Analysis Report http://scheduling.mesacountyhealth.com/public/covidInitialDose/instructions/en.html

Overview

General Information

Sample URL:	http://scheduling.mesacountyhealth.com/public/covidInitialDose/instructions/en.html
Analysis ID:	371645
Infos:
Most interesting Screenshot:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

No high impact signatures.

Classification

Signatures

There are no high impact signatures.

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 64.111.99.224:443 -> 192.168.2.3:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.167.186.86:443 -> 192.168.2.3:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.167.186.86:443 -> 192.168.2.3:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.111.99.224:443 -> 192.168.2.3:49733 version: TLS 1.2

Source: global traffic

HTTP traffic detected: GET /public/covidInitialDose/instructions/en.html HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: scheduling.mesacountyhealth.comConnection: Keep-Alive

Source: ACSO60C5.htm.4.dr	String found in binary or memory: href='https://www.facebook.com/MesaCountyPublicHealth' equals www.facebook.com (Facebook)
Source: ACSO60C5.htm.4.dr	String found in binary or memory: href='https://www.linkedin.com/company/mesa-county-public-health/' equals www.linkedin.com (Linkedin)

Source: unknown

DNS traffic detected: queries for: scheduling.mesacountyhealth.com

Source: custom.unified[1].js.4.dr	String found in binary or memory: http://benalman.com/about/license/
Source: custom.unified[1].js.4.dr	String found in binary or memory: http://benalman.com/projects/jquery-hashchange-plugin/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: http://bit.ly/MesaCounty_COVIDVaccine
Source: style[1].css.4.dr	String found in binary or memory: http://daneden.me/animate
Source: js[2].js.4.dr	String found in binary or memory: http://g.co/dev/maps-no-account
Source: embed[1].htm.4.dr	String found in binary or memory: http://health.mesacounty.us/
Source: onion[1].js.4.dr	String found in binary or memory: http://maps.google.cn
Source: init_embed[1].js.4.dr	String found in binary or memory: http://maps.gstatic.cn
Source: init_embed[1].js.4.dr	String found in binary or memory: http://maps.gstatic.cn/mapfiles/embed/images/entity11.png)
Source: init_embed[1].js.4.dr	String found in binary or memory: http://maps.gstatic.cn/mapfiles/embed/images/entity11_hdpi.png)
Source: Homepage-buttons-20[1].png.4.dr	String found in binary or memory: http://ns.attribution.com/ads/1.0/
Source: style[1].css.4.dr	String found in binary or memory: http://opensource.org/licenses/MIT
Source: custom.unified[1].js.4.dr	String found in binary or memory: http://robert-fleischmann.de)
Source: js[2].js.4.dr	String found in binary or memory: http://www.broofa.com
Source: style[1].css.4.dr	String found in binary or memory: http://www.elegantthemes.com
Source: style[1].css.4.dr	String found in binary or memory: http://www.elegantthemes.com/gallery/divi/
Source: style[1].css.4.dr	String found in binary or memory: http://www.gnu.org/licenses/gpl-2.0.html
Source: common[1].js0.4.dr	String found in binary or memory: http://www.google.cn
Source: custom.unified[1].js.4.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: js[1].js.4.dr	String found in binary or memory: https://ade.googlesyndication.com/ddm/activity
Source: js[1].js.4.dr	String found in binary or memory: https://adservice.google.com/ddm/regclk
Source: js[1].js.4.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: analytics[1].js.4.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://api.w.org/
Source: js[2].js.4.dr	String found in binary or memory: https://cbks0.googleapis.com/cbk?
Source: js[2].js.4.dr	String found in binary or memory: https://cbks1.googleapis.com/cbk?
Source: js[1].js.4.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: common[1].js0.4.dr, util[1].js.4.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/error-messages#
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://docs.google.com/forms/d/e/1FAIpQLSd-ecahucj-QWF4GQYCC2JphkeGl7SXAs4NosGdd912yM-fqg/viewform?
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://docs.google.com/forms/d/e/1FAIpQLSeef-aCUPliBWlboFFcLrpkjNN_qpCMCHVmLHHFSUBnJmiFfA/viewform?
Source: js[2].js.4.dr	String found in binary or memory: https://earthbuilder.googleapis.com
Source: css[1].css0.4.dr	String found in binary or memory: https://fonts.google.com/license/googlerestricted
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:100
Source: css[1].css0.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owpg.woff)
Source: css[1].css0.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwA.woff)
Source: css[1].css0.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLV154tzCwA.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-ciZK.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v22/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf2jvo.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v22/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf2jvo.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v22/u-4l0qyriQwlOrhSvowK_l5-eR7lXff2jvo.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v22/u-4m0qyriQwlOrhSvowK_l5-eRZAf-Q.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l521wRZVsf8.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52_wFZVsf8.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZVsf8.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOXOhv.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOXOhv.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OXOhv.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOXOhv.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Xdcs.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50d.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKW-U9hlIqU.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKWiUNhlIqU.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKWyV9hlIqU.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKXGUdhlIqU.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiAyp8kv8JHgFVrJJLmE0tMMPQ.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLBT5Z1JlEw.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1JlEw.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDD4Z1JlEw.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1JlEw.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1JlEw.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLFj_Z1JlEw.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1JlEw.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLm111VGdeI.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLm21lVGdeI.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLm81xVGdeI.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLmg1hVGdeI.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLmr19VGdeI.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLmv1pVGdeI.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLmy15VGdeI.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJnedA.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiGyp8kv8JHgFVrJJLufntG.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiGyp8kv8JHgFVrLPTufntG.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOiCnqEu92Fr1Mu51QrEz4dKQ.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51S7ACc0CsI.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TLBCc0CsI.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TjASc0CsI.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TzBic0CsI.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1MmgVxGIzQ.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xGIzQ.woff)
Source: css[1].css0.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc-.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fChc-.woff)
Source: css[1].css0.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc-.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fChc-.woff)
Source: css[1].css0.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc-.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc-.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfChc-.woff)
Source: css[1].css0.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxM.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxM.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7psDQ.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7j.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCdi18I.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZYokSdi18I.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidi18I.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSdi18I.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZklydi18I.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRdo.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wmRdo.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRdo.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmRdo.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwmRdo.woff)
Source: js[2].js.4.dr	String found in binary or memory: https://geo0.ggpht.com/cbk
Source: js[2].js.4.dr	String found in binary or memory: https://geo1.ggpht.com/cbk
Source: js[2].js.4.dr	String found in binary or memory: https://geo2.ggpht.com/cbk
Source: js[2].js.4.dr	String found in binary or memory: https://geo3.ggpht.com/cbk
Source: blankshield.min[1].js.4.dr	String found in binary or memory: https://github.com/danielstjules/blankshield
Source: custom.unified[1].js.4.dr	String found in binary or memory: https://github.com/imakewebthings/waypoints/blog/master/licenses.txt
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://gtranslate.io/
Source: {5E9EA403-8862-11EB-90E4-ECF4BB862DED}.dat.2.dr	String found in binary or memory: https://health.mesacou
Source: {5E9EA403-8862-11EB-90E4-ECF4BB862DED}.dat.2.dr	String found in binary or memory: https://health.mesacouacountyhealth.com/public/covidInitialDose/instructions/en.html
Source: ACSO60C5.htm.4.dr, en[1].htm0.4.dr	String found in binary or memory: https://health.mesacounty.us
Source: ~DFB413126732D5739A.TMP.2.dr	String found in binary or memory: https://health.mesacounty.us/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/birth-death-records/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/blueribbonaward/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/board-of-health/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/body-art/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/child-care-facilities/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/comments/feed/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/conditions_airquality/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/covid19/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/covid19/datadashboard/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/covid19/vaccine/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/covidtesting/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/data-reports
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/data-reports/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/document-library/
Source: ~DFB413126732D5739A.TMP.2.dr	String found in binary or memory: https://health.mesacounty.us/ealth.com/public/covidInitialDose/instructions/en.html
Source: ~DFB413126732D5739A.TMP.2.dr	String found in binary or memory: https://health.mesacounty.us/ealth.com/public/covidInitialDose/instructions/en.htmlTL0
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/emergency-preparedness/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/family-planning/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/feed/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/flu-meter/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/fruita-clinic/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/illness-injury/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/immunizations/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/media-communications/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/medicaid-chp/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/mosquito-meter/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/news/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/nurse-family-partnership/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/openburn/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/our-agency/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/pediatric-health-care-support/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/restaurant-inspection-search/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/retail-food-safety/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/saferathome/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/variance-protection-program/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/water-quality/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/women-infants-children-wic/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/et-cache/290/et-core-unified-290-16160952701986.min.css
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/et-cache/290/et-core-unified-tb-229597-290-16160952701986.mi
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/plugins/better-wp-security/core/modules/wordpress-tweaks/js/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/plugins/divi-booster/core/icons/socicon/fonts/Socicon.eot?87
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/plugins/divi-booster/core/icons/socicon/fonts/Socicon.svg?87
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/plugins/divi-booster/core/icons/socicon/fonts/Socicon.ttf?87
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/plugins/divi-booster/core/icons/socicon/fonts/Socicon.woff2?
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/plugins/divi-booster/core/icons/socicon/fonts/Socicon.woff?8
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/plugins/divi-booster/core/icons/socicon/style.css?ver=3.3.9
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/plugins/gtranslate/gtranslate-style16.css?ver=5.6.1
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/tablepress-combined.min.css?ver=3
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/themes/Divi/core/admin/js/common.js?ver=4.9.0
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/themes/Divi/js/custom.unified.js?ver=4.9.0
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/themes/Divi/style.css?ver=4.9.0
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/2017/04/MCPH-Logo-Tag-Transparent-150x44.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/2017/04/MCPH-Logo-Tag-Transparent-260x76.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/2017/04/MCPH-Logo-Tag-Transparent-300x88.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/2017/04/MCPH-Logo-Tag-Transparent-50x15.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/2017/04/MCPH-Logo-Tag-Transparent-768x226.png
Source: ACSO60C5.htm.4.dr, en[1].htm0.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/2017/04/MCPH-Logo-Tag-Transparent.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/2017/04/cropped-MCPH-Logo-Tag-Transparent-180x180.pn
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/2017/04/cropped-MCPH-Logo-Tag-Transparent-192x192.pn
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/2017/04/cropped-MCPH-Logo-Tag-Transparent-270x270.pn
Source: ACSO60C5.htm.4.dr, imagestore.dat.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/2017/04/cropped-MCPH-Logo-Tag-Transparent-32x32.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-12-150x150.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-12.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-13-150x150.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-13.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-14-150x150.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-14.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-15-150x150.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-15.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-16-150x150.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-16.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-17-150x150.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-17.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-19-150x150.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-19.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-20-150x150.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-20.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-22-150x150.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-22.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-4-1-150x150.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Homepage-buttons-4-1.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/MCPH_Blue3.14-480x271.jpg
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/MCPH_Blue3.14.jpg
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Untitled-design-32-480x96.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/Untitled-design-32.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/wtfdivi/wp_footer.js?ver=1607306625
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-content/uploads/wtfdivi/wp_head.css?ver=1607306625
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-includes/css/dashicons.min.css?ver=5.6.1
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-includes/css/dist/block-library/style.min.css?ver=5.6.1
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-includes/js/wp-embed.min.js?ver=5.6.1
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-json/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fhealth.mesacounty.us%2F
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fhealth.mesacounty.us%2F&#038
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/wp-json/wp/v2/pages/290
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://health.mesacounty.us/xmlrpc.php
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://healthymesacounty.org/
Source: js[2].js.4.dr	String found in binary or memory: https://khms.googleapis.com/mz?v=894
Source: js[2].js.4.dr	String found in binary or memory: https://khms0.google.com/kh?v=128
Source: js[2].js.4.dr	String found in binary or memory: https://khms0.google.com/kh?v=894
Source: js[2].js.4.dr	String found in binary or memory: https://khms0.googleapis.com/kh?v=128
Source: js[2].js.4.dr	String found in binary or memory: https://khms0.googleapis.com/kh?v=894
Source: js[2].js.4.dr	String found in binary or memory: https://khms1.google.com/kh?v=128
Source: js[2].js.4.dr	String found in binary or memory: https://khms1.google.com/kh?v=894
Source: js[2].js.4.dr	String found in binary or memory: https://khms1.googleapis.com/kh?v=128
Source: js[2].js.4.dr	String found in binary or memory: https://khms1.googleapis.com/kh?v=894
Source: js[2].js.4.dr	String found in binary or memory: https://lh3.ggpht.com/
Source: js[2].js.4.dr	String found in binary or memory: https://lh4.ggpht.com/
Source: js[2].js.4.dr	String found in binary or memory: https://lh5.ggpht.com/
Source: js[2].js.4.dr	String found in binary or memory: https://lh6.ggpht.com/
Source: js[2].js.4.dr	String found in binary or memory: https://maps.google.com
Source: js[2].js.4.dr	String found in binary or memory: https://maps.googleapis.com
Source: js[2].js.4.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/44/6
Source: js[2].js.4.dr	String found in binary or memory: https://maps.googleapis.com/maps/api/js/GeoPhotoService.GetMetadata
Source: js[2].js.4.dr	String found in binary or memory: https://maps.googleapis.com/maps/api/js/GeoPhotoService.SingleImageSearch
Source: embed[1].htm.4.dr	String found in binary or memory: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geo
Source: init_embed[1].js.4.dr	String found in binary or memory: https://maps.gstatic.com
Source: js[2].js.4.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/
Source: init_embed[1].js.4.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/defaultphoto
Source: init_embed[1].js.4.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/entity11.png);background-size:70px
Source: init_embed[1].js.4.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/entity11_hdpi.png);background-size:70px
Source: init_embed[1].js.4.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/exp2.png);background-size:109px
Source: init_embed[1].js.4.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/exp2_hdpi.png);background-size:109px
Source: js[2].js.4.dr	String found in binary or memory: https://maps.gstatic.com/maps-api-v3/api/images/
Source: embed[1].htm.4.dr	String found in binary or memory: https://maps.gstatic.com/maps-api-v3/embed/js/44/6/init_embed.js
Source: init_embed[1].js.4.dr	String found in binary or memory: https://mt0.google.com/vt/icon/name=icons/spotlight/star_S_8x.png&scale=
Source: js[2].js.4.dr	String found in binary or memory: https://mts.googleapis.com/maps/vt/icon
Source: init_embed[1].js.4.dr	String found in binary or memory: https://myaccount.google.com/
Source: js[1].js.4.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: js[1].js.4.dr	String found in binary or memory: https://pagead2.googlesyndication.com/
Source: imagestore.dat.4.dr	String found in binary or memory: https://scheduling.mesacountyhealth.com/favicon.ico
Source: ~DFB413126732D5739A.TMP.2.dr, en[1].htm.4.dr	String found in binary or memory: https://scheduling.mesacountyhealth.com/public/covidInitialDose/instructions/en.html
Source: ~DFB413126732D5739A.TMP.2.dr	String found in binary or memory: https://scheduling.mesacountyhealth.com/public/covidInitialDose/instructions/en.htmlDDrive
Source: {5E9EA403-8862-11EB-90E4-ECF4BB862DED}.dat.2.dr	String found in binary or memory: https://scheduling.mesacountyhealth.com/public/covidInitialDose/instructions/en.htmlRoot
Source: {5E9EA403-8862-11EB-90E4-ECF4BB862DED}.dat.2.dr	String found in binary or memory: https://schedulinnty.us/ealth.com/public/covidInitialDose/instructions/en.htmlRoot
Source: embed[1].htm.4.dr	String found in binary or memory: https://search.google.com/local/reviews?placeid=ChIJO-4_lWccR4cRkgKrCWXaGlQ
Source: js[2].js.4.dr	String found in binary or memory: https://static.panoramio.com.storage.googleapis.com/photos/
Source: analytics[1].js.4.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: js[2].js.4.dr	String found in binary or memory: https://support.google.com/fusiontables/answer/9185417).
Source: init_embed[1].js.4.dr	String found in binary or memory: https://support.google.com/maps/?p=thirdpartymaps
Source: init_embed[1].js.4.dr	String found in binary or memory: https://support.google.com/maps?p=kml
Source: element_main[1].js.4.dr	String found in binary or memory: https://translate.google.com
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://twitter.com/mc_publichealth
Source: js[1].js.4.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: analytics[1].js.4.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.4.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: js[1].js.4.dr	String found in binary or memory: https://www.google.com
Source: element_main[1].js.4.dr	String found in binary or memory: https://www.google.com/images/cleardot.gif
Source: js[2].js.4.dr	String found in binary or memory: https://www.google.com/maps
Source: ACSO60C5.htm.4.dr, ~DFB413126732D5739A.TMP.2.dr	String found in binary or memory: https://www.google.com/maps/embed?pb=
Source: js[2].js.4.dr	String found in binary or memory: https://www.google.com/maps/preview/log204
Source: element_main[1].js.4.dr	String found in binary or memory: https://www.google.com/support/translate
Source: js[1].js.4.dr	String found in binary or memory: https://www.google.com/travel/flights/click/conversion/
Source: js[1].js.4.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.4.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=UA-76351459-1
Source: element_main[1].js.4.dr	String found in binary or memory: https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Source: element_main[1].js.4.dr	String found in binary or memory: https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png
Source: element_main[1].js.4.dr	String found in binary or memory: https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://www.instagram.com/mcphinaction/
Source: ACSO60C5.htm.4.dr	String found in binary or memory: https://www.linkedin.com/company/mesa-county-public-health/

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443

Source: unknown	HTTPS traffic detected: 64.111.99.224:443 -> 192.168.2.3:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.167.186.86:443 -> 192.168.2.3:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.167.186.86:443 -> 192.168.2.3:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.111.99.224:443 -> 192.168.2.3:49733 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@3/143@4/3

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DFE78E318E656894F2.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5980 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5980 CREDAT:17410 /prefetch:2	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
64.233.167.156	stats.l.doubleclick.net	United States	15169	GOOGLEUS	false
108.167.186.86	health.mesacounty.us	United States	46606	UNIFIEDLAYER-AS-1US	false
64.111.99.224	scheduling.mesacountyhealth.com	United States	26347	DREAMHOST-ASUS	false

Contacted Domains

Name	IP	Active
stats.l.doubleclick.net	64.233.167.156	true
scheduling.mesacountyhealth.com	64.111.99.224	true
health.mesacounty.us	108.167.186.86	true
stats.g.doubleclick.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://scheduling.mesacountyhealth.com/public/covidInitialDose/instructions/en.html	false		unknown
http://scheduling.mesacountyhealth.com/public/covidInitialDose/instructions/en.html	false		unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5E9EA401-8862-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	E8D07810EB8E96C9A676F6A96ABC0DAE	A716FFD63F89B611EC603FBFF4382E97521FE8E2	3B1938BF28BE8384F7EF3F76D0C70D697E50FFA30DF5F7381515ACA75E54F1F5
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9EA403-8862-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	D5797336E373D5757C08837053698E17	88E3AB915C72E0C7B9B8CDDACE79E83CDD0E9A8B	669614ADE695D410DFDAF3B5DAC60D1AE6CE1893BED52934DE9294106FC21CDC
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E9EA404-8862-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	09E9970CCFBD6DB5E85F5B6ED3959770	A561615621743362BE96A6F03A2636F4A96CA436	1C666266881BD02DAB345A8B2A7C2D656607E0EB2EF33692D04996072D2B34FE
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat	data	EF599DD85E33FDCF8512FA47E8F025FC	7841E609F79A5CA5095C0B0B6CE4C3A64C516B3D	8903D7B4433F3DFBA00A51EAF43D917C48782C94CD11087E9FD1F66B25E3BD46
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Homepage-buttons-12[1].png	PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced	179C2F2E66DA0EF1DC4AFFB3CB9765F5	BB0928D10B3B8519C3BE5B96AE800B313787E3A5	23C8A1D0414FBDAE4DD86DCCB1BD73A487A5D6B393538A1FDA6E259938C3086D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Homepage-buttons-19[1].png	PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced	DD83F818332F1D5539ADFD59156C7938	CA2435836A810C5017A5E927BB40959E2C5FFEFD	7D5607080D69751094DC6603AF443ABF50E24407B44D1253D34CF01885F4C8D9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Homepage-buttons-20[1].png	PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced	69D22EFA1D9E0DCFF213C5DAACC812EE	29330E4CB69C451D71DDE39FA361C43320C417F8	0C49BAF98E95653B167B366F6F706FEBF8A1C14C211C9E0E88F367BB76A9888F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Homepage-buttons-22[1].png	PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced	7511DAB4A7C695EDCEEA5BCC20E83420	1722DD703CF635BAB3645E5928C9DF4DA2870274	993751F996FFB7A52561C096195D94A7FB078CDBFD3BF47A121266DE6A3353B0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Homepage-buttons-4-1[1].png	PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced	CDF560FEF8E46D67712737C5C1198EA1	AE08F3ED7C4446985351A7D1E3DCA855A826D806	EE0CA072D4024AD7423FF319FB6470E17CFAEC813EF0637AD1E20A291FEF7A70
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\KFOiCnqEu92Fr1Mu51QrEz4dKQ[1].woff	Web Open Font Format, TrueType, length 30840, version 1.1	EC54DC9CFE0770918AAB018EB3384D04	44A550176D0259466440C9A33C6E1DC1C41E8509	B465B335882AB7DC9DA712B57DDB67859F8C6D4AEFFE65AAE86A203AD41DFE09
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\KFOjCnqEu92Fr1Mu51TLBCc0CsI[1].woff	Web Open Font Format, TrueType, length 31664, version 1.1	F1D0E01B1C5790314AA444FAFCEE913D	BFCC15A4B519E53F33F0EB0A7E3F0C632274EA89	3191DEBC779F3EDCA5D98FD179CD5955E2255E39CCA4B8CB0A2A0B2363F21F5A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\KFOjCnqEu92Fr1Mu51TzBic0CsI[1].woff	Web Open Font Format, TrueType, length 30908, version 1.1	D10759B089C9F63453C01485AF6E549C	5D7BF0F5AC0A12C4B6D634EAE28EB4DE2C4BB7A4	B3F820572F0EF8DD86BCF0DEF65194AE5F72F424B5E086908B49DC1B51A65EB5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\KFOkCnqEu92Fr1MmgVxGIzQ[1].woff	Web Open Font Format, TrueType, length 28936, version 1.1	9588E2362B4A501C0A0A204FFC043E3D	63DC06B068E57F5B74EC33877C47ACD6FE82B7AB	3DC799C582D54B6449AE3CD49FC98A686511E73ADBDE9DEDED60B608313F6A0D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\KFOkCnqEu92Fr1Mu51xGIzQ[1].woff	Web Open Font Format, TrueType, length 31092, version 1.1	C36A51C52597B394BF7967203DA46176	EC9D0472AB1D60D41CEBF4A8F2CF058C3F640BB4	B3FF8E0214DCB46651BF3A6C69EAE9AE00447AD164721528E351CB487E642C00
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\KFOlCnqEu92Fr1MmSU5fChc-[1].woff	Web Open Font Format, TrueType, length 29108, version 1.1	F4B08B5A857EF12352AAF0EBC1316460	C6ACB393223ADA5B5F4E48D7493ECE10379E6925	214FEBC7384B786913AD658DD1D3EC63036C5C5BBC0BD23993EF2026BB8414AC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\KFOlCnqEu92Fr1MmWUlfBBc-[1].woff	Web Open Font Format, TrueType, length 20356, version 1.1	ADCDE98F1D584DE52060AD7B16373DA3	0A9B76D81989A7A45336EBD7B48ED25803F344B9	806EA46C426AF8FC24E5CF42A210228739696933D36299EB28AEE64F69FC71F1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\MCPH-Logo-Tag-Transparent[1].png	PNG image data, 974 x 286, 8-bit/color RGBA, non-interlaced	44E795E38DEAAC51EEA15D22CC46EEEB	AAECA4C9545B2091AAA998D3597065C698BF1619	9965AF5B3A7C26E4C94CA9E255725084738995E94D83968DA775B3B584CF78A7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\init_embed[1].js	ASCII text, with very long lines	F188B1839C44D3903DD8BEA0ED2C8B71	8862956723B458DCE1CBD094CB5F6D1624A0E2F0	BC07FAF27161802195D819A4EA2EAFF5EC338AF4F860EA81D28EC98A8F334816
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\main[1].js	ASCII text, with very long lines	D0E381701A854D4A26ECBA5B9ABACF79	328CB186ACE416F048DBE07C71D77155DC9A4C52	80F35659D030651EA3ACC6D6E97475B42EAA60D5700E83F9623CF90904D42CEC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\openhand_8_8[1].bmp	MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8	FEFF9159F56CB2069041D660B484EB07	0D0A08CF25A258511957F357B89D3908F3C5E6E3	7342F390B12F636D14E25F698FC5E38CF6240994DC0C07FEFBBB4E78EC4D03C7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\overlay[1].js	ASCII text, with very long lines	133DDC9C0D29A39EDFD600BD9551C6B5	4CB7CAB4DDE4CAAA6064B4DB176D45B1D37E8F5E	47457172AAF234330254CB0116A6278A712CBC16D125227BBBA7EE3F9DA4A680
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pxiByp8kv8JHgFVrLGT9Z1JlEw[1].woff	Web Open Font Format, TrueType, length 14268, version 1.1	D9189CDE576D3C9FC9A7B7F73339DD3B	C116A6D1D8CAEA34458187E1A10B20DA47AA7EC9	B21B8FBA2A0716185821E936385DE04BFE21CFD4993EB31E3DF21D00D0BDBA5E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pxiDyp8kv8JHgFVrJJLm21lVGdeI[1].woff	Web Open Font Format, TrueType, length 15768, version 1.1	E4B07B0A38E32347CBA5E2C24578F018	85F468AD6BF5ABF861CB48F42463814C22344E35	F1920042C43F57810124EB0D2E9F443F7F6EAC742DD47F69B910732C7A63B7E1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pxiEyp8kv8JHgFVrJJnedA[1].woff	Web Open Font Format, TrueType, length 14520, version 1.1	9997FB28E5E39C1B8EAA0C5A0A3ACE5F	0563157A95394D35F55B1CBD90CF50C0E106BD7D	69FEA018934E081011515C36F8AD80F4C936FAD046F068B6D0A03EF65AC6CBC4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\pxiGyp8kv8JHgFVrJJLufntG[1].woff	Web Open Font Format, TrueType, length 15660, version 1.1	B168BD8922598812674E6177C949250B	7F974BB5AD4FFBBB49D481BCFBE4418F1A6BDD01	AE1ADC84D59F1FBEEED39519C1CE97823635EAFAF3EA679985B1047ABB22428A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\style.min[1].css	ASCII text, with very long lines	27F5295CCF3AD9E0E85DCAC543630288	19810723999BADC836ECA3DEE977B4DE1BBCA8ED	5C2288CA7B324881FAAE5E368EB4D69457E2784E042E868DE335D3827BB90981
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\style[1].css	ASCII text, with very long lines	1C575EC1023D17E414E2141E42C88099	A04130F590F25DD6EC1A1991A2B1BE82A82A933E	C3BCBF4642DB7AEF90F15228C1E4EFB417A23EC81CE79F0F7E5EDFEFD4228044
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\tablepress-combined.min[1].css	ASCII text, with very long lines	148B4ED524102FC7D2875B8A635FC0F5	16BE2DFC490CB52A722DEB4434C5F9DE1B503AD5	F415CE21E29AC2C078D6F3FE5EDB492897979178DE698978DF10A3616AEF3FBB
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\translateelement[1].css	ASCII text, with very long lines	15AB5DFC566A9A19F6E89A72B7819E43	064AAC1E8BC5A26C5986E40659BC328157EC3B53	5D0A6E3BC914DB376BF187C380750B197C317E1BF40FAB9AD959AD5FACD8F9ED
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\vt[1].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	4B7F9F6AEA141FCB493028CF9C352B33	5129A30323A5A569467276C546C24CE3144A1527	20EB951AE3EC86ADADAD6B7689ADE6272E852615A4A69E35C040C667C57ACF3C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\vt[2].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	5CF47E2C1618BEC4CD01B3A879D8FFB6	23BE355933B07E632132270DCB328950E3381851	24AAFF69745EF9CBD67D05D8C713AAA74A7C94F08A02779F3C7EA1CDA47B15F0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\vt[3].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	5CE99200DEE768EA51DB6C7D8B2797DB	834CAC09B2479F6FD8177E7868B6775390A00F93	A51116A1B2522674E68D10611CABB521A35329CB2C83844CC01EA0551B4B69D0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\vt[4].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	8252F9C14B0AD3F1AF1B2A7F4631A28D	96C88D2A4C1D3E4D45DE8AE6F45927E8C9786C19	55BD5C58CF51FF8C576E43CA374C5DC20468DEE2AEC992DBBBF56CBEEB68860D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\vt[5].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	204891B5F27AAC4B145960BFC89A719F	5DCAACF4E71AAE50593FBAED6E289ED271BE0FA6	A7449A0D7B4442C0008C9DA8E996512A01F1F00B011C2E22E08710A688CDD24E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\wp-emoji-release.min[1].js	ASCII text, with very long lines	EAA8641BCDA2371F4024A71FBB67DE3B	0E46C39D3821683C856605A82254115F9A6A7792	0C5F584D1EA2C3313DC8C55824C2A572D3CF2EAE87C5CA62A58E598AEC9DDB5C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\wp_head[1].css	ASCII text, with very long lines, with no line terminators	87F6BA7D7110CEFE022FEA58BB438581	CB2135F04AA9D51496EE7DF990AE1E4E0FB9F154	D027BC83D86FA35E7813C581F84A55991BEC89F3C320D672F3B6309D046758D5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff	Web Open Font Format, TrueType, length 20464, version 1.1	87284894879F5B1C229CB49C8FF6DECC	FB1BD3BAF122D5D350EB387F0536C20DA71F09DF	BA98F991D002C6BFAAF7B874652FFDCDE9261A86925DB87DF3ED2861EA080ADF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\KFOlCnqEu92Fr1MmSU5fBBc-[1].woff	Web Open Font Format, TrueType, length 20348, version 1.1	B00849E00F4C2331CDDD8FFB44A6720B	5B7820FEC8F9810E291E1EB98764979830ED6621	76B05400FFF9DA5B43862E3713099E3913916A629560265ED24B19D031227CBF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\KFOlCnqEu92Fr1MmYUtfChc-[1].woff	Web Open Font Format, TrueType, length 29072, version 1.1	51DB4691B982B906D8CD9DE2E2C230FD	9FBB71013E9852B17F7AC20772BBCF06B5378F31	EB9DC5F435B586C2A882005BA681B31C537230E937C2C2F22F644F118412EF3A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\KFOmCnqEu92Fr1Mu4mxM[1].woff	Web Open Font Format, TrueType, length 20268, version 1.1	60FA3C0614B8FB2F394FA29944C21540	42C8AE79841C592A26633F10EE9A26C75BCF9273	C1DC87F99C7FF228806117D58F085C6C573057FA237228081802B7D8D3CF7684
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\analytics[1].js	ASCII text, with very long lines	6A10EB2BB5C90414980729F4F96FFBDA	8BBBD5948255549E4B691B614AA3177DEA9AF1B7	0F3BE44690AE9914AE3E47B7752E1BDEA316F09938E9094F99E0DE19CCD8987A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\blankshield.min[1].js	ASCII text, with very long lines	48BC9E9D8BEB4A741F8A1A120B02D928	50BB3A7EC50F899DBCB158810FB36CE43FA0EAAE	DDE3C511EC41476049936D42EC7EB5FE292454BC990D42684B4250926A50C1AA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\common[1].js	ASCII text	82B34A0F20682B94458A89521A92C7CA	CD97BDD72C8F7CA65A37EA7D78FF71580633169A	C05EE8FAC93FDE19412046A913B9AECD86210ABA6B72CFF7C94E01170DD11E3B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\cropped-MCPH-Logo-Tag-Transparent-32x32[1].png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	C06CD8560ED66B10B2AAE0D64EA56109	87F1F68F04DF632E00A98674A2324496E5D72B02	2701A33425FF762CCA32273D0A359C0B1486A16323E8225F584C99204557A60B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\css[1].css	ASCII text	900EB151A81307F70DA8CDE5129F4BE9	7F09E2C1CF5C10CD780E64CD035760C04360B64D	6152CAE6F61CAA9B77A19E6090098C8F5192B87E79BBBC39E9CD18A968793877
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\custom.unified[1].js	UTF-8 Unicode text, with very long lines	D8225E3AF6F253051AF094D3C53F2CEE	ABA2774FF1CF50C1865B4B4F04C6E63B9788A540	A4B15B5110DABDEE8DD604A4C5C784CF0B38FE61D5A2241A8282E418A2178454
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\embed[1].htm	HTML document, UTF-8 Unicode text, with very long lines	09CDFEB1C48C509EA63D44128E0F3D74	46FBE2AC32A5175D7DA1A06240565EA4B7C67982	65AD7321A86F5E46A32A8CD38F2831CCD895DD45304A189D46D1855A89D9D45F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\en[1].htm	HTML document, ASCII text	431DF002BA958CA1A38E9F8195A79178	E7506F2702B0E02F259681134E33B1893028C677	5D0E7B65B386205561AEC29E239A42545FB4E57F00AC59F8F31AD4E2560971F5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\entity11[1].png	PNG image data, 70 x 210, 8-bit/color RGBA, non-interlaced	9A942045EC3F115DAE872C3BE6B3A047	AF88E5C73E9D34C671A7ED099C0628C249DFD9E2	EA80D10D991B201E42309C3FC535F9ABE17F5F37E4128A69E41E05B233DFB223
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\google4[1].png	PNG image data, 66 x 26, 8-bit/color RGBA, non-interlaced	1AE05AD3B3C8E112E4734B2C0228E3CE	30C2CB03A841178FFEE8AA65B1000A556F22638B	721FB9398629AE4AC2169B208A651F09A7D5E5A370323FCF8891428ACC94A4EA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\js[1].js	ASCII text, with very long lines	06F016DB1B7D40D6CA07098DC633FD08	3A113B6A639678FFB6E264E1ABF5844BCE1E2343	6DD363984C95625DFE99789BC406E4DA1F9CF81F26D1D0B502034D380A9485EA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\js[2].js	ASCII text, with very long lines	15F5E84643A885FC936CD3517E3566FE	A9CB2A11F453E6732088C13F160BA1209A11C41B	3B67707AEB6BD767EF08D4980BFBD01C176A07A4E25189C229D4CB029EE75942
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\kh[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, frames 3	92354DFA74F678067B61724BD93038F5	0603BB8C39C38A37ED1B0F8B0B9B81D6F03F31EE	5C8B4254FA090A534E0201E42CFFE12F1865BBEA1BA1C92DCF05C0CEAE111CB9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\map[1].js	ASCII text, with very long lines	2EBB11062A46D8296EB50566CD69691F	DC0D4A1BD49F01E9F979A8B1F35AD45B7DC7C9D3	997EA2539286FB3A48DA55F768411C2FB448A2786845E834A7B416238292E99A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\mem5YaGs126MiZpBA-UN7rgOXOhv[1].woff	Web Open Font Format, TrueType, length 25196, version 1.1	7F0BC4D2D95EB471662F447F10ACAD2E	715F71491858DC5F08F92C3B4A351F50CF87F4F4	286D76FF24B7BB6BB959AD0F8DCCA3AD453932202D0570BFB0A0CB8B6248358E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\mem5YaGs126MiZpBA-UN8rsOXOhv[1].woff	Web Open Font Format, TrueType, length 25684, version 1.1	E0D4CCF8057DAA4F5A58E1FBD8038A80	ED15E37A95E9C380F74A4612F2FB5B5CF0F0B429	6F4CD7829E0AB8267DAC9E610DB42E685C39674C45FBE7146CA107CAC41B80EC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\mem5YaGs126MiZpBA-UN_r8OXOhv[1].woff	Web Open Font Format, TrueType, length 25004, version 1.1	D2C6A4B3918B50C5F1854BB9C5D1DE0E	8DE0F3B153BE6114D55DAC6E69CE7AEF9CC98DB2	6D764A8FFCF6DB322C1F2FB36473FBA60135B7AB93BE5969120152C0538C5EE4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\mem5YaGs126MiZpBA-UNirkOXOhv[1].woff	Web Open Font Format, TrueType, length 25196, version 1.1	8D1F96760CA156600E72D529483660A8	823C161B9EAA9D8E22D3C08CD4262B287FECAAC5	556C8B5155EED68886AFA6F1E535F88FA70B2C090D935BA9AFFB300A34F76DE0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\mem8YaGs126MiZpBA-UFW50d[1].woff	Web Open Font Format, TrueType, length 24364, version 1.1	B7B7C77B83E9D67F6756AA2716F35EBA	67FE3DC0A0C49F305D6B3BD63F4F8A10CEB6A38F	191DBBA54729AA43F2C5C2F118971963758D7F0DF2CC2F28F91B86A03DEE83EC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\memnYaGs126MiZpBA-UFUKXGUdhlIqU[1].woff	Web Open Font Format, TrueType, length 23696, version 1.1	E8426BC313D8A020B1B09FBF454D4E6F	CDF72E94C4250642C484A5074C31AF5F06363F11	7D69495B59B68B69F927D4BEFBABA04AC6379F229FBCB5A36A01BCA4DED1B138
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\modules[1].eot	Embedded OpenType (EOT), modules family	AB43C4E3E2452CB3FE13DA5C75F55886	1086B2F4F2A5FE091FBCDBCA916B44D18050C2C2	B41620417E9D7F07D82BB5375A9B5310A147B9D835CAB02DF078CBB16B0CC1B1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pxiAyp8kv8JHgFVrJJLmE0tMMPQ[1].woff	Web Open Font Format, TrueType, length 15216, version 1.1	F7DAE62CA2331FA03AA9DE7B10285AE2	C9ADE3BF10124E7A118CFB7E1FE4D3D5EEB29AEE	351AB6BB588653EA54E07FD7015ADB94C883B1120DEF9344FF2FC4BD9BD50924
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pxiByp8kv8JHgFVrLDz8Z1JlEw[1].woff	Web Open Font Format, TrueType, length 14440, version 1.1	F668FB7223974CDC9EF24DE8970CB20C	D3E93964F93296CC98E36EED4F7EED1590715A15	4B9F70B6F8FD4743DFC4BEC7B33589D1A20B59CCCF128B8BC6787E14699951C7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pxiByp8kv8JHgFVrLFj_Z1JlEw[1].woff	Web Open Font Format, TrueType, length 14444, version 1.1	1EAE064C135FD266E6254464FBE0E9D6	40FA4DFD7324E7B5711BCCAB40DFF5CDD3BA70FC	5362FCBC2755B7C70C950D461453CDC8361905EC01AEE509B67F9819F520DFDE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pxiDyp8kv8JHgFVrJJLmv1pVGdeI[1].woff	Web Open Font Format, TrueType, length 15736, version 1.1	A3BA6088B9CDFE78B2F95800E4EC0C4C	CE667E8A3CF41CA65481EFF98CF609AA17151613	6E83E18B2166F6B9105C6EBBD751F7F69627AC2D45811ED77F59B43D5F2AE319
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\pxiGyp8kv8JHgFVrLPTufntG[1].woff	Web Open Font Format, TrueType, length 13840, version 1.1	5C1586DAB4A2EDD6E0679239819EFF21	F541A8FFA837B2B9AABADC4DD677B150A3100963	6C13952BC0420E8F57E37485ED385CD54C2C42351540AC0479FE63E9B81021A9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\vt[1].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	8A4B2B6793E7071EC7EF5D5C9F6FA451	9E7ED580B1C2365D0D81A28328805FBE702741B0	4F9A996899647290268019ABE1F38C217ADBCE9340449512DF39F6114ACC8DCA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\vt[2].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	AF5260112E98C8C5F39EF741B494A0EB	41B18F83FFC2BB843CBC21E0C699EF7541147E92	65A08655988FA1D49C6D5CAFBC32DFFC05348BB7932C8DB81E93FDD09B991785
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\vt[3].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	BE722DAE85AE921B7C0670175FCE02CE	17471D8D9167AF12E127BAB0868A01DE8C6BC824	2AB872D88B0C4B3902AF7991A8997B4DDC8643B9C17DB73E9E0C44140F29CDE8
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\vt[4].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	BAA56A2A6ACA6DC191B036D351338A2A	C25208171E3B2701AA971E601CC2A6311A7C2326	309296ECBE24FD084E3BCAD752706A0D9CBB1A8BE415FE6D5069A5676BCF3CDB
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\wp-embed.min[1].js	ASCII text, with very long lines	905225D5711B559D3092387D5FFBEDBD	6F6C39075263BAFB9E8C10F1B34A1A0F7EE03C9D	5BE614BCE53F767993A5F5F14A6BADD6AAE6BF3AF7CBDBF4D31520DE49E27991
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\wp_footer[1].js	HTML document, ASCII text, with no line terminators	0B1559233CB39BCA9F8C0BBA583E0A96	4F816C6BD474659899E8EE2B0BD4483E577B471E	F0FF378AC83B4F6486AE16E8C8FB79DCF6EE57A5604983D76CB6D617D390D4BA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\Homepage-buttons-17[1].png	PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced	EA2A30793270E0298534365683182592	7B369E59D025BFE5531DED7F3FA178F1580A8EB1	3CB290B60555AB17C9E72FE73B851F2E5AB3985976B2E91B2DA845FF88DC7719
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\KFOjCnqEu92Fr1Mu51TjASc0CsI[1].woff	Web Open Font Format, TrueType, length 31600, version 1.1	93981F85CC62DB28474C71AAD0E397DB	5A904AB9A5A7EC80A4298798CC73E0944C704B2A	FCAE1058A1C5A0ABBE9279BF5AC2FFAEA71BA4A15E3C10FE4B6A4E3AD9C396CC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\KFOmCnqEu92Fr1Mu7GxM[1].woff	Web Open Font Format, TrueType, length 29040, version 1.1	D679A90608A65CC9394F67448CA2094A	C574D647BBF9412B82B0CDCB0E702A3A93FFD022	E70A908BB6CFBF27AABB21FB5CA2EA8C5A5AC7EE5ABA23A70FBEEFE379AE5ADA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\dashicons.min[1].css	ASCII text, with very long lines	D5E6CE5103B482FE0A2D355D003E9FFD	504E8BE39E6CF2BA66BF8D80F2C6200E5FE7E6A4	8273F0538929EDE9599E3CFEA8142A252A7D0CB6DBACB230BF188490DDE79D4B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\element_main[1].js	HTML document, ASCII text, with very long lines	1BA8F1D626C12BAE2734585A8B495EC9	0DCC95B169A5887D2ED27AA1BBF3A411FB547B15	CA537B74A51C73D56A401EA7D361AD32F692558AB321B86A8FB0979F2927712C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\et-core-unified-290-16160952701986.min[1].css	ASCII text, with no line terminators	083CC859CAA0FB8B611E3BC682965587	C1D322D3C8F469A99E7F1B9104E26123DC63A1E2	67BD5D50A704F5EEEDF952467B073BB4E8C2E63FAE6BB7BF2DD154898CFF05EA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\et-core-unified-tb-229597-290-16160952701986.min[1].css	ASCII text, with very long lines, with no line terminators	543EC5ED887A4F1F5FEC3285355EEC4B	D22EDCD53F96F494F870CBFA52041D1CACFB595F	A61C8645479BEA6EF2523490CEFC1BAA65B97CA5D842EF66E764E3629895A155
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\f[1].txt	ASCII text, with very long lines, with no line terminators	8D418473686160C7205D19272017CDC7	A5571E4065AA5A61371989CAF09BA741C63DAA2E	C6AF755E19BD9B7CE00C45FEF97FEABDB77C38E15934D886462204DFD9B6554E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\f[2].txt	ASCII text, with very long lines, with no line terminators	2A2DEBC1E2CC8FB6D49D4193DF653ED6	B6017B70AFB4FD929885D8D972EB82FFA07EC954	E2CE263EE035186FB76AAE97138E193C95EE20C1F4BFF30BD8291B42C2959B55
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\favicon[1].ico	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	C06CD8560ED66B10B2AAE0D64EA56109	87F1F68F04DF632E00A98674A2324496E5D72B02	2701A33425FF762CCA32273D0A359C0B1486A16323E8225F584C99204557A60B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\jquery.min[1].js	ASCII text, with very long lines	B6F7093369A0E8B83703914CE731B13C	D1889F5C173C2A4B20288F1F84758599AFD346EF	60240D5A27EDE94FD35FEA44BD110B88C7D8CFC08127F032D13B0C622B8BE827
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\mem6YaGs126MiZpBA-UFUK0Xdcs[1].woff	Web Open Font Format, TrueType, length 23440, version 1.1	04E02DF10A43F5F01291D08B997110DB	3D09DB793B2AA2613DC3C327F80E2BCAF697E805	D9CB6D7A378582398161B5593D6E5A0E12093F1C996C68C596A3A37DDBE00D24
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\memnYaGs126MiZpBA-UFUKW-U9hlIqU[1].woff	Web Open Font Format, TrueType, length 23868, version 1.1	AEFF9F0AF1A6193B84B19ECA87EA4880	EF93A075CEFCF2A9ADB8C5F47F6E4073070B9210	A97D00D68E7A6805D042116D737E92690809443E87F08085FCA52F78C6FABCCF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\memnYaGs126MiZpBA-UFUKWiUNhlIqU[1].woff	Web Open Font Format, TrueType, length 23408, version 1.1	D7E0C8F45B667E66E0FA94D77D6B2F11	4A5442D59539782926397E807BA97441C55D66D1	F461846EBDE06B126199AB1B219003C99009D9A40CAFDC0D3ABF86565B62E3E8
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\memnYaGs126MiZpBA-UFUKWyV9hlIqU[1].woff	Web Open Font Format, TrueType, length 23520, version 1.1	30D2A28FBFCC4726F2C2DB9AAC45C702	E83E79783D8803444A215F78FE603D2A2CDF8972	C8E3A41B0708CB6DFAB03178BEDEDCF12EDA48B48A9CF8CE682D9E5E9091C905
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\onion[1].js	ASCII text, with very long lines	E371C169FD90E72A5D5B0B2C12333797	53D85100EC98A867F045EB4988C1A362A733E2D8	8D12608F17ED33277D320407E011E5ED1DC682B3770BB625F56C3AC99D49A244
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\pxiDyp8kv8JHgFVrJJLm111VGdeI[1].woff	Web Open Font Format, TrueType, length 15608, version 1.1	93BCFC957EAE34CFCCF2CF28D50F0081	23D72B5C61BF6F0D1384D2A2FB2DF43E86357686	F04B88BC7DCAA60A1C15397D08D21E9775EC19AA5552AC9FA134A2BEBACB02A2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\pxiDyp8kv8JHgFVrJJLm81xVGdeI[1].woff	Web Open Font Format, TrueType, length 15260, version 1.1	39E17083F4DE208DCD0E86A4247C69EC	7F81FCC188DA5E70CC885ECA82337FFB37D9A557	11C5B8B903C5A19AE312B42204EE25B9FB10F2434639805AD682A373C0F6B11A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\pxiDyp8kv8JHgFVrJJLmg1hVGdeI[1].woff	Web Open Font Format, TrueType, length 15376, version 1.1	5CAC81257370F833F73E626309686AE7	EA1AC00C31B0B73FCD7393673B8C876647D02B28	65D4B1948EE769659643FB14702DEB0B1AA0B01F37B96472AEBEF30D81BA4A10
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\pxiDyp8kv8JHgFVrJJLmr19VGdeI[1].woff	Web Open Font Format, TrueType, length 15736, version 1.1	85446C127041A5B6C1E92FD87FB0D98E	EB943F9A0704DC626D92D5EA9516E119D691243E	6B9655A7E7DC5D427FFCE93501976EC459A246F13AB2D749572263953EA9C22E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\pxiDyp8kv8JHgFVrJJLmy15VGdeI[1].woff	Web Open Font Format, TrueType, length 15508, version 1.1	CF0EF6EEC0EDB57C79BF3DFE6101419F	904ED18B1161254FAB8F0ED4F9EF2E02930AB1E4	A104E067C1A37C843AAB9CD9E5C91ADF68587151B5903E87D13433C3CAD1B793
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\search_impl[1].js	ASCII text, with very long lines	07C8138A1E2802635448AFC4350469FF	27BE237B70A927EF4E7836ACB203C369F371B0F4	955EEE529BDAFA8E452FF00427BBDF7D5452DBE5139B248751ECCB83F62C9B60
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\style[1].css	ASCII text, with CRLF line terminators	FB6C9C5F71F64B2BEEE8A64D6238D835	9FCE557D749985AF121AAF82B3DB89852E78BCE2	0BCCF2F0EE0B5313D9A177E92E195EEADB6C234EA1C811635CB132071B94AC2D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\translate_24dp[1].png	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	55FF382A8B09329E3230A1797EB8F5FD	026AE089006A674DA7DCC9BF6B986C5D59E75478	1BB2279AED6BC1438D2B17A5FFCBAC9D37864582AEDEEEC8D301EAB162B2C213
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\translate_24dp[2].png	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	BFA09D19AEA98592C45CE0A814F0EB2C	5DB965A451D9B6B3A5156836182ABE8240D4A0DE	5FE03BFD95A2D4E640ED7D04DCB08EF991C327A5AB6F6FDB9EB06E1EFC76AF30
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\u-440qyriQwlOrhSvowK_l5-ciZK[1].woff	Web Open Font Format, TrueType, length 35696, version 1.1	757EFB349637CD90764BE5A359ACFB05	704672DBC2EF0040E47402312F88D4022B965A2C	29787613DF0C91A5319324070310E4376B956CEB10EACCA23694EAE398902325
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\u-4n0qyriQwlOrhSvowK_l52_wFZVsf8[1].woff	Web Open Font Format, TrueType, length 35124, version 1.1	8FBE046812578AFC217D615052CC8CF9	21378199CB13FDB8937228F8775F5355676B506E	1D3236F871DF7555ECE8E87DB461FDEAF9BABD90B9248E81263FAAD532697008
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\u-4n0qyriQwlOrhSvowK_l52xwNZVsf8[1].woff	Web Open Font Format, TrueType, length 35060, version 1.1	0F38CA9694AD5FD3D7D667037F32E203	3BA9464D3A4922B4B299F0BD08CF9F2F9DA92192	7A1459FCC0C09F4C0B39322B77EDB17D9384C6F3AC4CC6FCB7E0A37968BB9416
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\vt[1].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	C38EB7B7260BB243DB6E468CD04CB4C4	91A1E37FB40201FC5C6F2CF41945CF0CED9617B4	23A0C5895F3742F8BB3C1164369923A4B8A8D98D2270E67754791F24090E5F96
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\vt[2].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	30AEB7A4576797B896D043D272170BDE	A22BCD85750F792A42FC8ABF110E727944E9A129	942823907AFF340D815B9832AAEAA6368751F8A4F491B3C69BBD6502B6613662
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\vt[3].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	23EC9833BFCD64D865842B434178991F	9585BBB5EA8B2538EBA4DEEFB2D17D40D5DF2B33	BB9BA20375E3E8D2CCDEA972BFECD7166489A1B8B09A148087EF7A9EBB29F935
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\ACSO60C5.htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	FD8A73726C2E1EA7EAC214844FC61096	3F4B00BE4CFCEFC53868361A13EEA4FF10A64C3C	244894F04FB4319951243B48A0A3E428848B198E3B873A250921597D26AB6D4C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\AuthenticationService[1].js	ASCII text, with no line terminators	2388C78EFB00E91EBDA29752250B1793	104B6CACBC1ECADBB8B9DDFE990CD942F63AC13B	ED2D7B466E93ED650C9FC0B8FAD06CB6F35CFB40E73D42F2A51EAD76608F66FF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Homepage-buttons-13[1].png	PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced	8B4BBB56279542591A98BAF214971FE7	0EE56C092B5B81B2708859730C899B1AC0954226	4DFAB2EE5A075C2B1768462C7DFC16DAF76D5D786B9A48F12712999A65534EFD
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Homepage-buttons-14[1].png	PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced	6EDCBAE06BE77B03148AD6D7F06778B3	C89244C55F793780C282EB44204E8F58D908D381	820229FEE9B34E673D6D93C0BEA94A87CED966E60AD56CFCCCE7A2AEC8A607E6
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Homepage-buttons-15[1].png	PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced	3F2257A425281A8B13068604221A00B5	3CA1B2364F35FB9F18C6E417E3077B7650067CB1	8A897209CB6EC8609EE7899A6CDA77C927AAAFD9F2CE536165A6729EE8DD604D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Homepage-buttons-16[1].png	PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced	502A4B4B2A72D31899242C945EDE2C3E	21212C0E3EB4DA59F32F0735C6A5A4F8F6D27D80	392A04C0F1F05E73CDDC10B39D4366A058736C72A39714A1FD5F69C5E11701CA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\KFOjCnqEu92Fr1Mu51S7ACc0CsI[1].woff	Web Open Font Format, TrueType, length 31280, version 1.1	23DEC46BFE3935D9D50F20CF88C62484	A633A5BD3398AB0FB7D1FA37A2CA1BD88C794476	737965D667257A8D97003AF7CF3778755372A4F03B840CADC163F25976CCB5CE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\KFOlCnqEu92Fr1MmEU9fChc-[1].woff	Web Open Font Format, TrueType, length 29076, version 1.1	3D9446F210892AF971A3854D0F984AE9	FF5213B69A5C62C3A33BDFCD71B9BE121E5858DB	D092AD8E3D17179CB5546FF15E498E81951BD220550AF36D5481A9E59ABD01F7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\KFOlCnqEu92Fr1MmWUlfChc-[1].woff	Web Open Font Format, TrueType, length 29092, version 1.1	D0CC855E64ACA1072711F49D1A38CA0C	47950A5A898A662FF110C52D2B53D9D3F5E224CF	E24C27524F473D80D475BA13B3453742517BC39C2252436364823DCDD61C07B8
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\MCPH_Blue3.14[1].jpg	[TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 700x395, frames 3	7840DDD8B134B22E3DEAE1F822D072C4	09FACDEC6374F7F492B84B90F8C3A4C7856C34EC	287482C03A363288212714D778CD3ADB59DA8D9638BC6BCD4168405A843F4C27
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\QuotaService[1].js	ASCII text, with no line terminators	156898408AF0E7AAE247F5FA2AD5614B	3DCCE8D4A2506F22B8AD0CF924C41F2E29D8CD1A	B711535B3E406EBC25E658610B77BEF03490B552B7E249DED689D75A16036FC4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\QuotaService[2].js	ASCII text, with no line terminators	8D70782C420710AC712110426BCA98AB	FC35B388C7EF4D9629C64636626CE108818BF940	C672E5C2466509EE29E821AEA79288C0F8EEC5011818F2E75AA39D696480D505
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Untitled-design-32[1].png	PNG image data, 500 x 100, 8-bit/color RGBA, non-interlaced	6A95C733423379DDC09EA12C0418B743	2125F98139D711BD95D2866B64D6CB41DB18C50F	0AAACE553661D58D3A634A1F5F9E097AFC67F58B6986226D2446D3A1AF476023
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\ViewportInfoService[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	A2035A3D80EA39BA8DB6598335EB0385	306090802FAB37B7F2D7A5A8BAAE65D4E5CA5E33	FA4A405D2E2214BC184E9DC87929B39E8D1CCA319F13340F140268DEBC8EA72E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\ViewportInfoService[2].js	UTF-8 Unicode text, with very long lines, with no line terminators	DA92FD01B25564703DA20745E2BC20C2	6D1937E28D36C296E373A901126BB5C8785441A9	10F6AEB6745A45648E267A54C6DDCEB50F36F18388BC104DD62204AA4A50BB46
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\block-tabnapping.min[1].js	ASCII text, with very long lines	55306BBE1ACCA795CC21384CE465BB8E	3E1CCBDFCC59F7B3581074885113B838D7CEE8BD	4B79D44054700D9882E459BD434EA306FD6FE61667ABBB5D0AC0D52B12888B09
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\common[1].js	ASCII text, with very long lines	83F86098DFDC4AA02CC21CE1FBCEB35E	751B16CD49193BC2CBA8E0D04CD124B494AD38E8	D044362B15B514CA1CD2C994866DC89A7F6FC47A4BB49D97F0BB7055E99CB712
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\controls[1].js	ASCII text, with very long lines	9452E884DD70A412C8CF9A2ED481AD3B	B312485247E76C97A022920B5DA60DD998896BB8	C3E1F484F79FE9F8CD00284A1C6155827D323C8B8313D688369F4FD8D1FBA729
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\css[1].css	ASCII text	5B17066470E07FAE9B561AA19E1DD9EC	90F9DC16C250597D1F2F228A4E9C4C6F2F04372F	496A163631BCEFA9F0A7CB4CCB4361DD48122E7FAF23564AE544A701926A4005
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\en[1].htm	HTML document, ASCII text	94DEDB7E848E4A8720CFABE0F5ED7EA5	49F755467F6F0123B714A2C6DECAF56DC607A01D	94966965770A5B35A7B465773C11CB3747FCFF56D4057BE4F334E069CF134903
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\googlelogo_color_42x16dp[1].png	PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced	EFA6BB2BFE459BC6F4BDAFA3DB0383F6	52D15CE52FE50643E542C17812DE43F4ED1B6EE0	6318394F737C66F0E2CCFCD88E3935C6667633A1B95FA29FBA2B75431D55EEF2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\gtranslate-style16[1].css	ASCII text	81EAD9CBB54A2C191C8595E08B7A5462	146861EF436E31DA4E04DE2A639AA0A827434D80	43F5A30B6376ED7AA090325F42362E56811B0F54B569CDA6D52061F02B7FB57F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\jquery-migrate.min[1].js	ASCII text, with very long lines	79B4956B7EC478EC10244B5E2D33AC7D	A46025B9D05E3DF30D610A8AEF14F392C7058DC9	029E0A2E809FD6B5DBE76ABE8B7A74936BE306C9A8C27C814C4D44AA54623300
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\pxiByp8kv8JHgFVrLBT5Z1JlEw[1].woff	Web Open Font Format, TrueType, length 13988, version 1.1	3DE33FA7FA80472725DF410AEA6D0D23	448FD31F6686A666D9D403542C8C6DE39250F0EB	CF90542374308F6A354F70FEF47E75E7A9B901F9376F9665CEF566F2BEFAE9C0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\pxiByp8kv8JHgFVrLCz7Z1JlEw[1].woff	Web Open Font Format, TrueType, length 14340, version 1.1	B40A72918B5860CCC8C5D7013295C530	149848496F95B16E581DA855B83387FB2999618B	9B3AC8CEB85E6EE61739FD2737C4AEAC169DBF85810DECF1B3BF365DB7F788D2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\pxiByp8kv8JHgFVrLDD4Z1JlEw[1].woff	Web Open Font Format, TrueType, length 14400, version 1.1	C8B01A9C342783829FA33287BCC97296	71587A415D44D52009F212ECD452223C17FDE324	C40E27EE4D8E0094C2E1B47DB0E1BF97FC0521DB838219362A6CE7446F191A2A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\pxiByp8kv8JHgFVrLEj6Z1JlEw[1].woff	Web Open Font Format, TrueType, length 14556, version 1.1	DFEA30481344E8E2290DF4684AA5DEEA	22E7F510A5910927222AFE0CAFF4757E6F96CB70	523A67C7F17B03FFAE27A8C7BCF05C815168B812404F2FBE6F9661CE6F7F362A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\u-4l0qyriQwlOrhSvowK_l5-eR71Wvf2jvo[1].woff	Web Open Font Format, TrueType, length 35896, version 1.1	DB81847B4E4F468D2737347F1937CA53	D32D6ED6746BF9CF875FA33BA5487AB8492464FC	5CF3D577884A9FE0B9C5035D9FEF55452D7C6312DE5E1924694D6298B8E05A09
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\u-4l0qyriQwlOrhSvowK_l5-eR7NWPf2jvo[1].woff	Web Open Font Format, TrueType, length 35668, version 1.1	169D9D2C6D7C55387C18DE8D8B3E623A	0E299CE28B678C86D69BCC75DE018ED7C5B347A0	E6F17DADF5CA2A4371F963AA13C2F691662F544846F7DCCABF9EE4EC5D5BF27A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\u-4l0qyriQwlOrhSvowK_l5-eR7lXff2jvo[1].woff	Web Open Font Format, TrueType, length 35348, version 1.1	7C46849590BC08460C5390DACEA77E55	755184DEB57C9D3BAFA013801E45F029944D8A9E	B8D310291A325DDAFD2688ED6595A65BDA38B791448A1ADAA18C25376C1E6642
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\u-4m0qyriQwlOrhSvowK_l5-eRZAf-Q[1].woff	Web Open Font Format, TrueType, length 35480, version 1.1	3395451D449533ACAAE7864DC3A49BC3	212E8F24BB8BA9BB7CEEBC3A58376111C39E41A3	2C5F7FEE655319E301002E5ECBE42DDFAC938F92F51DD878233E7E248C73EAD3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\u-4n0qyriQwlOrhSvowK_l521wRZVsf8[1].woff	Web Open Font Format, TrueType, length 35336, version 1.1	7B29C03D3385B2A1BFBA80416FF8955F	6A9B51114F7B42AB5B24BEADD49D1E88D7E38FD2	DB9CD6DAFDB5F22DD44B1A34BC4C83CD4E76748F658DC57AA5EF3E3E7E8625FA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\util[1].js	ASCII text, with very long lines	0774ADD84BF5DFCBC8AA0505C0BDD1BC	CDCF01916B7BE258A5A4E7A36DC767A09D8A7CA3	3AB08DB19A330452C31F9AB1BFDAC4CFBD374D968D567B0A142E41EB96D0642B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\vt[1].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	6DBE2161EFAA87EC4EDACC91C4AC2DDA	287DC7B184E65941DAA8C4266C6719F0991D39EE	722EB2731DDF73919BB2CE3EC8C603D885D70494C4F1646F12485530B770185C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\vt[2].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	C3E94341723227D708F00BE544431756	32A41ADBB6A41FF6F70BC6538E9D78515FBE4EE3	187943368B61DDC94E8B736E5805F0BDFCE131D1B650F3EB1E802D58E9712642
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\vt[3].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	AF18040323CB3FA603E4210457D1CDD8	397C97C3F52310D44B53229E653C98A99CFAF0CB	135AC0ADFD6520D3977FC1BCD7A9F94DDB59E006C05E3BE4F56DC79F466ED13A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\vt[4].png	PNG image data, 256 x 256, 8-bit colormap, non-interlaced	001F0C661F6DF4743512A9E44F549D0D	ECA98D5DDBCB085B475A36EE2E3A97AF18A3BA4B	5C0B970A48D5B37C4C21CFE11B2E6DFCF9C048244A883583B76AF50D7F88D302
C:\Users\user\AppData\Local\Temp\~DF26038EAB59A3EBED.TMP	data	450672B45CF17AE8AFBFEE695FAD9609	F9BACD47D06D59D8397976D0D36A43D379F0C956	C58CEAF9D4CD705719EE5D9ADA6F53E72B7EEEA9DEC1A4F2C76432FC3655EC7C
C:\Users\user\AppData\Local\Temp\~DFB413126732D5739A.TMP	data	1524D2C036B78DEFEEFFE7A0D4F3C676	D57A8B1DDAE11F15ACB8EC61781E1F7B61891078	E5336FA11F0B6666CFF8BD6D6BEED64977A28CB7A6D6D6C070FFD532AC95F922
C:\Users\user\AppData\Local\Temp\~DFE78E318E656894F2.TMP	data	570203BE850A3EFB813F5B44D398495B	67724994E2BE645849FE042739A84910DEE0C684	AB2EC644A14B23FA8EA29499DB889F913ED0C4C2B7F13FE64B14BCEA39004459

ID:	371645
Product:	CloudBasic
Start time:	20:21:55
Start date:	18.03.2021
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Analysis Report http://scheduling.mesacountyhealth.com/public/covidInitialDose/instructions/en.html

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance:

Networking:

System Summary:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Contacted Domains

Contacted URLs