Play interactive tour

Edit tour

Analysis Report https://lnkd.in/efFSywC

Overview

General Information

Sample URL:	https://lnkd.in/efFSywC
Analysis ID:	404129
Infos:
Most interesting Screenshot:

Detection

HTMLPhisher

Score:	84
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Phishing site detected (based on shot template match)

Yara detected HtmlPhish10

Yara detected HtmlPhish7

Phishing site detected (based on logo template match)

HTML body contains low number of good links

HTML title does not match URL

Suspicious form URL found

Classification

Startup

System is w10x64

iexplore.exe (PID: 6720 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 6804 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6720 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

Dropped Files

Source	Rule	Description	Author	Strings
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\McGarvey[1].htm	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\McGarvey[1].htm	JoeSecurity_HtmlPhish_7	Yara detected HtmlPhish_7	Joe Security

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Antivirus / Scanner detection for submitted sample

Show sources

Source: https://lnkd.in/efFSywC

SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering

Antivirus detection for URL or domain

Show sources

Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/	SlashNext: Label: Fake Login Page type: Phishing & Social Engineering
Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/?page-mode=static	SlashNext: Label: Fake Login Page type: Phishing & Social Engineering
Source: https://honeywell-products.com/John/McGarvey/	SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

Phishing site detected (based on shot template match)

Show sources

Source: https://honeywell-products.com/John/McGarvey/

Matcher: Template: outlook matched

Yara detected HtmlPhish10

Show sources

Source: Yara match	File source: 936905.2.links.csv, type: HTML
Source: Yara match	File source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\McGarvey[1].htm, type: DROPPED

Yara detected HtmlPhish7

Show sources

Source: Yara match	File source: 936905.2.links.csv, type: HTML
Source: Yara match	File source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\McGarvey[1].htm, type: DROPPED

Phishing site detected (based on logo template match)

Show sources

Source: https://honeywell-products.com/John/McGarvey/

Matcher: Template: onedrive matched

Source: https://honeywell-products.com/John/McGarvey/	HTTP Parser: Number of links: 0
Source: https://honeywell-products.com/John/McGarvey/	HTTP Parser: Number of links: 0

Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/	HTTP Parser: Title: McGarvey Development Company does not match URL
Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/	HTTP Parser: Title: McGarvey Development Company does not match URL
Source: https://honeywell-products.com/John/McGarvey/	HTTP Parser: Title: Share Point Online does not match URL
Source: https://honeywell-products.com/John/McGarvey/	HTTP Parser: Title: Share Point Online does not match URL
Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/	HTTP Parser: Title: McGarvey Development Company does not match URL
Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/	HTTP Parser: Title: McGarvey Development Company does not match URL

Source: https://honeywell-products.com/John/McGarvey/	HTTP Parser: Form action: ./next.php
Source: https://honeywell-products.com/John/McGarvey/	HTTP Parser: Form action: ./next.php
Source: https://honeywell-products.com/John/McGarvey/	HTTP Parser: Form action: ./next.php
Source: https://honeywell-products.com/John/McGarvey/	HTTP Parser: Form action: ./next.php

Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/	HTTP Parser: No <meta name="author".. found
Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/	HTTP Parser: No <meta name="author".. found
Source: https://honeywell-products.com/John/McGarvey/	HTTP Parser: No <meta name="author".. found
Source: https://honeywell-products.com/John/McGarvey/	HTTP Parser: No <meta name="author".. found
Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/	HTTP Parser: No <meta name="author".. found
Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/	HTTP Parser: No <meta name="author".. found

Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/	HTTP Parser: No <meta name="copyright".. found
Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/	HTTP Parser: No <meta name="copyright".. found
Source: https://honeywell-products.com/John/McGarvey/	HTTP Parser: No <meta name="copyright".. found
Source: https://honeywell-products.com/John/McGarvey/	HTTP Parser: No <meta name="copyright".. found
Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/	HTTP Parser: No <meta name="copyright".. found
Source: https://spark.adobe.com/page/XzmTHY6Mi43rB/	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Source: unknown	HTTPS traffic detected: 108.174.10.10:443 -> 192.168.2.4:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.10.10:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.79:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.79:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.115:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.115:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.115:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.115:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.115:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.217.108.214:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.217.108.214:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.115:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.49.234.166:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.49.234.166:443 -> 192.168.2.4:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.4:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.4:49773 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.19.94:443 -> 192.168.2.4:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.19.94:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.252.69:443 -> 192.168.2.4:49791 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.252.69:443 -> 192.168.2.4:49792 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.149.64:443 -> 192.168.2.4:49797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.149.64:443 -> 192.168.2.4:49798 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.246.133.154:443 -> 192.168.2.4:49799 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.246.133.154:443 -> 192.168.2.4:49800 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.4:49802 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.4:49801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.237.136.106:443 -> 192.168.2.4:49803 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.237.136.106:443 -> 192.168.2.4:49804 version: TLS 1.2

Source: unsupported[1].htm.3.dr	String found in binary or memory: <a href="https://www.facebook.com/AdobeSpark" target="_blank" data-analytics-context="footer" data-type="facebook" equals www.facebook.com (Facebook)
Source: scripts[1].js.3.dr	String found in binary or memory: if ($a.href.startsWith('https://www.facebook.')) { equals www.facebook.com (Facebook)
Source: scripts[1].js.3.dr	String found in binary or memory: if ($a.href.startsWith('https://www.linkedin.com')) { equals www.linkedin.com (Linkedin)
Source: scripts[1].js.3.dr	String found in binary or memory: if ($a.href.startsWith('https://www.youtube.com')) { equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: lnkd.in

Source: m-web-8d2d9d44[1].js.3.dr	String found in binary or memory: http://feross.org
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: http://github.com/janl/mustache.js
Source: hover[1].css.3.dr	String found in binary or memory: http://ianlunn.co.uk/
Source: hover[1].css.3.dr	String found in binary or memory: http://ianlunn.github.io/Hover/)
Source: publish.combined.fp-d40a7373dc7cdb5edbfd059d0f2c60db[1].js.3.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: http://jquery.org/license
Source: chrome[1].js.3.dr	String found in binary or memory: http://mathiasbynens.be/demo/url-regex
Source: m-unsupported-922d5964[1].js.3.dr	String found in binary or memory: http://medialize.github.io/URI.js/
Source: popper.min[1].js.3.dr	String found in binary or memory: http://opensource.org/licenses/MIT).
Source: rbi5aua[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000000000ffd9
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000132df
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000132e1
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000132e3
Source: rbi5aua[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d3
Source: rbi5aua[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d4
Source: rbi5aua[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d6
Source: rbi5aua[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d7
Source: rbi5aua[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d8
Source: rbi5aua[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d9
Source: rbi5aua[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000000001705b
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000176ff
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/000000000000000000017701
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/000000000000000000017703
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/000000000000000000017706
Source: rbi5aua[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/000000000000000000017709
Source: pps7abe[1].css.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9aee45
Source: pps7abe[1].css.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9aee47
Source: onz5gap[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3068
Source: onz5gap[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f83
Source: pps7abe[1].css.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f84
Source: onz5gap[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f85
Source: pps7abe[1].css.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f86
Source: onz5gap[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f88
Source: onz5gap[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f8a
Source: pps7abe[1].css.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f8c
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: http://underscorejs.org/LICENSE
Source: marvelcommon-51100480[1].js.3.dr, scripts[1].js.3.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chrome[1].js.3.dr	String found in binary or memory: http://www.iport.it)
Source: m-unsupported-922d5964[1].js.3.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.html
Source: RC1a83c357d323419db9d2ba211efeeaae-file.min[1].js.3.dr	String found in binary or memory: https://ade0164.d41.co/sync/
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://adobespark.uservoice.com
Source: en-US_bundle-bf6634f5[1].js.3.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/articles/218956027
Source: en-US_bundle-bf6634f5[1].js.3.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/articles/219243657
Source: en-US_bundle-bf6634f5[1].js.3.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/articles/219243657-Can-students-use-Adobe-Spark-
Source: login[1].htm0.3.dr, unsupported[1].htm.3.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/categories/202688167-Adobe-Spark
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/requests/new
Source: logo[1].htm.3.dr	String found in binary or memory: https://adobesparkpost.app.link/g8sk4xb8AV
Source: express[1].htm.3.dr	String found in binary or memory: https://adobesparkpost.app.link/jsoIbkwCVeb
Source: express[1].htm.3.dr	String found in binary or memory: https://adobesparkpost.app.link/nfQW2NoCVeb
Source: McGarvey[1].htm0.3.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Source: express[1].htm.3.dr	String found in binary or memory: https://apps.apple.com/us/app/adobe-spark-post-create-stunning/id1051937863
Source: login[1].htm0.3.dr	String found in binary or memory: https://assets.adobedtm.com
Source: RC036830be72f242959c7b9ca66cef0c85-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC036830be72f242959c7b9ca66cef0c8
Source: RC1a83c357d323419db9d2ba211efeeaae-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC1a83c357d323419db9d2ba211efeeaa
Source: RC5e5d1b9fe0a942c38190dc2199529941-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC5e5d1b9fe0a942c38190dc219952994
Source: RC6f46e43fa6d44dbeb45cc5801ffded0e-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC6f46e43fa6d44dbeb45cc5801ffded0
Source: RC89c6d3bd15f043db95a5a0a4b5cc9da0-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC89c6d3bd15f043db95a5a0a4b5cc9da
Source: launch-EN919758db9a654a17bac7d184b99c4820.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.js
Source: scripts[1].js.3.dr	String found in binary or memory: https://blog.adobespark.com/
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=378607
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=449857
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=470258
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=589347
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.jquery.com/ticket/12359
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.jquery.com/ticket/13378
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=137337
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: login[1].htm0.3.dr	String found in binary or memory: https://cdn.cookielaw.org
Source: 7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.3.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/googleData.json
Source: 7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.3.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iab2Data.json
Source: 7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.3.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iabData.json
Source: McGarvey[1].htm0.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Source: McGarvey[1].htm0.3.dr	String found in binary or memory: https://code.jquery.com/jquery-3.1.1.min.js
Source: McGarvey[1].htm0.3.dr	String found in binary or memory: https://code.jquery.com/jquery-3.2.1.slim.min.js
Source: McGarvey[1].htm0.3.dr	String found in binary or memory: https://code.jquery.com/jquery-3.3.1.js
Source: en[1].js.3.dr	String found in binary or memory: https://developer.akamai.com/tools/boomerang#mpulse-session-information
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: headIE.fp-457d9bd744a6e226ae87a5aeb36fb5c4[1].js.3.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/NodeList/forEach
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#resolved-values
Source: publish.combined.fp-d40a7373dc7cdb5edbfd059d0f2c60db[1].js.3.dr	String found in binary or memory: https://fb.me/react-polyfills
Source: m-unsupported-922d5964[1].js.3.dr	String found in binary or memory: https://feross.org
Source: m-unsupported-922d5964[1].js.3.dr	String found in binary or memory: https://feross.org/opensource
Source: free-fa-regular-400[1].eot.3.dr, free.min[1].css.3.dr	String found in binary or memory: https://fontawesome.com
Source: free.min[1].css.3.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: free-fa-regular-400[1].eot.3.dr, free-fa-solid-900[1].eot.3.dr	String found in binary or memory: https://fontawesome.comhttps://fontawesome.comFont
Source: McGarvey[1].htm0.3.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Archivo
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/archivonarrow/v12/tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXo.woff)
Source: 7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.3.dr	String found in binary or memory: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Source: bootstrap.min[1].css.3.dr, bootstrap.min[1].js.3.dr	String found in binary or memory: https://getbootstrap.com)
Source: bootstrap.min[1].js0.3.dr	String found in binary or memory: https://getbootstrap.com/)
Source: hover[1].css.3.dr	String found in binary or memory: https://github.com/IanLunn/Hover
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://github.com/eslint/eslint/issues/3229
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://github.com/eslint/eslint/issues/6125
Source: head.fp-1c6b8ee3dfac8039d9ead67e8b6d6138[1].js.3.dr	String found in binary or memory: https://github.com/focus-trap/focus-trap/blob/master/LICENSE
Source: head.fp-1c6b8ee3dfac8039d9ead67e8b6d6138[1].js.3.dr	String found in binary or memory: https://github.com/focus-trap/tabbable/blob/master/LICENSE
Source: chrome[1].js.3.dr	String found in binary or memory: https://github.com/janl/mustache.js/issues/186
Source: chrome[1].js.3.dr	String found in binary or memory: https://github.com/janl/mustache.js/issues/189
Source: chrome[1].js.3.dr	String found in binary or memory: https://github.com/janl/mustache.js/issues/244
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: https://github.com/kriskowal/q/blob/v1/LICENSE
Source: bootstrap.min[1].css.3.dr, bootstrap.min[1].js.3.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: bootstrap.min[1].js.3.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: XzmTHY6Mi43rB[1].htm0.3.dr	String found in binary or memory: https://honeywell-products.com/John/McGarvey
Source: ~DF50B252E4C595B6D3.TMP.1.dr	String found in binary or memory: https://honeywell-products.com/John/McGarvey/
Source: ~DF50B252E4C595B6D3.TMP.1.dr	String found in binary or memory: https://honeywell-products.com/John/McGarvey/$Share
Source: ~DF50B252E4C595B6D3.TMP.1.dr	String found in binary or memory: https://honeywell-products.com/John/McGarvey/ges/30b73ae4-1bd3-47d5-ab7b-fc9ebfbd3087.png?asset_id=3
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#category-listed
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-option-disabled
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-enabled
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace
Source: chrome[1].js.3.dr	String found in binary or memory: https://issues.apache.org/jira/browse/COUCHDB-577
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://jquery.com/
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://jquery.org/license
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://jsperf.com/getall-vs-sizzle/2
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://jsperf.com/thor-indexof-vs-for/5
Source: 585b051251[1].js.3.dr	String found in binary or memory: https://ka-f.fontawesome.com
Source: 585b051251[1].js.3.dr	String found in binary or memory: https://kit.fontawesome.com
Source: McGarvey[1].htm0.3.dr	String found in binary or memory: https://kit.fontawesome.com/585b051251.js
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: https://lodash.com/
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: https://lodash.com/license
Source: McGarvey[1].htm0.3.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Source: McGarvey[1].htm0.3.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: https://openjsf.org/
Source: en-US_bundle-bf6634f5[1].js.3.dr	String found in binary or memory: https://opsparc.gsfc.nasa.gov/?sdid=MC95SNMJ&mv=social
Source: vtg4qoo[1].js.3.dr, onz5gap[1].js.3.dr, rbi5aua[1].js.3.dr	String found in binary or memory: https://p.typekit.net/p.gif
Source: XzmTHY6Mi43rB[1].htm0.3.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/base-fonts.gz.js
Source: XzmTHY6Mi43rB[1].htm0.3.dr, imagestore.dat.3.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/images/favicon.ico
Source: XzmTHY6Mi43rB[1].htm0.3.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/noscript.gz.css
Source: XzmTHY6Mi43rB[1].htm0.3.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/runtime-prod.gz.js
Source: XzmTHY6Mi43rB[1].htm0.3.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/runtime.gz.css
Source: XzmTHY6Mi43rB[1].htm0.3.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/themes/crisp-fonts.gz.js
Source: XzmTHY6Mi43rB[1].htm0.3.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/typekit-load.gz.js
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-48
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-54
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-57
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-59
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-61
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-64
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-75
Source: publish.combined.fp-d40a7373dc7cdb5edbfd059d0f2c60db[1].js.3.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://sizzlejs.com/
Source: {F5A069F7-ACF5-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://spark.adobe.co
Source: McGarvey[1].htm0.3.dr	String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Source: login[1].htm0.3.dr	String found in binary or memory: https://static.adobelogin.com/imslib/imslib.min.js
Source: privacy[1].htm0.3.dr	String found in binary or memory: https://static.adobelogin.com/imslib/imslib.min.js
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://support.apple.com/downloads/safari
Source: scripts[1].js.3.dr	String found in binary or memory: https://twitter.com
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://twitter.com/AdobeSpark
Source: onz5gap[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/180c9d/00000000000000003b9b3f8a/27/
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/1da05b/0000000000000000000132df/27/
Source: onz5gap[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: rbi5aua[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/3d913c/000000000000000000017709/26/
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/40207f/0000000000000000000176ff/27/
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/4b3e87/000000000000000000017706/27/
Source: rbi5aua[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/6c57c4/0000000000000000000158d6/26/
Source: rbi5aua[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/74fc30/0000000000000000000158d4/26/
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/8f4e31/0000000000000000000132e3/27/
Source: onz5gap[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/
Source: onz5gap[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: scripts[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8
Source: rbi5aua[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/9951d2/0000000000000000000158d7/26/
Source: rbi5aua[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/9d1933/00000000000000000001705b/26/
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/a0c22f/00000000000000003b9b3f84/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/a0c22f/00000000000000003b9b3f84/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/a0c22f/00000000000000003b9b3f84/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/aa41d0/00000000000000003b9b3f86/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/aa41d0/00000000000000003b9b3f86/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/aa41d0/00000000000000003b9b3f86/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: scripts[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8
Source: onz5gap[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: scripts[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/cb695f/000000000000000000017701/27/
Source: rbi5aua[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/d5d9b2/00000000000000000000ffd9/26/
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/d8f71f/0000000000000000000132e1/27/
Source: rbi5aua[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/e030d3/0000000000000000000158d3/26/
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/e09494/00000000000000003b9aee45/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/e09494/00000000000000003b9aee45/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.3.dr	String found in binary or memory: https://use.typekit.net/af/e09494/00000000000000003b9aee45/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: vtg4qoo[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/eaf09c/000000000000000000017703/27/
Source: rbi5aua[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/edcf1e/0000000000000000000158d9/26/
Source: rbi5aua[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/fe9c8e/0000000000000000000158d8/26/
Source: privacy[1].htm0.3.dr	String found in binary or memory: https://use.typekit.net/pps7abe.css
Source: login[1].htm0.3.dr	String found in binary or memory: https://use.typekit.net/vtg4qoo.css
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://use.typekit.net/vtg4qoo.js
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://web.archive.org/web/20141116233347/http://fluidproject.org/blog/2008/01/09/getting-setting-a
Source: scripts[1].js.3.dr	String found in binary or memory: https://www.facebook.
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://www.google.com/chrome/browser/desktop/index.html
Source: chrome[1].js.3.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?
Source: scripts[1].js.3.dr	String found in binary or memory: https://www.instagram.com
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://www.instagram.com/AdobeSpark
Source: scripts[1].js.3.dr	String found in binary or memory: https://www.linkedin.com
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://www.mozilla.org/firefox
Source: scripts[1].js.3.dr	String found in binary or memory: https://www.pinterest.
Source: scripts[1].js.3.dr	String found in binary or memory: https://www.youtube.com

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443

Source: unknown	HTTPS traffic detected: 108.174.10.10:443 -> 192.168.2.4:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.10.10:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.79:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.79:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.115:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.115:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.115:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.115:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.115:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.217.108.214:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.217.108.214:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.115:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.49.234.166:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.49.234.166:443 -> 192.168.2.4:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.4:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.4:49773 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.19.94:443 -> 192.168.2.4:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.19.94:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.10.207:443 -> 192.168.2.4:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.252.69:443 -> 192.168.2.4:49791 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.252.69:443 -> 192.168.2.4:49792 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.149.64:443 -> 192.168.2.4:49797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.149.64:443 -> 192.168.2.4:49798 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.246.133.154:443 -> 192.168.2.4:49799 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.246.133.154:443 -> 192.168.2.4:49800 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.4:49802 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.4:49801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.237.136.106:443 -> 192.168.2.4:49803 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.237.136.106:443 -> 192.168.2.4:49804 version: TLS 1.2

Source: classification engine

Classification label: mal84.phis.win@3/187@19/13

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F5A069F5-ACF5-11EB-90EB-ECF4BBEA1588}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF92126C3A88090690.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6720 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6720 CREDAT:17410 /prefetch:2

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Source: Contact_72px_lt-gray[1].svg.3.dr	Binary or memory string: NEIBESjjzwKWaQEmuhbGgACFWDKdB5OZZSX+agjjkcZegD1y0h+ELA7oCf9h2TzH5Lk87RNpJWUz
Source: LawEnforcement_72px_lt-gray[1].svg.3.dr	Binary or memory string: 4RfwbOThACGyTEZ5moRPrV2QweL6BvvMQAZIZXEdT2O5NEPgUsRJGSwFUuYlgyhgfSp3NY2hgKUv
Source: Policies_72px_lt-gray[1].svg.3.dr	Binary or memory string: 4tB1EVplopO2rztHQjrQqeMUbUqdlUYbWkVkAS0rzSFGk5qfcFFaK8X2oKw7N1FayNdH7BQ+Tst9

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	Security Software Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	File and Directory Discovery1	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information1	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://lnkd.in/efFSywC	0%	Virustotal		Browse
https://lnkd.in/efFSywC	0%	Avira URL Cloud	safe
https://lnkd.in/efFSywC	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://spark.adobe.com/page/XzmTHY6Mi43rB/	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering
https://spark.adobe.com/page/XzmTHY6Mi43rB/?page-mode=static	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering
https://honeywell-products.com/John/McGarvey/	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering
https://page.adobespark-assets.com/runtime/1.22/typekit-load.gz.js	0%	Virustotal		Browse
https://page.adobespark-assets.com/runtime/1.22/typekit-load.gz.js	0%	Avira URL Cloud	safe
https://fontawesome.comhttps://fontawesome.comFont	0%	Avira URL Cloud	safe
https://openjsf.org/	0%	URL Reputation	safe
https://openjsf.org/	0%	URL Reputation	safe
https://openjsf.org/	0%	URL Reputation	safe
https://openjsf.org/	0%	URL Reputation	safe
https://honeywell-products.com/John/McGarvey/$Share	0%	Avira URL Cloud	safe
https://ade0164.d41.co/sync/	0%	Avira URL Cloud	safe
https://honeywell-products.com/John/McGarvey/ges/30b73ae4-1bd3-47d5-ab7b-fc9ebfbd3087.png?asset_id=3	0%	Avira URL Cloud	safe
http://ianlunn.co.uk/	0%	URL Reputation	safe
http://ianlunn.co.uk/	0%	URL Reputation	safe
http://ianlunn.co.uk/	0%	URL Reputation	safe
https://page.adobespark-assets.com/runtime/1.22/images/favicon.ico	0%	Avira URL Cloud	safe
http://www.iport.it)	0%	Avira URL Cloud	safe
https://page.adobespark-assets.com/runtime/1.22/runtime-prod.gz.js	0%	Avira URL Cloud	safe
https://promisesaplus.com/#point-59	0%	URL Reputation	safe
https://promisesaplus.com/#point-59	0%	URL Reputation	safe
https://promisesaplus.com/#point-59	0%	URL Reputation	safe
https://promisesaplus.com/#point-57	0%	URL Reputation	safe
https://promisesaplus.com/#point-57	0%	URL Reputation	safe
https://promisesaplus.com/#point-57	0%	URL Reputation	safe
https://promisesaplus.com/#point-54	0%	URL Reputation	safe
https://promisesaplus.com/#point-54	0%	URL Reputation	safe
https://promisesaplus.com/#point-54	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
stackpath.bootstrapcdn.com	104.18.10.207	true	false	high
dd20fzx9mj46f.cloudfront.net	13.35.252.69	true	false	high
honeywell-products.com	69.49.234.166	true	false	unknown
maxcdn.bootstrapcdn.com	104.18.11.207	true	false	high
dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com	34.246.133.154	true	false	high
lnkd.in	108.174.10.10	true	false	unknown
spark.adobeprojectm.com	65.9.66.79	true	false	unknown
s3.amazonaws.com	52.217.108.214	true	false	high
cdnjs.cloudflare.com	104.16.19.94	true	false	high
adobe.com.ssl.d1.sc.omtrdc.net	15.237.136.106	true	false	unknown
page.adobespark-assets.com	65.9.66.115	true	false	unknown
cdn.cookielaw.org	104.16.149.64	true	false	high
geolocation.onetrust.com	104.20.184.68	true	false	high
use.typekit.net	unknown	unknown	false	high
ka-f.fontawesome.com	unknown	unknown	false	high
kit.fontawesome.com	unknown	unknown	false	high
assets.adobedtm.com	unknown	unknown	false	high
www.linkedin.com	unknown	unknown	false	high
p.typekit.net	unknown	unknown	false	high
code.jquery.com	unknown	unknown	false	high
dpm.demdex.net	unknown	unknown	false	high
static.adobelogin.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://honeywell-products.com/John/McGarvey/	true	SlashNext: Fake Login Page type: Phishing & Social Engineering	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://www.linkedin.com	scripts[1].js.3.dr	false		high
https://code.jquery.com/jquery-3.2.1.slim.min.js	McGarvey[1].htm0.3.dr	false		high
https://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/	jquery-3.3.1[1].js.3.dr	false		high
https://page.adobespark-assets.com/runtime/1.22/typekit-load.gz.js	XzmTHY6Mi43rB[1].htm0.3.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://fontawesome.comhttps://fontawesome.comFont	free-fa-regular-400[1].eot.3.dr, free-fa-solid-900[1].eot.3.dr	false	Avira URL Cloud: safe	unknown
https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled	jquery-3.3.1[1].js.3.dr	false		high
https://assets.adobedtm.com	login[1].htm0.3.dr	false		high
https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace	jquery-3.3.1[1].js.3.dr	false		high
https://www.youtube.com	scripts[1].js.3.dr	false		high
https://fontawesome.com	free-fa-regular-400[1].eot.3.dr, free.min[1].css.3.dr	false		high
https://static.adobelogin.com/imslib/imslib.min.js	privacy[1].htm0.3.dr	false		high
https://www.instagram.com	scripts[1].js.3.dr	false		high
https://github.com/twbs/bootstrap/graphs/contributors)	bootstrap.min[1].js.3.dr	false		high
https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/d?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css.3.dr	false		high
https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon	jquery-3.3.1[1].js.3.dr	false		high
https://use.typekit.net/af/8f4e31/0000000000000000000132e3/27/	vtg4qoo[1].js.3.dr	false		high
https://bugzilla.mozilla.org/show_bug.cgi?id=687787	jquery-3.3.1[1].js.3.dr	false		high
https://use.typekit.net/af/e09494/00000000000000003b9aee45/27/l?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css.3.dr	false		high
https://bugs.chromium.org/p/chromium/issues/detail?id=470258	jquery-3.3.1[1].js.3.dr	false		high
https://kit.fontawesome.com/585b051251.js	McGarvey[1].htm0.3.dr	false		high
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	McGarvey[1].htm0.3.dr	false		high
https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/d?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css.3.dr	false		high
https://openjsf.org/	marvelcommon-51100480[1].js.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://honeywell-products.com/John/McGarvey/$Share	~DF50B252E4C595B6D3.TMP.1.dr	true	Avira URL Cloud: safe	unknown
https://use.typekit.net/af/3d913c/000000000000000000017709/26/	rbi5aua[1].js.3.dr	false		high
https://ade0164.d41.co/sync/	RC1a83c357d323419db9d2ba211efeeaae-file.min[1].js.3.dr	false	Avira URL Cloud: safe	unknown
https://adobespark.uservoice.com	unsupported[1].htm.3.dr	false		high
https://honeywell-products.com/John/McGarvey/ges/30b73ae4-1bd3-47d5-ab7b-fc9ebfbd3087.png?asset_id=3	~DF50B252E4C595B6D3.TMP.1.dr	true	Avira URL Cloud: safe	unknown
https://developer.akamai.com/tools/boomerang#mpulse-session-information	en[1].js.3.dr	false		high
https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/a?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css.3.dr	false		high
https://use.typekit.net/af/e09494/00000000000000003b9aee45/27/a?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css.3.dr	false		high
https://use.typekit.net/af/edcf1e/0000000000000000000158d9/26/	rbi5aua[1].js.3.dr	false		high
https://jsperf.com/getall-vs-sizzle/2	jquery-3.3.1[1].js.3.dr	false		high
https://honeywell-products.com/John/McGarvey/	~DF50B252E4C595B6D3.TMP.1.dr	true	SlashNext: Fake Login Page type: Phishing & Social Engineering	unknown
https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/d?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css.3.dr	false		high
https://github.com/kriskowal/q/blob/v1/LICENSE	marvelcommon-51100480[1].js.3.dr	false		high
http://underscorejs.org/LICENSE	marvelcommon-51100480[1].js.3.dr	false		high
https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC1a83c357d323419db9d2ba211efeeaa	RC1a83c357d323419db9d2ba211efeeaae-file.min[1].js.3.dr	false		high
https://jquery.com/	jquery-3.3.1[1].js.3.dr	false		high
http://ianlunn.co.uk/	hover[1].css.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://adobespark.zendesk.com/hc/en-us/articles/219243657	en-US_bundle-bf6634f5[1].js.3.dr	false		high
https://github.com/twbs/bootstrap/blob/master/LICENSE)	bootstrap.min[1].css.3.dr, bootstrap.min[1].js.3.dr	false		high
https://github.com/IanLunn/Hover	hover[1].css.3.dr	false		high
https://use.typekit.net/vtg4qoo.css	login[1].htm0.3.dr	false		high
https://adobesparkpost.app.link/nfQW2NoCVeb	express[1].htm.3.dr	false		high
https://sizzlejs.com/	jquery-3.3.1[1].js.3.dr	false		high
https://use.typekit.net/af/9951d2/0000000000000000000158d7/26/	rbi5aua[1].js.3.dr	false		high
https://adobespark.zendesk.com/hc/en-us/articles/218956027	en-US_bundle-bf6634f5[1].js.3.dr	false		high
https://npms.io/search?q=ponyfill.	marvelcommon-51100480[1].js.3.dr	false		high
https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8	scripts[1].js.3.dr	false		high
https://ka-f.fontawesome.com	585b051251[1].js.3.dr	false		high
https://use.typekit.net/af/9d1933/00000000000000000001705b/26/	rbi5aua[1].js.3.dr	false		high
https://bugs.jquery.com/ticket/12359	jquery-3.3.1[1].js.3.dr	false		high
https://cdn.cookielaw.org	login[1].htm0.3.dr	false		high
https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8	scripts[1].js.3.dr	false		high
https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC6f46e43fa6d44dbeb45cc5801ffded0	RC6f46e43fa6d44dbeb45cc5801ffded0e-file.min[1].js.3.dr	false		high
https://fontawesome.com/license/free	free.min[1].css.3.dr	false		high
https://page.adobespark-assets.com/runtime/1.22/images/favicon.ico	XzmTHY6Mi43rB[1].htm0.3.dr, imagestore.dat.3.dr	false	Avira URL Cloud: safe	unknown
http://www.iport.it)	chrome[1].js.3.dr	false	Avira URL Cloud: safe	low
http://www.opensource.org/licenses/mit-license.html	marvelcommon-51100480[1].js.3.dr	false		high
https://cdn.cookielaw.org/vendorlist/googleData.json	7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.3.dr	false		high
https://github.com/jquery/jquery/pull/557)	jquery-3.3.1[1].js.3.dr	false		high
https://use.typekit.net/af/180c9d/00000000000000003b9b3f8a/27/	onz5gap[1].js.3.dr	false		high
http://www.opensource.org/licenses/mit-license	m-unsupported-922d5964[1].js.3.dr	false		high
https://bugs.chromium.org/p/chromium/issues/detail?id=378607	jquery-3.3.1[1].js.3.dr	false		high
http://typekit.com/eulas/00000000000000003b9b3f8a	onz5gap[1].js.3.dr	false		high
http://typekit.com/eulas/00000000000000003b9b3f8c	pps7abe[1].css.3.dr	false		high
http://typekit.com/eulas/0000000000000000000176ff	vtg4qoo[1].js.3.dr	false		high
https://adobesparkpost.app.link/jsoIbkwCVeb	express[1].htm.3.dr	false		high
https://cdn.cookielaw.org/vendorlist/iab2Data.json	7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.3.dr	false		high
https://use.typekit.net/af/74fc30/0000000000000000000158d4/26/	rbi5aua[1].js.3.dr	false		high
https://page.adobespark-assets.com/runtime/1.22/runtime-prod.gz.js	XzmTHY6Mi43rB[1].htm0.3.dr	false	Avira URL Cloud: safe	unknown
https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/l?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css.3.dr	false		high
https://use.typekit.net/af/d5d9b2/00000000000000000000ffd9/26/	rbi5aua[1].js.3.dr	false		high
https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC036830be72f242959c7b9ca66cef0c8	RC036830be72f242959c7b9ca66cef0c85-file.min[1].js.3.dr	false		high
https://drafts.csswg.org/cssom/#resolved-values	jquery-3.3.1[1].js.3.dr	false		high
https://bugs.chromium.org/p/chromium/issues/detail?id=589347	jquery-3.3.1[1].js.3.dr	false		high
https://twitter.com/AdobeSpark	unsupported[1].htm.3.dr	false		high
https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/l?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css.3.dr	false		high
https://code.jquery.com/jquery-3.1.1.min.js	McGarvey[1].htm0.3.dr	false		high
https://use.typekit.net/af/eaf09c/000000000000000000017703/27/	vtg4qoo[1].js.3.dr	false		high
https://reactjs.org/docs/error-decoder.html?invariant=	publish.combined.fp-d40a7373dc7cdb5edbfd059d0f2c60db[1].js.3.dr	false		high
https://adobesparkpost.app.link/g8sk4xb8AV	logo[1].htm.3.dr	false		high
http://typekit.com/eulas/0000000000000000000158d4	rbi5aua[1].js.3.dr	false		high
https://html.spec.whatwg.org/multipage/syntax.html#attributes-2	jquery-3.3.1[1].js.3.dr	false		high
http://typekit.com/eulas/0000000000000000000158d3	rbi5aua[1].js.3.dr	false		high
https://promisesaplus.com/#point-59	jquery-3.3.1[1].js.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://mathiasbynens.be/demo/url-regex	chrome[1].js.3.dr	false		high
https://promisesaplus.com/#point-57	jquery-3.3.1[1].js.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/l?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css.3.dr	false		high
https://github.com/eslint/eslint/issues/3229	jquery-3.3.1[1].js.3.dr	false		high
https://use.typekit.net/pps7abe.css	privacy[1].htm0.3.dr	false		high
https://getbootstrap.com/)	bootstrap.min[1].js0.3.dr	false		high
https://promisesaplus.com/#point-54	jquery-3.3.1[1].js.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://typekit.com/eulas/0000000000000000000158d9	rbi5aua[1].js.3.dr	false		high
https://code.jquery.com/jquery-3.3.1.js	McGarvey[1].htm0.3.dr	false		high
http://typekit.com/eulas/0000000000000000000158d8	rbi5aua[1].js.3.dr	false		high
https://use.typekit.net/af/fe9c8e/0000000000000000000158d8/26/	rbi5aua[1].js.3.dr	false		high
http://typekit.com/eulas/0000000000000000000158d7	rbi5aua[1].js.3.dr	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
69.49.234.166	honeywell-products.com	United States	46606	UNIFIEDLAYER-AS-1US	false
104.18.10.207	stackpath.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
15.237.136.106	adobe.com.ssl.d1.sc.omtrdc.net	United States	16509	AMAZON-02US	false
52.217.108.214	s3.amazonaws.com	United States	16509	AMAZON-02US	false
104.18.11.207	maxcdn.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
104.16.149.64	cdn.cookielaw.org	United States	13335	CLOUDFLARENETUS	false
104.20.184.68	geolocation.onetrust.com	United States	13335	CLOUDFLARENETUS	false
13.35.252.69	dd20fzx9mj46f.cloudfront.net	United States	16509	AMAZON-02US	false
108.174.10.10	lnkd.in	United States	14413	LINKEDINUS	false
34.246.133.154	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
104.16.19.94	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
65.9.66.79	spark.adobeprojectm.com	United States	16509	AMAZON-02US	false
65.9.66.115	page.adobespark-assets.com	United States	16509	AMAZON-02US	false

General Information

Joe Sandbox Version:	32.0.0 Black Diamond
Analysis ID:	404129
Start date:	04.05.2021
Start time:	18:29:07
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 6m 2s
Hypervisor based Inspection enabled:	false
Report type:	light
Cookbook file name:	browseurl.jbs
Sample URL:	https://lnkd.in/efFSywC
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	12
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal84.phis.win@3/187@19/13
Cookbook Comments:	Adjust boot time Enable AMSI Browsing link: https://spark.adobe.com/page/XzmTHY6Mi43rB/?page-mode=static Browsing link: https://spark.adobe.com/page/XzmTHY6Mi43rB/images/30b73ae4-1bd3-47d5-ab7b-fc9ebfbd3087.png?asset_id=3124fa2e-37b6-49c6-ad01-adf231d0691c&img_etag=%22021c634a00e1f9f0e3f2395523824430%22&size=1024 Browsing link: https://honeywell-products.com/John/McGarvey Browsing link: https://spark.adobe.com/page/XzmTHY6Mi43rB/images/8b7d9c40-811d-43c5-8a52-b35b573c17aa.png?asset_id=02c4d4f8-1e29-407e-b052-0308bd8bbe74&img_etag=%22ecead06b235c91965997b2f01e48c33a%22&size=1024 Browsing link: https://spark.adobe.com/page/XzmTHY6Mi43rB Browsing link: https://spark.adobe.com/about?r=reader_page_logo Browsing link: https://spark.adobe.com/make/logo-maker?r=reader_page_learnmore Browsing link: https://spark.adobe.com/login?r=reader_page_bumper_createyourown Browsing link: http://www.adobe.com/legal/terms.html Browsing link: http://www.adobe.com/go/privacy Browsing link: https://spark.adobe.com/login?r=reader_page_topbar_createyourown
Warnings:	Show All Excluded IPs from analysis (whitelisted): 40.88.32.150, 92.122.145.220, 52.255.188.83, 104.43.139.144, 13.64.90.137, 88.221.62.148, 13.107.42.14, 104.42.151.234, 23.32.238.192, 23.32.238.210, 23.37.33.211, 20.82.210.154, 152.199.19.161, 69.16.175.42, 69.16.175.10, 142.250.186.74, 142.250.184.234, 104.18.22.52, 104.18.23.52, 172.64.101.17, 172.64.100.17, 95.101.22.195, 95.101.22.203, 92.122.213.194, 92.122.213.247, 2.20.142.210, 2.20.142.209, 184.30.24.234, 52.155.217.156 TCP Packets have been reduced to 100 Created / dropped Files have been reduced to 100 Excluded domains from analysis (whitelisted): e6653.dscf.akamaiedge.net, cds.s5x3j6q5.hwcdn.net, arc.msn.com.nsatc.net, ka-f.fontawesome.com.cdn.cloudflare.net, cn-assets.adobedtm.com.edgekey.net, spark.adobe.com, e11290.dspg.akamaiedge.net, skypedataprdcoleus15.cloudapp.net, l-0005.l-msedge.net, use-stls.adobe.com.edgesuite.net, audownload.windowsupdate.nsatc.net, watson.telemetry.microsoft.com, au-bg-shim.trafficmanager.net, fonts.googleapis.com, stls.adobe.com-cn.edgesuite.net.globalredir.akadns.net, ajax.googleapis.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, skypedataprdcolcus16.cloudapp.net, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, a1815.dscr.akamai.net, cs9.wpc.v0cdn.net, au.download.windowsupdate.com.edgesuite.net, store-images.s-microsoft.com-c.edgekey.net, a1449.dscg2.akamai.net, arc.msn.com, consumerrp-displaycatalog-aks2eap-europe.md.mp.microsoft.com.akadns.net, iecvlist.microsoft.com, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, e12564.dspb.akamaiedge.net, go.microsoft.com, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, www-linkedin-com.l-0005.l-msedge.net, kit.fontawesome.com.cdn.cloudflare.net, sstats.adobe.com, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, skypedataprdcolwus17.cloudapp.net, p.typekit.net-v3.edgekey.net, ie9comview.vo.msecnd.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, stls.adobe.com-cn.edgesuite.net, skypedataprdcoleus17.cloudapp.net, e7808.dscg.akamaiedge.net, go.microsoft.com.edgekey.net, skypedataprdcolwus16.cloudapp.net, a1988.dscg1.akamai.net, www.adobe.com, displaycatalog-rp.md.mp.microsoft.com.akadns.net Report size getting too big, too many NtCreateFile calls found. Report size getting too big, too many NtDeviceIoControlFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\E5F0NRSV\www.adobe[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	636
Entropy (8bit):	4.745802262357047
Encrypted:	false
SSDEEP:	12:JsrsrUGemKm6Fz5RiodrrUGemKm6Fz5RiodrrUGemKm6Fz5RiodrrUGemKm6Fz58:W0U1mKm6DIoxU1mKm6DIoxU1mKm6DIoP
MD5:	7B2596FDD7D783BE2922D63D865827AC
SHA1:	3537CB1ECA3D7BFFC7EAA74E1C046E37A6A76FF2
SHA-256:	2E16D62886814E8BFD298E43F13F5016C4678D0AD18FE8BBAF243F6241D0385C
SHA-512:	AD3166F3B3CE47F6A858975F66CE3BD5382EA58C17698FB754AF26C23D85728493EB98C7C7598E6756C7F2C9E82670EB4951D3ACDBDEC72E69590A630C707474
Malicious:	false
Reputation:	low
Preview:	<root></root><root></root><root><item name="com.adobe.reactor.dataElementCookiesMigrated" value="true" ltime="3561030992" htime="30884098" /></root><root><item name="com.adobe.reactor.dataElementCookiesMigrated" value="true" ltime="3561030992" htime="30884098" /></root><root><item name="com.adobe.reactor.dataElementCookiesMigrated" value="true" ltime="3561030992" htime="30884098" /></root><root><item name="com.adobe.reactor.dataElementCookiesMigrated" value="true" ltime="3561030992" htime="30884098" /></root><root><item name="com.adobe.reactor.dataElementCookiesMigrated" value="true" ltime="3561030992" htime="30884098" /></root>

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\URW0GA4Q\spark.adobe[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	135
Entropy (8bit):	4.6896010583649055
Encrypted:	false
SSDEEP:	3:D90aK1ryRtFwsnObemKmlULF0VqHlJR33WZcOqSfwdHuFKb:JFK1rUFjgemKm6GVqHlJR3mmiod5b
MD5:	8578FC8D32E0C4DD80C664F3F499BC1A
SHA1:	D90369453704E003EBD35631091599CE852602E6
SHA-256:	55B4BAB06DD6C24FF959A114E3650D4E87298877A3AC0884B26B7B7FF730E1A7
SHA-512:	D09AEFF4F16226ED9B42D58ABB1FAB6BDBA8851D29C2929B59425D82ACF95218EBC8B080F213AA6A8BE9FEB8E4585ECACD859FF0BEECA19622C2B9BEDB132878
Malicious:	false
Reputation:	low
Preview:	<root></root><root><item name="com.adobe.reactor.dataElementCookiesMigrated" value="true" ltime="3536830992" htime="30884098" /></root>

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F5A069F5-ACF5-11EB-90EB-ECF4BBEA1588}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	30296
Entropy (8bit):	1.8489814742942403
Encrypted:	false
SSDEEP:	192:rLZ4Zq2JWNtMifCNzzML7BQBDwsfrNajX:rdYJ43hrpkP0
MD5:	6FC3024967600B18F564C23C220A649C
SHA1:	F430311E35B19F4FAA6436585E1C6CCA0C1905D4
SHA-256:	DB4B6434E8368051E76AE27CC3EB75088734A2B562B14901C46E43B70D91F8C4
SHA-512:	4A2CD21C6BDD19D19A5DEDB723D9560881280362BDE5FD1DD7055D226CE107470C7E65AAFD394D7EF832190B316C1910945D101D9ADDB7E1CD9EEC6AE1474EF0
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F5A069F7-ACF5-11EB-90EB-ECF4BBEA1588}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	197486
Entropy (8bit):	2.6823981618725696
Encrypted:	false
SSDEEP:	384:r04JBvQMj/si9g79N8r149S4R6H9c10l9CMainvPZ6cHsywNYS20TSC8W0cZrkES:9HF0VSFNUyBvjrGXSbGX/jnzu0GCe
MD5:	EE6507C1807D3869AE989BA4AB7B2185
SHA1:	763B3047EEE6FA28E5422AACA874C49F2376C7B8
SHA-256:	197089A1A8EDCD1FFC691812974C09A51457DA3ABFC5BAAFBFBE7D3A7E2AE133
SHA-512:	E5B04F1FBCB39EAB18A12F6849EB8EF5264FC4E198033218DBDA65AA748CE3563B6390359458F8FF2D6883163083EC2CB5006DED3515580830F5B0B85584FED4
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FEA2AA58-ACF5-11EB-90EB-ECF4BBEA1588}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	16984
Entropy (8bit):	1.5645811514220196
Encrypted:	false
SSDEEP:	48:Iw3GcprEGwpaVG4pQ5GrapbSrZGQpKEG7HpR3aTGIpG:r9Z8QH6ZBSrzAPT3eA
MD5:	50F0D4353E9EF6488D5AE9D89E565B57
SHA1:	0190615708BD600C668BD8BA3A8087A8C3366B44
SHA-256:	C518E5EC2FFE929F24B6E86AD74CED99698A92504E563EBBE57CF01529365827
SHA-512:	BB7D2E34FC8432BD143B994D11AB6039F356A26107EC8D07F7291B64C6FBEF60D3DCF79442BBE00215651E014BBF84566092C110C62C8677E462D3AF3F0B418A
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	28454
Entropy (8bit):	2.066873124083156
Encrypted:	false
SSDEEP:	48:R6fVgizzxxEKzOQBbcpS5WT//zVFrc7gzdbklTMl1sy6TMenl7ulGt/3GmjAA2XI:Md170sI2NmU3G08j70sI2NmU3GFh
MD5:	D73651C310C8296CDFDADCC43ABF03D5
SHA1:	7F9B69B3AF528045E6432C0CB0294AA63C439977
SHA-256:	14DC6FB02F5303C6F088BCE866F7ABFADED2B7B8B3C04A13978DBA0355CD860E
SHA-512:	009B161B906A94F10322BF5A18B9DA33FD3C614DA29F749C8E48DBBB0DC5BF73721BCE621467141E4DD15124EAF650A23350174D47A39E05185F33748407E74D
Malicious:	false
Reputation:	low
Preview:	B.h.t.t.p.s.:././.p.a.g.e...a.d.o.b.e.s.p.a.r.k.-.a.s.s.e.t.s...c.o.m./.r.u.n.t.i.m.e./.1...2.2./.i.m.a.g.e.s./.f.a.v.i.c.o.n...i.c.o........... .... .........(... ...@..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................70..7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...70..............................7`..7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7`......................70..7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...70..................7...7...7...7...7...7.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	3852
Entropy (8bit):	4.632512639848438
Encrypted:	false
SSDEEP:	96:OyIY40FtdRYzYValJ5GHZa6AyAYJjojVjht4S:iwKzYslJF6vAYJQdoS
MD5:	526B16D51BF2FE4666A13EC61ECD9C72
SHA1:	DC53861E92C2891C0138E64DB9F7AA6B3F8D2AA5
SHA-256:	717CDB76535A04A9DEC6F2F6773475BE9574AE304CBA44F7E1A56CB26037D85C
SHA-512:	4FF4D28F5755B27E847A6AC756ED0B958BE75378CCD563FAFD54CD888BFC8D1B4C94C1E2C4C78C1B2EC5FAF46052D02B3003CF446C10D1650715E4119126E6A0
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn.cookielaw.org/consent/7a5eb705-95ed-4cc4-a11d-0cc5760e93db/7a5eb705-95ed-4cc4-a11d-0cc5760e93db.json
Preview:	{"CookieSPAEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"6.9.0","OptanonDataJSON":"7a5eb705-95ed-4cc4-a11d-0cc5760e93db","GeolocationUrl":"https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location","RuleSet":[{"Id":"8fc5213e-cec6-4fca-a134-aec9029b0675","Name":"Adobe_EEU_Canada","Countries":["de","no","fi","be","pt","bg","dk","lt","lu","lv","hr","fr","hu","se","si","mc","sk","mf","sm","yt","gb","ie","ca","gf","ee","mq","mt","gp","is","gr","it","es","at","re","cy","cz","ax","pl","ro","li","nl"],"States":{},"LanguageSwitcherPlaceholder":{"no":"no","de":"de","ru":"ru","fi":"fi","pt":"pt","bg":"bg","lt":"lt","lv":"lv","fr":"fr","hu":"hu","zh-Hans":"zh-Hans","default":"en","zh-Hant":"zh-Hant","uk":"uk","sk":"sk","sl":"sl","sv":"sv","ko":"ko","zh-TW":"zh-TW","zh-HK":"zh-HK","pt-BR":"pt-BR","it":"it","es":"es","zh":"zh","et":"et","cs":"cs","ar":"ar","ja":"ja","pl":"pl","ro":"ro","he":"he","

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\RC036830be72f242959c7b9ca66cef0c85-file.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	323
Entropy (8bit):	5.271975648472751
Encrypted:	false
SSDEEP:	6:jwkMKngJv0KgiSP8AlZbHDXRMvKyupXMYGGX6SHMWkiezW3T5OtunadXZfJ/uEK0:jvgeASPRhny6cYGkcOeqD5OFdXv/ZJ
MD5:	340FEFD497F0474FCEC6293CF534371A
SHA1:	F24D5C99532BBE26E04A68A78F37B04CAB36967A
SHA-256:	43B0676FE4A288ACD66A79FA33D6CBE68E4DB0007ED8A8688D5854B37F300D4B
SHA-512:	C6595AE6A7B8DE3F7260C3F11A9192CB6B0564EF9A5F9362E0F5B25C73414F28EE947C78CF77A20F8D93D91DB571CC39281E06047FD2371CD9186FC090AAF33A
Malicious:	false
Reputation:	low
IE Cache URL:	https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC036830be72f242959c7b9ca66cef0c85-file.min.js
Preview:	// For license information, see `https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC036830be72f242959c7b9ca66cef0c85-file.js`.._satellite._poll(function(){_satellite.track("trackMarketoForm")},[function(){if(document.querySelector(".marketoForm")\|\|window.MktoForms2)return!0}],{timeout:1e5,interval:100});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\RC6f46e43fa6d44dbeb45cc5801ffded0e-file.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	2503
Entropy (8bit):	5.25312952312613
Encrypted:	false
SSDEEP:	48:15bn9KNNFeHD7Bbg8m9wPjwPbeffSQLYno4BXo5iTJWN+BJ6Nu4CuMgG+/T1zcwo:11neNFeHDNbg76s6nSjXSiTJWMBJ6kZ1
MD5:	6FC7E4DDB2A2E481EEDCE01AB8AA7188
SHA1:	A666152CC0DCA4BFA664EFF19431BAAF5350A846
SHA-256:	32FB8910F7F816D0BD6B731CC165333B09B9981DE60761832A1A251B0DB1387F
SHA-512:	AE69F0525F49DC599F57B9D2D65A5B97332ECEDF8CA2C30E89F6F7B2DF11DE1BD6E2162CE58FBE27A8F5798EEBA901B2DF30A30E0857C9C9CBFEEC7C0B921027
Malicious:	false
Reputation:	low
IE Cache URL:	https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC6f46e43fa6d44dbeb45cc5801ffded0e-file.min.js
Preview:	// For license information, see `https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC6f46e43fa6d44dbeb45cc5801ffded0e-file.js`..function searchAsYouType(){function g(e){for(var t=1,a=document.body.previousElementSibling?"previousElementSibling":"previousSibling";e==e[a];)++t;return t}function c(e,t,a){for(var n=a.toLowerCase(),r=0;e&&e.parentNode;){if(e=e.parentNode,r++,"tagName"===t&&e.tagName.toLowerCase()==n)return e;if("id"===t){if(e.id.toLowerCase()==n)return e}else if("className"===t){if(5<=r)return null;if(e.className.toLowerCase()==n)return e}}return null}document.getElementsByClassName("Gnav-menu-content").length&&document.getElementsByClassName("Gnav-menu-content")[0].addEventListener("click",function(e){var t;if(e.target&&("A"==e.target.nodeName\|\|"SPAN"==e.target.nodeName\|\|"IMG"==e.target.nodeName)){var a=e.target.className.split(" ");if(a)for(var n=0;n<a.length;n++){if(-1!==a[n].indexOf("SAYT-")&&-1===a[n].indexOf("SAYT-advancedSearch"))if(c(e.target,"id","

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\arrow-left[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 18 x 25, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	446
Entropy (8bit):	7.08048723282186
Encrypted:	false
SSDEEP:	6:6v/lhPzQynDi3URTCMkLPNsidohbJPxNfh9JL4zCh7BnhxCNjep9sEI0AEGdipxd:6v/7MM9CXNsiqRl5L4IrxeeDsELH7rN
MD5:	59F99801C29B6F884941AB4E86435815
SHA1:	D434AF60CC81A5813EB3084AEF70B0CB97E6ED54
SHA-256:	50E89F67220A83D59B25E9EC977F059AEDE2C1499D401A6331219249F0C54CC3
SHA-512:	70F6CDAA488B259CD53F21C4A2253DF3DCBEBC0071D1687FC1E351B169EC0BF8CDC391FB6230A867C0C0F578D2688A75739E1CD59EBC3843B83480F7D8574004
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/images/arrow-left.png
Preview:	.PNG........IHDR.............<.~.....sBIT....\|.d.....pHYs...........~.....tEXtSoftware.Adobe Fireworks CS6......tEXtCreation Time.9/11/13.9I.....IDAT8...k.@...'$..P....PR...1...._.]Yy.r2r:1.....#0..D...P..h.i.../.........0.\'.!.=........&.y.+.Cc...5.PHDq3$....*..T.g!.E...q..B......i....eY.n.....9/u..........m.. ..:...g..q...n.\...`Q..6M#\|...&}].e...ns..Q....x..]fI.......0...Q.u[..L..7...}...EQ\|..;....%.t.....,..........IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\arrow-right[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 18 x 25, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	442
Entropy (8bit):	7.029622930176089
Encrypted:	false
SSDEEP:	6:6v/lhPzQynDi3URTCMkLPJsbjShtfGQHVxFX0o/A5VFnWMFd4+0hS+qz58OCox5Z:6v/7MM9CXJsbcf1xFXoWkOhSVNB7Z
MD5:	28A18EE67AF8D721211ED08164E72CB9
SHA1:	C643A55A18EF870B88FA1CAFED098A12F001384F
SHA-256:	78260D8829368E46D58D02B613EC0C0E19AEE5C159AA4BA255D032D283C30187
SHA-512:	FF21CE7DEE9E5B298BEFD0B67869A4E582097712B0A8D23E10050DFC60BD4B7BD26B0EA077865AA0D6FF57E204A74187874572B243584220C7B23FB0CC127F52
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/images/arrow-right.png
Preview:	.PNG........IHDR.............<.~.....sBIT....\|.d.....pHYs...........~.....tEXtSoftware.Adobe Fireworks CS6......tEXtCreation Time.9/11/13.9I.....IDAT8...!o.@.....d?.....#L...BW..\..\.YP....@T.\..>..{;...e.....I....q.dDrGr..#....w".].2k\|.. ..)......F..@.us!.=..........H..L.s).7..".]...Ug.u.W..;..,HD.EQ..2....!..1....<.X....9M.w.".</d..x.pk.......$.Uqw..&....VEdW8A..[...{4.UU.h ..._. ...^)u....b.Z....8..W..."..).&\....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\browser-icon-chrome[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	13144
Entropy (8bit):	7.963791073584651
Encrypted:	false
SSDEEP:	384:4ivh6I4qElF6xzdN0SGd6GsRZj1Xcul1/tOP:XvhNfDxzdN4aRrc0lEP
MD5:	5CE8BC0C54510B727656B9750F4F4B37
SHA1:	CFB13C4F64CE267C2A2A67B6EA3076A86308665E
SHA-256:	71D9139914C20E72E574633CCD31802FEA9130050AF514736E2B6127061A46D0
SHA-512:	9F442960D180D6C11F2341C2D483D19D977F41D36B6CC6D370F9B7C6F472EE216452B96D6F36D4A6621AF6BC53A6291596942A3C11F62A86EB9676E338F6A038
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/images/landing/browser-icon-chrome.png
Preview:	.PNG........IHDR...\|...\|............tEXtSoftware.Adobe ImageReadyq.e<...(iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c111 79.158325, 2015/09/10-01:10:20 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2015 (Macintosh)" xmpMM:InstanceID="xmp.iid:87E117A00FF011E69AFE8E50F5F6CE89" xmpMM:DocumentID="xmp.did:87E117A10FF011E69AFE8E50F5F6CE89"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:87E1179E0FF011E69AFE8E50F5F6CE89" stRef:documentID="xmp.did:87E1179F0FF011E69AFE8E50F5F6CE89"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.9..../.IDATx..}..\U....{.o.nv...J...E).."<..Q?..Q...RT......[D.U........P..{.n.u......2wfgvggfw..L>...s..{

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\browser-icon-safari[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	25115
Entropy (8bit):	7.984846894248758
Encrypted:	false
SSDEEP:	384:7jYMKpmdNqN0obP7YnB6pZj1MyPpC9/Hhw691Q/+3ryGjtx54ZNNlRiwnY1X:7MxqPoIMMyRcBw692jGjtKnlMwUX
MD5:	23B02AAF3435635E1E6C324D759B56CA
SHA1:	7DA557E711F8ADD60FE6493789ADCB97B6922A2B
SHA-256:	22B7C23F2DED34B2B0AF1B6D908A533130ABAB7EB32711052D0CAAB35D50BEBB
SHA-512:	7FF438AEEBB35FCC2F62C68E3EDD6C9914BF608BDDFC62B4AD20E91AF937A2395F882BF0CF85CFF2730B6BF4B145110E60FFF7F1F7AFE6FCDBE4A0C8885AC80F
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/images/landing/browser-icon-safari.png
Preview:	.PNG........IHDR...\|...\|............tEXtSoftware.Adobe ImageReadyq.e<...(iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c111 79.158325, 2015/09/10-01:10:20 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2015 (Macintosh)" xmpMM:InstanceID="xmp.iid:87E1179C0FF011E69AFE8E50F5F6CE89" xmpMM:DocumentID="xmp.did:87E1179D0FF011E69AFE8E50F5F6CE89"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:5F7D657F0FF011E69AFE8E50F5F6CE89" stRef:documentID="xmp.did:5F7D65800FF011E69AFE8E50F5F6CE89"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.q+...^.IDATx..}...U...g...onz.i........*.......bC,X...../J.Ai..H.B.!..z{9........3..s.O.....)w.93..k.o...p].

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\css[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	223
Entropy (8bit):	5.142612311542767
Encrypted:	false
SSDEEP:	6:0IFFDK+Q+56ZRWHMqh7izlpdRSRk68k3tg9EFNin:jFI+QO6ZRoMqt6p3Tk9g9CY
MD5:	72C5D331F2135E52DA2A95F7854049A3
SHA1:	572F349BB65758D377CCBAE434350507341ACD7B
SHA-256:	C3A12D7E8F6B2B1F5E4CD0C9938DFC79532AEF90802B424EE910093F156586DA
SHA-512:	9EA12CC277C9858524083FEBBE1A3E61FDECE5268F63B14C9FFAFE29396C7CCDB3B07BE10E829936BCCD8F3B9E39DCFA6BC4316F189E4CEA914F1D06916DB66B
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.googleapis.com/css?family=Archivo+Narrow&display=swap
Preview:	@font-face {. font-family: 'Archivo Narrow';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/archivonarrow/v12/tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXo.woff) format('woff');.}.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\d07457NU5 Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 46088, version 0.0
Category:	downloaded
Size (bytes):	46088
Entropy (8bit):	7.991344892853239
Encrypted:	true
SSDEEP:	768:cbb1bWj8ZMc7qG0jmQcHDJINQubS5HF9GctB7jiDbtUPL6n9MRXVFtf8u:qb108ngj4tImubIpHWHyWn9MZVfL
MD5:	F6772D5F038A33A09B062FA7D7FD1E73
SHA1:	19295E0771CD244E3C71F7D2D209B9A7309A8DE0
SHA-256:	AF6B2610431D075E5266E7D97EF7B53314F04EC64A56CD8872AD5FFB85DBA88D
SHA-512:	64179523C0D4EFAA89AA10670CB89D91D7B97C9685E5919E7E1D014602634AD98FCA376A8433A9C31B13F0E3AF944EC330A858486F58DA726EA953117FA3575C
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/a0c22f/00000000000000003b9b3f84/27/d?primer=388f68b35a7cbf1ee3543172445c23e26935269fadd3b392a13ac7b2903677eb&fvd=i3&v=3
Preview:	wOFFOTTO....................................BASE...D...F...Fe(].CFF ...@.......{].R.DYNA...H.......\|.6IlGDYN............v.A.GPOS..........0P.3.(GSUB..............t.OS/2.......[...`[.twcmap...(.......(..TIhead.......4...6..%<hhea.......$...$...^hmtx............:.".maxp...8.........kP.name................post........... ...2..............ideoromn..DFLT..cyrl..grek..latn...................`......x.c`d```5.J.S,........(.p>9..F.......\|.........2...x.R.n.@...i%$T.O...];v.&.)i..T..z..Mc.?..F....x.>.wn..O.....Z!.j...73..g.x..p.>'.-v...8.[.....,....}............7..........K'...S..{x.\|..C.w..Q....x.j......D..=1\....].U^.I1/.MY.Z-..f...7+]...U.e..e..E...8K....`x>......,.......ZUuZ...^.D }...J=/...J_...<^.R/e.&..d.....VZoN=O.6j.j9/sO.fq....0.'.w.;...9zDC,P".".a...8.0...3[ac..- ....."..V..f..r..y....E....n..3..VDE.. ..s.06.......-..(.]....4..u...C...gdE.6.(x/A^....Cfs....p..67I.>2.o\......Sx.._cC..M..~..-.b..'...Y....d=....[..x.c`f..............7.f.b.c0b...r333..p2.(00.300

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\d[10] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 58352, version 0.0
Category:	downloaded
Size (bytes):	58352
Entropy (8bit):	7.992884507564213
Encrypted:	true
SSDEEP:	1536:U2Ph1fS3ZeHACznHaKNlKjE39zfZB4kKAkr:Hvf2OzH/NjlSAs
MD5:	3C48D869909CC053C2EFA6800B492ADD
SHA1:	882C7495CC54A32EF795B89E9E84D1B69C3F87C5
SHA-256:	CFD20EA88B7F7A1B3E18890AAFF228FD6F134095AF8F6DB1F66E4DD551B59306
SHA-512:	0E2ABD3D074418386C6290B0AA5EA09BB8BDC486C715EC426CE1F0D6B48C3EC2EC85EDA7BAAF31375B3481FDCE1DE7886AC0325AA7877F48516D0877F7C061A1
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/d?primer=388f68b35a7cbf1ee3543172445c23e26935269fadd3b392a13ac7b2903677eb&fvd=n9&v=3
Preview:	wOFFOTTO..........T.........................BASE...D...F...Fe.].CFF ...8..........DYNA.............N..GDYN....... ...Q<@..GPOS......!+..N`b)ihGSUB...$.......N`^.iOS/2.......W...`^B{.cmap...........(..U.head.......4...6..%phhea.......!...$...Uhmtx.......'...Dv;8.maxp...0..........P.name............a..npost........... ...2..............ideoromn..DFLT..cyrl..grek..latn...................U......x.c`d```5.....+...+.3.......P..._.?7.#..@.3..H..cy..x..1n.0...9N..F{..{hZ..;...@39...L.d....;w..#..=@.^.G)....F:X......'.$.......e..j..7.....0w.f...#\|v\|A.o.{......[...r..:..}q\|....q.....Qy.._@tJ.=....+5..U.k.\|.....H.j_V..+)&y...fkj........\G...Q.-..1..P..p<....Vb..V..\|:...AWuZ...._._*....$eq....U0.E...Z.i..P.#.^.o.._...i......5.T..+.Gq..&x....1$M.B......j..O.;.?a..Gk.. m].!.@.....v..............yJ......B....@.1ko..Y..............5O^.....B..i;...Rel.......I....;zf.k4kFs..>.sd]N...a....0..{.2z..4{...K5Y...w.q.<.......tx.c`f.`na`e``.b.```...q.F..@Qn.f&..&&....v.<#..8.8.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\d[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 22376, version 0.0
Category:	downloaded
Size (bytes):	22376
Entropy (8bit):	7.9745730846169725
Encrypted:	false
SSDEEP:	384:nAizO59XJQcmATaTY6S0r89SmOrPuaDuXo0J22vNYckNcL5VjWV3ncNHFb:1AQcmATaTYn0g9Wiaso0wqKNM5pmcfb
MD5:	74B4BA34F532FC0C6C7C557A65B733B6
SHA1:	CA3CF7110DF3502935D79F055BFFE00A55087C3A
SHA-256:	58C894C70D7848BD09B94AF1754E5532DCAC4189ED48F9AA3AB5E1ACEF4376C1
SHA-512:	29A5BA44B73F6AD9F3AFA09ACA3326E1BD8FD0C79C681D91A03E12B46D09A198E2CD5A1B6AFAE7F59F2E4DFC4AC64480F0F96E22FE8879C22C3A8F52A2B98B5B
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/6c57c4/0000000000000000000158d6/26/d?subset_id=2&fvd=i6&v=3
Preview:	wOFF......Wh.......\|........................DYNA..............t.FFTM............]...GDEF.......8...B...<GDYN.............j..GPOS...........J.w..OS/2...T...Y...`..zvcmap..V.........+..wcvt .......^...^.C..fpgm...$.......e#./.gasp................glyf......E...s..r.Ahead.......5...6.V;.hhea....... ...$.W.phmtx..R....N...l{k,Lloca..U.............maxp....... ... ....name............#.g?post..V........ ...(prep.......t....i.D..........o1.......=......x........6...\|.........................................@.k...........u.e.....R.7.9.;.F............x.]Q.N[A.......c..hS.fB...$.W...vc9B.\.b\..P Q..k.h().A..R>.O@bfM.(....s..r..]Z.y..R......v...t}...v.@..^.n...`3.rG....-.!.i'P....6...>.d..AK3MO....B`...0....../X....C.i..s..Ks....k..vp&"?..hj..@._:.z>.b.r.0...S.d".f2].T-3.up...;X.Js....U.......-.2KC...1B.$.BN9w.?)P>..1....a..q.50.....fS.{.0~.G..o..>..6F..X.`...QU...s/.....3.%`y.._'..;6..em.C.....2....U.......tJ......p.X...R.v....`H.F..h-;....d/.*..........x.c`d```

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\d[2] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 20720, version 0.0
Category:	downloaded
Size (bytes):	20720
Entropy (8bit):	7.971274872077512
Encrypted:	false
SSDEEP:	384:ep0ld6FR9PFBI+qyX9W69gNqcJddRjJpyZc+2HC9j2SDGDYfLrDYSzJgIY:K0ld6VtBI+qy069gAa1Jx+G6zDGDYfH0
MD5:	185A2AFC0935C94FBB5683112A905CE2
SHA1:	4EB450182B9C658C6916CDDED80D3922E90DDCD8
SHA-256:	F81CA8209A0526BEF58A70CF4288A1B1F8A02D8B1F7F8E3BC4B8A179323A1DFD
SHA-512:	A8C1BCA226F757C2BC8A096E31D2E05B2F8C184A531D93CDE6A26974A10B96005F4F341D52A80404919CE050BE8F89EE91EFC7D996936B37879DFD85CAA36E9A
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/9951d2/0000000000000000000158d7/26/d?subset_id=2&fvd=n4&v=3
Preview:	wOFF......P........`........................DYNA............4.(.FFTM............]...GDEF...p...8...B...<GDYN................GPOS...........@.J.OS/2.......Y...`~.z~cmap..PX........+..wcvt .......2...2.A.0fpgm...........e#./.gasp................glyf...L..?...bT.@..head.......4...6.E;.hhea...x... ...$.I..hmtx..L`...,...le.BVloca..N.............maxp....... ... ....name...........iZ.[.post..PD....... ...(prep...............>.........o1..............x........6...`.n.\|.....Z.................O...t.c......x.]Q.N[A.......c..hS.fB...$.W...vc9B.\.b\..P Q..k.h().A..R>.O@bfM.(....s..r..]Z.y..R......v...t}...v.@..^.n...`3.rG....-.!.i'P....6...>.d..AK3MO....B`...0....../X....C.i..s..Ks....k..vp&"?..hj..@._:.z>.b.r.0...S.d".f2].T-3.up...;X.Js....U.......-.2KC...1B.$.BN9w.?)P>..1....a..q.50.....fS.{.0~.G..o..>..6F..X.`...QU...s/.....3.%`y.._'..;6..em.C.....2....U.......tJ......p.X...R.v....`H.F..h-;....d/.*..........x.c`d```b8Z.9.?...+.<....._.K`.....p......@.@......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\d[3] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 22492, version 0.0
Category:	downloaded
Size (bytes):	22492
Entropy (8bit):	7.974382432382698
Encrypted:	false
SSDEEP:	384:yDLC8fp6SXkpD0a74PboHnd4VZK1Jnn3J0YjWkPpSjYmRja+eUZ5EJSyT7MYLQ:iW8h6rD0ak8nyZ2ysrpeYmRcdfE
MD5:	A2CAF0BD8F7084A90E2053AD61157C78
SHA1:	9E35E2810DCCB3C791CEB2818B16EFA9328C307E
SHA-256:	6537EEA8561F3D0903E4CAABB123C0AF961A09218290C678285B7C27ED335E54
SHA-512:	1FAE0E3EC674A092FAD4813182C77144F698AEA5715BD94540CF4AB8CF865165CD1BC57A56E56254B3F8C0E9F10227FCFCE33FA2020D616CB0D7ADA1CBBB89DC
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/fe9c8e/0000000000000000000158d8/26/d?subset_id=2&fvd=i4&v=3
Preview:	wOFF......W........P........................DYNA..............t.FFTM............]...GDEF.......8...B...<GDYN.............j..GPOS.......-...J.E..OS/2...X...Y...`~.zEcmap..WD........+..wcvt .......\...\...Xfpgm... .......e#./.gasp................glyf......E1..s.C..head.......4...6.W;.hhea....... ...$.Y.4hmtx..S0...E...lg.5.loca..Ux...........maxp....... ... ....name................post..W0....... ...(prep...............:.........o1.......'......x........6...`.n.\|.....x.....u.............q.......k.>.W.......~.^.N.s...H.7.9.;.c.J.L.F...P..x.]Q.N[A.......c..hS.fB...$.W...vc9B.\.b\..P Q..k.h().A..R>.O@bfM.(....s..r..]Z.y..R......v...t}...v.@..^.n...`3.rG....-.!.i'P....6...>.d..AK3MO....B`...0....../X....C.i..s..Ks....k..vp&"?..hj..@._:.z>.b.r.0...S.d".f2].T-3.up...;X.Js....U.......-.2KC...1B.$.BN9w.?)P>..1....a..q.50.....fS.{.0~.G..o..>..6F..X.`...QU...s/.....3.%`y.._'..;6..em.C.....2....U.......tJ......p.X...R.v....`H.F..h-;....d/.*..........x.c`d```b8./

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\d[4] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 20932, version 0.0
Category:	downloaded
Size (bytes):	20932
Entropy (8bit):	7.97207524312144
Encrypted:	false
SSDEEP:	384:3wgN6IL9Cl+QE5TQoI23a0zC9/IY1eizt+wcCMPyv2GTPNo/B1:AgN62MlkrI23a0G+keiBL4jKoZ1
MD5:	E0F2BB6FEFF9005FADFAA0DEAC9F17D3
SHA1:	5BCF4E553881D43087F31A8B47172F1F695E461B
SHA-256:	809F249AF3A361113340A14136F8464AB4A1A23E47B05F71375115E6C23FFC92
SHA-512:	8426F3F16F8B9FABC3F47DD3984156C723387E0F1FC804B25FE427B9B120E78CB376185BE701555ACBC9E26D2A8611F598C9DCB393B0950369A653632901F9C4
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/edcf1e/0000000000000000000158d9/26/d?subset_id=2&fvd=n3&v=3
Preview:	wOFF......Q.................................DYNA............4.(.FFTM............]...GDEF...H...8...B...<GDYN................GPOS...`.......@...YOS/2.......W...`~wz1cmap..Q,........+..wcvt .............6fpgm...........e#./.gasp................glyf...(..@...e.....head.......4...6..;.hhea...P... ...$....hmtx..M@.......lVRI.loca..O`...........maxp...p... ... ....name...........Q%.{.post..Q........ ...(prep.......i...v..ym.........o1..............x........6.h.R.\.^.h.r.Y.z.`.d.m.j.t.L.F.J.f..x.]Q.N[A.......c..hS.fB...$.W...vc9B.\.b\..P Q..k.h().A..R>.O@bfM.(....s..r..]Z.y..R......v...t}...v.@..^.n...`3.rG....-.!.i'P....6...>.d..AK3MO....B`...0....../X....C.i..s..Ks....k..vp&"?..hj..@._:.z>.b.r.0...S.d".f2].T-3.up...;X.Js....U.......-.2KC...1B.$.BN9w.?)P>..1....a..q.50.....fS.{.0~.G..o..>..6F..X.`...QU...s/.....3.%`y.._'..;6..em.C.....2....U.......tJ......p.X...R.v....`H.F..h-;....d/...........x.c`d```b8Z...h<..W.y..@..S..........`..r9.j....l..x...J.@

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\d[5] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 24436, version 0.0
Category:	downloaded
Size (bytes):	24436
Entropy (8bit):	7.978037120154255
Encrypted:	false
SSDEEP:	384:b2q7Hwg9s0WrCWQYOL4VhwnhHa63bzKnWhF52DHilk+9y5yS6P8N:KqrsYL4vwh663fKW/50iZ9IyZPs
MD5:	6D26AE32705F04BD2CCC4DC335F15809
SHA1:	6F67C23951FB9426FA426436CCC1CE1E6FDDF220
SHA-256:	6E52D4DF448460F8B6C6C8DC776745BE4C85A9D18981772A89C9876B4E19FB37
SHA-512:	687973BC1D027B36AC99E2B7AA9928B35148E7AA742B13FCF2A20B0947B7ED27EA470E770856711C584221E88F3FBEA5AA3A93A58DC59DB7794320E9B11F019A
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/9d1933/00000000000000000001705b/26/d?subset_id=2&fvd=i3&v=3
Preview:	wOFF......_t................................BASE.......F...Fe!].DYNA...............bGDYN.......#...Q.4.xGPOS...........dG...OS/2...X...\...`.}..cmap..]........8..}.cvt .......R....6...fpgm...0.......p...Ygasp................glyf......BX..w....Mhead.......6...6....hhea......."...$....hmtx..WX...+...z....loca..Y...._.....4..maxp....... ... .B..name............yJ..post..[........Q..$uprep............R.>...............ideoromn..DFLT..cyrl..grek..latn...................Y......x.c` .X..>.>.l.......=.g...............0.FU.........I...,o......4.=H..1...BX8a..x.Viw.F..yI..,%.-ja..i.F&l...A.c ]......;...._.d.s.7~Z../$...p...w.....e.Z...../...&..<..M.Q\|(;{!e....Q......DD"P...D...Y.d\|.QF..WM.-=..[.A.U.~.:.;..f3th=.%U.U.H.=R.e..+I+....W.P.N"i....H..g..h5..(.l..(R$..A.y....................V.K..../y.w9?)..[.-9...#;8;]....V.7.d;.U.....[6;.......L/4#X*_!..O(..HV..S....l.D.z....O..8bJ\3F.twtB.u....=.....w.......Q.'.DJ..M.6..XI.Jj.+&Ny..._.v..3.8....C.VNTr<..i&S.vR.hJ.(%......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\d[6] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 58640, version 0.0
Category:	downloaded
Size (bytes):	58640
Entropy (8bit):	7.993859236860105
Encrypted:	true
SSDEEP:	768:G23+QzXz1F2u0rMcQSwJzZaudOh9lL9cvXjy+KNKzRM+17SabAK9zauA+uhRnmTM:GOzD2/rM7mWO3GjhKNKK+E6auAtMgJp
MD5:	AB2058631920729DAEA04A14330239E6
SHA1:	75A3B6A23B5827E1846CBE040E40EBD6BA494272
SHA-256:	2E5A6085B998F5B4EA3EE7B2FF61C59F7A7D66F22166F49029EB42A45793A220
SHA-512:	880389F4AF9597A1B761529A5DFFC4C613F2FDAB143E7DA00BB36C0377AFD2FFF74917DDB6CD52CDED2980A19B11EDD732EC7BF381F36CB30975EFE1D2AF9C43
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/d?primer=388f68b35a7cbf1ee3543172445c23e26935269fadd3b392a13ac7b2903677eb&fvd=n4&v=3
Preview:	wOFFOTTO..........S.........................BASE...D...F...Fe$].CFF ...4...N.......DYNA................GDYN...\|... ...QJ0..GPOS......!...On.W;.GSUB...4.......N`^.iOS/2.......Y...`\Wv.cmap...,.......(..U.head.......4...6..%uhhea.......!...$...Ghmtx.......6...D.gD.maxp...,..........P.name...............post........... ...2..............ideoromn..DFLT..cyrl..grek..latn...................\......x.c`d```5.:8Gem<..W.f..@.....0....^....@.3..H..d..kx.RKn.0..9N...Qt.5.v... .Wv..Y%...%....cH......g...g..:.X4M.."(.{ofH>..k\|.....l..W.Z...L.>.;.8.%'w..C..>..\|r..>>S.u_2..a.o....z....\|.>:.%....o...}g.p.Ig.(...b...-....7..U....b..b..S..nt.c.._.:.gz...u$.~4._O.#[..sWd.v2}"..u.U.hUws.H..(..w./...GE..Y.<K...h...1.K.7...dF.....7.z...0.W......8.Dc,Q!.&......W.J,X.......V.s..a....F._M..1.._Q..RZ....cr#..^w.....e...T..?S..[...J.v7.wY1...u...{!m7.3)Y.....y.....Z.qC.#g.lN...#;.....}.aW/.s..}...~.N.....7...#.C.;. .......x.c`f\|.8.......).....B3.1.1*.E.Y..XX..X......P............

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\d[7] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 46708, version 0.0
Category:	downloaded
Size (bytes):	46708
Entropy (8bit):	7.9926123068799795
Encrypted:	true
SSDEEP:	768:Ljq+IGHkF+BPu/95GrYWlwFegdvV4HKLXGcbdLapCdmt5FXbJ40/VnLpvLw4T2Fe:PQse4Ps95oYWluvnXFbdLaBFXrtvLw4Z
MD5:	56C4BECEB8718DBA19272C320458617D
SHA1:	5251C59F6956B0EA50D9B4A21992B869772A0AE2
SHA-256:	E89CE18105C28942D113F667B17D952129C0B66D3101DF0D38C18A42DDED47A5
SHA-512:	B3FCA99F08D59640AD8769D7E84DA332B9A5513CFD6685B2D8E8EF0677975D74B5B84DE87D0A35DECE9F6C7D49BE295A0734B83896FADA2A5160E28131895863
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/aa41d0/00000000000000003b9b3f86/27/d?primer=388f68b35a7cbf1ee3543172445c23e26935269fadd3b392a13ac7b2903677eb&fvd=i4&v=3
Preview:	wOFFOTTO...t.......T........................BASE...D...F...Fe$].CFF ...4...u.....&..DYNA...........\|..IlGDYN...\|.........e..GPOS...p... ..0.....GSUB..............t.OS/2.......[...`\Xv.cmap...........(..TIhead.......4...6.:%Fhhea.......$...$.$.ihmtx...x........VH @maxp...,.........kP.name...........~.'..post...\|....... ...2..............ideoromn..DFLT..cyrl..grek..latn...................\......x.c`d```5.:>K.z<..W.f..@.....0....n.C..L..@..._4..x.uRKn.0..9...m.U.]..@(Y..;..N...6.$.`}\.1.#....A.=I....I..8\|of..$..........p...z.X\|.O.lq........=..7.O...UN.....,v..YZ..['...W.W...\|........>v.,>E.Y>....b.c%..Z....").]YEZ...g.....]...U.g.._g*f:..$.~?..o&....L3t;.>./UU.e!Z..B.....IY.E_z."...V.z-.4.e(...h..t]}.m.eR.z....y.x....9.!.......B...x..jh....N...3...V.F.q.....fj.S\..{.\|..M..KAg.5.6AH../.bD.....A.t.UgF.n....KSAM..;..;...4......=.V-.kr..n.lN.-.......C3....j..h.....f.w.o.oN..Wx..b......!g.z.8........x.c`f..8.......)....o......`....fefba.dbQ``jg```d..G.'W O..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\d[8] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 58140, version 0.0
Category:	downloaded
Size (bytes):	58140
Entropy (8bit):	7.993838405349219
Encrypted:	true
SSDEEP:	1536:+dG3UnOA8RFJKrWMC4ArrtNJQCjfKxLojn:+dGk2NKrWMC42psCjSpo
MD5:	5BDBAC45C303FAE0D497E3EA06A27A7F
SHA1:	1816C0EF35D230FA3A177E9F719BA03DEEA73B25
SHA-256:	32CC0B7A4C262A62A171D801F5B0EB36E8FD320B0D10D81189F6FB4F43894621
SHA-512:	0BF6B8340105B326B32F491CF784CA487DC28DB0D8B7430CC5CA00CE89F4EB752BB078606ACF104F1F93866CC1C84E94F5A2704D604E59452BE724D21E788CDD
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/d?primer=388f68b35a7cbf1ee3543172445c23e26935269fadd3b392a13ac7b2903677eb&fvd=n7&v=3
Preview:	wOFFOTTO..........Q.........................BASE...D...F...Fe!].CFF ...8.......\|Cz.vDYNA.............T..GDYN....... ...Q?cE.GPOS......!a..Oz.].`GSUB...d.......N`^.iOS/2.......Y...`].y.cmap...8.......(..U.head.......5...6..%ghhea.......!...$...Bhmtx...........DD.@Cmaxp...0..........P.name............E@..post...$....... ...2..............ideoromn..DFLT..cyrl..grek..latn...................Y......x.c`d```5....fF<..W.f..@....^0....~.).......@..y......x.}..n.0...t..B.\q...s.D..UB.[.v...&..I.w...%.*....@....Ix..8....r.........+\|...9......:......w.f...C\|r\|..xp\|...0..?..w..^{..........s...C..7.Gx.{...Y.... ..\gJ...Qe#......N.......oW..3.zGc.?/TZMt..2....d:...8i=4^M...7.n..]..\.2...J...vb .y...t..Y.b..2..0..$^..=.}......}uW...<y.l.E.$.=..".HHc....s....K~......5...Z_.i.............S>.....,..&....c....}j.g.._1...j....V.2..c.k..=....hYQe.9+V-.k}.w7..d...%...f6>.sh....;.=<..a..-5.f2...\.pGu.}W.G....kJ.........x.c`f.........).....B3.1.1..E.9..XX..X......P.......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\d[9] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 58264, version 0.0
Category:	downloaded
Size (bytes):	58264
Entropy (8bit):	7.992987316761491
Encrypted:	true
SSDEEP:	1536:ysFA+QggYXkhr/65gGFsrge1aT8IHKksD1cUiS9XjIY:L6L1YXkJ/6KW6gQaT8IHK3fioUY
MD5:	E81C892E355CD99A8D3119D358ADA72E
SHA1:	F1267F500B7DDF4924CF599E8B53F4B389BBA362
SHA-256:	714DEFCA2714E79B9293FCC2468945C0AAFDB11D2718BC623A5C974B2A56A5B6
SHA-512:	DB31A35952B0BCF7A7668C66A68223D0E80FB73012F1CBE7D293A9AB03F8FE8F03C80827DAAB3509A0A856DF3CEA3F1990CD6621600501EA2778675AC2E757C0
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/d?primer=388f68b35a7cbf1ee3543172445c23e26935269fadd3b392a13ac7b2903677eb&fvd=n3&v=3
Preview:	wOFFOTTO.........T\........................BASE...D...F...Fe(].CFF ...4...2...B.<?.DYNA...h............GDYN...`.......Q.t..GPOS......!K..OL....GSUB...........N`^.iOS/2.......W...`[.tJcmap..........(..U.head.......4...6..%`hhea.......!...$...Khmtx...x...%...D..H.maxp...,..........P.name.............8..post.......... ...2..............ideoromn..DFLT..cyrl..grek..latn...................`......x.c`d```5.Z...8...+.3........P..?.?....1 ....$..N...x.RMn.@.}&$U7.......-+.V. 5R$"...a... {.......r....^.G..y<mQ.....\|.g......Cs]q6..[....+\|p...0u.M...s.....f~u......_s.....{..-t.O..a.}q.M....Qz....h..w..>?._...-.X...2:..].(.]QFF/.....%..LW....oR....fz..Fe(.^8..'C+..K.`u:..g\|.e...h..s.K..pS.E..EOy...h....i..2..@....cv..9..61rQd].#U]....A.....!.Cq.FX.@.M<....q.... [....rKH.K9.fH..LeW.OM..)..o..L....j..O.".Bz\|..!...b..E.R.e\.e4.U..........B..i;.X.Pel.r.....$...l..-.j......v.l.......r.~..U[.).....u."V'F.....O.G......x.c`f.........................L,,LL,..L.@yF.(ptqr.R..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\efFSywC[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	178
Entropy (8bit):	4.560890767001816
Encrypted:	false
SSDEEP:	3:qVoB3tUROGclXqyvXboAc9FKEIHiHby4AqWSZUXqXlIVLLP61IwcWWGu:q43tISl6kXiWHiHuwWSU6XlI5LP8IpfB
MD5:	CD2E0E43980A00FB6A2742D3AFD803B8
SHA1:	81FFBD1712AFE8CDF138B570C0FC9934742C33C1
SHA-256:	BD9DF047D51943ACC4BC6CF55D88EDB5B6785A53337EE2A0F74DD521AEDDE87D
SHA-512:	0344C6B2757D4D787ED4A31EC7043C9DC9BF57017E451F60CECB9AD8F5FEBF64ACF2A6C996346AE4B23297623EBF747954410AEE27EE3C2F3C6CCD15A15D0F2D
Malicious:	false
Reputation:	low
Preview:	<html>..<head><title>301 Moved Permanently</title></head>..<body bgcolor="white">..<center><h1>301 Moved Permanently</h1></center>..<hr><center>nginx</center>..</body>..</html>..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\free-fa-solid-900[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), Font Awesome 5 Free Solid family
Category:	downloaded
Size (bytes):	203030
Entropy (8bit):	6.347367233249361
Encrypted:	false
SSDEEP:	6144:ZtrDdIZG2nqJElpL3im9+3Kz9BngKbtPLLd5Mn:36TnSEl1yt6zzng0Lu
MD5:	D5DE805D9CC4E0665FB04CA2D2336EE8
SHA1:	89D5DBEBA993F33C0B5BE98C0DF0D87B03AD1B37
SHA-256:	BC0CCA590079A0D7921FF7445BB4EBD55928D00ADA1C9E6F41E16918AAFC8171
SHA-512:	576721318162E4E82F50D624EA37382CB52137332FBA5B4A868EB4D67F591CFB5F3E3A35D658EBE0A791625006294CA09C50B61D0A83E96A3E9837E20A233D08
Malicious:	false
Reputation:	low
IE Cache URL:	https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-solid-900.eot?
Preview:	..................................LP........................W.ve..................2.F.o.n.t. .A.w.e.s.o.m.e. .5. .F.r.e.e. .S.o.l.i.d.....S.o.l.i.d...L.3.3.1...5.2.3. .(.F.o.n.t. .A.w.e.s.o.m.e. .v.e.r.s.i.o.n.:. .5...1.5...3.)...2.F.o.n.t. .A.w.e.s.o.m.e. .5. .F.r.e.e. .S.o.l.i.d................PFFTM.._6........GDEF.*..........OS/23.V`...X...`cmap.j.4...h....gasp............glyfT....-....lhead..........6hhea.C.-.......$hmtx............loca..jD...8....maxp.N.]...8... name%.1....X...+post..Fa.....1......K..ev.W_.<..........v\|......v\|3...............................................................Z. ...............@.................L.f...G.L.f....................................PfEd...............T.........:..... ...................................@.......@. .........................@...........@...................................................................................@...........................`.......................@.......@.......@...................................@....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\head.fp-1c6b8ee3dfac8039d9ead67e8b6d6138[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
Category:	downloaded
Size (bytes):	141172
Entropy (8bit):	5.300546286142443
Encrypted:	false
SSDEEP:	1536:0h2bbYH+Vuod92HpBMQqgQzDLTS9jzssKtq2GXevs9UwheVKEOJOJfwPf:gH+qP0zYruvs94ds
MD5:	1C6B8EE3DFAC8039D9EAD67E8B6D6138
SHA1:	BFA6F24D8F2C3220056365C624D2893AFD67B1D6
SHA-256:	6E944C80BB90D7DF4F269852DA9A031901B579DA549E1A1BBDE17046678CB34E
SHA-512:	330FB17F68ED6F6FDAFA96E1B9907AB373ECF273269AFD8FDEDFBB3A10990CB2E4A7A0E1EC0B54A4F58C02F76C620D8AF0998F3FEBC517EA06AA82953A37E5BA
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/etc.hawks.dexterlibs/dexter/clientlibs/base/head.fp-1c6b8ee3dfac8039d9ead67e8b6d6138.js
Preview:	!function(e){var t=window.webpackJsonp;window.webpackJsonp=function(n,o,a){for(var s,u,c,l=0,d=[];l<n.length;l++)u=n[l],r[u]&&d.push(r[u][0]),r[u]=0;for(s in o)Object.prototype.hasOwnProperty.call(o,s)&&(e[s]=o[s]);for(t&&t(n,o,a);d.length;)d.shift()();if(a)for(l=0;l<a.length;l++)c=i(i.s=a[l]);return c};var n={},r={6:0};function i(t){if(n[t])return n[t].exports;var r=n[t]={i:t,l:!1,exports:{}};return e[t].call(r.exports,r,r.exports,i),r.l=!0,r.exports}i.m=e,i.c=n,i.d=function(e,t,n){i.o(e,t)\|\|Object.defineProperty(e,t,{configurable:!1,enumerable:!0,get:n})},i.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return i.d(t,"a",t),t},i.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},i.p="",i.oe=function(e){throw console.error(e),e},i(i.s=580)}([,,function(e,t,n){var r=n(13),i=n(9),o=n(38),a=n(36),s=n(58),u=function(e,t,n){var c,l,d,f,h=e&u.F,p=e&u.G,v=e&u.S,g=e&u.P,m=e&u.B,b=p?r:v?r[t]\|\|(r[t]={}):(r[t]\|\|{}).prototype,y=p?i:i[t]\|\|(i[t]=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\hover[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	114697
Entropy (8bit):	4.9296726009523
Encrypted:	false
SSDEEP:	1536:67O7EesvXIPRX4PT8aZv8qoXIoqbTFaFeTxvyAZ+D7M71D:qXIPRX4PT3
MD5:	FAC4178C15E5A86139C662DAFC809501
SHA1:	EF1481841399156A880EC31B07DDA9CFAA1ACE39
SHA-256:	BB88454962767EB6F2DDB1AABAAF844D8A57DE7E8F848D7F6928F81B54998452
SHA-512:	0902219B6E236FBF9D8173D1D452C8733C1BF67B0EB906CC9866EA0C27C2D08F6DA556D01475E9B54E2C6CE797B230BFBD5F39055CE0C71EA4D3E36872C378D9
Malicious:	false
Reputation:	low
IE Cache URL:	https://honeywell-products.com/John/McGarvey/css/hover.css
Preview:	/!. Hover.css (http://ianlunn.github.io/Hover/). * Version: 2.3.2. * Author: Ian Lunn @IanLunn. * Author URL: http://ianlunn.co.uk/. * Github: https://github.com/IanLunn/Hover.. * Hover.css Copyright Ian Lunn 2017. Generated with Sass.. /./ 2D TRANSITIONS /./ Grow /..hvr-grow {. display: inline-block;. vertical-align: middle;. -webkit-transform: perspective(1px) translateZ(0);. transform: perspective(1px) translateZ(0);. box-shadow: 0 0 1px rgba(0, 0, 0, 0);. -webkit-transition-duration: 0.3s;. transition-duration: 0.3s;. -webkit-transition-property: transform;. transition-property: transform;.}..hvr-grow:hover, .hvr-grow:focus, .hvr-grow:active {. -webkit-transform: scale(1.1);. transform: scale(1.1);.}../ Shrink */..hvr-shrink {. display: inline-block;. vertical-align: middle;. -webkit-transform: perspective(1px) translateZ(0);. transform: perspective(1px) translateZ(0);. box-shadow: 0 0 1px rgba(0, 0, 0, 0);. -webkit-transition-duration: 0.3s;. transition-

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\lightbox_close@2x[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1453
Entropy (8bit):	6.759166148396455
Encrypted:	false
SSDEEP:	24:B1hnBWwh82lYSKw5hVa64XVKT3JryJ3Vo5hVa6fGjwKZRfp2XOBY6:v1kvnLI600J3e7cVh2XOb
MD5:	13198D9E24E4047B757E69F32897B19D
SHA1:	868CEB3BDC559535E5E638A9E145F35005AF33C6
SHA-256:	2603DCB84908061D1A9E31DA6080328BF7867BFC4AA7A1A9A0FBD25E5942A043
SHA-512:	86D943EFB966752531E91911D5F1A9B27CD5003D2E96F19CAE833F88DF856A59C099B237E5EEDC840E00CFF6B9F34E6583B2F2F676EFAEC5055E5030198E5810
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/images/lightbox_close@2x.png
Preview:	.PNG........IHDR...(...(........m....tEXtSoftware.Adobe ImageReadyq.e<...xiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.155772, 2014/01/13-19:44:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:0e41a95d-3ffa-4ff2-9f01-79e98faa126a" xmpMM:DocumentID="xmp.did:A061BB706D2311E4A705EAFA721C606B" xmpMM:InstanceID="xmp.iid:A061BB6F6D2311E4A705EAFA721C606B" xmp:CreatorTool="Adobe Photoshop CC 2014 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:caa2ca59-503f-4ad4-961c-e872383c57cd" stRef:documentID="xmp.did:0e41a95d-3ffa-4ff2-9f01-79e98faa126a"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>F.M.....IDATx...1J.@......DR(.iia

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\login[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	downloaded
Size (bytes):	39223
Entropy (8bit):	5.392966904887719
Encrypted:	false
SSDEEP:	768:2l1lHt/JNVFGJIeNI9ReC0bG5woJhEZ9vjgDMiB+2ahy2DeLSpcFraY:cFe0erbGYZ9vjkM2ahy2D6praY
MD5:	8D90293732C5DC1A8D7DD748A94BB4B1
SHA1:	E46E8FC947E1B7F0ACF7AFDF9FDBE1BE8FC992B7
SHA-256:	04526B3DBCBF95EF4872AC75879A084ACC679DA23037C3C3A5215825B3F7A4C5
SHA-512:	EBE5B3529808D726D581849BCA6306BA7713EB51DFD9948B12774FB5703F1C72D40D1F369A42A78BB7AA6ED8E2D6932F544CC60542E20616A69D17FC2AD9D319
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/sp/login?r=reader_page_bumper_createyourown
Preview:	<!DOCTYPE html>.<html lang="en-US">.<head>. <script nomodule>document.location.href = '/unsupported';</script>. <title>Make Images, Videos and Web Stories for Free in Minutes \| Adobe Spark</title>. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />. <meta name="viewport" content="width=device-width,shrink-to-fit=no,user-scalable=no,initial-scale = 1.0,maximum-scale = 1.0">.<script type="text/javascript">.;window.NREUM\|\|(NREUM={});NREUM.init={privacy:{cookies_enabled:true}};.window.NREUM\|\|(NREUM={}),__nr_require=function(t,e,n){function r(n){if(!e[n]){var i=e[n]={exports:{}};t[n][0].call(i.exports,function(e){var i=t[n][1][e];return r(i\|\|e)},i,i.exports)}return e[n].exports}if("function"==typeof __nr_require)return __nr_require;for(var i=0;i<n.length;i++)r(n[i]);return r}({1:[function(t,e,n){function r(t){try{c.console&&console.log(t)}catch(e){}}var i,o=t("ee"),a=t(22),c={};try{i=localStorage.getItem("__nr_flags").split(","),console&&"function"==typeof con

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\m-unsupported-922d5964[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	1605494
Entropy (8bit):	5.476793887933425
Encrypted:	false
SSDEEP:	49152:gBe/SnxPspQ2fkkeTOx9bAX+iTSVcHad+sJOfV+kYFYkw8c7SjAAsYuMOcdSmi:+x0VkkeCkXj
MD5:	01F984113206A2A4F20956969F7A1408
SHA1:	281104D328B1012C25BFEB3D83A2B1963A526A86
SHA-256:	B13A644E28CD9C3F362DF44BAF42937494049FF90901C0D79A27FA49FC599E22
SHA-512:	D2FA520A5A3A3AA9936BD991CB842C85BFB48EF0CBC40B8F31F92720DC6D96D8E0D37D63013335AAE0C707E1A45F1B30B7B9096A089E6A48FE91BDA2605C8A0F
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/static/m-unsupported-922d5964.js
Preview:	!function(e){function t(t){for(var n,r,o=t[0],a=t[1],s=0,l=[];s<o.length;s++)r=o[s],Object.prototype.hasOwnProperty.call(i,r)&&i[r]&&l.push(i[r][0]),i[r]=0;for(n in a)Object.prototype.hasOwnProperty.call(a,n)&&(e[n]=a[n]);for(c&&c(t);l.length;)l.shift()()}var n={},r={"m-unsupported":0,3:0,"vendors~brand-kit-controller~gic-voice-publishUtils~m-storage":0,6:0,"brand-kit-chooser-view~m-storage":0,"brand-kit-chooser-view~user-profile-view":0,"vendors~BumperViewModule":0,12:0,13:0,16:0,21:0},i={"m-unsupported":0,3:0,"vendors~brand-kit-controller~gic-voice-publishUtils~m-storage":0,6:0,"brand-kit-chooser-view~m-storage":0,"brand-kit-chooser-view~user-profile-view":0,"vendors~BumperViewModule":0,12:0,13:0,16:0,21:0};function o(t){if(n[t])return n[t].exports;var r=n[t]={i:t,l:!1,exports:{}};return e[t].call(r.exports,r,r.exports,o),r.l=!0,r.exports}o.e=function(e){var t=[];r[e]?t.push(r[e]):0!==r[e]&&{"m-react-spectrum":1}[e]&&t.push(r[e]=new Promise((function(t,n){for(var i=e+"-"+{0:"f2e9d5fe

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\m-web-8d2d9d44[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	195263
Entropy (8bit):	5.4189192765646625
Encrypted:	false
SSDEEP:	3072:2cc9IK4lMECbt1/rcjzu5gP1ap5ERkktDi6G:CI8ECh1zQzcgakkk9a
MD5:	B2B5A66AA2D085633CB332C68F311057
SHA1:	972ABD46EF88ADEEEF93F7207B617F0BD53DC79E
SHA-256:	6D6FC7FCABDAE0F8AB123AEE0D40994FF5D6BE706C36DCF4859B66B2BB8D440C
SHA-512:	4A664BA89D1BBF4DBF272F353660EBEF9B4AD70A2BC8A949E53B916B203D7ED822F116DE18BB882189416EA6F25C502169419D5371FA332F64CA041EC4875BBA
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/static/m-web-8d2d9d44.js
Preview:	!function(e){function t(t){for(var n,r,i=t[0],a=t[1],s=0,c=[];s<i.length;s++)r=i[s],Object.prototype.hasOwnProperty.call(o,r)&&o[r]&&c.push(o[r][0]),o[r]=0;for(n in a)Object.prototype.hasOwnProperty.call(a,n)&&(e[n]=a[n]);for(u&&u(t);c.length;)c.shift()()}var n={},r={"m-web":0},o={"m-web":0};function i(t){if(n[t])return n[t].exports;var r=n[t]={i:t,l:!1,exports:{}};return e[t].call(r.exports,r,r.exports,i),r.l=!0,r.exports}i.e=function(e){var t=[];r[e]?t.push(r[e]):0!==r[e]&&{"m-react-spectrum":1}[e]&&t.push(r[e]=new Promise((function(t,n){for(var o=e+"-"+{0:"f2e9d5fe",1:"0a41d522",2:"44cb77ad",3:"4d7ea4b1",4:"080f8e62",5:"fba175fa",6:"fd8ab2ed",8:"cae03d98",10:"0d8862b8",11:"2e10143d",12:"5be80dd3",13:"35d4d659",14:"5a53c5b4",15:"fc655eea",16:"b7a38001",17:"5b0bcc67",18:"4c826e65",19:"966138d9",21:"5914815a",LoggedOutBumperTestingTools:"c9536f1e","m-react-spectrum":"3c1dac0c","vendors~auth-not-required-app~brand-kit-context-views~brand-kit-editor~brandswitcher~logged-in-app~n~567f5255

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\main.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	13691
Entropy (8bit):	5.381448070810353
Encrypted:	false
SSDEEP:	384:OYICUsySZX0Ljd0kg41VOEMFWKjzI4omXFKJvm4Qrb7H9g:OrTUUjd0zBEMFWCI+xg
MD5:	2DFF659EF77A2D4E7D76BF2CFC77C59D
SHA1:	6852E5A30F3186122B4CE704DA88D6BABBC4A8A3
SHA-256:	4CF1ADE01D47C67B3312F6750D7BAAA76C1CB0D1384FF654B255DE1A859DE959
SHA-512:	E279C04EE7ACE51A60E9E020BD272122CAD995BD4FA8D4F5658C506F788D33CBBCDCB83A63D8A2513980690D0F30B4927A71766ADD5AEBF6DA680090D2D69DA6
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/marketingtech/main.min.js
Preview:	!function(){"use strict";var e,t,n=document,a=Object.defineProperty,i="replace",o=function(e){return e=e[i](/%2523access_token%253D.?%2526/gim,"%2526")[i](/%23access_token%3D.?%26/gim,"%26")[i](/#access_token=.*?&/gim,"&")[i](/information=[^\&]+/,"")[i](/puser=[^\&]+/,"")[i](/fnuser=[^\&]+/,"")[i](/lnuser=[^\&]+/,"")};try{var r="referrer",c=n[r],s=o(c);s!==c&&a(n,r,{configurable:!0,value:s})}catch(e){}e=window,t=function(){function e(e,t){u.add(e,t),f\|\|(f=_(u.drain))}function t(e){var t,n=v(e);return null==e\|\|n!=p&&n!=h\|\|(t=e.then),v(t)==h&&t}function n(){for(var e=0;e<this.chain.length;e++)a(this,1===this.state?this.chain[e].success:this.chain[e].failure,this.chain[e]);this.chain.length=0}function a(e,n,a){var i,o;try{!1===n?a.reject(e.msg):(i=!0===n?e.msg:n.call(void 0,e.msg))===a.promise?a.reject(m("Promise-chain cycle")):(o=t(i))?o.call(i,a.resolve,a.reject):a.resolve(i)}catch(e){a.reject(e)}}function i(a){var r,s=this;if(!s.triggered){s.triggered=!0,s.def&&(s=s.def);try{(r=t(a))

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\main.no-promise.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	10741
Entropy (8bit):	5.442372384249071
Encrypted:	false
SSDEEP:	192:JtsMOjdwfVbwVhYeB8qfRiaAWfjIVHY7W35Qg6SF6gZhfRmlW1YDqs+qg:JtsMydwfVsVhYhqf0aAWfjIm70eVM6gH
MD5:	CCA018E06A68F94A49E79B2B87096FBC
SHA1:	1DC051BD56CA3E2B0ED6E95AE56FC449831062D3
SHA-256:	350A14AAA52348E4768E8146C3449D7789C92344C4537CE31CF137711E5A90E1
SHA-512:	A90B93282F61F721F40E8010D6B2F9D06017F622CA5CE21E370D55C4DB0EAEDDD8DAE114C79CB12223F2024E1BCED55903CC852DD36D42C14FA89D123DA1C448
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/marketingtech/main.no-promise.min.js
Preview:	!function(){"use strict";var e=document,t=Object.defineProperty,n="replace",a=function(e){return e=e[n](/%2523access_token%253D.?%2526/gim,"%2526")[n](/%23access_token%3D.?%26/gim,"%26")[n](/#access_token=.*?&/gim,"&")[n](/information=[^\&]+/,"")[n](/puser=[^\&]+/,"")[n](/fnuser=[^\&]+/,"")[n](/lnuser=[^\&]+/,"")};try{var o="referrer",i=e[o],r=a(i);r!==i&&t(e,o,{configurable:!0,value:r})}catch(e){}var c=window,l=c.console.log;function d(e){throw Error(e)}var s,f,u,p,h,g,b,v,m,_=c.__satelliteEmbedCode,y=c.marketingtech,E="digitalData",O=E+".",C="object",D="array",N="function",k="sub-object not ",x=k+C,S=k+D,P=/^(.+?)((?:\[(?:n\|\d+)\])+?)$/,j=/n\|\d+/g,w=Array.isArray,T=0,I=y&&y.digitalData&&y.digitalData.debug;if(v=function(e){return typeof e},m=function(e,t){return e.hasOwnProperty(t)},(u=(f=function(e,n){var a,o=this;if(t(o,"_id",{value:++T}),I&&l(o._id+": CREATED"),t(o,"_pending",{value:{}}),t(o,"_listeners",{value:{}}),e&&o._set(E,e),n)for(a in n)m(n,a)&&o._set(a,n[a])}).prototype)

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\marvelcommon-51100480[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	204314
Entropy (8bit):	5.2927791837848055
Encrypted:	false
SSDEEP:	3072:PVrtOowrXBOn3nmm6qI8pzYfwbgUU60R6X+ltN6HBDM:NrgowXMnXT6appgUU608Y4M
MD5:	48F849DA6F644B576196923A27236F15
SHA1:	8D47A27FA948519768268ECA970AB6487771A287
SHA-256:	15DA34D198A8ADE100CC1A6047F99FC87FC7785754E8E1A39A49F06F5D5D5873
SHA-512:	76340CBD3DCD0D2D534679319153F10833768B4C5F713871E782D4D854746AF1E4A880224BAD3C2BDB9626F5B615DEED67B3B176D38F97EC222309E9FDFF3637
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/static/marvelcommon-51100480.js
Preview:	var marvelcommon=function(t){var e={};function n(r){if(e[r])return e[r].exports;var i=e[r]={i:r,l:!1,exports:{}};return t[r].call(i.exports,i,i.exports,n),i.l=!0,i.exports}return n.m=t,n.c=e,n.d=function(t,e,r){n.o(t,e)\|\|Object.defineProperty(t,e,{enumerable:!0,get:r})},n.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},n.t=function(t,e){if(1&e&&(t=n(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var i in t)n.d(r,i,function(e){return t[e]}.bind(null,i));return r},n.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return n.d(e,"a",e),e},n.o=function(t,e){return Object.prototype.hasOwnProperty.call(t,e)},n.p="",n(n.s=3)}([function(t,e){./*! jQuery v2.1.3 \| (c) 2005, 2014 jQuery Foundati

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\media_102523b575492841801eee551ccfbc5fca141ecdf[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	2141
Entropy (8bit):	7.865737278498829
Encrypted:	false
SSDEEP:	48:siUhA7LvrgUSJ/T+CvFycxU+lqTi28ykxKNYtWXQ:suvSt+C9yce+lqTil9iQ
MD5:	38EA74462F8831910AED0F54BDD7C758
SHA1:	A396E755FFF88856B3455A24BE8980D6DFADE907
SHA-256:	632F0FAEC53DB4C6009830F9EB52E717B033AFED76CF5E572544F31921C3D355
SHA-512:	E5C1445C834AFCA1B357CCF84985DC404FEDAE0554C170BD509B4F2DF6107DC2A52D6EBAE5662B9516D621AD693E09EB5706D9882E8C4772507777670ABA41A6
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8X........a..;..ALPH.`....Gn$I.z).V$..pU...#.?..a.....D>.....~........O..~...S>._.K.S1/Q........f...P...J.X..I:Q.z..$.V.....8r.F.d.....{.{DL...=.&..3.DS...ie.`...........V?..V.h..j.....@C?..p.].n..$lg.R+...$\...$A.$....<.T...YDfF...EL.-....irC.p....&.{...m.h.>..II.q&..]...b]..w_....u..d..I.El.DR.\vf.....IV.h.O..s.{A..~c....$I..2....{.{.75f...U.!...TDH$..WD..d..t..@...A^..$.$Id....F.....xd.)..E"...6....Va.N.......#............R.. ...$.$..~.."..3..Q....3[.T.._5.C.6m.B.Dc...s.s....".b....h..~.sc>{.>."I=.:..U."...@f........,L.b.\.W........).....ps.}.#D.n.<...d......frd........4.j.Zw...{;.p.DP...H6..}.P...+.5X<v..:.."....g[j.... .:/.&.'<.?yx.Ew..&}y..9g....S..=....s..*.[x..Z ?/..W8.........g...d{....m....C..5...=.D/.l..;`{Yf..ko.@........RZ....._.?.......m...E...D......&...=P..<...4.hJ.\..#..1f..NF...7..>..A.7G.E......p7>..m.....ma.sy..m..DF...3..@../..^.<.....4...L.<zJ./.!.bkX+8....J..#}...j...o...\|..r.../W.i..O.P.. H.D9G.{

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\media_1968c8f3dd906c601b557aba0c66fbd643d723203[1].jpeg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	17150
Entropy (8bit):	7.93284549179349
Encrypted:	false
SSDEEP:	384:51VbjiuxiUz/LEVJjcOuz3Dt1HVCPlmgns+pBXq2tuIH:5/XiuAUzQVJYrATvlxo
MD5:	7A99B7376FE309D54DC66185237972B9
SHA1:	CB177E7D6C4D6A119BC26B63F96D8E53F4609C34
SHA-256:	A32F2694077C7D096973976BE64772B7FAE9DD6A4CB4EE4A9CC92A26142E118B
SHA-512:	A00B50A1B7B55779514076B3690BE9B823A1A802CFBE9AD297B44002DF2445CBAB78FD68DF3BDDAF194288DCE0B600C62E80010016B6D6797ADD35C32AD5D96B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/create/media_1968c8f3dd906c601b557aba0c66fbd643d723203.jpeg?width=2000&format=webply&optimize=medium
Preview:	RIFF.B..WEBPVP8 .B..p....*....>u:.J$....qh....in.N.?+B5,<....y...`..+..t.................W.......}..`....yx{H.\|...w.i..?.?.=.............................y....Q..............a.M.......o....S.....W...w.{..2.......W.?.....~S.....?......?.....{...........P.v/3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3.._;.%..0...a3d...~...6..#K..O.!y.C...T...}..ng.u~.\d2.8K2C...7..3...`.v/3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>..3...s>...]...G.p.@-.._..k.....G...lB+..Q...id..(.?..3.6b...}..ng...}..ng...}..nJy..gs..0..;.j.\|.... .}...X.+......s..E.8i.qm../3...s>..3...s>..3....uj.M-5...l....).d$HJ&...q...P...na.lT..L....s>..3...s>..3...s>....-.8.6l..j, .....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\media_1a3a5d0b4d3b4cdafd28d6e4e2582aa89694802d1[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	585
Entropy (8bit):	7.62128701042645
Encrypted:	false
SSDEEP:	12:TRhcMLGq4TqAbRW8MfxB2hl9urUYDYMviLQLv9NVWJXbiC1xliFTNN:TDcMLG35QnfxBClsQYdrL1U3xli
MD5:	965E479EBF8633D3EEF008DCDF9D02D8
SHA1:	8F339A6934ECADE324344F26C63153F6A385826F
SHA-256:	01DB2886FE92321318853B49BF19F36857880A96682370F38E9DBDA3A70F1471
SHA-512:	FCF5E72F4ADC153AEE2815DC08C912CEDF9595D298DC258BF3F3D685A02FDD7F10DE5BE75ACDC82F19897891396B436C48983799FA370D6F3425494FF1F2894F
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 ....0a.......>.>.I%.".(Rm`...in.K....g]_...R..........O...M.....r?K......N............k.....?.x.j..`......~..m....>.?......j.z........m.MS.v..6.&3c."..O8=BS..RA.....Po\|.u.X.<.WAF;\..A.T.....7.o.L.....s..c....,...4....P....t....QK.6..9..>...'.......5.b..."_..&\W...R@..?+....O_U.1,...Z....`.\|lA.[..B....c..a..Z..."R.6.......L....D.l..`.n.a.7..W[^O....2...u...L?Q..Nx.V.@...8X'.........@.N.L..... t.y.....~..;...DZ0V.........['.....;..QS..[w.)..<.m.)............E.z.O...>.V..."L......}..r@Y.9...a..o.x...'.!.6T....-ro.....)~...h...,b5..+

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\media_1edd2ae4453e3478187f2c8b4963eb73bac41e495[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	4344
Entropy (8bit):	7.952890511525727
Encrypted:	false
SSDEEP:	96:8AyF0DIrSu1GUbv8+oDJtGqT2n0axa5pd9Vbb9Se0x1A5z/:tK5bvMDKqT2XxaN9VfkXx+5z/
MD5:	1865D8BADE74D4ED8F4FD39F389A9330
SHA1:	829785B4A2D366B45F25AE9FE170B4C29AAF86D5
SHA-256:	B560317586E901FC12C86874B1D2F3A08B1B6A4FD620354EF7E86861965E90F0
SHA-512:	CF5FCE12AB037FDC05D2578D4E5E4CF58AB42CE5419A7197FAA0AEC48B9DA78E9E0183A3CE639DF039E12DEB2A0D795DD4A6F754103A8512829227A99A789AE3
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/media_1edd2ae4453e3478187f2c8b4963eb73bac41e495.png?width=2000&format=webply&optimize=medium
Preview:	RIFF....WEBPVP8 .....d.......>.D.I%.#!&5.....gn.p.....u.M........G..r~`..'..y.y....@.#.F.......-._......f......._.....=..I...^....;.O.k.B.?:...[.v@_.8o(.......5N......LP.m...W.LP.m...W.FZ={Y?.qz.b.e.,N8...M....1z..d{,..~I.[.-..@..B.CE...Gv...!A{.02W\zC.+t.[{2....X.O\h...Y.I7...1@FdB+ DV.L...........K...`.O......D...._.....6.f..}.D1R..o......B.".D&<..<0jb...C6...%u.....<s.bX.xJ...]n...vO6~K.)..MOwJ..>.....-.X.J.....0/.F..d..e.hs9.L.I..4{X.R6..V9i..z4..k88..Ms.F.o.J.mD..#.w..#.7@......p...a.....J%@.'..F<....M......S.v...$.,.S.6.{..r..,..R..L ..?..D...Q-.. u5....{V.EE..L=D.v..R{.M.T.F.`9..c.....p.@....e.N.M..@b...\.j.M.H.......d....3.....4.G.}.r...U.ws..?..x..iF.\.n../..y...H.0PJ.)s.....z.y..uJ.<.(...A.R.yU..OX.N.c.,......h...:E.7.*W.Z`..P..&...O!.V..]...zF..hd.j..b..hd.j..b....Mf.?....e.[.r..[(.D_..lS\|.?..$..\|..Jh.w...j.].............ye.dH!..e..[xB.........U3M.N.......>>FL$\`..;9.u..'...m.NB....s..i..}.b.\0y$..P........C.pt.x?h...^...q..%V.1.~.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\media_1f993e61cdb66f59a3b561bdd8a7b091beb456077[1].jpeg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	18478
Entropy (8bit):	7.942546470435545
Encrypted:	false
SSDEEP:	384:Neh77iQyXjSlY91RnYf0GbUa5qHY8ZyRj9ZcPDMfY:N07RyzSi9bnFGUa5qtyJcPSY
MD5:	5BD052500A824C5EB5424A2DB23848FB
SHA1:	4CC1869D03EA09836132FB5F8EE00A250D4DFBC4
SHA-256:	3C0A44CE58960C087FFB3A33E2E3C114C05572A09720E2930DFC042DD0E44616
SHA-512:	C5CCB90FAE23A00882551EA0B3B06758C25CF81C7C2C2FDB3FECC6FC7C938BB80C88792BF7599B73C109E1B05B04DA40271ADB4C9EAEAD529E7E583E72C2937F
Malicious:	false
Reputation:	low
Preview:	RIFF.X..WEBPVP8 .X...b.......>u:.J$.""!R8....im.21...]....... .....}x.......;.......9...9wn....y......[./.e......o.......y.5.BJ..^u....B.c....z..........9.S..p}^..z.y.z....4.K.S....}...../.K...{^.#....A}m...].K............._....../`.............7..$?........\.....5i...,.v...O..l;MZj...6...5S...V...B.i.MT..f...\|P.a.j.U>(Y..5i...,.v...O..l;MZj...6...5S...V...B.i.MT..f...\|P.a.j.U>(Y..5i...,.v...O..l;MZj...6...5S...V...B.i.MT..f...\|P.a.j.U>(Y..5i...,.v...O..l;MZj...6...5S...V...B.i.MT..f...\|P.a.j.U>(Y..5i...,.v...O..l;MZj...6...5S...V...B.i.MT..f...\|P.a.j.U>(Y..5i...,.v...O..l;MZj...6...5S...V...B.i.MT..f...\|P.a.j.U>(Y..5i...,.v...O..l;MZj..1..R.y3u..-..3.T..i.MT..f...\|P.a.j.U>&._..A.M.A..s..\|.@..qJ...5i...,.v...O..l;MZj..W...R...U........]..Gv.\|P.a.j.U>(Y..5i...,.v........8..u)E.s...I4.......(Y..5i...,.v...O..l;MZj.......5.N._...u...Dp..x..%..fb=+....\|P.a.j.U>(Y..5i...,.q.@ .?..%.\|..:.\|J.......V...B.i.MT..f...\|P.V.@..tB...{.]....].

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\noscript.gz[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	6887
Entropy (8bit):	4.668876157824901
Encrypted:	false
SSDEEP:	96:/SIxZvVJlZiK1ia87ErUiLJgMio6VLtXq+eoIk/QDasFJ+kIB+oldfWJgYb4d3M:PuYiBtXjevaQDaEIJgn
MD5:	BAA266F5BD7729A2ED64E929B835083A
SHA1:	6388FF647E1F0FC306C8CDA8765D90109A26DF15
SHA-256:	858FDF50C5FC5B2E92A07EBC4EE0ACA98BB5518455080ADAF3F1CD62575526EF
SHA-512:	E7DEF66977E5E95FD1F28F0CF680FE783F217E3A6BEE7285E0FC4855FA2632517D1B5E232A8698509B6DBE23B8FBD1B02ACA32169442308103E31373E3349ADB
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/noscript.gz.css
Preview:	.article,.publication-viewer,.section,.wp-swipe-panel-group{overflow:visible!important}#luca-splash{display:none}.wp-swipe-panel-group-panel{display:block!important;overflow:visible!important;visibility:visible!important;-webkit-transform:none!important;-moz-transform:none!important;-o-transform:none!important;-ms-transform:none!important;transform:none!important}.section{visibility:visible!important;position:relative!important;top:auto!important;right:auto!important;bottom:auto!important;left:auto!important;max-height:none!important;box-sizing:border-box}.title-section{height:80%!important}.title-section *{-webkit-transform:none!important;-moz-transform:none!important;-o-transform:none!important;-ms-transform:none!important;transform:none!important}.title-section .title-header{overflow:hidden}.single-column-section{height:auto!important}.single-column-section .section-background{position:static!important;width:100%;height:50vh}.section-background{z-index:0!important}.fullscreen-photo-

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\onedrive-white[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 399 x 234, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	27264
Entropy (8bit):	5.211666264328576
Encrypted:	false
SSDEEP:	384:HKi2u52IXXggO3QJuZEfjGete8ZV9oVcMaamXY2om:qiLXvnSeteUVRxbom
MD5:	E12869E88698A7CCDEF897C661E3729B
SHA1:	BF336C35D34E775E29C50168B351DE5B041690AA
SHA-256:	94F584A17BCF5868513C7E0B8A7085DF161AAC6FC6DEEF8907D1579ED8312899
SHA-512:	22BCC26A6E962B56FD128E01D5FADFB8CEADCD492EA4280BD1906C0BC1D39C647685AEF08DE313D029B61FA3D853CCDE3A0CA42E3F986CC2F46A5515F77DF7B4
Malicious:	false
Reputation:	low
IE Cache URL:	https://honeywell-products.com/John/McGarvey/images/onedrive-white.png
Preview:	.PNG........IHDR.............Z..... cHRM..z&..............u0...`..:....p..Q<....sRGB.........gAMA......a.....pHYs...............:.iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c067 79.157747, 2015/03/30-23:40:42 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:xmp="http://ns.adobe.com/xap/1.0/". xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/". xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#". xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/". xmlns:dc="http://purl.org/dc/elements/1.1/". xmlns:tiff="http://ns.adobe.com/tiff/1.0/". xmlns:exif="http://ns.adobe.com/exif/1.0/">. <xmp:CreatorTool>Adobe Photoshop CC 2015 (Windows)</xmp:CreatorTool>. <xmp:CreateDate>2020-01-20T16:21:42+05:00</xmp:CreateDate>. <

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\otBannerSdk[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	349017
Entropy (8bit):	5.31760027140353
Encrypted:	false
SSDEEP:	3072:z9i74sroLe3xdPsKiaDj2HKzd5oYEJFsEv8D66:ql3xdPsKiaOHKzd5bEJFpv8O6
MD5:	09842127B6FE7CD7FED7BE501A5E0EE8
SHA1:	41A188777AC1C69C98DD0E11F6C30C2F21E02510
SHA-256:	6A13B93C05AF6EC6255B737032AA3F5D1F4823ED2D57D12C0735BD2C4ADC8EFC
SHA-512:	C4B869C46015D0D85AA5CA5202836D08F7B82DD063D836066407755D02B8E985538B294CCD473370B2969BE2A750AC90CAE49507DE1B6C7CF893B722B26F4F36
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js
Preview:	/** . * onetrust-banner-sdk. * v6.9.0. * by OneTrust LLC. * Copyright 2020 . */.!function(){"use strict";var o=function(e,t){return(o=Object.setPrototypeOf\|\|{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}\|\|function(e,t){for(var o in t)t.hasOwnProperty(o)&&(e[o]=t[o])})(e,t)};var s=function(){return(s=Object.assign\|\|function(e){for(var t,o=1,n=arguments.length;o<n;o++)for(var s in t=arguments[o])Object.prototype.hasOwnProperty.call(t,s)&&(e[s]=t[s]);return e}).apply(this,arguments)};function a(r,i,l,a){return new(l=l\|\|Promise)(function(e,t){function o(e){try{s(a.next(e))}catch(e){t(e)}}function n(e){try{s(a.throw(e))}catch(e){t(e)}}function s(t){t.done?e(t.value):new l(function(e){e(t.value)}).then(o,n)}s((a=a.apply(r,i\|\|[])).next())})}function d(o,n){var s,r,i,e,l={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]};return e={next:t(0),throw:t(1),return:t(2)},"function"==typeof Symbol&&(e[Symbol.iterator]=function(){return this}),e;function t(t){retur

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\outlook1[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	771
Entropy (8bit):	7.682244426935498
Encrypted:	false
SSDEEP:	24:74yiH9yQmOntihdLl00qDeu1BcaDa0oljZG0:omOntO7v/uJDYG0
MD5:	C3FC46C5799C76F9107504028F39190F
SHA1:	519096AD3F03410CF9CE3C9B9FCCA6B439D97B23
SHA-256:	57898461712A639D119BDF88B7145919DCC8956C7A271D2E4A1084B29EAE6785
SHA-512:	DF4A0A2F78B2013035FB738BF405119B275D4CFEC31A23071EB9AF499D5F31FDC4BE22754CE791C975D7D417E908B5CAD16F962B0ADD3DFDCDE19844D74F6678
Malicious:	false
Reputation:	low
IE Cache URL:	https://honeywell-products.com/John/McGarvey/images/outlook1.png
Preview:	.PNG........IHDR..............JL.....bKGD..............IDATH....k.A..k6.b.F1..H@...j@.aQ...(.. .. ........ .A..D...I......E......1...W...;;.Y.d.}].U5]..x"3?....!..A..y..+R2\...m.NX.=..p.0...d.^.3......J.Z.X.).....P\..x1.3.M.0....m.........F....?...n.......l.Fo)x._ R\|.s..a.T?...?.=.9.Y..u....z..\|.....Wz...h..<..P.. ...$.Y......k`/4.y/......L.C......."....U....7....G...'h.....1j1E..%t.....@..a.......b.ED-.Tn.<..o.D...o..(.{1l>........".4a.:k.I./.7t./.Q-'..>.. ......'3eb..d.@=4...C....A...;..N.X3.(.......,v...+...S...W..l...@,...j.).u<..@u..0...V&.b.yp.....0..o.?..V..B =.~&m"r(...6;EP.T.......h.m".[f.U)\|t..2.Q.....g.cP.W...D..[.O>..d;.yI.{/..#v.._..$.Q.......t\E..5i.q._.."/n...v.w..Uo ...#..S....^.....F..+._??.r.......IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\p[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	35
Entropy (8bit):	2.9302005337813077
Encrypted:	false
SSDEEP:	3:CUHaaatrllH5:aB
MD5:	81144D75B3E69E9AA2FA3E9D83A64D03
SHA1:	F0FBC60B50EDF5B2A0B76E0AA0537B76BF346FFC
SHA-256:	9B9265C69A5CC295D1AB0D04E0273B3677DB1A6216CE2CCF4EFC8C277ED84B39
SHA-512:	2D073E10AE40FDE434EB31CBEDD581A35CD763E51FB7048B88CAA5F949B1E6105E37A228C235BC8976E8DB58ED22149CFCCF83B40CE93A28390566A28975744A
Malicious:	false
Reputation:	low
IE Cache URL:	https://p.typekit.net/p.gif?s=1&k=rbi5aua&ht=tk&h=spark.adobe.com&f=171.172.173.174.175.176.5474.5475.146&a=1655249&js=1.20.0&app=typekit&e=js&_=1620145835961
Preview:	GIF89a.............,..............;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\pps7abe[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	5912
Entropy (8bit):	5.2044956005117
Encrypted:	false
SSDEEP:	96:pbzQ2hl0RMFRioMWznrvMmMoZS6MaJ6QMbxkbMy9cRMxRqkM8c:pjl0RMFRioMWznrvMmMoZS6MaJ6QMbx9
MD5:	6FEB771900764877F9ED7FCCCC9428B5
SHA1:	31693DA6584BC9FAB601AFC35550AEEE6A8210C1
SHA-256:	3AC4CEB0885F766CF6E170BA7191315EA1C54287BF0947095E85D1B090A1BC35
SHA-512:	890E633998C812A19B63947F922815E14632328A9522AEBF5AFDA87D947684130C643EA48BF21124564F4DC17936DDC0F9F3907BA61594D197A797E5160B145E
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/pps7abe.css
Preview:	/. The Typekit service used to deliver this font or fonts for use on websites. * is provided by Adobe and is subject to these Terms of Use. * http://www.adobe.com/products/eulas/tou_typekit. For font license. * information, see the list below.. . adobe-clean:. * - http://typekit.com/eulas/00000000000000003b9b3f85. * - http://typekit.com/eulas/00000000000000003b9b3f86. * - http://typekit.com/eulas/00000000000000003b9b3f88. * - http://typekit.com/eulas/00000000000000003b9b3f83. * - http://typekit.com/eulas/00000000000000003b9b3f8c. * - http://typekit.com/eulas/00000000000000003b9b3f84. * adobe-clean-serif:. * - http://typekit.com/eulas/00000000000000003b9aee45. * - http://typekit.com/eulas/00000000000000003b9aee47. . . 2009-2021 Adobe Systems Incorporated. All Rights Reserved.. /./{"last_published":"2020-01-31 14:53:09 UTC"}*/..@font-face {.font-family:"adobe-clean";.src:url("https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/l?primer=388f68b35a7cbf

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\privacy.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	20223
Entropy (8bit):	5.242286055522869
Encrypted:	false
SSDEEP:	384:G3gDf4hD0kswkP/TUyPydyCASyI2yWyOZyVVIKCXEdTvX6AyEn:G3mfuD0kswkP/TL68pyRFVyKQEl6AyEn
MD5:	7997F297B2476E9156A93EE5433CBB5A
SHA1:	DEA0CD133C2DF4392CD198350F54387425A7EF4D
SHA-256:	86F628996CD60C851A9B4A6A83C2F110D4CEC5C51A08F173844A3192EDD7FAC0
SHA-512:	C30398B9E8CEB2C71AC3338C78AF97653059B856C7BA8253E9E7994363E0BEA593F7D5422728F404429F0D50DB30D2CAFF99596FCB898BDD54FBC5A5A2AE330D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/etc/beagle/public/globalnav/adobe-privacy/latest/privacy.min.js
Preview:	/! privacy - v1.0.11 - 11-04-2020, 7:17:44 AM..ADOBE CONFIDENTIAL.==================.Copyright 2020 Adobe Systems Incorporated.All Rights Reserved...NOTICE: All information contained herein is, and remains.the property of Adobe Systems Incorporated and its suppliers,.if any. The intellectual and technical concepts contained.herein are proprietary to Adobe Systems Incorporated and its.suppliers and are protected by trade secret or copyright law..Dissemination of this information or reproduction of this material.is strictly forbidden unless prior written permission is obtained.from Adobe Systems Incorporated../..!function(){var e,t,n,o,i,s;e=function(){var e={};return e.isObject=function(e){return null!==e&&"object"==typeof e},e.isEmptyObject=function(e){var t;if(this.isObject(e))for(t in e)if(e.hasOwnProperty(t))return!1;return!0},e.isFunction=function(e){return"function"==typeof e},e.isArray=function(e){return this.isObject(e)&&e.constructor===Array},e.formatString=function(e,t){if("

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\rbi5aua[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	19114
Entropy (8bit):	5.570400661578598
Encrypted:	false
SSDEEP:	384:KefQe2tpIgIPs51iRm2lIew42noFeFsP9btiCtpIaCR:NQMq1iRm2XwMqsbbt6J
MD5:	D464D0A61D4E34F4C431CA31D0F7E6E8
SHA1:	73716727BFD77BA586E907A9FFC33FFC39CA73BF
SHA-256:	29B51B31FAF8A954EC0209189E1A6491AFE94CBE50D1E16679FBA7561AD2BC5C
SHA-512:	9B6FB7EBF94F0B42242A335B72B0C6A43DA7071B6AE9715FF70F96D54A4CA157D16A6F11B7D4C3573053E96DE06DD30791AB655BD55EEB5F3FB68989C3CB8B6D
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/rbi5aua.js
Preview:	/. The Typekit service used to deliver this font or fonts for use on websites. * is provided by Adobe and is subject to these Terms of Use. * http://www.adobe.com/products/eulas/tou_typekit. For font license. * information, see the list below.. . proxima-nova:. * - http://typekit.com/eulas/0000000000000000000158d3. * - http://typekit.com/eulas/0000000000000000000158d4. * - http://typekit.com/eulas/000000000000000000017709. * - http://typekit.com/eulas/0000000000000000000158d6. * - http://typekit.com/eulas/0000000000000000000158d7. * - http://typekit.com/eulas/0000000000000000000158d8. * - http://typekit.com/eulas/0000000000000000000158d9. * - http://typekit.com/eulas/00000000000000000001705b. * proxima-nova-condensed:. * - http://typekit.com/eulas/00000000000000000000ffd9. . . 2009-2021 Adobe Systems Incorporated. All Rights Reserved.. */.if(!window.Typekit)window.Typekit={};window.Typekit.config={"a":"1655249","c":[".tk-proxima-nova","\"proxima-nova\",sans-

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\s34941467866574[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 2 x 2
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.0780023067505042
Encrypted:	false
SSDEEP:	3:CnwltxlHlrn:Xn
MD5:	AD480FD0732D0F6F1A8B06359E3A42BB
SHA1:	A544538683A2DFE574EEB2E358AC8FCC78289D50
SHA-256:	A1ECBAED793A1F564C49C671F2DD0CE36F858534EF6D26B55783A06B884CC506
SHA-512:	8717074DDF1198D27B9918132A550CB4BA343794CC3D304A793F9D78C9FF6C4929927B414141D40B6F6AD296725520F4C63EDEB660ED530267766C2AB74EE4A9
Malicious:	false
Reputation:	low
Preview:	GIF89a.............!.......,............Q.;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\spark[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	3245
Entropy (8bit):	5.201590437010129
Encrypted:	false
SSDEEP:	96:EOjZfymEL6GBGTGGcnxv1U9KByhSl+x4rvdk6:Hj1yR6GBh1ChSQSLy6
MD5:	907B6C4171506C79784218007A40BA44
SHA1:	439E9CAF7CDC5B93A3CA412EC4EDA6338997644A
SHA-256:	AC0A282DCE35E91B761D9E69142973C44CD495E468434DCF1AD249F498D00788
SHA-512:	BD968C37D67A94827BF555E5A013A45CECB0DEC045815B00091FC8BF4B9F0F32064F9ED8395D3D7A625BD287D462EA271834E65D9886EA436029045DEEEC0A44
Malicious:	false
Reputation:	low
Preview:	<?xml version="1.0" encoding="utf-8"?>. Generator: Adobe Illustrator 23.0.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->.<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" [..<!ENTITY ns_extend "http://ns.adobe.com/Extensibility/1.0/">..<!ENTITY ns_ai "http://ns.adobe.com/AdobeIllustrator/10.0/">..<!ENTITY ns_graphs "http://ns.adobe.com/Graphs/1.0/">..<!ENTITY ns_vars "http://ns.adobe.com/Variables/1.0/">..<!ENTITY ns_imrep "http://ns.adobe.com/ImageReplacement/1.0/">..<!ENTITY ns_sfw "http://ns.adobe.com/SaveForWeb/1.0/">..<!ENTITY ns_custom "http://ns.adobe.com/GenericCustomNamespace/1.0/">..<!ENTITY ns_adobe_xpath "http://ns.adobe.com/XPath/1.0/">.]>.<svg version="1.1" id="Livello_1" xmlns:x="&ns_extend;" xmlns:i="&ns_ai;" xmlns:graph="&ns_graphs;".. xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 240 234".. style="enable-background:new 0 0 240 234;" xml:space="pres

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\unsupported[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	downloaded
Size (bytes):	60948
Entropy (8bit):	3.7861014753307973
Encrypted:	false
SSDEEP:	384:4Q12kZaWG3USpc9w0OIJ80c/7nL/7dFs1HuChJ0GG9G:4+2kZTLSpc9n8RDD7UMG
MD5:	81DD6F1620FC96A9AB8DE8BA72BC04D1
SHA1:	C85D7896C21296BE928E761803149F2D2809A125
SHA-256:	4D7E8CFAFAA074FCE4534DD2AC9AEC3A7A5ACF3441727A53DAEF9981084B1323
SHA-512:	1AF058ED08C5B0CA2D2E5EB1C171501A2FD256090D3F26373417AF5137D59012DA3859A446C9C7F19053EDBF06D20768C61A230CFC84B9B454CF4A0CC0FEB292
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/unsupported
Preview:	<!DOCTYPE html>.<html lang="en-US">. <head>. <title>Adobe Spark</title>. <meta http-equiv="content-type" content="text/html; charset=utf-8" />. <meta name="viewport" content="width=device-width,shrink-to-fit=no,initial-scale=1.0">..<link rel="shortcut icon" href="/images/sparkfavicon_v2.ico">.. <link rel="stylesheet" type="text/css" href="/marvel-core/css/marvel-ui-faf07216.css">. <link rel="stylesheet" type="text/css" href="/css/marvel-landing-unsupported-ec51f18c.css">.<link rel="canonical" href="https://spark.adobe.com/unsupported">.<link rel="alternate" hreflang="en" href="https://spark.adobe.com/unsupported" />.<link rel="alternate" hreflang="cy" href="https://spark.adobe.com/cy-GB/unsupported" />.<link rel="alternate" hreflang="de" href="https://spark.adobe.com/de-DE/unsupported" />.<link rel="alternate" hreflang="fr" href="https://spark.adobe.com/fr-FR/unsupported" />.<link rel="alternate" hreflang="es" href="https:/

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\015848c8-21d3-48f0-90c3-8404fbc0b832[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 668 x 188, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	49015
Entropy (8bit):	7.989958774953542
Encrypted:	false
SSDEEP:	768:tgk5Zb1HpCqT4sZvft+jgVEUisMkoY1Tga+igBTrUvQHfZnVHdso6wD+I:l91JFhRt+EVEUBMk3p+HUkfv9H6wD1
MD5:	745F4FA19A24872EF77D0995D09B74A0
SHA1:	AFA12D24F977F8D704A1C483057C0839BDCBD9D9
SHA-256:	8292A1FF1A9403AAB3A660162965A0B581F4F44528ECFC38B6E7EBED9B749D58
SHA-512:	0C134568E09B58DBB9860A99F414D64DB61E8F71BD08398A4D3A70C92AB1DA2507F8A3077EC5281ECD5A3B58A6B234CF8988146D5EB4F061317670784D4D7AA5
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/page/XzmTHY6Mi43rB/images/015848c8-21d3-48f0-90c3-8404fbc0b832.png?asset_id=252d8d49-0a9f-43ae-9881-286b9f262451&img_etag=%22a545dfb9109ffce1fdbf29c99f7befdd%22&size=1024
Preview:	.PNG........IHDR..............x~.....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c005 79.164590, 2020/12/09-11:57:44 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/">. <xmpMM:DerivedFrom rdf:parseType="Resource"/>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>.<?xpacket end="r"?>m.."....gAMA......a.....sRGB........ cHRM..z&..............u0...`..:....p..Q<.. .IDATx..]...D.......DzUD.""H.*(M..(E.A...B......J/"U..`...KS..R.rm..6..l&...L&..=.....dZ&...W.....O.<......!lA..m!t..nwc......}.@..F.."`..K.x...h/mk....;k....k\|Py...o.;..6..[.o.z<..{.....(...{..i..{...H@C%....5.z.jL.{.nna.i.]....:.P...m.?...........9........8..ym....Os+....F.Q4..../..G!.......0y..........>.S..%..mj..v%.M..j.M8...5b..n...tb....G../Y.:IB.. .>..T.E.R..~.JC.A.g....U...o,..M....u4E.A.=U.X.`x.\Z.k.y.(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\8b7d9c40-811d-43c5-8a52-b35b573c17aa[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 93 x 54, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3161
Entropy (8bit):	7.907600136885199
Encrypted:	false
SSDEEP:	96:XF5l7jqn4lcFSz9no0G+SJsK/eopYI8O+VRoOZWc:rtqfkzCd/eoSQ+IO7
MD5:	ABB8BFDACB835A8EB2FB87C42BC2F5F5
SHA1:	8C89D817BA4B45471F5E31F2BC24564CA29C825F
SHA-256:	4087915E6A40209F82F64C75E921329C5A40924C948BB636E0F023BCFCC31075
SHA-512:	DD09EA7FEC6BC7F96EB9D9A45AF167A376C9775AD03D6A167543D03BD095FD894A094EF29DA4F6DD944EDB148FBFABBAF95968FBAE94E8F753A3DD67294577AE
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/page/XzmTHY6Mi43rB/images/8b7d9c40-811d-43c5-8a52-b35b573c17aa.png?asset_id=02c4d4f8-1e29-407e-b052-0308bd8bbe74&img_etag=%22ecead06b235c91965997b2f01e48c33a%22&size=1024
Preview:	.PNG........IHDR...]...6......B.Z... IDATx..[.pS..^.e.O.2`[.,......p..1I($...rth.N'.d.i.!G'M..&!...$@hhH..!.1.c..eY.l..GlYB.e..Y.O...XmQ.y........{...8.f....^=.J/.....qsQ..m..YO.b..K..i.....,.oec.0.....4.#=..HO.0.....4.#=..HO.0.....4.#=..HO.0.......?.!V...........j>....b.i..\..HE7U.oec...Q.RR......l...AJ6<$0.R.......x.`[WJ.......V...Y...S..xxk...0v.q..#=..HO.0.....4.#=..HO.0.....4.#=..HO.0.....4.p....d..G D..:...". .b.n.^.n......0........999w",V.?....tG.H~.H.r...h4N..n....o@.y.2M.&\|a...r......?...N.Z.................Y.....{.F.d..k.\..p?.....Y.......Q..,\..M[..K{..+..e..+....2..'_.\|.....~..XUSS.3f..E"...........J.......?9Y..B.2.J.NV.v.J.Z...7......8>4......5.y...cG.:.NSR.g..\N...^.@2^.T....~..x..3U.......o.}.v'.. .P....o..'}.%%.J....D.......QO,..'.T..&kD!.o..p8..$+.z.j...._}..S.-$....B\|S....ofh.7........)..G..=.....\|@..S.$E1.m4....%.'..6m.\......`8..z...333..H.F...P(./.0[.....>...P(,.p8..G.........d*....mhh.m..M...M....t. .......^..j.^I6......gO_L.Q

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\8b7d9c40-811d-43c5-8a52-b35b573c17aa[2].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 93 x 54, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3161
Entropy (8bit):	7.907600136885199
Encrypted:	false
SSDEEP:	96:XF5l7jqn4lcFSz9no0G+SJsK/eopYI8O+VRoOZWc:rtqfkzCd/eoSQ+IO7
MD5:	ABB8BFDACB835A8EB2FB87C42BC2F5F5
SHA1:	8C89D817BA4B45471F5E31F2BC24564CA29C825F
SHA-256:	4087915E6A40209F82F64C75E921329C5A40924C948BB636E0F023BCFCC31075
SHA-512:	DD09EA7FEC6BC7F96EB9D9A45AF167A376C9775AD03D6A167543D03BD095FD894A094EF29DA4F6DD944EDB148FBFABBAF95968FBAE94E8F753A3DD67294577AE
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/page/XzmTHY6Mi43rB/images/8b7d9c40-811d-43c5-8a52-b35b573c17aa.png?asset_id=02c4d4f8-1e29-407e-b052-0308bd8bbe74&img_etag=%22ecead06b235c91965997b2f01e48c33a%22&size=2560
Preview:	.PNG........IHDR...]...6......B.Z... IDATx..[.pS..^.e.O.2`[.,......p..1I($...rth.N'.d.i.!G'M..&!...$@hhH..!.1.c..eY.l..GlYB.e..Y.O...XmQ.y........{...8.f....^=.J/.....qsQ..m..YO.b..K..i.....,.oec.0.....4.#=..HO.0.....4.#=..HO.0.....4.#=..HO.0.......?.!V...........j>....b.i..\..HE7U.oec...Q.RR......l...AJ6<$0.R.......x.`[WJ.......V...Y...S..xxk...0v.q..#=..HO.0.....4.#=..HO.0.....4.#=..HO.0.....4.p....d..G D..:...". .b.n.^.n......0........999w",V.?....tG.H~.H.r...h4N..n....o@.y.2M.&\|a...r......?...N.Z.................Y.....{.F.d..k.\..p?.....Y.......Q..,\..M[..K{..+..e..+....2..'_.\|.....~..XUSS.3f..E"...........J.......?9Y..B.2.J.NV.v.J.Z...7......8>4......5.y...cG.:.NSR.g..\N...^.@2^.T....~..x..3U.......o.}.v'.. .P....o..'}.%%.J....D.......QO,..'.T..&kD!.o..p8..$+.z.j...._}..S.-$....B\|S....ofh.7........)..G..=.....\|@..S.$E1.m4....%.'..6m.\......`8..z...333..H.F...P(./.0[.....>...P(,.p8..G.........d*....mhh.m..M...M....t. .......^..j.^I6......gO_L.Q

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\McGarvey[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	253
Entropy (8bit):	5.123000202538459
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwol6hEr6VX16hu9nPN4yWI0bnc7Q+KqD:J0+ox0RJWWPM1bnc7zT
MD5:	E017FD52C2B26D1D453C09CEFAABA12D
SHA1:	B0921A7B2FB1052DE12E997339C3BEBE272DC7B7
SHA-256:	19E4F1E2E15321C6410E742ABA033C46F8C03B33C0569A4DC659646F3B402D12
SHA-512:	4AEC8460F734098C4DDE86EB159A9A6E2482F52ACD52D1225F105D6F95EEA5D18E055E517F5DB5076EF4A48D792E8B84346C9C9E62B9D7B002B181D3205160C5
Malicious:	true
Yara Hits:	Rule: JoeSecurity_HtmlPhish_10, Description: Yara detected HtmlPhish_10, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\McGarvey[1].htm, Author: Joe Security Rule: JoeSecurity_HtmlPhish_7, Description: Yara detected HtmlPhish_7, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\McGarvey[1].htm, Author: Joe Security
Reputation:	low
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>301 Moved Permanently</title>.</head><body>.<h1>Moved Permanently</h1>.<p>The document has moved <a href="https://honeywell-products.com/John/McGarvey/">here</a>.</p>.</body></html>.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Privacy-Image-1-1440x340.jpg.img[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, baseline, precision 8, 445x300, frames 3
Category:	downloaded
Size (bytes):	39763
Entropy (8bit):	7.739200940948953
Encrypted:	false
SSDEEP:	768:5BYydlHQ1aBlM4zpnkAwb/+CQTku32yXKA+jYsarj4:5B5HS4VkARNwuvK7kd4
MD5:	357C45BE36FA0CE8E2CD561773C30BDA
SHA1:	1E8A908D9D14AAB718B48CF4CDD59267021ED235
SHA-256:	FCB9BA715B4E111C01919EE7CF40128753FDBCE86DE4C68773AD951A15F5D78A
SHA-512:	773B20DF99A75E7FD0B676D93B80ABFE76B2A7DE62AE460E84439E97F9B774A21AB22E531F5342F2CAF2A32B958922F3CE9E2075FCC0DACB8E5D9E1E837A92AC
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/content/dam/cc1/en/privacy/images/Privacy-Image-1-1440x340.jpg.img.jpg
Preview:	......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c128 79.159141, 2016/03/22-01:13:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:dfc28c09-91b3-4a6f-b4b7-71c30de60aff" stRef:documentID="adobe:docid:photoshop:88fe6a1c-4e88-1179-af16-f6a1d25c9bdd" stRef:originalDocumentID="xmp.did:7a7371c8-54c7-431d-9b1f-f4993a9b061f"/> </rdf:Description> </rdf:RDF> </x:xmpmeta>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Privacy-Image-2-1440x340.jpg.img[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, baseline, precision 8, 445x300, frames 3
Category:	downloaded
Size (bytes):	28243
Entropy (8bit):	7.617174108691038
Encrypted:	false
SSDEEP:	768:JBYyi06jKtH4Vb7G77cv5eg9ZNjueEEF3y:JBm0wUYVm77m96j0y
MD5:	5AC5CC8B77615A24CB4A981921EB751D
SHA1:	AEB7E76ABEE2DB25192833AC34A50D2C2A9C75B7
SHA-256:	459A34EDCD31C4D24A58F9D8C5E36F092D5AA3A62B70F8012A2DB7C2B5FDD5B0
SHA-512:	2833A7C0B4E7B957FDC2410BC8101D7E534E2C7FDEB42398B908419F21B1582F4E8F63590587331F485472AFAE82F30423B37263C5699E3D65009388717D7FD5
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/content/dam/cc1/en/privacy/images/Privacy-Image-2-1440x340.jpg.img.jpg
Preview:	......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c128 79.159141, 2016/03/22-01:13:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:715ed33e-e62b-4e66-bb93-54d394e3b830" stRef:documentID="adobe:docid:photoshop:9561acbc-4e88-1179-af16-f6a1d25c9bdd" stRef:originalDocumentID="xmp.did:abae1003-6656-4926-aeda-82e235185e72"/> </rdf:Description> </rdf:RDF> </x:xmpmeta>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\PrivacyChoices_72px_lt-gray[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	28419
Entropy (8bit):	6.117998475478093
Encrypted:	false
SSDEEP:	768:37S2WvPzXeJfwU2ihjrx8Ks+a/4TLpCknorFPBHCJ93BvxHtc6:0HzONH2ihRLM/4H8korVBiH3jZ
MD5:	775D2556523FF33568DCF0EE25C3249B
SHA1:	8575AF9EDFEB7E1A2D1B7A36DA34F13594CFD7F1
SHA-256:	241B307DFAB1F3CA3C626DF06C32F5472777A4316013981A121B951911B311FE
SHA-512:	5ED60101D06A32FDA1D8A979FFC701641577DD694987ABAE741B7B154AFDAAFBDE1A294EDB66AC14B1B8C3D82BB184B5BEE9E1F92000FF8669F8D99626645E34
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/content/dam/cc1/en/privacy/images/PrivacyChoices_72px_lt-gray.svg
Preview:	<?xml version="1.0" encoding="utf-8"?>. Generator: Adobe Illustrator 19.2.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->.<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" [..<!ENTITY ns_extend "http://ns.adobe.com/Extensibility/1.0/">..<!ENTITY ns_ai "http://ns.adobe.com/AdobeIllustrator/10.0/">..<!ENTITY ns_graphs "http://ns.adobe.com/Graphs/1.0/">..<!ENTITY ns_vars "http://ns.adobe.com/Variables/1.0/">..<!ENTITY ns_imrep "http://ns.adobe.com/ImageReplacement/1.0/">..<!ENTITY ns_sfw "http://ns.adobe.com/SaveForWeb/1.0/">..<!ENTITY ns_custom "http://ns.adobe.com/GenericCustomNamespace/1.0/">..<!ENTITY ns_adobe_xpath "http://ns.adobe.com/XPath/1.0/">.]>.<svg version="1.1" id="adobeNews_x5F_72_x5F_lt-ou" xmlns:x="&ns_extend;" xmlns:i="&ns_ai;" xmlns:graph="&ns_graphs;".. xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" width="72px" height="72px".. viewBox="-359 271 72 72" style="enab

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\RC1a83c357d323419db9d2ba211efeeaae-file.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	1156
Entropy (8bit):	5.0872434158771185
Encrypted:	false
SSDEEP:	24:154A+E6K7eVgvf2I+LPPJ9ZLvaMLArqY4DPuDkpuH4R9pQFE7xJth:15jv7+iOI+zPJ9ZL11sYR8oh
MD5:	4FD96EF50EBA8F6ADF63C504D34AABA0
SHA1:	3162D9F5770E4F6FDCC34D135FE11C138A538CD2
SHA-256:	D25E0E953F1AE119A2192AF62DE7CFCDA238B421A7D25712656E2DA1A1B067B7
SHA-512:	6AD7F6F5E38FB6BDFE53049B3D59AF13DE68B53D98D4120CC22CE6E939F61F981813C583865862C670A506FA416AC0BA017A821641C6C42FDAF61BB546991942
Malicious:	false
Reputation:	low
IE Cache URL:	https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC1a83c357d323419db9d2ba211efeeaae-file.min.js
Preview:	// For license information, see `https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC1a83c357d323419db9d2ba211efeeaae-file.js`..var w=window,l=w.location,h=l.hostname,path=l.pathname,dataElementName="digitalData.organization.dnb";if("www.adobe-students.com"==h\|\|"www.substance3d.com"==h\|\|"labs.adobe.com"==h\|\|"magazine.substance3d.com"==h\|\|-1<h.indexOf("photoshop.com")\|\|"stockenterprise.adobe.com"==h\|\|"pages.adobe.com"==h\|\|"experience-makers-international.adobe.com"==h\|\|"trainingpartners.adobe.com"==h\|\|-1<h.indexOf(".adobeevents.com")\|\|"colour.adobe.com"==h\|\|"adobehiddentreasures.com"==h\|\|"www.adobeexperienceawards.com"==h\|\|-1<h.indexOf("acrobat.adobe.com")\|\|-1!==h.indexOf("esign.adobe.com")\|\|-1!==path.indexOf("/experience-cloud")\|\|-1!==path.indexOf("/events/")\|\|-1!==h.indexOf("magento.com")\|\|-1!==h.indexOf("marketo.com")\|\|"futureisyours.adobe.com"==h\|\|"api.spark.adobe.com"==h){var dnbScript=document.createElement("script");dnbScript.src="https://ade0164.d41.co/sync/",dn

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\RC5e5d1b9fe0a942c38190dc2199529941-file.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	C source, ASCII text, with very long lines
Category:	downloaded
Size (bytes):	1568
Entropy (8bit):	5.274337592144339
Encrypted:	false
SSDEEP:	48:15ssregiQhdsitymtCZv4j+YuteKhXSXNjTjOofbOK5b/q:1qsrPld3tymtCpLYuteMXSXNjTjhT5q
MD5:	9B08BD5EB86A340C2B1D5E2DC19736CF
SHA1:	D8AF30B749C344DEE6500BB62188DDB36E474163
SHA-256:	A6C8F61D702CD16AF1F2D6C13151EABA8E4CF3C0FE8C55E31265432D3D2AD901
SHA-512:	BE95BCCDBE019B24ED82A170E400F4CE7731C6692D9FF67EA82839DD25D8D63220ABFB76481923B77149F463708E9E9D865AE37E9C17B121D992138923D871AC
Malicious:	false
Reputation:	low
IE Cache URL:	https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC5e5d1b9fe0a942c38190dc2199529941-file.min.js
Preview:	// For license information, see `https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC5e5d1b9fe0a942c38190dc2199529941-file.js`..!function(){var e,t,n,o,u=window,s="adobePrivacy:Privacy",a="OptanonChoice",i=new Date,r={domain:_satellite._getDomain(),path:"/",samesite:"Lax",expires:(i.setFullYear(i.getFullYear()+1),i)};t=function(){o\|\|(o=!0,n=function(){var e,t,n,o,s,a,i,r={},d=u.OneTrust.GetDomainData().Groups;for(o=0,s=d.length;o<s;o++)if((e=d[o])&&(t=e.Hosts))for(a=0,i=t.length;a<i;a++)(n=t[a])&&(r[n.HostName]={groupId:e.CustomGroupId,hostId:n.HostId,displayName:n.displayName});_satellite.oneTrustList=r,_satellite.oneTrustIsHostEnabled=function(e){var t,n=window.OnetrustActiveGroups;return!(!(t=r[e])\|\|-1===n.indexOf(","+t.hostId+","))},_satellite.groupEnabled=function(e){var t=window.OnetrustActiveGroups;return!(!t\|\|-1===t.indexOf(e))},_satellite.track("initTrackConsent")},_satellite._poll(n,[function(){return u.OneTrust}],{timeout:1e4,interval:100}))},e=function(e){u

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\RC89c6d3bd15f043db95a5a0a4b5cc9da0-file.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	821
Entropy (8bit):	5.160318265734608
Encrypted:	false
SSDEEP:	12:jvgeASPRQXfcSfUuW5y6Z8KEp8MnbtL8re4yifdfddfdfdALCI/LZSqlhUeAda4F:15icSMueyrpjBKe4llldllALxTb0aVM/
MD5:	C13C8DBD2A7A9043A24FF8795C92F885
SHA1:	919C2C355C58CDB4AB6E30057F93F25AD2B80AA9
SHA-256:	2B7D3BC066AFC1BF550F6EA4FE9CC31934B55C18592BB7B54FB3D746D305C287
SHA-512:	DAF116DAFE8706FFDAD346F84C8CD9D9FEABEC5C3337037958E670A479C195BFF06684F8819BA1DB2BAC8F7FF8A0759457EE3465B7504122821FEC3C816F319F
Malicious:	false
Reputation:	low
IE Cache URL:	https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC89c6d3bd15f043db95a5a0a4b5cc9da0-file.min.js
Preview:	// For license information, see `https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f675e54cc6b6/RC89c6d3bd15f043db95a5a0a4b5cc9da0-file.js`..!function(){function u(e){var a=1e13*(Math.random()+""),n=document.createElement("iframe");n.style.display="none",n.style.width="1",n.style.height="1",n.src=e+a+"?",document.body.appendChild(n)}var d=window;window.marketingTagInfo=[],_satellite.windowProperty=function(e,a,n){var r=d.location,t=r.hostname,c=r.pathname,s=unescape(unescape(unescape(r.href))),i=unescape(unescape(unescape(document.referrer))),o="";switch(e){case"host":o=t;break;case"path":o=c;break;case"href":o=s;break;case"referrer":o=i;break;case"dClick":u(a);break;case"substr":o=function(e,a){return-1!==e.indexOf(a)}(a,n);break;case"addPixel":marketingTagInfo.push(a);break;default:return!1}return o}}();

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\base-fonts.gz[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	72
Entropy (8bit):	4.675124266644529
Encrypted:	false
SSDEEP:	3:yLRmcpZBLvG/tLAfimqW7RmMe:yL/pZtvG1AiMRmMe
MD5:	1C75FB60A6530DC7F95725DED413DC13
SHA1:	A6F43A1C5E1039C212879090EFA6411008528FAD
SHA-256:	E99BEC104ED648FAB6ECA0D41AB2B793A05E6A3305B24483C681C5BD5CF5C325
SHA-512:	6C606EEE1E84DAD4064F4F579FE7AA95C028167474BE75A9486996E368E3717FD5252D98652F98E0128324F92957C241B44B79B6502925EF8B8F2B9F4A3A7500
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/base-fonts.gz.js
Preview:	document.write('<script src="//use.typekit.net/onz5gap.js"><\/script>');

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\big-yellow-exclamation-point[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 110 x 102, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2410
Entropy (8bit):	7.569854461422992
Encrypted:	false
SSDEEP:	48:ukNNn2ktJ3PRre/eOxtZlfqY+rj1zXnUgO/GaCq7f:lf2OeeqlfF+ndXRO+Tqb
MD5:	0C48944C6F37B353D14892E8EB9862DE
SHA1:	8FED687740AED3F235F634A67203C61EB7F5FCAE
SHA-256:	8473E148A6C6B2199C07BD7DC0CEB54A5D943D0FEE634D56620763A42346813B
SHA-512:	BD455D36AE29735C9D737D11CDEC81A761A63203CB08B37C161D3ACAE61A542BB238C58137123224B469EE9BF7A4005E125B15DBA966A23AFCBA7BCB5737D628
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/images/landing/big-yellow-exclamation-point.png
Preview:	.PNG........IHDR...n...f.....*.......tEXtSoftware.Adobe ImageReadyq.e<...(iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c111 79.158325, 2015/09/10-01:10:20 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2015 (Macintosh)" xmpMM:InstanceID="xmp.iid:07CAF5790F2F11E6B83680AF73847A41" xmpMM:DocumentID="xmp.did:07CAF57A0F2F11E6B83680AF73847A41"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:07CAF5770F2F11E6B83680AF73847A41" stRef:documentID="xmp.did:07CAF5780F2F11E6B83680AF73847A41"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>F.Ep....IDATx..[l.E..- .....RA.F....(.......x..T.[@...Qh....../..}..._.._4!.Q../.....h..~.....=..3.3../....9=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\chrome[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	192215
Entropy (8bit):	5.180324040916147
Encrypted:	false
SSDEEP:	3072:M0k0Ywhc7llWGQsRbiK7mPP67llWGQsRbiK7mPPz20VMqjwhF0MtkzWG82:M0k0Ywhc7lxQWbiK7mPP67lxQWbiK7mh
MD5:	DFDD3AA8B6F029403DC5DBB97F696EC6
SHA1:	05FF3F6C5F0B65C3C091E3B4D3CF69139CB46CAF
SHA-256:	AB889D6962A84FF0A8812667F14F1073E30D63E8023C96671E1A1BB17CDEF50B
SHA-512:	6100BA9798866FEB3D5C1A738E309EC99EB8B76139E581DA6AC3DA4F8E4D3EC4DB0A8835DB3513DF064EF65169F74EB40169432170955BE05DB8D4D64B8459F3
Malicious:	false
Reputation:	low
IE Cache URL:	https://s3.amazonaws.com/adobe-luca-prod-ue1-assets/experiments/chrome/chrome.js
Preview:	(function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i]){var c="function"==typeof require&&require;if(!f&&c)return c(i,!0);if(u)return u(i,!0);var a=new Error("Cannot find module '"+i+"'");throw a.code="MODULE_NOT_FOUND",a}var p=n[i]={exports:{}};e[i][0].call(p.exports,function(r){var n=e[i][1][r];return o(n\|\|r)},p,p.exports,r,e,n,t)}return n[i].exports}for(var u="function"==typeof require&&require,i=0;i<t.length;i++)o(t[i]);return o}return r})()({1:[function(require,module,exports){.var templates = require( '../../dist/chrome/templates' );.var Mustache = require( 'mustache' );..var topBar = function( trackingId, buttonText, linkToWelcome ) {. $( document.body ).on( 'luca-publication-viewer-ready', function(){.. var initialShowTime = 3000;. var backtrackDistance = 100;. var showClassName = 'show';. var aboveTheFoldClassName = 'above-the-fold';.. var $injectHTML = null;. var animator = $( '.article' ).data( 'animator' );. var

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\crisp-fonts.gz[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	139
Entropy (8bit):	4.811599389940217
Encrypted:	false
SSDEEP:	3:yLRmcpZBLvG/tLAJ2qW7RmMjuRmcszgcukrQLJkgfw0zRjf:yL/pZtvG1M2JRmMju/0gcu/LugfwmRr
MD5:	361FE227C22294543FE0FD29B8D28C0A
SHA1:	1D32C0DC6F27CA2A6C67E5C79DFC08DD39511B03
SHA-256:	17D7DDB7C7C94BA00A4F60835AC14512B6574E5D6B81E99542D44BDA414AACD0
SHA-512:	85C7DA240B8283EF24F91AFCB472AF9E9E2E91A5B6F4E7370E774A50F1BAA0F6DF47E7173854B6593FB4EC8673BF682B7122C3877902AE414F0FDD0334C937B0
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/themes/crisp-fonts.gz.js
Preview:	document.write('<script src="//use.typekit.net/rbi5aua.js"><\/script>'),document.write("<script>try{Typekit.load();}catch(e){}<\/script>");

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\d[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 66740, version 0.0
Category:	downloaded
Size (bytes):	66740
Entropy (8bit):	7.99411972026963
Encrypted:	true
SSDEEP:	1536:J4lzR3d/ZD6MCYkk+e5Hj9EgKWB/uS7wcA+vVWB:ql9NZ/CYFjjKgKU/uLzh
MD5:	02BDAC466185E4E1161BBFAB2C066327
SHA1:	5C0C5E8BDB41694C8AD5605D5C1FFF7EB0702EBA
SHA-256:	AC44BE8F65384DEF37D9091D668E54A4B79AB6A3156C5D8CFBD3268BEC558971
SHA-512:	01C761222E6DB3A3F81DAD88191BAA8A020536C4F8EF8692796B94C68AB1FDD4EF672D8DB24336E12BA32F0F96079E9D388EFD93433E9FF62BB8976596F65CD9
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/cb695f/000000000000000000017701/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Preview:	wOFFOTTO....................................BASE...X...F...Fe$].CFF ...H...a.....w..DYNA............$G9GDYN......-...a./..GPOS......#...T<"9.`GSUB.............0.OS/2.......Y...`\Wv.cmap...`...S.....lgasp................head.......4...6..%uhhea.......!...$....hmtx...h.......x7wW.maxp...@.........^P.name................post...L....... ...2..............ideoromn..DFLT..cyrl..grek..latn...................\..............x.c`d```5.z...1...+.3........p..?.?/K... ....$...A.!x.RKn.0..9N...Qt.5.v..R 8.Wv..Y%...%..........0...]t.S...@G...M..!q.{3C.Q....<t.o.=.a...^a...>...>9....a.........J.....O.=..b.{.x{......p.......~8\|......$.....:..U.h.84F...e].ul.J.I...f..F.u......2.q1..,.#...xr5..m..N]......N..,D..].P..ii.e...Trx6.....6I(#...z..S]..9Tz.1rY.f....'..U.G..P..D..P".&^....8.,x].....7.....e..sl.F.Jc#.Y..s...Th............aL.....E...t..(;..U...;....,......^H...LJ..g.x.A^[....X.._.g6.kb..}G..%.n.e......}.X....]?g^;~C.^4..t...<...x.c`f\|.8.......).....B3.1.1.E.Y..XX..X.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\d[2] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 66508, version 0.0
Category:	downloaded
Size (bytes):	66508
Entropy (8bit):	7.994636853689064
Encrypted:	true
SSDEEP:	1536:4p7762bluKjsVQJU/x14nXWjvxpGeDKTeEPiBlnQcA+yWB:q362bluKjqQWr4nG7xpP2PiEz0
MD5:	49B061D6468547558176037211AA630C
SHA1:	B02FD5987ED77AF837699BB13C7E838018943423
SHA-256:	F89C62C68380B4BB548E4E24E284348FE9E98730F54F7E0C8942F6AA3BE9DA37
SHA-512:	406D0D0BF1A669E16B9CA101B2DA10C222BBB780DF7B2CB235E2C9F765351846F2A94044C55B0080B875E951FC87462A76B29BE8CD4605EB4D462D321347A490
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/eaf09c/000000000000000000017703/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Preview:	wOFFOTTO....................................BASE...X...F...Fe!].CFF ...L.......dX.\\DYNA.............GG9GDYN.......1...a....GPOS...P..#...THAH.5GSUB.............0.OS/2.......Y...`].y.cmap...x...S.....lgasp................head.......5...6..%ghhea... ...!...$....hmtx...........xg.P.maxp...D.........^P.name............E..post...d....... ...2..............ideoromn..DFLT..cyrl..grek..latn...................Y..............x.c`d```5._.._<..W.f..@....^0....~.).......@.....N...x...n.@.....!.V,.@.cGV.FB$m..j.H..6N<i..`O#...@..X.$<......#g........x....^}.-.x.S..t1.\|......,=.b...............S.J\|...e..s.O......;.]j>z>D.\|.\|.W...1...R.b.....}muQ..ra...R.3)Fy......T..1...s..c.g...d8..O....'M......FW...-...X..+c...H....t..].\|=.e"..R........o.fm.......:T.^Q..z...c(.S..........a..w.KN{.l...M]..tu9...k.b.L.N...v...Y..R.[0....1...C*/..8.^...GM..r....jvfx..<.o..t.P.....=Kv-.kr..n.....5.%.9].>q......f:.3<C.e9.-5.:Yz4O....:e....+b.}.oS..1x.c`f.........).....B3.1.1..E.9..XX

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\d[3] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 66304, version 0.0
Category:	downloaded
Size (bytes):	66304
Entropy (8bit):	7.993959805787878
Encrypted:	true
SSDEEP:	1536:VeO6ShUivo8vaO8pnTzDOTXL/kxtcA+uDWB:p6DJWaO4iT7/4tzk
MD5:	9E6E819AE9D8993A2B10353EFF16497D
SHA1:	1410161D0CA8CA3966897CAB50E45A14B721C056
SHA-256:	81B4B3BC1EFD4F08F212308D9727BC21A40E38B5464B6B25EBDE1B2E24D13F05
SHA-512:	D9D88E8987EE2F45BFA0B211AAA7DFEB9C39718E9A037FAE625AF4E6806E04D4C8316B58363EEA93E9BA6C23B6F514925D4841C95CDFB103693688D5EFC71DAB
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/40207f/0000000000000000000176ff/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Preview:	wOFFOTTO...........D........................BASE...X...F...Fe(].CFF ...T........6...DYNA...P.........gG9GDYN...T.../...a... GPOS.....#...T.;..GSUB...0.........0.OS/2.......Y...`[.t.cmap.......S.....lgasp................head.......4...6..%`hhea...(...!...$....hmtx...........x..].maxp...L.........^P.name.............8I.post........... ...2..............ideoromn..DFLT..cyrl..grek..latn...................`..............x.c`d```5.{..9...+.3........P..?.?....1 ....$.._..!x..An.@....I..jo0.>...!..$H........`a{.=Ab.u.]...B..E..T..<...Y....3.{o....._.....k....x......c.Mj.......f~..B......9...s..A.V......g.Mj.{>F...\|..0.[.5>=.P..1X....}iuV..\|n..)b..R..TL...b.K].X.R...M..!..H...?....N...N...p..x..21...wS.J.T.m...;.Jv..Y....e..B.....kk....o.&.rn....z~u...%. .Bq\..X.`.M.b.....)p...Y-........r.L.`.5+..i>5.;.<..C3%'...U...X......D..{.!F.~...8=..c.~y.{w.s..{..U........._....~.j......)Sg.....R^:.u[v..m.....j.eJ.w.u.T.....Oy.s-..m.x..x.c`f......................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\d[4] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 67148, version 0.0
Category:	downloaded
Size (bytes):	67148
Entropy (8bit):	7.993959168595968
Encrypted:	true
SSDEEP:	1536:nxeF+rR7LkiELPhmOHVSAJTtSrsJBD7JVstEBSQm+aScA+tWB:wEkJzh7S2xysvPst2SQSSzR
MD5:	227960928668E1D655DBAAAE5FE23C11
SHA1:	128EF93AB71A18BA1DB0855C165D050ED8702037
SHA-256:	DFD5B4454E0BEF1EBBE0940DFA3BFB117BEE9E3DF150FA55BE633114816E7179
SHA-512:	BDB17CBB62E2C6B4AF737C7201214A563C27CDC38E1924B2C6EB351950F81A06A10E2DFDD783C82AB108D9758D77DA0A45BA82B08C210F4D8977A33AA6364B3B
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/4b3e87/000000000000000000017706/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Preview:	wOFFOTTO...L................................BASE...X...F...Fe.].CFF ...T...G...CP...DYNA............G9GDYN......1...e. .GPOS......#...S4...0GSUB...x.........0.OS/2.......Y...`^B{.cmap.......S.....lgasp................head.......4...6..%phhea...(...!...$....hmtx...........x.nD.maxp...L.........^P.name...............]post........... ...2..............ideoromn..DFLT..cyrl..grek..latn...................U..............x.c`d```5.2)1O........(.p>9..F.W.....5........;...x...n.0....'E..}..{hZ..8...@29.....~hH....;t.#.......y..@.(.5.!.!....RW.............[x...G....65[.......z~..A.?X...rU......s....#......<{>F...\|..2.;X..<.P..1Z....}eu^..bi.)c.WR..L...Vb.+]..l.W...1..e:...,.#.....z<.:.S.:.....E..........P*...c....T..6..T.. .d..HF.....X...v.~......G........9. .Bq\.FX.`.M.c....s..e....h.3v.....8.fH....4gM..+...X..R....Y..KD....D.......?..=N.<..._.........y......C...U....[.....~.lN.~.....W..{.\^;..?.._..a...T...t.....K.Y....}...2..x.c`f.`na`e``.b.```...q.F..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\en[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	236125
Entropy (8bit):	5.241839181610481
Encrypted:	false
SSDEEP:	1536:O9BCW6xUvmbH4bWdCQx23kISzbZYVlH3ShC2ZmwQZMLrgizZrZixqwTUQxcsVFoQ:UBCZCaHDzbSmKwQZ2k4kTRCTHSE1Q7B
MD5:	64260D8365E59085E6E91E554487EB6D
SHA1:	83272011769DF702916D6DA5875591138F616BDF
SHA-256:	194D4EA20F2C9834477F36A1A9C307F86C1E833C79420637C3CC42A17CAF1870
SHA-512:	307714B2FF3785F3E5C77C57CE55E55216EA32B7A366436A04D2D8B5F2B151E70E4242989311D170FA95757BF70130E56E42427A9F508557473ACE999BED826D
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn.cookielaw.org/consent/7a5eb705-95ed-4cc4-a11d-0cc5760e93db/394a4f88-7fe0-49f1-924d-a901a0001be9/en.json
Preview:	{"DomainData":{"pclifeSpanYr":"Year","pclifeSpanYrs":"Years","pclifeSpanSecs":"A few seconds","pclifeSpanWk":"Week","pclifeSpanWks":"Weeks","pccloseButtonType":"Icon","pccontinueWithoutAcceptText":"Continue without Accepting","cctId":"7a5eb705-95ed-4cc4-a11d-0cc5760e93db","MainText":"Cookie Settings","MainInfoText":"<div class=\"pc-logo-button\" id=\"ot-pc-logo-button\" tabindex=\"-1\">\n <button aria-label=\"Don.t enable\" class=\"disable-all-btn\" tabindex=\"0\">\n Don.t enable\n </button>\n <button aria-label=\"Enable all\" class=\"enable-all-btn\" id=\"accept-recommended-btn-handler\" tabindex=\"0\">\n Enable all\n </button>\n <button aria-label=\"Confirm my choices\" class=\"save-and-close pc-save-and-close save-preference-btn-handler onetrust-close-btn-handler\" tabindex=\"0\">\n Confirm my choices\n </button>\n</div>\n<div class=\"ot-general\">\n <div class=\"ot-general-width\">\n <h3>\n General information\n </h3>\n <ul aria-label=\"General Information\">\n <li id

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\feds[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	108032
Entropy (8bit):	5.224966379715799
Encrypted:	false
SSDEEP:	1536:jiszfzkZfJe8eHg1L2+x2iSceSIfk75YRpYh1XcxfzTzkOFrCl+zasafXojdjmVL:jiSkZfJbeHg5qY1
MD5:	E7E2DC35DB8916900BDE4A2A918F1FD1
SHA1:	472949867E9000471028081074719C86EB717BD6
SHA-256:	1D7CDB16ABC3C43BA11C2A69921F3386CA88A63406782772335ED5C8845DEAD6
SHA-512:	378EBBE3F4D6DCB4EC3EE8946B25786D948031083A23B985EF7D630A7673D90E0C4A670BA69BE23400F699CD16E58494FB2481D5B619444A6453252FD991C791
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/etc.clientlibs/globalnav/clientlibs/base/feds.js
Preview:	window.__fedsSegmentation = '100';./! feds v0.48.0 built on Wed, 14 Apr 2021 14:46:31 GMT /.!function(e){var t={};function n(r){if(t[r])return t[r].exports;var i=t[r]={i:r,l:!1,exports:{}};return e[r].call(i.exports,i,i.exports,n),i.l=!0,i.exports}n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{configurable:!1,enumerable:!0,get:r})},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=167)}([,,,,function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});var r="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e};t.default=function(e){return"object"===(void 0===e?"undefined":r(e))&&!Array.isArray(e)&&null!==e}},function(e,t,n){"use strict";Object.defineProperty(t,

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\free-v4-shims.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	26701
Entropy (8bit):	4.829823522211244
Encrypted:	false
SSDEEP:	192:dP6hT1bIl4w0QUmQ10PwKLaAu5CwWavpHo4O6wgLPbJVR8XD7mycP:0hal4w0QK+PwK05eavpmgPPeXD7mycP
MD5:	8A99CE81EC2F89FBCA03F2C8CF1A3679
SHA1:	58F9EF32D12A5DA52CBAB7BD518BCC998FC59EF9
SHA-256:	362DAEAF1F7E05FEE9A609E549F148AACBE518C166FBD96EAD69057E295742AF
SHA-512:	930F28449365FAED13718BB8F332625DB110ABB08C3778DC632FDF00A0187A61A086B5EB4765FFC1923B64E2584C02592A213914B024DE6890FF3DBFC3A12FE5
Malicious:	false
Reputation:	low
IE Cache URL:	https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=585b051251
Preview:	/!. Font Awesome Free 5.15.3 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */.fa.fa-glass:before{content:"\f000"}.fa.fa-meetup{font-family:"Font Awesome 5 Brands";font-weight:400}.fa.fa-star-o{font-family:"Font Awesome 5 Free";font-weight:400}.fa.fa-star-o:before{content:"\f005"}.fa.fa-close:before,.fa.fa-remove:before{content:"\f00d"}.fa.fa-gear:before{content:"\f013"}.fa.fa-trash-o{font-family:"Font Awesome 5 Free";font-weight:400}.fa.fa-trash-o:before{content:"\f2ed"}.fa.fa-file-o{font-family:"Font Awesome 5 Free";font-weight:400}.fa.fa-file-o:before{content:"\f15b"}.fa.fa-clock-o{font-family:"Font Awesome 5 Free";font-weight:400}.fa.fa-clock-o:before{content:"\f017"}.fa.fa-arrow-circle-o-down{font-family:"Font Awesome 5 Free";font-weight:400}.fa.fa-arrow-circle-o-down:before{content:"\f358"}.fa.fa-arrow-circle-o-up{font-family:"Font Awesome 5 Free";font-weight:400}.fa.fa-arro

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\free.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	60351
Entropy (8bit):	4.728641238865369
Encrypted:	false
SSDEEP:	768:0Uh31IPiyXNq4YxBowbgJlkwF//zMQyYJYX9Bft6VSz8:0U0PxXE4YXJgndFTfy9lt5Q
MD5:	390B4210E10C744C3C597500BCF0B31A
SHA1:	2600C7C2F25D7DBCBC668231601E426010DC6489
SHA-256:	C2819CA1F7AD1AF7BA53C4EDFDFD395C547BCB16D29892A234D7860C689ED929
SHA-512:	E8A7E466BE8CC092E12994B51A6A8A39E2FBB66DD48221BCF499BB89365B4004D73C1909F8FE0BBBBF13907D5901D76FFE127D92FDD7493853646F83F5985CBE
Malicious:	false
Reputation:	low
IE Cache URL:	https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=585b051251
Preview:	/!. Font Awesome Free 5.15.3 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */.fa,.fab,.fad,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:.08em solid #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pul

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\gmail[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	66743
Entropy (8bit):	7.712342056984168
Encrypted:	false
SSDEEP:	1536:FxqKcVqezl0vLoYxEuKoYk5LHjGkT3b1mQOEj0+R+EH:FsK2qezl0zoYxEuKo7CYrOb+Rb
MD5:	DCE2F2B0E50CB1DBB0246D152791CB46
SHA1:	D0A69C159304EDC08DB005163E7A0DAF5A1E98A6
SHA-256:	ACF087C1757F08B0CFD53D59066544D7EF0BFCC50999E77C5813739CD9DC1479
SHA-512:	91054B36EF1673B24E4FE3DC324CBE339F4E9EB72785A6A4C355C7B2A11A9A7C6E188FF9BF5B34FFDD2805D4BBED71EF6CA4975EE3E330FD8D8E383ED64B28EE
Malicious:	false
Reputation:	low
IE Cache URL:	https://honeywell-products.com/John/McGarvey/images/gmail.png
Preview:	.PNG........IHDR.....................sBIT....\|.d.....pHYs............/....tEXtSoftware.www.inkscape.org..<... .IDATx...{x.u.....I.sS..9Q(..J.L&.$..V\|........#.."...Zw.eEQv.Q..U.A]9Vh..I8...H2)`....i.....).....f.y....L.pu...{n..........................................................................................................................................................................................................................................................................................................................................................................................................@Is..... mj=...X<65....U.l.b.t.U...mR...e..P.i.$.i2U..@N1.f...i.s...cf.../....2ev.`..%.\|.o...s..j..l.B....V&..s;b..Pfg......!...:..5....$.@...I0.=.lY.......a...B.4g... T.9Wif..R..o.R.t'.0...?G.9i...L...*..&..s.Vgnkhn...;p[.0.5.........$......P......^".HL.M...@.p..;04....9.&.(i....9.sK..=&.'$m........f..1..'...f2.Uww......PH....@..xq....k.2..l.Luf..s5..`.\|

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\jquery-3.1.1.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	86709
Entropy (8bit):	5.367391365596119
Encrypted:	false
SSDEEP:	1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5
MD5:	E071ABDA8FE61194711CFC2AB99FE104
SHA1:	F647A6D37DC4CA055CED3CF64BBC1F490070ACBA
SHA-256:	85556761A8800D14CED8FCD41A6B8B26BF012D44A318866C0D81A62092EFD9BF
SHA-512:	53A2B560B20551672FBB0E6E72632D4FD1C7E2DD2ECF7337EBAAAB179CB8BE7C87E9D803CE7765706BC7FCBCF993C34587CD1237DE5A279AEA19911D69067B65
Malicious:	false
Reputation:	low
IE Cache URL:	https://code.jquery.com/jquery-3.1.1.min.js
Preview:	/! jQuery v3.1.1 \| (c) jQuery Foundation \| jquery.org/license /.!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b\|\|d;var c=b.createElement("script");c.text=a,b.head.appendChild(c).parentNode.removeChild(c)}var q="3.1.1",r=function(a,b){return new r.fn.init(a,b)},s=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,t=/^-ms-/,u=/-([a-z])/g,v=function(a,b){return b.toUpperCase()};r.fn=r.prototype={jquery:q,constructor:r,length:0,toArray:function(){return f.call(this)},get:function(a){return null==a?f.call(this):a<0?this[a+this.length]:this[a]},pushStack:function(a){var b=r.merge(this.con

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\jquery-3.2.1.slim.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	69597
Entropy (8bit):	5.369216080582935
Encrypted:	false
SSDEEP:	1536:qNhEyjjTikEJO4edXXe9J578go6MWX2xkjVe4c4j2ll2Ac7pK3F71QDU8CuT:Exc2yjq4j2uYnQDU8CuT
MD5:	5F48FC77CAC90C4778FA24EC9C57F37D
SHA1:	9E89D1515BC4C371B86F4CB1002FD8E377C1829F
SHA-256:	9365920887B11B33A3DC4BA28A0F93951F200341263E3B9CEFD384798E4BE398
SHA-512:	CAB8C4AFA1D8E3A8B7856EE29AE92566D44CEEAD70C8D533F2C98A976D77D0E1D314719B5C6A473789D8C6B21EBB4B89A6B0EC2E1C9C618FB1437EBC77D3A269
Malicious:	false
Reputation:	low
IE Cache URL:	https://code.jquery.com/jquery-3.2.1.slim.min.js
Preview:	/! jQuery v3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_evalUrl,-event/ajax,-effects,-effects/Tween,-effects/animatedSelector \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b\|\|d;var c=b.createElement("script");c.text=a,b.head.appendChild(c).parentNode.removeChild(c)}var q="3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_e

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\location[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	182
Entropy (8bit):	4.685293041881485
Encrypted:	false
SSDEEP:	3:LUfGC48HlHJ2R4OE9HQnpK9fQ8I5CMnRMRU8x4RiiP22/90+apWyRHfHO:nCf4R5ElWpKWjvRMmhLP2saVO
MD5:	C4F67A4EFC37372559CD375AA74454A3
SHA1:	2B7303240D7CBEF2B7B9F3D22D306CC04CBFBE56
SHA-256:	C72856B40493B0C4A9FC25F80A10DFBF268B23B30A07D18AF4783017F54165DE
SHA-512:	1EE4D2C1ED8044128DCDCDB97DC8680886AD0EC06C856F2449B67A6B0B9D7DE0A5EA2BBA54EB405AB129DD0247E605B68DC11CEB6A074E6CF088A73948AF2481
Malicious:	false
Reputation:	low
Preview:	jsonFeed({"country":"CH","state":"ZH","stateName":"Zurich","zipcode":"8152","timezone":"Europe/Zurich","latitude":"47.43000","longitude":"8.57180","city":"Zurich","continent":"EU"});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\login[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	downloaded
Size (bytes):	39223
Entropy (8bit):	5.392987812355229
Encrypted:	false
SSDEEP:	768:2l1lHt/JNVFGJIeNI9ReC0bG5woJhEZ9vjgDMiB+2ahy2DeLSpcFrah:cFe0erbGYZ9vjkM2ahy2D6prah
MD5:	B18C8C1CDD626CB61E1327362B926FD3
SHA1:	53E3613727EF7428E5475AB722557C06AD32E03C
SHA-256:	892E4C1A5DB6D61FCE5B15777A3548E0813841671FB7203DF26B4BF916C44901
SHA-512:	0D6F79690137C9AAD3023F10BA86ECB7D61F7C4B7E6C23E45B10F3761EB30F1C37577E401A03894B309B3186BFBA9B589F3663FCFDEBB51B1C7C151D98BAF0EE
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/sp/login?r=reader_page_topbar_createyourown
Preview:	<!DOCTYPE html>.<html lang="en-US">.<head>. <script nomodule>document.location.href = '/unsupported';</script>. <title>Make Images, Videos and Web Stories for Free in Minutes \| Adobe Spark</title>. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />. <meta name="viewport" content="width=device-width,shrink-to-fit=no,user-scalable=no,initial-scale = 1.0,maximum-scale = 1.0">.<script type="text/javascript">.;window.NREUM\|\|(NREUM={});NREUM.init={privacy:{cookies_enabled:true}};.window.NREUM\|\|(NREUM={}),__nr_require=function(t,e,n){function r(n){if(!e[n]){var i=e[n]={exports:{}};t[n][0].call(i.exports,function(e){var i=t[n][1][e];return r(i\|\|e)},i,i.exports)}return e[n].exports}if("function"==typeof __nr_require)return __nr_require;for(var i=0;i<n.length;i++)r(n[i]);return r}({1:[function(t,e,n){function r(t){try{c.console&&console.log(t)}catch(e){}}var i,o=t("ee"),a=t(22),c={};try{i=localStorage.getItem("__nr_flags").split(","),console&&"function"==typeof con

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\logo[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	12027
Entropy (8bit):	5.306257504930061
Encrypted:	false
SSDEEP:	192:3/yl7axS7Kiyd1iyJaSSliyr4jPX/XvrsSXi3TXDrX+QJXyXgqXUXiLX4TXpXqXs:3/yl7axS7Dyc8aSSsFvjsvTzruciQqkb
MD5:	277B41639D161E2A43972E37097374F0
SHA1:	0EF6997B5B5A2AF23BDAA77D04D5CFF8577F1371
SHA-256:	AE2179742FEAC6E22E7E9120F044F776EB87762C586CA3BB30EC71B5BBF557C0
SHA-512:	A31DF00112E4F08E9C06A03F028F9661508728A2B5D047ABE6839188F071DBC6C335864B33E4A6EC4B60EC4CC5B0369CD520C311741BCF8702675BD3F70D4F4B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/create/logo?r=reader_page_learnmore
Preview:	<!DOCTYPE html><html>..<head>. <title>Free Logo Maker: Create Custom Logos Online in Minutes \| Adobe Spark</title>. <meta name="x-source-hash" content="FK3p/Iehi0Pwt+8C">. <link rel="canonical" href="https://www.adobe.com/express/create/logo">. <meta name="description" content="Adobe Spark.s free online logo maker helps you easily create your own custom logo for your brand in minutes. All creative skill levels welcome.">. . <meta property="og:title" content="Free Logo Maker: Create Custom Logos Online in Minutes \| Adobe Spark">. <meta property="og:description" content="Adobe Spark.s free online logo maker helps you easily create your own custom logo for your brand in minutes. All creative skill levels welcome.">. <meta property="og:url" content="https://www.adobe.com/express/create/logo">. <meta property="og:image" content="https://www.adobe.com/express/create/media_14abffd21a7d6097f1e2ae3f31e97c67849e1d60a.png?width=1200&format=pjpg&optimize=medium">. <meta prope

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\media_12438f0ed5e015acd4f31b04e2a0bfd095e616ecd[1].jpeg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	11994
Entropy (8bit):	7.944011736504239
Encrypted:	false
SSDEEP:	192:SI8xno2dayzZxtFj7tRY8Cr9HEz8F+8nEJ2H3lrcTxJzIr75fSEXe9mN:8xoMZxDXtC8C9kz8FxnX3lr1Bu0
MD5:	7A9C201C09A4DFD3344ED1A558BC9838
SHA1:	EFA2D3D98EE80B2B89A2FC87CD5364BC2934C7DD
SHA-256:	03EACA689BDB3B97F0C64ECA889CC949E5E35FBE229759E77C61EEC59ECD0002
SHA-512:	9063413B8E0370EF8C3E857BE4BFAF3629A99167E10CC6C0FAE454CFDCB0C516A15AD3E9949CB9BBE62FD650828ABE44DE32E8CDD657E3804DC505F832BE901C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/create/media_12438f0ed5e015acd4f31b04e2a0bfd095e616ecd.jpeg?width=2000&format=webply&optimize=medium
Preview:	RIFF....WEBPVP8 ....p....8.8.>u:.J$."...H....in._..h.../E..N6.>...I...S..k..?../...{..?......e...^.?../.F....[.2.2.....\|.~...?.{....4z.............7.........{}.B....IK.............IK.............IK.............IK.............IK.............IK.............IK.............IK.............JW/..y.[.A....n.)%/.n.f.B.R....n.)..[.>......S...C..@....x#pn..x/......IK.............)w.w...O.^)VMq...nKe..m...3.cn.)%/.n.f.B.R....n...1.d[...,^.U..mP)}..u7..BW......3....]2.b.....n.f.B.R....n.)%/.i.}.....(^ip.iK.sK.Ag^..1. UL.S...!.e.jM.....D..cy.l...^..$..m...HRJ_.d....(....,.J.)..H...G.x]..g..=..\|n..A..&.u.n.)%/.n.f.B.R.....;.....iL-.r..z. ..!I)s!.....JC.-a~.h..vP.?C...!I).[u{7R.....W.s.=L..~.C........^..\|..a..".ZP..`A.k.Q...n.)%/.n.f.B..SH.4.CX.]y...u!I).[u7xVv..7-{.wy..!....n.)%/.n.f.>...x..E~1L.Nk...m...HQN=7..._.(MZ..%a.>...IK.........F....'a..\|...........8FM...n[u{7R.....W.u!E`.Q@>..vvJ..."..O..n..xi..W...(^f........qY..}%/.n.f.B.R....l.,%,Y.g.].

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\media_127d8ddf746b3d9b821b50287212a23ace9adf57c[1].jpeg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	1425
Entropy (8bit):	6.481147216793161
Encrypted:	false
SSDEEP:	12:kuio1zf1IfwBNsXoSSTBQfyxdkmEyanFQxfXdddddddddddddddddddddddddddw:8oxufw7PRWajEywKf6bHJf1vYc2kgvPu
MD5:	7095CCB61547C256C3D03D39E4D5E738
SHA1:	1C6955A0F7FE901CD7CFB99F96AE882C714BE433
SHA-256:	B28F10F554D3B43F929B5C534671BB05BF5C722414F61F4457898710D6FA7B0E
SHA-512:	E9781A387AA45358F5F2FB7F28E6B0990E6F509014A286B2FCDE4E2B7BAD11C7D2B43D2D5742EB3DB41C888D7FDB1E4435121D910CDB8204040D93FD360F7618
Malicious:	false
Reputation:	low
Preview:	RIFFN;..WEBPVP8 B;.......*....>u:.J$.#!......gn._....-.%..;`..M~....o./..O.o.^@.!.ox?......G.?........O.................O....~......k........?.......{^...6...K...'.?.?.}t.....i.....o.Oi/........a............u....O...7..}~........w.....'....,..............<.;q@.._..........E..i.....W...g....\|I~.................U.'.K......%..?..e...C.......?.>....'.?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B.R....n.)%/..?f.B

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\media_17a679af01aefbb64a6df5151c42b14558683b8bf[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	9250
Entropy (8bit):	7.975672208577694
Encrypted:	false
SSDEEP:	192:I0dp78X10EPjS+morlggq8qKMX7Bs46t0TMhy15ENNMzzgy3xa:IgpGR5rlHq8pMXls46uTMQ1Qcxa
MD5:	B7208A9A26F914E96E063E8978136FE1
SHA1:	0B18AA33D9FF66D2BB3B76883FDD130AAF5C713E
SHA-256:	8C29335D71C59F5368B71EF1B51A5FDD970AD9F8968AAE78DC599E8D6BC44065
SHA-512:	104CA8A2251AAA691E3185B8580217466A3F209CE6CDF21625CA7AECB9D1288853CA010B2DE1B9A2B3EA82DC4B85B13DFF4723473A631DF39B73030B6456481F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/create/media_17a679af01aefbb64a6df5151c42b14558683b8bf.png?width=2000&format=webply&optimize=medium
Preview:	RIFF.$..WEBPVP8X..............ALPH.......I.i....m.m.m.m.m....s.u...#"&..M..l.n#Fy..,d....g)..<.6...o2z................#...u.....msE!.0...e.hd.f~...#.mX/.3#.u8.hC.ay.. .0.{.#.q..........U....U._..n^`u..n]G;2-......4xC....^.qc......_...9.....tT.oH.^..&9...8.`\|...V......s...4...F1....7........:c.&..>T2Y...`.Y&.P]3..6..F)...;er..4....Cd... .....`D..........?..O.'........?..O.'........?..O.'......vB..v...a.4;.K.....C.'........?..O.'...\|..b%..CV.CaT..i..].%.........:.jV........p..L...i..d3....4O....M.AR....h...../..>!...A...f...j...eF.y.)i.`....T!...w@...-".-TpB[..4.c..FsDg..>...Erq..85.L.c..T.5.}.J.Q......^..7..[...^x...p.S.^'..h.......B...d.f........X.A..oq;...n..c.].g.. ....J.~..{BBb..Fy...k._\|...}.3.1x#x....%.......[.KBn.VP8 .!..0........>.F.K...!..a@..gn..J.....\|.....Q..#?.6....r.v....U..c.../P^]....7....7y......{sz..z.{...2............M.<h..ao-.f...Um.LB...ZK.Sp....e....Oh.3(..]=P.j........#.=...b......L..%.GL.jK:......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\media_181b604b63bec3b8bbee889de292d1daea1530139[1].jpeg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	8292
Entropy (8bit):	7.759602489884572
Encrypted:	false
SSDEEP:	192:bZafxTBUUcjZetRs44bS3rttQH4uFq04sO0:bATBuetRV7ttQRFW0
MD5:	2CF10D42514EF842F3BBF35508623D23
SHA1:	831045C456D1606D73318BFFB9DF178CE6EC308D
SHA-256:	572A525434EDE642C011CEF6EADDBCD485FA8EFEB2D323E0BA1CE14C86CA6BF9
SHA-512:	D70E9F2A36F59B46F1623EC79E5CDA5C4947AF9394EA97D858E64C08F72F5F4EC12B4AC5F9BFA0349EAD6E9C405DE4EEA8F1C79BB6555969B8DC8118C69D4FC0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/create/media_181b604b63bec3b8bbee889de292d1daea1530139.jpeg?width=2000&format=webply&optimize=medium
Preview:	RIFF\ ..WEBPVP8 P ...V.......>u:.J$."....@...in....#..~.....1..M?...s.y.o.S..C..d..z_>O.u...........{B;.....h..pE.+....Y?......3.`.....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p....8p..f...aB...(P.B...(P.B...(P.4xj..?...............$2.6+..^.z...^.z...^.z...7.....L.C.9.O..b..s.Y.. ...^..l.,!G..d.W{..........f{8....W,..\|..b.}5.^.z...^.z...^.z...S..9h......c.."8......]2(.y....TE..+..,..KDY4../+6t...k\|.\L.5.....f.6l.f

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\media_1ed4c2a2a5130e5f9cdeed32b1221f2e7d8988f38[1].jpeg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	6210
Entropy (8bit):	7.962124363478672
Encrypted:	false
SSDEEP:	192:lsF6b9jBPo5sFpZY6aFHTaPBb3K4hqzDW9Csj:lNjBQ5QLgFzaPpnhCwj
MD5:	34A9826873AB6E5600A1AB2014C94A64
SHA1:	F67628E01D5F1DBFA5095BE50B3A339CA7D03E0D
SHA-256:	7B9D3091AEDFC9C1F5C85EF03B57CC69F64A7827146648AF315EF53F587AD19D
SHA-512:	4333D5B2799FBACDC7D22DAFEA54FCE1AC4B6E9A2D85BC7659904AC140F04D64F1D0634F2DEE96A12BD818C3CA4362306270A63DD079C28AF1E0FE1831921778
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/create/media_1ed4c2a2a5130e5f9cdeed32b1221f2e7d8988f38.jpeg?width=2000&format=webply&optimize=medium
Preview:	RIFF:...WEBPVP8 .....S.......>u6.H$..!&.Y....cn.s....Ys...[..f.p..l....v..9.I.....7.?.y.f.......~[...........%._......C..._.>.w..P/............-/...........F...o.....?Z..y_..x...............O.....?........q....O........t...=..FF...A##x.i..........fy.{.'.<....#..a....{.+...0.....g..m.F..}.t.Q...z\;.aYq... H..-s.l.}P.5.#.R.3P....!.?...O.e;1..&H...B....CE?..k.i......X.._#.}'....zF.p.gqL.CY?...u.8..4...;d,g....t52..f..KEt.....5..m..._.p.X....6G&..........".X)..X...u.".-R_..O..?!..S.4.hd..F..i^_?..P...b..>.k.....Zh.....C-..2U@,.Y...eaM..........0....0..\....."5't..3...1....s.Sq.Y.2..c....0........,m........q,..H+i.O\L.J=.....~.6N.h...I......>.j.{.d..5y........... .....$.m.BH.[+...R.}.Y+..iq6..T.s9..t.Cd)B*.>...z..p.R...Lh.....1.T.\|. )K...8.F.~....~\|h..@..`..&]w...M$.....".8.S.W..I.h..Y^......Uf...l.a.vL...J.9...[+....-.s.....{...sw....z.PqqL..M....df.....%.-+m..AR.T..".S.Q...mF.:z...u%.....Qi..D...~.@>..$.i.eA.....=TjE.`-...Lz......h.x.f..p.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\other1[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	21882
Entropy (8bit):	4.268463452779894
Encrypted:	false
SSDEEP:	192:ESCkiDw7e9Mg/wio0EYm9FWyo2XdJfXoOZdEDfmiIJQdiRVi/WTanY:DBiDw7eAdq+FWyo2/fXoZbDIJ0ci/BnY
MD5:	6843A244E12FAB158AA189680B5E7049
SHA1:	0E1C691F87CC4FA35C88344974F2829C40176B70
SHA-256:	3A9B144D6482B78AFC4E0A940A1D3C22240F14FA535B808CF4DAB9635339569F
SHA-512:	145010C45B6B83EA4005EB367C0507959FF0817E482F19E9973504081ACAE1B7827CBD1172CEC7732B13F4E0CEC058271BD6700444FBCF61FB6A3C068A3744C4
Malicious:	false
Reputation:	low
IE Cache URL:	https://honeywell-products.com/John/McGarvey/images/other1.png
Preview:	.PNG........IHDR..............$.... cHRM..z&..............u0...`..:....p..Q<....sRGB.........gAMA......a.....pHYs...............:.iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c067 79.157747, 2015/03/30-23:40:42 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:xmp="http://ns.adobe.com/xap/1.0/". xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/". xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#". xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/". xmlns:dc="http://purl.org/dc/elements/1.1/". xmlns:tiff="http://ns.adobe.com/tiff/1.0/". xmlns:exif="http://ns.adobe.com/exif/1.0/">. <xmp:CreatorTool>Adobe Photoshop CC 2015 (Windows)</xmp:CreatorTool>. <xmp:CreateDate>2020-01-18T21:59:57+05:00</xmp:CreateDate>. <

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\p[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	35
Entropy (8bit):	2.9302005337813077
Encrypted:	false
SSDEEP:	3:CUHaaatrllH5:aB
MD5:	81144D75B3E69E9AA2FA3E9D83A64D03
SHA1:	F0FBC60B50EDF5B2A0B76E0AA0537B76BF346FFC
SHA-256:	9B9265C69A5CC295D1AB0D04E0273B3677DB1A6216CE2CCF4EFC8C277ED84B39
SHA-512:	2D073E10AE40FDE434EB31CBEDD581A35CD763E51FB7048B88CAA5F949B1E6105E37A228C235BC8976E8DB58ED22149CFCCF83B40CE93A28390566A28975744A
Malicious:	false
Reputation:	low
IE Cache URL:	https://p.typekit.net/p.gif?s=1&k=rbi5aua&ht=tk&h=spark.adobe.com&f=171.172.173.174.175.176.5474.5475.146&a=1655249&js=1.20.0&app=typekit&e=js&_=1620145800743
Preview:	GIF89a.............,..............;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\p[2].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	35
Entropy (8bit):	2.9302005337813077
Encrypted:	false
SSDEEP:	3:CUHaaatrllH5:aB
MD5:	81144D75B3E69E9AA2FA3E9D83A64D03
SHA1:	F0FBC60B50EDF5B2A0B76E0AA0537B76BF346FFC
SHA-256:	9B9265C69A5CC295D1AB0D04E0273B3677DB1A6216CE2CCF4EFC8C277ED84B39
SHA-512:	2D073E10AE40FDE434EB31CBEDD581A35CD763E51FB7048B88CAA5F949B1E6105E37A228C235BC8976E8DB58ED22149CFCCF83B40CE93A28390566A28975744A
Malicious:	false
Reputation:	low
IE Cache URL:	https://p.typekit.net/p.gif?s=1&k=vtg4qoo&ht=tk&h=spark.adobe.com&f=7180.7182.7184.22474.10294.10296.10302&a=1655249&js=1.20.0&app=typekit&e=js&_=1620145856743
Preview:	GIF89a.............,..............;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\privacy[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	242
Entropy (8bit):	5.112303491915906
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwol6hEr6VX16hu9nPjL2OJi+KqD:J0+ox0RJWWPmURT
MD5:	603135FFA99C99EBB6FFD7EF15DA8695
SHA1:	23A1A98130B2E61338488568BC33668B74D13760
SHA-256:	64162C4EB0A1C365FD77EF01458B6C7967AAE790E3E41ABE18ECBF7C7D210439
SHA-512:	FABF700B5CD145EA54862968220F841E107F0A871CFC9A34C100FDAB5B8761BE5B9C03CE425A849F0AEABFD2F72B675A2B617BF0698C55A8ED74F6CAC9887203
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>301 Moved Permanently</title>.</head><body>.<h1>Moved Permanently</h1>.<p>The document has moved <a href="https://www.adobe.com/privacy.html">here</a>.</p>.</body></html>.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\publish.combined.fp-421881f0a79eaca9b43e2b67993ea372[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	643760
Entropy (8bit):	5.272558437645483
Encrypted:	false
SSDEEP:	6144:GyojsVeUZPvp2nrz3eLxtQtD3aOxcrIVg:BeUZPvp2nrz3eLxtQtD3aOaIVg
MD5:	421881F0A79EACA9B43E2B67993EA372
SHA1:	A8881A6FC1980F654CDEEE531F2897D555F941C8
SHA-256:	F5AFFDECFCB51D26259D7B79BA84652F705FF7F720B02C373E98D2F6B78A15CA
SHA-512:	BDF4426AF0DCDB9C4DCFD7CEA224B52BE29645EE642C54A2B4CAD2FC5C3E6797631C83DF244742A8296EE6DAE90FFAD76ECDBDBEC17DE54991EC00A6AAF75D97
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/etc.hawks.dexterlibs/hawks/clientlibs/publish.combined.fp-421881f0a79eaca9b43e2b67993ea372.css
Preview:	/* The OOTB AEM 6.4 grid system.. . This has been modified slightly to support Dexter's. * custom breakpoints and remove fixed left / right padding.. /./. * ADOBE CONFIDENTIAL. . Copyright 2015 Adobe Systems Incorporated. * All Rights Reserved.. . NOTICE: All information contained herein is, and remains. * the property of Adobe Systems Incorporated and its suppliers,. * if any. The intellectual and technical concepts contained. * herein are proprietary to Adobe Systems Incorporated and its. * suppliers and may be covered by U.S. and Foreign Patents,. * patents in process, and are protected by trade secret or copyright law.. * Dissemination of this information or reproduction of this material. * is strictly forbidden unless prior written permission is obtained. * from Adobe Systems Incorporated.. /./ grid component */..aem-Grid {. display: block;. width: 100%;.}..aem-Grid::before,..aem-Grid::after {. display: table;. content: " ";.}..aem-Grid::after {. clear: both;.}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\publish.combined.fp-d40a7373dc7cdb5edbfd059d0f2c60db[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	720057
Entropy (8bit):	5.322087162957606
Encrypted:	false
SSDEEP:	12288:LmwBfrrsdDBry0dllnRdlln8dllnrdlln7H1urS2dllnrdllnTdllnGdllnPCrV2:LmSfrrsdDBry0dllnRdlln8dllnrdllX
MD5:	D40A7373DC7CDB5EDBFD059D0F2C60DB
SHA1:	B0088EE43A64AF0929B52CEF6701AB8E3907DEA1
SHA-256:	1886682E6F9BA3C2D423732991EB3A937DE3FEB371E388A0DC8CAA37082AEBE4
SHA-512:	E5A2A29DD2F1FB3CEE3324C6239A634D7FC133D942F23B91FC819FD61E0D18EC805A975AD35C1C70D9D2A925BDFAC760EF05A159F9C96D7F8EBF5D62B225B4A0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/etc.hawks.dexterlibs/hawks/clientlibs/publish.combined.fp-d40a7373dc7cdb5edbfd059d0f2c60db.js
Preview:	webpackJsonp([1],{113:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});var i=function(){function e(e,t){for(var n=0;n<t.length;n++){var i=t[n];i.enumerable=i.enumerable\|\|!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(e,i.key,i)}}return function(t,n,i){return n&&e(t.prototype,n),i&&e(t,i),t}}(),r=u(n(126)),a=u(n(185)),o=u(n(439));function u(e){return e&&e.__esModule?e:{default:e}}var s=function(){function e(t){var n=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this.element=t,this.utils=o.default,this.properties=n,this.tools=r.default}return i(e,[{key:"bindCollection",value:function(t,n){for(var i=arguments.length,r=Array(i>2?i-2:0),o=2;o<i;o++)r[o-2]=arguments[o];var u=e.getCollection(t,this.element);if(r.includes("bindLateItems")){var s=r.filter(function(e){return"bindLateItems"!==e});this.bindOn.apply(this,[t,n].concat

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\runtime-prod.gz[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	342968
Entropy (8bit):	5.371093003938434
Encrypted:	false
SSDEEP:	6144:ECIBkfxBva98Hrj4SRZxFzb7jvSvguFyLllmEuKP:/IABl+vSP
MD5:	B0F0C32B9B49DD909CF36FDF4ABA491C
SHA1:	4DD35EEAA3B72879BBADED3E25109983EC736214
SHA-256:	FAF1701455C322D60D4B5B27832D2430EE3B9C3D6B52D7771B4BB6F224784540
SHA-512:	8481D9DAC37657EA7B97E639282332524BAD837F8BDFC004B9885A10FCC145B0BA9A65C0F6CEEE30BFD2A37D03575A04AE2352080300FD96AA71C34E4111157F
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/runtime-prod.gz.js
Preview:	!function(a){function b(d){if(c[d])return c[d].exports;var e=c[d]={exports:{},id:d,loaded:!1};return a[d].call(e.exports,e,e.exports,b),e.loaded=!0,e.exports}var c={};b.m=a,b.c=c,b.p="",b(0)}([function(a,b,c){var d,e;d=[c(1),c(72),c(73),c(74),c(76),c(78)],void 0!==(e=function(a){return a.Experiments&&(a.Bootstrap.disable(),a.Bootstrap.run()),a}.apply(b,d))&&(a.exports=e)},function(a,b,c){var d,e;d=[c(33),c(40),c(39),c(35),c(34),c(41),c(43),c(44),c(45),c(46),c(48),c(49),c(47),c(53),c(50),c(51),c(2),c(52),c(54),c(55),c(56),c(57),c(58),c(59),c(63),c(64),c(67),c(68),c(69),c(70),c(71),c(66)],void 0!==(e=function(a){return window.Luca=a,a}.apply(b,d))&&(a.exports=e)},function(a,b,c){var d,e;d=[c(3),c(4),c(33),c(34)],void 0!==(e=function(a,b,c,d){var e=c.getSectionsArticleHandler("default");c.registerSectionsArticleHandler("split-layout-base",a.extend({},e,{_initialize:function(b,c){var d=a(b),f=d.data("timeline"),g=d.find(".section-background"),h=d.find(".section-content");this._resetElement

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\runtime.gz[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	73425
Entropy (8bit):	4.977204259182636
Encrypted:	false
SSDEEP:	768:lfwoF8BD5hj74zan5tDdSJkR5f2zSJI3JxETmkN13hychWMobOGU9O:lfwoF8BDn5tZ/RJ2SN13hs
MD5:	413473DA67E4B51BA0944226E77C3F56
SHA1:	D8A80CE0CA07C5A65D9FE76EE6A5DB3D68668E78
SHA-256:	630DD73CC8AD2A52615AED23D16CAB6F05C1307655414D4EBE97B6E252302A8D
SHA-512:	451C48BCA87744FB76B40CE4A65E853FF3E3F3658A9AD9D483F0385D79EFC916358D6B42BF4EC1AE782F696ACD77A476E3155080B5FF18E4F68488CE46D0CBA6
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/runtime.gz.css
Preview:	.wp-progress-bar,.wp-progress-bar-clip,.wp-progress-bar-view{top:0;left:0;position:absolute}.article iframe,.article img{max-width:100%}.report-abuse-dialog .report-abuse-dialog-article-contents,html{-webkit-tap-highlight-color:transparent}.wp-progress-bar{right:0;bottom:auto;height:1em}.wp-progress-bar-clip{right:0;bottom:0}.wp-progress-bar-view{right:auto;bottom:0;width:0%;background-color:#000}.wp-scrollbar{z-index:5;position:absolute;opacity:0;background-color:rgba(255,255,255,.8);-webkit-transition:opacity .3s ease-out;-moz-transition:opacity .3s ease-out;-o-transition:opacity .3s ease-out;-ms-transition:opacity .3s ease-out;transition:opacity .3s ease-out;box-shadow:0 0 2px rgba(0,0,0,.5)}.wp-scrollbar.visible{opacity:1}.wp-scrollbar-track{position:absolute;top:2px;right:2px;bottom:2px;left:2px}.wp-scrollbar-thumb{position:absolute;top:0;left:0;background-color:rgba(0,0,0,.5)}.wp-scrollbar.horizontal{right:16px;bottom:0;left:0;height:16px}.wp-scrollbar.horizontal .wp-scrollbar-th

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\scripts[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text
Category:	downloaded
Size (bytes):	36369
Entropy (8bit):	5.028473190816657
Encrypted:	false
SSDEEP:	384:U1qVZSpe137a6wbqWcqS5G399ahCqAUaww3boPOGGuh3f3ntOX4jQt41gvUxUPCr:UMZPjwfuVP0GLB1a4j/b4g
MD5:	696D0CC440A9A38E23EE9B7B623060B8
SHA1:	70D6991B1983E3B7D1777429533C060982799FF6
SHA-256:	338460BD7A0F7D02FBE0808DBD34F9B6062313EB86A82CE37355829C73BC7B23
SHA-512:	191E2DDFCB32CB46730353764CE3DA83DF020623537F21348EF347437D15BAE5830C1F05FE4856289E6ACEF36799BA01F661C5C4EE6D384626D30B61CA3000BA
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/scripts/scripts.js
Preview:	/. Copyright 2021 Adobe. All rights reserved.. * This file is licensed to you under the Apache License, Version 2.0 (the "License");. * you may not use this file except in compliance with the License. You may obtain a copy. * of the License at http://www.apache.org/licenses/LICENSE-2.0. . Unless required by applicable law or agreed to in writing, software distributed under. * the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS. * OF ANY KIND, either express or implied. See the License for the specific language. * governing permissions and limitations under the License.. /./ global window, navigator, document, fetch, performance, PerformanceObserver,. FontFace, sessionStorage, Image /./ eslint-disable no-console */..export function toClassName(name) {. return name && typeof name === 'string'. ? name.toLowerCase().replace(/[^0-9a-z]/gi, '-'). : '';.}..export function createTag(name, attrs) {. const el = document.createElement(n

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\styles[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	12401
Entropy (8bit):	4.662952324891605
Encrypted:	false
SSDEEP:	192:wh2WV+m6jCZDitH75vH1V/FAF/1Sr+aGF5OJE9h0TA9ZXn:R5171PFAF95bFQ9cXn
MD5:	C0F349AF62FA2D1E725464B22D31CDCC
SHA1:	645A7814C3FBE9578EBFDEFF1327720E6AA322EF
SHA-256:	32BB5493F1B51E6AE09315DB807602AAE9031356D170780D32D272098424FA74
SHA-512:	B2D2DBCABABAB7233DDB89D029F3DE350D040872B119C447740C1DB862FF5B3DE2BBAFA5D369CB93C88A8CD0CCC440D53CA5EDB31AFB86BF78868989E2622CE0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/styles/styles.css
Preview:	body {. font-family: 'adobe-clean', 'Adobe Clean', sans-serif;. background-color: #FFF;. color: #232323;. margin: 0;. padding: 0;. display: none;.}..body.appear {. display: block;.}../* gnav placeholder */..header {. box-sizing: border-box;. border-bottom: 1px solid #EAEAEA;. height: 153px;. background-image: url(/express/icons/adobe-spark.png);. background-repeat: no-repeat;. background-size: auto 42px;. background-position: bottom 24px center;. position: relative;. background-color: white;.}..#feds-header {. opacity: 0;.}..#feds-header.appear {. opacity: 1;.}..#header-placeholder {. height: 64px;. position: absolute;. top: 0;. left: 0;. width: 100%;. z-index: 10;. -webkit-font-smoothing: antialiased;. border-bottom: 1px solid #EAEAEA;. transition: opacity 0.1s;. background-color: white;.}..#header-placeholder.disappear {. display: none;.}..#header-placeholder .desktop {. display: none;.}..#header-placeholder .mobile {.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\typekit-load.gz[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	67
Entropy (8bit):	4.670181915303587
Encrypted:	false
SSDEEP:	3:yLRmcszgcukrQLJkgfw0zRjf:yL/0gcu/LugfwmRr
MD5:	5D83D0AA1685849B1ACEB2382FB6BEF2
SHA1:	496F8CB19AAD2E89C4748729BD096CD69C96F79E
SHA-256:	7DACF0B95D4AFF38FE7E25986827EFA6A5C9B1B180C66DAA7D61CD2F862FDE1F
SHA-512:	41502C0C3B1B100F4A73F507C5F15BDE9CE4ED515BAB059C28B1CA902D4C986A54FB7E39ECAAB20495AD0DD5637BEDA589A90FAC3113D1AE6161F1A4B857A1EE
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/typekit-load.gz.js
Preview:	document.write("<script>try{Typekit.load();}catch(e){}<\/script>");

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\015848c8-21d3-48f0-90c3-8404fbc0b832[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 668 x 188, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	49015
Entropy (8bit):	7.989958774953542
Encrypted:	false
SSDEEP:	768:tgk5Zb1HpCqT4sZvft+jgVEUisMkoY1Tga+igBTrUvQHfZnVHdso6wD+I:l91JFhRt+EVEUBMk3p+HUkfv9H6wD1
MD5:	745F4FA19A24872EF77D0995D09B74A0
SHA1:	AFA12D24F977F8D704A1C483057C0839BDCBD9D9
SHA-256:	8292A1FF1A9403AAB3A660162965A0B581F4F44528ECFC38B6E7EBED9B749D58
SHA-512:	0C134568E09B58DBB9860A99F414D64DB61E8F71BD08398A4D3A70C92AB1DA2507F8A3077EC5281ECD5A3B58A6B234CF8988146D5EB4F061317670784D4D7AA5
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/page/XzmTHY6Mi43rB/images/015848c8-21d3-48f0-90c3-8404fbc0b832.png?asset_id=252d8d49-0a9f-43ae-9881-286b9f262451&img_etag=%22a545dfb9109ffce1fdbf29c99f7befdd%22&size=2560
Preview:	.PNG........IHDR..............x~.....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c005 79.164590, 2020/12/09-11:57:44 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/">. <xmpMM:DerivedFrom rdf:parseType="Resource"/>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>.<?xpacket end="r"?>m.."....gAMA......a.....sRGB........ cHRM..z&..............u0...`..:....p..Q<.. .IDATx..]...D.......DzUD.""H.*(M..(E.A...B......J/"U..`...KS..R.rm..6..l&...L&..=.....dZ&...W.....O.<......!lA..m!t..nwc......}.@..F.."`..K.x...h/mk....;k....k\|Py...o.;..6..[.o.z<..{.....(...{..i..{...H@C%....5.z.jL.{.nna.i.]....:.P...m.?...........9........8..ym....Os+....F.Q4..../..G!.......0y..........>.S..%..mj..v%.M..j.M8...5b..n...tb....G../Y.:IB.. .>..T.E.R..~.JC.A.g....U...o,..M....u4E.A.=U.X.`x.\Z.k.y.(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\30b73ae4-1bd3-47d5-ab7b-fc9ebfbd3087[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 99 x 99, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	1606
Entropy (8bit):	7.496452620312333
Encrypted:	false
SSDEEP:	24:Haz7BFyyvZGbiEXfDWRzuWa0AMgMjQRKvh+r7kp6v8ZrJJEKqMjAmKRSdCFJBo:H2vOXrWRz3AelvIkQv81JgMLvgq
MD5:	5F6DC15AEBF37F5FD754C67506836821
SHA1:	F85D0E488B843557B69DE2B00C1192DF4B8791E8
SHA-256:	B388259201BCEEF091734F6805B23B5C50A9462188C317FAD18E887B136B910C
SHA-512:	0D7E2193619418CEF3FA97FEF3BD5C297EB1725E38358D5ADA9C6C4473D8018F2A9FF0D22E7C442C02E8A2E39926B860997D5F51543A4FAFD4AD4D8C91E84CE8
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/page/XzmTHY6Mi43rB/images/30b73ae4-1bd3-47d5-ab7b-fc9ebfbd3087.png?asset_id=3124fa2e-37b6-49c6-ad01-adf231d0691c&img_etag=%22021c634a00e1f9f0e3f2395523824430%22&size=1024
Preview:	.PNG........IHDR...c...c.......N....vPLTE......bb^aa]``\__[__[^^Z__\^^[^^[^^[^^[]]Ziifrroqqn...]][]][\\Z..........................ba]a`\_^Zcb^ba^`_\_^[^][ihf\|{yzywsrprqo.........`^[igdnli...`]Za_]`^\^\Z............wvu........................b^[b^[wtr....U*ljia_^...{yxywvwut......s]T.[Lyvu....U1.U2.U2.U2.U2.V2.U2.U2.V3.W4.X6.Z8.V7.^<.`?.cC.eE.X@.ZG.q.r.~.}j..}j.[O.......q[U................T3.U3.Z9.jL.qU.sW......................^[[^[[^[[]ZZ\|yyurr^\\^\\^\\][[][[{yywuu...........................................................................................................................]]]]]]]]]\\\[[[ZZZZZZYYYXXXXXXXXXXXXUUUUUUUUU@@@...4..T....tRNS.........ILQ.q....hkf............................R..w.............Q............RW.......$H....b............W.......Q.....ji..............Ljm\|..glrsx.............................................!o.."... 1..3.... .....IDATh....WLa...{....4.1.."d.d...t.L..R.E...D!TD..TC..(R...t.3s.k.}^3W...q.{...3..s...Q[ki7.z.ma

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\LawEnforcement_72px_lt-gray[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	28018
Entropy (8bit):	6.123287231997608
Encrypted:	false
SSDEEP:	768:3B3bnD+0T1bo4s83RvlSqEOSt1uRgzgd6Hio:I0Bo49h32I6HT
MD5:	203D2596591DD98304B03BDBCFE7948A
SHA1:	145A9AB021FA39848CBF9E95DB7132554469934C
SHA-256:	F0F7F1BB8276F731235B5519886DEF7081CE2AF2A906567888F5CC1F7BBD78C1
SHA-512:	2A36BE5EF21D35EA123BE7CFDB88BC1C025AE359E80068E9E1FAB66748E15D268A7A9162CA0FE5364F34852E5EBA88DE665C5F5710668783ADC55A91D6825629
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/content/dam/cc1/en/privacy/images/LawEnforcement_72px_lt-gray.svg
Preview:	<?xml version="1.0" encoding="utf-8"?>. Generator: Adobe Illustrator 19.2.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->.<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" [..<!ENTITY ns_extend "http://ns.adobe.com/Extensibility/1.0/">..<!ENTITY ns_ai "http://ns.adobe.com/AdobeIllustrator/10.0/">..<!ENTITY ns_graphs "http://ns.adobe.com/Graphs/1.0/">..<!ENTITY ns_vars "http://ns.adobe.com/Variables/1.0/">..<!ENTITY ns_imrep "http://ns.adobe.com/ImageReplacement/1.0/">..<!ENTITY ns_sfw "http://ns.adobe.com/SaveForWeb/1.0/">..<!ENTITY ns_custom "http://ns.adobe.com/GenericCustomNamespace/1.0/">..<!ENTITY ns_adobe_xpath "http://ns.adobe.com/XPath/1.0/">.]>.<svg version="1.1" id="adobeNews_x5F_72_x5F_lt-ou" xmlns:x="&ns_extend;" xmlns:i="&ns_ai;" xmlns:graph="&ns_graphs;".. xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" width="72px" height="72px".. viewBox="-359 271 72 72" style="enab

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\McGarvey[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with CRLF line terminators
Category:	downloaded
Size (bytes):	14472
Entropy (8bit):	4.779738955118992
Encrypted:	false
SSDEEP:	192:FTFFtj5kFsDkDeDKQATOU+gIGFw4ZlwFNyKJaNKJYaf:3GFNQm5Rw4DYHxYaf
MD5:	DE20F9B0064C8DE2678AB5F21F8B1C26
SHA1:	C05526619BDA671724414CB33EA4C414755C60BC
SHA-256:	799399E86516E3E320FBB25876D13908A2C5050DBDC6E92CA136BECA8DAA7A3E
SHA-512:	4BD7C07DB9DFD3B702D804D3325C7EF4770E903286CA884E00DBC87C4498B3F8DC25701FF3A18C8E3B1F6310880582316FC3515CE4DC8B3F2602ED78D0C11639
Malicious:	false
Reputation:	low
IE Cache URL:	https://honeywell-products.com/John/McGarvey/
Preview:	<!doctype html>..<html lang="en">....<head>.. <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>.. <script src="https://code.jquery.com/jquery-3.1.1.min.js"></script>.. <script src="https://code.jquery.com/jquery-3.3.1.js" integrity="sha256-2Kok7MbOyxpgUVvAk/HJ2jigOSYS2auK4Pfzbm7uH60=" crossorigin="anonymous"></script>.. Required meta tags -->.. <meta charset="utf-8">.. <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">.. Bootstrap CSS -->.. <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">.. <link href="https://fonts.googleapis.com/css?family=Archivo+Narrow&display=swap" rel="stylesheet">.. <script src="https://kit.fontawesome.com/585b051251.js" crossorigin="anonymous"></script>.. <title>Share Point Online</title>

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 4, 2021 18:29:58.976495981 CEST	49733	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:58.977999926 CEST	49732	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.107089043 CEST	443	49733	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.107194901 CEST	49733	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.108648062 CEST	443	49732	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.108730078 CEST	49732	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.112736940 CEST	49733	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.113346100 CEST	49732	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.243240118 CEST	443	49733	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.243849039 CEST	443	49732	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.245121002 CEST	443	49732	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.245151043 CEST	443	49732	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.245161057 CEST	443	49732	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.245254993 CEST	49732	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.246150017 CEST	443	49733	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.246177912 CEST	443	49733	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.246186972 CEST	443	49733	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.246298075 CEST	49733	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.246335030 CEST	49733	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.286478996 CEST	49733	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.289720058 CEST	49732	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.294873953 CEST	49732	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.295047045 CEST	49733	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.295170069 CEST	49732	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.418970108 CEST	443	49733	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.418994904 CEST	443	49733	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.419008017 CEST	443	49733	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.419053078 CEST	49733	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.419111967 CEST	49733	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.420098066 CEST	49733	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.422060013 CEST	443	49732	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.422080994 CEST	443	49732	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.422091007 CEST	443	49732	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.422194958 CEST	49732	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.422226906 CEST	49732	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.423435926 CEST	49732	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.426923990 CEST	443	49732	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.427031040 CEST	49732	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.427056074 CEST	443	49733	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.427119017 CEST	49733	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.446173906 CEST	443	49732	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.446202993 CEST	443	49732	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.446315050 CEST	49732	443	192.168.2.4	108.174.10.10
May 4, 2021 18:29:59.591067076 CEST	443	49733	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.594901085 CEST	443	49732	108.174.10.10	192.168.2.4
May 4, 2021 18:29:59.845736980 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.845843077 CEST	49738	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.886239052 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.886265039 CEST	443	49738	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.886450052 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.886673927 CEST	49738	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.888454914 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.888864994 CEST	49738	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.928844929 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.929018021 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.929038048 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.929132938 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.929161072 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.929161072 CEST	443	49738	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.929451942 CEST	443	49738	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.929471970 CEST	443	49738	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.929563046 CEST	49738	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.929641008 CEST	49738	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.930959940 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.931165934 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.932682037 CEST	443	49738	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.932847023 CEST	49738	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.939268112 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.939697981 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.939903975 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.943037987 CEST	49738	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.943427086 CEST	49738	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.982495070 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.982532978 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.982594967 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.982677937 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.982852936 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.982860088 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.985728025 CEST	443	49738	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.985941887 CEST	443	49738	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.985975027 CEST	443	49738	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.986030102 CEST	49738	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.986057997 CEST	49738	443	192.168.2.4	65.9.66.79
May 4, 2021 18:29:59.986095905 CEST	443	49738	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.986138105 CEST	443	49738	65.9.66.79	192.168.2.4
May 4, 2021 18:29:59.986181974 CEST	49738	443	192.168.2.4	65.9.66.79
May 4, 2021 18:30:00.003638029 CEST	49738	443	192.168.2.4	65.9.66.79
May 4, 2021 18:30:00.003688097 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:30:00.044359922 CEST	443	49738	65.9.66.79	192.168.2.4
May 4, 2021 18:30:00.044389963 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:30:00.338512897 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:30:00.338570118 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:30:00.338685989 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:30:00.338704109 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:30:00.338711977 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:30:00.338736057 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:30:00.338749886 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:30:00.338761091 CEST	443	49737	65.9.66.79	192.168.2.4
May 4, 2021 18:30:00.338785887 CEST	49737	443	192.168.2.4	65.9.66.79
May 4, 2021 18:30:00.338821888 CEST	49737	443	192.168.2.4	65.9.66.79

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 4, 2021 18:29:46.442728996 CEST	49714	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:46.500653028 CEST	58028	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:46.503185034 CEST	53	49714	8.8.8.8	192.168.2.4
May 4, 2021 18:29:46.560662031 CEST	53	58028	8.8.8.8	192.168.2.4
May 4, 2021 18:29:48.974512100 CEST	53097	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:49.023610115 CEST	53	53097	8.8.8.8	192.168.2.4
May 4, 2021 18:29:50.020828009 CEST	49257	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:50.079596996 CEST	53	49257	8.8.8.8	192.168.2.4
May 4, 2021 18:29:50.944365025 CEST	62389	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:50.993026018 CEST	53	62389	8.8.8.8	192.168.2.4
May 4, 2021 18:29:52.981178045 CEST	49910	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:53.032746077 CEST	53	49910	8.8.8.8	192.168.2.4
May 4, 2021 18:29:55.482002020 CEST	55854	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:55.534821033 CEST	53	55854	8.8.8.8	192.168.2.4
May 4, 2021 18:29:56.850943089 CEST	64549	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:56.900933981 CEST	53	64549	8.8.8.8	192.168.2.4
May 4, 2021 18:29:57.466950893 CEST	63153	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:57.525852919 CEST	53	63153	8.8.8.8	192.168.2.4
May 4, 2021 18:29:58.604353905 CEST	52991	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:58.658031940 CEST	53	52991	8.8.8.8	192.168.2.4
May 4, 2021 18:29:58.911828995 CEST	53700	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:58.962948084 CEST	53	53700	8.8.8.8	192.168.2.4
May 4, 2021 18:29:59.459659100 CEST	51726	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:59.515592098 CEST	53	51726	8.8.8.8	192.168.2.4
May 4, 2021 18:29:59.588474989 CEST	56794	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:59.638874054 CEST	53	56794	8.8.8.8	192.168.2.4
May 4, 2021 18:29:59.780359983 CEST	56534	53	192.168.2.4	8.8.8.8
May 4, 2021 18:29:59.841478109 CEST	53	56534	8.8.8.8	192.168.2.4
May 4, 2021 18:30:00.544222116 CEST	56627	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:00.607762098 CEST	53	56627	8.8.8.8	192.168.2.4
May 4, 2021 18:30:00.915690899 CEST	56621	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:00.975754976 CEST	53	56621	8.8.8.8	192.168.2.4
May 4, 2021 18:30:01.650170088 CEST	63116	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:01.705123901 CEST	53	63116	8.8.8.8	192.168.2.4
May 4, 2021 18:30:01.724504948 CEST	64078	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:01.776500940 CEST	53	64078	8.8.8.8	192.168.2.4
May 4, 2021 18:30:01.809034109 CEST	64801	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:01.868669033 CEST	53	64801	8.8.8.8	192.168.2.4
May 4, 2021 18:30:03.256153107 CEST	61721	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:03.304940939 CEST	53	61721	8.8.8.8	192.168.2.4
May 4, 2021 18:30:04.249834061 CEST	51255	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:04.303488970 CEST	53	51255	8.8.8.8	192.168.2.4
May 4, 2021 18:30:05.448162079 CEST	61522	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:05.500138044 CEST	53	61522	8.8.8.8	192.168.2.4
May 4, 2021 18:30:14.283268929 CEST	52337	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:14.332653046 CEST	53	52337	8.8.8.8	192.168.2.4
May 4, 2021 18:30:15.358006954 CEST	55046	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:15.409080029 CEST	53	55046	8.8.8.8	192.168.2.4
May 4, 2021 18:30:16.272850037 CEST	49612	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:16.321757078 CEST	53	49612	8.8.8.8	192.168.2.4
May 4, 2021 18:30:16.461772919 CEST	49285	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:16.513299942 CEST	53	49285	8.8.8.8	192.168.2.4
May 4, 2021 18:30:17.902252913 CEST	50601	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:17.964375019 CEST	53	50601	8.8.8.8	192.168.2.4
May 4, 2021 18:30:19.500129938 CEST	60875	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:19.555759907 CEST	53	60875	8.8.8.8	192.168.2.4
May 4, 2021 18:30:22.124034882 CEST	56448	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:22.173311949 CEST	53	56448	8.8.8.8	192.168.2.4
May 4, 2021 18:30:26.654872894 CEST	59172	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:26.721276999 CEST	53	59172	8.8.8.8	192.168.2.4
May 4, 2021 18:30:27.448276043 CEST	62420	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:27.497462034 CEST	53	62420	8.8.8.8	192.168.2.4
May 4, 2021 18:30:27.597989082 CEST	60579	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:27.601289988 CEST	50183	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:27.605354071 CEST	61531	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:27.609694004 CEST	49228	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:27.640357971 CEST	59794	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:27.653351068 CEST	53	50183	8.8.8.8	192.168.2.4
May 4, 2021 18:30:27.664014101 CEST	53	61531	8.8.8.8	192.168.2.4
May 4, 2021 18:30:27.665705919 CEST	53	60579	8.8.8.8	192.168.2.4
May 4, 2021 18:30:27.666471004 CEST	53	49228	8.8.8.8	192.168.2.4
May 4, 2021 18:30:27.696558952 CEST	55916	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:27.699824095 CEST	53	59794	8.8.8.8	192.168.2.4
May 4, 2021 18:30:27.713977098 CEST	52752	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:27.747627020 CEST	53	55916	8.8.8.8	192.168.2.4
May 4, 2021 18:30:27.775144100 CEST	53	52752	8.8.8.8	192.168.2.4
May 4, 2021 18:30:28.050678015 CEST	60542	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:28.114026070 CEST	53	60542	8.8.8.8	192.168.2.4
May 4, 2021 18:30:28.342267990 CEST	60689	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:28.393843889 CEST	53	60689	8.8.8.8	192.168.2.4
May 4, 2021 18:30:28.446861029 CEST	62420	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:28.498964071 CEST	53	62420	8.8.8.8	192.168.2.4
May 4, 2021 18:30:29.352961063 CEST	60689	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:29.406622887 CEST	53	60689	8.8.8.8	192.168.2.4
May 4, 2021 18:30:29.542423010 CEST	62420	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:29.593410969 CEST	53	62420	8.8.8.8	192.168.2.4
May 4, 2021 18:30:30.371203899 CEST	60689	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:30.424232960 CEST	53	60689	8.8.8.8	192.168.2.4
May 4, 2021 18:30:35.744837999 CEST	60689	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:35.759299040 CEST	62420	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:35.797895908 CEST	53	60689	8.8.8.8	192.168.2.4
May 4, 2021 18:30:35.810070038 CEST	53	62420	8.8.8.8	192.168.2.4
May 4, 2021 18:30:38.108350039 CEST	64206	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:38.171022892 CEST	53	64206	8.8.8.8	192.168.2.4
May 4, 2021 18:30:39.352947950 CEST	50904	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:39.403321981 CEST	53	50904	8.8.8.8	192.168.2.4
May 4, 2021 18:30:39.754904985 CEST	60689	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:39.761322021 CEST	62420	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:39.810564041 CEST	53	62420	8.8.8.8	192.168.2.4
May 4, 2021 18:30:39.816544056 CEST	53	60689	8.8.8.8	192.168.2.4
May 4, 2021 18:30:40.489033937 CEST	57525	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:40.548064947 CEST	53	57525	8.8.8.8	192.168.2.4
May 4, 2021 18:30:41.056047916 CEST	53814	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:41.118479967 CEST	53	53814	8.8.8.8	192.168.2.4
May 4, 2021 18:30:41.488152981 CEST	53418	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:41.541291952 CEST	53	53418	8.8.8.8	192.168.2.4
May 4, 2021 18:30:41.545733929 CEST	62833	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:41.603029966 CEST	53	62833	8.8.8.8	192.168.2.4
May 4, 2021 18:30:42.486138105 CEST	59260	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:42.547161102 CEST	53	59260	8.8.8.8	192.168.2.4
May 4, 2021 18:30:42.965092897 CEST	49944	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:43.027153015 CEST	53	49944	8.8.8.8	192.168.2.4
May 4, 2021 18:30:43.182039976 CEST	63300	53	192.168.2.4	8.8.8.8
May 4, 2021 18:30:43.230762005 CEST	53	63300	8.8.8.8	192.168.2.4
May 4, 2021 18:31:02.716582060 CEST	61449	53	192.168.2.4	8.8.8.8
May 4, 2021 18:31:02.776468992 CEST	53	61449	8.8.8.8	192.168.2.4
May 4, 2021 18:31:07.988040924 CEST	51275	53	192.168.2.4	8.8.8.8
May 4, 2021 18:31:08.185777903 CEST	53	51275	8.8.8.8	192.168.2.4
May 4, 2021 18:31:08.647566080 CEST	63492	53	192.168.2.4	8.8.8.8
May 4, 2021 18:31:08.754232883 CEST	53	63492	8.8.8.8	192.168.2.4
May 4, 2021 18:31:10.206304073 CEST	58945	53	192.168.2.4	8.8.8.8
May 4, 2021 18:31:10.263516903 CEST	53	58945	8.8.8.8	192.168.2.4
May 4, 2021 18:31:10.992666006 CEST	60779	53	192.168.2.4	8.8.8.8
May 4, 2021 18:31:11.043559074 CEST	53	60779	8.8.8.8	192.168.2.4
May 4, 2021 18:31:11.494223118 CEST	64014	53	192.168.2.4	8.8.8.8
May 4, 2021 18:31:11.551402092 CEST	53	64014	8.8.8.8	192.168.2.4
May 4, 2021 18:31:12.020242929 CEST	57091	53	192.168.2.4	8.8.8.8
May 4, 2021 18:31:12.079874039 CEST	53	57091	8.8.8.8	192.168.2.4

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
May 4, 2021 18:29:58.911828995 CEST	192.168.2.4	8.8.8.8	0x812c	Standard query (0)	lnkd.in	A (IP address)	IN (0x0001)
May 4, 2021 18:29:59.459659100 CEST	192.168.2.4	8.8.8.8	0x1f3	Standard query (0)	www.linkedin.com	A (IP address)	IN (0x0001)
May 4, 2021 18:30:00.544222116 CEST	192.168.2.4	8.8.8.8	0x397e	Standard query (0)	page.adobespark-assets.com	A (IP address)	IN (0x0001)
May 4, 2021 18:30:00.915690899 CEST	192.168.2.4	8.8.8.8	0xff88	Standard query (0)	use.typekit.net	A (IP address)	IN (0x0001)
May 4, 2021 18:30:01.650170088 CEST	192.168.2.4	8.8.8.8	0x4f57	Standard query (0)	s3.amazonaws.com	A (IP address)	IN (0x0001)
May 4, 2021 18:30:01.809034109 CEST	192.168.2.4	8.8.8.8	0xd09e	Standard query (0)	p.typekit.net	A (IP address)	IN (0x0001)
May 4, 2021 18:30:19.500129938 CEST	192.168.2.4	8.8.8.8	0xf518	Standard query (0)	page.adobespark-assets.com	A (IP address)	IN (0x0001)
May 4, 2021 18:30:26.654872894 CEST	192.168.2.4	8.8.8.8	0x5983	Standard query (0)	honeywell-products.com	A (IP address)	IN (0x0001)
May 4, 2021 18:30:27.601289988 CEST	192.168.2.4	8.8.8.8	0xb4b0	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)
May 4, 2021 18:30:27.605354071 CEST	192.168.2.4	8.8.8.8	0x46c7	Standard query (0)	maxcdn.bootstrapcdn.com	A (IP address)	IN (0x0001)
May 4, 2021 18:30:27.640357971 CEST	192.168.2.4	8.8.8.8	0x890d	Standard query (0)	kit.fontawesome.com	A (IP address)	IN (0x0001)
May 4, 2021 18:30:27.696558952 CEST	192.168.2.4	8.8.8.8	0x6e8	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)
May 4, 2021 18:30:27.713977098 CEST	192.168.2.4	8.8.8.8	0xa8b	Standard query (0)	stackpath.bootstrapcdn.com	A (IP address)	IN (0x0001)
May 4, 2021 18:30:28.050678015 CEST	192.168.2.4	8.8.8.8	0x7e96	Standard query (0)	ka-f.fontawesome.com	A (IP address)	IN (0x0001)
May 4, 2021 18:30:41.056047916 CEST	192.168.2.4	8.8.8.8	0xd40f	Standard query (0)	static.adobelogin.com	A (IP address)	IN (0x0001)
May 4, 2021 18:30:41.488152981 CEST	192.168.2.4	8.8.8.8	0x33e2	Standard query (0)	assets.adobedtm.com	A (IP address)	IN (0x0001)
May 4, 2021 18:30:41.545733929 CEST	192.168.2.4	8.8.8.8	0x221	Standard query (0)	cdn.cookielaw.org	A (IP address)	IN (0x0001)
May 4, 2021 18:30:42.486138105 CEST	192.168.2.4	8.8.8.8	0xac72	Standard query (0)	dpm.demdex.net	A (IP address)	IN (0x0001)
May 4, 2021 18:30:42.965092897 CEST	192.168.2.4	8.8.8.8	0x8043	Standard query (0)	geolocation.onetrust.com	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
May 4, 2021 18:29:58.962948084 CEST	8.8.8.8	192.168.2.4	0x812c	No error (0)	lnkd.in		108.174.10.10	A (IP address)	IN (0x0001)
May 4, 2021 18:29:59.515592098 CEST	8.8.8.8	192.168.2.4	0x1f3	No error (0)	www.linkedin.com	www-linkedin-com.l-0005.l-msedge.net		CNAME (Canonical name)	IN (0x0001)
May 4, 2021 18:29:59.841478109 CEST	8.8.8.8	192.168.2.4	0x847c	No error (0)	spark.adobeprojectm.com		65.9.66.79	A (IP address)	IN (0x0001)
May 4, 2021 18:29:59.841478109 CEST	8.8.8.8	192.168.2.4	0x847c	No error (0)	spark.adobeprojectm.com		65.9.66.74	A (IP address)	IN (0x0001)
May 4, 2021 18:29:59.841478109 CEST	8.8.8.8	192.168.2.4	0x847c	No error (0)	spark.adobeprojectm.com		65.9.66.47	A (IP address)	IN (0x0001)
May 4, 2021 18:29:59.841478109 CEST	8.8.8.8	192.168.2.4	0x847c	No error (0)	spark.adobeprojectm.com		65.9.66.89	A (IP address)	IN (0x0001)
May 4, 2021 18:30:00.607762098 CEST	8.8.8.8	192.168.2.4	0x397e	No error (0)	page.adobespark-assets.com		65.9.66.115	A (IP address)	IN (0x0001)
May 4, 2021 18:30:00.607762098 CEST	8.8.8.8	192.168.2.4	0x397e	No error (0)	page.adobespark-assets.com		65.9.66.77	A (IP address)	IN (0x0001)
May 4, 2021 18:30:00.607762098 CEST	8.8.8.8	192.168.2.4	0x397e	No error (0)	page.adobespark-assets.com		65.9.66.64	A (IP address)	IN (0x0001)
May 4, 2021 18:30:00.607762098 CEST	8.8.8.8	192.168.2.4	0x397e	No error (0)	page.adobespark-assets.com		65.9.66.38	A (IP address)	IN (0x0001)
May 4, 2021 18:30:00.975754976 CEST	8.8.8.8	192.168.2.4	0xff88	No error (0)	use.typekit.net	use-stls.adobe.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)
May 4, 2021 18:30:01.705123901 CEST	8.8.8.8	192.168.2.4	0x4f57	No error (0)	s3.amazonaws.com		52.217.108.214	A (IP address)	IN (0x0001)
May 4, 2021 18:30:01.868669033 CEST	8.8.8.8	192.168.2.4	0xd09e	No error (0)	p.typekit.net	p.typekit.net-v3.edgekey.net		CNAME (Canonical name)	IN (0x0001)
May 4, 2021 18:30:19.555759907 CEST	8.8.8.8	192.168.2.4	0xf518	No error (0)	page.adobespark-assets.com		65.9.66.115	A (IP address)	IN (0x0001)
May 4, 2021 18:30:19.555759907 CEST	8.8.8.8	192.168.2.4	0xf518	No error (0)	page.adobespark-assets.com		65.9.66.64	A (IP address)	IN (0x0001)
May 4, 2021 18:30:19.555759907 CEST	8.8.8.8	192.168.2.4	0xf518	No error (0)	page.adobespark-assets.com		65.9.66.38	A (IP address)	IN (0x0001)
May 4, 2021 18:30:19.555759907 CEST	8.8.8.8	192.168.2.4	0xf518	No error (0)	page.adobespark-assets.com		65.9.66.77	A (IP address)	IN (0x0001)
May 4, 2021 18:30:26.721276999 CEST	8.8.8.8	192.168.2.4	0x5983	No error (0)	honeywell-products.com		69.49.234.166	A (IP address)	IN (0x0001)
May 4, 2021 18:30:27.653351068 CEST	8.8.8.8	192.168.2.4	0xb4b0	No error (0)	code.jquery.com	cds.s5x3j6q5.hwcdn.net		CNAME (Canonical name)	IN (0x0001)
May 4, 2021 18:30:27.664014101 CEST	8.8.8.8	192.168.2.4	0x46c7	No error (0)	maxcdn.bootstrapcdn.com		104.18.11.207	A (IP address)	IN (0x0001)
May 4, 2021 18:30:27.664014101 CEST	8.8.8.8	192.168.2.4	0x46c7	No error (0)	maxcdn.bootstrapcdn.com		104.18.10.207	A (IP address)	IN (0x0001)
May 4, 2021 18:30:27.699824095 CEST	8.8.8.8	192.168.2.4	0x890d	No error (0)	kit.fontawesome.com	kit.fontawesome.com.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
May 4, 2021 18:30:27.747627020 CEST	8.8.8.8	192.168.2.4	0x6e8	No error (0)	cdnjs.cloudflare.com		104.16.19.94	A (IP address)	IN (0x0001)
May 4, 2021 18:30:27.747627020 CEST	8.8.8.8	192.168.2.4	0x6e8	No error (0)	cdnjs.cloudflare.com		104.16.18.94	A (IP address)	IN (0x0001)
May 4, 2021 18:30:27.775144100 CEST	8.8.8.8	192.168.2.4	0xa8b	No error (0)	stackpath.bootstrapcdn.com		104.18.10.207	A (IP address)	IN (0x0001)
May 4, 2021 18:30:27.775144100 CEST	8.8.8.8	192.168.2.4	0xa8b	No error (0)	stackpath.bootstrapcdn.com		104.18.11.207	A (IP address)	IN (0x0001)
May 4, 2021 18:30:28.114026070 CEST	8.8.8.8	192.168.2.4	0x7e96	No error (0)	ka-f.fontawesome.com	ka-f.fontawesome.com.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
May 4, 2021 18:30:41.118479967 CEST	8.8.8.8	192.168.2.4	0xd40f	No error (0)	static.adobelogin.com	adobelogin-static.prod.ims.adobejanus.com		CNAME (Canonical name)	IN (0x0001)
May 4, 2021 18:30:41.118479967 CEST	8.8.8.8	192.168.2.4	0xd40f	No error (0)	adobelogin-static.prod.ims.adobejanus.com	dd20fzx9mj46f.cloudfront.net		CNAME (Canonical name)	IN (0x0001)
May 4, 2021 18:30:41.118479967 CEST	8.8.8.8	192.168.2.4	0xd40f	No error (0)	dd20fzx9mj46f.cloudfront.net		13.35.252.69	A (IP address)	IN (0x0001)
May 4, 2021 18:30:41.541291952 CEST	8.8.8.8	192.168.2.4	0x33e2	No error (0)	assets.adobedtm.com	cn-assets.adobedtm.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)
May 4, 2021 18:30:41.603029966 CEST	8.8.8.8	192.168.2.4	0x221	No error (0)	cdn.cookielaw.org		104.16.149.64	A (IP address)	IN (0x0001)
May 4, 2021 18:30:41.603029966 CEST	8.8.8.8	192.168.2.4	0x221	No error (0)	cdn.cookielaw.org		104.16.148.64	A (IP address)	IN (0x0001)
May 4, 2021 18:30:42.547161102 CEST	8.8.8.8	192.168.2.4	0xac72	No error (0)	dpm.demdex.net	gslb-2.demdex.net		CNAME (Canonical name)	IN (0x0001)
May 4, 2021 18:30:42.547161102 CEST	8.8.8.8	192.168.2.4	0xac72	No error (0)	gslb-2.demdex.net	edge-irl1.demdex.net		CNAME (Canonical name)	IN (0x0001)
May 4, 2021 18:30:42.547161102 CEST	8.8.8.8	192.168.2.4	0xac72	No error (0)	edge-irl1.demdex.net	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		CNAME (Canonical name)	IN (0x0001)
May 4, 2021 18:30:42.547161102 CEST	8.8.8.8	192.168.2.4	0xac72	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		34.246.133.154	A (IP address)	IN (0x0001)
May 4, 2021 18:30:42.547161102 CEST	8.8.8.8	192.168.2.4	0xac72	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		34.250.160.147	A (IP address)	IN (0x0001)
May 4, 2021 18:30:42.547161102 CEST	8.8.8.8	192.168.2.4	0xac72	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		52.214.68.15	A (IP address)	IN (0x0001)
May 4, 2021 18:30:42.547161102 CEST	8.8.8.8	192.168.2.4	0xac72	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		52.30.200.197	A (IP address)	IN (0x0001)
May 4, 2021 18:30:42.547161102 CEST	8.8.8.8	192.168.2.4	0xac72	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		54.76.54.153	A (IP address)	IN (0x0001)
May 4, 2021 18:30:42.547161102 CEST	8.8.8.8	192.168.2.4	0xac72	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		54.171.219.200	A (IP address)	IN (0x0001)
May 4, 2021 18:30:42.547161102 CEST	8.8.8.8	192.168.2.4	0xac72	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		18.203.106.177	A (IP address)	IN (0x0001)
May 4, 2021 18:30:42.547161102 CEST	8.8.8.8	192.168.2.4	0xac72	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		34.243.47.58	A (IP address)	IN (0x0001)
May 4, 2021 18:30:43.027153015 CEST	8.8.8.8	192.168.2.4	0x8043	No error (0)	geolocation.onetrust.com		104.20.184.68	A (IP address)	IN (0x0001)
May 4, 2021 18:30:43.027153015 CEST	8.8.8.8	192.168.2.4	0x8043	No error (0)	geolocation.onetrust.com		104.20.185.68	A (IP address)	IN (0x0001)
May 4, 2021 18:30:43.230762005 CEST	8.8.8.8	192.168.2.4	0xd30c	No error (0)	adobe.com.ssl.d1.sc.omtrdc.net		15.237.136.106	A (IP address)	IN (0x0001)
May 4, 2021 18:30:43.230762005 CEST	8.8.8.8	192.168.2.4	0xd30c	No error (0)	adobe.com.ssl.d1.sc.omtrdc.net		15.237.76.117	A (IP address)	IN (0x0001)
May 4, 2021 18:30:43.230762005 CEST	8.8.8.8	192.168.2.4	0xd30c	No error (0)	adobe.com.ssl.d1.sc.omtrdc.net		35.181.18.61	A (IP address)	IN (0x0001)

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
May 4, 2021 18:29:59.245161057 CEST	108.174.10.10	443	192.168.2.4	49732	CN=lnkd.in, O=LinkedIn Corporation, L=Sunnyvale, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Jan 07 01:00:00 CET 2021 Wed Sep 23 02:00:00 CEST 2020	Wed Jul 07 01:59:59 CEST 2021 Mon Sep 23 01:59:59 CEST 2030	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:29:59.245161057 CEST	108.174.10.10	443	192.168.2.4	49732	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Sep 23 02:00:00 CEST 2020	Mon Sep 23 01:59:59 CEST 2030		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:29:59.246186972 CEST	108.174.10.10	443	192.168.2.4	49733	CN=lnkd.in, O=LinkedIn Corporation, L=Sunnyvale, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Jan 07 01:00:00 CET 2021 Wed Sep 23 02:00:00 CEST 2020	Wed Jul 07 01:59:59 CEST 2021 Mon Sep 23 01:59:59 CEST 2030	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:29:59.246186972 CEST	108.174.10.10	443	192.168.2.4	49733	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Sep 23 02:00:00 CEST 2020	Mon Sep 23 01:59:59 CEST 2030		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:29:59.930959940 CEST	65.9.66.79	443	192.168.2.4	49737	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
May 4, 2021 18:29:59.930959940 CEST	65.9.66.79	443	192.168.2.4	49737	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		3faf2df7ab96c36419c31725cb1fa7d6
May 4, 2021 18:29:59.932682037 CEST	65.9.66.79	443	192.168.2.4	49738	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
May 4, 2021 18:29:59.932682037 CEST	65.9.66.79	443	192.168.2.4	49738	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		3faf2df7ab96c36419c31725cb1fa7d6
May 4, 2021 18:30:00.711365938 CEST	65.9.66.115	443	192.168.2.4	49743	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:00.711365938 CEST	65.9.66.115	443	192.168.2.4	49743	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:00.714674950 CEST	65.9.66.115	443	192.168.2.4	49742	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:00.714674950 CEST	65.9.66.115	443	192.168.2.4	49742	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:00.714708090 CEST	65.9.66.115	443	192.168.2.4	49741	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:00.714708090 CEST	65.9.66.115	443	192.168.2.4	49741	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:00.714730978 CEST	65.9.66.115	443	192.168.2.4	49740	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:00.714730978 CEST	65.9.66.115	443	192.168.2.4	49740	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:00.719698906 CEST	65.9.66.115	443	192.168.2.4	49739	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:00.719698906 CEST	65.9.66.115	443	192.168.2.4	49739	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:01.985956907 CEST	52.217.108.214	443	192.168.2.4	49746	CN=s3.amazonaws.com, O="Amazon.com, Inc.", L=Seattle, ST=Washington, C=US CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Aug 04 02:00:00 CEST 2020 Tue Dec 08 13:05:07 CET 2015	Mon Aug 09 14:00:00 CEST 2021 Sat May 10 14:00:00 CEST 2025	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
May 4, 2021 18:30:01.985956907 CEST	52.217.108.214	443	192.168.2.4	49746	CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Dec 08 13:05:07 CET 2015	Sat May 10 14:00:00 CEST 2025		3faf2df7ab96c36419c31725cb1fa7d6
May 4, 2021 18:30:02.035011053 CEST	52.217.108.214	443	192.168.2.4	49747	CN=s3.amazonaws.com, O="Amazon.com, Inc.", L=Seattle, ST=Washington, C=US CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Aug 04 02:00:00 CEST 2020 Tue Dec 08 13:05:07 CET 2015	Mon Aug 09 14:00:00 CEST 2021 Sat May 10 14:00:00 CEST 2025	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
May 4, 2021 18:30:02.035011053 CEST	52.217.108.214	443	192.168.2.4	49747	CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Dec 08 13:05:07 CET 2015	Sat May 10 14:00:00 CEST 2025		3faf2df7ab96c36419c31725cb1fa7d6
May 4, 2021 18:30:19.681230068 CEST	65.9.66.115	443	192.168.2.4	49760	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
May 4, 2021 18:30:19.681230068 CEST	65.9.66.115	443	192.168.2.4	49760	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		37f463bf4616ecd445d4a1937da06e19
May 4, 2021 18:30:27.055696011 CEST	69.49.234.166	443	192.168.2.4	49764	CN=honeywell-products.com CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Sun May 02 02:00:00 CEST 2021 Mon May 18 02:00:00 CEST 2015 Thu Jan 01 01:00:00 CET 2004	Sun Aug 01 01:59:59 CEST 2021 Sun May 18 01:59:59 CEST 2025 Mon Jan 01 00:59:59 CET 2029	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US	CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	Mon May 18 02:00:00 CEST 2015	Sun May 18 01:59:59 CEST 2025
					CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Thu Jan 01 01:00:00 CET 2004	Mon Jan 01 00:59:59 CET 2029
May 4, 2021 18:30:27.063957930 CEST	69.49.234.166	443	192.168.2.4	49765	CN=honeywell-products.com CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Sun May 02 02:00:00 CEST 2021 Mon May 18 02:00:00 CEST 2015 Thu Jan 01 01:00:00 CET 2004	Sun Aug 01 01:59:59 CEST 2021 Sun May 18 01:59:59 CEST 2025 Mon Jan 01 00:59:59 CET 2029	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US	CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	Mon May 18 02:00:00 CEST 2015	Sun May 18 01:59:59 CEST 2025
					CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Thu Jan 01 01:00:00 CET 2004	Mon Jan 01 00:59:59 CET 2029
May 4, 2021 18:30:27.793665886 CEST	104.18.11.207	443	192.168.2.4	49772	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Mar 01 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Tue Mar 01 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:27.793665886 CEST	104.18.11.207	443	192.168.2.4	49772	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:27.794882059 CEST	104.18.11.207	443	192.168.2.4	49773	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Mar 01 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Tue Mar 01 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:27.794882059 CEST	104.18.11.207	443	192.168.2.4	49773	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:27.861711979 CEST	104.16.19.94	443	192.168.2.4	49781	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Wed Oct 21 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Thu Oct 21 01:59:59 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:27.861711979 CEST	104.16.19.94	443	192.168.2.4	49781	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:27.864645958 CEST	104.16.19.94	443	192.168.2.4	49782	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Wed Oct 21 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Thu Oct 21 01:59:59 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:27.864645958 CEST	104.16.19.94	443	192.168.2.4	49782	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:27.883560896 CEST	104.18.10.207	443	192.168.2.4	49783	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Mar 01 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Tue Mar 01 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:27.883560896 CEST	104.18.10.207	443	192.168.2.4	49783	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:27.890824080 CEST	104.18.10.207	443	192.168.2.4	49784	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Mar 01 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Tue Mar 01 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:27.890824080 CEST	104.18.10.207	443	192.168.2.4	49784	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:41.212330103 CEST	13.35.252.69	443	192.168.2.4	49791	CN=static.adobelogin.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Sep 18 02:00:00 CEST 2019 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006	Wed Sep 22 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
May 4, 2021 18:30:41.238096952 CEST	13.35.252.69	443	192.168.2.4	49792	CN=static.adobelogin.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Sep 18 02:00:00 CEST 2019 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006	Wed Sep 22 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
May 4, 2021 18:30:42.171257019 CEST	104.16.149.64	443	192.168.2.4	49797	CN=cookielaw.org, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Wed Jul 01 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Thu Jul 01 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:42.171257019 CEST	104.16.149.64	443	192.168.2.4	49797	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:42.174654007 CEST	104.16.149.64	443	192.168.2.4	49798	CN=cookielaw.org, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Wed Jul 01 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Thu Jul 01 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:42.174654007 CEST	104.16.149.64	443	192.168.2.4	49798	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:42.884762049 CEST	34.246.133.154	443	192.168.2.4	49799	CN=*.demdex.net, OU=Digital Marketing, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Dec 02 01:00:00 CET 2020 Thu Sep 24 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006	Mon Jan 03 00:59:59 CET 2022 Tue Sep 24 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Sep 24 02:00:00 CEST 2020	Tue Sep 24 01:59:59 CEST 2030
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
May 4, 2021 18:30:42.890410900 CEST	34.246.133.154	443	192.168.2.4	49800	CN=*.demdex.net, OU=Digital Marketing, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Dec 02 01:00:00 CET 2020 Thu Sep 24 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006	Mon Jan 03 00:59:59 CET 2022 Tue Sep 24 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Sep 24 02:00:00 CEST 2020	Tue Sep 24 01:59:59 CEST 2030
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
May 4, 2021 18:30:43.238996983 CEST	104.20.184.68	443	192.168.2.4	49802	CN=onetrust.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Fri Feb 12 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Sat Feb 12 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:43.238996983 CEST	104.20.184.68	443	192.168.2.4	49802	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:43.239816904 CEST	104.20.184.68	443	192.168.2.4	49801	CN=onetrust.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Fri Feb 12 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Sat Feb 12 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:43.239816904 CEST	104.20.184.68	443	192.168.2.4	49801	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
May 4, 2021 18:30:43.440923929 CEST	15.237.136.106	443	192.168.2.4	49803	CN=sstats.adobe.com, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon May 18 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Aug 25 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
May 4, 2021 18:30:43.440923929 CEST	15.237.136.106	443	192.168.2.4	49803	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		3faf2df7ab96c36419c31725cb1fa7d6
May 4, 2021 18:30:43.440994024 CEST	15.237.136.106	443	192.168.2.4	49804	CN=sstats.adobe.com, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon May 18 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Aug 25 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
May 4, 2021 18:30:43.440994024 CEST	15.237.136.106	443	192.168.2.4	49804	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		3faf2df7ab96c36419c31725cb1fa7d6

Code Manipulations

Statistics

Behavior

Click to jump to process

System Behavior

Analysis Process: iexplore.exe PID: 6720 Parent PID: 800

General

Start time:	18:29:55
Start date:	04/05/2021
Path:	C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Imagebase:	0x7ff6f53d0000
File size:	823560 bytes
MD5 hash:	6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Analysis Process: iexplore.exe PID: 6804 Parent PID: 6720

General

Start time:	18:29:56
Start date:	04/05/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6720 CREDAT:17410 /prefetch:2
Imagebase:	0xd00000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, Email gateway, Environment variable, File monitoring, Malware reverse engineering, Network intrusion detection system, Network protocol analysis, Process command-line parameters, Process monitoring, Process use of network, SSL/TLS inspection, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, File monitoring, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, Azure AD, GCP, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report https://lnkd.in/efFSywC

Overview

General Information

Detection

Signatures

Classification

Startup

Malware Configuration

Yara Overview

Dropped Files

Sigma Overview

Signature Overview

AV Detection:

Phishing:

Compliance:

Networking:

System Summary:

Malware Analysis System Evasion:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTPS Packets

Code Manipulations

Statistics

Behavior

System Behavior

Analysis Process: iexplore.exe PID: 6720 Parent PID: 800

General

Analysis Process: iexplore.exe PID: 6804 Parent PID: 6720

General

Disassembly