2.2",upgrader:function(a){a.editor.tableInfos=[];return a}},{version:"2.3",upgrader:function(a){return a}},{version:"2.4",upgrader:function(a){return a}},{version:"2.5",upgr

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\Widget[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with CRLF, CR, LF line terminators
Category:	downloaded
Size (bytes):	612778
Entropy (8bit):	5.430820679036214
Encrypted:	false
SSDEEP:	6144:KMvjSviyRKrN1I0UFzp7OsLYIoDy6uMDKMJPx6vrzkvD/aeZpZsVjGg+pGLcdA:CviyIwUJPcXivdA
MD5:	9D65C12B8B5EDD8BB1C14D08D66AD027
SHA1:	82B4A9DFAADFA1679AF16D74A0DCA2E4BD6EC5E9
SHA-256:	ABA700961B3124F0BDF1EFAB639DC37B507AB98C713939B14DF8A63339EAC5AC
SHA-512:	50A0C503AFED240DE2FEC3C1D559B40ED0E5977CAC0EAE42C46392787823702E8D39854C594A953D4D5F4CB0470A3334F0148AC01291FCBDB6246F6F1599CFA0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/widgets/NearMe/Widget.js?wab_dv=2.19
Preview:	// All material copyright ESRI, All Rights Reserved, unless otherwise specified...// See http://js.arcgis.com/3.15/esri/copyright.txt and http://www.arcgis.com/apps/webappbuilder/copyright.txt for details....//>>built.require({cache:{"widgets/NearMe/utils":function(){define(["dojo/_base/declare","dijit/_WidgetBase","dojo/_base/array","dojo/_base/lang"],function(V,W,r,Q){return V([W],{map:null,postCreate:function(){},getLayerDetailsFromMap:function(X,R,H){var y={},e;this.map&&this.map.webMapResponse&&this.map.webMapResponse.itemInfo&&this.map.webMapResponse.itemInfo.itemData&&this.map.webMapResponse.itemInfo.itemData.operationalLayers&&r.forEach(this.map.webMapResponse.itemInfo.itemData.operationalLayers,Q.hitch(this,.function(g){g.layerObject&&("ArcGISMapServiceLayer"===g.layerType\|\|"ArcGISTiledMapServiceLayer"===g.layerType?(e=H&&H.substring(0,H.lastIndexOf("_")),e&&g.id!==e\|\|(y.isMapServer=!0,y.id=g.id+"_"+R,g.visibility&&0<=g.layerObject.visibleLayers.indexOf(parseInt(R,10))?y.visib

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\Widget_en[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF, CR, LF line terminators
Category:	downloaded
Size (bytes):	476
Entropy (8bit):	5.016244279515455
Encrypted:	false
SSDEEP:	12:jBEcHS9Dpx4WUwo+9HMdZ1NmRxo3v49KuJmfce3BvRvYf:HyUwv9HIZ1Nco3vWKupe3BvRvI
MD5:	69C938E75A4F3E09D2EADD92EEEE8627
SHA1:	A3EB0D8456F88EBD764ABF2B700D39625B46A6AB
SHA-256:	73AD82048AF661B4D671960AAC0D345D749DC96B5BA9DD44EE7E5400E7EB1845
SHA-512:	6519F214DF46502C2F3CF79BB790E6382C79F72EF65C50079CC33A05E2EF1318F91BDCD5C6437EC534F1FDA01F3886CF6BEC3C3B052E7C387BEF80E4146E70F0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/themes/FoldableTheme/widgets/HeaderController/nls/Widget_en.js?wab_dv=2.19
Preview:	// All material copyright ESRI, All Rights Reserved, unless otherwise specified...// See http://js.arcgis.com/3.15/esri/copyright.txt and http://www.arcgis.com/apps/webappbuilder/copyright.txt for details....//>>built.define({"themes/FoldableTheme/widgets/HeaderController/nls/strings":{_widgetLabel:"Header Controller",signin:"Sign in",signout:"Sign out",about:"About",signInTo:"Sign in to",cantSignOutTip:"This function is N/A in preview mode.",more:"more",_localized:{}}});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\ac-localnav.built[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	86276
Entropy (8bit):	5.0818814987237175
Encrypted:	false
SSDEEP:	1536:B9MSMLM3lNlAlnD4DVD27xLeH3KZA2ezROt2R6ePA1KfHkLS7xL+HnKlAOePRStR:J
MD5:	EBEBE3887617E35138CA4A9E0CF8BFC5
SHA1:	BBCD1B31B3DA534BB2C6D079617C107C0500009F
SHA-256:	EC3C456061C3B7A275E9FA6BA9D90972970760810876DC3B92BB024F2D67E59F
SHA-512:	D007B5DF1907C1263D32A9C243249AE29F58FCF8B37D5C9052BA3CFED87CFC9EF6C58F294F19DE588B2A439171DD6A361A0A1D468C60A5DA2D79899DB8EA3175
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/ac/localnav/5/styles/ac-localnav.built.css
Preview:	#ac-localnav{font-weight:normal;-webkit-text-size-adjust:100%;-moz-text-size-adjust:100%;-ms-text-size-adjust:100%;text-size-adjust:100%}#ac-localnav,#ac-localnav:before,#ac-localnav:after,#ac-localnav ,#ac-localnav :before,#ac-localnav :after{-webkit-box-sizing:content-box;box-sizing:content-box;margin:0;padding:0;pointer-events:auto;letter-spacing:normal}#ac-localnav ,#ac-localnav :before,#ac-localnav :after{font-size:1em;font-family:inherit;font-weight:inherit;line-height:inherit;text-align:inherit}#ac-localnav article,#ac-localnav aside,#ac-localnav details,#ac-localnav figcaption,#ac-localnav figure,#ac-localnav footer,#ac-localnav header,#ac-localnav nav,#ac-localnav section{display:block}#ac-localnav img{border:0;vertical-align:middle}#ac-localnav ul{list-style:none}#ac-localnav,#ac-localnav input,#ac-localnav textarea,#ac-localnav select,#ac-localnav button{font-synthesis:none;-moz-font-feature-settings:'kern';-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:gra

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\arcgis-html-sanitizer[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	20073
Entropy (8bit):	5.368391737952067
Encrypted:	false
SSDEEP:	384:ip/7vrBeweU6kRj6/liOFtKIwBkPG0V+gD4ZT+OqSqdBDzhFvVtAtzA:oG/HtKIp+goHh0ZzhFEt0
MD5:	A836A588D3B91EAC3C2D6B9D3B186810
SHA1:	F0E2F65F2BFB89C8CADF1A74F5864FAE982903EB
SHA-256:	E2F5D190467DAA809AD8F215D7C8B8E3C9FFFE9B54BB6ABF658907C636E8B6DF
SHA-512:	EAEDD1083ABEFB816120061EBA11819ED58C1D59E2632776A075F3AF75CDEE24822F0CA38730AEC1D30C561A6A80ECFC00EABD0E1108A439731CF8BACAC42A34
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/libs/arcgis-html-sanitizer/arcgis-html-sanitizer.js?wab_dv=2.19
Preview:	//>>built./. @esri/arcgis-html-sanitizer - v2.2.0 - Tue Feb 04 2020 08:00:46 GMT-0500 (Eastern Standard Time). Copyright (c) 2020 - Environmental Systems Research Institute, Inc.. Apache-2.0.. js-xss. Copyright (c) 2012-2017 Zongmin Lei(...) <leizongmin@gmail.com>. http://ucdok.com. MIT License, see https://github.com/leizongmin/js-xss/blob/master/LICENSE for details.. Lodash/isPlainObject. Copyright (c) JS Foundation and other contributors <https://js.foundation/>. MIT License, see https://raw.githubusercontent.com/lodash/lodash/4.17.10-npm/LICENSE for details./.!function(B,y){"object"==typeof exports&&"undefined"!=typeof module?module.exports=y():"function"==typeof define&&define.amd?define(y):(B=B\|\|self).Sanitizer=y()}(this,function(){function B(a,b){return a(b={exports:{}},b.exports),b.exports}function y(){return{"align-content":!1,"align-items":!1,"align-self":!1,"alignment-adjust":!1,"alignment-baseline":!1,all:!1,"anchor-point":!1,animation:!1,"animation-delay":!1,"anima

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\blank[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.322445490340781
Encrypted:	false
SSDEEP:	3:CUdSkL1pse:XSk/se
MD5:	6D22E4F2D2057C6E8D6FAB098E76E80F
SHA1:	B80B11203D97FE01C5597CA3BE70406EA48F5709
SHA-256:	AFE0DCFCA292A0FAE8BCE08A48C14D3E59C9D82C6052AB6D48A22ECC6C48F277
SHA-512:	95DD0E4944B1541A9BE48A60A1A105FCFA0D69DD215ABAA9C1771ADECC5EE0C0FE91D0EB367B6D46A4F8B2E06E6FB962D56DFC1C53F1F62CC8B314710628CB1E
Malicious:	false
Reputation:	low
IE Cache URL:	https://js.arcgis.com/3.35/dojo/resources/blank.gif
Preview:	GIF89a.............!.......,...........L..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\close-white.8557d2773e57[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	215
Entropy (8bit):	4.997017480855836
Encrypted:	false
SSDEEP:	6:tnrwdhC/i3mc4slZs49fhWR6ZSKsKMwmqZUR4RJ:trwdU/i3lzxxMwhUqRJ
MD5:	8557D2773E579A06FD894094A1654CA7
SHA1:	CD9886D5BC4757C771F846D75487B7CBEDD27667
SHA-256:	724FA90BD3F771B1D33E86AD93CBF1853D9A67CAD935FDCA8E3EAAAD00A07E63
SHA-512:	F9FD2696D303034940777F08414F2A8F985F6FAF24E1EB196322727B0F96DDBB79EE38E4C8C02D4725E60C70C7323C1157DCCA4AD4B7A73DA96B0A2E02C88FAC
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/media/protocol/img/icons/close-white.8557d2773e57.svg
Preview:	<svg width="24" height="24" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><g stroke="#fff" stroke-width="2" fill="none" fill-rule="evenodd" stroke-linecap="round"><path d="M6 6l12 12M6 18L18 6"/></g></svg>.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\commonFormArrows[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 412 x 8, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	314
Entropy (8bit):	6.800054856855326
Encrypted:	false
SSDEEP:	6:6v/lhPkh3UtDCJl0znDsp9yf5jR4rBSHWD2xxNOURtVDZkZgGlmQup:6v/7AUtevLmxjmSbTtnk9mQc
MD5:	2662516925BB290C4CF58CADE79C051F
SHA1:	E643DDB83868988934A4B5361D9DDF781838D556
SHA-256:	EB2345B9C92D9F45B4247DC1A522CA9F677185D281151711881C2BFB704C5C80
SHA-512:	58A622E689726C1C91BC404B2A44076BCA1F1352B410B482D0A0914583406046F92018A6EF716CCEA061D16C1DCF212F834E34037557EFAA6115A76DBE306B66
Malicious:	false
Reputation:	low
IE Cache URL:	https://js.arcgis.com/3.35/dijit/themes/claro/form/images/commonFormArrows.png
Preview:	.PNG........IHDR.....................gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....PLTE.....]..n.............&.....tRNS..........Y....IDATx..VA.. .k....Xp.]..(2.\..$.V...:.H....K.3..0.1`......G^.kW.KW.7....m......@e#.L.../..z..#$W.!..A.&.e.&.@...)...=.Vy......6...1.....v."...U.}.8.....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\config[1].json Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	104
Entropy (8bit):	4.098969017104185
Encrypted:	false
SSDEEP:	3:3HUgRL2Bl5XxEIGKwNdFBc8fja+4HyN1Yn:3HUg4l5XCZKwnFqQaZu1Y
MD5:	F70F2BF8818670ABCA53E67CE72C9261
SHA1:	6DA856FCF0FE338A4774D7A27CF42B15D72A8706
SHA-256:	40146D6DF784C015DFD57B9EA4ACF4A7DB35AB2D22D2739EC837BB8457CC136F
SHA-512:	77E5262EB6F6F2F7EB9AFF7D58B6704157EA6C7F3338045F13530FE861B689911414FDCCF7DF9F02685C48497938DE7F6FAE240544CE4851DB8D351C8395C269
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/themes/FoldableTheme/widgets/HeaderController/config.json?wab_dv=2.19
Preview:	{.. "groupSetting": [.. {.. "label": "AttributeTable",.. "type": "dropDown".. }.. ]..}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\config[2].json Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	129
Entropy (8bit):	4.152068426497369
Encrypted:	false
SSDEEP:	3:3HBFeHsyFN2GFe2cJif9Ho8GFe9tJWrAGSDEKouFgb/YL:3HKBFN2N2cJiNtN9RT//SbK
MD5:	5303068D87253FFF2C994E5F619D4FD4
SHA1:	79602AFE1D04EF3710E1CF09F1095A69EFCE8CE4
SHA-256:	3F71B8DBA028D515BFE654A8796AF32AE2197C6D8FA572170AD81A21C58CEBCC
SHA-512:	AEDF5AF09E9AC119D84023BBC6F04A96E431F9FEB492FDC497D19F1E1D391EEE2B573AF7707958E876D3FF3CC85112B2A3C6ED42EF690C632375840377496808
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/widgets/Scalebar/config.json?wab_dv=2.19
Preview:	{.. "scalebar": {.. "scalebarStyle": "",.. "scalebarUnit": "",.. "decimalPlaces": 0,.. "addSeparator": false.. }..}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\config[3].json Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	5148
Entropy (8bit):	4.005348891993191
Encrypted:	false
SSDEEP:	96:DeKWuphEmaDKAo0VWVPVeVLVg+zGoz6hEDEUGn9A1EaUFk2UeeyfIyajz:OuHEm6KALmt+ZgplhEDEHSqaxDexfIyQ
MD5:	4FA82840F4DD2D4A45A7724920BAB994
SHA1:	3687DA343038523803AACDC4C862D130FA5F9A2E
SHA-256:	8E6244DAF169B7275B1AC35698982C593CB4B54FF7A18524F1B20D3006721280
SHA-512:	1A69E050AE5021963905AFB5EB79047737835D84AB041177809A814EF2572418E302130BA2F939485B837B9493B64288368C9D6BB9CC3E5DE9BE759980B509BE
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/config.json?wab_dv=2.19
Preview:	{. "theme": {. "name": "FoldableTheme". },. "portalUrl": "",. "appId": "",. "authorizedCrossOriginDomains": [],. "title": "ArcGIS Web Application",. "subtitle": "with ArcGIS Web AppBuilder",. "logo": "images/app-logo.png",. "keepAppState": true,. "httpProxy": {. "useProxy": true,. "url": "/proxy.js". },. "isWebTier": false,. "geometryService": "https://utility.arcgisonline.com/arcgis/rest/services/Geometry/GeometryServer",. "links": [. {. "label": "ArcGIS Online",. "url": "//www.arcgis.com". }. ],. "widgetOnScreen": {. "widgets": [. {. "uri": "themes/FoldableTheme/widgets/HeaderController/Widget",. "position": {. "left": 0,. "top": 0,. "right": 0,. "height": 40,. "relativeTo": "browser". }. },. {. "uri": "widgets/Scalebar/Widget",. "position": {. "left": 7,. "bottom": 25. }. },. {. "uri": "widgets/Search/Wid

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\config[4].json Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	142
Entropy (8bit):	4.240625017543145
Encrypted:	false
SSDEEP:	3:3HNgJyfFeWNgStyF7qKtfDQTFpSEGFxQTF6KSrCvQmzCiJ/FlY:3HuJyfbNgStyJfDQTWEGMTotYuOFlY
MD5:	07F668A20209BE672EBF37D87EEACB2E
SHA1:	446A95B5128E28E689DC46DE2422B47C0B10FCD2
SHA-256:	DB070BBB1CD0FA8E25CC5FF98314E899DFA73F6D1E3A2B74986C943C89F3CDD3
SHA-512:	318F02F3F1DC22029FEC4E86185585C035BB03FC4A64B0AA5A075D0F991389391F1B9CDA5690BBBB352F930AC63E0079622B5A3560D42B3D068AFBB423CF42B3
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/widgets/Share/config.json?wab_dv=2.19
Preview:	{.. "socialMedias": {.. "email": true,.. "facebook": true,.. "twitter": true,.. "googlePlus": true.. },.. "useOrgUrl": false..}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\config[5].json Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	68
Entropy (8bit):	4.010893460834815
Encrypted:	false
SSDEEP:	3:3HfA5Zy4bNozF9dF//A5Wt+0:3HuJNoz/mWM0
MD5:	E751992708CA10A0A3E807FB79D9B473
SHA1:	E6F3C6BD26F9655FB0FDD038210997C4DD6523CF
SHA-256:	64A0576AEBDEED2329E468AB8B9DA2A8698EBF1D38D72F61DDCBB6C0B3D8BA7D
SHA-512:	25B868052D841BA745F97A508BEDA6D84B8B2B8F7559F06C84D065EDE9CCAC44994E61B8CFA457304347FE176B8EB620EC61B6EAFE9771B7077B8B88722E3EB1
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/widgets/BasemapGallery/config.json?wab_dv=2.19
Preview:	{.. "basemapGallery": {.. "mode": 1,.. "basemaps": [].. }..}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\d174097705[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	10863
Entropy (8bit):	5.18213666452557
Encrypted:	false
SSDEEP:	192:9CHN42S+9SZRvACpiIthFzoXnemF+shSGnZ+PPxQDqv7jh81Q5l8OcchIlzbCn:gRCfhFzevnEZ/h81Q5l8OsE
MD5:	9433307AF264FA961DC39F2DABD11BCE
SHA1:	DE37D5B43E8BA54D7831FA242F727751B97CA282
SHA-256:	8DE8AD16E87B8840B8045B613F85AF6F890F46ED0C8DDF0FFB9D5CBD3B290D8C
SHA-512:	62C261276AF89DD08DB88BBE1AAEA9C7D0DA814535BD90C42C7B0B729E2B329D275A3A15B85E4781A51551E37B415B35226B10E98F9807A9FA0FB2A100ACAD3C
Malicious:	false
Reputation:	low
IE Cache URL:	https://kit.fontawesome.com/d174097705.js
Preview:	window.FontAwesomeKitConfig = {"asyncLoading":{"enabled":true},"autoA11y":{"enabled":true},"baseUrl":"https://ka-f.fontawesome.com","baseUrlKit":"https://kit.fontawesome.com","detectConflictsUntil":null,"iconUploads":{},"id":32541914,"license":"free","method":"js","minify":{"enabled":true},"token":"d174097705","v4FontFaceShim":{"enabled":true},"v4shim":{"enabled":true},"version":"5.15.2"};.!function(t){"function"==typeof define&&define.amd?define("kit-loader",t):t()}((function(){"use strict";function t(e){return(t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(e)}function e(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function n(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter((function(e){return Object.getO

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\data[1].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	3554
Entropy (8bit):	4.783541359718584
Encrypted:	false
SSDEEP:	48:Yv2fdDLR3r14h6LhSdiEx686+/kg/ZDLR3r14h6LhSdiEx686+/kYoR:y2fT8vX8voR
MD5:	9CDDF875C5643CFD1325AE90EA066F3B
SHA1:	7FE0FBDE2E6C5FD72C33964064FB874D59F1D90D
SHA-256:	4A9BF7A06CD54750A0AB905641AB5FF34A0D1D704887F9272F77D3512886B3D8
SHA-512:	9379B03715245F2F61728729155109644AA56F2A404A2455881CCAE950031997866536DB9E4084E496A3DAE657163E70857B9CC484A49FCB0C19FA44561FD477
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/sharing/rest/content/items/63ddb5c81799450fabd13439a81f0562/data?f=json
Preview:	{"layers":[{"id":0,"layerDefinition":{"drawingInfo":{"renderer":{"type":"simple","symbol":{"type":"esriSFS","style":"esriSFSSolid","color":[130,130,130,0],"outline":{"type":"esriSLS","style":"esriSLSDash","color":[130,130,130,255],"width":1}}},"scaleSymbols":true}},"popupInfo":{"title":"{NAME10}","mediaInfos":[],"fieldInfos":[{"fieldName":"OBJECTID","visible":true,"isEditable":false,"label":"OBJECTID"},{"fieldName":"STATEFP10","visible":true,"isEditable":true,"label":"STATEFP10"},{"fieldName":"COUNTYFP10","visible":true,"isEditable":true,"label":"COUNTYFP10"},{"fieldName":"COUNTYNS10","visible":true,"isEditable":true,"label":"COUNTYNS10"},{"fieldName":"GEOID10","visible":true,"isEditable":true,"label":"GEOID10"},{"fieldName":"NAME10","visible":true,"isEditable":true,"label":"NAME10"},{"fieldName":"NAMELSAD10","visible":true,"isEditable":true,"label":"NAMELSAD10"},{"fieldName":"LSAD10","visible":true,"isEditable":true,"label":"LSAD10"},{"fieldName":"CLASSFP10","visible":true,"isEditable

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\data[2].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	32528
Entropy (8bit):	5.13004248220956
Encrypted:	false
SSDEEP:	384:mTKJDD+CnSwkDpwP9+PmEDHznSwkDpwP9iPpBJvgGDJmR/JiEGG02fyiZ5UY:mTKJDD+CJYTEBJvgGDKJJ9
MD5:	DD4CBA3DE154813F92D3416F91A88F0E
SHA1:	17256DC4B35F76E1FC59A3E7E30398F8BF05105A
SHA-256:	25E2C82400AA3299E5B42C047588F953DA498C50FB963C15B92A204A085E3D10
SHA-512:	2A7D5D5282B19584CE836188D592D277414C5C5FC508465B7208F3FC9F76D02DE4AB90BB791AA66ADCA12513B23B2C882969768F3ECF33040E6239C9EAB9B85B
Malicious:	false
Reputation:	low
Preview:	{"layers":[{"id":0,"popupInfo":{"title":"<span style='font-size:medium'>{name}<\/span>","fieldInfos":[{"fieldName":"OBJECTID","visible":false,"isEditable":false,"label":"OBJECTID"},{"fieldName":"facilityid","visible":true,"isEditable":true,"label":"Facility ID"},{"fieldName":"type","visible":true,"isEditable":true,"label":"Voting Facility Type"},{"fieldName":"name","visible":true,"isEditable":true,"label":"Name"},{"fieldName":"fulladdr","visible":true,"isEditable":true,"label":"Address"},{"fieldName":"municipality","visible":true,"isEditable":true,"label":"Municipality"},{"fieldName":"pstlstate","visible":true,"isEditable":true,"label":"State"},{"fieldName":"pstlzip5","visible":true,"isEditable":true,"label":"Zip Code"},{"fieldName":"phone","visible":true,"isEditable":true,"label":"Phone"},{"fieldName":"agencyurl","visible":true,"isEditable":true,"label":"Website"},{"fieldName":"operdays","visible":true,"isEditable":true,"label":"Operational Days"},{"fieldName":"handicap","visible":tru

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\data[3].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	32528
Entropy (8bit):	5.13004248220956
Encrypted:	false
SSDEEP:	384:mTKJDD+CnSwkDpwP9+PmEDHznSwkDpwP9iPpBJvgGDJmR/JiEGG02fyiZ5UY:mTKJDD+CJYTEBJvgGDKJJ9
MD5:	DD4CBA3DE154813F92D3416F91A88F0E
SHA1:	17256DC4B35F76E1FC59A3E7E30398F8BF05105A
SHA-256:	25E2C82400AA3299E5B42C047588F953DA498C50FB963C15B92A204A085E3D10
SHA-512:	2A7D5D5282B19584CE836188D592D277414C5C5FC508465B7208F3FC9F76D02DE4AB90BB791AA66ADCA12513B23B2C882969768F3ECF33040E6239C9EAB9B85B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/sharing/rest/content/items/26d893b98fa54fadbf472775fa6f9037/data?f=json
Preview:	{"layers":[{"id":0,"popupInfo":{"title":"<span style='font-size:medium'>{name}<\/span>","fieldInfos":[{"fieldName":"OBJECTID","visible":false,"isEditable":false,"label":"OBJECTID"},{"fieldName":"facilityid","visible":true,"isEditable":true,"label":"Facility ID"},{"fieldName":"type","visible":true,"isEditable":true,"label":"Voting Facility Type"},{"fieldName":"name","visible":true,"isEditable":true,"label":"Name"},{"fieldName":"fulladdr","visible":true,"isEditable":true,"label":"Address"},{"fieldName":"municipality","visible":true,"isEditable":true,"label":"Municipality"},{"fieldName":"pstlstate","visible":true,"isEditable":true,"label":"State"},{"fieldName":"pstlzip5","visible":true,"isEditable":true,"label":"Zip Code"},{"fieldName":"phone","visible":true,"isEditable":true,"label":"Phone"},{"fieldName":"agencyurl","visible":true,"isEditable":true,"label":"Website"},{"fieldName":"operdays","visible":true,"isEditable":true,"label":"Operational Days"},{"fieldName":"handicap","visible":tru

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\defaultlinks[1].json Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	557
Entropy (8bit):	4.913134787589742
Encrypted:	false
SSDEEP:	12:YR1mW/1Gg2rq8/zmhUfWO8IPhUfVJbleHChUfyZahUL1HEbErS:Ytl2tSIOjblexkHEI+
MD5:	8B9D74C63CE4393845E1783249D017DB
SHA1:	16F476EEB581D7FD68EEAFEA3B8D4A2D0B76D0A5
SHA-256:	3D471B0FB6108AEC47DA1C5D787B4881D27BD435BE7A0D03276D0F26FDC9F42E
SHA-512:	11EB163F617E3B097A68178294D940F9D256D95471F30CF652EDA1894055BBC65D4267A863D4FC96281BCF72B97285B1F2A431A9A650705344AD29FB62DD66D9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/search-services/suggestions/defaultlinks/?src=globalnav&locale=en_US
Preview:	{"id":"NUeweqWWSEWaIdkiYOhUWQ","results":[{"sectionName":"quickLinks","sectionResults":[{"url":"https://covid19.apple.com/screening/","label":"COVID-19 Information"},{"url":"https://www.apple.com/us/shop/goto/temporary_closures","label":"Apple Store Closure FAQ"},{"url":"https://www.apple.com/us/shop/goto/shop","label":"Shop Apple Store Online"},{"url":"https://www.apple.com/us/shop/goto/accessories/apple_accessories","label":"Accessories"},{"url":"https://www.apple.com/airpods/","label":"AirPods"}]},{"sectionName":"suggestions","sectionResults":[]}]}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\favicon-196x196.5e474118060e[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 196 x 196, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	7360
Entropy (8bit):	7.914107770419037
Encrypted:	false
SSDEEP:	192:Hhyw/s/vXOULSWzOQ0TjW+8kgN9mLw6irlb:B6/vXOULSWzHOK4gEw95
MD5:	5E474118060E71FF388EC6CBE4B43BDF
SHA1:	9E4D0BF22D602272127F5AB4CCCBBBD0BEF065F0
SHA-256:	7BA1707429ED001B2714CEF7FE1E4A3B03F3995681EB99205703FAD5A066E7D5
SHA-512:	E9D3D70DB9E0A5B022C9C846200AA43B8F923741E476E757182CCDC192A7B1C03CA1E32750C3386200A8BA26BEB18E619BFA2FCA1CF1334380260BD2F7159842
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/media/img/favicons/firefox/favicon-196x196.5e474118060e.png
Preview:	.PNG........IHDR..............x~Y....PLTE....h...n.S...m..k.;w..j.M..,v.Cw.Lv.@w..e.@...f.-v.Dw.B...m.Y..(w..[..iFj..2w.4v..a.G.C.ek..7w.._..k.^v.C..Cw..q.<w.J.H..vr..p..t.8...a..b..e..k.pp.I...m....K...j..Z.moha.uc...v..v..c.b..g..wj.U.Qj..:...x..^..U..b..z....]..J`.T^..Q.O_._^.e]..T.[^.k^..d.s..`..b..`.+o..a.r\..h..R..a..j..a..c.o_..W..e..n..e..g..`..i.\|\..P.u`..Z.`..f.w\.+g..v.:..+Z.0u..k..`..o.vP.,b..\.+k..o.1o.Z...l.V..0k.vV.N..0]..].)y.}a.I._..D..\|Q..s.y`.6i.3`..x./f.R.gb..hb.,ynf.@.wi.j..h..Gr.sK``..3r.3e.m..6m..e..VSa...\.b...\Y]...h..^..b.d.~l..=...W.a{.Ot..S.>l.%Y.q`..r.<^..Q[`..we..a.oe.Xy..]..V..X..f.Uv.?s.5p..c..v.hd..q..W.>j.Gi.Ze..t..o..i..g.Qg.F`..U.Ob.bf.Wc..n..k..e..m..j.5h.?a.n\|.E_>M..`c..l..j..VTR.?\...i..L.0f.N.}s..1m..c..Rh\..x.......w..iz^..T.fl....................KtRNS....c.G7H.).7E.v..M...)....7.m...Z..mm.......\K.....i.........z.$.....'IDATx...1..!..aE..^!S>+.-..9.2.^......4..+."....6..L`.$........p8....lB.."c........LB&.2..0n.,6%

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\favicon[1].ico Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	22382
Entropy (8bit):	1.7993121781592736
Encrypted:	false
SSDEEP:	48:sSY37LOM5M80I15CEARV/acnFNOpaF/vXE:sSw7LOekI1EE+fPOpaF30
MD5:	891E510219786F543CA998282ED99F45
SHA1:	19FE2FF6A2418BCB44B02308B998CEF84199EE08
SHA-256:	E4BDF72E2F803F7E19907C12F407AC7F7CD5F1F94BFD730B9BE24B0D49191B48
SHA-512:	E6729E7E1ED1909297317E249ADB7AF6C230B2A7082EA792C7776FA5037C8ED8AAF02BCC4015334B6C439732F965CE19291FFE863126D0C20BED9A0C89C4A95B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/favicon.ico
Preview:	............ .h...6... .... .........@@.... .(B..F...(....... ..... ................................................................................................................................................................................X.......J......."...........................................V..............................................................................................X......................................................................................................................................................................................................................................................................................................................]...........................U.......................................4...........................v...........2...t.........................................................H...9...................................................................c..............................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\filters[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	17871
Entropy (8bit):	5.218560211206417
Encrypted:	false
SSDEEP:	384:va4wwoww0ww1IJBww4ww9IabxmJ2NzOLiU1:xIabxm0Ix1
MD5:	68D68780BDA099682BFD2B4F8230EAB2
SHA1:	92CE0017B6A2204733BD464257821A6A50F28867
SHA-256:	6DE5EDA7615B74F15519E857EDB1BDD2A89FBC4498F6DAB99853CFAEEC4DD53C
SHA-512:	8BFA4F8D9B20E166145FC7F5292837DC5F6ED65DC7C9749FE80DF9BD06BD99ECAAA42215475817FDE71D7DA19957CE1DB9F06B81CE762A41EC949E71AD7D41BE
Malicious:	false
Reputation:	low
IE Cache URL:	https://js.arcgis.com/3.35/dojox/gfx/filters.js
Preview:	//>>built.define("dojox/gfx/filters",["dojo/_base/lang","dojo/_base/array"],function(g,h){var a={},l={x:"0%",y:"0%",width:"100%",height:"100%"},e={};a.createFilter=function(c,d){c=g.mixin({},l,c);c.primitives\|\|(c.primitives=[]);d&&Array.prototype.push.apply(c.primitives,d);return c};var m=function(c,d,f){d instanceof Array&&(f=d,d=null);d=g.mixin({},d);d.children=f;d.tag=c;return d};h.forEach("feBlend feColorMatrix feComponentTransfer feComposite feConvolveMatrix feDiffuseLighting feDisplacementMap feFlood feGaussianBlur feImage feMorphology feOffset feSpecularLighting feTile feTurbulence feDistantLight fePointLight feSpotLight feMergeNode feFuncA feFuncR feFuncG feFuncB".split(" "),.function(c){a[c]=function(d,f){return m(c,d,f)}});a.feMerge=function(c,d){if("string"===typeof c){for(var f=[],n=0;n<arguments.length;++n)f.push(a.feMergeNode({"in":arguments[n]}));return m("feMerge",{},f)}return m("feMerge",c,d)};var b=a.createFilter;e.convolutions=[b({_gfxName:"boxBlur3"},[a.feConvolveMa

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\firefox[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	80274
Entropy (8bit):	5.128175773588851
Encrypted:	false
SSDEEP:	768:uQfXSeSO3Ks1+D5Zsv1JTPYsIhIrpvjN1ig5sMG+9+:uQfXSPO3KsOZ01JeIrh4+U
MD5:	F4DF84AEB35D79C99C8DA579DBE427FB
SHA1:	80455E317A7E23A8378BD05FEE16AF3418DE6E0D
SHA-256:	A13FA7167F5300C36CD1B5B6E657617138F295DE36309C990DE1E91BD7973AB1
SHA-512:	FF0698249B13080C7319091A87DE29B224D43434AB470E222F73F12EB3E213658084CAC0F9468EC4776AA202333FE3ABB4A3FCF1E2F441D85211AFB27AFD520D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/en-US/firefox/
Preview:	...<!doctype html>..<html class="windows x86 no-js" lang="en" dir="ltr" data-latest-firefox="86.0" data-esr-versions="78.8.0" data-gtm-container-id="GTM-MW3R8V" data-stub-attribution-rate="1.0" data-sentry-dsn="https://dd94e99168c6431899c1daa5a812d8b6@sentry.prod.mozaws.net/152">. <head>. <meta charset="utf-8">.. <script type="text/javascript" src="https://www.mozilla.org/media/js/BUNDLES/site.ddf5d556ecf8.js" charset="utf-8"></script>.. [if !IE]> >. . .. <![endif]-->.. . _.-~-.. 7'' Q..\. _7 (_. _7 _/ _q. /. _7 . ___ /VVvv-'_ .. 7/ / /~- \_\\ '-._ .-' / //. ./ ( /-~-/\|\|'=.__ '::. '-~'' { ___ / // ./{. V V-~-~\| \|\| __''_ ':::. ''~-~.___.-'' _/ // / {_ / { /. VV/-~-~-\|/ \ .'__'. '. ':: _ _ _ ''.. / /~~~~\|\|VVV/ / \ ) \ _ __ ___ ___ ___(_) \| \| __ _

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\firefox[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	15035
Entropy (8bit):	7.953315864783918
Encrypted:	false
SSDEEP:	384:oAlq/3+3d9ZZ/ZdSvYpaTMew11UWUSozQwgArfyMPG3:QsNZ6vcW6PyzQwI8G3
MD5:	D5BB26B985C789177FD1870934FC6D06
SHA1:	865263F9E4688715839F245824F628A0D64258AD
SHA-256:	5FE5BB1300688FEBA171BB269DB6411EE92923D454F0E30F605E245AEF81F8C4
SHA-512:	52D6067EAC0D1C40E745CD3DD55064F2F503E4D2E03DB9A3D326500FE9B1DE6C532BA7B5B7A6179C04F5BFB733BBB79B0C98E6537404BE865CE1DE032381B4B5
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/browser-message/firefox.png
Preview:	.PNG........IHDR..............>a...:.IDATx.....$K.......k.m.m..m.a.m......':z^E....x}"~]....u9.,..w...;<Z.o.LC.n...._.0...]..w..6.^.._..k.q29.....9\.d.l.6.....u...a.8..........I[.(..\...G..$......R..A....B......P-#=.x....$$..\2R..MD\|.. ....."%.x....z..1...[/......o.=.........7...........&..l..Mw..p_.%.]62y..S.;VM...dX1.U..).).......7G.l.....6..N.z&..@.....w(.6...^..@7..'O..O...:..}..>?..hz....../\|.&7.V..Q.....^Co.n.PC..U1.M.5&.R$j......0.0..W..3".X2.x..'..l..?o.$......]....A...0Y.4..k.ZF..?...@....@.K.....u..h..~./7..yy{i..l....u.........d..r.4.1n...G..."........h.F.........."..-...X....~Rz.)M....a}.Z.Ch.e ...n.\|..%...'.[p.ND...5(..D.`H..}....F...CmW.~G:.-....9..<..k.b.0M0.T4..d.X%./Pu...?3...f.......T.)..`......=R....0....t..^...Q...\...4N@..1.......).k..).h..AK..........o!CF...zH....y.&....m.M....s..dr..9........u..$.v...!.&PK....0. .$L.l.....'.."...q...p....$.......)..P..,..1.I...BS.z+D.."L.b..@.9.;.Ab.J..h.;}.zR:...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\fold_down[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 12 x 10, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1042
Entropy (8bit):	6.260308634218111
Encrypted:	false
SSDEEP:	24:21h4SHWwh82lYSgfbyVpbNT3XyJ3VL+h3+geGMs8N9:8KS2vn/evxeJ3c4geYs9
MD5:	2E542DD4D298DAB6750965D47B1F258F
SHA1:	671D740B60C35D19A79EB58FBB0B9C03044A5DA3
SHA-256:	9495275B12CDF4599D5BF5DEF8CD832D0EE0BA69723DA331D0FBC9374BEE7421
SHA-512:	20A7A059BDC7DB6B9F272F8832C95DC5ACC14DC7593D117A76C6E67E63CF34BD0F35C0FD0432B8DCC97C18CBBFD3AB3145870A2AFAB17F8F11540A0240A963EE
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/themes/FoldableTheme/panels/FoldablePanel/images/fold_down.png
Preview:	.PNG........IHDR..............,......tEXtSoftware.Adobe ImageReadyq.e<...!iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c014 79.151481, 2013/03/13-12:09:15 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:153B1C0E447A11E48939834E8359558B" xmpMM:InstanceID="xmp.iid:153B1C0D447A11E48939834E8359558B" xmp:CreatorTool="Adobe Photoshop CC (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6384E26A42E311E4B1E8844A4E16B31D" stRef:documentID="xmp.did:6384E26B42E311E4B1E8844A4E16B31D"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..@C....IDATx..?.@0......F....A..W.*V.g..,. .U...k..OJ.\B...Dj..."...;..E.LN(`.N..T~.!}m...Q.SYr.QG..V._1.....bh..q..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\fonts[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	22232
Entropy (8bit):	5.341082646424824
Encrypted:	false
SSDEEP:	384:fbIjrEnZwA2k7dNGAa9h5kQ4St3Tqjf+C/QKrKORj5ZkO4JvrGGFr0d/UL3qCGdJ:fbIjrEnZwA2k7dNGAa9HP4SEjf+C/QKZ
MD5:	D5A2A5E9D9D9B994718362CFCF91F5D1
SHA1:	A1CCFFBAE512789326BB45A85A2094638095F6D4
SHA-256:	119EAA65857CD463C1F451A4C943EA81632B4702FB81C6F48AFD85E1742C6C7C
SHA-512:	94E4D7090DFC02C69B8F648ABA51CFC0B99C4A9C4B059643001D6C62FC6E3C15A5065DF9798FCDB64EFE085936A94D914F63BDF868AD8AAA70288DAB90B5CF26
Malicious:	false
Reputation:	low
Preview:	@font-face {...font-family:'SF Pro Display';...font-style:normal;...font-weight:100;...src:local('..'), url("/wss/fonts/SF-Pro-Display/v3/sf-pro-display_ultralight.woff2") format("woff2"), url("/wss/fonts/SF-Pro-Display/v3/sf-pro-display_ultralight.woff") format("woff"), url("/wss/fonts/SF-Pro-Display/v3/sf-pro-display_ultralight.ttf") format("truetype");.../* (C) 2019 Apple Inc. All rights reserved.. /..}..@font-face {...font-family:'SF Pro Display';...font-style:italic;...font-weight:100;...src:local('..'), url("/wss/fonts/SF-Pro-Display/v3/sf-pro-display_ultralight-italic.woff2") format("woff2"), url("/wss/fonts/SF-Pro-Display/v3/sf-pro-display_ultralight-italic.woff") format("woff"), url("/wss/fonts/SF-Pro-Display/v3/sf-pro-display_ultralight-italic.ttf") format("truetype");.../ (C) 2019 Apple Inc. All rights reserved.. /..}..@font-face {...font-family:'SF Pro Display 100';...src:url("/wss/fonts/SF-Pro-Display/v3/sf-pro-display_ultralight.eot");.../ (C) 2019 Apple Inc.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\globalnav_bag_image__bmix8075eg4i_large[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	718
Entropy (8bit):	4.975227697400887
Encrypted:	false
SSDEEP:	12:tvG1do1Nny+hoaFJKAvFE3Gb/NKXu6bZa+lBauBjtkGhBckmUcBTOcBLAct63cBr:tu1dENy+dJK+Fhb/NKbbZaKaurkCWN6S
MD5:	1B5D095BFE3AC689E90215A6DEB7302C
SHA1:	22D3E88D961BC2EB647B6007526938BAA5E69090
SHA-256:	F1CD98822BE46341B217B662DB5CF71AF58E176B471250D3099B1370DCCE57FA
SHA-512:	0200A3B8AC9FB40D7E7306F87A53EACDA2C1D83406B06FE94B845376BA9ADEAEA935ABDDFDA0082BBAC4915D289758C8BCC9727CFCFBA279903C73F83999C2D7
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/ac/globalnav/6/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_bag_image__bmix8075eg4i_large.svg
Preview:	<svg id="Layer_1" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 17 44">. <defs>. <style>. .cls-1 {. fill: none;. }.. .cls-2 {. fill: #fff;. }. </style>. </defs>. <title>image_large_1</title>. <g id="bag_large">. <rect id="boundingbox" class="cls-1" width="17" height="44"/>. <path id="bag" class="cls-2" d="M14.5,14H12.712a4.227,4.227,0,0,0-8.424,0H2.5A2.5,2.5,0,0,0,0,16.5v11A2.5,2.5,0,0,0,2.5,30h12A2.5,2.5,0,0,0,17,27.5v-11A2.5,2.5,0,0,0,14.5,14Zm-6-2.875A3.243,3.243,0,0,1,11.712,14H5.288A3.243,3.243,0,0,1,8.5,11.125ZM16,27.5A1.5,1.5,0,0,1,14.5,29H2.5A1.5,1.5,0,0,1,1,27.5v-11A1.5,1.5,0,0,1,2.5,15h12A1.5,1.5,0,0,1,16,16.5Z"/>. </g>.</svg>.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\globalnav_links_iphone_image__dhepc4hn14cy_large[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1160
Entropy (8bit):	4.288697074014536
Encrypted:	false
SSDEEP:	24:t4goMvFZMHlplk8nrZSRPNGFaEF446hRuhdSQNRZY4qbg8tovN:L/dZulpNxP3jd7Ri9bg8u
MD5:	E0A682D11E5DA6756C00A9FB7F94CE93
SHA1:	47F240703CE0FCADA7A4FC00C6BA87371A395308
SHA-256:	A6184C9C55C75D613C2E81F5238D7E436714FAB15E116EB29059D22817A90EF2
SHA-512:	A0EE8BA1ADE6CB416B36823F9BB8FE57A4FF204F231E5E44026CC6FA223100669F89A64DEC70B013BF1F0204268E96304360ACD03DD91CBEA277E320E215A9DE
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/ac/globalnav/6/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_iphone_image__dhepc4hn14cy_large.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="44" height="44" viewBox="0 0 44 44"><path d="M.5 17.31c0-.45.37-.82.82-.82s.82.37.82.82-.37.82-.82.82-.82-.36-.82-.82zm.23 2.32h1.18V27H.73v-7.37zm7.16-2.49c1.87 0 3.16 1.31 3.16 3.19 0 1.85-1.32 3.15-3.17 3.15H5.39V27H4.16v-9.86h3.73zm-2.5 5.25h2.17c1.4 0 2.21-.75 2.21-2.06 0-1.35-.79-2.1-2.21-2.1H5.39v4.16zm7.44-5.68h1.18v4.09h.11c.37-.81 1.14-1.29 2.27-1.29 1.56 0 2.54 1 2.54 2.73V27h-1.18v-4.48c0-1.31-.59-1.96-1.7-1.96-1.32 0-2.04.83-2.04 2.08V27h-1.18V16.71zm7.74 6.61c0-2.37 1.3-3.81 3.4-3.81s3.4 1.44 3.4 3.81-1.3 3.81-3.4 3.81-3.4-1.45-3.4-3.81zm5.58 0c0-1.75-.79-2.75-2.18-2.75s-2.18 1-2.18 2.75c0 1.74.79 2.75 2.18 2.75s2.18-1.01 2.18-2.75zm2.92-3.69h1.12v1.16h.11c.37-.81 1.09-1.29 2.21-1.29 1.65 0 2.58.98 2.58 2.73V27h-1.18v-4.48c0-1.33-.56-1.96-1.74-1.96s-1.93.79-1.93 2.08V27h-1.18v-7.37zm14.08 5.46c-.36 1.26-1.49 2.04-3.1 2.04-2.04 0-3.32-1.48-3.32-3.81 0-2.32 1.3-3.82 3.32-3.82 1.99 0 3.2 1.42 3.2 3.71v.45h-5.3v.05c.06 1.46.88 2.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\globalnav_links_mac_image__fv4ktb435mum_large[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	802
Entropy (8bit):	4.424093323511906
Encrypted:	false
SSDEEP:	24:t4hMViEmTYEo+y+csJtbCKZRXJE9bETa6uP+Koh:TITTyKJlUcuP+V
MD5:	A3434749345009DA205AC0E848654E85
SHA1:	615DEC701544BD85F757B20719B5AD881FBA64FC
SHA-256:	81849741DC42D40B8338A222866C5009893103EFB5BDC4101D0AE5CA4D6E1375
SHA-512:	8C517EED042331F74F55152164A348DEBE604790B8220393C501524E7EAF94245BD737C23B2B94C26D1B86B20D1621C22675DF6FD524608EF910C9026E85DD91
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/ac/globalnav/6/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_mac_image__fv4ktb435mum_large.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="26" height="44" viewBox="0 0 26 44"><path d="M8.7 27v-7.53h-.08L5.5 26.93H4.47l-3.11-7.46h-.09V27H.12v-9.86h1.43l3.38 8.16h.11l3.38-8.16h1.43V27H8.7zm6.12-7.49c-1.57 0-2.73.78-2.89 1.96h1.19c.16-.58.78-.92 1.66-.92 1.1 0 1.67.5 1.67 1.41v.67l-2.13.13c-1.72.1-2.69.86-2.69 2.18 0 1.35 1.06 2.19 2.49 2.19.98 0 1.79-.43 2.27-1.22h.11V27h1.12v-5.04c0-1.53-1-2.45-2.8-2.45zm1.63 4.75c0 1.05-.9 1.85-2.11 1.85-.85 0-1.49-.44-1.49-1.19 0-.74.49-1.13 1.61-1.2l1.98-.13v.67zm8.11-2.37c-.19-.73-.84-1.33-1.9-1.33-1.33 0-2.16 1.06-2.16 2.73 0 1.7.85 2.78 2.16 2.78.99 0 1.68-.46 1.9-1.29h1.19c-.21 1.35-1.31 2.35-3.08 2.35-2.06 0-3.38-1.5-3.38-3.84 0-2.3 1.31-3.79 3.38-3.79 1.79 0 2.88 1.07 3.09 2.39h-1.2z" fill="#fff"/><path fill="none" d="M0 0h26v44H0z"/></svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\globalnav_links_music_image__bewxrazzig02_large[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1082
Entropy (8bit):	4.270480682935068
Encrypted:	false
SSDEEP:	24:t4PM/iEtPCL4iCtYd94vbvtH/SU2utETa6uP+KoFR:ZKxL4htUIbvtHuqcuP+D
MD5:	9C937381351FBDEF4480586B6AF7715E
SHA1:	444F95D791FA40BB4888663F3B2AA18089D53A97
SHA-256:	16E30F5480BC1DD538AD90AB859CDA8A78BADB4C3E9DDC3DFB5A5B6A358091E4
SHA-512:	5DF70F21A263CB809199575B1F0F461469DE81D8C7C37CB6733C295436B63A09AF16CABACB4564AFFB1571DEFE1883858193E9797E9252E0C646402A2E602142
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/ac/globalnav/6/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_music_image__bewxrazzig02_large.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="37" height="44" viewBox="0 0 37 44"><path d="M8.7 27v-7.53h-.08L5.5 26.93H4.47l-3.11-7.46h-.09V27H.12v-9.86h1.43l3.38 8.16h.11l3.38-8.16h1.43V27H8.7zm9.33.01h-1.12v-1.16h-.11c-.37.82-1.16 1.29-2.28 1.29-1.65 0-2.52-.98-2.52-2.73v-4.77h1.18v4.48c0 1.33.49 1.94 1.67 1.94 1.3 0 2.01-.77 2.01-2.06v-4.36h1.18v7.37zm4.65-7.5c1.54 0 2.62.77 2.78 1.98H24.3c-.16-.59-.73-.98-1.62-.98-.88 0-1.56.44-1.56 1.1 0 .51.41.82 1.28 1.03l1.13.27c1.39.33 2.06.94 2.06 2 0 1.32-1.28 2.23-2.95 2.23-1.64 0-2.77-.79-2.9-2.01h1.21c.2.62.79 1.02 1.73 1.02.99 0 1.7-.47 1.7-1.15 0-.51-.38-.85-1.17-1.04l-1.26-.31c-1.38-.33-2.01-.93-2.01-2 0-1.22 1.18-2.14 2.74-2.14zm4.41-2.2c0-.45.37-.82.82-.82s.82.37.82.82-.37.82-.82.82-.82-.37-.82-.82zm.23 2.32h1.18V27h-1.18v-7.37zm8.19 2.26c-.19-.73-.84-1.33-1.9-1.33-1.33 0-2.16 1.06-2.16 2.73 0 1.7.85 2.78 2.16 2.78.99 0 1.68-.46 1.9-1.29h1.19c-.21 1.35-1.31 2.35-3.08 2.35-2.06 0-3.38-1.5-3.38-3.84 0-2.3 1.31-3.79 3.38-3.79 1.79 0 2

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\globalnav_links_support_image__b24reo1n4fbm_large[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1661
Entropy (8bit):	4.098060898847938
Encrypted:	false
SSDEEP:	48:0pUhvYFSFydL4hnjmbDdrjPmDdPNP3D3/VKPq4X:aUhvYEFI44OBxPWXX
MD5:	52A5A165C8306386B352AC17162DFA27
SHA1:	D6E74D86852625275E44FCD469626EEF00A5B847
SHA-256:	DB645E8610C56A69BE65CF9CF0CEEBBB20BC505F1B91661B1617F8F7F26DBFC9
SHA-512:	2115F83288C02EF55BC7CC32CC543009425B7A6A9D854D0276E3F23ACB40FAA511151AFDACFCA5E71BF2CEE5ED030411A2262FBA050F2C700BB54A0AA2E401ED
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/ac/globalnav/6/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_support_image__b24reo1n4fbm_large.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="52" height="44" viewBox="0 0 52 44"><path d="M1.76 24.42c.15 1.03 1.13 1.69 2.54 1.69 1.33 0 2.3-.72 2.3-1.7 0-.84-.62-1.37-1.98-1.72l-1.26-.33C1.58 21.91.8 21.1.8 19.7c0-1.67 1.4-2.81 3.49-2.81 1.91 0 3.33 1.13 3.43 2.73H6.49c-.17-1.01-1-1.61-2.24-1.61-1.31 0-2.18.66-2.18 1.65 0 .77.54 1.22 1.9 1.57l1.03.28c2.04.51 2.86 1.31 2.86 2.75 0 1.81-1.43 2.97-3.68 2.97-2.09 0-3.53-1.11-3.66-2.81h1.24zM15.58 27h-1.12v-1.16h-.11c-.37.82-1.16 1.29-2.28 1.29-1.65 0-2.52-.98-2.52-2.73v-4.77h1.18v4.48c0 1.33.49 1.94 1.67 1.94 1.3 0 2.01-.77 2.01-2.06v-4.36h1.18V27zm8.76-3.68c0 2.3-1.22 3.81-3.1 3.81-1.05 0-1.9-.46-2.3-1.24h-.11v3.57h-1.18v-9.83h1.12v1.23h.11c.47-.85 1.35-1.36 2.36-1.36 1.88 0 3.1 1.5 3.1 3.82zm-1.22 0c0-1.72-.81-2.75-2.15-2.75-1.33 0-2.17 1.06-2.17 2.75s.84 2.75 2.17 2.75c1.35 0 2.15-1.03 2.15-2.75zm9.61 0c0 2.3-1.22 3.81-3.1 3.81-1.05 0-1.9-.46-2.3-1.24h-.11v3.57h-1.18v-9.83h1.12v1.23h.11c.47-.85 1.35-1.36 2.36-1.36 1.89 0 3.1 1.5 3.1

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\globalnav_links_tv_image__dtzdy60o3imq_large[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	264
Entropy (8bit):	5.058343997562709
Encrypted:	false
SSDEEP:	6:tI9mc4slzuX8UER4nhHURqadqWKHFpKmhOv6ASfmhN:t4IX8Rqn/vWMFp7hOvDow
MD5:	EE95A18FD56763A31ACA1D504802E089
SHA1:	ACA3406918FFE464B3ADC4F857B81FD66D40690D
SHA-256:	8B25224A4527ED4EFEE23B222227FE0F00F1EF2ECFC3A64D0D55F9BA8A77D06B
SHA-512:	C2404EFD5279333B478AAB3D4142A754DBB8FA5C0B40041411907749ACD9F95DA226ECA5B5AC6D2D0A6851AA93A331CF977FC2280FE18F560472E59D9F3C52AA
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/ac/globalnav/6/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_tv_image__dtzdy60o3imq_large.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="18" height="44" viewBox="0 0 18 44"><path d="M3.65 27v-8.76H.47v-1.11h7.59v1.11H4.88V27H3.65zm9.02 0l-3.64-9.86h1.29l2.9 8.27h.11l2.9-8.27h1.29L13.89 27h-1.22z" fill="#fff"/><path fill="none" d="M0 0h18v44H0z"/></svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\head.built[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	14497
Entropy (8bit):	5.304485446269672
Encrypted:	false
SSDEEP:	384:TwR/vgcy8GUPh+2rKtm8wtcTc1cIclZxcGcJGF:T3CetGtcTc1cIclrcGcJ4
MD5:	D12CA550D2A07F0A471A749532A1EF49
SHA1:	2174FC5D725290CA62719E6AB39BCF1B1A99DE1B
SHA-256:	A0E2913C2056465D95EA1E7D20FB8EB77244AE8CB034A559595BC406A544E5F6
SHA-512:	1FD4B475756ABB37F5AFC89930DB5BFF193371DA887EFB7660CFD78D492136923F04EF470B2B930D8FED2E57DEF282A1A1D1C122CD16B62D9563F3734A46740A
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/v/safari/m/built/scripts/head.built.js
Preview:	!function t(e,n,i){function r(o,u){if(!n[o]){if(!e[o]){var a="function"==typeof require&&require;if(!u&&a)return a(o,!0);if(s)return s(o,!0);var c=new Error("Cannot find module '"+o+"'");throw c.code="MODULE_NOT_FOUND",c}var d=n[o]={exports:{}};e[o][0].call(d.exports,(function(t){return r(e[o][1][t]\|\|t)}),d,d.exports,t,e,n,i)}return n[o].exports}for(var s="function"==typeof require&&require,o=0;o<i.length;o++)r(i[o]);return r}({1:[function(t,e,n){"use strict";e.exports={EventEmitterMicro:t(2)}},{2:2}],2:[function(t,e,n){"use strict";function i(){this._events={}}var r=i.prototype;r.on=function(t,e){this._events[t]=this._events[t]\|\|[],this._events[t].unshift(e)},r.once=function(t,e){var n=this;this.on(t,(function i(r){n.off(t,i),void 0!==r?e(r):e()}))},r.off=function(t,e){if(this.has(t)){if(1===arguments.length)return this._events[t]=null,void delete this._events[t];var n=this._events[t].indexOf(e);-1!==n&&this._events[t].splice(n,1)}},r.trigger=function(t,e){if(this.has(t))for(var n=thi

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\icon-relay.aca61c9bb349[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1777
Entropy (8bit):	4.579283019884369
Encrypted:	false
SSDEEP:	48:n4FHJoUj9RQU2HAcj71YD7hk+phcdpZM96kyS:6B07TeD75EdTq
MD5:	ACA61C9BB349D5089303E2E97184F570
SHA1:	DF64AA4A238F0DC68D966C43B0E60F082E5197A1
SHA-256:	C74AD6A800B101DFAA037145D6B10D1141D7CC7A4A348449EC49A1BDADB5C501
SHA-512:	4C3BAD522347442D51C38419D8EAB002531F61337722B4C79DDFED6E01C3C17726B36AE883C70698FCD36147DBCDDD25CA61419307F97DCAEDB2D8056CD504B9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/media/img/nav/icons/icon-relay.aca61c9bb349.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 32 32">. <style>.st1{fill:#20133a}</style>. <linearGradient id="a" x1="1.4286" x2="30.5714" y1="18.94" y2="18.94" gradientTransform="matrix(1 0 0 -1 0 34.94)" gradientUnits="userSpaceOnUse">. <stop offset="0" stop-color="#9059ff"/>. <stop offset="1" stop-color="#f770ff"/>. </linearGradient>. <path fill="url(#a)" d="M29.2 7L17.4.4c-.8-.5-1.9-.5-2.7 0L2.8 7c-.8.5-1.4 1.4-1.4 2.4v13.2c0 1 .5 1.9 1.4 2.4l11.8 6.6c.8.5 1.9.5 2.7 0L29.2 25c.9-.5 1.4-1.4 1.4-2.4V9.4c0-1-.6-1.9-1.4-2.4z"/>. <path d="M7.8 19.5l-.8.4c-.5.3-.7 1-.4 1.5.3.5.9.7 1.5.4l.7-.4c.5-.3.7-1 .5-1.5-.3-.5-1-.7-1.5-.4z" class="st1"/>. <path d="M12.1 17l-1.4.8c-.5.3-.7 1-.4 1.5s1 .7 1.5.4l1.4-.8c.5-.3.7-1 .5-1.5-.3-.5-1-.7-1.6-.4z" class="st1"/>. <path d="M17.9 15c-.1-.2-.3-.4-.6-.5V6.1c0-.6-.5-1.1-1.1-1.1-.6 0-1.1.5-1.1 1.1v8.4c-.6.2-.9.8-.6 1.4-.2.6 0 1.2.6 1.4v8.4c0 .6.5 1.1 1.1 1.1.6 0 1.1-.5 1.1-1.1v-8.4c.6-.2.9-.8.7-1.4.1-.3.1-.6-.1

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\icon[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	189
Entropy (8bit):	5.741649250417517
Encrypted:	false
SSDEEP:	3:yionv//thPl9BtftRthwkBDsTBZt69/zUvERl21Y1/k/OwPR/R/1llllllllrOP1:6v/lhPfnDspeLUvA64kGwPR/R/0AIrVp
MD5:	075182A8F4987D522173E358E18369F8
SHA1:	59C17FB39A7812586385A94DD3E8CB3A8B1E9E0A
SHA-256:	7312EBE5AC9C826BAAF54A5D8510B46E8E098AE5542695A7E6AF524359BBD4CB
SHA-512:	202770EC9F147151901DA049AEF5A315880BE0626971D86885BCBDDA92C1713101482B41F196BEB0013BE23E82E57E494328F5AE5694596558153FB72B6DA3B6
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/widgets/BasemapGallery/images/icon.png?wab_dv=2.19
Preview:	.PNG........IHDR...2...2......?......tEXtSoftware.Adobe ImageReadyq.e<..._IDATx..... ...D..eu.....}i#G."9VQSn.K.k.I o.c..*M.........@@@@@@@@@@@@@@@NM......e-.K$....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\icon[2].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1002
Entropy (8bit):	7.733856528689433
Encrypted:	false
SSDEEP:	24:JOe1rdMDDgYSUuHDoTkWAPo8MAw8OiM0kKp05d81n6HlMD:JR1rdMHglHxWkMAw8OiSKp0MglMD
MD5:	BE96A7D749B9BFC691D3943FA7EB509D
SHA1:	67C6ACC85151E623F74C0A8BC7DDC5D67B779A35
SHA-256:	183411D0708D2D331CAA584224DD6A6DDE88EC90AFF4343156E28648EA01EBA6
SHA-512:	36C147497F6814405BC7761BDDFEEF7320B25ABBA0352338EB0870EA96C4627157DBDB929A08CE40260A8333F4A1CA8E65579F389C42FBC878ADDE1D0E3940F2
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/widgets/LayerList/images/icon.png?wab_dv=2.19
Preview:	.PNG........IHDR...2...2......?......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..KhSQ...X"...[!(..n."...D...qQ..>P..."..Z.U..Bq..A.t!.....M..RE]X..+.....?u...&3.q........{.=3...7..,Z.\.?@7.....@=..r....z.>..........w] ..@..\|0z..;....d..4.m..X k.=0c.....X.@..y0e.......H.8...e.WM.l..L..\|...H3.0..'`..@R.&.6.i.SJ..Bp.L.......@.. .3.c.\|...c.U[Qr].....3.?K..X......E..2..+...Y;,..9.i..&........s..[....!V..F.[l.F.xU.=eJ.....@...%g!....K.l.#...<.\.Y....k..0.6..B[....G.... .......)......X....\|...^.(..]c\.%J.K>O...G.....j[..X....}.I....Wf.^.Q...;.M..1.i0.......nK)]..$.E."..H.C.....rE..Ca....u......OB...?K9)q.n)......g.v.}K.~Z.K.wg...(........R+t.4.k.._..?.....<..%.fy......Ukh...).`..._Q.....[..-.C..y.W..L...x.ic..1...@h.....a....E.h...<'l..`....U.4i4.BkhN..Q.~T ..^..sk.R.z.X.3oe.x......3...3...^.m..ib?...@..zp..r......T..=...JTS.+.u..,.........&..v..W.:].....W....:z..V%.s...F.i.c...L..O.w/..m...CM.^...j._...kN..../..u.a[.~.0...U3#+em....IEND.B

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\icon[3].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	997
Entropy (8bit):	7.7071905379165155
Encrypted:	false
SSDEEP:	24:bWr9MWTB9HckEpDhzCZEBfa/cXW/ri6qyOT:b4jckUD8ZEoRDqyQ
MD5:	60F231E8392CA18C87D4E036F8F6C46C
SHA1:	E18A45893E27C37141DD57B28BE4D8E1A3C1D87A
SHA-256:	9AC926DBCCFD06E1BD617795308081A267C6F67E30C9531C16E840FAB6CCE5C7
SHA-512:	A12884D8F3C5B58A107F6F22F1DA2B26DA960F0C7B1F0FC7CDF127B46FFBE3D9F3929D9CA56CDAB66E86B59E72C13805C7D05D33173D89639CA3B345CFEEA46C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/widgets/About/images/icon.png?wab_dv=2.19
Preview:	.PNG........IHDR...2...2......?......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..OH.q...me......,K)._YP....PI.u..1.SA.u..Kd`..%.J....a...e......_.....+..vg..........~..eY..,..`.(..`!H....?@'h..@#.&1x$.!K.aP..........K...!.(.u`..!.Y.dN..C6...-=..1.....b..I...3$.\.&O.x......3.M..\i....%.k....f#5..(.......Fj.C.....~5\|....^........h..A&......gP.x...o......[s..!..Q.e.....k..L.............].s.+vCNs.)+=.-.....<.1..2..0!....2.e.@s..GN).....l..`/x,......`...h.`....t.#C.f...g.`..D....[J(.z........(.\|........p..p...so8...4..\|.oL ._<..&^......H..H....6.3h..`....Q....XJ.m!hvx~....k.T2.7...n..d.O..=.Ut."...d.w..o]..f.Va.........\.z....t<u....%.l3y_..7.mw.=J.4.!...6.<_..#k4..n.T....v....=.#$.BJ.<Vx..j._us....A.%`...,...&V...Bz.B.,....nL...$.......C.Es.pKb............V.C`.xn..J+C....>.$.D....S.f....q....9Wf.;...s.#..e~+VU..@.....YG......Z.....C../.%d..C....'.<].<.....5[8j&...F...NT..&.dNRmNT..Z.x..F.6..`~..... ..m<.H.l...3...4F..DJ.....=]w........IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jquery-2.2.3.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	85659
Entropy (8bit):	5.366267621178451
Encrypted:	false
SSDEEP:	1536:MYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOi79xfWBZ+Bjda4w9W3qG9a986:n4J+OlfOM9xrCW6G9a98Hr2
MD5:	33CABFA15C1060AAA3D207C653AFB1EE
SHA1:	E3DBB65F2B541D842B50D37304B0102A2D5F2387
SHA-256:	6B6DE0D4DB7876D1183A3EDB47EBD3BBBF93F153F5DE1BA6645049348628109A
SHA-512:	48568D6F7C42D3C93F59FE8244CD49F8EFEFBF8616CAB3C149DCB4A3ED67A8ACDFFAE2EB2019DA7A8F1A62800039DDF59CC347C17F33C15C1331B6C226303C2A
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.leg.state.nv.us/site/library/js/jquery-2.2.3.min.js
Preview:	/! jQuery v2.2.3 \| (c) jQuery Foundation \| jquery.org/license /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.3",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jquery.smartmenus.keyboard.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	4517
Entropy (8bit):	5.237171846824738
Encrypted:	false
SSDEEP:	96:mvxNrxDPDFP7F7qfpulnzeT0TAH6oYlHE3hmWq5pslHE3hmW0lsQvlqlKlDT3lq4:krxDPDZ7F7qfCnaT0TSnYlHE3hmWq5pi
MD5:	3B85DE0642F7E02929B76D60ED94758C
SHA1:	13814059D8442D06662810A33D7817E200F0751D
SHA-256:	B35C6A049D0B1478341384CAF26277627BEF22318668880C6F9550CC132A4AC9
SHA-512:	315E9D8384FB03A21880229BACB58ADD3C6458888E6BDBF02A5EE1196224A4E9E6E2609B3D42ABB651C1282A032ECCFDC18469278584BBE1425946762435BA1F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.leg.state.nv.us/Home/library/js/jquery.smartmenus.keyboard.min.js
Preview:	/! SmartMenus jQuery Plugin Keyboard Addon - v0.4.0 - September 17, 2017. http://www.smartmenus.org/. * Copyright Vasil Dinkov, Vadikom Web Ltd. http://vadikom.com; Licensed MIT */(function(t){"function"==typeof define&&define.amd?define(["jquery","smartmenus"],t):"object"==typeof module&&"object"==typeof module.exports?module.exports=t(require("jquery")):t(jQuery)})(function(t){function e(t){return t.find("> li > a:not(.disabled), > li > :not(ul) a:not(.disabled)").eq(0)}function s(t){return t.find("> li > a:not(.disabled), > li > :not(ul) a:not(.disabled)").eq(-1)}function i(t,s){var i=t.nextAll("li").find("> a:not(.disabled), > :not(ul) a:not(.disabled)").eq(0);return s\|\|i.length?i:e(t.parent())}function o(e,i){var o=e.prevAll("li").find("> a:not(.disabled), > :not(ul) a:not(.disabled)").eq(/^1\.8\./.test(t.fn.jquery)?0:-1);return i\|\|o.length?o:s(e.parent())}return t.fn.focusSM=function(){return this.length&&this[0].focus&&this[0].focus(),this},t.extend(t.SmartMenus.Keyboard={},{

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jquery.smartmenus.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	24548
Entropy (8bit):	5.205918310682866
Encrypted:	false
SSDEEP:	384:YrDGbLjYJyP4MsvgJRo7nFEHKgg+IdB+BVhibNwJWxhI3GLOv4e4gNmx8kpaNTpn:i4EyQMsvgnswKB+IdB+BVEbNwJaI3GL8
MD5:	F37878DF1D94BBEA0DFB7E85612888EC
SHA1:	19DF702835FF55CE5A9B76B9974F8597CC528C6A
SHA-256:	2FE668F50E1B19F758D3A06AC0C60B0E869C6B31FA1AB43190B6AF3DD4F46B8E
SHA-512:	5E56CEAAAD79ACEAF67449483D369BF1C5509EF2880D6B249897CEEA43426809661C65114C63B7876BCB9D216C349344697181BE48F570CB7A21021C94CBD7B9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.leg.state.nv.us/Home/library/js/jquery.smartmenus.min.js
Preview:	/! SmartMenus jQuery Plugin - v1.1.0 - September 17, 2017. http://www.smartmenus.org/. * Copyright Vasil Dinkov, Vadikom Web Ltd. http://vadikom.com; Licensed MIT */(function(t){"function"==typeof define&&define.amd?define(["jquery"],t):"object"==typeof module&&"object"==typeof module.exports?module.exports=t(require("jquery")):t(jQuery)})(function($){function initMouseDetection(t){var e=".smartmenus_mouse";if(mouseDetectionEnabled\|\|t)mouseDetectionEnabled&&t&&($(document).off(e),mouseDetectionEnabled=!1);else{var i=!0,s=null,o={mousemove:function(t){var e={x:t.pageX,y:t.pageY,timeStamp:(new Date).getTime()};if(s){var o=Math.abs(s.x-e.x),a=Math.abs(s.y-e.y);if((o>0\|\|a>0)&&2>=o&&2>=a&&300>=e.timeStamp-s.timeStamp&&(mouse=!0,i)){var n=$(t.target).closest("a");n.is("a")&&$.each(menuTrees,function(){return $.contains(this.$root[0],n[0])?(this.itemEnter({currentTarget:n[0]}),!1):void 0}),i=!1}}s=e}};o[touchEvents?"touchstart":"pointerover pointermove pointerout MSPointerOver MSPointerMov

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\loading[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	472
Entropy (8bit):	4.8869645522596725
Encrypted:	false
SSDEEP:	6:WJXdhRBxT3/qteos/v5S3x5KvXonALxtVpAs/r5CB+HzJpMMZv5S3YB/oXix5Kvm:WDb3SDgi7KWAzwgr5hzMkiYa+KWA+
MD5:	FFD6A474C699EB74D88F56A13E9CFC03
SHA1:	86876381DA3D1F1CBA68F751FBD0E1A91793A133
SHA-256:	2BD00375055694D51247B9C91BACDBBEFC8E671B6A21599F39B71FFB85294F09
SHA-512:	E06725E4CABB80E4E0C6DA3A6F83741C1CF8375779A476E4AC14689168E4B0EB4D02A589EC7EDFE3A89144F29B12A9F5E90067E204B5D5617862F06B4F1C9A1B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/configs/loading/loading.css
Preview:	#main-loading{.. background-color: #508dca;.. position: relative;..}....#main-loading #app-loading{.. position: absolute;.. background-repeat: no-repeat;.. top: 50%;.. left: 50%;.. transform: translate(-50%, -50%);..}....#main-loading #loading-gif{.. position: absolute;.. background-image: url('images/predefined_loading_1.gif');.. background-repeat: no-repeat;.. width: 58px;.. height: 29px;.. top: 50%;.. left: 50%;.. transform: translate(-50%, -50%);..}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\logo-md.00d2ad45480b[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	8424
Entropy (8bit):	7.955888342603677
Encrypted:	false
SSDEEP:	192:kWn6B0Z+3vLPGzY1oBmPCNheATHnLozmZJ97lTvGf:vM0ZcPftATHnLvG
MD5:	00D2AD45480B8A1173C3B7D4947FCF12
SHA1:	548B71748E4486CF2B295BAD322A19B1BA289630
SHA-256:	833BC07B6074CD7E8EE64F5CAF3E013A1ABB1A77455635D46CC145BE57926F2B
SHA-512:	8FABC66A173EFB89821DE32FCDC3DE2E1FCBF8E7F0B460B499048383C90E94AAC158467175D02A0F062D1DFDB8E7F4973CC52E2BC756FC76A332235C6D34BE06
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/media/protocol/img/logos/firefox/monitor/logo-md.00d2ad45480b.png
Preview:	.PNG........IHDR...`...`......w8....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs..X...X...m7.....tIME.......D.#.....IDATx..y.]eu.....9w.....A..P^.VEE..h...@L.EB.. .EhUJ...Q... ..P...-..T..b..(`.....Hn.p.....>.9..&../....}.......o..s..,/...D[z.c.....@t0.#........H@{^...<&.....N.R.7.@..+.{ fd...x..?`.Zy..b....~"..R.N.R/....E:.1.QJ.B#...~...~..!..o.....nK.R[....<."P..#..gbz...:j.QQ....o.\F..Nb..AB..iK.Z.lU../....`.PH../..!..Z...S...@....s.%[.H..6..>.....V....>(....bgL'#N....\|.....e...)...i...t...~...f.......^..c[..,.....h.......0NC...Jn...\...P.5.'.f.d... .P...`_ .._....TF.&n;...........9.z...FS....D...t.......(../v.7?....By...!D.......^.P.L.."....G1u.....w....T0..9..`..L."..q$..A..m.n.o.0'V...d....}x...rB"0.!.!.............2..zz. N..A..G.....v"..09I.Jc?.i..FLiQ...?F.?L..{..._...@......k.o...ZmpKb\...~=e...\|..V-.............lJ..`...Nm.<..b.........__..g'.F......:/0.9.>?.3._N..c....2#.%&N...?~..L....S....i.\..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\logo-md.f0603b4c28b4[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 96 x 96, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	3834
Entropy (8bit):	7.8479411852397964
Encrypted:	false
SSDEEP:	48:ScGhvp6zwCtv4Kf9plsxYisfV4T2Kx/F6jMHQ+a2b6IroUNZSZx1BKSPtQMkF09b:NGScKLNxBKaCN9BN8bBKSPtQMkzc
MD5:	F0603B4C28B45CDD04E7D280305468AB
SHA1:	1CB3139B1076D3816DFBDB1C05858B8FE50DF36A
SHA-256:	AF957D56E88617057FEB1CE43DCDC9E71BA9C8B8A0D98E52A7068543DDBBA603
SHA-512:	D5A1CA073624F36547B26E833556D3A835BD3E6CE0D2E305946DAA87FA9678973947A13569EAFF3C8BE72F751CF3365F452252062A14623444C98A1870E7B29D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/media/protocol/img/logos/firefox/browser/logo-md.f0603b4c28b4.png
Preview:	.PNG........IHDR...`...`......F......PLTE....\|X..}..I....O[..:..q..G..?..D..m..>.QB..I.5d."...q..s..k..!.?...r..H..r..F..F.z3..D..r..C..G..E..G.....C..r..G..r..&..D..K..A..F..#.u;.z9.b6..!..U.hD.b3..;.s#.:..2f..s.l(..H.}W.W4..;.%j.iZ.<...P....`[.:.:..7G.<C.H<.AA.D>.L:.S6Y9...B.3L..F..j..L.X4.P8..<..I..n..?..f.\1.1P.....9.a...a.....D.:...6..\.;...2.....E.....F..r..G....h).F............I..6.....+YA..s5.e,..K..I..A..:..8.B.ZI..k6..:.Q...L.y .~....t[.mZ.8...7..7.c7..#...fX...E.z5.K..>.]N.f2...I..9..5.Z.{Z...1..(.t#.V...NrM.e?..$V..B.l'`T.}%.q,._6...8..8.4...P..6..0..%.Z.\|L...l..F.p&iK...a..X..C.Q.H.qA.+...d..P.S.?.F.=.4..:.q7...Q..I.C.?.4...S.9....]Y..Y.jV.vU.;.s?...1../.0...M..>_.A..}.+e.S.`x.q.+].\..s..>X.H..,.c.._.L..F.eD.?..m.7..!./N`<..v..9I.e.Gt.fY.LX.P...._..Kt.hl.ON.Ho.:.....FtRNS......(.U..W8.\|-"..}.....w..id......@....tj\...C......H....G....Z......fIDATh..MH.q......:(c.:....K(.*..b....[.9.Yf...L.,..C/h........E..B2.c8.<h.x....{..=..........{T.O

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\logo-sm.0bc3e6ae9d32[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	2491
Entropy (8bit):	7.806829480704644
Encrypted:	false
SSDEEP:	48:mXI83rIRArg7EHYgcwKopTauRTO/ikah7p/btfc3KV9H:mXlCE4pczRTUah7p/btE3m
MD5:	0BC3E6AE9D320DDECD3EC7B7E1DE8DAD
SHA1:	9E33E3CBD660C1AFDFB6467F4CD9AB47F3E94FC4
SHA-256:	8DE69D72F41FDEF11C8F8A5BC159A62C754523524B169F02003E9A8DAF3C18E2
SHA-512:	20A3A7E776279DD133C064E87F2535FB7C263A93173504760A5C009007E41BBCC8B871C545EA001893478B35358E9963BF51B04B29DF7C7FE428157C6B8322E6
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/media/protocol/img/logos/firefox/monitor/logo-sm.0bc3e6ae9d32.png
Preview:	.PNG........IHDR...@...@.............PLTE....Af.5..q.C...X.ZZ.Pe..\.W..8.J..K_..]..^..YFb.2...\.._pZ..<c..[.;f.;l.8..[X..[..Y.<..<d.+m.N].pY.^Y..\|.%s.uY.:d."x..\..\.8j..Z.LZ.....\.E...].M..5...Y..{.6.. z..[.S\.#y.K_.zY..~.J_.=.A.H...\..]..].F`.bY.S[.4...Z.V..R..M...[..].....Z..d.3.F.;...j.R\.dY.I_..{.R\.bY.;d.kX.6..L\..\.}Y..d.(s..Y.6.. z.s.x..#v.$u..c..[.$u.yYqZ..!y.=c.@.R...Z..\.>\..d..Z..Y..^..Z..\..[.:...Z..Zb]...a...{Y.5...Z.a..9.1.Cc..KO[^...Z.4..._Cb.1.. {..^Z^..oTAe.zY..4.6...{.5.4.Ec..._.._.8...\.;.ja..0...a..^..].6.T..k..;...\..^..[.}.d.."w.3...{..~..\.N].E`..\.R\..[..].UZ.8..I_.vY.ZY..]..\.Bb.K^..[..[..Z..Y..Y.<..=c..]..Z..Y.\|Y.lY.^Y.R..A..+l..b..Z.qY.gY.cY..a.'r..c..`..^..Z..Z.4..9d.U..O..L..J.F..2g9d.2.4.1.Q`.1.d\.[^.4.,e.7.~W..2..QQ.JLyY.Gd.B..t.Xn.]..[..>I.o4.....tRNS............AA....-....,...............oL7"..............LLI7-..............................~hfed_><8......................\|lgMKK.................}qfdd[URA1..............USA!.da...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\logo-sm.f2523d97cbe0[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	2832
Entropy (8bit):	7.797747765966445
Encrypted:	false
SSDEEP:	48:OLooNRKEeWvv+4TdN5yXMAeoRJ6dGykjoB8phDq+0Pii4MwcpFmHmHcfU:2oE7Hf4XMAeof60t0B8phu+Q4Mwo32U
MD5:	F2523D97CBE08B2763FE13D31B42EE29
SHA1:	058EDFA200BCE72DD0F1C9CEF36E20E720E31EAF
SHA-256:	134BACE3D304A22A8CCFE467D4DF111A8AC901FBE423ADAFAED6F4630F290CD2
SHA-512:	E3D61779EF22C59A980D238E99979CE6549370D9AF7CF6C329A81308C9AD81C9FB3203B9501EDDAA2B2E0640D9922338DB32D97566D4BDF198E8457BD6B9403E
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/media/protocol/img/logos/firefox/browser/logo-sm.f2523d97cbe0.png
Preview:	.PNG........IHDR...@...@.............PLTE.....r..q.na..9..p..z..I.]8..P..2..p..H../..A.\...G..I.'...Q..G..q..J..F..p..D.s9..q..B..J.>..!e.\|?.=...I..r..G..E..r..G.8`..=..:....=F..E.~G..s..H..7.....D..K..D.;..S6..D..J.f,.:..Ab..<....tX..G..9..`.....%.0f.p%.h.^1.R_.^.\\.;.....Ba.G=.=C.B@.P8.K:.6HY9..8E..B.T5..i..m.3L..b..D.X3.[1.9...J..F..L..D..H..H....;..1P.d,..".....f..?..:.`/......../..F..9..6....A.."Wo[...7...h..&...z\.[J.e3../N..G..>..6.s$....D.dX.^R.ZC..S..H..G..6.}6.t6.m'...i<...Z..<..<..6.f6.y .Q..[..<.Z=...K..A..6..4....~..W..I.,...L..?.m5..3....J.>.yR.6.lR.3.}(.q,...d..P..J..I..;..7.>...\..[.vU..I..C..B..<..4..1.H.A.yI.;.B...l.._.dW....S.0.rD...q.MchH..s...1.....).O..O.x;../....c.UZ.SH..E.R<..*.O..L..V..v..1_.V.DV.R.[.u=..H_.LV.UL.a.u....`q.}].R.p<..8.j..Y..hp.cW.)`).+...OtRNS.... .....D>.4...&...ea_T4&........L.....vnle........b........q......vbd.c....vIDATX..]HSa.....-d..c2Y...d.~.}HQ..Q7.nV...pcs.....fs.f#..b9\m.....F.]...B.@.D.....=.s.P...<

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\logo-sm.f26fdae37f50[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	2620
Entropy (8bit):	7.805064186143995
Encrypted:	false
SSDEEP:	48:H+c7Bc3ldV90VLYWvRJk7zvVsldJWTzJlFCeh74+/K/KLN3QegVUrQf6GyW/ayq:HfSVXgvRJk7i1WzJlFCeh74+iWN3V1WW
MD5:	F26FDAE37F5074A8665D64A1CFC56BC3
SHA1:	D0DB7354911FC3F8566BC013503E58D64F6E6A21
SHA-256:	DAC9180657C5914D424BF6BAD94BD6C61D4340F268C7A2851BE817302E53AA93
SHA-512:	8C04856ADD87B488DF063CDF9594E0F8E508E472D67F29C69ABF61971D3800D3363AE59A07A055AC7147279CEC5B73A70C7695E1E0418E60544D460F92CCEAFA
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/media/protocol/img/logos/firefox/logo-sm.f26fdae37f50.png
Preview:	.PNG........IHDR...@...@.............PLTE....f...`.J...[.E...j..m.n.+l.:...d\|`..4.IT...[..X..N.0n..S.1m.Fi.O..._V\..Pn.%j.)m.'k..O.-l.B...R.7..~Z..W..L.6...g..].,h.9..+l.4...h.1i..Y.W..?...Y.4...Yed...`.9m..e.5.{..d\.%k.?...P.4..)j..X..P..c.G...c.]k.4...f..j.L.<..vdt[.6....Y..W.r..p.B`.^p..lYa.6.QZ...p.a^.ij.Jg.W_..J..`..a.Z../e.q[.I...^..h..o.lMZ.C.}`...X..LY..Ym.=cGZ...za..e.V..J_.Enqd..lo.@U..G.NS.&e.CT..J.FT.WS.JT.^S..a..V..V.cR..W.jT.QR..F.._.&Z.xW.uS..c.&`.._..Z..Z..K.)d..a.0`..\..Y.}V.oV.%U..R..].)\..Z..W.)S..L.J..,f.fU.ST.aS.gR.{Q.[Q.oF..i..].-[..X.+U./S.qQ..N.jM.P...X..W.nQ.)k.&k..X..R.4R..P.jF.Z..^..Be..He].?...g..e..\.mY.[X.S.]Y.QU..Mk.[Y..X..L.V.ta.m`.XW..4d..V.;T.7S..R..P..G..F.zF....`.1^.H\.=\.;W..U.GU.uKtd....<i..e..[.PY.._.._.PUni..Xp.m.BS.m.{......z...qPJ....ztRNS...............{F.>4).......mZW9..............yke[WM,...............MB21&..........utt\7..................YD......fd.)....}IDATX...g<Uq...s.W.QVe..)TRd."...;....2..H.!.P.PFV.DJ.l....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\logo.b38718a07101[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	417
Entropy (8bit):	4.66181080784312
Encrypted:	false
SSDEEP:	12:tcidqt3I08Qu/cIIgnSSFqEu66XtyK9TfLS0:tcidqtT8bp8Euh849
MD5:	B38718A071015ECC1CEF21646287F93A
SHA1:	CBEBCB1AEF5E4B2C3772FE30F5E2085CE7991446
SHA-256:	D4FF5295B6E9C09DCAF86BA551DF5D029EEF0C6AA720F24D6583E5F95B3603C1
SHA-512:	23EE679BCAA1DED71A7C77F079B827ED901A1D3986C97B13B6D36F5E6977EA8CF446A72375462277FF096B0191D8398DA4344C9CC4412698FDA675E7570D7C70
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/media/img/logos/pocket/logo.b38718a07101.svg
Preview:	<svg viewBox="0 0 20 20" width="20" height="20" xmlns="http://www.w3.org/2000/svg"><path fill="#fff" d="M2.795 6.185h14.427v8.087H2.795z"/><path fill="#ee4056" d="M15.7 9.1L11 13.4c-.2.2-.6.4-.9.4-.4 0-.7-.1-1-.4L4.4 9.1c-.5-.5-.5-1.3 0-1.9.5-.5 1.4-.5 1.9 0l3.7 3.4 3.8-3.4c.5-.5 1.3-.5 1.9 0 .5.5.5 1.4 0 1.9M18.1 2H1.9C.9 2 0 2.7 0 3.8v5.7c.2 5.4 4.6 9.6 10 9.5 5.4.1 9.8-4.1 10-9.5V3.8c0-1-.9-1.8-1.9-1.8"/></svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\main_en[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF, CR, LF line terminators
Category:	downloaded
Size (bytes):	368
Entropy (8bit):	5.0485966849877775
Encrypted:	false
SSDEEP:	6:jBESbHS9DsU2Qulhu9ULcdKn4VT9IOMI0ZmwxUKpNyK8oPAEGkpq12gufrXTZ1Yf:jBEcHS9Dpx4WUwo+9HMdZ18o7Guq1pQo
MD5:	6FE416357C1EC0803ACAFE786B8C5FD3
SHA1:	0E01A09F6DD82235E1226BC2D824AB47D3455DC8
SHA-256:	A9E9299BA236AF8E97A3778600B93928D93E7EDB2CBCA1E84D7FE1B862E87DAB
SHA-512:	E5F7F7C08F82C85A951328C9181CBF36B7C2A7A731FCE3D8349DF036F445D2FDDC65829701491406034C20B0272A503CECD165BFE97F0537FF052F5EDD2D637B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/themes/FoldableTheme/nls/main_en.js?wab_dv=2.19
Preview:	// All material copyright ESRI, All Rights Reserved, unless otherwise specified...// See http://js.arcgis.com/3.15/esri/copyright.txt and http://www.arcgis.com/apps/webappbuilder/copyright.txt for details....//>>built.define({"themes/FoldableTheme/nls/strings":{_themeLabel:"Foldable Theme",_layout_default:"Default layout",_layout_layout1:"Layout 1",_localized:{}}});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\monitor.db01b0d5a453[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	10241
Entropy (8bit):	4.624194540675901
Encrypted:	false
SSDEEP:	192:wVW0NiaUSjFSyVlgRdYAGsKYpjSjpJd2qOSrJes:6NR7IRdYAGzJQhSles
MD5:	DB01B0D5A4533CF3876AF95AC6BAD98C
SHA1:	BA72FB8DD926F2F353AC45FCCAEAFC4BB5E37C49
SHA-256:	1D664A2B414436AC6B2B1EFFE2BAF2E38E3B6A908D268223453F8E2DEBC528FF
SHA-512:	0620742AAC14990CB31D452037E90C68F34880BE0AF71CED4B2E3800C21F7529B0E00F491BEF0F3AF822E62D906FB49814F7762871F29859CC5A1749DE2A9D89
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/media/img/firefox/home/master/monitor.db01b0d5a453.svg
Preview:	<svg width="416" height="308" viewBox="0 0 416 308" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><defs><rect id="b" x="0" y="0" width="337" height="190" rx="4"/><filter x="-3.9%" y="-5.8%" width="107.7%" height="113.7%" filterUnits="objectBoundingBox" id="a"><feOffset dy="2" in="SourceAlpha" result="shadowOffsetOuter1"/><feGaussianBlur stdDeviation="4" in="shadowOffsetOuter1" result="shadowBlurOuter1"/><feColorMatrix values="0 0 0 0 0.125490196 0 0 0 0 0.0705882353 0 0 0 0 0.22745098 0 0 0 0.24 0" in="shadowBlurOuter1"/></filter><path id="c" d="M0 .29h16.95v20.952H0z"/><path id="e" d="M.072.288h16.95v20.955H.072z"/><path id="g" d="M0 .478h72.568v27.29H0z"/></defs><g fill="none" fill-rule="evenodd"><g><rect stroke="#F0F0F4" stroke-width="4" fill="#FFF" x="2" y="2" width="465" height="311" rx="4"/><path fill="#F0F0F4" d="M0 30h469v33H0z"/><rect fill="#FFF" x="81" y="39" width="307" height="15" rx="2"/><path d="M4 0h461a4 4 0 0 1 4 4v26H0V4a4 4 0 0 1 4-4z"

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\overview.built[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	76379
Entropy (8bit):	5.203462373699319
Encrypted:	false
SSDEEP:	768:kigxbOJflfqwN4XEWawb2J0BISjlEPlsA:kigxSLWEiA
MD5:	3D4BCE20AE0E15264E88030A59733DAA
SHA1:	71D507964AA1CAADDB1822BA3E698C375DEE14A6
SHA-256:	D1615ED969FC1BCB451C396562816B90A91CCABE557EEACAC7585F90543BC4BD
SHA-512:	C19838658A456F0B5CD0634376E5686F2833DA33934AA591C872AE36E6CD97F667A552D13F25D886A3114D83826DB2FE67C1C9972DC9F56E03FF9E53ACC06F36
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/v/safari/m/built/styles/overview.built.css
Preview:	.tile{margin-left:auto;margin-right:auto;box-sizing:border-box;height:100%;position:relative;overflow:hidden;background-color:#fff}.tile-content{padding:40px}@media only screen and (max-width: 734px){.tile-content{padding:30px}}.tile-button{color:#fff;background-color:rgba(134,134,139,0.92)}.tile-button:hover{background-color:#86868b}.tile-button-wrapper{width:44px;height:44px;bottom:24px;right:24px;cursor:pointer;display:flex;justify-content:center;align-items:center;position:absolute}@media only screen and (max-width: 1068px){.tile-button-wrapper{bottom:13px;right:13px}}.tile-button-wrapper:focus{outline:none}.tile-button-wrapper:focus .tile-button{box-shadow:0 0 0 4px rgba(0,125,250,0.6);outline:none}.tile-button-wrapper:focus .tile-button[data-focus-method="mouse"]:not(input):not(textarea):not(select),.tile-button-wrapper:focus .tile-button[data-focus-method="touch"]:not(input):not(textarea):not(select){box-shadow:none}.tile-button-wrapper:focus[data-focus-method="mouse"]:not(input

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\pbfDeps_en-us[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	261
Entropy (8bit):	4.965574673608343
Encrypted:	false
SSDEEP:	6:jBESbHS9DsU2QulYI9WwdMILhZmMJLio9wWRLKcAx1QdaEJeZ1YMe:jBEcHS9Dpx9s1CydF79wWRmcYsevYf
MD5:	FC19CD94AB805FFAB10C86C4E77969EE
SHA1:	4FE0295FB680E500D377644D27511EE1D252944A
SHA-256:	80BC42EE1E951B107E690E057DCCA581B8C722D6453AB4D3B77E2581509342A5
SHA-512:	254DB5ABDB50343AB7F25A8BE3A57EE25C1D5A8EFC1CD0801E7F8681041EDC8CEC4A7190FAF3FB757575EA4C1BE4475AB52DF71FC32B5644CDCBCA197868B72B
Malicious:	false
Reputation:	low
IE Cache URL:	https://js.arcgis.com/3.35/esri/tasks/support/nls/pbfDeps_en-us.js
Preview:	// All material copyright ESRI, All Rights Reserved, unless otherwise specified...// See https://js.arcgis.com/3.35/esri/copyright.txt for details...//>>built.define("esri/tasks/support/nls/pbfDeps_en-us",{"esri/layers/vectorTiles/nls/common":{_localized:{}}});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\pointerbottom[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 24 x 12, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1234
Entropy (8bit):	6.649405337855879
Encrypted:	false
SSDEEP:	24:Fy1hpunQWwjx82lY2T3gVZEHYyJ3VZvHbGyNW/fQX4pNlGxN:FwitNn2cgJ3HRaM4pNg
MD5:	7AE0B475C798A185121005E24B35C09F
SHA1:	92986A524F0A9B166225635068EEC39EC9163434
SHA-256:	4122332BC6014DF70BFDE93F047C45A40417BACCF4C7A420A7F750C20C80BE9F
SHA-512:	D998716D887D717C19FF34893144B7D381ABAD71CBDBB9EF151B9B774D9CEBFD37767E7A81C48F96B4EDA71C2381BB09C30E920AB7C33C111E2E3FCA5A77B0BD
Malicious:	false
Reputation:	low
IE Cache URL:	https://js.arcgis.com/3.35/esri/dijit/images/pointerbottom.png
Preview:	.PNG........IHDR.............x0}u....tEXtSoftware.Adobe ImageReadyq.e<..."iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:5A5A0AFE72AA11E0B9BCE972F6B65F1A" xmpMM:DocumentID="xmp.did:5A5A0AFF72AA11E0B9BCE972F6B65F1A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:5A5A0AFC72AA11E0B9BCE972F6B65F1A" stRef:documentID="xmp.did:5A5A0AFD72AA11E0B9BCE972F6B65F1A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>C.h...FIDATx.b....@..\.p..%.j.[S..-.z.lF.. ....p..u..w07b.8...g.Y..`..,..`..F.....7..fD... ..1l"....K..^.V..'4...@..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\proximity[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	730
Entropy (8bit):	7.6433744901099026
Encrypted:	false
SSDEEP:	12:6v/7XGrXmtn0jQhlxC6MpCGvr80ioZss/bmCdXetViSXWUMNBH3NIO1V1QkU5Swg:gOXmt0V2Gvo0iUgCItVi9hTNIOL1Djwg
MD5:	CC08408A15F32FE3C37A5C9B01E2914C
SHA1:	5A31E7C78461BF879B4056E5278E723718E47EDE
SHA-256:	4F4918E143300D498AB912B4353D6B6D815340B3D8238E8CB0D2C1FC8D3ADDD5
SHA-512:	3675C394D640D2268ED3A61B26BA102E815B5C88E134AA0B8C1AE955219238EDD1C9D2B0756B43FC0025ACC377317FAC2B6F9B696A16DA3C9248CE6711B40052
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/widgets/NearMe/images/proximity.png
Preview:	.PNG........IHDR.............r......tEXtSoftware.Adobe ImageReadyq.e<...\|IDATx..MhSA....G..-.........R.".?..(..B.PD..$R.E..b.~.AD..PO"=.A-........j. jS.....`x........fg2....d.E....9...... .Z+x{)..'hu..A.l.J.sK..=.[.K...h...V....t..;.~..3...dW..x.k.M.8%...[.O.Lh\.up...0..$,...Jdi..q..n{....d...0.........F6K.4.@.d....t.J$....,...*.......Z{L.v...N...>...2(qN.........Y_.W...Z:d...5.......lF....6.O.y.n.9...YO..;....8...i..L w6Mb......,R..+....4..,.5......5G..3l..p.87.n.......Rk.5..!.wp,._<.\|.z...yR.....+y.p".-l........f...o..K.......P..6..=...l[l.vk...q...j9.+c./...!.i...>.8B..\.f.Z..Z.i..Up.n..u....Z..x`z.\|.v.Z.W.~...P.VV..P.n.!...S.{k..".R......a.4C....^....".[....cll.^_>....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\query[1].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	411
Entropy (8bit):	4.841840490328076
Encrypted:	false
SSDEEP:	12:YKYUY6yp7XeJ0Oni1iO1dAvuqRHZP/oYVRas1st:YKrNyJXeJ/nO1dA2qxZ3nVgt
MD5:	F0F34154289EF291E8B625B38B55A365
SHA1:	F04E6F40CD5707F4D5C70266DDB5CECC11795C90
SHA-256:	856AE48DA052E31847CF83A39EE797F08430433A12EFE0A7254E00FD472C74A4
SHA-512:	9A414E24091F65E1355F0B286B3635DFD299416E53490E6FB190A3C1EB369BE81891AFA87F544D24CFFE394950EEB1F3BF7033760B4B26A43038D8154E8D48DE
Malicious:	false
Reputation:	low
IE Cache URL:	https://services9.arcgis.com/UU5yXg9PV67U0ebq/arcgis/rest/services/ElectionGeography_public/FeatureServer/2/query?f=json&where=electedoffice%20%3D%20'Board%20of%20Regents'&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=*&outStatistics=%5B%7B%22statisticType%22%3A%22exceedslimit%22%2C%22outStatisticFieldName%22%3A%22exceedslimit%22%2C%22maxPointCount%22%3A4000%2C%22maxRecordCount%22%3A2000%2C%22maxVertexCount%22%3A250000%7D%5D
Preview:	{"objectIdFieldName":"OBJECTID","uniqueIdField":{"name":"OBJECTID","isSystemMaintained":true},"globalIdFieldName":"GlobalID","geometryType":"esriGeometryPolygon","spatialReference":{"wkid":102100,"latestWkid":3857},"fields":[{"name":"exceedslimit","type":"esriFieldTypeInteger","alias":"exceedslimit","sqlType":"sqlTypeInteger","domain":null,"defaultValue":null}],"features":[{"attributes":{"exceedslimit":0}}]}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\query[2].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	411
Entropy (8bit):	4.841840490328076
Encrypted:	false
SSDEEP:	12:YKYUY6yp7XeJ0Oni1iO1dAvuqRHZP/oYVRas1st:YKrNyJXeJ/nO1dA2qxZ3nVgt
MD5:	F0F34154289EF291E8B625B38B55A365
SHA1:	F04E6F40CD5707F4D5C70266DDB5CECC11795C90
SHA-256:	856AE48DA052E31847CF83A39EE797F08430433A12EFE0A7254E00FD472C74A4
SHA-512:	9A414E24091F65E1355F0B286B3635DFD299416E53490E6FB190A3C1EB369BE81891AFA87F544D24CFFE394950EEB1F3BF7033760B4B26A43038D8154E8D48DE
Malicious:	false
Reputation:	low
IE Cache URL:	https://services9.arcgis.com/UU5yXg9PV67U0ebq/arcgis/rest/services/ElectionGeography_public/FeatureServer/2/query?f=json&where=electedoffice%20%3D%20'State%20Assembly'&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=*&outStatistics=%5B%7B%22statisticType%22%3A%22exceedslimit%22%2C%22outStatisticFieldName%22%3A%22exceedslimit%22%2C%22maxPointCount%22%3A4000%2C%22maxRecordCount%22%3A2000%2C%22maxVertexCount%22%3A250000%7D%5D
Preview:	{"objectIdFieldName":"OBJECTID","uniqueIdField":{"name":"OBJECTID","isSystemMaintained":true},"globalIdFieldName":"GlobalID","geometryType":"esriGeometryPolygon","spatialReference":{"wkid":102100,"latestWkid":3857},"fields":[{"name":"exceedslimit","type":"esriFieldTypeInteger","alias":"exceedslimit","sqlType":"sqlTypeInteger","domain":null,"defaultValue":null}],"features":[{"attributes":{"exceedslimit":0}}]}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\respect.0aec7a05a11d[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 546x670, frames 3
Category:	downloaded
Size (bytes):	110113
Entropy (8bit):	7.963325255212332
Encrypted:	false
SSDEEP:	1536:js7KgSdrQILGE9J8iZRPuRghRPc4IN5eNW8HMxVkweAAdqVQ97WJTr9F6XRbLENs:jsDSRmCDpxIN5H8HMzeAAdH04XRfENs
MD5:	0AEC7A05A11D07DEC2FA8FE44C25A967
SHA1:	C1378622040F26DFB58C8E1BCBA60570E82B7958
SHA-256:	6B982FE1016AA372D134F5238FC2F2BCD0197E24BE0C4B53967C8EDCA6811AB6
SHA-512:	650C6936528DF7A849BEEA5D1C9504D6DB058B29BAA8B2A1741014C122C074917FAB62DC4246408779A4651825096488C12FE0B5512605DA5F723983680CB30E
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/media/img/firefox/home/master/respect.0aec7a05a11d.jpg
Preview:	......JFIF..............Ducky.......F......Exif..II*................1http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c140 79.160451, 2017/05/06-01:08:21 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2018 (Macintosh)" xmpMM:InstanceID="xmp.iid:EE486474EC5411E9BE1C80E30B3E4C40" xmpMM:DocumentID="xmp.did:EC1CCA12EC5611E9BE1C80E30B3E4C40"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:EE486472EC5411E9BE1C80E30B3E4C40" stRef:documentID="xmp.did:EE486473EC5411E9BE1C80E30B3E4C40"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...C....................................................................C...........................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\results[1].pbf Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	data
Category:	downloaded
Size (bytes):	515843
Entropy (8bit):	6.673110988357049
Encrypted:	false
SSDEEP:	6144:QUXHBfCon+r+7wajWhKXB6PzVB9w47uFELOcSaIlk+il1kB:QmHBfw+75KhDrdScClJka
MD5:	E0AC51534289DA4CF9543088458A9F7E
SHA1:	916E327A95E2B9AA6ED111E524CDA1293204D429
SHA-256:	7C7FE97D1CE1413CFF0D108A23AE8417AF39AE64E31DEBC06700391610B89553
SHA-512:	EE6B5C75F91D70CF8A1660D0A426827E3C3D1E16C4DF51CE8B066905269515626CE94A54C6EA90D12E6DD4D0911B3D2A516078C6643CA2DF26C12B837BA3A337
Malicious:	false
Reputation:	low
IE Cache URL:	https://services9.arcgis.com/UU5yXg9PV67U0ebq/arcgis/rest/services/ElectoralDistricts_Intersect/FeatureServer/0/query?f=pbf&where=1%3D1&returnGeometry=true&spatialRel=esriSpatialRelIntersects&outFields=*&maxRecordCountFactor=2&outSR=102100&resultOffset=0&resultRecordCount=4000&cacheHint=true&quantizationParameters=%7B%22mode%22%3A%22view%22%2C%22originPosition%22%3A%22upperLeft%22%2C%22tolerance%22%3A1.0583354500042332%2C%22extent%22%3A%7B%22xmin%22%3A-13359059.4663%2C%22ymin%22%3A4164133.505800002%2C%22xmax%22%3A-12694835.5456%2C%22ymax%22%3A5161310.047700003%2C%22spatialReference%22%3A%7B%22wkid%22%3A102100%2C%22latestWkid%22%3A3857%7D%7D%7D
Preview:	..........OBJECTID....OBJECTID....GlobalID*(..Shape__Area..Shape__Length..esriMeters8.B.......b(...7s.'...?.7s.'...?......n.zi..P...W.SAj...OBJECTID....OBJECTIDj(..FID_assembly_2019....FID_assembly_2019j%..electedoffice_ASM....Elected Officej...name_ASM....District Namej...districtid_ASM....District IDj$..repname_ASM....Representative Namej-..repimageurl_ASM....Representative Image URLj...party_ASM....Partyj...Term_ASM....Termj...districturl_ASM....Websitej#..pdfmap_small_ASM....PDF Map Smallj#..pdfmap_large_ASM....PDF Map Largej%..district_num_ASM....District Numberj$..FID_senate_2019....FID_senate_2019j%..electedoffice_SEN....Elected Officej...name_SEN....District Namej...districtid_SEN....District IDj$..repname_SEN....Representative Namej-..repimageurl_SEN....Representative Image URLj...party_SEN....Partyj...Term_SEN....Termj...districturl_SEN....Websitej#..pdfmap_small_SEN....PDF Map Smallj#..pdfmap_large_SEN....PDF Map Largej%..District_Num_SEN....District Numberj&..FID_regents_2

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\right-arrow[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 11 x 20, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1004
Entropy (8bit):	6.105405060374939
Encrypted:	false
SSDEEP:	24:R8y1he91Wwjx82lY2T3ouVTKNjkyJ3VXdPZ9GKLX:2wqQNn2xM5J3zHLX
MD5:	A4D9CD37BF1047513EE0F61C285A54F6
SHA1:	34C51FD722531FAEEB8B71DFAEE51E424DBA6DAE
SHA-256:	D934E1F0BC8276E20E89BE58971DFB7A99D2B1A306A7A35148C03EB8987A0A0F
SHA-512:	0EC4EF4AC4E3ACF25A0A636673814196D03A257304A28C80910EA109F177AA511028733CB448209739C7BF9515E5FDA34E12FE890B5FA4C616F38BDB3CF612E3
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/widgets/NearMe/images/right-arrow.png
Preview:	.PNG........IHDR.............[,.h....tEXtSoftware.Adobe ImageReadyq.e<..."iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)" xmpMM:InstanceID="xmp.iid:8943BDCC39AD11E59291B5ABE657A729" xmpMM:DocumentID="xmp.did:8943BDCD39AD11E59291B5ABE657A729"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:8943BDCA39AD11E59291B5ABE657A729" stRef:documentID="xmp.did:8943BDCB39AD11E59291B5ABE657A729"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..h....`IDATx..Y.. ...........m]F0 .8..=....C.sQ.....K..~..9...2v.&.....j.../..S.....iQ...H.[....0.-\|#.w.A.....IEND

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\safari[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	31586
Entropy (8bit):	7.985614805159623
Encrypted:	false
SSDEEP:	768:jZmngBtV6CHmHsZJsSRKugxvINbH/cjt4oywr9:aEtnGyRLgxsbH/cjKoyI
MD5:	251D805902983FC54513B66519BEDC18
SHA1:	3392E9C8B828FE9785F8ECBA22D4308FBBC346D9
SHA-256:	140DFD420CFA6B9D8B8EB5394FE2E759DF920208A967DBA28AE422B48F131DA9
SHA-512:	148673BE5B3D109C32563FB22BC349D589A17CB29580338FE0B584EB9B3895D28E6A4011FAF65404E173B5F9F768F49C4B8E22773B1BD2DFA91A342221EF8E48
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.arcgis.com/apps/webappviewer/browser-message/safari.png
Preview:	.PNG........IHDR..............>a.....gAMA......a....8eXIfMM........i............................................kF&M..@.IDATx...._Wu..mzW.Q.]..-Yr..l...4.BIB....p.\|.....B.I...\.6..w.n\.,.X..4.i4..4E...}.....8....}w...g....k..v91...)..._...X....?!........`.kt....US.-...G.^3...?.@.j..g."=.6..<.#.UmR;S.g.N}...OL.>=.H$b...N.....\.W.uk....f.\|2..}U>z..$B...wn1...F[..y.+..Z......?.F]].d.<>.J5..z...^...pW.W..;@>....<..B?...%^w&.9....#.w.>.....x}Q..".'@..........'..noy.[.G......N.4i~II.,.7...t...S..K.KyR<....{...2.6.......b. .d....D..<'...!..`.hkk......u...?...s..D..y.^.....p...;"vkW]uU.SO=5....M.........D......v.>.,O.''w6....x..):"....z\..B../......x...^....EuQ.T7.1j..6.-........`...g...u..%w...t.................S6.=.r2<2B.~\|<..D............z.A.(Kly.....(....S]T'.MuT]Ug.]m..._...KUjTO..y......O..////_.{_.........Y1..\|._..yEd..pd.....q....K..g.w......A^.."6.c.a(..`V.. z..!..9.....f......g...k....~.?..u%T~....9s./......Y..,8.._...@`.k...7..y....v.1j.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-display_black[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 153680, version 1.0
Category:	downloaded
Size (bytes):	153680
Entropy (8bit):	7.995600438363427
Encrypted:	true
SSDEEP:	3072:dwNwwepbchpkSnQF7IJZ+cHFgpdI/1+AAPXNZL4CMW:dOwfSpkIQehEdI/y9Zl1
MD5:	007E40287E0478DFB47394FBC948FF55
SHA1:	96A644F573CC793AA0F159AB8A2266D3D27653A0
SHA-256:	6872CC45958FF0DB1A24E7CE28F6716EC97BC90BBAFF405B74AA2896BC6EE803
SHA-512:	638D367E100F09FC68EE4EC04B04F6000DF058E9C513CCA9BF6FDFD7A6785914C05BAAE4E3FFF53FE18B0746BE017DB0F0B256D94F5799671E82ED5A254C254F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_black.woff
Preview:	wOFF......XP.......0........................GPOS...`......{..CaGSUB..6....(.....jw1OS/2.......U...`...cmap...`...J..?..../glyf..I@..4.......cDhead...0...6...6&\|..hhea...h...!...$.U.9hmtx.......[..(.p...loca../.......(.....maxp........... .[.Wmeta..G........1...Cname..~(...#....A.D_post...L....... ..............A._.<..........Y.......Z.v...D................x.c`d``..O..A....?2b3..".K.........x.c`d`..d.........!...f.)z.....x.c`.....................Y..0 ...L..._.f`h.....\|......g..O...}...... 9....@J....7..3...x...tT...s...LFD...^L$./....!$...$. ....P.P!.(.m@..."z)TQ.......Vo..W...\k......U.a...3{..0.....f......w.{...f...a.\|.....D...X....u...R...k..O.i;.B....t.V.B....o.i..h).obR...r....Q2.>'......d.O..[Kk~....e....._.GM=.{.<b..!.BTY...Q.!Q..[.}..4.+$G.[8...e.p..(.w......y....\.3....3.8...C9...!.:.e2.o%......<N.gk....5..x..!.C_e.E.D...x.....J.....&....W.p...t.....E..~.i........D.[}..{.!......1.s..Ro.9.g....U....M...J$;..^.#Y...H..:.X...~o2.">.cQ~d.".V.A.....9..w..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-display_bold-italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 102496, version 1.0
Category:	downloaded
Size (bytes):	102496
Entropy (8bit):	7.992291707503062
Encrypted:	true
SSDEEP:	1536:sJfoQjv1F4bk3EQYbVDgiLL7u/6nDqbfobG1D6xSUixqTWJu+wcle6V:s+QL1n01c+7ubfh1GxoeAlIE
MD5:	0365C9F8F4E80A8E5F51D2631AFB97E5
SHA1:	98F640432F4D639AF770CABB9CA836374872453B
SHA-256:	1804D33554E4E1240DDCDEF7A193F3E806F1B3D95D8E2ACDC2BB7CD25806E095
SHA-512:	B0ECDA5414B1C55BBF5C8209DBA0981C3E3005B648EF5EF85808CD7AE7970B928179CF49D95DDEAB96ECB75D2D3F4403F4C9D5D392A330A4D36A5E994E18D1A1
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_bold-italic.woff
Preview:	wOFF.......`.......\|........................GPOS...t..y...(.M]..GSUB..w.........r@QcOS/2.......R...`N.h/cmap..........;4..C.glyf..7 ...}..[.o...head...0...6...6...hhea...h...!...$.v..hmtx...........@..qloca..).........G..-maxp........... ....meta... ...@.....oUlname................post...\....... ................_.<..........Y.......Z......................x.c`d``..O...k......0.E........H...x.c`d``...........!...f.(......x.c`aY........).....B3.1.10 ...L....D.....>.........'...>.....\|...1.b ...........x...pUE...........d..X'.h.......(.(..((...B......`d)'..D$....ad1....a.D..%.d.w.o.g.I......=.....Q....Y..._...T.9E.....:..).(~3.TD..$..H/........_D.HPO........RX}......B....]W7O>..Q2.i.9G@w-...S'...1..8..?Hr.]T..go.Y..E.8.......WXnEm.[8.........V.vA.gH.:....m..x.v=....Hg.....H..e.5...!...h$...V...H..W.......g....4V....>..w............,...}^......{...X^.9.......l.&.I.ef+.~...q.OS.6.:.0.Y.q..P....C...bx....f..T......K..Y,G...UN.^..i(s.eT.r[.6.8n...a.A^#[....>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-display_bold[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 168472, version 1.0
Category:	downloaded
Size (bytes):	168472
Entropy (8bit):	7.994694708510537
Encrypted:	true
SSDEEP:	3072:KdJwNXLWoePV3uaXm+fUBm2yXk76oD+QuE5jwQe+kiMivh0uULVgvvvvvvKTzDln:8JOXLWftFXjfUCRA+QuE5PDAyU5Dxqkp
MD5:	C1AC122090221A465789DE644DC654BE
SHA1:	F19C8498F44A646FB2C7B05EAC4B6422962E37EA
SHA-256:	EF574A6C32DC650787D7F5C8924BE271F9A06C93845DFE27651D1F1460CB03CC
SHA-512:	38F88B2AA43F795E013D74445B463C7FB2025A444FC32C61A86FA743DC01B1C272194DBE5A4BECD43878F18B3DA5C7F49C01D4187D44C6648F0738F48FC687D1
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_bold.woff
Preview:	wOFF........................................GPOS...(...&...V..S.GSUB..pP...(.....jw1OS/2.......U...`....cmap.......J..?..../glyf..I\|..:s..{0..'8head...0...6...6%..#hhea...h...!...$.u.Yhmtx..........(..3..loca../.......(...J/maxp........... .[.[meta...x.......)....name......."....?WC_post........... ...............6_.<..........Y.......Z.y.d.=.p.\............x.c`d``..O..Al.?)...@.d...........x.c`d`..d..........!...f.)......x.c`.........).....B3.1.c....20..b\|q.....w...ap`P...}.?!...y.......X.X..)....N..}...x....U......P."..........P.Q:.P..Ho...........%!.A....$..D..<...`....!.>.....=w..sq\|+>...[{..\|u.{.5qi.......z..]...d...\|...wF_G.<..g.L=.fe.V...E.-8..5.;YG...F:kN..57-.)..U..].A.S..m.. ...A...I......y.7...v...G&dp...in.X..~_.R.U&]q6....R.....w..Q...>!=58b.....V.....yi.......0..A..nC.WQ..gE..:.;.U...j]Q.{......\|......"lU......]..P.W.**L......!..j...I....;.1.yjolJ.....s......te...[..s.\t...0\....Sw3vo..x.4...^m..#.coP...\|+....S.wH9a.#.).Y..].....}1u....E...U/KY.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-display_heavy[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 173440, version 1.0
Category:	downloaded
Size (bytes):	173440
Entropy (8bit):	7.995373310321448
Encrypted:	true
SSDEEP:	3072:/P4wNrDDHo6Q3HSjzg1y4aOfPWJvHCsCyzzz2i3ue/sxL0uXzFQ:/AOrf+SjU1y4aNJvHFzzzJbkRXhQ
MD5:	4BA8D527AA7EA1AC30EA0538541421E8
SHA1:	6B89D0C7A4E179C45ADCD60AE7657CB02AA77FA9
SHA-256:	9B3E39D61DA10F768756E4DAF45D83A9565CE22662CE80CF57C601EB40071CFC
SHA-512:	0E5F58E792D73F06587371709E8B242EA9948B5DDEACA1FA1EC8EB99DD52DA4C56A067351E54FFA3D11109A7A6F6491C27308828C516872F934768B7F4BFCF42
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_heavy.woff
Preview:	wOFF...............t........................GPOS...........fn..VGSUB.......(.....jw1OS/2.......U...`.a.Ecmap.......J..?..../glyf..I...=.......Zhead...0...6...6&..-hhea...h...!...$....hmtx..........(.....loca../.......(...#.maxp........... .[.Zmeta...........1\|..2name.......$....A[D.post........... .............Y._.<..........Y.......Z.}.>.A...{............x.c`d``..O..A<...;1....2....y......x.c`d`..d..........!...f.)......x.c`.8...................3.d@......1.......;...080(...>.....<.w....Ar,.........9..^...x...tUE....V./.4.......HH..$a.....@. .1.Ad.0,.,......0.M.-..6-#.}.....c..Q...Q..7.z$.....a..6s&....U.Wu..[......J.?...$u?.g..E..Gt.x@.R/.......O.i;.Kt..LB.o.p.j.o...<G...........e<..e......:.........E.....J..zJ..<.rY@..=:c....(...BL.r..G1X#...A.b.;....pk.....i.j.z...q.jT..mj..\|#.....GQo)}..RZ.......nn)..>.[.~.y............).. ..y..-.#....z.b....c..G..?..e%...:.x.......c.}y..>.;...Q.....(...8...n..$;.#9V.].Xg;b...qB..X=....a.....`..\....}.PM.B....r

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-display_light-italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 109284, version 1.0
Category:	downloaded
Size (bytes):	109284
Entropy (8bit):	7.9937594908000715
Encrypted:	true
SSDEEP:	3072:B+MNuTeO7uTHtgavR99LqUN7P7ZQcLnWnL1vz:uAgI9ZqO77ZNLWnLpz
MD5:	7C3DA7BD374ADF08298E1761E5E5384A
SHA1:	04D805EC06A7C43C4F33C967F3B5D1C148C2F32A
SHA-256:	3AC039C2C72889ED6672C54D5B4A603A9179F829FD58B7585AE56834D933FB0F
SHA-512:	16365257C2175063276528CFC2E777FB885D6671C495034C8019076D6029C9A809ED24287AA8BB6980E01B8AEAC53153F5D0F6F177DAE65F601DFA6638737934
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_light-italic.woff
Preview:	wOFF..............8.........................GPOS..........K\|..{.GSUB............r@QcOS/2.......R...`Mdg.cmap..........;4..C.glyf..7 ......\b..U.head...0...6...6.k.hhea...h...!...$.B..hmtx...........@....loca..)............maxp........... ....meta.......>........name...............Hpost........... ..._........b#.._.<..........Y.p.....Z.........z............x.c`d``..O.........\...".....P.>...x.c`d``...........!...f.(......x.c`a.c.a`e`a.b.```...q.F...H`!... ...0.c@...#........10..c\|...8.$."...H)00..l.....x...TVe........s<NG,.....J...5s4M......L..4$.1".D.#-.h.b.G..`F..M..1.H.r.Fm...x....~H..0.Lq....w...>.........3.....Ey...G..XO...F..#........3.5.......E..j....4....]s.N.x.4.k.......T.8\|.f>d...G..j..?.m..p.x.U.nM}6.A.0.).U...Cn..XJ.&74...:.E...{.hW....:k.....x.r8.#x.. ...........c...M....q.x..2}..".....N;....o..V...s...}.m U.Y}..3sH...?c...^....\}...b...z.vG.........p..X.Oy.R._;...{Hu.[H.N...\|t._....BdgeY....R%.X.....V....V0.m.c.@.Kx..-.X!.....'.i.@

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-display_medium-italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 105608, version 1.0
Category:	downloaded
Size (bytes):	105608
Entropy (8bit):	7.993088322073074
Encrypted:	true
SSDEEP:	3072:bn6+M1qD3uMfpLKFqboiHfHta3yVPdmnMgCDKuCtc/IHfr:bCMftKYbxfHtWymnM5uc6
MD5:	498B4B1F31FA997C3D59961F15713919
SHA1:	CB0BA3A6260656BA8FCAD6D31F09CE048B0012FA
SHA-256:	0F87E14891FCAABB894590ABCB68497EB25576E5549602EBC27A208EAA2864F9
SHA-512:	621CD9E5DC2E17D01BBF72A8C984C0F8D7EA3B995D38A8D99ACC7B5F914CD8D0EB5742D11881E815E3FE57A26E0EB43E9730932519C300C94CD6C73A4A3F16FF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_medium-italic.woff
Preview:	wOFF...............h........................GPOS.......M..(vZ2.GSUB............r@QcOS/2.......R...`N,g.cmap..........;4..C.glyf..7.......Yr!..head...0...6...6...hhea...h...!...$.j..hmtx...........@eg..loca..)t........7..maxp........... ....meta...8...O....."Ftname.............Z.jpost........... ............J%4L_.<..........Y.~.....Z......................x.c`d``..O.......?.\7..".......d...x.c`d``...........!...f.(......x.c`a.`........................B...A...a\|....F........b``...N..q>H.E.u1.R``.......x...t.....s.....($.[$.`QA..8A."([.+.....v..........P..!. ..G6....Ev..vh.HQy_...y..O............w.........m..k........d.o. .r.....I.5.i.z.\|...e!.ED.=]i..5.l+e[...A>.5...9.?.."......W.q..#.[..9d.]y!.;..;.6D.RvE...^...lE....&.2c+'.0.......d..'<-..>g.....1.R...GrDn.N.....8....Yt.?....>%'"..#3..W"%xV}.X."'.g(.@.k.(..g........5.W....._....>.A...9..?...._.....w-\..).9.0.].1..c.z..q..M.`.].{dnYt1b...o...Rv'.R.Y,.....X......#.........P.z...[..r.r..cdD..5.f..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-display_regular-italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 90688, version 1.0
Category:	downloaded
Size (bytes):	90688
Entropy (8bit):	7.993353591916922
Encrypted:	true
SSDEEP:	1536:qQkJfocPjXyffxGJX5w6M55upLe2FiCeNqxN79oKQ1IUO8Vq8kKwiBrSIR:3k+cbXlw6M55IayYNqxN7KIMFkC8s
MD5:	85DA4B9B68208844DD6AEC93DF6003B4
SHA1:	BB29AA56D443198F7E8BDCAB6D1232820174A33B
SHA-256:	056ABD6DDFF94A0D0997517DEE02F269FD97030A2D33479D62CFD19EDED76E75
SHA-512:	49425D45D5FF71B70867D451B3AE9405B0F2E05B6CD06E24F99AEC9F6D3E7B3DD38E9C8EE167559CB868696C6966D1A66C37247C07B2CE43C5B23243C8D247DE
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_regular-italic.woff
Preview:	wOFF......b@.......P........................GPOS...D..T....\|.xb.GSUB..H.........r@QcOS/2.......R...`M.g.cmap..........;4..C.glyf..6.......YZ>...head...0...6...6...hhea...h...!...$.c..hmtx...........@.v..loca..)L.........`.!maxp........... ....meta..R....>.......name...t...........Lpost...,....... ...x........E..._.<..........Y.w.....Z......................x.c`d``..O......?K..0.E......V.u...x.c`d``...........!...f.(......x.c`a.b........................B...A...a\|....F........b``...N..q>H.E.u1.R``.....(..x...t.....;;.....(`.<.h@..ZA..)...A... (...)...!.........@x.... FI....0BH..V.pDD!Z..?{...s!...s~...7....'^..p..s.U[.......`5@.k..97$..o....?:...te=.v ...c.....n7..z...V.{.C.n......?..T.5R.N9g..0:W...V;.Z....9s.'..]S...U..15A.`>\t.y.vu.C..Rke....;d.(.t."..}V.....m.....A.....gp1.V.z-..7NV...b0<......p..Y.E...s....m.......>..^.h.....yg...../....(.}.>W_:{......p.v{...3.@..9..]..1..>=..D.M.9.v.g5Ti.....j...c....X..@.P..X......V..x.P.........V......<.=.qL.W*..U>+...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-display_regular[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 144252, version 1.0
Category:	downloaded
Size (bytes):	144252
Entropy (8bit):	7.99487783861237
Encrypted:	true
SSDEEP:	3072:1CwNy2b+T/Cb2TWTjDSLDgbluUWJjkkO3ZCHw:wOnb8AUhYblcJY/IHw
MD5:	01FB341235BB369EB4072EBB396B42B6
SHA1:	FB5BE52DB964F6115EF4D727F3914A14D1E15788
SHA-256:	783C806F4F139353C95084071E370F5880F764AA636342344A95FDEA5C76545C
SHA-512:	6644DEEC537D72EF06E054A62DE5B5CABFB97042A3CC24ED2D848D8C9B97678DF0D143AD184018C09F2F463AFFCB3A00CFEA77D40CB25BCE795777F94EEFB74A
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_regular.woff
Preview:	wOFF......3\|......L.........................GPOS..v(...q........GSUB.......(.....jw1OS/2.......U...`...cmap...<...J..?..../glyf..I...)...t.. .zhead...0...6...6$...hhea...h...!...$...xhmtx.......8..(.@.D.loca../....~..(..l.Fmaxp........... .[.[meta.."........5..y.name..r....!....E.F#post..v........ ...x........a>.._.<..........Yy......Z.....7.G."............x.c`d``..O..At...V..3.E...&..1.:...x.c`d`..d..........!...f.)......x.c`.0e..................*.r...C...A./n304.....>.........'...>..]...\|.....b ........d...x...tV...9g..Cx.$xy.$H.+@.........(.5P)!.$........0 ....<..\A.].RhK......W.^TT.....O...e/........3gf..}f~H....g..Q....D....@...v..Jk..IR.O..[E._K..I.N...X.ir..../>..j.5.......}.._....'.].....zCJ.~...5...~.a;...2>H..l..+..../...%......C.r.g...8+-.....<.+..W.VKKomY.....Ml..,.~..J.a...A...U`.yMz]-...)...k%.jq.2..2^........H....[.".4..j.D.G.Eq.$<..2O.^.&....O....kI. ..&X...v.......)..]..=..u4...<K.....z.^K)r..{.9..4..IsD.t.P...K.$-hW...,..6.f.Q..R.....vj.....~

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-display_thin-italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 109616, version 1.0
Category:	downloaded
Size (bytes):	109616
Entropy (8bit):	7.994031657011757
Encrypted:	true
SSDEEP:	1536:xPJfomZ6tK5OGsptND5cVUwoXI/FR7ISLNgurtH2S3xhuwlA75ZZrMLV6Ms:p+rABKfuaJI/xxhoezGKLVg
MD5:	09A446F504B10CFC435E29F982BB0441
SHA1:	76C3914B4628AA9F76FCE92E59B8EC8A9BFEE590
SHA-256:	F9C118EEDEABC440BCF1C91199501CE3EE7BC22A18314573590C2EDB56B7A27C
SHA-512:	AF967398FFFB823C8DFD595500BBCBAC6D9DA2A5A886E80030A7E00C577BBA123D0B36157B69881675013DC81EBC7979747BC4FF653961A5EEE7584C6934478C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_thin-italic.woff
Preview:	wOFF.......0......:T........................GPOS...@......K\|@d..GSUB............r@QcOS/2.......N...`tW..cmap..........;4..C.glyf..7....O..^...Whead...0...6...6.?.]hhea...h...!...$....hmtx...........@#...loca..)..........-..maxp........... ....meta.......:....b...name...l............post...(....... ...=.........I.@_.<..........Y.i.....Z.......a.K............x.c`d``..O.....?.?....."...........x.c`d``...........!...f.(......x.c`f.g.f`e`a5f9...0.B3.a.e..... @......ep........>............ 9.....-.L.....x...XVU.....s.EmF.....K.MmF)gp...C.4..-.R.\PSA,.s...2.L...Cs.i@MJ..q.h.I...iJ.........L.<.....=.}.=..O.....3v..D-.E.PK..qE...~Y..b..4......C.j1.N..0.g.jQC=.n$.q.P..l_y..^...HcF..?.}..E....`..c..5.gk..j..1Vl-X.....N...j;6.,.c.Af3o.:&.<..&..:I.....e2.r....J,..4Pg.!..L.u...D.Eatu.8..>......d..0W..s..i....Z.!.]5..........`......S8F.w..^.gV./..lQ+......gm.:....p.=.Z....n..?....r...7#G...B..k.!....w\....j.E.C.\G.T.....\|...S.b5G.e.:tlT......@r.\|9......x..x],....7c...,

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-display_ultralight-italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 109512, version 1.0
Category:	downloaded
Size (bytes):	109512
Entropy (8bit):	7.993950902714743
Encrypted:	true
SSDEEP:	3072:F+rq5befzZXqR3YmaT1zg+e3Ck4tfYyvZej:iEUNoKg/3NSf/va
MD5:	8FEE59852EB7126FC7DDAC757B9CF792
SHA1:	727DBCFE7648E1C2B92C591CAF8582000C46D071
SHA-256:	C917576B7FBB215C6751DA8CAF1C93DC2E8180F137A8815ACD68DC8DDC63A680
SHA-512:	C8D93C9CE6215A9EE2E7C6A2C6256F9344EBFA8E484CC7E76284293A89BF6F04EA7ACD28CD6F613DA29397A10E6EA9ECEBAF52E0F4EAB68400497607BFC0D92C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_ultralight-italic.woff
Preview:	wOFF..............;.........................GPOS...D......K\|..^_GSUB...4........r@QcOS/2.......P...`t<..cmap..........;4..C.glyf..7 ...K.._j.o%=head...0...6...6.).?hhea...h...!...$...uhmtx...........@.F..loca..)............:maxp........... ....meta...P...w....p5.iname...l.......(...:post...,....... ...,.........bD._.<..........Y.a.....Z.......E.3............x.c`d``..O.....?.?.\.."...........x.c`d``...........!...f.(......x.c`f.a......j.r...a&.f:..T..301@...S?....28.......g..O........\|.....b....y..x...tU....3w.}..P.-=....-.H...H..F...."...m..Id+.........E.&e......R,...T...x...w_..g..T.9...f......N...;.....Ey....j..c.L.t@..PU._..L..X_...9...z!.}=.'Z..hQ.t.....T~g.........]...#..z.q...E...ub..nv.,.......F.,.%.\|#.Q....C..]Q2...w.^....p.<.ii.zZ..[a.....n$..)k...P9. .s...e....%L`...`.~_M.._=.<H.Z.r.a.IE...i...h..E..6.;U..Ys..s.^....u.5.6.......5.\.'..c.s..q.8.4.s.I.4...1..k.g~.....c..._G_D..S.....?g....<.T.a:..7..]/..K"c.B.".\...Q.1....{\|C..l....I...mG.......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-text_black[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 149924, version 1.0
Category:	downloaded
Size (bytes):	149924
Entropy (8bit):	7.99476762000203
Encrypted:	true
SSDEEP:	3072:pIwNBsEt00Tkjpb9JZKoOYO6X1J+HsygKuZHTxLupovn:KOBsEt0rTfxI8b+HsyOF
MD5:	4354CE066AD74197F57601227FC848F5
SHA1:	0DB62F2F28A71688EB89D5B7CA1994DA12048A58
SHA-256:	EA60479B3A0CBD60FAFC1A2D62E4C5DE20EC7CFBE8A710BB503CE815837B7730
SHA-512:	9FA3A06AE44F3F7FC7AD0FF011B9B0DF267D521DE8C3B85298F2AABF492B14EB73ACC1AD06FF72CA9C1460909E8F9064E0442134E482A7B66BB144C94EC0836F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_black.woff
Preview:	wOFF......I.......o`........................GPOS.......]......k2GSUB..(....(.....jw1OS/2.......U...`....cmap...H...J..?..../glyf..I4..38.....[..head...0...6...6&o.Thhea...h...!...$.H.,hmtx.......C..(.....loca../.......(.....maxp........... .[.Zmeta..9(...\|...%C..Fname..\|l........;oA_post........... ............>S._.<..........Y.......Z.....D................x.c`d``..O..A....?.b3..".K.........x.c`d`..d.........!...f.)......x.c`..fna`e`a.b.```...q.,L{...C...A./n304.....>.........'...>..]...\|..K..b .......b...x...t......M...V...H.5..4...\|......W..%p$.T...A.....,..]@m..e..b.........][YE..........ryx.gs...~3....7...'Qi.._Z]..=.^.2"E.).L..N'.j2..?.g..B.Sz.....N.o......R.o....I.9.........;%..FF>O.....z.e........!.I...<.l....uO.-....o.z&.[....G..]..c....R#..O..v.L`n.....k..g.,a......D^...p.4+i"....).m...&..4a...*.%Z....oJ."....a.I.m.7.Q...a.Xh..........:..GEf..}..L.'..E]...[.(.[f..KP.B..`.....Ie.;...lw..M....n.V..~.M.7.K.,...N#..T........<..~....[I.......QV./.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-text_bold[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 163692, version 1.0
Category:	downloaded
Size (bytes):	163692
Entropy (8bit):	7.995047855847298
Encrypted:	true
SSDEEP:	3072:cwNCVCEljjzJzIPV+kLe/RCLANHHHoEe8L3epSaOoaxaEkN9IdEBX+:cOCV1l7uPwy4dhXL3e6Px5A9IdEBX+
MD5:	2BF51DB76E923F6AEFCCD27A9694C37C
SHA1:	E5D77D49BEC4FD8D479CA9A4430AB36EA4FA4347
SHA-256:	0D1BBE692CA238745EF9FA28223C2C38E4AF21778B9A845AE2962DAF3202BD23
SHA-512:	98D8457914B42A1412812C0719F4599E3BC6D3929F02D6160163C47934856C3E3405F71733CD6A7F6052924497D70212F6F999E27E8691EE91CE61AB4D0AB236
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_bold.woff
Preview:	wOFF.......l.......,........................GPOS..........d ..x+GSUB..]....(.....jw1OS/2.......U...`....cmap.......J..?..../glyf..Ix..82..z....]head...0...6...6%..^hhea...h...!...$.d.Hhmtx..........(..~l.loca..0....x..(.....maxp........... .[.]meta..n....~....d<="name............8.ASpost........... ..............._.<..........Y.$.....Z...S.=.p.\............x.c`d``..O..Al..?....@.d.....2.....x.c`d`..d..........!...f.*......x.c`..........).....B3.1.c....20..b\|q.....w...ap`P...}.?!...y.......X\|Y..)....[......x...........5.#.......".....8@.n.....}...f.F@@d.6. ...,. ..........0jN..$D4.c...W..M?..3.>...\|..Wu........E...G...Y...@9.v.....?D.D..g.L?.:^T.@.i.i.I......F..dY.~.8...q....N.##.B.E..@.x9...^....2v..Q...\g../..&'Q.L..9..'.boR....=v.....c#.......X.....N..7.u.....Ogi9uq.i..R.?.....[~._.{)0m...{..c.^...~..f....U..hE. .......G,..'g...>..&..a....\|.3........{..$.....z.....%...3w.K=...$.T9..e.....P.................,3../.v...{T... .=....:~..x..7.\|.CFF.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-text_heavy[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 167628, version 1.0
Category:	downloaded
Size (bytes):	167628
Entropy (8bit):	7.9950118469084295
Encrypted:	true
SSDEEP:	3072:GOwNFIuSUowxrbzhASw8BiIcQ1aaOpONnSpYU5Ur1HKUouaPytttqJr/L8FVeMZc:RO5rrrn2LmDc6a4nSpYoUQDsFIMZc
MD5:	3F7EA5838266B0FE872D9FEECB7CEEDC
SHA1:	36AFD831F75A1955B84AC2A7F5F706ADFC2C574F
SHA-256:	016CEA8B186D6C8DBD174CCA559B78022BC4DC83831759C93D6D885C73712356
SHA-512:	291B6EA522A22D36B233CFA4883015BFB3C46E219267CBF7F2BA87E91F6F14C9350E962FAEAA64975952C6540C7E31F040DDB288E32EEEA020F99CD861207F51
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_heavy.woff
Preview:	wOFF...............0........................GPOS.......8..db....GSUB..m....(.....jw1OS/2.......U...`.a.zcmap.......J..?..../glyf..Ix..:5..}p.~Ghead...0...6...6&...hhea...h...!...$....hmtx..........(.6B+hloca../....}..(.....maxp........... .[.^meta..~D.......%Z...name............;.A.post........... ............{.C._.<..........Y.H.....Z.../.A...{............x.c`d``..O..A<...}1....2....w......x.c`d`..d..........!...f.......x.c`.x...................3.d@......1.......;...080(...>.....<.w....Ar,.........D......x...tU.....3s...#-.E.T........(`B...H . .Wx..&.!..@.bI.B+.. ....".TTZ...D....(..p..s..+.eKW.....=s.g.]q....!.....=).......1o.u..U...e.O.Y.!.R.../...+.c.J...'FI.^C..~...{....W#.v......ic......=.5..6.S.Pz..7...e..K.;Fb......F~.}j..!..q..?..+.UI{..X=....... ....C..i..v...</K1.Z....1.z.Xm..0.Y;ny.....h..H..U.i>.W.<......q..e1r..#...\|...>6F..;X.=..0V.S.\.ss..../'...G......../..0L..n.E.d.....D...h1...OX?..v.bD.?G.[.)..\|...9...\|.Ur...W..s.d.5.-...R.I.`..@I.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-text_light-italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 108032, version 1.0
Category:	downloaded
Size (bytes):	108032
Entropy (8bit):	7.994488195691319
Encrypted:	true
SSDEEP:	3072:4me+OS6b4K7M0Ykf8OyJel+8888dRHtYSx1fe:/gSU7OG8OyEeR+cfe
MD5:	4DA911D3F8015353AD95CCC31ABE0A37
SHA1:	EF1DCB2BDCB8BCDDD3FFA17F070B4F192F442941
SHA-256:	A7BA22281661FE75105DCEE2A90D8EFDE2FCD4A209F90BE2884B4A9E7A6FA31C
SHA-512:	FC06E740D6347C5433272A8CE1AC5EC62759C9BD4CEEC5C1937F949067A6A2CDF3D1A8E22555FCC500DE47C603FD85F92A41216967EEFCD54D5878E0B71AC18D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_light-italic.woff
Preview:	wOFF..............Fd........................GPOS...d...,..X.Z..SGSUB............r@QcOS/2.......R...`N.hjcmap..........;4..C.glyf..7(...i..]..3..head...0...6...6....hhea...h...!...$....hmtx...........@.f..loca..).............maxp........... ....meta.......R....(,.name................post...L....... ..._..........V_.<..........Y.......Z......................x.c`d``..O.......vq.2.E......p.P...x.c`d``...........!...f.(......x.c`a....................b...B...A...a\|....F........b``...N..q>H..u1.R``........x...TUU.....}.8cf.d..hfb...f... X".b..._.....jL+q4.E........wfNe...SK3...D:.....\."W...X...~}...>g.}....p....Y....Y!nC.E,F..Y....J.....9s.7...N..H."._P.LW.m.C.....%g.....m"..z.Qy..........\|...2.j....k..c.B..R..+..[?...&.\..b>\.He.#..Y..WK....%ahd1....2..3.:k7..............y.........f..h...pf..~B.y.V.4.....=?y....G.I}.x..}..!U.....7.....6..>..\|....?.b/..z.vo......S...`...k.O.m...X....q......%TA'+....rH..[....k..\.r0.yIu...~<.Ic.C.`{...K.C...\..U>.y.9.A.5b.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-text_light[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 167476, version 1.0
Category:	downloaded
Size (bytes):	167476
Entropy (8bit):	7.995112323242978
Encrypted:	true
SSDEEP:	3072:8wNW9KZTwqKj+ipkk9KNpwLsA5Ltr/arfRHSuAk0uqLojcr:8OWA0qNXk9g2YArWr5uk0uqUj8
MD5:	46D1A70BEE7FB1756D4EB5E0185FE9E2
SHA1:	E978B0BD0941BCD0D92BA2161C1D9518A6EAE9AF
SHA-256:	CF9407AE88C59D481F5FE2FA9761BECE83CD9ACCADEC178CDCF917356F0F6EA5
SHA-512:	F69856634B108A7C8A1B6F341457BC5BF3AF2CA8EE5A941535C20A801FEC9C53C21074976D07F566D6808317425B7F19254D8ED65FFCBFAC0891EA3DDA46B96F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_light.woff
Preview:	wOFF.......4................................GPOS.........i...0.GSUB..l\|...(.....jw1OS/2.......U...`. .,cmap.......J..?..../glyf..I...4C..xk.9r.head...0...6...6$o.jhhea...h...!...$.H.,hmtx..........(.....loca../.......(....maxp........... .[.]meta..}........%(X..name..}.........;.A.post........... ..._........y.a._.<..........Y.g.....Z.....J................x.c`d``..O..A...?...3.E...&.. .....x.c`d`..d..........!...f.......x.c`.f.a`e`a.b.```...q..L1.H.!... .......\|.............b``......q>H..u1.R``.........x...xU....}.......E.2. R.(...0%hH ^...@@K...h.L.P.@...G0.H.......2((....>.,..Z.s.....oB.....{.......... ..p..=D....{.0...fs..S.f.hT..<Y.....h......+R.z../.X..F..y...{X/8.....`#yY..;@..i.k...aR..P...\|..J.R.v..]x.............8. ....m..WGJ.Pe.Oj.u.&_3B.......z(d....j.\..k.uv5.@l....+.z..6.....D0...4G....3.a/...!u.[V_\|....=.Oq.../....j....{..p.V..Pd8..=..Ml#.c.^G.....\.5.:...^...F...\|f...~./....;.o...X..;U.Pjv@.x..z.,)}..~43?...]..!.#.}.=.xB..).bXU...nU..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-text_medium-italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 109612, version 1.0
Category:	downloaded
Size (bytes):	109612
Entropy (8bit):	7.993916642815457
Encrypted:	true
SSDEEP:	3072:mJY+EgUwbxiSB4eIIstqor1pAK3SnKgB6Ub:j9PSBRyqUZWvEUb
MD5:	686FEDF63D4EE1209F286B5D177E00AD
SHA1:	E3A1D9900B78DD81C79D1B7ADA8F52D60C92034F
SHA-256:	E4582D383AE57885A7CA7FE6EE13D08ECCF627EB21F9726830F971C8011286AB
SHA-512:	CE095FB227D97ED169023FFA0B0ED53576C840E2FDA9970746B1ED9A559D8DC63482F1909A3366DD1AB1AA3A2CA207E501B3F43733E2B950517D55FF2427A3AF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_medium-italic.woff
Preview:	wOFF.......,......=.........................GPOS...(......RH...GSUB............r@QcOS/2.......R...`O.h.cmap..........;4..C.glyf..7D......Z...h+head...0...6...6...-hhea...h...!...$....hmtx...........@8Y.eloca..)............Umaxp........... ....meta.......a.....qS.name...T...........bpost........... ..............cv_.<..........Y.......Z.......U..............x.c`d``..O.......?Y..@.d.v.....R...x.c`d``...........!...f.(......x.c`ay.........).....B3.1.b.g@......1<......\|......g..O...}..;.... 9.G..@J....((....x...p.E...3.3..eD@.rH.....BA.."... D1.,.B..N...@B0.@..........j8...\........px..z.....<!.Z..W........~=...l..f4`..)9.j..:]...^..Hpi.d..U.......!Y..........{.Dt.6.......Id..6.5Q...}....u.Y..`..@..........@3.N.K.E5.G..F.ViW._.61..Y;....]..no..Vn.vj...mP.G..!..3.j.mb.......g.+Ca.6.....PX..+.b..D.....T}. ,..}.U3..e\|..O.....~VU.3E.......~.\|..dU...V.....?..."....p,v9f...Pn?.V.ru.n.bg8.E..uL+..:......X.sfQ..//....tt.Y.C.^..ZU;.Q.mS...B..TO..YI*..vZ..R.;.=...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-text_medium[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 166804, version 1.0
Category:	downloaded
Size (bytes):	166804
Entropy (8bit):	7.994655268139657
Encrypted:	true
SSDEEP:	3072:CQSdwN43HDTgj7/LXcM2xQ70J3zz1ss41j/y98uGqnyPBBrEl:CQ6O43HDTiHXcMaKSz5J41298u6pEl
MD5:	A24AA17CD1D51D9D9EE660A7D04923AC
SHA1:	7A6AFB67E7AD60CAD63E4C553E7011FECDA8BB24
SHA-256:	005CB711BF18C010B0DB8362BB3FA03652398F106823212F95E5189031918ADC
SHA-512:	EBFFD30652D8FCFFB1F085C77FFAC65A66417B6946D2ED5006894D521DDAF379EDF77AD594C640655358471D9CCE720E0EEEDBD9251EBBFA24E2D9E6BABCF716
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_medium.woff
Preview:	wOFF............... ........................GPOS...t...j..db...GSUB..i....(.....jw1OS/2.......U...`...cmap.......J..?..../glyf..I...6...tXn:l.head...0...6...6$..$hhea...h...!...$....hmtx..........(.....loca../.......(..lA.maxp........... .[.]meta..{........%..name...@........<.CGpost...`....... .............3u._.<..........Y.......Z.....9...7............x.c`d``..O..A....?."...".K.........x.c`d`..d..........!...f.......x.c`.`..................&2U1 ...L..._.f`h.....\|......g..O...}...... 9.;..@J....F..`...x...t......op..E....hQA ...".D..WdP.A......H.`.Q0..(...s`..U...Z....}j..Z.Vk1...w..!..t..[/k..........w%....s.&.....G6...... .Y......L....cJ.Q2X[..UM?,.a...FzoW...~.x0I.j.a9...,.s...p..#.:.N...,;.....A&~.OS.ke}8.>..[.YU8..).YG.7S....m.......A.kt...Y..z.9.X.c.ui0m.G..u.D.A..sW.uIZj.Rkl...4...Fe.j..9..=.p..K._\.Q.~D...t..y.%..5..D>bY.?.^1.i....a...={.Ss..s3[}S...ef....}.w..g,...h..<.......k.le.E.v_U.....t...(;.B...*e.\|......>.L...T..N..-.APG..Wc.3..0

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-text_regular-italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 92732, version 1.0
Category:	downloaded
Size (bytes):	92732
Entropy (8bit):	7.994055678191393
Encrypted:	true
SSDEEP:	1536:vJfo/salt3XprYHvZw9m5ILV3uWbwuwrRRxQcHgNV07C7oRfymAz9AcG3:v+/saldXKHvZws2LV+WbWRucGVMCEozM
MD5:	3BBDE2F792CE9E112C945DD36B206A08
SHA1:	8A270465D3F451086A90ADE0D379B7F54E08D850
SHA-256:	44D8E374538B735E0588DB5B75160F297EB332B2BF94EE5805FBA967A030823B
SHA-512:	3CF51AF6B631A41068022ADE60081060935D4E60BC16D6472D5F6AB4CCB8BEE63722319E8D18A58E28AE2AEA702D5FCBE7AB87C642A4860801C48504A4BA6884
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_regular-italic.woff
Preview:	wOFF......j<.......P........................GPOS... ..]......XGSUB..P.........r@QcOS/2.......R...`O.h.cmap..........;4..C.glyf..6....^..Y...fYhead...0...6...6....hhea...h...!...$....hmtx...........@y...loca..)p.........&b.maxp........... ....meta..Y....K........name...\...........post........... ...x.........a`._.<..........Y.......Z.......7..............x.c`d``..O...[..?....".....).b...x.c`d``...........!...f.(......x.c`a9.8.......).....B3.1T0.0 ...L....D.....>.........'...>.....\|.....b ......!.R..x....t.E....wUw....J..A@P.c@%......"g.9...B..! a9......O..EaM.A..FP..X.......r.AC.jj.5........{...utUw..x....3....j..lg....Y..K.N...._..r.:...C\|P.<OV).\.)..J..q..../...\^Q.P>.)s.'Q....`.d74............utp>...[!...L.......w~luX.8..noE1.L.'.\..g..V}.-Z(.P...e_P..V....s.N...A.4,?.m.A0.0u.R.a_..\...L.......-.......{.....N.=.....\.......$....;....\|.>...^.^...O.k.g....Qz.;.EN..D&.t..H..4@.=.E....8V}~.....nr.E....`.Tc.}j..........H..I1j.T.^.m...j..9..t*..N..A....h.SoX...K

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-text_semibold-italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 109284, version 1.0
Category:	downloaded
Size (bytes):	109284
Entropy (8bit):	7.99420519551214
Encrypted:	true
SSDEEP:	3072:a+BTVvn5qlwaXmw/bs+yfd+85ojAcGz1Od:fRP5qlwaXhs+yFbuHU4
MD5:	147C0A87B8381D5EA7D48E73F9B8AAC2
SHA1:	176E814EC7B5894C21738EE6625E81864E5D4253
SHA-256:	90D0AE8D176E7A62D2122F067EF451BED867FE33D3FD4F0AEA3EFAD5EA5B9640
SHA-512:	F98B19A39C970E259A7CD6F3176EBEA3636774F3638FDDC0BE60E84D28F10699F6F17B9952796255B633958F161CD1151C36C5254381CF10DB4A30CC7654EB29
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_semibold-italic.woff
Preview:	wOFF..............>.........................GPOS..........RH...GSUB...x........r@QcOS/2.......P...`O.i.cmap...,......;4..C.glyf..7`...j..[.....head...0...6...6...>hhea...h...!...$...ihmtx...........@...loca..).........r...maxp........... ....meta.......N....3.1name................post........... ..............1._.<..........Y.......Z.......k..............x.c`d``..O......?....@.d.v...I.>...x.c`d``...........!...f.(......x.c`ae`.``e`a........1.a%S...X...?..A4..........?...B......)00.......R..L..M..x...p.E...3.3....9W...r.......T.P........!...!.r...p./..*`D....n!.\........$...7/...`i.._.........7S.AM..g.....?.7..[b4Z\.H.)? .Y....1...y....+....\|N..1....vAQ.==n.E.P'......O&....DVC.[G.\..B..L.........8...r}.}-.PS...Z.;n..[MmL..o._.w...v.w+X.2o...5..4.%.."....R..$...+^g..[.3o.A..n..`XY...9kT.....Y.<..v....p..v..).9.}.u..q.{.....s...\|}..>.yO.l}f..s.."u(.......?.......k..8..n..~;.u.=...yN...N.i.....~.!./#....:t.}.....s.}._..\.Z...vU5]^d9..........$/..Vct.....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-text_thin[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 167084, version 1.0
Category:	downloaded
Size (bytes):	167084
Entropy (8bit):	7.995678400319049
Encrypted:	true
SSDEEP:	3072:VwNB7SBnb4z6a4tedrD4m8GODyXUGBI0iigafkxWPl8cdJNu:VOhSdb4z6aldrD4mJOD8lBIhaQml/fA
MD5:	84C7158A4FFAF14100C00AE30B8B364F
SHA1:	EA901BF081675F2ED2ACA6F6E64C7072307CF6C8
SHA-256:	5E07FC7F2C393CB771DE54195F076958D21DB066E5F810E6B948441A553E5222
SHA-512:	5E1A4C33A0428CACDC9E68C28E463C1DA285FD0771FCE5CA1610972CD7CC26A6726EA688CBBDABC4AEDE36500E492F553B28E5C156BC5DDCC50CBA975229C6B4
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_thin.woff
Preview:	wOFF...............,........................GPOS...@......i...b.GSUB..k....(.....jw1OS/2.......N...`tp..cmap...h...J..?..../glyf..I<..5.....a..head...0...6...6$...hhea...h...!...$...hhmtx.......l..(..WHMloca../.......(.....maxp........... .[.\meta..\|0...{....F.~4name............8.A.post...,....... ...=............_.<..........Y.......Z.....c................x.c`d``..O..A....?..0.E...&..p.....x.c`d`..d..........!...f.)......x.c`fy.(.....j.r...a&.f:.`....303@...S?............}.?!...:......Ar,...!Z..k....x....\|......3sC..... Y.......0%...H.!Q.P@"...!.D.. ADE`[J..!.....!.>..-Q....!...P`.wfN......t7....?s.......FA...>.t.D)..a^.q.......1..3&.?....nH.?E....0...X...T....y.'.....r...3u.. .i..t..D..]..x..u.Fw3...=~t....NX.....&ZcT.#\|.H.......S..3....L.`.#.;.%>d}h..wL7T...*..z....w...f...9...i....5D4.6HcL..Y..iQ.^_v.8....k.C1..7..~.;..mc..N...l.....O1[..9O.....?..~.....Xm..i....b/E...).......k/`.uH.[...>..".0,....W"(&.@w.....\.8.i=.s;..?2:...A..D...gb8Y..{/$mi..x.X

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-text_ultralight-italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 107460, version 1.0
Category:	downloaded
Size (bytes):	107460
Entropy (8bit):	7.993352987265117
Encrypted:	true
SSDEEP:	3072:n+Y0zgaeH5rgJYyh9KJI2NHeZecbMWoMymfXZsrbS:70saeZrgey4sZHTpX
MD5:	6C5FEF509D2196E8E6AEFB4FCF120412
SHA1:	F5558720BFC1F351B9921AE98E3C48265F9D9DAC
SHA-256:	A84F392ACED0850B6DC99927FEF67696AF68D8B291D21CF1C97919799CBF18B2
SHA-512:	E74FA353DCF0FB3BB2D7CE478A2580CFC755596A111300152FBA9901B2399B94DBFBA2E53784ACEB92ADF321BF79F189723117FB7ACA62DB094723D089505CED
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_ultralight-italic.woff
Preview:	wOFF..............J.........................GPOS.......C..X.h...GSUB...H........r@QcOS/2.......R...`tO..cmap..........;4..C.glyf..6....C..aFPO.head...0...6...6....hhea...h...!...$...}hmtx...........@:.^.loca..)\........#f.-maxp........... ....meta...d...]....z...name...,............post........... ...,........@\|C._.<..........Y.......Z.........[............x.c`d``..O...k.?.?..^1.E............x.c`d``...........!...f.(......x.c`fY.............3A4...3.:L..@......L.@...ep........>....{).i.... 9.....-.......x...p.E...=.3..rf..npY...*..#....h..jp.d.-..H....s5R.. .2."..$.}..D1Z.Q......r%@.....y!.<....M.._...}......S...R.n.w.?...W..C.$../4....x,....].../$..O'...]....].K......\......_=.j...l..Cq.e..3.\|..W.Y..C../....gl(N`..X...6..../.]..\.>.......B......]OK.>{.2..87W......Z...&....[.A..Q.(E.P........e.X.N<#...q...{.......i.{..3v#..\|.[.k..0o_.c....-.^.e~.S........yNG.Y..gb.t...... .?..v'}.2\..v8z..U0...g.....z..P..Q.D.".r..W.5...V.{..V..9[..`.N..m...}...:..G&{......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\sf-pro-text_ultralight[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 166212, version 1.0
Category:	downloaded
Size (bytes):	166212
Entropy (8bit):	7.995674057689252
Encrypted:	true
SSDEEP:	3072:/wNpBE0bEOcM+rleTCNq1cpcTH+id++M094TtCb+DGhO5SWv:/OXE0IrM+JfeHNd++Xb+KhUSWv
MD5:	083E955111C06BD3018924D9BD108791
SHA1:	E2279A824BE143D64347AE517289FF3736CAF03C
SHA-256:	2277AA64D405487E269179AB10AE00B9690DF934DC18163C162FCDAAF009F5D7
SHA-512:	54D794B7E9AF0B3E5130CC01F94E3A012427AD9BC63D91BBD1C14B55797EE0F06F31AB874B4E94718CC616B4DF72FA3258D6A8A4175D17089E03208BA55AF332
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_ultralight.woff
Preview:	wOFF.......D.......D........................GPOS..........i..i.;GSUB..gt...(.....jw1OS/2.......P...`tR.ycmap...H...J..?..../glyf..I8..3>....8..head...0...6...6$..hhea...h...!...$....hmtx.......J..(.B.f.loca../.......(...0.maxp........... .[.]meta..x........5$VK.name..\|x... ....EkF.post........... ...,.........[.U_.<..........Y.a.....Z.....p................x.c`d``..O..A...._a.w.@.d.......X...x.c`d`..d..........!...f.......x.c`f..............L..t.A....g`b.....~ ...ep........>....{..y.... 9.....-....x...tU..s......RQ.":..C..84BxT..^.....P...A.A....L....0....BH....E.PVA..`Z2.R...o..o...J.....[........B....g.....D...........T.V..2b<..8.O.b..%.i..#_F.ey...SK.H.'.W>r#..9.1_t..........*...J;......C.c............W.c.7f.....bD#<Q.~~.4:{.k..a\....\q...c{.8.....Q...x.hW..H..1...?...E.e.~d.[..ec.?.3.ODC.y.q...:...h8..."&...Z..#.V..._<m.7X...g.......gd#..X.&..1U...lK...b."E.....F~.....aH2.....G.....$.g$y..QC>+..."....6.b.%..)J...o..,B/."..P.Iu.".. )G.....<....8.#.S.y.-

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\spacer.46533769874a[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 16 x 9
Category:	downloaded
Size (bytes):	51
Entropy (8bit):	3.9181996506461725
Encrypted:	false
SSDEEP:	3:C1tA7wltxl+nvh6c:cC56c
MD5:	46533769874AE74E498A0E0433BB609B
SHA1:	CD6F4019282DABC691BCECBF13A304B5D63D0531
SHA-256:	B715761E92524C9442EF612AF378E2FDF19167F92492568F4961260E9F377A0A
SHA-512:	1E43B37180914DC83102DEB773B6EAEB48938B8A9F6965BC0E45A4660023B222AAC1ABE6EB27EBEE8E6761321CD9531BF923F39B6B7314574896D2C6A1C7544F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/media/img/firefox/home/master/spacer.46533769874a.gif
Preview:	GIF89a.............!.......,......................;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\spinner[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 16 x 16
Category:	downloaded
Size (bytes):	1737
Entropy (8bit):	7.245137347866109
Encrypted:	false
SSDEEP:	48:hQo1Q0XRNk/4HaRHBFPlUXyUOE1X9Bz5nkj3h4Z9iO:hl1Q//maxXlEyUOE1tt5noRCoO
MD5:	184804D66C27A18DA235B4C158FE8265
SHA1:	EB77BD315A5705A918D70748EB713EF603A879CE
SHA-256:	71FB65EC91CCD7FE8237FABAE243E1F9A0F171405BDA481C1C9D895DAA781034
SHA-512:	E91277A548B809B69FCA15950929D6F92C1D42DA3DAAB35C41F611246D71E17E7722742C13EFA900DCF0E0CC2889B8C8AB8ADB53D9BD05FF7FE131488E73D74C
Malicious:	false
Reputation:	low
IE Cache URL:	https://js.arcgis.com/3.35/esri/dijit/images/spinner.gif
Preview:	GIF89a........0C...5Rar............dz..K\cx..................Ngu.....>P.<NF`o{.......Jcr9Ud......y..]t.......(FW.......j.....Rjx......Wo\|p........"AS.8J.......6H..._u..3E.1DHbp?Zi.4G3P`Yp}.;M7Sc&EV,IZ;VfB]lLesHY1N^.9K0M]...SlyUmz.................D_m...... @Q...w...........f\|.......}........A[j=Xg$CTPhv...t..h}....u..........aw.......[r....l.........................................!..Created with ajaxload.info.!.......!..NETSCAPE2.0.....,...................#)-....$..6:7....%+/.70=6......6.........=?=.....3@?......;E.....7A>......B;.....>CD......;+.F... &.03.8.<..!'.14.,<.."P...F.`.....!.......,..................;.WX.[]...<.U.Y-\$_&.JOSH..TJ^*\.G.P..2...#..7.HKQ..:6..L=.FF.'M.....NA.:b..I...T@..?.R../.D..924I.::/E`..A&V,Z.JCaT.T9Ij...........!.......,.....................i.^,...C.K.....jl.8^ghQ..CRk..."dN<.h-P..c.f...m].,.>.Jnj.2H0.T.-..43..5.G.`eC.6:...f..:=.G5.AT770./.6.@C(CBA;@/.F..r. ..Z.@.!.......,..................?(..N!lG..9..'.g[jNJ.A#Hl.F=B].O<.T&28.f_L;.9V

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\stub_attribution_code[1].json Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	267
Entropy (8bit):	5.554252011668252
Encrypted:	false
SSDEEP:	6:YEt6GKaeV2vSI95Bj9GfBHthf+CthfMl0kq/bm4xt6WMbXRjSX9ULGVYTrLY:YpdzV2v795BxGfBHff+CffMOkqz7I6YY
MD5:	A2DDC7A4C7075117BB8817F439BA0643
SHA1:	1A738B72C086A7E1B9C7DAA679AD2EE0751B58A1
SHA-256:	E2F911A72FC480A4A874CDC19FA0942BFE255DB037A024A77B6A7E1B45087D00
SHA-512:	69E921EE7C119155860379219153FFC0DFB97AF306D6C7690224F88BBA0C557542BE598AA0118E1D6FD20A72A6E99F47DD6BCE85400538ADF7FD02C91F7F3A1D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.mozilla.org/en-US/firefox/stub_attribution_code/?referrer=&ua=ie
Preview:	{"attribution_code": "c291cmNlPShub3Qgc2V0KSZtZWRpdW09KGRpcmVjdCkmY2FtcGFpZ249KG5vdCBzZXQpJmNvbnRlbnQ9KG5vdCBzZXQpJmV4cGVyaW1lbnQ9KG5vdCBzZXQpJnZhcmlhdGlvbj0obm90IHNldCkmdWE9aWU.", "attribution_sig": "b4fb923dca856d72021d64cf01a452f5a37c0d351d679d6ac5a0f49ab8b499f0"}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\svg[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	30668
Entropy (8bit):	5.2531341242891365
Encrypted:	false
SSDEEP:	768:PQsN+fYmTfz8HWJNpffTW91eLPlqrydUWEz:IsN+f5Tfz82JNpffTW9sLPlqry5Ez
MD5:	D1B077063F64880306D6A722CC953EA3
SHA1:	15CE4939080FAA4061EED9233A4B5D313445C562
SHA-256:	8E62232BEAF69FEDDD671DB91004B098C8ECF7B1F3F6694C41B8546FAEA5E4F1
SHA-512:	2F4F2E22E7EE16C3BF63393AF46696257396FE725C8F697CA90A4B2615788484E1C76587EA8F73D33447AF7D00DDA0B90091B5622A6DC748C315DC14A8993AB0
Malicious:	false
Reputation:	low
IE Cache URL:	https://js.arcgis.com/3.35/dojox/gfx/svg.js
Preview:	//>>built.require({cache:{"dojox/gfx/shape":function(){define("./_base dojo/_base/lang dojo/_base/declare dojo/_base/kernel dojo/_base/sniff dojo/on dojo/_base/array dojo/dom-construct dojo/_base/Color ./matrix".split(" "),function(h,x,w,A,u,f,p,n,r,d){function v(b,k){for(var l=b.length-1;k<l;)b[k]=b[++k];b.length=l}var t=h.shape={};t.Shape=w("dojox.gfx.shape.Shape",null,{constructor:function(){this.parentMatrix=this.parent=this.bbox=this.strokeStyle=this.fillStyle=this.matrix=this.shape=this.rawNode=null;.if(u("gfxRegistry")){var b=t.register(this);this.getUID=function(){return b}}},destroy:function(){u("gfxRegistry")&&t.dispose(this);this.rawNode&&"__gfxObject__"in this.rawNode&&(this.rawNode.__gfxObject__=null);this.rawNode=null},getNode:function(){return this.rawNode},getShape:function(){return this.shape},getTransform:function(){return this.matrix},getFill:function(){return this.fillStyle},getStroke:function(){return this.strokeStyle},getParent:function(){return this.parent},getBo

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Feb 25, 2021 22:00:15.015116930 CET	49697	80	192.168.2.5	208.75.122.11
Feb 25, 2021 22:00:15.016010046 CET	49698	80	192.168.2.5	208.75.122.11
Feb 25, 2021 22:00:15.142257929 CET	80	49697	208.75.122.11	192.168.2.5
Feb 25, 2021 22:00:15.142385006 CET	49697	80	192.168.2.5	208.75.122.11
Feb 25, 2021 22:00:15.143191099 CET	80	49698	208.75.122.11	192.168.2.5
Feb 25, 2021 22:00:15.143306017 CET	49698	80	192.168.2.5	208.75.122.11
Feb 25, 2021 22:00:15.144751072 CET	49697	80	192.168.2.5	208.75.122.11
Feb 25, 2021 22:00:15.272228956 CET	80	49697	208.75.122.11	192.168.2.5
Feb 25, 2021 22:00:15.278664112 CET	80	49697	208.75.122.11	192.168.2.5
Feb 25, 2021 22:00:15.278696060 CET	80	49697	208.75.122.11	192.168.2.5
Feb 25, 2021 22:00:15.278906107 CET	49697	80	192.168.2.5	208.75.122.11
Feb 25, 2021 22:00:15.281835079 CET	49697	80	192.168.2.5	208.75.122.11
Feb 25, 2021 22:00:15.347800016 CET	49700	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.348664045 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.408524036 CET	80	49697	208.75.122.11	192.168.2.5
Feb 25, 2021 22:00:15.475887060 CET	443	49700	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.476057053 CET	49700	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.476643085 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.476741076 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.483452082 CET	49700	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.483810902 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.611605883 CET	443	49700	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.611747980 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.612819910 CET	443	49700	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.612835884 CET	443	49700	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.612849951 CET	443	49700	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.612957001 CET	49700	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.612984896 CET	49700	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.613017082 CET	49700	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.613522053 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.613595963 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.613610983 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.613627911 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.613719940 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.654525995 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.655683994 CET	49700	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.661492109 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.661649942 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.661722898 CET	49700	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.781686068 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.781709909 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.781752110 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.781770945 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.782460928 CET	443	49700	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.782500982 CET	443	49700	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.782533884 CET	49700	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.782577991 CET	49700	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.783149004 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.783185005 CET	49700	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.788412094 CET	443	49700	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.788435936 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.788480043 CET	49700	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.788510084 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.788925886 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.788966894 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.788990021 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.789000988 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.789589882 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.857043982 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.857244015 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.857451916 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.857634068 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.858195066 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.860021114 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.860234022 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.860440969 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.860635042 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.860815048 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.953250885 CET	443	49700	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.957365036 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.983773947 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.983831882 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.984097958 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.984215975 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.984757900 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.984838963 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.984875917 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.984939098 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.984966040 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.984994888 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.985017061 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.985037088 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.985048056 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.985063076 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.985073090 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.985097885 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.985107899 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.985125065 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.985141993 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.985150099 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.985166073 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.985182047 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.985193968 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.985208988 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:15.985246897 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.985270023 CET	49701	443	192.168.2.5	34.199.206.244
Feb 25, 2021 22:00:15.988491058 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:16.029495001 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:16.112020016 CET	443	49701	34.199.206.244	192.168.2.5
Feb 25, 2021 22:00:16.112085104 CET	443	49701	34.199.206.244	192.168.2.5

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Feb 25, 2021 22:00:06.524754047 CET	55432	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:06.573537111 CET	53	55432	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:06.741971970 CET	64936	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:06.794652939 CET	53	64936	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:06.902667999 CET	52704	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:06.954122066 CET	53	52704	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:07.431126118 CET	52212	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:07.480869055 CET	53	52212	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:08.225595951 CET	54302	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:08.284620047 CET	53	54302	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:09.463733912 CET	53784	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:09.514403105 CET	53	53784	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:13.433957100 CET	65307	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:13.485256910 CET	53	65307	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:13.795131922 CET	64344	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:13.853698969 CET	53	64344	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:14.250269890 CET	62060	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:14.299015999 CET	53	62060	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:14.948853016 CET	61805	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:14.997831106 CET	53	61805	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:15.270811081 CET	54795	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:15.287431002 CET	49557	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:15.319859982 CET	53	54795	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:15.344578028 CET	53	49557	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:16.276758909 CET	61733	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:16.339376926 CET	53	61733	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:20.325956106 CET	65447	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:20.384753942 CET	53	65447	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:20.801639080 CET	52441	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:20.845350981 CET	62176	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:20.865875959 CET	53	52441	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:20.903887987 CET	53	62176	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:21.104309082 CET	59596	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:21.165765047 CET	53	59596	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:23.485718966 CET	65296	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:23.554440975 CET	53	65296	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:27.525818110 CET	63183	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:27.585679054 CET	53	63183	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:37.153954029 CET	60151	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:37.204574108 CET	53	60151	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:37.638550043 CET	56969	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:37.696263075 CET	53	56969	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:39.191940069 CET	55161	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:39.400935888 CET	53	55161	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:40.053597927 CET	54757	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:40.105309010 CET	53	54757	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:41.123370886 CET	49992	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:41.172776937 CET	53	49992	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:41.788094997 CET	60075	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:41.876480103 CET	53	60075	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:43.803735971 CET	55016	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:43.852626085 CET	53	55016	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:44.519337893 CET	64345	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:44.571039915 CET	53	64345	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:44.803407907 CET	55016	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:44.853368998 CET	53	55016	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:45.523322105 CET	64345	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:45.574837923 CET	53	64345	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:45.819505930 CET	55016	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:45.868562937 CET	53	55016	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:46.524214029 CET	64345	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:46.575644016 CET	53	64345	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:47.911107063 CET	55016	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:47.962244987 CET	53	55016	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:48.544374943 CET	64345	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:48.606803894 CET	53	64345	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:49.754820108 CET	57128	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:49.813889027 CET	53	57128	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:50.438891888 CET	54791	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:50.491463900 CET	53	54791	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:50.725143909 CET	50463	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:50.773824930 CET	53	50463	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:51.134005070 CET	50394	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:51.191621065 CET	53	50394	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:51.914184093 CET	55016	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:51.963300943 CET	53	55016	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:52.272792101 CET	58530	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:52.323033094 CET	53	58530	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:52.503608942 CET	53813	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:52.549226999 CET	64345	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:00:52.553774118 CET	53	53813	8.8.8.8	192.168.2.5
Feb 25, 2021 22:00:52.600603104 CET	53	64345	8.8.8.8	192.168.2.5
Feb 25, 2021 22:01:05.094707966 CET	63732	53	192.168.2.5	8.8.8.8
Feb 25, 2021 22:01:05.148637056 CET	53	63732	8.8.8.8	192.168.2.5

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Feb 25, 2021 22:00:14.948853016 CET	192.168.2.5	8.8.8.8	0xd68a	Standard query (0)	r20.rs6.net	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:15.287431002 CET	192.168.2.5	8.8.8.8	0x5c58	Standard query (0)	www.arcgis.com	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:16.276758909 CET	192.168.2.5	8.8.8.8	0x9ac7	Standard query (0)	js.arcgis.com	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:20.325956106 CET	192.168.2.5	8.8.8.8	0xfcf0	Standard query (0)	services.arcgisonline.com	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:20.801639080 CET	192.168.2.5	8.8.8.8	0xa98	Standard query (0)	static.arcgis.com	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:20.845350981 CET	192.168.2.5	8.8.8.8	0xfb2f	Standard query (0)	server.arcgisonline.com	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:21.104309082 CET	192.168.2.5	8.8.8.8	0x4aeb	Standard query (0)	services9.arcgis.com	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:23.485718966 CET	192.168.2.5	8.8.8.8	0xc817	Standard query (0)	nvlcb.maps.arcgis.com	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:27.525818110 CET	192.168.2.5	8.8.8.8	0x79	Standard query (0)	geocode.arcgis.com	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:37.638550043 CET	192.168.2.5	8.8.8.8	0xf126	Standard query (0)	www.arcgis.com	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:39.191940069 CET	192.168.2.5	8.8.8.8	0xa698	Standard query (0)	www.leg.state.nv.us	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:40.053597927 CET	192.168.2.5	8.8.8.8	0x39e4	Standard query (0)	kit.fontawesome.com	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:41.123370886 CET	192.168.2.5	8.8.8.8	0xaf23	Standard query (0)	ka-f.fontawesome.com	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:41.788094997 CET	192.168.2.5	8.8.8.8	0x91ea	Standard query (0)	cdn.feedbackify.com	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:50.438891888 CET	192.168.2.5	8.8.8.8	0x9a93	Standard query (0)	firefox.com	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:51.134005070 CET	192.168.2.5	8.8.8.8	0xcee3	Standard query (0)	www.firefox.com	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Feb 25, 2021 22:00:14.997831106 CET	8.8.8.8	192.168.2.5	0xd68a	No error (0)	r20.rs6.net	rs6.net		CNAME (Canonical name)	IN (0x0001)
Feb 25, 2021 22:00:14.997831106 CET	8.8.8.8	192.168.2.5	0xd68a	No error (0)	rs6.net		208.75.122.11	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:15.344578028 CET	8.8.8.8	192.168.2.5	0x5c58	No error (0)	www.arcgis.com		34.199.206.244	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:15.344578028 CET	8.8.8.8	192.168.2.5	0x5c58	No error (0)	www.arcgis.com		18.234.22.25	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:15.344578028 CET	8.8.8.8	192.168.2.5	0x5c58	No error (0)	www.arcgis.com		18.234.22.28	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:15.344578028 CET	8.8.8.8	192.168.2.5	0x5c58	No error (0)	www.arcgis.com		34.233.149.104	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:15.344578028 CET	8.8.8.8	192.168.2.5	0x5c58	No error (0)	www.arcgis.com		52.23.2.231	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:15.344578028 CET	8.8.8.8	192.168.2.5	0x5c58	No error (0)	www.arcgis.com		18.234.22.251	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:16.339376926 CET	8.8.8.8	192.168.2.5	0x9ac7	No error (0)	js.arcgis.com		13.224.94.33	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:16.339376926 CET	8.8.8.8	192.168.2.5	0x9ac7	No error (0)	js.arcgis.com		13.224.94.25	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:16.339376926 CET	8.8.8.8	192.168.2.5	0x9ac7	No error (0)	js.arcgis.com		13.224.94.125	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:16.339376926 CET	8.8.8.8	192.168.2.5	0x9ac7	No error (0)	js.arcgis.com		13.224.94.127	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:20.384753942 CET	8.8.8.8	192.168.2.5	0xfcf0	No error (0)	services.arcgisonline.com	wildcard.arcgisonline.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)
Feb 25, 2021 22:00:20.865875959 CET	8.8.8.8	192.168.2.5	0xa98	No error (0)	static.arcgis.com		13.224.94.80	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:20.865875959 CET	8.8.8.8	192.168.2.5	0xa98	No error (0)	static.arcgis.com		13.224.94.56	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:20.865875959 CET	8.8.8.8	192.168.2.5	0xa98	No error (0)	static.arcgis.com		13.224.94.43	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:20.865875959 CET	8.8.8.8	192.168.2.5	0xa98	No error (0)	static.arcgis.com		13.224.94.36	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:20.903887987 CET	8.8.8.8	192.168.2.5	0xfb2f	No error (0)	server.arcgisonline.com	wildcard.arcgisonline.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)
Feb 25, 2021 22:00:21.165765047 CET	8.8.8.8	192.168.2.5	0x4aeb	No error (0)	services9.arcgis.com		13.224.94.97	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:21.165765047 CET	8.8.8.8	192.168.2.5	0x4aeb	No error (0)	services9.arcgis.com		13.224.94.105	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:21.165765047 CET	8.8.8.8	192.168.2.5	0x4aeb	No error (0)	services9.arcgis.com		13.224.94.128	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:21.165765047 CET	8.8.8.8	192.168.2.5	0x4aeb	No error (0)	services9.arcgis.com		13.224.94.21	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:23.554440975 CET	8.8.8.8	192.168.2.5	0xc817	No error (0)	nvlcb.maps.arcgis.com		35.170.25.135	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:23.554440975 CET	8.8.8.8	192.168.2.5	0xc817	No error (0)	nvlcb.maps.arcgis.com		34.232.38.170	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:23.554440975 CET	8.8.8.8	192.168.2.5	0xc817	No error (0)	nvlcb.maps.arcgis.com		3.217.198.154	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:23.554440975 CET	8.8.8.8	192.168.2.5	0xc817	No error (0)	nvlcb.maps.arcgis.com		52.70.236.220	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:23.554440975 CET	8.8.8.8	192.168.2.5	0xc817	No error (0)	nvlcb.maps.arcgis.com		3.227.152.229	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:23.554440975 CET	8.8.8.8	192.168.2.5	0xc817	No error (0)	nvlcb.maps.arcgis.com		34.194.165.251	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:27.585679054 CET	8.8.8.8	192.168.2.5	0x79	No error (0)	geocode.arcgis.com		52.45.157.204	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:27.585679054 CET	8.8.8.8	192.168.2.5	0x79	No error (0)	geocode.arcgis.com		3.213.83.46	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:27.585679054 CET	8.8.8.8	192.168.2.5	0x79	No error (0)	geocode.arcgis.com		3.93.139.71	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:37.696263075 CET	8.8.8.8	192.168.2.5	0xf126	No error (0)	www.arcgis.com		34.199.206.244	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:37.696263075 CET	8.8.8.8	192.168.2.5	0xf126	No error (0)	www.arcgis.com		18.234.22.25	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:37.696263075 CET	8.8.8.8	192.168.2.5	0xf126	No error (0)	www.arcgis.com		18.234.22.28	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:37.696263075 CET	8.8.8.8	192.168.2.5	0xf126	No error (0)	www.arcgis.com		34.233.149.104	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:37.696263075 CET	8.8.8.8	192.168.2.5	0xf126	No error (0)	www.arcgis.com		52.23.2.231	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:37.696263075 CET	8.8.8.8	192.168.2.5	0xf126	No error (0)	www.arcgis.com		18.234.22.251	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:39.400935888 CET	8.8.8.8	192.168.2.5	0xa698	No error (0)	www.leg.state.nv.us		64.161.36.133	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:40.105309010 CET	8.8.8.8	192.168.2.5	0x39e4	No error (0)	kit.fontawesome.com	kit.fontawesome.com.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Feb 25, 2021 22:00:41.172776937 CET	8.8.8.8	192.168.2.5	0xaf23	No error (0)	ka-f.fontawesome.com	ka-f.fontawesome.com.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Feb 25, 2021 22:00:41.876480103 CET	8.8.8.8	192.168.2.5	0x91ea	No error (0)	cdn.feedbackify.com	cdn.feedbackify.netdna-cdn.com		CNAME (Canonical name)	IN (0x0001)
Feb 25, 2021 22:00:41.876480103 CET	8.8.8.8	192.168.2.5	0x91ea	No error (0)	cdn.feedbackify.netdna-cdn.com		146.88.138.51	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:50.491463900 CET	8.8.8.8	192.168.2.5	0x9a93	No error (0)	firefox.com		44.236.72.93	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:50.491463900 CET	8.8.8.8	192.168.2.5	0x9a93	No error (0)	firefox.com		44.235.246.155	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:50.491463900 CET	8.8.8.8	192.168.2.5	0x9a93	No error (0)	firefox.com		44.236.48.31	A (IP address)	IN (0x0001)
Feb 25, 2021 22:00:51.191621065 CET	8.8.8.8	192.168.2.5	0xcee3	No error (0)	www.firefox.com	fxc-prod.moz.works		CNAME (Canonical name)	IN (0x0001)
Feb 25, 2021 22:00:51.191621065 CET	8.8.8.8	192.168.2.5	0xcee3	No error (0)	fxc-prod.moz.works	dzlgdtxcws9pb.cloudfront.net		CNAME (Canonical name)	IN (0x0001)
Feb 25, 2021 22:00:51.191621065 CET	8.8.8.8	192.168.2.5	0xcee3	No error (0)	dzlgdtxcws9pb.cloudfront.net		13.224.96.162	A (IP address)	IN (0x0001)

HTTP Request Dependency Graph

r20.rs6.net

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
0	192.168.2.5	49697	208.75.122.11	80	C:\Program Files (x86)\Internet Explorer\iexplore.exe

Timestamp	kBytes transferred	Direction	Data
Feb 25, 2021 22:00:15.144751072 CET	267	OUT	GET /tn.jsp?f=001FNPhO8JDr7HCJr8INyeXtPzVPB_9TnVM6pP7y7CfaaqmWzT9strdCERa46BFE5WmzBvG_-57KlB6XVbs1owZ3Vk5-ZM5bNWqtQyqMZVXU_YOfpRgaTIEgS5_O8TC-oYewYUcbLPLxA6PnzI-lJrcqZojiqxyi4x6xW2FKgFGuFQYgZS5ORdxLfrTbgJIF_X4iCcIqg_eYvbRhLSAzQ8u0fT-Bt6XMp1CwVPqZR2KhX8fbYYg8MLTxg==&c=N3CwdpETm6KpZ0q8dumak3CkrZj3BDY6YRoESKDjeo2I_MFrthNZvQ==&ch=bMPvn-rzOdnBp9mViKRNQAQZxlnmEFS5R2EozweW-3APKvk8Dkcpfw== HTTP/1.1 Accept: text/html, application/xhtml+xml, image/jxr, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: r20.rs6.net Connection: Keep-Alive
Feb 25, 2021 22:00:15.278664112 CET	269	IN	HTTP/1.1 302 Found Date: Thu, 25 Feb 2021 21:00:15 GMT Server: Apache P3P: CP="CAO DSP TAIa OUR NOR UNI" Location: https://www.arcgis.com/apps/webappviewer/index.html?id=9c2cd4575624417fa56fd084a7ee4dd9 Content-Length: 0 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie" Pragma: no-cache Connection: close Content-Type: text/html;charset=ISO-8859-1

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Feb 25, 2021 22:00:15.613610983 CET	34.199.206.244	443	192.168.2.5	49701	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:15.613610983 CET	34.199.206.244	443	192.168.2.5	49701	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:16.554716110 CET	13.224.94.33	443	192.168.2.5	49703	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:16.554716110 CET	13.224.94.33	443	192.168.2.5	49703	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:16.560993910 CET	13.224.94.33	443	192.168.2.5	49702	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:16.560993910 CET	13.224.94.33	443	192.168.2.5	49702	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:16.561995983 CET	13.224.94.33	443	192.168.2.5	49704	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:16.561995983 CET	13.224.94.33	443	192.168.2.5	49704	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:16.572423935 CET	13.224.94.33	443	192.168.2.5	49705	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:16.572423935 CET	13.224.94.33	443	192.168.2.5	49705	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.169408083 CET	13.224.94.80	443	192.168.2.5	49713	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.169408083 CET	13.224.94.80	443	192.168.2.5	49713	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.169620037 CET	13.224.94.80	443	192.168.2.5	49712	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.169620037 CET	13.224.94.80	443	192.168.2.5	49712	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.268932104 CET	13.224.94.97	443	192.168.2.5	49718	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.268932104 CET	13.224.94.97	443	192.168.2.5	49718	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.285965919 CET	13.224.94.97	443	192.168.2.5	49722	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.285965919 CET	13.224.94.97	443	192.168.2.5	49722	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.407289028 CET	13.224.94.97	443	192.168.2.5	49721	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.407289028 CET	13.224.94.97	443	192.168.2.5	49721	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.412137985 CET	13.224.94.97	443	192.168.2.5	49723	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.412137985 CET	13.224.94.97	443	192.168.2.5	49723	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.417921066 CET	13.224.94.97	443	192.168.2.5	49719	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.417921066 CET	13.224.94.97	443	192.168.2.5	49719	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.420998096 CET	13.224.94.97	443	192.168.2.5	49720	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:21.420998096 CET	13.224.94.97	443	192.168.2.5	49720	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:23.861651897 CET	35.170.25.135	443	192.168.2.5	49724	CN=*.maps.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US	CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon Jan 11 01:00:00 CET 2021 Thu Sep 24 02:00:00 CEST 2020	Sat Feb 12 00:59:59 CET 2022 Tue Sep 24 01:59:59 CEST 2030	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:23.861651897 CET	35.170.25.135	443	192.168.2.5	49724	CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Sep 24 02:00:00 CEST 2020	Tue Sep 24 01:59:59 CEST 2030		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:23.863533020 CET	35.170.25.135	443	192.168.2.5	49725	CN=*.maps.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US	CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon Jan 11 01:00:00 CET 2021 Thu Sep 24 02:00:00 CEST 2020	Sat Feb 12 00:59:59 CET 2022 Tue Sep 24 01:59:59 CEST 2030	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:23.863533020 CET	35.170.25.135	443	192.168.2.5	49725	CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Sep 24 02:00:00 CEST 2020	Tue Sep 24 01:59:59 CEST 2030		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:30.175692081 CET	52.45.157.204	443	192.168.2.5	49727	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:30.175692081 CET	52.45.157.204	443	192.168.2.5	49727	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:30.177028894 CET	52.45.157.204	443	192.168.2.5	49726	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:30.177028894 CET	52.45.157.204	443	192.168.2.5	49726	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:37.956985950 CET	34.199.206.244	443	192.168.2.5	49733	CN=*.arcgis.com, O="Environmental Systems Research Institute, Inc.", L=Redlands, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Sep 22 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Oct 13 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
Feb 25, 2021 22:00:37.956985950 CET	34.199.206.244	443	192.168.2.5	49733	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		37f463bf4616ecd445d4a1937da06e19
Feb 25, 2021 22:00:42.135915995 CET	146.88.138.51	443	192.168.2.5	49747	CN=*.feedbackify.com CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Mon Nov 06 13:23:33 CET 2017	Sat Sep 04 14:00:00 CEST 2021 Sat Nov 06 13:23:33 CET 2027	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:42.135915995 CET	146.88.138.51	443	192.168.2.5	49747	CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon Nov 06 13:23:33 CET 2017	Sat Nov 06 13:23:33 CET 2027		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:42.136218071 CET	146.88.138.51	443	192.168.2.5	49746	CN=*.feedbackify.com CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Mon Nov 06 13:23:33 CET 2017	Sat Sep 04 14:00:00 CEST 2021 Sat Nov 06 13:23:33 CET 2027	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:42.136218071 CET	146.88.138.51	443	192.168.2.5	49746	CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon Nov 06 13:23:33 CET 2017	Sat Nov 06 13:23:33 CET 2027		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:50.907802105 CET	44.236.72.93	443	192.168.2.5	49750	CN=firefox.com CN=R3, O=Let's Encrypt, C=US	CN=R3, O=Let's Encrypt, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Tue Feb 09 23:10:15 CET 2021 Wed Oct 07 21:21:40 CEST 2020	Tue May 11 00:10:15 CEST 2021 Wed Sep 29 21:21:40 CEST 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:50.907802105 CET	44.236.72.93	443	192.168.2.5	49750	CN=R3, O=Let's Encrypt, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Wed Oct 07 21:21:40 CEST 2020	Wed Sep 29 21:21:40 CEST 2021		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:50.911087990 CET	44.236.72.93	443	192.168.2.5	49751	CN=firefox.com CN=R3, O=Let's Encrypt, C=US	CN=R3, O=Let's Encrypt, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Tue Feb 09 23:10:15 CET 2021 Wed Oct 07 21:21:40 CEST 2020	Tue May 11 00:10:15 CEST 2021 Wed Sep 29 21:21:40 CEST 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:50.911087990 CET	44.236.72.93	443	192.168.2.5	49751	CN=R3, O=Let's Encrypt, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Wed Oct 07 21:21:40 CEST 2020	Wed Sep 29 21:21:40 CEST 2021		9e10692f1b7f78228b2d4e424db3a98c
Feb 25, 2021 22:00:51.289840937 CET	13.224.96.162	443	192.168.2.5	49754	CN=www.firefox.com CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US	CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US	Wed Jun 24 02:00:00 CEST 2020 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009	Sat Jul 24 14:00:00 CEST 2021 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=Amazon, OU=Server CA 1B, O=Amazon, C=US	CN=Amazon Root CA 1, O=Amazon, C=US	Thu Oct 22 02:00:00 CEST 2015	Sun Oct 19 02:00:00 CEST 2025
					CN=Amazon Root CA 1, O=Amazon, C=US	CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US	Mon May 25 14:00:00 CEST 2015	Thu Dec 31 02:00:00 CET 2037
					CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US	OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US	Wed Sep 02 02:00:00 CEST 2009	Wed Jun 28 19:39:16 CEST 2034
Feb 25, 2021 22:00:51.290505886 CET	13.224.96.162	443	192.168.2.5	49755	CN=www.firefox.com CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US	CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US	Wed Jun 24 02:00:00 CEST 2020 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009	Sat Jul 24 14:00:00 CEST 2021 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=Amazon, OU=Server CA 1B, O=Amazon, C=US	CN=Amazon Root CA 1, O=Amazon, C=US	Thu Oct 22 02:00:00 CEST 2015	Sun Oct 19 02:00:00 CEST 2025
					CN=Amazon Root CA 1, O=Amazon, C=US	CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US	Mon May 25 14:00:00 CEST 2015	Thu Dec 31 02:00:00 CET 2037
					CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US	OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US	Wed Sep 02 02:00:00 CEST 2009	Wed Jun 28 19:39:16 CEST 2034

Code Manipulations

Statistics

Behavior

Click to jump to process

System Behavior

Analysis Process: iexplore.exe PID: 2588 Parent PID: 792

General

Start time:	22:00:23
Start date:	25/02/2021
Path:	C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Imagebase:	0x7ff6cd7d0000
File size:	823560 bytes
MD5 hash:	6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Analysis Process: iexplore.exe PID: 396 Parent PID: 2588

General

Start time:	22:00:24
Start date:	25/02/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2588 CREDAT:17410 /prefetch:2
Imagebase:	0xfc0000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject malicious code into process via Extra Window Memory (EWM) in order to evade process-based defenses as well as possibly elevate privileges. EWM injection is a method of executing arbitrary code in the address space of a separate live process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.
Tactics:	Command and Control
Data Sources:	File monitoring, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process command-line parameters, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Overview

General Information

Detection

Signatures

Classification

Startup

Malware Configuration

Yara Overview

Sigma Overview

Signature Overview

Compliance:

Software Vulnerabilities:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTP Packets

HTTPS Packets

Code Manipulations

Statistics

Behavior

System Behavior

Analysis Process: iexplore.exe PID: 2588 Parent PID: 792

General

Analysis Process: iexplore.exe PID: 396 Parent PID: 2588

General

Disassembly