Play interactive tour

Edit tour

Analysis Report https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/

Overview

General Information

Sample URL:	https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/
Analysis ID:	425520
Infos:
Most interesting Screenshot:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

No high impact signatures.

Classification

Process Tree

System is w10x64

iexplore.exe (PID: 6824 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 6912 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6824 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Source: unknown	HTTPS traffic detected: 185.216.78.150:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.216.78.150:443 -> 192.168.2.4:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.111.9.35:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.111.9.35:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.216.78.150:443 -> 192.168.2.4:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.207.130:443 -> 192.168.2.4:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.207.130:443 -> 192.168.2.4:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.4:49801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.4:49802 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.22.246:443 -> 192.168.2.4:49803 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.22.246:443 -> 192.168.2.4:49804 version: TLS 1.2

Source: about-us[2].htm.4.dr	String found in binary or memory: <div class="wpb_video_wrapper"><iframe width="500" height="281" src="https://www.youtube.com/embed/unXEs0crvtA?feature=oembed" frameborder="0" allow="autoplay; encrypted-media" allowfullscreen></iframe></div> equals www.youtube.com (Youtube)
Source: base[1].js.4.dr	String found in binary or memory: (g.Vm(b,"www.youtube.com"),c=b.toString()):c=Sv(c);b=new uy(c);b.set("cmo=pf","1");d&&b.set("cmo=td","a1.googlevideo.com");return b}; equals www.youtube.com (Youtube)
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: 8https://www.youtube.com/embed/unXEs0crvtA?feature=oembed equals www.youtube.com (Youtube)
Source: about-us[2].htm.4.dr	String found in binary or memory: <p>Find us on <a href="https://www.facebook.com/dickinsonsolicitors/">Facebook</a></p> equals www.facebook.com (Facebook)
Source: base[1].js.4.dr	String found in binary or memory: Mha,Nha);h=this.loaderUrl;var l=void 0===l?!1:l;this.sj=Jv(Lv(h,Oha,null),h,l,"Trusted Ad Domain URL");this.xa=kD(!1,a.privembed);this.protocol=0===this.Ib.indexOf("http:")?"http":"https";this.Aa=Nv((b?b.customBaseYoutubeUrl:a.BASE_YT_URL)\|\|"")\|\|Nv(this.Ib)\|\|this.protocol+"://www.youtube.com/";l=b?b.eventLabel:a.el;h="detailpage";"adunit"===l?h=this.l?"embedded":"detailpage":"embedded"===l\|\|this.u?h=lD(h,l,Pha):l&&(h="embedded");this.Ea=h;qq();l=null;h=b?b.playerStyle:a.ps;var m=g.fb(rD,h);!h\|\|m&& equals www.youtube.com (Youtube)
Source: base[1].js.4.dr	String found in binary or memory: g.IM.prototype.l=function(a){var b=this;epa(this);var c=a.cA,d=this.api.T();"GENERIC_WITHOUT_LINK"!==c\|\|d.C?"TOO_MANY_REQUESTS"===c?(d=this.api.getVideoData(),this.Wc(LM(this,"TOO_MANY_REQUESTS_WITH_LINK",d.Zl(),void 0,void 0,void 0,!1))):"HTML5_NO_AVAILABLE_FORMATS_FALLBACK"!==c\|\|d.C?this.Wc(g.JM(a.errorMessage)):this.Wc(LM(this,"HTML5_NO_AVAILABLE_FORMATS_FALLBACK_WITH_LINK_SHORT","//www.youtube.com/supported_browsers")):(a=d.hostLanguage,c="//support.google.com/youtube/?p=player_error1",a&&(c= equals www.youtube.com (Youtube)
Source: base[1].js.4.dr	String found in binary or memory: g.S(this.experiments,"web_player_api_logging_fraction");this.Da=!this.xa;this.enabledEngageTypes=new Set;this.deviceHasDisplay=b?!b.deviceIsAudioOnly:kD(!0,a.deviceHasDisplay);this.Jc=mD(this.Jc,a.ismb);t=a;g.yC(this.experiments,"html5_qoe_intercept")?t=g.yC(this.experiments,"html5_qoe_intercept"):this.rj?(t=t.vss_host\|\|"s.youtube.com",this.Z("www_for_videostats")&&"s.youtube.com"===t&&(t=JD(this.Aa)\|\|"www.youtube.com")):t="video.google.com";this.Xi=t;KD(this,a,!0);this.V=new RC;g.G(this,this.V); equals www.youtube.com (Youtube)
Source: base[1].js.4.dr	String found in binary or memory: g.TD=function(a){a=JD(a.Aa);return"www.youtube-nocookie.com"===a?"www.youtube.com":a}; equals www.youtube.com (Youtube)
Source: base[1].js.4.dr	String found in binary or memory: g.jE=function(a){var b=g.UD(a);!a.Z("yt_embeds_disable_new_error_lozenge_url")&&Sha.includes(b)&&(b="www.youtube.com");return a.protocol+"://"+b}; equals www.youtube.com (Youtube)
Source: base[1].js.4.dr	String found in binary or memory: g.k.clone=function(){var a=new Zm;a.u=this.u;this.i&&(a.i=this.i.clone(),a.l=this.l);return a};var fn="://secure-...imrworldwide.com/ ://cdn.imrworldwide.com/ ://aksecure.imrworldwide.com/ ://[^.]*.moatads.com ://youtube[0-9]+.moatpixel.com ://pm.adsafeprotected.com/youtube ://pm.test-adsafeprotected.com/youtube ://e[0-9]+.yt.srs.doubleverify.com www.google.com/pagead/xsul www.youtube.com/pagead/slav".split(" "),Xda=/\bocr\b/;var Yda=/(?:\[\|%5B)([a-zA-Z0-9_]+)(?:\]\|%5D)/g;var PD={FZ:"LIVING_ROOM_APP_MODE_UNSPECIFIED",CZ:"LIVING_ROOM_APP_MODE_MAIN",BZ:"LIVING_ROOM_APP_MODE_KIDS",DZ:"LIVING_ROOM_APP_MODE_MUSIC",EZ:"LIVING_ROOM_APP_MODE_UNPLUGGED",AZ:"LIVING_ROOM_APP_MODE_GAMING"};jn.prototype.set=function(a,b){b=void 0===b?!0:b;0<=a&&52>a&&0===a%1&&this.data_[a]!=b&&(this.data_[a]=b,this.i=-1)}; equals www.youtube.com (Youtube)
Source: base[1].js.4.dr	String found in binary or memory: g.k.getVideoUrl=function(a,b,c,d,e){b={list:b};c&&(e?b.time_continue=c:b.t=c);c=g.UD(this);d&&"www.youtube.com"===c?d="https://youtu.be/"+a:g.DD(this)?(d="https://"+c+"/fire",b.v=a):(d=this.protocol+"://"+c+"/watch",b.v=a,Gq&&(a=Io())&&(b.ebc=a));return g.Hd(d,b)}; equals www.youtube.com (Youtube)
Source: base[1].js.4.dr	String found in binary or memory: kJ.prototype.replace=function(a,b){a=g.q(a);for(var c=a.next();!c.done;c=a.next())delete this.i[c.value.encryptedTokenJarContents];kla(this,b)};var lJ;mla.prototype.Xn=function(a){var b;a=null===(b=a.responseContext)\|\|void 0===b?void 0:b.locationPlayabilityToken;void 0!==a&&(this.locationPlayabilityToken=a,this.i=void 0,"TVHTML5"===g.M("INNERTUBE_CLIENT_NAME")?(this.localStorage=lla(this))&&this.localStorage.set("yt-location-playability-token",a,15552E3):g.Eo("YT_CL",JSON.stringify({i6:a}),15552E3,void 0,!0))};var oJ;g.v(nJ,js);nJ.prototype.Dv=function(a,b){a=js.prototype.Dv.call(this,a,b);return Object.assign(Object.assign({},a),this.i)};var Cla=/[&\?]action_proxy=1/,Bla=/[&\?]token=([\w-])/,Dla=/[&\?]video_id=([\w-])/,Ela=/[&\?]index=([\d-])/,Fla=/[&\?]m_pos_ms=([\d-])/,Ila=/[&\?]vvt=([\w-]*)/,wla="ca_type dt el flash u_tz u_his u_h u_w u_ah u_aw u_cd u_nplug u_nmime frm u_java bc bih biw brdim vis wgl".split(" "),Gla="www.youtube-nocookie.com youtube-nocookie.com www.youtube-nocookie.com:443 youtube.googleapis.com www.youtubeedu.com www.youtubeeducation.com video.google.com redirector.gvt1.com".split(" "),yla={android:"ANDROID", equals www.youtube.com (Youtube)
Source: base[1].js.4.dr	String found in binary or memory: sha=function(a,b){if(!a.i["0"]){var c=new cB("0","fakesb",{video:new ZA(0,0,0,void 0,void 0,"auto")});a.i["0"]=b?new kA(new uy("http://www.youtube.com/videoplayback"),c,"fake"):new VA(new uy("http://www.youtube.com/videoplayback"),c,new Rz(0,0),new Rz(0,0))}}; equals www.youtube.com (Youtube)
Source: base[1].js.4.dr	String found in binary or memory: {tC:!0}),bja(this.videoData),this.X("highrepfallback");else if(a.i){b=this.l?this.l.l.u:null;if(sxa(a)&&b&&b.isLocked())var d="FORMAT_UNAVAILABLE";else if(!this.i.C&&"auth"===a.errorCode&&"429"===a.details.rc){d="TOO_MANY_REQUESTS";var e="6"}this.X("playererror",a.errorCode,d,g.BB(a.details),e)}else this.X("nonfatalerror",a),d=/^pp/.test(this.videoData.clientPlaybackNonce),EU(this,a.errorCode,a.details),d&&"manifest.net.connect"===a.errorCode&&(a="https://www.youtube.com/generate_204?cpn="+this.videoData.clientPlaybackNonce+ equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: www.dickinsonsolicitors.co.uk

Source: about-us[2].htm.4.dr	String found in binary or memory: http://browsehappy.com/
Source: animate.min[1].css.4.dr	String found in binary or memory: http://daneden.me/animate
Source: font-awesome.min[1].css.4.dr	String found in binary or memory: http://fontawesome.io
Source: font-awesome.min[1].css.4.dr	String found in binary or memory: http://fontawesome.io/license
Source: style[1].css.4.dr, bootstrap.min[1].js.4.dr	String found in binary or memory: http://getbootstrap.com)
Source: js_composer_front.min[1].js.4.dr	String found in binary or memory: http://go.wpbakery.com/licensing
Source: lightbox.min[1].js.4.dr	String found in binary or memory: http://lokeshdhakar.com/projects/lightbox2/
Source: animate.min[1].css.4.dr	String found in binary or memory: http://opensource.org/licenses/MIT
Source: KFOmCnqEu92Fr1Mu4mxP[1].ttf.4.dr, KFOlCnqEu92Fr1MmEU9fBBc9[1].ttf.4.dr, KFOlCnqEu92Fr1MmYUtfBBc9[1].ttf.4.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: about-us[2].htm.4.dr, W5V25666.htm.4.dr	String found in binary or memory: http://www.dickinsonsolicitors.co.uk/about-us/
Source: about-us[2].htm.4.dr	String found in binary or memory: http://www.dickinsonsolicitors.co.uk/privacy-policy/
Source: style[1].css.4.dr	String found in binary or memory: http://www.quicklaunch.co/
Source: base[1].js.4.dr	String found in binary or memory: http://www.youtube.com/videoplayback
Source: base[1].js.4.dr	String found in binary or memory: http://youtube.com/drm/2012/10/10
Source: base[1].js.4.dr	String found in binary or memory: http://youtube.com/streaming/metadata/segment/102015
Source: base[1].js.4.dr	String found in binary or memory: http://youtube.com/streaming/otf/durations/112015
Source: base[1].js.4.dr	String found in binary or memory: http://youtube.com/yt/2012/10/10
Source: base[1].js.4.dr	String found in binary or memory: https://admin.youtube.com
Source: js[1].js.4.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: 55849r[1].htm.4.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Source: analytics[1].js.4.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: about-us[2].htm.4.dr, services[1].htm.4.dr, coronavirus-covid-19-notice-june-2020[1].htm.4.dr, contact-us[1].htm.4.dr, meet-the-team[1].htm.4.dr, uncategorised[1].htm.4.dr, W5V25666.htm.4.dr	String found in binary or memory: https://api.w.org/
Source: js[1].js.4.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: 55849r[1].htm.4.dr	String found in binary or memory: https://cdn.yoshki.com/SRA/EnglishMono/275/0/Default.png
Source: ~DF9D14BCA536AA396F.TMP.2.dr, about-us[2].htm.4.dr	String found in binary or memory: https://cdn.yoshki.com/iframe/55849r.html
Source: 55849r[1].htm.4.dr	String found in binary or memory: https://cdn.yoshki.com/responsive-ie.css
Source: 55849r[1].htm.4.dr	String found in binary or memory: https://cdn.yoshki.com/responsive.css
Source: 55849r[1].htm.4.dr	String found in binary or memory: https://cdn.yoshki.com/yoshki-library.js
Source: about-us[2].htm.4.dr	String found in binary or memory: https://developers.google.com/analytics/devguides/collection/analyticsjs/
Source: recaptcha__en[1].js.4.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: recaptcha__en[1].js.4.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: recaptcha__en[1].js.4.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: base[1].js.4.dr	String found in binary or memory: https://docs.google.com/get_video_info
Source: v4-shims.min[1].css.4.dr, fa-regular-400[1].eot.4.dr, all[1].js.4.dr	String found in binary or memory: https://fontawesome.com
Source: all[1].js.4.dr	String found in binary or memory: https://fontawesome.com/license
Source: v4-shims.min[1].css.4.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: fa-regular-400[1].eot.4.dr, fa-solid-900[1].eot.4.dr	String found in binary or memory: https://fontawesome.comhttps://fontawesome.comFont
Source: services[1].htm.4.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Abril
Source: about-us[2].htm.4.dr, services[1].htm.4.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Open
Source: about-us[2].htm.4.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=PT
Source: css[1].css0.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/abrilfatface/v12/zOL64pLDlL1D99S8g8PtiKchq-dmiw.woff)
Source: css[2].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhv.woff)
Source: css[2].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN8rsOUuhv.woff)
Source: css[2].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhv.woff)
Source: css[2].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhv.woff)
Source: css[2].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v20/mem6YaGs126MiZpBA-UFUK0Zdcs.woff)
Source: css[2].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0d.woff)
Source: css[2].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKW-U9hrIqU.woff)
Source: css[2].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKWiUNhrIqU.woff)
Source: css[2].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKWyV9hrIqU.woff)
Source: css[2].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKXGUdhrIqU.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptserif/v12/EJRQQgYoZZY2vCFuvAFT9gaQZynfpg.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptserif/v12/EJRSQgYoZZY2vCFuvAnt66qSVy0.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptserif/v12/EJRTQgYoZZY2vCFuvAFT_r21dA.woff)
Source: css[1].css.4.dr	String found in binary or memory: https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzrk.woff)
Source: style[1].css.4.dr	String found in binary or memory: https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css
Source: vc-waypoints.min[1].js.4.dr	String found in binary or memory: https://github.com/imakewebthings/waypoints/blob/master/licenses.txt
Source: lightbox.min[1].js.4.dr	String found in binary or memory: https://github.com/lokesh/lightbox2/blob/master/LICENSE
Source: style[1].css.4.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: embed[1].htm.4.dr	String found in binary or memory: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geo
Source: embed[1].htm.4.dr	String found in binary or memory: https://maps.gstatic.com/maps-api-v3/embed/js/44/14/init_embed.js
Source: about-us[2].htm.4.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=5.7.2
Source: about-us[2].htm.4.dr	String found in binary or memory: https://ogp.me/ns#
Source: js[1].js.4.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: base[1].js.4.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/osd.js
Source: recaptcha__en[1].js.4.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: about-us[2].htm.4.dr	String found in binary or memory: https://quicklaunch.co
Source: base[1].js.4.dr	String found in binary or memory: https://redux.js.org/api/store#subscribelistener
Source: embed[1].htm.4.dr	String found in binary or memory: https://search.google.com/local/reviews?placeid=ChIJlZn_eC5Be0gRexpN5Lwazkg
Source: analytics[1].js.4.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: recaptcha__en[1].js.4.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: recaptcha__en[1].js.4.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: recaptcha__en[1].js.4.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: recaptcha__en[1].js.4.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: base[1].js.4.dr	String found in binary or memory: https://support.google.com/youtube/?p=missing_quality
Source: base[1].js.4.dr	String found in binary or memory: https://support.google.com/youtube/?p=noaudio
Source: base[1].js.4.dr	String found in binary or memory: https://support.google.com/youtube/?p=report_playback
Source: base[1].js.4.dr	String found in binary or memory: https://support.google.com/youtube/answer/6276924
Source: remote[1].js.4.dr	String found in binary or memory: https://support.google.com/youtube/answer/7640706
Source: analytics[1].js.4.dr	String found in binary or memory: https://tagassistant.google.com/
Source: about-us[2].htm.4.dr	String found in binary or memory: https://use.fontawesome.com/releases/v5.0.13/js/all.js
Source: base[1].js.4.dr	String found in binary or memory: https://viacon.corp.google.com
Source: js_composer_front.min[1].js.4.dr	String found in binary or memory: https://wpbakery.com)
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk
Source: W5V25666.htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/?p=2
Source: meet-the-team[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/?p=218
Source: coronavirus-covid-19-notice-june-2020[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/?p=338
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/?p=36
Source: contact-us[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/?p=40
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/about-us/
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/about-us/07/cropped-favicon-270x270.png
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/about-us/jby51azo0NDM.&hl=en&v=eWmgPeIYKJsH2R2FrgakEIkq&size=i
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/about-us/ncategorised/-favicon-270x270.png
Source: uncategorised[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/category/uncategorised/
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/category/uncategorised/-favicon-270x270.png
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/category/uncategorised/JUncategorised
Source: uncategorised[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/category/uncategorised/feed/
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/complaints/
Source: contact-us[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/contact-us/
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/contact-us/DContact
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/contact-us/m/
Source: coronavirus-covid-19-notice-june-2020[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/
Source: {EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/Root
Source: coronavirus-covid-19-notice-june-2020[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/feed/
Source: {EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/olicitors.co.uk/coronavi
Source: {EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/olicitors.co.uk/ronaviru
Source: meet-the-team[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/meet-the-team/
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/meet-the-team/JMeet
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/ronavirus-covid-19-notice-june-2020/
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/ronavirus-covid-19-notice-june-2020/8/07/cropped-favicon-270x2
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/services/
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/services/commercial-property/
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/services/conveyancing/
Source: services[1].htm.4.dr, W5V25666.htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/services/employment-law/
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/services/family-law/
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/services/landlord-and-tenant/
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/services/powers-of-attorney/
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/services/s-covid-19-notice-june-2020/
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/services/wills-probate/
Source: services[1].htm.4.dr, W5V25666.htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-admin/admin-ajax.php
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?v
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/google-analytics-for-wordpress/assets/js/fr
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/css/js_composer.min.css?
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/js/dist/js_composer_fron
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/js/dist/vc_grid.min.js?v
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/animate-css/an
Source: W5V25666.htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/c
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/i
Source: services[1].htm.4.dr, W5V25666.htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/lightbox2/dist
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/a
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/o
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-wayp
Source: about-us[2].htm.4.dr, services[1].htm.4.dr, meet-the-team[1].htm.4.dr, W5V25666.htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-child-theme/style.css
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/appl
Source: ~DF9D14BCA536AA396F.TMP.2.dr, about-us[2].htm.4.dr, imagestore.dat.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/favi
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/js/main.js?
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/js/vendor/b
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/js/vendor/h
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/style.css?ver=5.7.2
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/dickinsons-office-1024x768.jpg
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/dickinsons-office-300x225.jpg
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/dickinsons-office-768x576.jpg
Source: contact-us[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/dickinsons-office-shot.jpg
Source: W5V25666.htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/dickinsons-office.jpg
Source: W5V25666.htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/dickinsonsolicitors.seesites.biz_-_
Source: meet-the-team[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/matthew-lardner.png
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/office-background.jpg
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/slider-2.jpg
Source: meet-the-team[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/IMG_3026-1-282x300.jpg
Source: meet-the-team[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/IMG_3026-1.jpg
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/cropped-favicon-180x180.png
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/cropped-favicon-192x192.png
Source: ~DF9D14BCA536AA396F.TMP.2.dr, about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/cropped-favicon-270x270.png
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/cropped-favicon-32x32.png
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinson-logo-white-1.png
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinsons-logo-WHITE-1024x120.png
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinsons-logo-WHITE-300x35.png
Source: W5V25666.htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinsons-logo-WHITE-600x70.png
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinsons-logo-WHITE-768x90.png
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinsons-logo-WHITE.png
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-dom-rect.min.js?ver=3.4
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-element-closest.min.js?
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-fetch.min.js?ver=3.0.0
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-formdata.min.js?ver=3.0
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-node-contains.min.js?ve
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-object-fit.min.js?ver=2
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-url.min.js?ver=3.6.4
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-includes/js/underscore.min.js?ver=1.8.3
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-includes/js/wp-embed.min.js?ver=5.7.2
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-includes/wlwmanifest.xml
Source: about-us[2].htm.4.dr, services[1].htm.4.dr, coronavirus-covid-19-notice-june-2020[1].htm.4.dr, contact-us[1].htm.4.dr, meet-the-team[1].htm.4.dr, uncategorised[1].htm.4.dr, W5V25666.htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-json/
Source: W5V25666.htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.dickinsonsolici
Source: uncategorised[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-json/wp/v2/categories/1
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-json/wp/v2/pages/2
Source: meet-the-team[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-json/wp/v2/pages/218
Source: services[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-json/wp/v2/pages/36
Source: contact-us[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-json/wp/v2/pages/40
Source: W5V25666.htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-json/wp/v2/pages/6
Source: coronavirus-covid-19-notice-june-2020[1].htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/wp-json/wp/v2/posts/338
Source: about-us[2].htm.4.dr, services[1].htm.4.dr, coronavirus-covid-19-notice-june-2020[1].htm.4.dr, contact-us[1].htm.4.dr, meet-the-team[1].htm.4.dr, uncategorised[1].htm.4.dr, W5V25666.htm.4.dr	String found in binary or memory: https://www.dickinsonsolicitors.co.uk/xmlrpc.php?rsd
Source: {EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	String found in binary or memory: https://www.dickiolicitors.co.uk/about-us/Root
Source: {EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	String found in binary or memory: https://www.dickiolicitors.co.uk/category/uncategorised/Root
Source: {EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	String found in binary or memory: https://www.dickiolicitors.co.uk/contact-us/m/Root
Source: {EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	String found in binary or memory: https://www.dickiolicitors.co.uk/meet-the-team/Root
Source: {EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	String found in binary or memory: https://www.dickiolicitors.co.uk/services/Root
Source: {EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	String found in binary or memory: https://www.dickionavirusco.uk/category/uncategorised/Root
Source: js[1].js.4.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: analytics[1].js.4.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: analytics[1].js.4.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.4.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.google.co.uk/maps/dir/
Source: js[1].js.4.dr	String found in binary or memory: https://www.google.com
Source: recaptcha__en[1].js.4.dr	String found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: ~DF9D14BCA536AA396F.TMP.2.dr, contact-us[1].htm.4.dr	String found in binary or memory: https://www.google.com/maps/embed?pb=
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?render=6LfmMJ0UAAAAADP280q3cebbJ7e0Xs9ffHLgUKeH&ver=3.0
Source: anchor[1].htm2.4.dr, anchor[1].htm0.4.dr, recaptcha__en[1].js.4.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfmMJ0UAAAAADP280q3cebbJ7e0Xs9ffHLgUKeH&co=aHR0
Source: base[1].js.4.dr	String found in binary or memory: https://www.googleapis.com/certificateprovisioning/v1/devicecertificates/create?key=AIzaSyB-5OLKTx2i
Source: js[1].js.4.dr	String found in binary or memory: https://www.googletagmanager.com/a?id=
Source: js[1].js.4.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.4.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: {EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	String found in binary or memory: https://www.gov.uk/cor
Source: coronavirus-covid-19-notice-june-2020[1].htm.4.dr	String found in binary or memory: https://www.gov.uk/coronavirus
Source: ~DF9D14BCA536AA396F.TMP.2.dr	String found in binary or memory: https://www.gov.uk/coronavirusco.uk/category/uncategorised/-favicon-270x270.png
Source: remote[1].js.4.dr	String found in binary or memory: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Source: anchor[1].htm2.4.dr, anchor[1].htm0.4.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/recaptcha__en.js
Source: anchor[1].htm.4.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/styles__ltr.css
Source: about-us[2].htm.4.dr	String found in binary or memory: https://www.monsterinsights.com/
Source: ~DF9D14BCA536AA396F.TMP.2.dr, about-us[2].htm.4.dr	String found in binary or memory: https://www.youtube.com/embed/unXEs0crvtA?feature=oembed
Source: base[1].js.4.dr	String found in binary or memory: https://www.youtube.com/generate_204?cpn=
Source: base[1].js.4.dr	String found in binary or memory: https://youtu.be/
Source: base[1].js.4.dr	String found in binary or memory: https://youtube.com/api/drm/fps?ek=uninitialized
Source: base[1].js.4.dr	String found in binary or memory: https://youtubei.googleapis.com/youtubei/
Source: base[1].js.4.dr	String found in binary or memory: https://yurt.corp.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 185.216.78.150:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.216.78.150:443 -> 192.168.2.4:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.111.9.35:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.111.9.35:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.216.78.150:443 -> 192.168.2.4:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.207.130:443 -> 192.168.2.4:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.207.130:443 -> 192.168.2.4:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.4:49801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.4:49802 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.22.246:443 -> 192.168.2.4:49803 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.22.246:443 -> 192.168.2.4:49804 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@3/134@10/6

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{EFAE5A2B-BED4-11EB-90EB-ECF4BBEA1588}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DFF66057CE745CF777.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6824 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6824 CREDAT:17410 /prefetch:2

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	File and Directory Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/	0%	Virustotal		Browse
https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/	0%	Avira URL Cloud	safe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
www.dickinsonsolicitors.co.uk	0%	Virustotal		Browse
cdn.yoshki.com	0%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinsons-logo-WHITE-600x70.png	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/services/landlord-and-tenant/	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/cropped-favicon-180x180.png	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-element-closest.min.js?	0%	Avira URL Cloud	safe
https://cdn.yoshki.com/SRA/EnglishMono/275/0/Default.png	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/js/dist/js_composer_fron	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-json/wp/v2/pages/36	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-fetch.min.js?ver=3.0.0	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/category/uncategorised/feed/	0%	Avira URL Cloud	safe
http://www.quicklaunch.co/	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/Root	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/olicitors.co.uk/coronavi	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/cropped-favicon-192x192.png	0%	Avira URL Cloud	safe
http://www.dickinsonsolicitors.co.uk/about-us/	0%	Avira URL Cloud	safe
https://fontawesome.comhttps://fontawesome.comFont	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/?p=40	0%	Avira URL Cloud	safe
https://www.dickiolicitors.co.uk/meet-the-team/Root	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-includes/js/underscore.min.js?ver=1.8.3	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinsons-logo-WHITE-768x90.png	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/ronavirus-covid-19-notice-june-2020/8/07/cropped-favicon-270x2	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/ronavirus-covid-19-notice-june-2020/	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-json/wp/v2/pages/40	0%	Avira URL Cloud	safe
https://wpbakery.com)	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/about-us/ncategorised/-favicon-270x270.png	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/category/uncategorised/-favicon-270x270.png	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/slider-2.jpg	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/category/uncategorised/JUncategorised	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinsons-logo-WHITE-300x35.png	0%	Avira URL Cloud	safe
http://getbootstrap.com)	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-includes/wlwmanifest.xml	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?v	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/complaints/	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-formdata.min.js?ver=3.0	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/contact-us/m/	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/services/employment-law/	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/services/powers-of-attorney/	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.5.1	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-wayp	0%	Avira URL Cloud	safe
https://cdn.yoshki.com/responsive-ie.css	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/about-us/jby51azo0NDM.&hl=en&v=eWmgPeIYKJsH2R2FrgakEIkq&size=i	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.dickinsonsolici	0%	Avira URL Cloud	safe
https://www.dickiolicitors.co.uk/about-us/Root	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/i	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/appl	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/js/vendor/h	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-json/wp/v2/posts/338	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/office-background.jpg	0%	Avira URL Cloud	safe
https://cct.google/taggy/agent.js	0%	URL Reputation	safe
https://cct.google/taggy/agent.js	0%	URL Reputation	safe
https://cct.google/taggy/agent.js	0%	URL Reputation	safe
https://www.google.co.uk/maps/dir/	0%	Avira URL Cloud	safe
https://cdn.yoshki.com/yoshki-library.js	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/dickinsons-office-1024x768.jpg	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/js/dist/vc_grid.min.js?v	0%	Avira URL Cloud	safe
https://cdn.yoshki.com/iframe/55849r.html	0%	Avira URL Cloud	safe
https://www.google.%/ads/ga-audiences	0%	URL Reputation	safe
https://www.google.%/ads/ga-audiences	0%	URL Reputation	safe
https://www.google.%/ads/ga-audiences	0%	URL Reputation	safe
https://www.dickionavirusco.uk/category/uncategorised/Root	0%	Avira URL Cloud	safe
https://www.dickiolicitors.co.uk/category/uncategorised/Root	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/olicitors.co.uk/ronaviru	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/about-us/07/cropped-favicon-270x270.png	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/contact-us/DContact	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/feed/	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/IMG_3026-1-282x300.jpg	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-node-contains.min.js?ve	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-includes/js/wp-embed.min.js?ver=5.7.2	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/google-analytics-for-wordpress/assets/js/fr	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/animate-css/an	0%	Avira URL Cloud	safe
https://www.gov.uk/cor	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/services/wills-probate/	0%	Avira URL Cloud	safe
https://www.dickiolicitors.co.uk/services/Root	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-url.min.js?ver=3.6.4	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/?p=338	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/?p=218	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/a	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/dickinsonsolicitors.seesites.biz_-_	0%	Avira URL Cloud	safe
https://www.dickinsonsolicitors.co.uk/wp-json/	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
googleads.g.doubleclick.net	216.58.207.130	true	false		high
i.ytimg.com	172.217.22.246	true	false		high
photos-ugc.l.googleusercontent.com	142.250.185.65	true	false		high
fontawesome-cdn.fonticons.netdna-cdn.com	23.111.9.35	true	false		high
maxcdn.bootstrapcdn.com	104.18.11.207	true	false		high
www.dickinsonsolicitors.co.uk	185.216.78.150	true	false	0%, Virustotal, Browse	unknown
use.fontawesome.com	unknown	unknown	false		high
yt3.ggpht.com	unknown	unknown	false		high
cdn.yoshki.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
www.youtube.com	unknown	unknown	false		high
static.doubleclick.net	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Reputation
https://www.dickinsonsolicitors.co.uk/	false	unknown
https://www.dickinsonsolicitors.co.uk/services/	false	unknown
https://www.gov.uk/coronavirus	false	unknown
https://www.dickinsonsolicitors.co.uk/category/uncategorised/	false	unknown
https://www.dickinsonsolicitors.co.uk/meet-the-team/	false	unknown
https://www.dickinsonsolicitors.co.uk/about-us/	false	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinsons-logo-WHITE-600x70.png	W5V25666.htm.4.dr	false	Avira URL Cloud: safe	unknown
http://fontawesome.io	font-awesome.min[1].css.4.dr	false		high
https://ogp.me/ns#	about-us[2].htm.4.dr	false		high
https://www.dickinsonsolicitors.co.uk/services/landlord-and-tenant/	services[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.monsterinsights.com/	about-us[2].htm.4.dr	false		high
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/cropped-favicon-180x180.png	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-element-closest.min.js?	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://cdn.yoshki.com/SRA/EnglishMono/275/0/Default.png	55849r[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/js/dist/js_composer_fron	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-json/wp/v2/pages/36	services[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-fetch.min.js?ver=3.0.0	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/category/uncategorised/feed/	uncategorised[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
http://youtube.com/streaming/otf/durations/112015	base[1].js.4.dr	false		high
http://www.quicklaunch.co/	style[1].css.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/Root	{EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/olicitors.co.uk/coronavi	{EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/cropped-favicon-192x192.png	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
http://www.dickinsonsolicitors.co.uk/about-us/	about-us[2].htm.4.dr, W5V25666.htm.4.dr	false	Avira URL Cloud: safe	unknown
https://fontawesome.comhttps://fontawesome.comFont	fa-regular-400[1].eot.4.dr, fa-solid-900[1].eot.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/?p=40	contact-us[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickiolicitors.co.uk/meet-the-team/Root	{EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-includes/js/underscore.min.js?ver=1.8.3	services[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinsons-logo-WHITE-768x90.png	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://fontawesome.com	v4-shims.min[1].css.4.dr, fa-regular-400[1].eot.4.dr, all[1].js.4.dr	false		high
https://www.dickinsonsolicitors.co.uk/ronavirus-covid-19-notice-june-2020/8/07/cropped-favicon-270x2	~DF9D14BCA536AA396F.TMP.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://admin.youtube.com	base[1].js.4.dr	false		high
https://www.dickinsonsolicitors.co.uk/ronavirus-covid-19-notice-june-2020/	~DF9D14BCA536AA396F.TMP.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-json/wp/v2/pages/40	contact-us[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://wpbakery.com)	js_composer_front.min[1].js.4.dr	false	Avira URL Cloud: safe	low
https://www.dickinsonsolicitors.co.uk/about-us/ncategorised/-favicon-270x270.png	~DF9D14BCA536AA396F.TMP.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/category/uncategorised/-favicon-270x270.png	~DF9D14BCA536AA396F.TMP.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/slider-2.jpg	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/category/uncategorised/JUncategorised	~DF9D14BCA536AA396F.TMP.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinsons-logo-WHITE-300x35.png	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
http://getbootstrap.com)	style[1].css.4.dr, bootstrap.min[1].js.4.dr	false	Avira URL Cloud: safe	low
https://www.dickinsonsolicitors.co.uk/wp-includes/wlwmanifest.xml	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://stats.g.doubleclick.net/j/collect	analytics[1].js.4.dr	false		high
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?v	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/complaints/	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-formdata.min.js?ver=3.0	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/contact-us/m/	~DF9D14BCA536AA396F.TMP.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/services/employment-law/	services[1].htm.4.dr, W5V25666.htm.4.dr	false	Avira URL Cloud: safe	unknown
https://use.fontawesome.com/releases/v5.0.13/js/all.js	about-us[2].htm.4.dr	false		high
https://www.dickinsonsolicitors.co.uk/services/powers-of-attorney/	services[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.5.1	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/	W5V25666.htm.4.dr	false		unknown
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-wayp	services[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://cdn.yoshki.com/responsive-ie.css	55849r[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.youtube.com/generate_204?cpn=	base[1].js.4.dr	false		high
https://www.dickinsonsolicitors.co.uk/about-us/jby51azo0NDM.&hl=en&v=eWmgPeIYKJsH2R2FrgakEIkq&size=i	~DF9D14BCA536AA396F.TMP.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.dickinsonsolici	W5V25666.htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickiolicitors.co.uk/about-us/Root	{EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/i	services[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/appl	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/js/vendor/h	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-json/wp/v2/posts/338	coronavirus-covid-19-notice-june-2020[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/contact-us/	contact-us[1].htm.4.dr	false		unknown
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/office-background.jpg	services[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
http://youtube.com/yt/2012/10/10	base[1].js.4.dr	false		high
https://cct.google/taggy/agent.js	js[1].js.4.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://www.google.co.uk/maps/dir/	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://cdn.yoshki.com/yoshki-library.js	55849r[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/dickinsons-office-1024x768.jpg	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/js/dist/vc_grid.min.js?v	services[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://cdn.yoshki.com/iframe/55849r.html	~DF9D14BCA536AA396F.TMP.2.dr, about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.google.%/ads/ga-audiences	analytics[1].js.4.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	low
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=5.7.2	about-us[2].htm.4.dr	false		high
https://www.dickionavirusco.uk/category/uncategorised/Root	{EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	false	Avira URL Cloud: safe	unknown
http://www.youtube.com/videoplayback	base[1].js.4.dr	false		high
https://www.dickiolicitors.co.uk/category/uncategorised/Root	{EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/olicitors.co.uk/ronaviru	{EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	false	Avira URL Cloud: safe	unknown
https://github.com/twbs/bootstrap/blob/master/LICENSE)	style[1].css.4.dr	false		high
https://www.dickinsonsolicitors.co.uk/about-us/07/cropped-favicon-270x270.png	~DF9D14BCA536AA396F.TMP.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/contact-us/DContact	~DF9D14BCA536AA396F.TMP.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/feed/	coronavirus-covid-19-notice-june-2020[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/IMG_3026-1-282x300.jpg	meet-the-team[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-node-contains.min.js?ve	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-includes/js/wp-embed.min.js?ver=5.7.2	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/google-analytics-for-wordpress/assets/js/fr	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.youtube.com/embed/unXEs0crvtA?feature=oembed	~DF9D14BCA536AA396F.TMP.2.dr, about-us[2].htm.4.dr	false		high
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/animate-css/an	services[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.gov.uk/cor	{EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/services/wills-probate/	services[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickiolicitors.co.uk/services/Root	{EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat.2.dr	false	Avira URL Cloud: safe	unknown
http://browsehappy.com/	about-us[2].htm.4.dr	false		high
https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-url.min.js?ver=3.6.4	about-us[2].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/?p=338	coronavirus-covid-19-notice-june-2020[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/?p=218	meet-the-team[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/meet-the-team/	meet-the-team[1].htm.4.dr	false		unknown
https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/a	services[1].htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/dickinsonsolicitors.seesites.biz_-_	W5V25666.htm.4.dr	false	Avira URL Cloud: safe	unknown
https://www.dickinsonsolicitors.co.uk/wp-json/	about-us[2].htm.4.dr, services[1].htm.4.dr, coronavirus-covid-19-notice-june-2020[1].htm.4.dr, contact-us[1].htm.4.dr, meet-the-team[1].htm.4.dr, uncategorised[1].htm.4.dr, W5V25666.htm.4.dr	false	Avira URL Cloud: safe	unknown

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
23.111.9.35	fontawesome-cdn.fonticons.netdna-cdn.com	United States	33438	HIGHWINDS2US	false
172.217.22.246	i.ytimg.com	United States	15169	GOOGLEUS	false
185.216.78.150	www.dickinsonsolicitors.co.uk	United Kingdom	61323	UKFASTGB	false
104.18.11.207	maxcdn.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
216.58.207.130	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
142.250.185.65	photos-ugc.l.googleusercontent.com	United States	15169	GOOGLEUS	false

General Information

Joe Sandbox Version:	32.0.0 Black Diamond
Analysis ID:	425520
Start date:	27.05.2021
Start time:	12:17:58
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 6m 48s
Hypervisor based Inspection enabled:	false
Report type:	light
Cookbook file name:	browseurl.jbs
Sample URL:	https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	14
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@3/134@10/6
Cookbook Comments:	Adjust boot time Enable AMSI Browsing link: https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/ Browsing link: https://www.dickinsonsolicitors.co.uk/ Browsing link: https://www.dickinsonsolicitors.co.uk/services/ Browsing link: https://www.dickinsonsolicitors.co.uk/about-us/ Browsing link: https://www.dickinsonsolicitors.co.uk/meet-the-team/ Browsing link: https://www.dickinsonsolicitors.co.uk/contact-us/ Browsing link: https://www.dickinsonsolicitors.co.uk/category/uncategorised/ Browsing link: https://www.gov.uk/coronavirus Browsing link: http://www.dickinsonsolicitors.co.uk/about-us/
Warnings:	Show All Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, ielowutil.exe, backgroundTaskHost.exe, svchost.exe, wuapihost.exe TCP Packets have been reduced to 100 Created / dropped Files have been reduced to 100 Excluded IPs from analysis (whitelisted): 52.147.198.201, 92.122.145.220, 52.255.188.83, 88.221.62.148, 172.217.22.234, 172.217.23.8, 142.250.185.238, 172.217.22.228, 8.241.78.250, 8.238.30.250, 8.241.83.122, 142.250.186.99, 172.217.23.42, 216.58.207.163, 13.64.90.137, 104.43.139.144, 20.50.102.62, 152.199.19.161, 216.58.207.174, 172.217.20.238, 172.217.23.14, 172.217.23.46, 172.217.23.78, 172.217.22.206, 172.217.22.238, 216.58.207.142, 172.217.22.198, 93.184.221.240, 52.155.217.156, 20.54.26.129, 92.122.213.194, 92.122.213.247, 20.82.209.183 Excluded domains from analysis (whitelisted): gstaticadssl.l.google.com, e11290.dspg.akamaiedge.net, audownload.windowsupdate.nsatc.net, hlb.apr-52dd2-0.edgecastdns.net, www.google.com, watson.telemetry.microsoft.com, www.gstatic.com, au-bg-shim.trafficmanager.net, www.google-analytics.com, fonts.googleapis.com, ajax.googleapis.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, ris-prod.trafficmanager.net, skypedataprdcolcus16.cloudapp.net, ris.api.iris.microsoft.com, youtube-ui.l.google.com, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, cs9.wpc.v0cdn.net, ssl.cdn.yoshki.com.c.footprint.net, store-images.s-microsoft.com-c.edgekey.net, a1449.dscg2.akamai.net, arc.msn.com, wu.azureedge.net, consumerrp-displaycatalog-aks2eap-europe.md.mp.microsoft.com.akadns.net, iecvlist.microsoft.com, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, e12564.dspb.akamaiedge.net, go.microsoft.com, www.googletagmanager.com, cs11.wpc.v0cdn.net, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, wu.wpc.apr-52dd2.edgecastdns.net, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, skypedataprdcolwus17.cloudapp.net, iris-de-prod-azsc-neu.northeurope.cloudapp.azure.com, www-google-analytics.l.google.com, fonts.gstatic.com, ie9comview.vo.msecnd.net, www-googletagmanager.l.google.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, static-doubleclick-net.l.google.com, skypedataprdcoleus16.cloudapp.net, skypedataprdcoleus17.cloudapp.net, go.microsoft.com.edgekey.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net Report size exceeded maximum capacity and may have missing behavior information. Report size getting too big, too many NtCreateFile calls found. Report size getting too big, too many NtDeviceIoControlFile calls found. Report size getting too big, too many NtQueryAttributesFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\BC6XF3KU\www.google[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	25798
Entropy (8bit):	5.525767064422747
Encrypted:	false
SSDEEP:	384:5KG8yMM3KG8yMM3HKG8yMM3KG8yMMPKG8yMM3KG8yMMYKG8yMMXKG8yMMYKG8yM5:MzzzvzopozMzwHzEz0mT00zRziCo
MD5:	D3317808A4F715349A0A0426341B5D56
SHA1:	15B432D132D157F0B9B73DDC930E441478B6B8BC
SHA-256:	B3ABF6025D1433DB6C78F227FEB99CF6756BD8D7BBC36E9BFA47DCFE80215C76
SHA-512:	58FE81E3DC45438A1F1930B028468F1E33CC11BD9F74EDDA1C7EA87226636D1D27B2A1AFEB14A762C0B4B0CF53C37241FD729A3217C59C7799E77C08041D7BC5
Malicious:	false
Reputation:	low
Preview:	<root><item name="sb_wiz.qc" value="1" ltime="2811281280" htime="30840570" /><item name="sb_wiz.zpc." value="[[["news UK",0,[362,308,154,357],{"zl":40009}],["dinner recipes",0,[362,308,154,357],{"zl":40009}],["24hr supermarket near me",0,[362,308,154,357],{"zl":40009}],["last minute holidays",0,[362,308,154,357],{"zl":40009}],["weather tomorrow",0,[362,308,154,357],{"zl":40009}],["cities in UK",0,[362,308,154,357],{"zl":40009}]],{"ag":{"a":{"40009":"Try searching for"}},"q":"m-8sCxwNVqraaMzd_0n2ExiMRbc"}]" ltime="2829291280" htime="30840570" /><item name="rc::a" value="MWdoNW1ieTFzMXZyaW8=" ltime="3043541792" htime="30888673" /></root><root><item name="sb_wiz.qc" value="1" ltime="2811281280" htime="30840570" /><item name="sb_wiz.zpc." value="[[["news UK",0,[362,308,154,357],{"zl":40009}],[

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\E5F0NRSV\www.dickinsonsolicitors.co[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	1405
Entropy (8bit):	5.825566245426233
Encrypted:	false
SSDEEP:	24:WUPGmhyQvUPG3YC/sfhvUPGIyHG1vUPGg4uz1NqvUPGR7CYXyIvUPGmcJ61vUPGg:LPGmgQcPG3KJcPGHEcPGNC1AcPGR7CsZ
MD5:	EDDF826637962AAAB6BA00D77F9AED76
SHA1:	6A44657B680598E44EEBCA37767FE65F2416A784
SHA-256:	CEE650362BDEA070354BFAAD75789335DB1ACF36C0FC3201A5914395D540FE3C
SHA-512:	31C305D33A0266EAE337282B7F13CF76ECC94D8E1952F483E761B6CF78A37CD43CFC457E3EFB600E4FD902B237014E11A6D0D36277DD1CE28D82F95322F79629
Malicious:	false
Reputation:	low
Preview:	<root></root><root><item name="_grecaptcha" value="09ANblmninIE_Je5DjLhGEAlQexW9M0CH_aR8RjoQfXnyJ1wHlcjE00teJgw560GpdgO0TG4FrSd__hgftxhUEmrQ" ltime="3052001792" htime="30888673" /></root><root><item name="_grecaptcha" value="09ANblmniOAQVvqFywT-48Ap2uOUGZ8Wz6CGtWk3xK4Wj2ZDX9u7XG-5vN7Hlc9aHeKCP83ZwyNVjbf2VqWGEQkZI" ltime="3242541792" htime="30888673" /></root><root><item name="_grecaptcha" value="09ANblmnikmIpLAH1vVVir3jW-BX2puN5OLo07D-LvK4kqoD2ZSYviPswiCU_hCm7xfAJ21A4xpUyyVLvQgL9xkwk" ltime="3283511792" htime="30888673" /></root><root><item name="_grecaptcha" value="09ANblmni21PjoNx9tq9BX6vZZzte_xZUDBN-XBq6Z-Wn3s7zjoKtaKVd_mkpgFs969kdL_E2hNjyDRSyuRRbK1Ek" ltime="3335301792" htime="30888673" /></root><root><item name="_grecaptcha" value="09ANblmnjlzZekmPyvw1hHMz25uYpSMfNyc7OZE5ZWFb1qN5VVy5IKt-j7451986gQeWBWui36oQ0luZOYeQHl-t4" ltime="3552831792" htime="30888673" /></root><root><item name="_grecaptcha" value="09ANblmnhud8ensEEZu7tqs3eiYu0V-gEJ95paTHVl4QtjQsSv_FuM-LS654uH77VFIIFPB2eNd3yOB

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\URW0GA4Q\www.youtube[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	modified
Size (bytes):	235339
Entropy (8bit):	4.956364439166225
Encrypted:	false
SSDEEP:	384:pKcpZK6o/8LQnPUNF8RmRsJwwwwnwcUlrZZuIyH/9zVHN:JcR
MD5:	0371D99F14D556F212A2515029E98981
SHA1:	E2D10AB739C39A845AAC6F03A358546BFB2DCCF4
SHA-256:	ED6778CCDB16357AF0B6A7F7F714E15A787D296E65EEAAEC1A5BF913821E0E92
SHA-512:	B9BA2C55DE7B4506ABA56C291D52B5608BFDFD3CFBF68DC9268128118F601C91600E5C7FAFC2AF4AC7BC7F196169B7DEBD9B2E652C60563D6ABB1D4E038140E6
Malicious:	false
Reputation:	low
Preview:	<root></root><root></root><root></root><root><item name="__sak" value="1" ltime="3410851792" htime="30888673" /></root><root></root><root><item name="__sak" value="1" ltime="3488731792" htime="30888673" /></root><root></root><root><item name="yt.innertube::nextId" value="{"data":2,"expiration":1622197184092,"creation":1622110784100}" ltime="3489331792" htime="30888673" /></root><root><item name="yt.innertube::nextId" value="{"data":2,"expiration":1622197184092,"creation":1622110784100}" ltime="3489331792" htime="30888673" /><item name="yt.innertube::requests" value="{"data":{"1":{"method":"log_event","request":{"context":{"client":{"hl":"en","gl":"GB","clientName":56,"clientVersion":"1.20210524.1.1","configInfo":{"appInstallData":"CLPkvYUGEI6V/RIQ07itBQ=="}}},

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{EFAE5A2B-BED4-11EB-90EB-ECF4BBEA1588}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	30296
Entropy (8bit):	1.8559936412177154
Encrypted:	false
SSDEEP:	192:rZZuZc2HWEtDif9O8zMJ0BqaD7sfUORjX:rP6r2Qkk6bm9
MD5:	009FDC9E8C0D5C1B70985D6FA076AEBE
SHA1:	73ABF2791BD8C467AABE94FFEFCB7D4F4A70C5B5
SHA-256:	7BF6A70851EB0B46D1077CB632B26FF8F4FD53998FB6419D62668C4E9ABDB084
SHA-512:	DBB9630DBCC3EF8FBCC1A5845B863EA84BCB7CD4E25F697A2A0049D3FB3357ECBF5972B8FDEFA37C494295C08E0DB3E1B9D561A592CAB526E41CAA7FBA543E5B
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EFAE5A2D-BED4-11EB-90EB-ECF4BBEA1588}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	222450
Entropy (8bit):	3.315793124320729
Encrypted:	false
SSDEEP:	1536:hC3IhC3SwXj5UQK5C1cYOWgtE53E5I1BV:hC3KC375vK5C1cYOWJYI1BV
MD5:	31C1D783F70BE7E4DA4E332D9083F057
SHA1:	5164FCEAA141901DE77B7AC926DA51A84771C3F1
SHA-256:	134E96E8C51E9921B380A77C3582D96D1AA4447CEF0CAE380AE756A5568F4FCA
SHA-512:	649F2A213A80C273056CBE84E6CBCC5D1B0818E67557493941DD9D5ABB911A42F9F0ED4AD1CCDEAA5DA4848943A4EAC029D6F4346523EAC719547D95E5FDCFD4
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F6670D08-BED4-11EB-90EB-ECF4BBEA1588}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	16984
Entropy (8bit):	1.5653941773554583
Encrypted:	false
SSDEEP:	48:Iw4GcprBGwpakG4pQgGrapbSn9GQpKnG7HpRTTGIpG:rMZbQU6+BSnHAGTZA
MD5:	427B18BCE30E897082F84A091DF64528
SHA1:	1644DC0B9B941B596AEFA7C7ADC73441E6859A27
SHA-256:	F65E98A9AE4D5195BC6A02455ABE88DE31914712C3E067AC52A9AEDB64119B16
SHA-512:	860259337B554212E2B635D554E2E0AD908D440DB425B0E35286CE8DD90AC969020FDCDAD0C3C4652C9B10E19884692132EC4C550C458C5D3F24B1B21EA7C09E
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	1402
Entropy (8bit):	4.162805353524523
Encrypted:	false
SSDEEP:	24:i7fft34wTwljtN4QOm6dbqUyjBVlgqX+sVe+xs:i7nt31TcNXOmGbqUyjBVWqXvzxs
MD5:	C91407A3D9A5ED9D17ECF9C76A8256B9
SHA1:	EA1CCF09D64AB936AE99F77A3A6C00486CDA07B6
SHA-256:	C535B5E2285BDD39D2455582C8C166B359EC55150E9B363706A7BF407E376746
SHA-512:	13D5E70E57592659260318FFF8107E1A7A8ECCB0AFF4D6449FB4213C15255AC5E7A489916006AB2A9123AE5F895D2C251F0EE7DEB35D6A11E8B35C3B136D2EFB
Malicious:	false
Reputation:	low
Preview:	k.h.t.t.p.s.:././.w.w.w...d.i.c.k.i.n.s.o.n.s.o.l.i.c.i.t.o.r.s...c.o...u.k./.w.p.-.c.o.n.t.e.n.t./.t.h.e.m.e.s./.q.u.i.c.k.l.a.u.n.c.h.-.p.a.r.e.n.t.-.t.h.e.m.e./.l.i.b.r.a.r.y./.i.m.a.g.e.s./.f.a.v.i.c.o.n...i.c.o.~............... .h.......(....... ..... .................................( ..( ..( .I( .( ..( ..( ..( ..( .( .I( ..( ..........( ..( ..( ..( .( ..( ..( ..( ..( ..( ..( ..( ..( .( ..( ..( ..( ..( ..( .( ..( ..( ..( ..( ..( ..( ..( ..( ..( ..( .( ..( ..( ..( .( ..( ..( ..( ..( ..( .k( .%( .,( .P( .( ..( ..( .( ..( .J( ..( ..( ..( ..( ..( .x( ..( ..( ..( ..( ..( ."( .a( ..( .L( .( ..( ..( ..( ..( ..( .( .C( .( ..( ......( ..( ..( .V( .( ..( ..( ..( ..( .( ..( ..( .( ..( .o( ..( ......( ..( ..( .z( ..( ..( ..( .C( ..( .l( ..( ..+#..( ..( .'( ......( ..( ..( .5( ..( ..( ..( .R( .t( ..'...F?..\V..;4..%..W( ..( ......( ..( ..( ..( ..( ..( .G( ..( .'...RL.._Y..IC..( ..'...( ..............( .( ..( ..( ..( ..( ..'../(..C<..b\..OH..'..( ..( ..........( .J( ..( ..(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\55849r[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	501
Entropy (8bit):	5.16330325873308
Encrypted:	false
SSDEEP:	12:FgNXVNXWuEJPEWt9z8NWQhRNVMcqJmW7XolVMZXFk+Vg2qO:FY7FcNj8dLNVMDHyVMZ3Vgq
MD5:	2DE4B26FE1D1A20FE39C957B1AC68343
SHA1:	E234661F6C49CC7FBEA764AC906A6977CA7D20E0
SHA-256:	1A2FA2B37B9B349EE331BB55577AA4B48C4B5DB69C5BA2917764B769C9328D11
SHA-512:	1293F010E404A0D0974EBFA2BC43CB883B4F1C743F44AEF9FE651BDB376581AE41078F8BFBE6F0C0009FDC75E82EDEB69019F67FA5E8FF9C588FEA2330EC0E76
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn.yoshki.com/iframe/55849r.html
Preview:	<link rel='stylesheet' href='https://cdn.yoshki.com/responsive.css' />.. [if lt IE 9]>..<link rel='stylesheet' href='https://cdn.yoshki.com/responsive-ie.css' />..<![endif]-->....<body style="margin:0px;padding:0px;">..<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>..<script type="text/javascript" src="https://cdn.yoshki.com/yoshki-library.js"></script>..<img src="https://cdn.yoshki.com/SRA/EnglishMono/275/0/Default.png" class="badgenopopup" />..</body>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\EJRSQgYoZZY2vCFuvAnt66qSVy0[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 35212, version 1.1
Category:	downloaded
Size (bytes):	35212
Entropy (8bit):	7.988926901862958
Encrypted:	false
SSDEEP:	768:7p/yXfPUNvaeLBzTsy7EC59vIiHZsHfSqPUlGSonb1NqIGavcRLwoOBCNs:7qfPywCvrHZsHfBPUgSKTqIvSLvOBCNs
MD5:	EE6644B60B1D27136104FC826DA02496
SHA1:	89FF01B5B7A1326B770DF6E8DBF27FDDAE5364F0
SHA-256:	414A38810B1AF59249DDF549A416E4F0A80A1A6A14899C3FC2BA36EDED155C7A
SHA-512:	83C4E744EE48177E530C4F9F16AFEED72F6E3C55F2925E92AB51A2B05430A0892BE0A3E06D65D1850727DBA09DE642229161F693821400788D7827F55A9FAE75
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/ptserif/v12/EJRSQgYoZZY2vCFuvAnt66qSVy0.woff
Preview:	wOFF...............P........................GPOS...............GSUB...........H{..OS/2...\...Y...`m.27cmap...............cvt ...D......*.9..fpgm...p.........H.ogasp................glyf......f+....SF..hdmx..o....%..&.W...head.......5...6...hhea...........$.Z..hmtx...<...!.....u.,loca...`........M..maxp...0... ... ....name...P........".>@post...0.......g.Y..prep...........z2..rx...t.\....m.m[..m.v.6N.vS....=....UO.y.s..e+`g..Z.~.._d...z.e.f[...4.m[..../.{l.......])..I...j..hN.q~.m...\..\J+{.i...hE;Ehov.4:y.P..5..G..B{.C7....{..]..iE.+.[.?x.h...{.=...Dv.w..{...=.....8..V\..gZ5..q.\i..O....w.....c..././...o....vg..aO......G=?...y.../1..Se.2..K..:.K.V...-.)....j..`.J..x...>V.-Ws-.d.VwE......jsyt5.a.]u...g..Z.+....G=+5Q.....R........Zhk..6......4E.V..+....oZK.\|6AC......(...G.\.\|B.h.E...Q....5..Z.1.....q.5.....C...2u..\eg.7y..M...O......5.Wo.U9....Z.r.9.h[7..QL..a....i...40....;.8OG.k..nj.W..i.~5....#)....f.-.E..r...B.%.gkzR...........<....ZW.gI..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\EJRVQgYoZZY2vCFuvAFWzrk[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 39452, version 1.1
Category:	downloaded
Size (bytes):	39452
Entropy (8bit):	7.987087512271223
Encrypted:	false
SSDEEP:	768:lykUM4jJfotbO2Oh3CfrR7AzhXQBrRgfbJ9vP8QcBPeISuo0lgpQixOd6a2:coYZ2Oi+zhXidAbJdZ8PeIvl7iKC
MD5:	F88B728C1448F05A4612C32BE163C55F
SHA1:	6AF02DE62CA7E4F5A89BE792A74F45C673BD3BD8
SHA-256:	C5DFD155D3BB4D5BE721DB7EEAFEE73464B65C5CBB6BB3AADC482625376B7FF9
SHA-512:	8C7117FDAB1F5F76C8CCD655C72DDB50E82F4F7076C831896813F651B503B1F2D4DD982612CEF57A7138FF832033AC00647980C386E19D29829535223BE4A390
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzrk.woff
Preview:	wOFF........................................GPOS...........0.I.MGSUB...x.......H{...OS/2...8...Z...`lm12cmap...............cvt ... ...>...>...Ifpgm...`.........H.ogasp...t............glyf......w....F..LPhdmx..........&.].t.head...L...4...6....hhea...........$....hmtx.............m#0loca..............Fmaxp....... ... ...gname..............<Kpost................prep...@........d..x....$i....m.m.....m..Xt...0x.Lw/.V4gO..JU.u2....=..[..'E....q..w>..Cl...O=....H.C.l.}..'.a.....aF-P.FL....[9....A...{...xN.$.3.{...........3..\|...e....u.?)O...lhE....V....f...i......2;gv..9..eEG....F.[5)...q..1.....Y\...4..~.....`.4......U3...M.....qs.gsn`Cn..f....c..S.fs..F=.s4'.'q0....+.....5......].....'.k,P......W..9..l(x...Ds..=...zW..G..Y%....nf..l..u.a.\q..S.n./-.y.+J.7:.RV.u..j.....,:;.4R.B{.cs.~.S!..X...a.;U..]3........Nh.\|......zC9.....R.w..f...cV.U.......k....,..6..........#a.$a..y6..fj.'e.....Q....._...@......m..T...Q..:..O+...A.B.3..9[....*...........D..~'Ro.'.k...Y..\..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\W5V25666.htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode (with BOM) text, with very long lines
Category:	downloaded
Size (bytes):	52478
Entropy (8bit):	5.323547446729023
Encrypted:	false
SSDEEP:	1536:Ms6UYNrC+mXk4NTVGJFJy2CvUkDIJFJ76teJFJP8HdQZ+MvZDcfnztK/R+yUO37y:dQr+GTQTU+IT4ETW9QZ+MvZIfnztwkhR
MD5:	DDBA3BCFCCB1F429166DCFFF200B5305
SHA1:	E71123E7BABD793BFDCD30E0943DC5172AABA7FB
SHA-256:	38063FF26232DC7ABAE737103499808E92B302BC9EDF9C06A71852D0D634CE74
SHA-512:	62AE9B5090784091F9AE026784C9833B150A270D71184DAB795162884E7D6C84DAE0F0F87381107FA4266BE2BC600EC468BDCACF64ADC561D285E18923800545
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/
Preview:	.<!DOCTYPE html>. [if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->. [if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->. [if IE 8]> <html class="no-js lt-ie9"> <![endif]-->. [if gt IE 8]> >.<html lang="en-GB"..prefix="og: https://ogp.me/ns#" class="no-js"> <![endif]-->.<head >. <meta charset="UTF-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">. <meta name="viewport" content="width=device-width, initial-scale=1">. <meta name="format-detection" content="telephone=no">. <link rel="apple-touch-icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/apple-touch-icon.png">. <link rel="icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/favicon.ico" type="image/x-icon" />..<script defer src="https://use.fontawesome.com/releases/v5.0.13/js/all.js" integrity="sha384-xymdQtn1n3lH2wcu

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\anchor[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	dropped
Size (bytes):	125897
Entropy (8bit):	5.896514199195247
Encrypted:	false
SSDEEP:	1536:OCXMoN9vjakVOUnK5hMoN9v9oIEX35MoN9vgMOro5Fp:OkvnalvvR0XJvNoe
MD5:	CFCA8E79B80DDAED315B6008D34689C2
SHA1:	F23D7D366F3DA05B7141BDA46BB076398F628368
SHA-256:	ECBDBB4B60E91764248976A30629908C1155112A415BD0EBF957A81853C02123
SHA-512:	C320EB77FAD805649D898EB77D69E3AAF5B10ECAD1DAC9DDFA0DBC3A79CE5E3CA622A10EF49C1763BD7A0B74FE4394E57B9B5958B59BD96BBCFE53C00F974FEB
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML><html dir="ltr" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.<meta http-equiv="X-UA-Compatible" content="IE=edge">.<title>reCAPTCHA</title>.<style type="text/css">.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxP.ttf) format('truetype');.}.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 500;. src: url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc9.ttf) format('truetype');.}.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 900;. src: url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc9.ttf) format('truetype');.}..</style>.<link rel="stylesheet" type="text/css" href="https://www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/styles__ltr.css">.<script nonce="Xc8DpkUn/TUryifEDjVPvg" type="text/javascript">window['__recaptcha_api'] = 'https://www.google.com/rec

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\api[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	884
Entropy (8bit):	5.612927321721572
Encrypted:	false
SSDEEP:	24:2jkm94/zKPccAK+KVCetz1l2EsLqo40RWUnYN:VKEcOKoeN1l2FLrwUnG
MD5:	4F33B826DC2529EFE9C694A7511AAA46
SHA1:	1D9F3E04760EA939E008EBC01E9F2B21FE68AFC1
SHA-256:	0770D0F26742AA70A19392672BB65C1BDC91E09836B0CC80089919C830EA4E82
SHA-512:	AEAAFD58DF3169700DE64C77F53CB4C6BC4FC52766AB27E7B39512B1C02124CF3FCFB1D8FC763C0AC45B9E6DB2D79C2B6D4B19515788C4ED455D2613386C3600
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.google.com/recaptcha/api.js?render=6LfmMJ0UAAAAADP280q3cebbJ7e0Xs9ffHLgUKeH&ver=3.0
Preview:	/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']\|\|[]).push('6LfmMJ0UAAAAADP280q3cebbJ7e0Xs9ffHLgUKeH');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true;po.src='https://www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/recaptcha__en.js';po.crossOrigin='anonymous';po.integrity='sha384-3l+Dzjt73YLhXz+WejlQA/r4+koQU0wEJ+YZAtKZ8DTxOPwZ54aluvUaML5sjiPl';var e=d.querySelector('script[nonce]'),n=e&&(e['nonce']\|\|e.getAttribute('nonce'));if(n){po.setAttribute('nonce',n);}var s=d.getElementsByTagName('script')[0];s.parentNode.insertBefore(po, s);})();

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\coronavirus-covid-19-notice-june-2020[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode (with BOM) text, with very long lines
Category:	dropped
Size (bytes):	38987
Entropy (8bit):	5.385057127892103
Encrypted:	false
SSDEEP:	768:9atuUk60wKYNrW1LnrlyfbbowbuRZV+T2MvZDcfnztKI:9atu/6UYNrqnrlyfHdgZ7MvZDcfnztKI
MD5:	346FF7DE8EFA72A8722B1C14E6EEAF4D
SHA1:	076971E52409EA4A50E2B2FAF8296DE55EDACFEF
SHA-256:	E48EF8161E04969A71362DD21031AD362911C0BE1C4321D41881C6C6A33FD2C9
SHA-512:	783B2DE123F35BEA307450A1A132D0D9C2B6E590C5B8A4E4CD759EF051FE2AEA1D38E64B9FB32DF24687D00228D0019949088BEAA54F23272743DDF40B0696CE
Malicious:	false
Reputation:	low
Preview:	.<!DOCTYPE html>. [if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->. [if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->. [if IE 8]> <html class="no-js lt-ie9"> <![endif]-->. [if gt IE 8]> >.<html lang="en-GB"..prefix="og: https://ogp.me/ns#" class="no-js"> <![endif]-->.<head >. <meta charset="UTF-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">. <meta name="viewport" content="width=device-width, initial-scale=1">. <meta name="format-detection" content="telephone=no">. <link rel="apple-touch-icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/apple-touch-icon.png">. <link rel="icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/favicon.ico" type="image/x-icon" />..<script defer src="https://use.fontawesome.com/releases/v5.0.13/js/all.js" integrity="sha384-xymdQtn1n3lH2wcu

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\css[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	198
Entropy (8bit):	5.153548140325187
Encrypted:	false
SSDEEP:	6:0IFFii+56ZRWHTizlpdvW8XEq3iKcz14WNin:jFhO6ZRoT6ppvEofY14WY
MD5:	057478F16847AB850D12B85AF5A27C4A
SHA1:	159BB9DE1356C699DC07C2CC175F7BD5916A2167
SHA-256:	E3C0DF8842E1CAE3E3ECD92373C966B334F701E7A9014C40FF89F1F729E950AC
SHA-512:	18749A2F00FAFB24F819DB8F194BCAEE42D240855C4E7BF8A0F84C6FC13119AB06C25DFF739C86BF51A3430EDEDBE6A1EDAE8F22AA4A6A19CE7586602FABAF22
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.googleapis.com/css?family=Abril+Fatface%3Aregular&subset=latin&ver=6.6.0
Preview:	@font-face {. font-family: 'Abril Fatface';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/abrilfatface/v12/zOL64pLDlL1D99S8g8PtiKchq-dmiw.woff) format('woff');.}.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\dickinson-logo-white-1[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 900 x 96, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	27383
Entropy (8bit):	7.964305012412191
Encrypted:	false
SSDEEP:	768:rDhLHSunLJJ5C2UbhPxJu9govpKTBQffPRvN:3h1n1bUhPxA9ouRV
MD5:	DF2EAC595039FCF2D8C1D1595168131F
SHA1:	0EE1778677D57D0858EA0ED8AA5FCCE5093BD014
SHA-256:	0D6BA15A25187BAB8AEEB50F176DBFEA82CEB9B65D8406DB96D23653DEF5DCE7
SHA-512:	4B285B66CCBA51146B06A4CEF4336B352A7B8DC2F10DDB37152168B20C096FF38A3F6B89466775FE6FD85987B16094A70D4D81074A98B1CE69CBD10A1B0AC883
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinson-logo-white-1.png
Preview:	.PNG........IHDR.......`.....Es.2....pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmpMM:DocumentID="xmp.did:22366F727A1A11E8A2E5809E4DEE262F" xmpMM:InstanceID="xmp.iid:0d165277-2433-4d44-8d48-5472892539d4" xmpMM:OriginalDocumentID="xmp.did:22366F727A1A11E8A2E5809E4DEE262F" xmp:CreatorTool="Adobe Photoshop CC 2018 (Macintosh)" xmp:CreateDate="2018-07-26T13:43:50+01:00" xmp:ModifyDate="2018-07-26T13:45:22+01:00" xmp:MetadataDate

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\dickinsons-logo-WHITE-600x70[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 600 x 70, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	11500
Entropy (8bit):	7.936075014148687
Encrypted:	false
SSDEEP:	192:kWXhAhe0Tb4m/xOUch0nzPTpwvHfpVD1mHnLtiP/eJ8G0aRRKK/AB4NiO70TWkrT:NhoeQvpO9ezPT63L1ILtlJ8BKN/AB+Do
MD5:	9218C05B33CE652C70F804FC61365167
SHA1:	EC6528DC11F2FE86EFFCE91424D8D0961BEBF26B
SHA-256:	4AFEA1D8CED6331BAFE34988F3DF1C91125F14E524213E6214864C3B3E2CA110
SHA-512:	9D9A133883DA1C71898BB72D04C01818DEA0656A60DCEB9917C7CD9063EF7BECCBA2A5706C60519299107BA8B55CDFC7A6F55E48449CD47C272453CD24493822
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinsons-logo-WHITE-600x70.png
Preview:	.PNG........IHDR...X...F......%......gAMA......a.....sRGB........ cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs...H...H.F.k>..+.IDATx..w.]e..?.Lz.P...R...""...P.4E..D..^..^E,.t..,\.).....ZH .L.d2.....ov..3s.>.L2..}.y29s..oY.{....H@...`(.......B._.4...h........\....[..!.U..I..r..F.........l.......L.F..@.........<.,/.[R.....>.B.xF....u9...<.BX.j....@(.^.'B...{.`g`v..{.x......w..C..s.I.v../.%..^.].c.n..`'`..@+..x...p..B.a._..p....=..l........m..kd.....N.....R.....{."K.{.+...2..PW.%..B..%.....>w......g-u.....\|......~V.\|..\|.G.4 `MR..R_....N.c5`q;.E.....>..u.1..V....&W.-N:^....../W..sl...:...l.....-.K.2`.0.(.`9.....\|.x.0=A.V...s...v.......%....6..Ve(...-...HW.cz!..\|,.....S......v.a.;.....FW.....9.>._.q..=....VWPs....$`z....\!..!..9d>8.=...LW..)y].....c>..da,.a..............w./..I............~.=...f....>O3\.....~!..e.....}.f.}C...TI.s....I....J}g-......c=..#..:ykr.k.{5x....w..w.FI..o......../.IQ-.......Nn<I.k.~....j....C...^6.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\dickinsons-office[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=15, height=3000, bps=194, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon IXUS 230 HS, orientation=upper-left, width=4000], baseline, precision 8, 1600x1200, frames 3
Category:	downloaded
Size (bytes):	316433
Entropy (8bit):	7.940803898953299
Encrypted:	false
SSDEEP:	6144:buOw+sZ9bGnTy2QWwPgZm9IOtFDgtv+IKOBO6vX3fPZ2sE4RVZNNCa:buF+kUnTKWwPmdD+Ilg6v/PAM1N
MD5:	C530439A8D1E3E117DF70BD17D1882EF
SHA1:	5AFBE7221A6A370D56831C7127920EF3E1A7AC88
SHA-256:	42646006E0F3DB346D53B749A836CCD7757AB1B527910FF4E15C10CAA84406CF
SHA-512:	52878FE657F19BE0D6CEA43DF91572014EAAA0CB27B5A76484C2DE5148A64942B603C7125A8C730B31C191E4274C6319BDC2148DF5FC05AB2BF667D2542DE317
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/dickinsons-office.jpg
Preview:	......Exif..II...............................................................................................................................(...........1...".......2.......................i.......(...\|.........Canon.Canon IXUS 230 HS......'.......'..Adobe Photoshop CC 2018 (Windows).2018:06:27 13:58:00...!.........................'...........0...................0230............................................................................................................................................"...........0100....................@.......................D......................2...................................................................................:...............0....................... .......2018:06:27 11:06:14.2018:06:27 11:06:14.........I... ...k... ...........k... ...^.................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\dickinsonsolicitors.seesites.biz_-_860664601[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2014:08:28 11:24:31], baseline, precision 8, 470x470, frames 3
Category:	downloaded
Size (bytes):	300314
Entropy (8bit):	7.8753596277100755
Encrypted:	false
SSDEEP:	6144:Wnd0JVUwVbJZoF1EbpTTCrAp17fOIqjUIovY3l3lWGsOQq9gBwe3:JVbJmFWbGAn7fLal349to83
MD5:	2B3B49E970F4684C42EBA168A7E6EF15
SHA1:	62168DF89AAFA9AE2B1DD7B3463776F4CE6E3FAD
SHA-256:	843614695E7AF53964A2C15DBFE6B23078D64A20DB67DEBAA0DE5AF6BD4BC85E
SHA-512:	1AA264422BB4C6A9257831227C78D012547F8BC8BBCB9BDC506E1389A9FE57F4602A0131B47BCA6615DAE632435FF7D22691D37DF49551EDB6444E4F518C9406
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/dickinsonsolicitors.seesites.biz_-_860664601.jpg
Preview:	......JFIF.....H.H....&cExif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop CS2 Windows.2014:08:28 11:24:31...................................................................................&.(................................%-.......H.......H..........JFIF.....H.H......Adobe_CM......Adobe.d......................................................................................................................................................"................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?...Z.\|........X.>..;..o...wt.?%..h.;./M............G@..~s..kY$-.]z&g....SZ.-..)...{..+..Lu.?..I...M.y.....].&.....z-K.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\errorPageStrings[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	4720
Entropy (8bit):	5.164796203267696
Encrypted:	false
SSDEEP:	96:z9UUiqRxqH211CUIRgRLnRynjZbRXkRPRk6C87Apsat/5/+mhPcF+5g+mOQb7A9o:JsUOG1yNlX6ZzWpHOWLia16Cb7bk
MD5:	D65EC06F21C379C87040B83CC1ABAC6B
SHA1:	208D0A0BB775661758394BE7E4AFB18357E46C8B
SHA-256:	A1270E90CEA31B46432EC44731BF4400D22B38EB2855326BF934FE8F1B169A4F
SHA-512:	8A166D26B49A5D95AEA49BC649E5EA58786A2191F4D2ADAC6F5FBB7523940CE4482D6A2502AA870A931224F215CB2010A8C9B99A2C1820150E4D365CAB28299E
Malicious:	false
Reputation:	low
IE Cache URL:	res://ieframe.dll/errorPageStrings.js
Preview:	.//Split out for localization...var L_GOBACK_TEXT = "Go back to the previous page.";..var L_REFRESH_TEXT = "Refresh the page.";..var L_MOREINFO_TEXT = "More information";..var L_OFFLINE_USERS_TEXT = "For offline users";..var L_RELOAD_TEXT = "Retype the address.";..var L_HIDE_HOTKEYS_TEXT = "Hide tab shortcuts";..var L_SHOW_HOTKEYS_TEXT = "Show more tab shortcuts";..var L_CONNECTION_OFF_TEXT = "You are not connected to the Internet. Check your Internet connection.";..var L_CONNECTION_ON_TEXT = "It appears you are connected to the Internet, but you might want to try to reconnect to the Internet.";....//used by invalidcert.js and hstscerterror.js..var L_CertUnknownCA_TEXT = "Your PC doesn\u2019t trust this website\u2019s security certificate.";..var L_CertExpired_TEXT = "The website\u2019s security certificate is not yet valid or has expired.";..var L_CertCNMismatch_TEXT = "The hostname in the website\u2019s security certificate differs from the website you are trying to visit.";..var L

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\fetch-polyfill[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Pascal source, ASCII text, with very long lines
Category:	downloaded
Size (bytes):	8543
Entropy (8bit):	5.238064281324506
Encrypted:	false
SSDEEP:	192:oQHdiEslZc0rsNYNU5mSJHqI03aej6tZoaMLQO/x5/P80+HcW:ocHslLsP5muHqI0Jj6tZcUO/x5+V
MD5:	04E3CC8A9641B3F9F9C9370F4E9B5BDD
SHA1:	9602A891F583094BB04FD407B253ABCAFFB8C8D0
SHA-256:	DE6C4FFA2BD9FD283610E28D0DB2EC48607AAB39D213A51AEF248673A0A7E980
SHA-512:	58942BCC0F39D620A475B65C1AEB4F18872F68F22C89DEC076906A0DB8BC2B7CCA9357710A7824A0FA7404FF73F41013AECA34609CAACD2187414F7BD0D490D6
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.youtube.com/s/player/e467278e/fetch-polyfill.vflset/fetch-polyfill.js
Preview:	/*.. Copyright (c) 2014-2016 GitHub, Inc... Permission is hereby granted, free of charge, to any person obtaining. a copy of this software and associated documentation files (the. "Software"), to deal in the Software without restriction, including. without limitation the rights to use, copy, modify, merge, publish,. distribute, sublicense, and/or sell copies of the Software, and to. permit persons to whom the Software is furnished to do so, subject to. the following conditions:.. The above copyright notice and this permission notice shall be. included in all copies or substantial portions of the Software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,. EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF. MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND. NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE. LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION. OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\fontawesome-webfont[1].eot Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Embedded OpenType (EOT), FontAwesome family
Category:	downloaded
Size (bytes):	70807
Entropy (8bit):	7.985254784033384
Encrypted:	false
SSDEEP:	1536:/PEOVdNaSNYXdU47Z67/Ry+YcWqlr7pq:UidIYYNUssAqlrg
MD5:	32400F4E08932A94D8BFD2422702C446
SHA1:	986EED8DCA049714E43EEEBCB3932741A4BEC76D
SHA-256:	E219ECE8F4D3E4AC455EF31CD3A7C7B5057EA68A109937FC26B03C6E99EE9322
SHA-512:	47F19282F19CFC7A40A31C6AF428F100C7011167858B46B415556FD9B65D48DA2783DC22B101A6A89D95B05CBCEE625652C87D421A83D40AC7482C2B0B3D86A2
Malicious:	false
Reputation:	low
IE Cache URL:	https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.eot?
Preview:	..................................LP........................j..^....................F.o.n.t.A.w.e.s.o.m.e.....R.e.g.u.l.a.r...$.V.e.r.s.i.o.n. .4...4...1. .2.0.1.5...&.F.o.n.t.A.w.e.s.o.m.e. .R.e.g.u.l.a.r.....BSGP..................................Y.D.M.F..x...>........)[..1.H..-A)F...1.f.i..).U.'.&a.n;c)2nb$.'3..JV.@....y.\|.....[....\A.X.FCp....-B.....V....U_^d.V/........Hv..s.rx9..c.N%]72F.b.-.$}3..>q5N6.d.{...q%}.B.H$.....Mx..{....2..}...d..!....... .C.._....u....g...K...~..E...y:.G#.Ot..5ap.....O.......).....?HV.C..i...`.@'....@.....8..(..P..@..Ee.f.6..aG....u..?e$k.DYy..C..6...$FLf.....V.2v..Ukl..I...&..\..[/*.d.!.. .l 1..D. .X....CH?.d.....}....XB.s..H.'_.....5 .D....3....P.jmx.. ..@...........v..{.KI..J.V.4..p.%..Q..H,... .L..\|.......9...@._.NS%...3h....G\|E..H o.Fz.....k._v.2&......Z....I.I;.2H.!.#.nR5Q...>YT..!.~..J.Zf.<s.3K7...R//a@....s.#.2'19...y../+q.T.,f..O.._......q.........h..BX.R)<....&m.....(...Nf.......B.[.x.3...x

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\index[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	13485
Entropy (8bit):	5.1470721683853435
Encrypted:	false
SSDEEP:	384:4v6dXtsHgHBhY9/zdVkBnL0kH3Z3mLTxz:6csQha/zHHEp3mLTxz
MD5:	DACA149C46601376CE5DB68F3658323C
SHA1:	21E17B71D1BCD6C62274D21AD8015A105A0385D2
SHA-256:	927D5436967EBCE8A52C4BDCD27CC056C910A72270F74990DFBD1D554840C12D
SHA-512:	24C42962256DA83F4A0004A257E4CA3C31D17030BDF15487033620FAC3442DE47485B124350FD7271BDF5B6A755D5DE15A98081B3F23D85A86F5784040FBA1AA
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
Preview:	!function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=3)}([function(e,t){e.exports=function(e,t,n){return t in e?Object.defineProperty(e,t,{value:n

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\index[2].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	4106
Entropy (8bit):	5.09916348462246
Encrypted:	false
SSDEEP:	96:diT7rvL3qQB0pxqKnHhGDRq0w9ObdDCp/:di/rj3J0pr6RoM1Cp/
MD5:	F31FCECCF67A890B9A9CD8D37922DA7D
SHA1:	3C14877435787B1522CB988684DE189FDDEFE98B
SHA-256:	24E5C659DC7089322D8A0BC6D164CEA1D703F6CFAA483A4939BC86E5DC172670
SHA-512:	624C17DE0AAAE3DE01C9637A92B52CFAF195CAD9376139238ABBFBC44A41E4C9E073D59E8AFBDC7821B8DD3F2A5B954E97FF1819C2E7C676BC9799A94132DC3D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.1
Preview:	!function(e){var t={};function r(n){if(t[n])return t[n].exports;var o=t[n]={i:n,l:!1,exports:{}};return e[n].call(o.exports,o,o.exports,r),o.l=!0,o.exports}r.m=e,r.c=t,r.d=function(e,t,n){r.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:n})},r.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.t=function(e,t){if(1&t&&(e=r(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(r.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)r.d(n,o,function(t){return e[t]}.bind(null,o));return n},r.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return r.d(t,"a",t),t},r.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},r.p="",r(r.s=3)}([function(e,t){e.exports=function(e,t){(null==t\|\|t>e.length)&&(t=e.length);for(var r=0,n=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	86927
Entropy (8bit):	5.289226719276158
Encrypted:	false
SSDEEP:	1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69
MD5:	A09E13EE94D51C524B7E2A728C7D4039
SHA1:	0DC32DB4AA9C5F03F3B38C47D883DBD4FED13AAE
SHA-256:	160A426FF2894252CD7CEBBDD6D6B7DA8FCD319C65B70468F10B6690C45D02EF
SHA-512:	F8DA8F95B6ED33542A88AF19028E18AE3D9CE25350A06BFC3FBF433ED2B38FEFA5E639CDDFDAC703FC6CAA7F3313D974B92A3168276B3A016CEB28F27DB0714A
Malicious:	false
Reputation:	low
IE Cache URL:	https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Preview:	/! jQuery v3.3.1 \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(e,t){"use strict";var n=[],r=e.document,i=Object.getPrototypeOf,o=n.slice,a=n.concat,s=n.push,u=n.indexOf,l={},c=l.toString,f=l.hasOwnProperty,p=f.toString,d=p.call(Object),h={},g=function e(t){return"function"==typeof t&&"number"!=typeof t.nodeType},y=function e(t){return null!=t&&t===t.window},v={type:!0,src:!0,noModule:!0};function m(e,t,n){var i,o=(t=t\|\|r).createElement("script");if(o.text=e,n)for(i in v)n[i]&&(o[i]=n[i]);t.head.appendChild(o).parentNode.removeChild(o)}function x(e){return null==e?e+"":"object"==typeof e\|\|"function"==typeof e?l[c.call(e)]\|\|"object":typeof e}var b="3.3.1",w=function(e,t){return new w.fn.init(e,t)},

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\meet-the-team[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode (with BOM) text, with very long lines
Category:	downloaded
Size (bytes):	40828
Entropy (8bit):	5.353272599250873
Encrypted:	false
SSDEEP:	768:dGXk60wKYNraPoHr5RbwrIubbowbDRZV+T2MvZDcfnztKI:dGU6UYNrvr5RbwrIuHdhZ7MvZDcfnztv
MD5:	1B45DD6B122ED32D8B6D1D6A9AC02BD5
SHA1:	1605251AC50B0C1AE3E3EDD75C3D587773693976
SHA-256:	9BB183C59D124A2649A65BC8D4C9CFD02D72A70C2A6DD2F5E2DACFE188289A27
SHA-512:	F3DB569ED5F4B92B046B644C039F6789050191068F3B311B26FE375D95ED84BB55A93364973A626ABB519BC216F4963CB0B211DD2DDD8F5CD3055F5C3CBE67C9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/meet-the-team/
Preview:	.<!DOCTYPE html>. [if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->. [if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->. [if IE 8]> <html class="no-js lt-ie9"> <![endif]-->. [if gt IE 8]> >.<html lang="en-GB"..prefix="og: https://ogp.me/ns#" class="no-js"> <![endif]-->.<head >. <meta charset="UTF-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">. <meta name="viewport" content="width=device-width, initial-scale=1">. <meta name="format-detection" content="telephone=no">. <link rel="apple-touch-icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/apple-touch-icon.png">. <link rel="icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/favicon.ico" type="image/x-icon" />..<script defer src="https://use.fontawesome.com/releases/v5.0.13/js/all.js" integrity="sha384-xymdQtn1n3lH2wcu

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\mem5YaGs126MiZpBA-UN7rgOUuhv[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 19008, version 1.1
Category:	downloaded
Size (bytes):	19008
Entropy (8bit):	7.966749425699339
Encrypted:	false
SSDEEP:	384:IF/o+9PD3ixaac1lphLEanpKkfulibGLVEwUVV2LHxti+6epB:5MPD3iA9vpMk4ikOV2LzDrz
MD5:	396C9555F9EADB66270C25FC3157743F
SHA1:	D834DA7E230D9798071F8FABD0DB49ECD0A24BCC
SHA-256:	463DA44840BB99F312F92DBA6F39D259DD2669C9A2E45EB8086037B60EF31DED
SHA-512:	A490C3E5E735A1CAAFCD6C3E1DC321BCA6CC29E3F32EA414041F4B67166CA3D7DDC5D4C3A370A66A7447D943B72EBB59103875B9538314259680B1654085AD4B
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhv.woff
Preview:	wOFF......J@......qd........................GDEF................GPOS................GSUB.......y.....;..OS/2...$...^...`....cmap.............Y..cvt ...8...].....-..fpgm............s.ugasp...<............glyf...H..:...Z@ ..>head..BL...6...6.%I.hhea..B........$.)..hmtx..B...........OYloca..D............maxp..F.... ... .r..name..F.........#.>.post..G.........5.".prep..IX...........k........................................x.M...P.@..L..$$. .g..;..k.z...P.$K......[.E..Z....B )..a.:...i...!......J ...U....l/..m.&3.KO...#..-..%;7.V..........x.c`f.g......:....Q.B3_dHc.........................@`......../..?....^...... 9.8.m@J....w..!..x.\.!..q......#acf...#1Q@.'U..@..".llt.Aa#.f\|c.W.....'..X..!..C...ITPE.;..V.j......0. .L0E...Yd.mN....:.....F....GG.g.s,x.>0....v..I;o..<.$G9.\f2...e(}.IS2..uc]p.........M.x.c.a.g``..$KY...e@.,q@.j...o@<..O.H.t.................c .p@..........3lbd.....-.}.M...!...!....x.TGw.F........)..)7.W..`.j.-...=*'_..sI...2...O>....[tt....TK]..\|...G.....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\mem5YaGs126MiZpBA-UN8rsOUuhv[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 19160, version 1.1
Category:	downloaded
Size (bytes):	19160
Entropy (8bit):	7.967047296085223
Encrypted:	false
SSDEEP:	384:wQDywW7WywLbHesuDAL7df4V7G/aSpBpucg7KInWtKgqp/y:6wW7LkrescWgG/DuJmIWtKgi/y
MD5:	ADC0530936D8C9AA4279699007BBBEDB
SHA1:	A25B788600D5F280B0B79A93BC1116A667BAC7D6
SHA-256:	012A20DD3CC6D96015C9D5896EEA6DA97D841E940ABA5F13BC0C43AB6F9D0FB0
SHA-512:	0B768871575BAC86528E1DAA477D0E231907627116C292F4C017990AC49B9D847F866324BD95F3DF8B75F02FB97474336A5BDB844D8867956113702B434D2EFD
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN8rsOUuhv.woff
Preview:	wOFF......J.......qD........................GDEF................GPOS................GSUB.......y.....;..OS/2...$...^...`...vcmap.............Y..cvt ...8...g.....o.[fpgm............s.ugasp...D...........#glyf...T..:F..Y.%..Ohead..B....6...6....hhea..B........$....hmtx..B....-....(.C.loca..E$...........maxp..F.... ... ....name..G.........%.@cpost..H.........5.".prep..I........1..S........................................x.M...P.@..L..$$. .g..;..k.z...P.$K......[.E..Z....B )..a.:...i...!......J ...U....l/..m.&3.KO...#..-..%;7.V..........x.c`f.cV``e``..j...(.../2.11s01qs.1s.01.400.300x......:.;380(...&.O.....)B..q>H.%.u..R``........x.\.!..q......#acf...#1Q@.'U..@..".llt.Aa#.f\|c.W.....'..X..!..C...ITPE.;..V.j......0. .L0E...Yd.mN....:.....F....GG.g.s,x.>0....v..I;o..<.$G9.\f2...e(}.IS2..uc]p.........M.x.c.a.g``..$K..(..`.e.a.a`....C..L..@t.............A..L..&..............1\gta.e....320.0...2.g.j...=...x.TGw.F........)..)7.W..`.j.-...=*'_..sI...2...O>....[tt....TK]..\|..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\mem8YaGs126MiZpBA-UFVZ0d[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 18160, version 1.1
Category:	downloaded
Size (bytes):	18160
Entropy (8bit):	7.961831708897042
Encrypted:	false
SSDEEP:	384:K9BQHZEFEbXlSNPoWvbYZbX9rnztP94u6pZ4nmrOmbSi+x:KLSb1GIbN76j4oO8j+x
MD5:	20890DE1FB4E49EA0B36F058BCA1B7E7
SHA1:	023D6720D92A54A3BB0AB219818D2E6E6AAD24A7
SHA-256:	C71180612EA84F5F9882D35DF024707E5B5E1BB18EFB2C8123FA5BDD30D3E079
SHA-512:	E6B921D20C0B7BFEA5A79D18D1C23DA7C79BB4E4D76A29AF48D7705C9C1F43E9E6578F1F36E00624DACD97411B68A214E750D0EDEB7BF12E889F16B6C522E1B0
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0d.woff
Preview:	wOFF......F.......j8........................GDEF................GPOS................GSUB.......y.....;..OS/2...$...^...`~]..cmap.............Y..cvt ...8...Y.....M..fpgm............~a..gasp...0...........#glyf...@..6...S.Ug:}head..>....6...6..cphhea..?$.......$....hmtx..?D..........[Xloca..Ad.........I.maxp..C,... ... ....name..CL........&:A.post..D<........5.".prep..F.........C...........................................x.M...P.@..L..$$. .g..;..k.z...P.$K......[.E..Z....B )..a.:...i...!......J ...U....l/..m.&3.KO...#..-..%;7.V..........x.c`f..8.....u..1...<.f...................A......5....1...A.._6..".-..L.....Ar,......3..(....x.\.!..q......#acf...#1Q@.'U..@..".llt.Aa#.f\|c.W.....'..X..!..C...ITPE.;..V.j......0. .L0E...Yd.mN....:.....F....GG.g.s,x.>0....v..I;o..<.$G9.\f2...e(}.IS2..uc]p.........M.x.c.a.g.c..$KY...e@.,.."..........?....%.g....Z.....(".o..Y..Bu342.e......0..........M=.....x.uTGw.F........)..)7.W.$`.....G.Kz.)e....t.\|.1.7...s.g...3.7mgf..~{1...s.3.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\services[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode (with BOM) text, with very long lines
Category:	downloaded
Size (bytes):	45208
Entropy (8bit):	5.339576922672196
Encrypted:	false
SSDEEP:	768:bejIWk60wKYNrfkhJ6UkD7bbowb/RZV+niw9b2MvZDcfnztK/R+yUO37kPUg:bejIF6UYNrUEUkD7HdtZfMvZDcfnztKY
MD5:	E2F26AB02FA4884F4A498E273A2FAC48
SHA1:	75FAA7DE3217A90289EB9DA522C063C4F26AD3B4
SHA-256:	2DDF44EE319596288FB31A0EBBD9C8E6949F99DDBF3C866F3EDB8B068B6F37B2
SHA-512:	29B5F94EBBB101F9A3104302428B2D591496CA07F4E0F19809264A5FDC96AB9CD3D52A1C24C3E13BA9951672562A0D1984893BA1B422A6CBE01F5AD9275530FC
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/services/
Preview:	.<!DOCTYPE html>. [if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->. [if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->. [if IE 8]> <html class="no-js lt-ie9"> <![endif]-->. [if gt IE 8]> >.<html lang="en-GB"..prefix="og: https://ogp.me/ns#" class="no-js"> <![endif]-->.<head >. <meta charset="UTF-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">. <meta name="viewport" content="width=device-width, initial-scale=1">. <meta name="format-detection" content="telephone=no">. <link rel="apple-touch-icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/apple-touch-icon.png">. <link rel="icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/favicon.ico" type="image/x-icon" />..<script defer src="https://use.fontawesome.com/releases/v5.0.13/js/all.js" integrity="sha384-xymdQtn1n3lH2wcu

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\styles[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	2640
Entropy (8bit):	5.143413018441231
Encrypted:	false
SSDEEP:	48:HrAMtxswDB/P7LUS0BvYkR2/HSXmpgMPnfFro/HKT1rcYlXWoorrkwEv4Hm6K:HTU2/Vpb/floPKT1pWuwEv4Hmp
MD5:	76E12144B6BE9BC0A17DD880C5566156
SHA1:	C57DB768B452AEA923A2B083162E9E6FFB98D2F8
SHA-256:	070EDFEF42E0980783D0ACF8FA9CA6A9833B994ECA13FFAA94E9A2DEB47C92CF
SHA-512:	090A8EF4B25EBDE53333749F44BA1318753AC3594D1C9D891C0B66664813F60584ED126C15D30478FF8A1E8DD30B0338FF3132331E5AA9D140213C23BEC67454
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
Preview:	.wpcf7 .screen-reader-response {..position: absolute;..overflow: hidden;..clip: rect(1px, 1px, 1px, 1px);..height: 1px;..width: 1px;..margin: 0;..padding: 0;..border: 0;.}...wpcf7 form .wpcf7-response-output {..margin: 2em 0.5em 1em;..padding: 0.2em 1em;..border: 2px solid #00a0d2; /* Blue /.}...wpcf7 form.init .wpcf7-response-output,..wpcf7 form.resetting .wpcf7-response-output,..wpcf7 form.submitting .wpcf7-response-output {..display: none;.}...wpcf7 form.sent .wpcf7-response-output {..border-color: #46b450; / Green /.}...wpcf7 form.failed .wpcf7-response-output,..wpcf7 form.aborted .wpcf7-response-output {..border-color: #dc3232; / Red /.}...wpcf7 form.spam .wpcf7-response-output {..border-color: #f56e28; / Orange /.}...wpcf7 form.invalid .wpcf7-response-output,..wpcf7 form.unaccepted .wpcf7-response-output {..border-color: #ffb900; / Yellow /.}...wpcf7-form-control-wrap {..position: relative;.}...wpcf7-not-valid-tip {..color: #dc3232; / Red */..font-size: 1em;..font-weigh

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\styles__ltr[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	52732
Entropy (8bit):	5.959269303940443
Encrypted:	false
SSDEEP:	768:+LUmmAWTe2uXYp8Mi+yKSrKebyBwd/Dl+x2dtYyPoiDH1fkQJVEwY:4UcW6v+2rKwFDlXP7dnY
MD5:	182B64B9E3032D6BA48A0A6C854032B0
SHA1:	879537EC1D2CE611AE82B784A25A3E2CDC1EC6FC
SHA-256:	94B328F86382CDA7D83CEBB40EE8DD8F567582A60BA91A90A37F490B0F0EDEFA
SHA-512:	2CEDB007DB16B0F25287F85D8E945172CE01C26E514FB6A2F8F2278A716B89ED327EDA9897A704E08F1715B94177B69178BC499DF56683C9CE2BFB8DE364A53F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/styles__ltr.css
Preview:	.goog-inline-block{position:relative;display:-moz-inline-box;display:inline-block}* html .goog-inline-block{display:inline}*:first-child+html .goog-inline-block{display:inline}.recaptcha-checkbox{border:none;font-size:1px;height:28px;margin:4px;width:28px;overflow:visible;outline:0;vertical-align:text-bottom}.recaptcha-checkbox-border{-webkit-border-radius:2px;-moz-border-radius:2px;border-radius:2px;background-color:#fff;border:2px solid #c1c1c1;font-size:1px;height:24px;position:absolute;width:24px;z-index:1}.recaptcha-checkbox-borderAnimation{background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFQAAANICAYAAABZl8i8AAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAABIAAAASABGyWs+AAAACXZwQWcAAABUAAADSAC4K4y8AAA4oElEQVR42u2dCZRV1ZX3q5iE4IQIiKQQCKBt0JLEIUZwCCk7pBNFiRMajZrIl9aOLZ8sY4CWdkDbT2McooaAEmNixFhpaYE2dCiLScWiQHCgoGQoGQuhGArKKl7V+c5/n33fO/V4w733nVuheXuv9V/rrnvP2Xud3zvTPee+ewsKxMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExP4OdtlT6ztAbRWvvLy8A3QkwxzH6tBGMMexI

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\uncategorised[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode (with BOM) text, with very long lines
Category:	downloaded
Size (bytes):	32310
Entropy (8bit):	5.3807897363849895
Encrypted:	false
SSDEEP:	768:8gPugZSHk60wKYNrD2mbbowbuRZV+T2MvZDcfnztKI:8gPugZSE6UYNrxHdgZ7MvZDcfnztKI
MD5:	86E8AB6881ACC57583613BB39D30C577
SHA1:	270931E052B12D55BF0B05EDB75A3616C9AE1B4F
SHA-256:	2B61710DF7952E8F86522D9975C94BC4F6BA085139CFAD4C1676B4D5EABC8DCF
SHA-512:	4EE6B334FFF7BF8749632809E249B74A5FBC1A9D102E2C7B936CEAF4E3506B47D408A0AA3CC36875708B796534DEACD064CF41F7015B14B84F10C740E50D7F28
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/category/uncategorised/
Preview:	.<!DOCTYPE html>. [if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->. [if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->. [if IE 8]> <html class="no-js lt-ie9"> <![endif]-->. [if gt IE 8]> >.<html lang="en-GB"..prefix="og: https://ogp.me/ns#" class="no-js"> <![endif]-->.<head >. <meta charset="UTF-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">. <meta name="viewport" content="width=device-width, initial-scale=1">. <meta name="format-detection" content="telephone=no">. <link rel="apple-touch-icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/apple-touch-icon.png">. <link rel="icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/favicon.ico" type="image/x-icon" />..<script defer src="https://use.fontawesome.com/releases/v5.0.13/js/all.js" integrity="sha384-xymdQtn1n3lH2wcu

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\vc_grid.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	26345
Entropy (8bit):	5.067814330753913
Encrypted:	false
SSDEEP:	384:SezbnrNyKX9Qr7vDTNxmJOJ1MAkZL6Qv5gZ:0r7bJxmo0L6KgZ
MD5:	BF35404EC410297F390AAC8056DCA830
SHA1:	A250A1588B2FB2B71EE8A2D11A00E576D037BFB2
SHA-256:	3EDE42F7B6632487687A839DEF8F082B7564D792A7093F5FB8B20547F5891CB8
SHA-512:	8D63C4796C103B166D2042FF2ED07ABFF9DF877F0ED8F29083E685A10055D282958E7E88E07AE91AC473144748FBC797760730F3525C3BB7F96E83C1C321C5FC
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/js/dist/vc_grid.min.js?ver=6.6.0
Preview:	/!. WPBakery Page Builder v6.0.0 (https://wpbakery.com). * Copyright 2011-2021 Michael M, WPBakery. * License: Commercial. More details: http://go.wpbakery.com/licensing. */..// jscs:disable.// jshint ignore: start..!function($){"use strict";var vcGridStyleAll=function(grid){this.grid=grid,this.settings=grid.settings,this.filterValue=null,this.$el=!1,this.$content=!1,this.isLoading=!1,this.$loader=$('<div class="vc_grid-loading"></div>'),this.init()};vcGridStyleAll.prototype.init=function(){_.bindAll(this,"addItems","showItems","setIsLoading")},vcGridStyleAll.prototype.render=function(){this.$el=this.grid.$el,this.$content=this.$el,this.$content.find(".vc_grid-item").length?(this.grid.initFilter(),this.filter(),this.showItems(),this.filterValue=-1,window.vc_prettyPhoto()):(_.defer(this.setIsLoading),this.grid.ajax({},this.addItems))},vcGridStyleAll.prototype.setIsLoading=function(){this.$content.append(this.$loader),this.isLoading=!0},vcGridStyleAll.prototype.unsetIsLoading=function

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\wp-polyfill-dom-rect.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	867
Entropy (8bit):	4.865638392619301
Encrypted:	false
SSDEEP:	24:ECXMtJBGqIwqkoXqI7qnTqInqBFqIMqpheqI1h7sqItKLqICGYPcqI3bGvb6f:E1JBGn6lOBBYCPjODQTlfx2ST6f
MD5:	A2B965A62D7B2742CA11C0FEA1C55161
SHA1:	DF8B9962F6DFCECD19BC917A4DE55C3EAE53F0E3
SHA-256:	ED7451C7B440A859EBA9C183E9F40D68E36B79C77BE75B1DE08060090AC706B1
SHA-512:	50D5626808C2590CE7833BDC47D486C367694E9F93CA7A2863FE335E5D9AC31526784F36D388DDC8058B0FBAA6E6AC9828FB602E70F27427642A2048F87FA854
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-dom-rect.min.js?ver=3.42.0
Preview:	!function(e){function d(e){return void 0===e?0:Number(e)}function g(e,t){return!(e===t\|\|isNaN(e)&&isNaN(t))}e.DOMRect=function(e,t,n,i){var u,r,o,c,f=d(e),a=d(t),m=d(n),b=d(i);Object.defineProperties(this,{x:{get:function(){return f},set:function(e){g(f,e)&&(f=e,u=r=void 0)},enumerable:!0},y:{get:function(){return a},set:function(e){g(a,e)&&(a=e,o=c=void 0)},enumerable:!0},width:{get:function(){return m},set:function(e){g(m,e)&&(m=e,u=r=void 0)},enumerable:!0},height:{get:function(){return b},set:function(e){g(b,e)&&(b=e,o=c=void 0)},enumerable:!0},left:{get:function(){return u=void 0===u?f+Math.min(0,m):u},enumerable:!0},right:{get:function(){return r=void 0===r?f+Math.max(0,m):r},enumerable:!0},top:{get:function(){return o=void 0===o?a+Math.min(0,b):o},enumerable:!0},bottom:{get:function(){return c=void 0===c?a+Math.max(0,b):c},enumerable:!0}})}}(this);

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\wp-polyfill.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
Category:	downloaded
Size (bytes):	99310
Entropy (8bit):	5.421650493683898
Encrypted:	false
SSDEEP:	1536:U9md82NBTxJ/afhwnpkwp/Y6yR2WtomNfHgcqucErHTefW6BC1dJIphOPI:Uj2NBfxWwBVTWgUzefzC1dKII
MD5:	5090BAE2C114802440412E301BDF5174
SHA1:	3850AFD52816EE686ECCD881DF06764B426CD86A
SHA-256:	D36E5D7328268D21C6941039A7B6A15C7ED7414F60DBEE72D2231D11AC9BDAF3
SHA-512:	A60C7E838FB2ACD1BF0E1504A2C37BA27B6C9E4D966B27D2B8AD459B2D86AEA362F24B54A48953A4A8FCD1D08BCA81042C0E9CEA6E68B563FD44CFE5AB951342
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Preview:	!function r(c,a,f){function o(n,t){if(!a[n]){if(!c[n]){var e="function"==typeof require&&require;if(!t&&e)return e(n,!0);if(s)return s(n,!0);var i=new Error("Cannot find module '"+n+"'");throw i.code="MODULE_NOT_FOUND",i}var u=a[n]={exports:{}};c[n][0].call(u.exports,function(t){return o(c[n][1][t]\|\|t)},u,u.exports,r,c,a,f)}return a[n].exports}for(var s="function"==typeof require&&require,t=0;t<f.length;t++)o(f[t]);return o}({1:[function(t,n,r){"use strict";t(2);var e=function _interopRequireDefault(t){return t&&t.__esModule?t:{default:t}}(t(15));e.default._babelPolyfill&&"undefined"!=typeof console&&console.warn&&console.warn("@babel/polyfill is loaded more than once on this page. This is probably not desirable/intended and may have consequences if different versions of the polyfills are applied sequentially. If you do need to load the polyfill more than once, use @babel/polyfill/noConflict instead to bypass the warning."),e.default._babelPolyfill=!0},{15:15,2:2}],2:[function(t,n,r){"

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\www-player[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	365036
Entropy (8bit):	5.24370695052713
Encrypted:	false
SSDEEP:	1536:BDQI0irpHrpj/fn8Mq5S0jDrzltP3Su3EMFfy9OP5FRrDJciM/ByDE4r6D6S7eTd:F4Drzz1xgAyxjFLk
MD5:	42AB47C4FFEA885004B805A6B6C9AABD
SHA1:	55A151606648A1A6080671EAE2432B50EAAB7EA0
SHA-256:	3CB6ABDABFB34937B1B320E5EEBFD33CA837CC0A8B83AAD9F0782158486C950B
SHA-512:	94E5C7E8B807C440B1D151EA0346A55DBD5F02227FE6346FEBC122D6189B7299EC339B898884DCDE6BF2712FB0352A4DE11DE80AD2FBABE542ADF4026F092463
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.youtube.com/s/player/e467278e/www-player.css
Preview:	.html5-video-player{position:relative;width:100%;height:100%;overflow:hidden;z-index:0;outline:0;font-family:"YouTube Noto",Roboto,Arial,Helvetica,sans-serif;color:#eee;text-align:left;direction:ltr;font-size:11px;line-height:1.3;-webkit-font-smoothing:antialiased;-webkit-tap-highlight-color:rgba(0,0,0,0);touch-action:manipulation;-ms-high-contrast-adjust:none}.html5-video-player:not(.ytp-transparent),.html5-video-player.unstarted-mode,.html5-video-player.ad-showing,.html5-video-player.ended-mode,.html5-video-player.ytp-fullscreen{background-color:#000}.ytp-big-mode{font-size:17px}.ytp-autohide{cursor:none}.html5-video-player a{color:inherit;text-decoration:none;-moz-transition:color .1s cubic-bezier(0.0,0.0,0.2,1);-webkit-transition:color .1s cubic-bezier(0.0,0.0,0.2,1);transition:color .1s cubic-bezier(0.0,0.0,0.2,1);outline:0}.html5-video-player a:hover{color:#fff;-moz-transition:color .1s cubic-bezier(0.4,0.0,1,1);-webkit-transition:color .1s cubic-bezier(0.4,0.0,1,1);transition:co

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\5jCZuS4pF9tPuq9w9tVGndjWCtO1Ng84lL-MMWfDXfs[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	38306
Entropy (8bit):	5.635460262252567
Encrypted:	false
SSDEEP:	768:5Sv8mMYQeL0i+7gMUvuGMmtIHGs4d8mqbqEssO:kv6VeLI83M4IHV4dAPO
MD5:	EC6EAF0BC33057BD87AF4204124365F2
SHA1:	AB066C136EA9DCC6574A86F8BAC01C2E4236386F
SHA-256:	E63099B92E2917DB4FBAAF70F6D5469DD8D60AD3B5360F3894BF8C3167C35DFB
SHA-512:	EFB5C1B40CAF02EE4CEF4AD3C8D4805A9226FDBE287FA5C506EC4E99EE50EED21A212B022DDF2DBB8DA69CD03930AB1AD5AFF90B2717922AA157B7A3888B69CB
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.google.com/js/th/5jCZuS4pF9tPuq9w9tVGndjWCtO1Ng84lL-MMWfDXfs.js
Preview:	(function(){function r(e){return e}var n=function(e,F,A,Z,E){if((Z=(E=G.trustedTypes,e),!E)\|\|!E.createPolicy)return Z;try{Z=E.createPolicy(A,{createHTML:N,createScript:N,createScriptURL:N})}catch(W){if(G.console)G.console[F](W.message)}return Z},N=function(e){return r.call(this,e)},G=this\|\|self;(0,eval)(function(e,F){return(F=n(null,"error","ad"))&&1===e.eval(F.createScript("1"))?function(A){return F.createScript(A)}:function(A){return""+A}}(G)(Array(7824*Math.random()\|0).join("\n")+'(function(){var B=function(A,e,E,Z,F,G,r,N,W,n){if(1==(A+8&15)){if(!(x.call(this,Z),W=E)){for(N=this.constructor;N;){if(r=sc(2,N,3),F=e2[r])break;N=(G=Object.getPrototypeOf(N.prototype))&&G.constructor}W=F?"function"===typeof F.s?F.s():new F:null}this.Y=W}if(2==((((A^675)%7\|\|(this.listener=F,this.l5=null,this.src=E,this.type=e,this.capture=!!Z,this.K=G,this.key=++FJ,this.W=this.J=false),A)^770)&11))if(G&&G.once)AJ(0,8,true,0,F,G,Z,E,r);else if(Array.isArray(Z))for(N=0;N<Z.length;N++)B(36,false,E,Z[N],F,G,r

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\=Default[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 275 x 162, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	28050
Entropy (8bit):	7.972475683392406
Encrypted:	false
SSDEEP:	768:mMpzMlezVmerh2o2Lif9aoPNTAK7/NtBXoDxw5+kUA:9yLQZ9LNtBXoDxw5+kUA
MD5:	AC130C64CF413D496E4CC09AD408FBEF
SHA1:	C06570BF5888421F9D3C93D6E13D152199E71E24
SHA-256:	E1943B6A5FAD0AFA1E4CA2EC418C4DAF49853E8FAE760129A5F6F61391C48199
SHA-512:	CF7BFF164114F298F0701C2906003BB2D3A77D66B4BD35622896BBCBE140E4356678D56CDBFEA497E963721AE031C160CC822E5803698F4DABA219023DD74330
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn.yoshki.com/SRA/EnglishMono/275/0/=Default.png?a=121*012801280128@5501090=401$0=60=40=90124012@=90124012@=70=401$0=40125012@1230124@5501$012@05501260=6
Preview:	.PNG........IHDR.............bH).....sRGB.........gAMA......a.....pHYs..........o.d..m'IDATx^...'.q..0...8..Pq%...l'.$....X..,>..bf:.N\|....N..KwbfFK2..w>......=..;S...............n.....b....k..[l%..o.......m.'t.s........t....:..\....kMW........._.U...7\|.#.:.x......9.>......z?....z2./\.]{...C~.......]xz...,i..%m....^zj..M.Gi-.<.G4...9....k..^.L:Z4.....~.W.O.Fn.w.uB#~.t.^].....z..W.g.9[^..n{V.n.C..'....}.9`....o......[.9F...:X..yNx...... ......N.t.{p.[}MX..t.j.l...<.i3....i...O...........$...eErc....<..3.,.,+.Ob..r.2...{T......[v0g...z..O..d.q.............#.G.6./.e....r2.;.>.......na..+...,.*.k6^G.G?./...o..S..)%P1.>5.L.$q8.p6.Tv..vhf..]5.QF. ..$N.....0.....V.....$Nhf.[.J...p.06}..s..."..1R\....yc"...t"..w....4\|.....LK.....~<.i.t9.d..{ ?b.d......{~...k.k.~....L.8 c(.N...:~.:..)@._Jg..[h8.m..l..Ih..1..Mp..?..X.fH......mxx..'.)..w....r...............)Jh.D..F..<,..n...6.?..".....1]..i.NZ.....FfK.9)....w.;aQB.......ly.J...b3fD&..x

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\KFOlCnqEu92Fr1MmEU9fBBc9[1].ttf Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Me
Category:	downloaded
Size (bytes):	35588
Entropy (8bit):	6.410135551455154
Encrypted:	false
SSDEEP:	768:6yVJgIpAqZsXgDNHOBBPXNOKdhT1N+06XAxGrzmoqpxk0SnuUR:enq805OBBdhT1NP6XAxGryoqp2
MD5:	4D88404F733741EAACFDA2E318840A98
SHA1:	49E0F3D32666AC36205F84AC7457030CA0A9D95F
SHA-256:	B464107219AF95400AF44C949574D9617DE760E100712D4DEC8F51A76C50DDA1
SHA-512:	2E5D3280D5F7E70CA3EA29E7C01F47FEB57FE93FC55FD0EA63641E99E5D699BB4B1F1F686DA25C91BA4F64833F9946070F7546558CBD68249B0D853949FF85C5
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc9.ttf
Preview:	........... GDEF......{....dGPOS......\|<....GSUB7b.....8....OS/2t.#...r....`cmap......st...Lcvt 1..K..y....\fpgm..$...v.....gasp......{.....glyf.'.....,..j.hdmx......r\|....head...r..n....6hhea......q....$hmtx..MO..n@....loca\v@z..l(....maxp......l.... name..:...z,....post.m.d..{.... prep...)..x\|...S...d...(.............o......9........................EX../... >Y..EX../....>Y......9......9......9......9........9......9......01!!.!.......!.5.!.(.<..6......................}.w...x.^.^..^...............<......9.........EX../... >Y..EX../....>Y.....+X!...Y..../01.#.!.462...."&.~......J.JH.H......9KK97JJ....e...@.......%...EX../...">Y..../..../......./01..#.3..#.3..#...-#...w.}....}.....`...............EX../... >Y..EX../... >Y..EX../....>Y..EX../....>Y......9../.....+X!...Y............../.....+X!...Y...............................01.#.#.#5!.#5!.3.3.3.3.#.3.#.#.3.#...L.L...:...N.N.N.N..:..L.v.:....f....9....`...`....f.8.9...d.-.&...,...*-...9...EX../... >Y..EX../... >Y..EX.#/.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\KFOlCnqEu92Fr1MmYUtfBBc9[1].ttf Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto BlackRegularVersion 2.137; 2017Roboto-Bla
Category:	downloaded
Size (bytes):	35208
Entropy (8bit):	6.392518822467014
Encrypted:	false
SSDEEP:	768:53Dmu13ucOmpIN22bN8o6Ze0XlGV+uM49pSeCu7XniviDffw6mo/quUR:lD13DjSNz0XlG0uL9YeCu7Xn4iTo9o/4
MD5:	4D99B85FA964307056C1410F78F51439
SHA1:	F8E30A1A61011F1EE42435D7E18BA7E21D4EE894
SHA-256:	01027695832F4A3850663C9E798EB03EADFD1462D0B76E7C5AC6465D2D77DBD0
SHA-512:	13D93544B16453FE9AC9FC025C3D4320C1C83A2ECA4CD01132CE5C68B12E150BC7D96341F10CBAA2777526CF72B2CA0CD64458B3DF1875A184BBB907C5E3D731
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc9.ttf
Preview:	........... GDEF......z\...dGPOS......z.....GSUB7b..........OS/2ve#...p....`cmap......r....Lcvt ...=..xX...Zfpgm..#...ud....gasp......zP....glyf.......,..i~hdmx......q ....head...R..l....6hhea.]....p....$hmtx..<...l.....locaK./...j.....maxp......j.... name..9...x....\|post.m.d..z0... prep...C..w ...8...d...(.............P...EX../....>Y..EX../....>Y......9......9......9......9........9......9......01!!.!.......!.5.!.(.<..6......................}.w...x.^.^..^....g...........<......9.........EX../....>Y..EX../....>Y.....+X!...Y..../01.!.!.462..."&....+.g..k.kk.k......J__.__.......^.......&......9........./......9../........01..#.3..#.3.+..._+...v.S.8..S.8.......z.......... !..9.........EX../....>Y..EX../....>Y..EX../....>Y..EX../....>Y......9../.....+X!...Y............../.....+X!...Y...............................01.#.#.#53.#53.3.3.3.3.!.3.!.#.3.#.d.C.C..,..E.D.E.E...,...C.@.,....f.........`...`.....f.Q......S.&.Q...-.r.+./..9...EX../....>Y..EX.!/..!.>Y..!...9........!..9......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\_Default[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 275 x 162, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	303
Entropy (8bit):	2.6808781527959216
Encrypted:	false
SSDEEP:	3:yionv//thPkUjllvolp3MLts7CX9/gm6KppsyxWkPFQAa///+/5up:6v/lhPkU0ZMR/C+MygkPFQAquhup
MD5:	5C0F57365CD4F64E9DFC056B5B6B00D2
SHA1:	159A395B182D8EB5EADF5BF49F0E43028F6BE92C
SHA-256:	F33A29217ED3D9B61368E4A69FA485109CC6324BCBDF9C64B533072ACC79DD35
SHA-512:	BEADBF631EB0816042DB07FFEA6B71C57787793BF270952AFAEBB09852D8E614D7AAD0B410F30212298BAFC61DFD3DB7D5567A3AE10D8038312622B4D27D2B53
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn.yoshki.com/SRA/EnglishMono/275/0/_Default.png
Preview:	.PNG........IHDR.............bH).....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^..1......Om.O ..................................................................................................................................................................................NN......IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\ad_status[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	29
Entropy (8bit):	4.142295219190901
Encrypted:	false
SSDEEP:	3:lZOwFQvn:lQw6n
MD5:	1FA71744DB23D0F8DF9CCE6719DEFCB7
SHA1:	E4BE9B7136697942A036F97CF26EBAF703AD2067
SHA-256:	EED0DC1FDB5D97ED188AE16FD5E1024A5BB744AF47340346BE2146300A6C54B9
SHA-512:	17FA262901B608368EB4B70910DA67E1F11B9CFB2C9DC81844F55BEE1DB3EC11F704D81AB20F2DDA973378F9C0DF56EAAD8111F34B92E4161A4D194BA902F82F
Malicious:	false
Reputation:	low
IE Cache URL:	https://static.doubleclick.net/instream/ad_status.js
Preview:	window.google_ad_status = 1;.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\all[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	799550
Entropy (8bit):	4.273067152763634
Encrypted:	false
SSDEEP:	6144:R6omS6CxE5jUSDVXCsKBc/R5M/HVxQfJDsZR8wDK3I25VGEmRTwh/s7I+:z6CiB1/RKVxLu+
MD5:	C7015C8439E386A7507C597A5C4C6901
SHA1:	4DA7DC6BD5FC667B462724970F932D2D5749643D
SHA-256:	E629FD9F6785D9A4CB5F5CC1CD3D3A758F35AD8C4451DE510169E82A6DC4C78E
SHA-512:	2730EAE3328BBE0FD84798391BB04D743F9096B4CA608F4FFFC425A40B27AC347A078D432A6FE4CC15022589E0A26BA8F00BBBDD9A6BFEEFC4B461417A0C28EB
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.fontawesome.com/releases/v5.0.13/js/all.js
Preview:	/!. Font Awesome Free 5.0.13 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */.!function(){"use strict";var c={};try{"undefined"!=typeof window&&(c=window)}catch(c){}var l=(c.navigator\|\|{}).userAgent,h=void 0===l?"":l,v=c,z=(~h.indexOf("MSIE")\|\|h.indexOf("Trident/"),"___FONT_AWESOME___"),e=function(){try{return!0}catch(c){return!1}}(),m=[1,2,3,4,5,6,7,8,9,10],a=m.concat([11,12,13,14,15,16,17,18,19,20]);["xs","sm","lg","fw","ul","li","border","pull-left","pull-right","spin","pulse","rotate-90","rotate-180","rotate-270","flip-horizontal","flip-vertical","stack","stack-1x","stack-2x","inverse","layers","layers-text","layers-counter"].concat(m.map(function(c){return c+"x"})).concat(a.map(function(c){return"w-"+c}));var s=v\|\|{};s[z]\|\|(s[z]={}),s[z].styles\|\|(s[z].styles={}),s[z].hooks\|\|(s[z].hooks={}),s[z].shims\|\|(s[z].shims=[]);var t=s[z],f=Object.assign\|\|function(c){for(var l=1;l<arguments

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\anchor[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	dropped
Size (bytes):	126037
Entropy (8bit):	5.894890983106947
Encrypted:	false
SSDEEP:	1536:W3yDMoN9vtzLdnUHpMoN9vlqBxar0DJMoN9vIhOKQwo0/:W3UvdLdnUJv6xw01vRKQwo0/
MD5:	BE398AE8D2CBE3628EEFFCE13F9FDCC9
SHA1:	B739210301794FA5D4B785ED4875A9250FD6783A
SHA-256:	A414ACA468EE78302543F98DE71933C011368A7A6281E7CD3F024F6292958966
SHA-512:	5411EB24E954EE58648E399F19E82CD7360C3A3373795638073F575C82F89F9FAEE9DC59D64DBB92D49F0A377086F05D80DA464B07CF543D26D94AEA1A716B54
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML><html dir="ltr" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.<meta http-equiv="X-UA-Compatible" content="IE=edge">.<title>reCAPTCHA</title>.<style type="text/css">.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxP.ttf) format('truetype');.}.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 500;. src: url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc9.ttf) format('truetype');.}.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 900;. src: url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc9.ttf) format('truetype');.}..</style>.<link rel="stylesheet" type="text/css" href="https://www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/styles__ltr.css">.<script nonce="YDARlcpYIBCpFpabgVCdGA" type="text/javascript">window['__recaptcha_api'] = 'https://www.google.com/rec

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\animate.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	51880
Entropy (8bit):	5.086248292508488
Encrypted:	false
SSDEEP:	768:/kZlIbIM6YIMIgIzwO1CA5kiDb3CyQ5xrQe/0STbsysb:/kZiIzwO1CA5kiDb3CyQ5xrQe/0ST4
MD5:	8B6DAE7F49F2B5FD72F43C405D4417B9
SHA1:	A10AC4645869698687A5E08CD77E3D98232CA3D0
SHA-256:	1C3FBF3F4938451BC3B7781F832B7DA84C23EEC5B979AC7541EC754E67E3B6D2
SHA-512:	7A49D6FFCC94FBACDAB8AC8DA27CD5F211122974C49EB652172674BD27C625037869831A9639EDDC7D5D65B9D5D81D3C00FB4948AFE45B146B3CB5B7814818FB
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.6.0
Preview:	@charset "UTF-8";/!.Animate.css - http://daneden.me/animate.Licensed under the MIT license - http://opensource.org/licenses/MIT..Copyright (c) 2014 Daniel Eden./.animated{-webkit-animation-duration:1s;animation-duration:1s;-webkit-animation-fill-mode:both;animation-fill-mode:both}.animated.infinite{-webkit-animation-iteration-count:infinite;animation-iteration-count:infinite}.animated.hinge{-webkit-animation-duration:2s;animation-duration:2s}@-webkit-keyframes bounce{0%,100%,20%,53%,80%{transition-timing-function:cubic-bezier(.215,.61,.355,1);-webkit-transform:translate3d(0,0,0);transform:translate3d(0,0,0)}40%,43%{transition-timing-function:cubic-bezier(.755,.050,.855,.060);-webkit-transform:translate3d(0,-30px,0);transform:translate3d(0,-30px,0)}70%{transition-timing-function:cubic-bezier(.755,.050,.855,.060);-webkit-transform:translate3d(0,-15px,0);transform:translate3d(0,-15px,0)}90%{-webkit-transform:translate3d(0,-4px,0);transform:translate3d(0,-4px,0)}}@keyframes bounce{0%,100

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\bootstrap.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	35601
Entropy (8bit):	5.178356022236213
Encrypted:	false
SSDEEP:	768:91+7/uRE672wlNrDMlbGqXYu+jS1s8ep0s1QfrXf8X8GvpZOWQ:DFRx7zYyS1WOv8fpZDQ
MD5:	2616D3564578D8F845813483352802A9
SHA1:	5ADA7C103FC1DEABC925CC1FDBBB6E451C21FC70
SHA-256:	F971B901AEB9E55B07D472AFEE09BD5AE05159E1119DBD16D993E473565E7FC0
SHA-512:	E3D8BC8FD58B0AC1D9FC444F21F2DAD94DEFDE536AF2AADB6ACE768AE0BCA9F9C9274161B076FC546CED174F23CC7495A8C5049AB00BE19C75F6310E91AB1EDC
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/js/vendor/bootstrap.min.js?ver=5.7.2
Preview:	/!. Bootstrap v3.3.1 (http://getbootstrap.com). * Copyright 2011-2014 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQuery");+function(a){var b=a.fn.jquery.split(" ")[0].split(".");if(b[0]<2&&b[1]<9\|\|1==b[0]&&9==b[1]&&b[2]<1)throw new Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher")}(jQuery),+function(a){"use strict";function b(){var a=document.createElement("bootstrap"),b={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"};for(var c in b)if(void 0!==a.style[c])return{end:b[c]};return!1}a.fn.emulateTransitionEnd=function(b){var c=!1,d=this;a(this).one("bsTransitionEnd",function(){c=!0});var e=function(){c\|\|a(d).trigger(a.support.transition.end)};return setTimeout(e,b),this},a(function(){a.support.transition=b(),a.support.transition&&(a.event.spe

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\contact-us[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode (with BOM) text, with very long lines
Category:	downloaded
Size (bytes):	34867
Entropy (8bit):	5.401450195563468
Encrypted:	false
SSDEEP:	768:P++k60wKYNr5n4VRbbowbERZV+T2MvZDcfnztKI:P+96UYNr2XHdiZ7MvZDcfnztKI
MD5:	3F9B4455A6DA8A542A34FF3237D37B2C
SHA1:	6146DB9117018F5C596973B03B0EFD7CB86F0F28
SHA-256:	37159873E36E27A63618185268A1CF199D18F633BF2884CECA149DD149978A39
SHA-512:	0AC31581BD7F598069B1B0121BF909B5A9A816529DBB28CC96113B9B377AA30B64D57E8CD448054B68E4F04646DF879BB0A1C11E26B480325CFCCAB61EA1D730
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/contact-us/
Preview:	.<!DOCTYPE html>. [if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->. [if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->. [if IE 8]> <html class="no-js lt-ie9"> <![endif]-->. [if gt IE 8]> >.<html lang="en-GB"..prefix="og: https://ogp.me/ns#" class="no-js"> <![endif]-->.<head >. <meta charset="UTF-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">. <meta name="viewport" content="width=device-width, initial-scale=1">. <meta name="format-detection" content="telephone=no">. <link rel="apple-touch-icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/apple-touch-icon.png">. <link rel="icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/favicon.ico" type="image/x-icon" />..<script defer src="https://use.fontawesome.com/releases/v5.0.13/js/all.js" integrity="sha384-xymdQtn1n3lH2wcu

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\convayancing-quality[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 175 x 85, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	10524
Entropy (8bit):	7.955455688158903
Encrypted:	false
SSDEEP:	192:N7Fcp9czVYUoObynnzsE6l6pCSaaNGj1gFVLE2EpUsbO:N6puzV/HynnzsELm8bLEpha
MD5:	BA1AD126AC6CF03825E05B8A96E95CA3
SHA1:	3CE30141BB61A23D2C0504C44867922E6B3CCBCB
SHA-256:	766B53FC5BD5A68175398D7854876B44937ED7A7FC5C43CE18FF910235D5CAED
SHA-512:	AD93F816F5D87E37B542C4A6517CA49235F8AABE8F08F0846FF937DACE00ACC7DE94E50E07448A2E6DB82E12C89F03603FBAF82F1AE088DF234926C19079A4C3
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2017/10/convayancing-quality.png
Preview:	.PNG........IHDR.......U.....?.......tEXtSoftware.Adobe ImageReadyq.e<...&iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2018 (Windows)" xmpMM:InstanceID="xmp.iid:682E203872EA11E8838AE5B7F114207B" xmpMM:DocumentID="xmp.did:682E203972EA11E8838AE5B7F114207B"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:682E203672EA11E8838AE5B7F114207B" stRef:documentID="xmp.did:682E203772EA11E8838AE5B7F114207B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>B.#...%.IDATx..].xT..-.A..H...{..RBS,.Q.E.D.?....HIB.)......(..D.&.4.4..zI()@..R............\|.\|..s.=...3gf...2

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\dickinsons-logo-WHITE-300x35[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 300 x 35, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	4962
Entropy (8bit):	7.9038407324027915
Encrypted:	false
SSDEEP:	96:Zqn6CH9OCNS3GDglsN5hkjreZUJLneZE3XY9zeLbxh:ZUOKSWECnGjNcf6
MD5:	1CA31EB13132DAEC2A0EDE10AA60FFBB
SHA1:	A8D3A10A3CF10CAC46197B0336DFBDD9F6A01FE1
SHA-256:	4B58E5ABEABD8546DF16F68C4210C9D3DF79FA490C67AB30BA47537C4B290719
SHA-512:	7A11C8C660E94E8BC9CA3FB856945F2A9F114A7E9B85496FB6C4CC5FE60B6859193964BD8BBA0D27C2D16A0EA7F081CB8F6DC18A388CF75448B7DC80CE7CD198
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/07/dickinsons-logo-WHITE-300x35.png
Preview:	.PNG........IHDR...,...#......\7.....gAMA......a.....sRGB........ cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs...H...H.F.k>...2IDATx..yxU..?/!....VDQ..GA.Z.....q\k..8n..;.V.u..j.eZu.j..v.:##nu.V..,.(V.Bd.%,..;....p<.s.&....'O.{.......7.H.........!....$5...[....3k...{...;._.9!....$............B.S2.........6r.m...0.x.8..(..is`.`.?. .s&0).0_...A..&.[.....Bx....>...$..W.....kb.V.7.SB.d..'.e?..P.,......^M.....1n...+.'...z.[....[d.7.8.........]...BG....-.......B..ioW`'`{.o.."..........'.C<.5....J.sy._...........BKi.u............I.$MS...~/.{.N.4N.M.fJZ$.5I.J.$.C........ks].H...C..c$.$i......g[....W%=a`DR.........*..$5..K..K..x]..6..'U.~..t}.%.$.........%-s......u"...E..I..d..$]+.]I.$...../..w%./.2`.(.;.fKzP.^.....3$..\.D?.K.....ym.y....\....d...3s%]/i.IC$.......ei.r..,i.zpV.K....Z...2..F.m...........Z$..!..!=...+idN......P..Ic.6....v.4.m....$......Q..~.>I.W8.}<>. .f.i..#.i.t....^...0.l.1_'Ij58...-i......K.. .+.I..e..P..D..e.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\dnserror[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	2997
Entropy (8bit):	4.4885437940628465
Encrypted:	false
SSDEEP:	48:u7u5V4VyhhV2lFUW29vj0RkpNc7KpAP8Rra:vIlJ6G7Ao8Ra
MD5:	2DC61EB461DA1436F5D22BCE51425660
SHA1:	E1B79BCAB0F073868079D807FAEC669596DC46C1
SHA-256:	ACDEB4966289B6CE46ECC879531F85E9C6F94B718AAB521D38E2E00F7F7F7993
SHA-512:	A88BECB4FBDDC5AFC55E4DC0135AF714A3EEC4A63810AE5A989F2CECB824A686165D3CEDB8CBD8F35C7E5B9F4136C29DEA32736AABB451FE8088B978B493AC6D
Malicious:	false
Reputation:	low
IE Cache URL:	res://ieframe.dll/dnserror.htm?ErrorStatus=0x800C0005&DNSError=1460
Preview:	.<!DOCTYPE HTML>..<html>.. <head>.. <link rel="stylesheet" type="text/css" href="NewErrorPageTemplate.css" >.. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.. <title>Can’t reach this page</title>.. <script src="errorPageStrings.js" language="javascript" type="text/javascript">.. </script>.. <script src="httpErrorPagesScripts.js" language="javascript" type="text/javascript">.. </script>.. </head>.... <body onLoad="getInfo(); initMoreInfo('infoBlockID');">.. <div id="contentContainer" class="mainContent">.. <div id="mainTitle" class="title">Can’t reach this page</div>.. <div class="taskSection" id="taskSection">.. <ul id="cantDisplayTasks" class="tasks">.. <li id="task1-1">Make sure the web address <span id="webpage" class="webpageURL"></span>is correct</li>.. <li id="task1-2">Search for this site on Bing</li>..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\frontend-gtag.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	9170
Entropy (8bit):	5.176570904077199
Encrypted:	false
SSDEEP:	96:LkgXX6X4w8d+avLmrbpn1Suu/nA+w1rdNYa8BWVxKMV0kqo6KT6jNUDoKW5Rfkgk:LkgXX6X4w8d+a0UkqIV1qDeU2
MD5:	2E33CEEFBB78E2483ED888785C8C870E
SHA1:	C178A377AC2550F11CFE7455E5E7114803E03142
SHA-256:	A98E42B2D4AB1AE36F3B270A0DFF6AD2F158100833978FF0A549674A2543E78A
SHA-512:	A9BC525D0F234DE510206BF0A50A3903A05CC00289202F4FDC0EDC762504F4CF53AF731F34D2C3DE476C6009B91526A49D62737CCBBF67BDBDAA816C53A264A5
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=7.17.0
Preview:	;var MonsterInsights=function(){var e=[],a='',o=!1;this.setLastClicked=function(t,n,i){t=typeof t!=='undefined'?t:[];n=typeof n!=='undefined'?n:[];i=typeof i!=='undefined'?i:!1;e.valuesArray=t;e.fieldsArray=n};this.getLastClicked=function(){return e};this.setInternalAsOutboundCategory=function(e){a=e};this.getInternalAsOutboundCategory=function(){return a};this.sendEvent=function(e,n,i){t(e,n,i,[])};function u(){if(window.monsterinsights_debug_mode){return!0}.else{return!1}};function t(t,n,a,r){t=typeof t!=='undefined'?t:'event';n=typeof n!=='undefined'?n:'';r=typeof r!=='undefined'?r:[];a=typeof a!=='undefined'?a:{};__gtagTracker(t,n,a);e.valuesArray=r;e.fieldsArray=a;e.fieldsArray.event_action=n;e.tracked=!0;i('Tracked: '+r.type);i(e)};function n(t){t=typeof t!=='undefined'?t:[];e.valuesArray=t;e.fieldsArray=[];e.tracked=!1;i('Not Tracked: '+t.exit);i(e)};function i(e){if(u()){console.dir(e)}};function l(e){return e.replace(/^\s+\|\s+$/gm,'')};function c(){var n=0,e=document.domain,i=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\httpErrorPagesScripts[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	12105
Entropy (8bit):	5.451485481468043
Encrypted:	false
SSDEEP:	192:x20iniOciwd1BtvjrG8tAGGGVWnvyJVUrUiki3ayimi5ezLCvJG1gwm3z:xPini/i+1Btvjy815ZVUwiki3ayimi5f
MD5:	9234071287E637F85D721463C488704C
SHA1:	CCA09B1E0FBA38BA29D3972ED8DCECEFDEF8C152
SHA-256:	65CC039890C7CEB927CE40F6F199D74E49B8058C3F8A6E22E8F916AD90EA8649
SHA-512:	87D691987E7A2F69AD8605F35F94241AB7E68AD4F55AD384F1F0D40DC59FFD1432C758123661EE39443D624C881B01DCD228A67AFB8700FE5E66FC794A6C0384
Malicious:	false
Reputation:	low
IE Cache URL:	res://ieframe.dll/httpErrorPagesScripts.js
Preview:	...function isExternalUrlSafeForNavigation(urlStr)..{..var regEx = new RegExp("^(http(s?)\|ftp\|file)://", "i");..return regEx.exec(urlStr);..}..function clickRefresh()..{..var location = window.location.href;..var poundIndex = location.indexOf('#');..if (poundIndex != -1 && poundIndex+1 < location.length && isExternalUrlSafeForNavigation(location.substring(poundIndex+1)))..{..window.location.replace(location.substring(poundIndex+1));..}..}..function navCancelInit()..{..var location = window.location.href;..var poundIndex = location.indexOf('#');..if (poundIndex != -1 && poundIndex+1 < location.length && isExternalUrlSafeForNavigation(location.substring(poundIndex+1)))..{..var bElement = document.createElement("A");..bElement.innerText = L_REFRESH_TEXT;..bElement.href = 'javascript:clickRefresh()';..navCancelContainer.appendChild(bElement);..}..else..{..var textNode = document.createTextNode(L_RELOAD_TEXT);..navCancelContainer.appendChild(textNode);..}..}..function getDisplayValue(elem

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\imagesloaded.pkgd.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	7168
Entropy (8bit):	5.039172189542361
Encrypted:	false
SSDEEP:	192:5wlC7Gd4QY6Pm+OrOJ42uVOpDsu1mx3AJzE8f:5eC7Gd4QPm+Or0WOpou1mxQlEy
MD5:	0AF4891DB7B7FA46FBFCD40FFF9764EE
SHA1:	6E7F052ABFB3B19DB01917FFDFABFD48DC8A2A51
SHA-256:	D925A27DC99BBD3BC04AE6B5587E224A096E87DBD432DF552DEBE2A62971E5AA
SHA-512:	AE4138D2BCCB052212E25F24BC69DEA94C6CF2DDDFA25C2730B84EE497DA533A5C3BEA5119371FC5D2111BE4B4263C98B4534EE72C07772E790418745F127A68
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/imagesloaded.pkgd.min.js?ver=6.6.0
Preview:	/!. WPBakery Page Builder v6.0.0 (https://wpbakery.com). * Copyright 2011-2021 Michael M, WPBakery. * License: Commercial. More details: http://go.wpbakery.com/licensing. /..// jscs:disable.// jshint ignore: start../!. * imagesLoaded PACKAGED v3.1.8. * JavaScript is all like "You images are done yet or what?". * MIT License. */..(function(){function e(){}function t(e,t){for(var n=e.length;n--;)if(e[n].listener===t)return n;return-1}function n(e){return function(){return this[e].apply(this,arguments)}}var i=e.prototype,r=this,o=r.EventEmitter;i.getListeners=function(e){var t,n,i=this._getEvents();if("object"==typeof e){t={};for(n in i)i.hasOwnProperty(n)&&e.test(n)&&(t[n]=i[n])}else t=i[e]\|\|(i[e]=[]);return t},i.flattenListeners=function(e){var t,n=[];for(t=0;e.length>t;t+=1)n.push(e[t].listener);return n},i.getListenersAsObject=function(e){var t,n=this.getListeners(e);return n instanceof Array&&(t={},t[e]=n),t\|\|n},i.addListener=function(e,n){var i,r=this.getListenersAsObject(e),o=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\jquery.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	89496
Entropy (8bit):	5.289738088208255
Encrypted:	false
SSDEEP:	1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakU:AYh8eip3huuf6IidlrvakdtQ47GKE
MD5:	B6F7093369A0E8B83703914CE731B13C
SHA1:	D1889F5C173C2A4B20288F1F84758599AFD346EF
SHA-256:	60240D5A27EDE94FD35FEA44BD110B88C7D8CFC08127F032D13B0C622B8BE827
SHA-512:	D6AA7835D7B256B94DDD2F9D8DB84484F0413EBC502762C1BA21CBA7A392C6F550DB2418CDC8BD6D1DA6ED2CEA55BF22473C778493D416B1A1C38E6FFDB8C79D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Preview:	/! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"o

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\js_composer_front.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	20637
Entropy (8bit):	5.264554129614354
Encrypted:	false
SSDEEP:	384:sekk5QRKhEJhCoJptuxOqU5SE3RG0F+D/W5OhS4uLSav4Rd57q:sekk5xhEJhCoJptuQSEhG0F+DO514uuA
MD5:	B00A0FD5E283160549DE2C7B36243B7B
SHA1:	F2401243950CD9624002921265E46A518851F12B
SHA-256:	314CE6BAAA3218EB171FA2C278D7FDF1B9872305DFA667E9CBF2DF77C83A9A88
SHA-512:	E5E5A424AE0B221F578433025184DEAB93115575391A7FEB1528F45E621976B3049F6BC5E1FD484B469A60C2D4706F7156B61C614C28DA5BD41E110F1E49D2A6
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0
Preview:	/!. WPBakery Page Builder v6.0.0 (https://wpbakery.com). * Copyright 2011-2021 Michael M, WPBakery. * License: Commercial. More details: http://go.wpbakery.com/licensing. */..// jscs:disable.// jshint ignore: start..document.documentElement.className+=" js_active ",document.documentElement.className+="ontouchstart"in document.documentElement?" vc_mobile ":" vc_desktop ",function(){for(var prefix=["-webkit-","-moz-","-ms-","-o-",""],i=0;i<prefix.length;i++)prefix[i]+"transform"in document.documentElement.style&&(document.documentElement.className+=" vc_transform ")}(),function($){"function"!=typeof window.vc_js&&(window.vc_js=function(){"use strict";vc_toggleBehaviour(),vc_tabsBehaviour(),vc_accordionBehaviour(),vc_teaserGrid(),vc_carouselBehaviour(),vc_slidersBehaviour(),vc_prettyPhoto(),vc_pinterest(),vc_progress_bar(),vc_plugin_flexslider(),vc_gridBehaviour(),vc_rowBehaviour(),vc_prepareHoverBox(),vc_googleMapsPointer(),vc_ttaActivation(),jQuery(document).trigger("vc_js"),window.s

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\lightbox.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	9702
Entropy (8bit):	5.259118425611288
Encrypted:	false
SSDEEP:	96:uui446kcz/2MYPtFdKZOevdieoTQTQR04FiAK0GhM5FLxER+65yCAmt0eYBJ/IwU:U6kcrr6dKIevdCTQkHCaFLxERMFZRbzk
MD5:	84B31717631A3AA90D9FFB13FA68674F
SHA1:	CA51A53908F8A2A8D9FE618F0E472B7BCF15478F
SHA-256:	E9E6D9973A70B579A231AFAF2861F48C1EB4ED7752FCF56D4AE4330285E60E54
SHA-512:	D63077B30837BBCA2BE39F517039CA9D2641444DB9943FA8079370CE5E0238B3DAE92E99B951F4237AAAB2B84D4AC1834B53BA41A56F9D9EBAC5D76F5C294AB9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/lightbox2/dist/js/lightbox.min.js?ver=6.6.0
Preview:	/!. WPBakery Page Builder v6.0.0 (https://wpbakery.com). * Copyright 2011-2021 Michael M, WPBakery. * License: Commercial. More details: http://go.wpbakery.com/licensing. /..// jscs:disable.// jshint ignore: start../!. * Lightbox v2.11.3. * by Lokesh Dhakar. . More info:. * http://lokeshdhakar.com/projects/lightbox2/. . Copyright Lokesh Dhakar. * Released under the MIT license. * https://github.com/lokesh/lightbox2/blob/master/LICENSE. . @preserve. */.!function(a,b){"function"==typeof define&&define.amd?define(["jquery"],b):"object"==typeof exports?module.exports=b(require("jquery")):a.lightbox=b(a.jQuery)}(this,function(a){function b(b){this.album=[],this.currentImageIndex=void 0,this.init(),this.options=a.extend({},this.constructor.defaults),this.option(b)}return b.defaults={albumLabel:"Image %1 of %2",alwaysShowNavOnTouchDevices:!1,fadeDuration:600,fitImagesInViewport:!0,imageFadeDuration:600,positionFromTop:50,resizeDuration:700,showImageNumberLabel:!0,wrapAround:!1,d

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\memnYaGs126MiZpBA-UFUKW-U9hrIqU[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 22088, version 1.1
Category:	downloaded
Size (bytes):	22088
Entropy (8bit):	7.976197045721412
Encrypted:	false
SSDEEP:	384:PnGPIpMdUGB5dC/q5f2Rh1T9+LraA27GnT4l5UcexDokQcH9slkDk1vRO2B:PnG5dzA/qN2RBIeA27GT4zAxDofcHeeY
MD5:	6B8620DD9B7F0DE6531FCC1D397B5361
SHA1:	15632276D3969AA6FCCC2231906FB44FA5479EB0
SHA-256:	FC849DBB5A6BC86E49018BF353EAACA1DDA58427F5A0ED6E6B6CFBD6F90ADB77
SHA-512:	F4F6656EA257477CB1584D788BA8E0B79CD439DC41FADE2C3FD234E3FE8C927D7C802E9D49F0CFA7E9992A50F1F2887560C937B117E617770F840D369087A378
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKW-U9hrIqU.woff
Preview:	wOFF......VH................................GDEF.......\........GPOS...........R.c..GSUB...d...s.....,.OS/2.......U...`t..%STAT...0...B...V^.B.cmap...t...........`cvt ...,.......8I.G.fpgm...............Zglyf......;...Z.....head..K....6...6...)hhea..KD...#...$....hmtx..Kh.......P..2,loca..N........!..Nmaxp..P$... ... ....name..PD...$...`;.^.post..Qh.......y0>r.prep..T....B......3)x.....@...}w.A...@.6.(t...A1T..i.. R@..Y...u.[1.ng/.%..J.]..M.=..K.K\|\|5....&:..1.f4..D..Mx.5....`...{zz.m.m.m.m.m...f.Nf....u!.B"+.._.h...G...c.V..I...A.......i....(.1...l......(.EH$F...Q.1....LY0.....0..1..P.;p..../.....]....]C.8.R.KT.-.%.^...Yrje.-......R].Jci).e.t..[..{..ce.i.^...TV.^.m.(.m{XN.y.j....>.O...Z#R.5.&.Tz... U\...k.f.....Z;jw....F.x......\....G..^..zW..K....+....X.lJF$]r)9..".0...)L..\L.g....I.........{&-...<........$......Ny/.)W...~...g.C.YL...D.!....../Y.\...R...7.9(.....@......x...../w.zpu#..,72.L...z7.......=g....M.& .Y...F..n.cCN.`'.K..o.......}A>.{

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\memnYaGs126MiZpBA-UFUKWiUNhrIqU[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 17512, version 1.1
Category:	downloaded
Size (bytes):	17512
Entropy (8bit):	7.968196019099005
Encrypted:	false
SSDEEP:	384:TLq60uOF2lS+F0tIAj23Km+GwptAko/13pSJn2IpCEApitRVE9ZtIKZ:bS2c+ZAj26m+Gw/ot5SJn2I83iEZ
MD5:	AE9D2F1CE08FBDF103EE860763B106FF
SHA1:	2E16DAE015C60EFA97ACF4CCC628F798C4981AB9
SHA-256:	7263F989C49E7C621C73468B7DDDEB14497B529EDF427DE520EF636A2224FAC9
SHA-512:	6FBE7566AB26401EA987F4CA761275D15BF931B049A92EABBF832F72065D8C40CF151878CEBA5C030BB06EE0609F5CB0CF6BDBB979657DA8E4B747ADCC9FED63
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKWiUNhrIqU.woff
Preview:	wOFF......Dh......e.........................GDEF................GPOS................GSUB.......y.....;..OS/2...$...]...`....cmap.............Y..cvt ...8...b.....g.ifpgm............s.ugasp...@............glyf...L..3...NX.r..head..<L...6...6..{.hhea..<...."...$...bhmtx..<....-....../.loca..>..........8maxp..@.... ... .y..name..@.........)/C.post..A.........5.".prep..Cx...................................................x.M...P.@..L..$$. .g..;..k.z...P.$K......[.E..Z....B )..a.:...i...!......J ...U....l/..m.&3.KO...#..-..%;7.V..........x.c`f9......u..1...<.f........................b.. 0t.vfPdP...M...C.G/S....\|..K..6 .....t......x.\.!..q......#acf...#1Q@.'U..@..".llt.Aa#.f\|c.W.....'..X..!..C...ITPE.;..V.j......0. .L0E...Yd.mN....:.....F....GG.g.s,x.>0....v..I;o..<.$G9.\f2...e(}.IS2..uc]p.........M.x.c.a.g.c..$KY...e@.,q........x........3...........%..=.d.......#..6.e..L@6.3.e.....1._....#...x.TGw.F........)..)7.W..`.j.-...=*'_..sI...2...O>....[tt....TK]..\|...G..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\memnYaGs126MiZpBA-UFUKWyV9hrIqU[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 17732, version 1.1
Category:	downloaded
Size (bytes):	17732
Entropy (8bit):	7.957222623966965
Encrypted:	false
SSDEEP:	384:+vDQHZiYwiPYuU+kEvu/A3WTzOhDGnUdBZmQMuEM+PIH:+VULU+keWWsqhDGQmFw
MD5:	7774AE48788CA5B876E5D2BD35367401
SHA1:	EC805AADB15B1A74BBCA28180C4347A6623C10C2
SHA-256:	91B6F4F34465AEEBDA712B48CB01CF3ABB5AC0090B4DD9464E68790A69F55570
SHA-512:	1EB7CC117E497F01A749522B83092EEC563CB7F73F153777582111D2E48C86E439BCDB6D341D4A35D7A3F88D7E336FD2731932CDDA55C557247A0F4B9186C716
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKWyV9hrIqU.woff
Preview:	wOFF......ED......c.........................GDEF................GPOS................GSUB.......y.....;..OS/2...$...]...`~...cmap.............Y..cvt ...8...^.....M..fpgm............~a..gasp...4...........#glyf...D..4...L..I.1head..=....6...6./{.hhea..=@..."...$....hmtx..=d...C.....;LEloca..?............maxp..Al... ... ....name..A..........D9post..B\|........5.".prep..D@.......$...J........................................x.M...P.@..L..$$. .g..;..k.z...P.$K......[.E..Z....B )..a.:...i...!......J ...U....l/..m.&3.KO...#..-..%;7.V..........x.%..@@.@.....T.2..Q.1dB...!.j@..}(../y..]...V....b.b.D#5/....(..v.p....'e.7.......@@?.9.....x.\.!..q......#acf...#1Q@.'U..@..".llt.Aa#.f\|c.W.....'..X..!..C...ITPE.;..V.j......0. .L0E...Yd.mN....:.....F....GG.g.s,x.>0....v..I;o..<.$G9.\f2...e(}.IS2..uc]p.........M.x.c.a.g.c.. .P...,..`....b`....C..D@$P..)._............a .p@.0.(.@.8. ..0....a8.............x.uTGw.F........)..)7.W.$`*.....G.Kz.)e....t.\|.1.7...s.g...3.7mgf..~{1...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\next[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1350
Entropy (8bit):	7.795826172553452
Encrypted:	false
SSDEEP:	24:OgMSVQogiW6rN55Wfj2byDoY6nn1SoPthAOy79jQC7tVcaKE028k:ZBCiWYNvGjWyDop1SoPMr9ECxUk
MD5:	31F15875975AAB69085470AABBFEC802
SHA1:	777E92C050F600B4519299C3D786B8F2F459FEA4
SHA-256:	15B869B02C6FBAA8C6C26445A2DD2D9BAD80FD27B1409F8179E5DD89DC89D90A
SHA-512:	EDC920DCD2F5AC9A6E08098C6A59F888A9CB135FF4EF3DC2183931E065B6531E00E2C8ACD3C329A3D90EB939EA3DB318A9B677B5AA78A227815373D7008D40AA
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/lightbox2/dist/images/next.png
Preview:	.PNG........IHDR...2...-......8.....IDATx..KL\U..3w.+0.b.gp.-a.Z.U.....Rjj.-.Z.va.i.....@.........HA...F.#a..C.M0. @x#e.O.\|....9.'..2.Y..}..{y.4...@'..F<........%..I?I....X.......#....=.".... .xA.8I..c ....r..J..D...u=j.....~......T1],.N$.<.N.B...wvww..................7p...a.>.r.Ngdaaa6nZSSS..\|...S..e2N.Q...H..C+......................eTWD.)..H....z.bMOO....>..R&..LS-..TWW.....Z.......z?..2&#..r....).-,,..2.........\|.#....t../..h4....a%3666....e..p..h.Dl ...............d0.."3.........k.M2gAEiii......F.].L.d..@..F2Nj3?.\(...X]]]....9...u....<.&...6.(((hA....,.v...i.....3s.d..........J..@..Ef.T..0..Q.M+....y.......,.Z6........p.......Q..f... [...>.+ph.b....c. ..d.p..f.4.....!..&...S ..}.@.-.e..x.\.D"_....2..2.....ZLW%...A..y....4.:..Y.3333.#W.....7'........}.\|600.W\....;..G...TD.:...tN......~.........\|.....4."...!.c ...k...?.*...9.}...v...;U..A...rMM.."....Q.J.9 .$I.a..........".....d.@"..O.W.9.$..D.T655....[[[o.l.J.-..q.M...Kd.L\nll..Ittt..}UL".$

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\owl.carousel.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	41985
Entropy (8bit):	5.032833619909774
Encrypted:	false
SSDEEP:	768:AyWO0MF5ToHpuNCzHRbPZYLDOSlkIIe5EVEEJiZIH:ArO0MFGJyUW6Jt
MD5:	FC20CCAAD0CF5CE51D7B7A1B66589CD3
SHA1:	9E398996CFF9A8FA2877766B3D11734CD774A68D
SHA-256:	689C9AC02B0A03FD9A206833DF33EC989DD5ED79EAB24A1802FB281BB9ACCC26
SHA-512:	EBB77A321AF31F55CDE6AC5672ACFA45C4CB7A95D3093B0A73535ABFCDB16D2F2E0C0EFF32A1D6492DBE023A607E0ACE763E06E271541B0CA60E1D3C25D534FD
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/owl.carousel.min.js?ver=6.6.0
Preview:	/!. WPBakery Page Builder v6.0.0 (https://wpbakery.com). * Copyright 2011-2019 Michael M, WPBakery. * License: Commercial. More details: http://go.wpbakery.com/licensing. /..// jscs:disable.// jshint ignore: start../!. * WPBakery Page Builder v6.0.0 (https://wpbakery.com). * Copyright 2011-2019 Michael M, WPBakery. * License: Commercial. More details: http://go.wpbakery.com/licensing. /..// jscs:disable.// jshint ignore: start../!. * WPBakery Page Builder v6.0.0 (https://wpbakery.com). * Copyright 2011-2019 Michael M, WPBakery. * License: Commercial. More details: http://go.wpbakery.com/licensing. */..// jscs:disable.// jshint ignore: start..!function(t,e,i,s){function n(e,i){this.settings=null,this.options=t.extend({},n.Defaults,i),this.$element=t(e),this._handlers={},this._plugins={},this._supress={},this._current=null,this._speed=null,this._coordinates=[],this._breakpoint=null,this._width=null,this._items=[],this._clones=[],this._mergers=[],this._widths=[],this._invalidated={

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\recaptcha__en[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	downloaded
Size (bytes):	343376
Entropy (8bit):	5.708451910823472
Encrypted:	false
SSDEEP:	6144:DUIS85b0RNK4QFbDym2MXV817R9ryWv3hslGxl:bS85bIN6OuF817R9rvpvb
MD5:	4CB94B696DF4446AA6D4292BE0DFC2C0
SHA1:	626C41D96DC979EB9887EC603DB5A88E175B4E6D
SHA-256:	F8CB544F90B2C0399716BD41669BCEF24768DD8C509A7C7D1C26CA9FE4EFC0FB
SHA-512:	370E676EB3A4DB8265643C9EF89B578C708B8EC6F24D0AF70F3D249EEDC8EB0FEBFDC2441864DE74C7D69794803F14EB37A4855DBEB9E903D1506A43A5E21BB1
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/recaptcha__en.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var Q=function(){return[function(T,r,b,R,D,N,W,k,Y,X,E){if(1==((3==(((2==(T+7&(X=[66,15,"dg"],X[1]))&&n.setTimeout(function(){throw r;},0),T)^996)&X[1])&&(E=0<=rW(r,b)),(T^362)&13)\|\|(Y=["bg","POST","ct"],DF.call(this,(new N6(u[7](3,"userverify"))).K,u[32](X[1],")]}'\n",Wd),Y[1]),f[41](X[0],this,"c",r),f[41](18,this,"response",b),null!=R&&f[41](18,this,"t",R),null!=D&&f[41](2,this,Y[2],D),null!=N&&f[41](2,this,Y[0],N),null!=W&&f[41](50,this,X[2],W),null!=k&&f[41](2,this,"mp",k)),T-3&X[1])&&(u[36](9,.function(t){P[23](14,b,r,R,t)},kx),O[18](20,!0,kx)\|\|f[43](3)),!((T<<1)%19)){for(R in N=r,D=[],b)D[N++]=b[R];E=D}return E},function(T,r,b,R,D,N){return(T>>2)%((T+(N=[7,25,6],N[0]))%4\|\|u[4](22,0,R,4,b)&&P[4](30,r,b,4,R),N)[2]\|\|(b=['"><div class="','">',"rc-doscaptcha-body-text"],r='<div><div class="'+u[N[1]](N[0],"rc-doscaptcha-header")+b[0]+u[N[1]](N[0],"rc-doscaptcha-header-text")+b[1],r=r+'Try ag

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\resolution[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 175 x 85, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	5349
Entropy (8bit):	7.87535796212606
Encrypted:	false
SSDEEP:	96:Yo7F52vd44OqOHojP/m49OngRP/9l2RMqgJPZz:N7FEOqOHeP/m4NYCvxz
MD5:	04175E61A8B5AB1C791B4033967D2DDC
SHA1:	6173275069F6A08FD217232638074D37F6492118
SHA-256:	000B0C9FA58851541F347B6731DA849E6C02632492062A9B3A108F83706AD705
SHA-512:	F7CFAA815D83F956F809E696BEFACEA5C800CBA98EF37D4B0B60A93DF4654B5B2CF43B2AED03D2E81ED9D98B70B273ADEBEA58E947C79F867B0B8A25FE158B1E
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2017/10/resolution.png
Preview:	.PNG........IHDR.......U.....?.......tEXtSoftware.Adobe ImageReadyq.e<...&iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2018 (Windows)" xmpMM:InstanceID="xmp.iid:72023C7372EA11E8B0D2AAC6E833D75F" xmpMM:DocumentID="xmp.did:72023C7472EA11E8B0D2AAC6E833D75F"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:72023C7172EA11E8B0D2AAC6E833D75F" stRef:documentID="xmp.did:72023C7272EA11E8B0D2AAC6E833D75F"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...(...UIDATx..].t.E..?$!..p...r.!..AV9".PAPV.C`...Wa.t...<....K..D9E.9...E$.`.+. G..!..![..1.03.LH h}...'3}Lw.]].]

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\sddefault[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, frames 3
Category:	downloaded
Size (bytes):	33374
Entropy (8bit):	7.964144973060602
Encrypted:	false
SSDEEP:	768:okYRo9T9zDd2Eg/46JxsAkVRhgUXYlTcACwQsqW6yKB7:HYRo9TxDd2EazshVRJXYlQqQsqW6z
MD5:	CC72C255526514ED2A4496500FD0FE1E
SHA1:	E540CF81E8670EE95277ADE4D30FF8F68F222398
SHA-256:	A9EAB0432E9C0040A8B1F8275EA1CFAA91F2CAE1C78515D9AA46E2C6416C3E8F
SHA-512:	2DCE75B171DB07C6658757505542CC81B9D6A128BAD92986AA92E3E47B296DDCD8285214DB1305B328CECB84595A024CDAF670544850748059FE30326F305D8A
Malicious:	false
Reputation:	low
IE Cache URL:	https://i.ytimg.com/vi/unXEs0crvtA/sddefault.jpg
Preview:	......JFIF.........................................#.%$"."!&+7/&)4)!"0A149;>>>%.DIC<H7=>;...........;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;..........."........................................U.........................!..1A."Q..2aeqr.....#34B....R..$56CSTbst..DU.....%cd.E.&'...............................'........................Q!1."A2#a.3.B............?..." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." ""." "".+_x.Q.?.w...s.)..DV.....~$...>..L..".....s.'x.Q.?.f.Q....(...;....0..}..G..I.?.}...TEk...>..N....~$...+_x.Q.?.w...s.&`U.Z.......(...3.....?.}....G..I..DV.....~$...>..L..".....s.'x.Q.?.f.Q....(...;....0..}..G..K...G..I..TV..<..~$.#.>..L....w...s.'y.Q.?.f.U....(...;....0*..].yG..I.G.}...UEj.#.>..N.<..~$...+Wy.Q.?.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\unXEs0crvtA[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	dropped
Size (bytes):	50566
Entropy (8bit):	5.814678512524051
Encrypted:	false
SSDEEP:	768:nfKLK9/tk3g4rE7pNfsJmNX1UXjFjU+B46fKzoA8L/PzCls:WbYNXeX9HBNsoA8L/7Cls
MD5:	9257E7A8FA97A479FE4E781BFD87AD5C
SHA1:	CF888D18DF5E2C63E46EBAC3E24613BC7BAF7746
SHA-256:	0E84B08FFB6404CCBAEB9DF858C2382ED0FD970EBA7ADC874CDE49257E576F04
SHA-512:	61F53BC430A1C0E06D38DC926518C829071B76B85806FA05FB32D7D5074BED288B45296688F03A379911F0CD2458288CA72DE81D71CD7BBACF0ED7FFB8F8AF62
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE html><html lang="en" dir="ltr" data-cast-api-enabled="true"><head><meta name="viewport" content="width=device-width, initial-scale=1"><style name="www-roboto" nonce="ObEDYenh1EMpkz0ipZghWw">@font-face{font-family:'Roboto';font-style:normal;font-weight:400;src:url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxM.woff)format('woff');}</style><script name="www-roboto" nonce="GmEQ/ILQmk4TqBD9Ygkwtw">if (document.fonts && document.fonts.load) {document.fonts.load("400 10pt Roboto", "E"); document.fonts.load("500 10pt Roboto", "E");}</script><link rel="stylesheet" href="/s/player/e467278e/www-player.css" name="www-player" nonce="ObEDYenh1EMpkz0ipZghWw"><style nonce="ObEDYenh1EMpkz0ipZghWw">html {overflow: hidden;}body {font: 12px Roboto, Arial, sans-serif; background-color: #000; color: #fff; height: 100%; width: 100%; overflow: hidden; position: absolute; margin: 0; padding: 0;}#player {width: 100%; height: 100%;}h1 {text-align: center; color: #fff;}h3 {margin-top: 6px; margi

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\wp-embed.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	1426
Entropy (8bit):	5.158381671009404
Encrypted:	false
SSDEEP:	24:Q77OUdqIoZ2zsben5WlLysyIOKI1mQqRhoj3v2rFEgRuLUMB9/RUCXXmC3+:Q7SUyEsyKystOKumTsOrFEmu7Bl6CX2P
MD5:	905225D5711B559D3092387D5FFBEDBD
SHA1:	6F6C39075263BAFB9E8C10F1B34A1A0F7EE03C9D
SHA-256:	5BE614BCE53F767993A5F5F14A6BADD6AAE6BF3AF7CBDBF4D31520DE49E27991
SHA-512:	5AD34CF11ACF45AE256B2641496BE13939CD5E0212810C43AB20CADBB313A1D99CB3A451148E160D80F1F952A8514480C2953BC6CA0C4697A466A01E1C3D5F8D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-includes/js/wp-embed.min.js?ver=5.7.2
Preview:	/! This file is auto-generated /.!function(c,d){"use strict";var e=!1,n=!1;if(d.querySelector)if(c.addEventListener)e=!0;if(c.wp=c.wp\|\|{},!c.wp.receiveEmbedMessage)if(c.wp.receiveEmbedMessage=function(e){var t=e.data;if(t)if(t.secret\|\|t.message\|\|t.value)if(!/[^a-zA-Z0-9]/.test(t.secret)){for(var r,a,i,s=d.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),n=d.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),o=0;o<n.length;o++)n[o].style.display="none";for(o=0;o<s.length;o++)if(r=s[o],e.source===r.contentWindow){if(r.removeAttribute("style"),"height"===t.message){if(1e3<(i=parseInt(t.value,10)))i=1e3;else if(~~i<200)i=200;r.height=i}if("link"===t.message)if(a=d.createElement("a"),i=d.createElement("a"),a.href=r.getAttribute("src"),i.href=t.value,i.host===a.host)if(d.activeElement===r)c.top.location.href=t.value}}},e)c.addEventListener("message",c.wp.receiveEmbedMessage,!1),d.addEventListener("DOMContentLoaded",t,!1),c.addEventListener("load",t,!1);function t(){if(!n){n=!

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\www-embed-player[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	196313
Entropy (8bit):	5.596469760701508
Encrypted:	false
SSDEEP:	3072:+aLk3ytPTfr6xngfEHjpQ6MQNo0ru7E5WdyDNlCHmshH:P6xngfEH+Ko0ruoDDNlG
MD5:	0C36B8352D23B2EDDD7EC0F0A717EB4E
SHA1:	E7CEB0F79E9C21C08A0E02F4EEFDAEBB044BF270
SHA-256:	7AF5B0F3908EF5196C81BDBA087950891681F2158CEAD3F3DE9F072F580E7556
SHA-512:	E603BDBB3B4B8E5E7D9CC47A614F563D6A55299EFBA0501511BD90773A86F93C494AE6A1F55464AAA02349032D9574C3090EC96BD44428D6B94D4AC6F47A1B44
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.youtube.com/s/player/e467278e/www-embed-player.vflset/www-embed-player.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.'use strict';var m;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}.var ba="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}.var da=ca(this);function r(a,b){if(b)a:{var c=da;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&ba(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(f\|\|"")+"_"+e+

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\-Default[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 275 x 162, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	12252
Entropy (8bit):	7.947348323758577
Encrypted:	false
SSDEEP:	192:XlboKrXVTt07GK0BETY7GoZAkg3v8D3zoglxOlBVromLhqXYFk8hNCm1nECwa:XZ5rlTt0yKWETDo6iDtxOl/SYFZU6n3D
MD5:	6C4940B9945E18C533D26D648212EDF4
SHA1:	4EF6EC59A21303A241D51FBFFE0805FD8832B947
SHA-256:	2D99CB776E06C2FB595671122285A66C4DEBE4029EEE2813FA54E750723B30C3
SHA-512:	F915B9EDC1E6FAB50F4FAF6670EB913045CD8DF2DE31E6791FBD0E19B785E55B05A99CF3A21A9A2890CB5A67051FC66AB0275D1B352224E076CBCB05FFBEA141
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn.yoshki.com/SRA/EnglishMono/275/0/-Default.png?a=121*012801280128@5501090=401$0=60=40=90124012@=90124012@=70=401$0=40125012@1230124@5501$012@05501260=6
Preview:	.PNG........IHDR.............bH).....sRGB.........gAMA......a.....pHYs..........o.d../qIDATx^...E..r...H.$....J.....T...IQ@@EA.Q..H.@.0...v......>.{...3....o.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0.....`0......S...D...............].e.....?.I/L.........=.......-Y.Z.y..l.cC.>}.g........_...\|nY............K.}q....e}.y4...[.>....M.~......._....d}....O..............G..t2@d.......f.\|I.m.vHyp?z.w....H........;.o...[.x...../.N...g...RV.?.w..+...{I9).~..?.=7v\|v..m.z..S?..q....}~.....ot.t...~u.kq.x.b..+;n..^.._.\.\|.4t.b...'.~....O...2 .P....n}.7p.l....;w$...![.v]6k....%..^.....Ei.......O...\.:[.pQ.y......'..}o.(......S..ym.v.\|G..].f.^Y$.8= .......88.<u..Yq...W...-v.<t.S.e?..k6b.h......U".ISrb...{.+......<;\=.g+V..}..s..e.F.......K.'F..-{..q..i....8b.R...A.....z.5R.j+..}V....>.._..7...Z&..r.6..R....^.z.<.&Ou...O5....!.H .g.<.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\EJRQQgYoZZY2vCFuvAFT9gaQZynfpg[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 34100, version 1.1
Category:	downloaded
Size (bytes):	34100
Entropy (8bit):	7.986853384950331
Encrypted:	false
SSDEEP:	768:BySzGhgrBBXE/X69x3uy4zFoUn0VDYWmcGSn:QS4EBu/X69x3uycFJyn
MD5:	ABCD0499DDF538CFAB2DA3036DACE8B6
SHA1:	1260A46C69670620D521E380F8483DCF8453C991
SHA-256:	805044805F50602191A9CE6F555AED9041DF6823A8848B1FB5FE1895432CC5D1
SHA-512:	8A00FDA76715FB0257A3E6C41179AC891417BD20E9426B9E7135ACE0D84FE064749D0A68EFD2B6A07F7A7E1EEC4AF3D2242973905A9EF8D12CFD5243E785DFC5
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/ptserif/v12/EJRQQgYoZZY2vCFuvAFT9gaQZynfpg.woff
Preview:	wOFF.......4.......l........................GPOS.......e...T.HFGSUB...........H{..OS/2.......\...`m.2vcmap...............cvt .......4...4....fpgm.............H.ogasp................glyf......a.........hdmx..k....#..&.~...head..}$...6...6.;..hhea..}\...!...$....hmtx..}....B.....B Rloca............%.P.maxp....... ... ....name............&-D.post...........yY.f.prep...P..........x.....I...$.......m.....m..{zl.....=os2....?.....V@.(.P.$......=x7.....x.............<.......1...J.........y..,Q......^!.jFH..;...s8Gp$Gq......y...\|.G\|.'\|..\|..\..).R.$....o......!.h#.E.......Z......SC..m.f~..-......]....Z..6.vzv.....'US.Z...r..-..-e....lI{k'.P...'1.o.....\|v'..}U......'.7V........l...T.}..z+U..O.6E....c9Y...q&.Q.=U.y...../)_V...q....3.h'. vk.~.D..:.c...P...wl..j+-kSl..Z....v.....@...y...d.@..-.o.Y.....T..Zs.I..F`C]3..^....*..&..5..E.....6W.T.....J...k.`.......T.....j..)..e.O.....n~..e}.Y.X.R.....$u/.9/j..\|...I...u..6W.\M....Yc... .P..&..k.st.n..RN...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\KFOmCnqEu92Fr1Mu4mxM[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 19824, version 1.1
Category:	downloaded
Size (bytes):	19824
Entropy (8bit):	7.970306766642997
Encrypted:	false
SSDEEP:	384:ozNCb8EbW9Wg166uwroOp/taiap3K6MC4fsPPuzt+7NCXzS65XZELt:K4zbWcDVwt230hfs+x+Bb65X2
MD5:	BAFB105BAEB22D965C70FE52BA6B49D9
SHA1:	934014CC9BBE5883542BE756B3146C05844B254F
SHA-256:	1570F866BF6EAE82041E407280894A86AD2B8B275E01908AE156914DC693A4ED
SHA-512:	85A91773B0283E3B2400C773527542228478CC1B9E8AD8EA62435D705E98702A40BEDF26CB5B0900DD8FECC79F802B8C1839184E787D9416886DBC73DFF22A64
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxM.woff
Preview:	wOFF......Mp.......P........................GDEF.......G...d....GPOS...............hGSUB............7b..OS/2.......R...`tq#.cmap...........L....cvt .......T...T+...fpgm.......5....w.`.gasp...@............glyf...L..:+..j.....hdmx..Fx...g........head..F....6...6.j.zhhea..G........$....hmtx..G8...]......Vlloca..I.........?.#.maxp..Kt... ... ....name..K........t.U9.post..Ld....... .m.dprep..Lx.......I.f..x...1..P......PB..U.=l.@..B)..w.......Y.e.u.m.C.s...x.h.~R....R.....2.x.....[....#N..m.m.m.mfm....SP..NuM..9]..=.U..!...[........w...\|......^p....H......;...)..........;..EoDo....E.E.D...`.0.GG.aA.H.V.Mx\xA....../..d3.Eb_.J...R.^v........\^ob.}.z..k.x).v$f$..O)+.2..*....y}6`C6b.6cs...l...........!.........<..\|.\|..\|..\|..\|.\|....o....I%.4.L.SI.&C.6..!`...{...c..\.J.(.2.C....V.A..?.M<nG......v..m.;..R.C..aj.H...=..{.>.:.....}i_Y......:....o.&k..KY.2..6k....i]..{,.p}../.....VO3.o].fJ....R-TZ..;...RN..&V...C...3.?.......&..z.s&.D....r,.I...t.R..a$k..Mm..Y.U...+b.%kQ..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\NewErrorPageTemplate[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	1612
Entropy (8bit):	4.869554560514657
Encrypted:	false
SSDEEP:	24:5Y0bQ573pHpACtUZtJD0lFBopZleqw87xTe4D8FaFJ/Doz9AtjJgbCzg:5m73jcJqQep89TEw7Uxkk
MD5:	DFEABDE84792228093A5A270352395B6
SHA1:	E41258C9576721025926326F76063C2305586F76
SHA-256:	77B138AB5D0A90FF04648C26ADDD5E414CC178165E3B54A4CB3739DA0F58E075
SHA-512:	E256F603E67335151BB709294749794E2E3085F4063C623461A0B3DECBCCA8E620807B707EC9BCBE36DCD7D639C55753DA0495BE85B4AE5FB6BFC52AB4B284FD
Malicious:	false
Reputation:	low
IE Cache URL:	res://ieframe.dll/NewErrorPageTemplate.css
Preview:	.body..{.. background-repeat: repeat-x;.. background-color: white;.. font-family: "Segoe UI", "verdana", "arial";.. margin: 0em;.. color: #1f1f1f;..}.....mainContent..{.. margin-top:80px;.. width: 700px;.. margin-left: 120px;.. margin-right: 120px;..}.....title..{.. color: #54b0f7;.. font-size: 36px;.. font-weight: 300;.. line-height: 40px;.. margin-bottom: 24px;.. font-family: "Segoe UI", "verdana";.. position: relative;..}.....errorExplanation..{.. color: #000000;.. font-size: 12pt;.. font-family: "Segoe UI", "verdana", "arial";.. text-decoration: none;..}.....taskSection..{.. margin-top: 20px;.. margin-bottom: 28px;.. position: relative; ..}.....tasks..{.. color: #000000;.. font-family: "Segoe UI", "verdana";.. font-weight:200;.. font-size: 12pt;..}....li..{.. margin-top: 8px;..}.....diagnoseButton..{.. outline: none;.. font-size: 9pt;..}.....launchInternetOptionsButton..{.. outline: none;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\all.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	56425
Entropy (8bit):	4.710699752289595
Encrypted:	false
SSDEEP:	768:V6C31sPizPq4/vBUAUHJUkQdR/WMQyYJrX75CsmZQzF:V6TPUC4/pMHGBdcfd7ssjR
MD5:	F7409F91A34EA35236D98702F4E69F4C
SHA1:	3A3C16CBB1114F8E210B87CF3102A99968BF6A26
SHA-256:	04950E48CD4097FB4A540C3ABCF445CD92D59BDF9BA40F49CFB180CC94387A2F
SHA-512:	66A8F8FB2DE3E2116D2EF1895570A65300239E8B8F8BC9DDD50BB86874821741E9CB6EADB28A1441F91496CC394FFDF08117275C7F6713981B030F1B216C3DE2
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.6.0
Preview:	/!. Font Awesome Free 5.11.2 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */.fa,.fab,.fad,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:solid .08em #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pul

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\anchor[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	dropped
Size (bytes):	41817
Entropy (8bit):	5.894245358481585
Encrypted:	false
SSDEEP:	768:v/SdEgkizlcr5mMzkoN1zBwwOohvZ8fyAx49L:1/izqMoN9vFh8fy44R
MD5:	417462B9F85337B220C7280A8AE3EB5A
SHA1:	4454521403085FC81FEC4CA7BA332460582A36CA
SHA-256:	1CE4611CF8FDAD3ACB7E7EFAD202220B15934529BC2DC0ADE03A9F94D6DA3367
SHA-512:	1340247C733CC23210147D56119E04687D09E1BDD4D5E2516B1E9D0C5D147F5727A5C978276D07B5E15BD4118F59D6FC22DDF286705650C191521A62D02A9D7C
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML><html dir="ltr" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.<meta http-equiv="X-UA-Compatible" content="IE=edge">.<title>reCAPTCHA</title>.<style type="text/css">.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxP.ttf) format('truetype');.}.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 500;. src: url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc9.ttf) format('truetype');.}.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 900;. src: url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc9.ttf) format('truetype');.}..</style>.<link rel="stylesheet" type="text/css" href="https://www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/styles__ltr.css">.<script nonce="9rRmIXR6ApBbmS0kYeSufw" type="text/javascript">window['__recaptcha_api'] = 'https://www.google.com/rec

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\coronavirus-covid-19-notice-june-2020[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode (with BOM) text, with very long lines
Category:	downloaded
Size (bytes):	38987
Entropy (8bit):	5.385057127892103
Encrypted:	false
SSDEEP:	768:9atuUk60wKYNrW1LnrlyfbbowbuRZV+T2MvZDcfnztKI:9atu/6UYNrqnrlyfHdgZ7MvZDcfnztKI
MD5:	346FF7DE8EFA72A8722B1C14E6EEAF4D
SHA1:	076971E52409EA4A50E2B2FAF8296DE55EDACFEF
SHA-256:	E48EF8161E04969A71362DD21031AD362911C0BE1C4321D41881C6C6A33FD2C9
SHA-512:	783B2DE123F35BEA307450A1A132D0D9C2B6E590C5B8A4E4CD759EF051FE2AEA1D38E64B9FB32DF24687D00228D0019949088BEAA54F23272743DDF40B0696CE
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/
Preview:	.<!DOCTYPE html>. [if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->. [if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->. [if IE 8]> <html class="no-js lt-ie9"> <![endif]-->. [if gt IE 8]> >.<html lang="en-GB"..prefix="og: https://ogp.me/ns#" class="no-js"> <![endif]-->.<head >. <meta charset="UTF-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">. <meta name="viewport" content="width=device-width, initial-scale=1">. <meta name="format-detection" content="telephone=no">. <link rel="apple-touch-icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/apple-touch-icon.png">. <link rel="icon" href="https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/favicon.ico" type="image/x-icon" />..<script defer src="https://use.fontawesome.com/releases/v5.0.13/js/all.js" integrity="sha384-xymdQtn1n3lH2wcu

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\dickinsons-office-shot[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 762x560, frames 3
Category:	downloaded
Size (bytes):	92327
Entropy (8bit):	7.9836137683458475
Encrypted:	false
SSDEEP:	1536:p2YHXBx7sD7mosBjzzATsvuRDRKqDstpLIliOwonSW9b9Uo3XnTpSiGeZU3r:B3Bx7k7mosNAgVhCiOVnSuUpiGEU3r
MD5:	98C33C4CE34E8A2086E9FEC019D3D227
SHA1:	7F786BA6BB2FD8C1713CEED7057FC98D3E1D160F
SHA-256:	D053CA2A2F884141FA56DDEA45BBC1B72017ECF6522C49FD941F2A554A009EC9
SHA-512:	C5CD53D6AE2481DF5A22E9D7458D300897CE896F7E90DCC23C81C05D6A461671056AB599955C5282902EB8DDFA7F03F374568C625FE79C44294D39B61C4910CF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/dickinsons-office-shot.jpg
Preview:	......Exif..II*.................Ducky.......<...../http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2018 (Windows)" xmpMM:InstanceID="xmp.iid:35EC86B972E711E8816098B8ADB8CC35" xmpMM:DocumentID="xmp.did:35EC86BA72E711E8816098B8ADB8CC35"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:35EC86B772E711E8816098B8ADB8CC35" stRef:documentID="xmp.did:35EC86B872E711E8816098B8ADB8CC35"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d.............................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\down[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 15 x 15, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	748
Entropy (8bit):	7.249606135668305
Encrypted:	false
SSDEEP:	12:6v/7/2QeZ7HVJ6o6yiq1p4tSQfAVFcm6R2HkZuU4fB4CsY4NJlrvMezoW2uONroc:GeZ6oLiqkbDuU4fqzTrvMeBBlE
MD5:	C4F558C4C8B56858F15C09037CD6625A
SHA1:	EE497CC061D6A7A59BB66DEFEA65F9A8145BA240
SHA-256:	39E7DE847C9F731EAA72338AD9053217B957859DE27B50B6474EC42971530781
SHA-512:	D60353D3FBEA2992D96795BA30B20727B022B9164B2094B922921D33CA7CE1634713693AC191F8F5708954544F7648F4840BCD5B62CB6A032EF292A8B0E52A44
Malicious:	false
Reputation:	low
IE Cache URL:	res://ieframe.dll/down.png
Preview:	.PNG........IHDR...............ex....PLTE....W..W..W..W..W..W..W..W..W..W..W..W..W.U..............W..W.!Y.#Z.$\.'].<r.=s.P..Q..Q..U..o..p..r..x..z..~.............................................b.............................................................................................................................................................................................................$..s...7tRNS.a.o(,.s....e......q*...................................F.Z....IDATx^%.S..@.C..jm.mTk...m.?\|;.y..S....F.t...,.......D.>..LpX=f.M...H4........=...=..xy.[h..7....7.....<.q.kH....#+....I..z.....'.ksC...X<.+..J>....%3BmqaV...h..Z._.:<.Y_jG...vN^.<>.Nu.u@.....M....?...1D.m~)s8..&....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\embed[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	dropped
Size (bytes):	3924
Entropy (8bit):	5.477505577247912
Encrypted:	false
SSDEEP:	48:yMjDJXcQFaA8RCcrd10zMl/7D7JzMojJGxQ1W/iT4KwHhU64hqhJ5r+v:yMDJXcPBCSYyHN3w7/Xr/4hqhQ
MD5:	E7C2D3E779BE6482390865A6BF6CDA84
SHA1:	4628BE693A67C55FAA95F5300D7E5FA26010D73C
SHA-256:	BE9DAF17F6625983DE74CE587DAC415B27EF2D3B4114D992534491146AA245ED
SHA-512:	6EAF7EB99C0CF9FA8779E2700F83FA69C5286EF82AFB484B8AED23E322A8157C34D6B2B31A955C2F6A40FD33EBC3F2AF4822AD0BB07B838DCD7BFD22EE26913B
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE html>.<html>. <head>. <style type="text/css">. html, body, #mapDiv {. height: 100%;. margin: 0;. padding: 0;. }. </style>. </head>. <body>. <div id="mapDiv"></div>. . <script nonce="aPwY4vtP1Cvg6eKXIBd+oQ==">. function onEmbedLoad() {. initEmbed([null,null,null,null,null,[[[2,"spotlight",null,null,null,null,null,[[null,null,null,null,null,null,null,null,null,null,null,[null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,1]],["0x0:0x48ce1abce44d1a7b","Dickinsons",null,[null,null,53.75082769999999,-3.0289884],0],null,null,null,null,null,null,null,null,11,null,[null,"a",null,null,null,null,null,null,null,null,null,null,null,1,null,null,null,[null,null,null,null,0,0,null,null,1,null,null,1,null,null,null,0,null,null,null,1,1],null,null,null,[null,null,null,null,null,2,3,2]],null,null,null,null,null,[12,14,29,37,30,61,70,1371340]]]]],null,["en_US","uk"],[null,null,null,"/maps/

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\embed[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	25226
Entropy (8bit):	5.50544425253384
Encrypted:	false
SSDEEP:	384:2YRgyq+e8PXe8cyJ61OP4tWlQ54C90gABjUJm3ulet7VRrpjXKXleTe6CttBe:e+1feCQ1LAyaCzDmeqpC6P
MD5:	F52AA4B18BE3ABD7C51C57251CE073DC
SHA1:	7A5B8F915C776C07F597CF5E3FD41185D4F77D41
SHA-256:	32BCA00E47D0F75C52DA52741E92427FA59E4783B1190E52F959A29CF4A21719
SHA-512:	8DE5D74A4E68213AB1EFD2933A6B75CF9FA808F30E29F37BCE8B7B7E2F27D7C801430A81F6335115E3B5863DB29D92B4D21A61E8681D9B78A40D3D7645D60F0B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/embed.js
Preview:	(function(g){var window=this;'use strict';var uJa=function(a,b){var c=(b-a.i)/(a.l-a.i);if(0>=c)return 0;if(1<=c)return 1;for(var d=0,e=1,f=0,h=0;8>h;h++){f=g.Jn(a,c);var l=(g.Jn(a,c+1E-6)-f)/1E-6;if(1E-6>Math.abs(f-b))return c;if(1E-6>Math.abs(l))break;else f<b?d=c:e=c,c-=(f-b)/l}for(h=0;1E-6<Math.abs(f-b)&&8>h;h++)f<b?(d=c,c=(c+e)/2):(e=c,c=(c+d)/2),f=g.Jn(a,c);return c},t3=function(){return{D:"svg",.U:{height:"100%",version:"1.1",viewBox:"0 0 110 26",width:"100%"},S:[{D:"path",Mb:!0,K:"ytp-svg-fill",U:{d:"M 16.68,.99 C 13.55,1.03 7.02,1.16 4.99,1.68 c -1.49,.4 -2.59,1.6 -2.99,3 -0.69,2.7 -0.68,8.31 -0.68,8.31 0,0 -0.01,5.61 .68,8.31 .39,1.5 1.59,2.6 2.99,3 2.69,.7 13.40,.68 13.40,.68 0,0 10.70,.01 13.40,-0.68 1.5,-0.4 2.59,-1.6 2.99,-3 .69,-2.7 .68,-8.31 .68,-8.31 0,0 .11,-5.61 -0.68,-8.31 -0.4,-1.5 -1.59,-2.6 -2.99,-3 C 29.11,.98 18.40,.99 18.40,.99 c 0,0 -0.67,-0.01 -1.71,0 z m 72.21,.90 0,21.28 2.78,0 .31,-1.37 .09,0 c .3,.5 .71,.88 1.21,1.18 .5,.3 1.08,.40 1.68,.40 1.1,0 1.99,-0

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\favicon[1].ico Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	downloaded
Size (bytes):	1150
Entropy (8bit):	3.884972839282401
Encrypted:	false
SSDEEP:	12:X6KUa0l3GGGGGTmGGG6GPglGGGG92NcBGGGLlGGGG1WGvy+EYtlccu8jtl/leJVS:X6dbqUyjBVlgqX+sVe+B
MD5:	FAEF02C890403EC108243CF2DAF0D9BA
SHA1:	073CE4D57CBAB9BFA455BA2D678FBAAA1DF655CC
SHA-256:	B8EBE8BC3C179BAF093DA55A328ECDF09A331B08B72FDFD05549BBBA8FFB36C5
SHA-512:	F5E13C8B1BCAC4A270D0C62D27B6309918C88C79F1F0023C5CABD035EB270416807D930ACB76EB5373D5183194BAF33559A314F92566AAB396954C63EA8FDBF5
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/images/favicon.ico
Preview:	............ .h.......(....... ..... .................................( ..( ..( .I( .( ..( ..( ..( ..( .( .I( ..( ..........( ..( ..( ..( .( ..( ..( ..( ..( ..( ..( ..( ..( .( ..( ..( ..( ..( ..( .( ..( ..( ..( ..( ..( ..( ..( ..( ..( ..( .( ..( ..( ..( .( ..( ..( ..( ..( ..( .k( .%( .,( .P( .( ..( ..( .( ..( .J( ..( ..( ..( ..( ..( .x( ..( ..( ..( ..( ..( ."( .a( ..( .L( .( ..( ..( ..( ..( ..( .( .C( .( ..( ......( ..( ..( .V( .( ..( ..( ..( ..( .( ..( ..( .( ..( .o( ..( ......( ..( ..( .z( ..( ..( ..( .C( ..( .l( ..( ..+#..( ..( .'( ......( ..( ..( .5( ..( ..( ..( .R( .t( ..'...F?..\V..;4..%..W( ..( ......( ..( ..( ..( ..( ..( .G( ..( .'...RL.._Y..IC..( ..'...( ..............( .( ..( ..( ..( ..( ..'../(..C<..b\..OH..'..( ..( ..........( .J( ..( ..( .@( ..( ..+#..$..0,%..XQ..IC..'...( ..( ..........( ..( .( ..( .y( ..( ..( ..&...'...)!..( ..( ..( .y( ..( ......( ..( ..( .( ..( .2( ..( ..( ..( ..( ..( .( ..( .( ..( ......( ..( ..( ..( .( .( .C( ..( ..( ..( ..(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\font-awesome.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	27466
Entropy (8bit):	4.752060795123139
Encrypted:	false
SSDEEP:	384:Qi5yWeTUKW+KlkJ5de2UYmydfwYUas8l8yQ/8c:Dlr+Klk3YlKfwYUf8l8yQ/T
MD5:	4FBD15CB6047AF93373F4F895639C8BF
SHA1:	12D6861075DE8E293265FF6FF03B1F3ADCB44C76
SHA-256:	DDD92F10AD162C7449EFF0ACAF40598C05B1111739587EDB75E5326B6697C5D5
SHA-512:	F8BE32CBA15170319B5C9F663C6F0C4FFDD4083CF047D80F7B214D302B489ECA25FBEE66DDB9366D758A7598EFC9B9A886B02C9F751AE71F207CB9DB1356243A
Malicious:	false
Reputation:	low
IE Cache URL:	https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css?ver=5.7.2
Preview:	/!. Font Awesome 4.5.0 by @davegandy - http://fontawesome.io - @fontawesome. * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License). */@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont.eot?v=4.5.0');src:url('../fonts/fontawesome-webfont.eot?#iefix&v=4.5.0') format('embedded-opentype'),url('../fonts/fontawesome-webfont.woff2?v=4.5.0') format('woff2'),url('../fonts/fontawesome-webfont.woff?v=4.5.0') format('woff'),url('../fonts/fontawesome-webfont.ttf?v=4.5.0') format('truetype'),url('../fonts/fontawesome-webfont.svg?v=4.5.0#fontawesomeregular') format('svg');font-weight:normal;font-style:normal}.fa{display:inline-block;font:normal normal normal 14px/1 FontAwesome;font-size:inherit;text-rendering:auto;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.fa-lg{font-size:1.33333333em;line-height:.75em;vertical-align:-15%}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-fw{width:1.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\js[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	90417
Entropy (8bit):	5.503402927960031
Encrypted:	false
SSDEEP:	1536:JMZsLLv0qW0y+HZAn8mdyqlUIG46NuCvdDDJG3fJrw1A9GKPr5rmADWWV:JMZsf8qW0en8o+/JGBrHV
MD5:	A10EB7A362DD520F5D33D50389E64431
SHA1:	2F7D7BFB3B087563DB584CBABC69D116606BB1F3
SHA-256:	A77D9F7C19E8280E16E469989C98E6FEAD58340C7812AF581CEF0170EEF95CEF
SHA-512:	6A67ABF2E2127FD629FAF30A1BC1BEE6E94166ABC2F35A44D8069FA7E845D8689E5FCEC03255A87F755DAFBD5DF760FD56DD77CCFA74355A6C0858C8FD1E86BF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.googletagmanager.com/gtag/js?id=UA-120003099-4
Preview:	.// Copyright 2012 Google Inc. All rights reserved..(function(){..var data = {."resource": {. "version":"1",. . "macros":[{. "function":"__e". },{. "function":"__cid". }],. "tags":[{. "function":"__rep",. "once_per_event":true,. "vtp_containerId":["macro",1],. "tag_id":1. }],. "predicates":[{. "function":"_eq",. "arg0":["macro",0],. "arg1":"gtm.js". }],. "rules":[. [["if",0],["add",0]]].},."runtime":[].....};../.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var aa,ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ca=function(a){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];return b?b.call(a):{next:ba(a)}},da="function"==typeof Object.create?Object.create:function(a){var b=function(){};b.prototype=a;return new b},ea;.if("function"==typeof Object.setPrototypeOf)ea=Object.setPrototypeOf;else{var ia;a:{var ja={a:!0},ka={};

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\lightbox.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	2137
Entropy (8bit):	5.071547144464447
Encrypted:	false
SSDEEP:	24:9BVCVzkC+Zmr94w0AacqngMPiV4pJ3y65PA6vpgwALp+DDIcdZr36Q1g2SOzR8hn:9DCVwpucPn5PEDkDDFZ7HtSOzWmGJWml
MD5:	98A2BA64069CF77CC7CBA2DF38863B69
SHA1:	C1697578A11C5D4D578FCAA15DA343E33BB2DB06
SHA-256:	6FC0C282B3BBBBFE9A5AB6666573C5C0FD459F1E324449747A1E0D4E67FF76D4
SHA-512:	BE67772387E556B35B759FBF1BC69A0A68E226975B3A09710AD2A9F8DEC5E9E4CBA6DA18771F975B3B56A3C25C0B323D1020E342DF195EDEED30DC99E0604864
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/lightbox2/dist/css/lightbox.min.css?ver=6.6.0
Preview:	body.lb-disable-scrolling{overflow:hidden}.lightboxOverlay{position:absolute;top:0;left:0;z-index:9999;background-color:#000;opacity:.8;display:none}.lightbox{position:absolute;left:0;width:100%;z-index:10000;text-align:center;line-height:0;font-weight:400;outline:0}.lightbox .lb-image{display:block;height:auto;max-width:inherit;max-height:none;border-radius:3px;border:4px solid #fff}.lightbox a img{border:none}.lb-outerContainer{position:relative;width:250px;height:250px;margin:0 auto;border-radius:4px;background-color:#fff}.lb-outerContainer:after{content:"";display:table;clear:both}.lb-loader{position:absolute;top:43%;left:0;height:25%;width:100%;text-align:center;line-height:0}.lb-cancel{display:block;width:32px;height:32px;margin:0 auto;background:url(../images/loading.gif) no-repeat}.lb-nav{position:absolute;top:0;left:0;height:100%;width:100%;z-index:10}.lb-container>.nav{left:0}.lb-nav a{outline:0;background-image:url(data:image/gif;base64,R0lGODlhAQABAPAAAP///wAAACH5BAEAAAAALA

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\loading[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 32 x 32
Category:	downloaded
Size (bytes):	8476
Entropy (8bit):	7.521581779536469
Encrypted:	false
SSDEEP:	192:e8mZU0o1P1rUssaXA6RJiqlrcDUpTQ+ZSIWl7QBhr5z:iZc1PvA6RJiqYUq/l7Md5z
MD5:	2299AD0B3F63413F026DFEC20C205B8F
SHA1:	CF720B50CF8DDE0E1A84CE1C6A77788BFC5882D5
SHA-256:	225AA88B6AB02C06222EC9468D62E15FA188E39CDB9431D1F55401AD380753ED
SHA-512:	DC299EE8DE6D5BB9D3A95A0FC200EA380C6DBAEB72FBFF74E1E8BB260EE3DEEC6C981D9CFC05BF2409B8760613EF1C02BD7396456BEC618F287CA56A7A93957D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/lightbox2/dist/images/loading.gif
Preview:	GIF89a . ...........................................................................................................................................................................................!..NETSCAPE2.0.....!.......,.... . .@..@.pH....PdCl:].d.....Xla[..@$.,..T..G!.c>..#..p..0.yzk................#). ..........k..rwv&... ./$/..._.B..}}..O\..(.O....'.O....e..N....'..0.,....n..` #.(.#.........&&.....tu..QH.P......-R1..+..\,...".....@+".. 9 .8.W..$...`L!I....H...f#S~h.Z"==.XP.....Z`.......@B7..K.4Y`.NCP'.&,. @..Y.yR%!..J.Q....!.....3.,...... ......pH..D.M$......Pqx=..l........r-gc..P.y.He.R.Q.8/7i.....!!yn.........^ ......#j^......^.....(.^...P.Q......R(....%.Q.....D.....C...i.B.....3...................3..."..#........".'....,@...{.T .P'....=8......=...@..5.4H.....#...0.....2....$..%.tya.L2H(8&..Bg.1.Ji.b...-`.`....".HP...=3...Q.<....!.......,...... ....@.pH..D....... .T...H..c.......PmB..v..FL..Ta8......6.RD%...!w$k.\|]1.D....!......!.E.I...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\main[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	42
Entropy (8bit):	4.350068910616443
Encrypted:	false
SSDEEP:	3:RAM7SpRoc2LGRFEaSn:z+iLzn
MD5:	BB41ABF56C7CAD709F1A391A65578F8C
SHA1:	55AE96391DB5F6C45A50F4D25CC84DEB63AF028E
SHA-256:	60BFA43AF3E6A61AC546EEB920EAA8C10570473F4096AFB15671815B1C394946
SHA-512:	57CF1EDC15877353B48ADE757E7B3656A6D1136CA937BAF4FC5E720FF339BA55D7483DC06C3C6113FF9C3F1D53F34BDB1D2546DA2069B7DC40577F92AEBE191F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-parent-theme/library/js/main.js?ver=5.7.2
Preview:	jQuery( document ).ready(function() { });.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\mem5YaGs126MiZpBA-UN_r8OUuhv[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 18744, version 1.1
Category:	downloaded
Size (bytes):	18744
Entropy (8bit):	7.966883926264397
Encrypted:	false
SSDEEP:	384:zawWpQHZNpxHreHjc5bHhYc9ON58zWZnmiN4RHcSd2UrrMKCWX:zawPscLqqO/8zG/4RHvdh33X
MD5:	2A6051095E2330FB1A45B836E3BA038E
SHA1:	1DA733C279AA12C3D8857AED80CD910C2B209EAE
SHA-256:	C98B647124C63DEA93B52BCF6A97A76A6944B9894DC0377B70F8C3B47D91382A
SHA-512:	CB019D3D69A51FE9522AA22BF637886B9691270F0BA409167B5A1225CB50BCE494ADEAACC7C94D341A02B3AC751620E9E6A4B9AD9B3FF916C3FA12D710A3AC6D
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhv.woff
Preview:	wOFF......I8......n.........................GDEF................GPOS................GSUB.......y.....;..OS/2...$...^...`}...cmap.............Y..cvt ...8...]........fpgm............~a..gasp...4...........#glyf...D..8...W.._..head..A....6...6..F.hhea..AT.......$...dhmtx..At.........._.loca..C.........K.`@maxp..EP... ... ....name..Ep........"c?Jpost..F\........5.".prep..H .......:..]........................................x.M...P.@..L..$$. .g..;..k.z...P.$K......[.E..Z....B )..a.:...i...!......J ...U....l/..m.&3.KO...#..-..%;7.V..........x.c`fig.a`e``..j...(.../2.1..`b.ffcfeabbi``Pg``..b.. 0t.vfp`P...M...C.G/S....\|...=.6 .....m/....x.\.!..q......#acf...#1Q@.'U..@..".llt.Aa#.f\|c.W.....'..X..!..C...ITPE.;..V.j......0. .L0E...Yd.mN....:.....F....GG.g.s,x.>0....v..I;o..<.$G9.\f2...e(}.IS2..uc]p.........M.x.c.a.g.c..$K..$..`.g.e........ .......R.g......?......x.)d...........$...."....0.#.A@X..0......x.uTGw.F........)..)7.W.$`.....G.Kz.)e....t.\|.1.7...s.g...3.7mgf..~{1...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\mem5YaGs126MiZpBA-UNirkOUuhv[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 18784, version 1.1
Category:	downloaded
Size (bytes):	18784
Entropy (8bit):	7.964699694030365
Encrypted:	false
SSDEEP:	384:4YQHZJ+ZXshfYjP0lJ9WnX/zJuKvvaIYjSS4yKrtVIGPvRGq6:BchgjGJ9WnX/zJ1JcG3gf
MD5:	CA0CC58FE4C481D2486F836E8B7ACD98
SHA1:	B9988071248F824BA2D5FA88CB16DA1971AA0945
SHA-256:	B332B402229655660F0DDC7D916618F44ACA71D0ECAA68A1DF7B5AD5A5F1D6F9
SHA-512:	95E3C7674FFF4E934F252605CD3DCDF169986EE754964C703F1BFEAD52AB33F8DFE3764A8FD507E39E4C058985CCC90F6B0F69A766AAA1C8508DB806095904AB
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhv.woff
Preview:	wOFF......I`......nl........................GDEF................GPOS................GSUB.......y.....;..OS/2...$...^...`.-..cmap.............Y..cvt ...8...[.......4fpgm............~a..gasp...0............glyf...<..9...WXZ..uhead..AL...6...6...Mhhea..A........$...$hmtx..A....#......T.loca..C.........6.Kkmaxp..E.... ... .u..name..E.........#.@Ppost..F.........5.".prep..H`........x..n........................................x.M...P.@..L..$$. .g..;..k.z...P.$K......[.E..Z....B )..a.:...i...!......J ...U....l/..m.&3.KO...#..-..%;7.V..........x.c`fy.......:....Q.B3_dHc.........................@`........./..?....^...... 9. .m@J..........x.\.!..q......#acf...#1Q@.'U..@..".llt.Aa#.f\|c.W.....'..X..!..C...ITPE.;..V.j......0. .L0E...Yd.mN....:.....F....GG.g.s,x.>0....v..I;o..<.$G9.\f2...e(}.IS2..uc]p.........M.x.c.a.g.c..$KY...e@.,A.".m....x.......3......?.[.o...2...:...a..b.)@.Y.....v1.b4d...36 ..x.uTGw.F........)..)7.W.$`.....G.Kz.)e....t.\|.1.7...s.g...3.7mgf..~{1...s.3.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\office-background[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 1400x933, frames 3
Category:	downloaded
Size (bytes):	204176
Entropy (8bit):	7.9757798801235005
Encrypted:	false
SSDEEP:	3072:eaHaWurt5YRbRpBTWAyWp+sBXcG9Qz6Jqespr1ACUzSBskC2y3+b0aYbqchbG3NQ:PH/jbnZd5cG9Qw81cSDRD0qPCJb
MD5:	EEDCE1AFF3F4B59A67222A804348E6EC
SHA1:	15486B32DB9D596F92342370F99C28D7B6607DC1
SHA-256:	E6B91D6B5F20425F0D257FA24B593B8DE2D1E4E0179AC6F304DF0E305F47D85A
SHA-512:	75182121BADAE03533D1A5344E59E3FB88161FCF77F5FB4259B9F317626FEF13C462E105DAC24601B4F376A54F300C8A21F1D6F726EA0A2AB4014F0597416F9A
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/office-background.jpg
Preview:	......Exif..II*.................Ducky.......<......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c140 79.160451, 2017/05/06-01:08:21 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:6A766160634011E894F5A2F87AD01BE2" xmpMM:InstanceID="xmp.iid:6A76615F634011E894F5A2F87AD01BE2" xmp:CreatorTool="Adobe Photoshop CC 2018 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="1559E4F083B31F23837D87A02D82ABF7" stRef:documentID="1559E4F083B31F23837D87A02D82ABF7"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d.............................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\owl.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	5542
Entropy (8bit):	4.87249278606606
Encrypted:	false
SSDEEP:	96:lZJ7MBgYw6ei1zEHgIJfCNL/F+Ur9qFcU+d:lNc1QAiULt+Uecj
MD5:	5DC6D93C28F4C541109C1D0991BDEFE1
SHA1:	B20E22CE5369ED1BE6B36E7D884581185B83E768
SHA-256:	A47FF037B0A646F620F8CD07D37740485317AF5D6F6732DCF85C8EE124C21D07
SHA-512:	BAED02AF17FEBE3B0F00FF581404D9F8FAC61B6A7453B667964D89974678BE17F23601DC6A635FBE10418DB944B7CB926D1EF2A711AA0D53EC5A950D99146326
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/assets/owl.min.css?ver=6.6.0
Preview:	.owl-carousel .animated{-webkit-animation-duration:1s;animation-duration:1s;-webkit-animation-fill-mode:both;animation-fill-mode:both}.owl-carousel .owl-animated-in{z-index:0}.owl-carousel .owl-animated-out{z-index:1}.owl-carousel .fadeOut{-webkit-animation-name:fadeOut;animation-name:fadeOut}@-webkit-keyframes fadeOut{0%{opacity:1}100%{opacity:0}}@keyframes fadeOut{0%{opacity:1}100%{opacity:0}}.owl-height{-webkit-transition:height .5s ease-in-out;-moz-transition:height .5s ease-in-out;-ms-transition:height .5s ease-in-out;-o-transition:height .5s ease-in-out;transition:height .5s ease-in-out}.owl-carousel{display:none;width:100%;-webkit-tap-highlight-color:transparent;position:relative;z-index:1}.owl-carousel .owl-stage{position:relative;-ms-touch-action:pan-Y}.owl-carousel .owl-stage:after{content:".";display:block;clear:both;visibility:hidden;line-height:0;height:0}.owl-carousel .owl-stage-outer{position:relative;overflow:hidden;-webkit-transform:translate3d(0,0,0)}.owl-carousel .ow

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\prev[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1360
Entropy (8bit):	7.759688532707318
Encrypted:	false
SSDEEP:	24:GHSkQz3cCPNyzYiMy4T+awnPjXsjECJNuMCnyEiMn/k4GWkfAdU9:6SkO5YzfRCJ07Tn0W8
MD5:	84B76DEE6B27B795E89E3649078A11C2
SHA1:	6640A3432F7BA7AEA6129CDF7A5D3EABD47C295C
SHA-256:	7FD9273F20FDB1229C224341271A119020A5EEE74CCF6B4605730917C864CAF2
SHA-512:	F7128971CD4B6442EBAC344CAD93186E1FCC976470E2F5A4E758F3439C7B07421FB99A927450414B86B4BBFC0F2CC605B0E63C217057E094F9D866D9906960F5
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/lightbox2/dist/images/prev.png
Preview:	.PNG........IHDR...2...-......8.....IDATx..[L\U..=3g.S.p+...A......30.Z...Z.Z..!.i..Gn..;1.`.#.bD.....F....:LM4......).?...d....=..\|..V.~...s..P$..O....0..0.5.xpN.....+}%../...h..R..".$..X...&...... ...<I..t.H.J.."......$P....].... .=.\$s...I.a...l..(...1333............]..s.d.!i."..5F.........._".Y^^.Y...j...l...a.. .x@.......1gww..c....@:...D.n..D....paa......H5e(...:...IT.........X__....@m...&Q..6u"''.P(.@b.......A!......N.D!.@......I...n.....^...;H.u.Q.q....m..W=......&q.8h[%..."\|..D0...X].......^.V...g-A.I"++.6nvKz.....~.....H.I.d%..@...$.......`..JJJ:.....I. .....8...8..F...<I.q..1@D'........{.N. .Q......2a.....`G.IWbsss...uR'.).,.&.c...`..a.F'.`Gov.,.l;q.6LD.fp.d......'...v.I... ...4R.P.L..N..'.......>C..p....0Z.=.....<.....?.I...Ml./P..T..p.h\....Z,....poDpFFF~G...]P.>(..m.hY@..(y......./..D.......~D.{."(.g)c*Pd..c......c..466~..:... .d(#.D.@:.......M.d......PJ2...3..G....{.....I.LKK..j..2.3$c.......%&.....s....ikk.Dm....$2.CE8.D..d....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\slider-2[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x851, frames 3
Category:	downloaded
Size (bytes):	72717
Entropy (8bit):	7.614519881929936
Encrypted:	false
SSDEEP:	1536:dx3wnx81KxxVvsmd9HRNrz1iMw7uv+GNgeTjhVo/:UxB2mfr3w7/6TjhU
MD5:	63F439E8160FA215FF8211A89806B0B4
SHA1:	1559B20D022BA7365E0E7A8173FB89C67F67C68A
SHA-256:	D547FBEB195EC3AD96E3F7831311252A36F60DE11BCF27F84948F6782A74BE51
SHA-512:	6ED417770FE55041677B81588B0A9AE8491440D29DE565947B46F2EEF9788B7A4D030CBBBF19E0E8C2B2432F3CAA8FE6A322DA82C4084C8875187BF045DED31C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/uploads/2018/06/slider-2.jpg
Preview:	......Exif..II*.................Ducky.......<......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:c9a2b572-e9aa-2a4e-834e-3cd99fe23045" xmpMM:DocumentID="xmp.did:AF07702BDB7011E7B0748FA1D5727E37" xmpMM:InstanceID="xmp.iid:AF07702ADB7011E7B0748FA1D5727E37" xmp:CreatorTool="Adobe Photoshop CC 2015.5 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:1bba93e6-7f2e-0847-9c44-39124ccad7f7" stRef:documentID="xmp.did:c9a2b572-e9aa-2a4e-834e-3cd99fe23045"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...........................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\style[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	4908
Entropy (8bit):	5.182071932099427
Encrypted:	false
SSDEEP:	96:bwQ76wWWv1ILJH16WkGwI7k3/nqHYaLnwDf:84WWv1dGwI7E/qjm
MD5:	722CB348E2D25E688B53F07119BF006F
SHA1:	E213A1DC0468B8DC392D28BF97AD2B715F9B9B60
SHA-256:	3A409B8FE2E1C1D70C68D737FA9329FC09BC3ACC85003F20D9F5B8D818013948
SHA-512:	EE5A6ECCD16C95BC0A70280789817F59C4075FA6CBDDBF3A744C44FA5894C0FA8C7205F8A1BABB6F8675D55E121E1050DE0F5B49436A09972546076EE60ACA54
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/themes/quicklaunch-child-theme/style.css
Preview:	/.Theme Name: Quick Launch Child.Theme URI:.Template: quicklaunch-parent-theme.Author: We Are Northwest.Author URI: http://www.quicklaunch.co/.Description: Child theme..Version: 1.0./..main-brand-colour1 { background-color: #3578c8; }..main-brand-colour2 { background-color: #EFEEE8; }..bg-colour1 { background-color: #EFEEE8; }..white-text p, .white-text { color: #fff; }..darkbg {background-color: #999;}..blue-bg {background-color: #3578c8;}..grey-bg {background-color: #f3f2f0;}...wpcf7-list-item {display: block !important;}..form-row {margin-bottom: 30px;}..#sb-where {..background-color: #1f4490; ..padding: 20px;..margin: 0px;.}..#hp-banner {..background-image: url('/wp-content/uploads/2018/06/dickinsons-office.jpg');..background-size: cover;..background-position: center;..background-attachment: fixed;..min-height: 0px;..text-align: center;.}..h1,.h2,.h3,.h4,.h5 {..font-family: 'PT Serif', sans-serif;..font-weight: 400;.}..h1 a,.h2 a,.h3 a,.h4 a,.h5 a {..font-family: inherit;..font-

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\v4-shims.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	34399
Entropy (8bit):	4.8846438367170535
Encrypted:	false
SSDEEP:	192:WP6cb0bcx4cgVU92oIGDE8Kcsy1KsF7ndtgMn+I1zTV3c8jevMykD:Vczx4cgVfLGDEbK1J7nd71tXjevMyw
MD5:	FFB96099720DDE6483D7CAB290C543EE
SHA1:	1A6ECE8EEE36923D795CDF78674B47E7F1B8E94F
SHA-256:	CDFDF586F38CFB19C6264343CC6A64ADCE7FF0961834E96A2F912F01DC29E3F0
SHA-512:	2DD72F92CCDDE1AA2CD10F9A0FB05F29C67DBF3CE48374A2122DCDF514B2C48895B2CE1A6A8A246B2EA0F37FCE8CFE8C7221EAD3309DF3E9B61227428D23857F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.6.0
Preview:	/!. Font Awesome Free 5.11.2 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */.fa.fa-glass:before{content:"\f000"}.fa.fa-meetup{font-family:'Font Awesome 5 Brands';font-weight:400}.fa.fa-star-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-star-o:before{content:"\f005"}.fa.fa-remove:before{content:"\f00d"}.fa.fa-close:before{content:"\f00d"}.fa.fa-gear:before{content:"\f013"}.fa.fa-trash-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-trash-o:before{content:"\f2ed"}.fa.fa-file-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-file-o:before{content:"\f15b"}.fa.fa-clock-o{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-clock-o:before{content:"\f017"}.fa.fa-arrow-circle-o-down{font-family:'Font Awesome 5 Free';font-weight:400}.fa.fa-arrow-circle-o-down:before{content:"\f358"}.fa.fa-arrow-circle-o-up{font-family:'Font Awesome 5 Free';font-weight

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\wp-emoji-release.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	14229
Entropy (8bit):	4.959165424851354
Encrypted:	false
SSDEEP:	384:inJ5kNuPTbUUh31//bEP+XgA3FqC2effJmp3:iJ5aUUUh31//YWXgA7ffC3
MD5:	EAA8641BCDA2371F4024A71FBB67DE3B
SHA1:	0E46C39D3821683C856605A82254115F9A6A7792
SHA-256:	0C5F584D1EA2C3313DC8C55824C2A572D3CF2EAE87C5CA62A58E598AEC9DDB5C
SHA-512:	82B6B84D0A7A28D6A8B013EE41EEF27E1DF8C1FCA396DFB4ED6D01249E12479230CB2D3683A56EB80651D22046C74506D194FA34B05E2A8AD8A08AE297F79AEB
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Preview:	/! This file is auto-generated /.// Source: wp-includes/js/twemoji.min.js.var twemoji=function(){"use strict";var f={base:"https://twemoji.maxcdn.com/v/13.0.1/",ext:".png",size:"72x72",className:"emoji",convert:{fromCodePoint:function(d){d="string"==typeof d?parseInt(d,16):d;if(d<65536)return a(d);return a(55296+((d-=65536)>>10),56320+(1023&d))},toCodePoint:i},onerror:function(){this.parentNode&&this.parentNode.replaceChild(g(this.alt,!1),this)},parse:function(d,u){u&&"function"!=typeof u\|\|(u={callback:u});return("string"==typeof d?function(d,b){return o(d,function(d){var u,f,c=d,e=x(d),a=b.callback(e,b);if(e&&a){for(f in c="<img ".concat('class="',b.className,'" ','draggable="false" ','alt="',d,'"',' src="',a,'"'),u=b.attributes(d,e))u.hasOwnProperty(f)&&0!==f.indexOf("on")&&-1===c.indexOf(" "+f+"=")&&(c=c.concat(" ",f,'="',u[f].replace(t,n),'"'));c=c.concat("/>")}return c})}:function(d,u){var f,c,e,a,b,t,n,r,o,i,s,l=function d(u,f){var c,e,a=u.childNodes,b=a.length;for(;b--;)c=a[b]

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\wp-polyfill-element-closest.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	417
Entropy (8bit):	4.878288491780445
Encrypted:	false
SSDEEP:	6:qQ2noFarYvLN+XKxNk6GRciALMEnwu0sbYXpX9Y4qoCJgcnll6VAzPPqXXA8hSqf:66aIkaxNkNvQN0s659Vq/3lPmQ8hP
MD5:	89A4E64830CE633B60F1E4060FAA5726
SHA1:	DC8A0693095BBC56E745DE78C8D1D2333169D575
SHA-256:	1D1CC2B1811B4EBEDA7BE9B00999AA3330C7D16D1EA4DEBD33D3DEDF3A956AE0
SHA-512:	ACB81858E24A58253B556FB4B83161756CF8E5C52A929597B56987A6F5E57C22F41F958FE49E78E885EA52CC809AD4DE95FFE98AD1F9289B380F45233F82E6C2
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-element-closest.min.js?ver=2.0.2
Preview:	!function(e){"function"!=typeof e.matches&&(e.matches=e.msMatchesSelector\|\|e.mozMatchesSelector\|\|e.webkitMatchesSelector\|\|function(e){for(var t=this,o=(t.document\|\|t.ownerDocument).querySelectorAll(e),n=0;o[n]&&o[n]!==t;)++n;return Boolean(o[n])}),"function"!=typeof e.closest&&(e.closest=function(e){for(var t=this;t&&1===t.nodeType;){if(t.matches(e))return t;t=t.parentNode}return null})}(window.Element.prototype);

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\wp-polyfill-node-contains.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	353
Entropy (8bit):	4.82144644832395
Encrypted:	false
SSDEEP:	6:qQQTMhM8Frv1nX/JR/X0QXQeLZ+AWGeNuhLeSqGvSqLifqWpqLlldALnRtgAlSqY:cdUrBPXpAe9+/NEi2v7/BlldoRtgAl7s
MD5:	B32D5CEA64B4FD156F47C0EC0A9D8532
SHA1:	2479F764DE67D2CD836CCB27F97DD4A42232AC0C
SHA-256:	24A4D8749750DA00649D2A24744F109D7E0B2C96755282A65E4BC13B62ED18CE
SHA-512:	DEED55D5DC985E1B7A09A839FD753D634C1BDE9646CD4B709950FCE3A99158FB8494103A1C78C23CBE35A1FD2716F44CD4D28B0E94980125FE50CD92D70D0909
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-node-contains.min.js?ver=3.42.0
Preview:	!function(){function t(t){if(!(0 in arguments))throw new TypeError("1 argument is required");do{if(this===t)return!0}while(t=t&&t.parentNode);return!1}if("HTMLElement"in this&&"contains"in HTMLElement.prototype)try{delete HTMLElement.prototype.contains}catch(t){}"Node"in this?Node.prototype.contains=t:document.contains=Element.prototype.contains=t}();

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\wp-polyfill-url.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	47085
Entropy (8bit):	5.265931887868891
Encrypted:	false
SSDEEP:	384:Q69u0MvxPiPvJBuYdmMk5Cb/o/OW3ldUkbdygeA2be7XTWQkY2TKc4LTrBi++Xzc:Q6GFYN0KQXcXmmqLfB7lXezDCEhACM
MD5:	7274005802B2E364D7780806526095CF
SHA1:	16E5785DF05F6605521ED1D56C0C4234A3D4FEE0
SHA-256:	4AE8650AE71D9DEFB388BC959BDA1B6A94999B034BB4FDCD5CE83828BBEC9350
SHA-512:	A77602919B8A97D5196296E7F68D654E7EFA2B26277D48200899171F07A7804DCB88B23AC2ACAEC7839C0C9309D4D57EBA2173B5270958BC8D35F1F45C381CF6
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.dickinsonsolicitors.co.uk/wp-includes/js/dist/vendor/wp-polyfill-url.min.js?ver=3.6.4
Preview:	!function e(t,n,r){function i(o,s){if(!n[o]){if(!t[o]){var l="function"==typeof require&&require;if(!s&&l)return l(o,!0);if(a)return a(o,!0);var c=new Error("Cannot find module '"+o+"'");throw c.code="MODULE_NOT_FOUND",c}var u=n[o]={exports:{}};t[o][0].call(u.exports,(function(e){return i(t[o][1][e]\|\|e)}),u,u.exports,e,t,n,r)}return n[o].exports}for(var a="function"==typeof require&&require,o=0;o<r.length;o++)i(r[o]);return i}({1:[function(e,t,n){t.exports=function(e){if("function"!=typeof e)throw TypeError(String(e)+" is not a function");return e}},{}],2:[function(e,t,n){var r=e("../internals/is-object");t.exports=function(e){if(!r(e)&&null!==e)throw TypeError("Can't set "+String(e)+" as a prototype");return e}},{"../internals/is-object":37}],3:[function(e,t,n){var r=e("../internals/well-known-symbol"),i=e("../internals/object-create"),a=e("../internals/object-define-property"),o=r("unscopables"),s=Array.prototype;null==s[o]&&a.f(s,o,{configurable:!0,value:i(null)}),t.exports=function

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\zOL64pLDlL1D99S8g8PtiKchq-dmiw[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 16896, version 1.1
Category:	downloaded
Size (bytes):	16896
Entropy (8bit):	7.972167444840726
Encrypted:	false
SSDEEP:	384:rfQPKX/yW8wPdhphjk3p4QOqeK1CeI/+Csg2yRUKFFI6siz:2KXigdrhQb1zC9/7sg2vKvIa
MD5:	9D61EE7EB9108E20D74775FA6A75554B
SHA1:	526CFF8E5E1706E24C43C6D1B51C4504D3E6F5A9
SHA-256:	95CFE9730055566FA1D27D04004D8148CB088222AC4F5969AA2251995166B072
SHA-512:	549DF880F30DA3468102CCEA32BEA94058F1E38110840473CF8DFC6C3913A75AA4AF9E2AF7ADA3F856B3C154F547F7F87CC92C7509BE43074BC7471F113D0EA1
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/abrilfatface/v12/zOL64pLDlL1D99S8g8PtiKchq-dmiw.woff
Preview:	wOFF......B.......~.........................GDEF...X...-...4.@..GPOS.......R...(...GSUB.......&...b..z9OS/2.......Q...`5t(.cmap...X............gasp................glyf......,...P~e90dhead..:....2...6..U.hhea..;(.......$....hmtx..;H.........o..loca..=h...........maxp..?0... ... .5..name..?P.......Z4.L.post..@P.......U.9..prep..A.........h...x...E..@........I.k.n......c.M....]^.....A.R...x.L....@......m.m..qm....j.v.g.j..o.......4E[...)..R.....z...X...Km....~x..8W........5F.4&.&..".'..bsn.r...?.-..s..RZ.J}-.5.....".e.v..<.h..on.5.X..)_...[....w.C.......czV.._c}..A..Dd..5c..D.s...&.8b....M.RY.T.1..Kw..;.z~.v..7..1)....{W..wE(O........Q....EI.....KA...v..2t..5.NOj..v>.av6...`..."...3..I..q......9.e.s..,.)oX.;>.. ..J..N.....4.5....8.0.b33333.....03....6J%fVrb....g.7`Z...f..WS..p'.._.uOOO..V.....P.l....].7RK...{7..q......+..:8....oO./)...=bKVv.w0.j}7../.Tk.1...y$X..=.{Y..f\|C.2..b...deK6S.......s.Yx.F...QE.O#.i..WtWg..c../i..Z.U+.g...J.v.9.=C.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\1px[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:	3:CUkwltxlHh/:P/
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn.yoshki.com/images/1px.gif
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Default[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 275 x 162, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	26171
Entropy (8bit):	7.9568467029709
Encrypted:	false
SSDEEP:	768:CFlk9ApSaWy2Jvb3giHSjn8yEyamTxCAzHDXub40wYkL1LAk:CFl6FatIvb3THSj5amTHPWsbLAk
MD5:	479A4AE60F32707C50F4F598E51096D6
SHA1:	42AAA85DC4C05CFEDF87DCB1295BD71CB99E2C2B
SHA-256:	841D8BCF4774A44E7EAA3ACBCB6422282A16B7E876A628D0CFE1EBABBD84DAAC
SHA-512:	17AE35958DC3A7365E06B759F8248C7D6196DA4A2D2F2D34EACFF9067DC15B368420DD2700F1C0478656004E384074709654A8ED5CD5BE5FA5AB5FDAD7C4EC15
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn.yoshki.com/SRA/EnglishMono/275/0/Default.png
Preview:	.PNG........IHDR.............bH).....sRGB.........gAMA......a.....pHYs..........o.d..e.IDATx^...?E..;/.5w..y...Wp.8.9...D2H..D@rF. H..AA..P$.H..(.9....S...w.....<03......jWu......................_..#>.s./.........P.O......\wG.7....<_Mn]...'.K\|kz%.......t.x=/..{...5.W.;.h.+.\|99./.[{..c.\|.o.O.?................=..k..n{.v.mO9Na.8.k{n1..tz.(..s=..)....".i...w.q.-..s.#..-.q.k.g.yG..kn...8"z...x....$.iy..l#.1..5.c...bZ....x...Q{..N....a..>..>.??....a......>..0`....#.Z...5t...5..G-.......(3.....5.C.j:3.!..x...+.:F..::..46.G.i..1.o/..oR.-z:.......l.......r...>....i`....f....."..F_.{9.{uGM..%..........<y.V]%.umZG&....=...x.X7?K.....1..Ji..e@....<d..>j...3&Q..h.......YGNP)....O5/..,^......d.4kw.<<r:k.Gt.\|\|..."...C...R.m.....4'..^M..m....o_.f...-..........v.Db..)O........=]W..2....l.X....WK..j......Y.W.)Zx...&.#.C.6......e{ .m.(.@...\|..Ai....g.U.3..L..I.9#..)}Bs...N.}.^....8....B.t...r....(...N...2..+.k..U]..{)....My.....dJ.V....u'.........{&z>

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 27, 2021 12:18:54.974550009 CEST	49734	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:54.975189924 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.036313057 CEST	443	49734	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.036458015 CEST	49734	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.036799908 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.037002087 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.044904947 CEST	49734	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.045137882 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.108076096 CEST	443	49734	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.108180046 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.108365059 CEST	443	49734	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.108395100 CEST	443	49734	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.108424902 CEST	443	49734	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.108450890 CEST	443	49734	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.108474016 CEST	49734	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.108490944 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.108510017 CEST	49734	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.108515024 CEST	49734	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.108520985 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.108551025 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.108568907 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.108648062 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.108697891 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.108712912 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.109036922 CEST	443	49734	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.109107018 CEST	49734	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.109158039 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.109216928 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.143963099 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.144077063 CEST	49734	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.150924921 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.205487013 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.205519915 CEST	443	49734	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.205631018 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.205642939 CEST	49734	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.251543045 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.907063961 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.907136917 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.907187939 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.907238960 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.907248974 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.907285929 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.907289982 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.907291889 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.907341003 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.907347918 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.907382965 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.907397985 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.907432079 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.907435894 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.907480955 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.907493114 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.907535076 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.924488068 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.924614906 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971187115 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971227884 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971256971 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971286058 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971313953 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971335888 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971369982 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971369028 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971400023 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971401930 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971407890 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971412897 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971416950 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971429110 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971458912 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971487045 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971491098 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971517086 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971518040 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971548080 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971568108 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971575975 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971599102 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971606970 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971632957 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971638918 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971668005 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971668959 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971702099 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971714020 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.971724987 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.971771955 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:55.986355066 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.986376047 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:55.986458063 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:56.033098936 CEST	443	49735	185.216.78.150	192.168.2.4
May 27, 2021 12:18:56.034231901 CEST	49735	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:56.136045933 CEST	49734	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:56.138324976 CEST	49738	443	192.168.2.4	23.111.9.35
May 27, 2021 12:18:56.140649080 CEST	49740	443	192.168.2.4	23.111.9.35
May 27, 2021 12:18:56.152041912 CEST	49744	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:56.162460089 CEST	49745	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:56.165052891 CEST	49746	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:56.167449951 CEST	49747	443	192.168.2.4	185.216.78.150
May 27, 2021 12:18:56.185776949 CEST	443	49738	23.111.9.35	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 27, 2021 12:18:46.617404938 CEST	58028	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:46.669615984 CEST	53	58028	8.8.8.8	192.168.2.4
May 27, 2021 12:18:47.377068996 CEST	53097	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:47.424504042 CEST	49257	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:47.437314034 CEST	53	53097	8.8.8.8	192.168.2.4
May 27, 2021 12:18:47.485753059 CEST	53	49257	8.8.8.8	192.168.2.4
May 27, 2021 12:18:48.198609114 CEST	62389	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:48.253453970 CEST	53	62389	8.8.8.8	192.168.2.4
May 27, 2021 12:18:49.595325947 CEST	49910	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:49.658584118 CEST	53	49910	8.8.8.8	192.168.2.4
May 27, 2021 12:18:50.644697905 CEST	55854	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:50.694252968 CEST	53	55854	8.8.8.8	192.168.2.4
May 27, 2021 12:18:51.700376034 CEST	64549	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:51.750452042 CEST	53	64549	8.8.8.8	192.168.2.4
May 27, 2021 12:18:52.561152935 CEST	63153	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:52.612370014 CEST	53	63153	8.8.8.8	192.168.2.4
May 27, 2021 12:18:53.465084076 CEST	52991	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:53.519936085 CEST	53	52991	8.8.8.8	192.168.2.4
May 27, 2021 12:18:53.744082928 CEST	53700	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:53.805066109 CEST	53	53700	8.8.8.8	192.168.2.4
May 27, 2021 12:18:54.886615038 CEST	51726	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:54.901401997 CEST	56794	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:54.954335928 CEST	53	56794	8.8.8.8	192.168.2.4
May 27, 2021 12:18:54.962934017 CEST	53	51726	8.8.8.8	192.168.2.4
May 27, 2021 12:18:55.758008003 CEST	56534	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:55.807569981 CEST	53	56534	8.8.8.8	192.168.2.4
May 27, 2021 12:18:55.989085913 CEST	56627	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:55.999883890 CEST	56621	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:56.045862913 CEST	63116	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:56.046847105 CEST	53	56627	8.8.8.8	192.168.2.4
May 27, 2021 12:18:56.058361053 CEST	53	56621	8.8.8.8	192.168.2.4
May 27, 2021 12:18:56.112358093 CEST	53	63116	8.8.8.8	192.168.2.4
May 27, 2021 12:18:56.158404112 CEST	64078	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:56.218046904 CEST	53	64078	8.8.8.8	192.168.2.4
May 27, 2021 12:18:56.650011063 CEST	64801	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:56.928908110 CEST	61721	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:56.979490995 CEST	53	61721	8.8.8.8	192.168.2.4
May 27, 2021 12:18:57.604526997 CEST	51255	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:57.750134945 CEST	64801	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:57.796267033 CEST	61522	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:57.810849905 CEST	53	64801	8.8.8.8	192.168.2.4
May 27, 2021 12:18:57.815435886 CEST	53	51255	8.8.8.8	192.168.2.4
May 27, 2021 12:18:57.848740101 CEST	53	61522	8.8.8.8	192.168.2.4
May 27, 2021 12:18:58.029777050 CEST	52337	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:58.111344099 CEST	53	52337	8.8.8.8	192.168.2.4
May 27, 2021 12:18:58.323175907 CEST	55046	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:58.375885963 CEST	53	55046	8.8.8.8	192.168.2.4
May 27, 2021 12:18:58.523688078 CEST	49612	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:58.584306002 CEST	53	49612	8.8.8.8	192.168.2.4
May 27, 2021 12:18:59.429231882 CEST	49285	53	192.168.2.4	8.8.8.8
May 27, 2021 12:18:59.481997013 CEST	53	49285	8.8.8.8	192.168.2.4
May 27, 2021 12:19:00.426043034 CEST	50601	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:00.478878975 CEST	53	50601	8.8.8.8	192.168.2.4
May 27, 2021 12:19:02.121818066 CEST	60875	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:02.174606085 CEST	53	60875	8.8.8.8	192.168.2.4
May 27, 2021 12:19:03.155134916 CEST	56448	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:03.215524912 CEST	53	56448	8.8.8.8	192.168.2.4
May 27, 2021 12:19:05.293507099 CEST	59172	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:05.343545914 CEST	53	59172	8.8.8.8	192.168.2.4
May 27, 2021 12:19:06.260685921 CEST	62420	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:06.310694933 CEST	53	62420	8.8.8.8	192.168.2.4
May 27, 2021 12:19:08.151078939 CEST	60579	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:08.205542088 CEST	53	60579	8.8.8.8	192.168.2.4
May 27, 2021 12:19:11.270299911 CEST	50183	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:11.345462084 CEST	53	50183	8.8.8.8	192.168.2.4
May 27, 2021 12:19:20.024893045 CEST	61531	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:20.083849907 CEST	53	61531	8.8.8.8	192.168.2.4
May 27, 2021 12:19:23.744385958 CEST	49228	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:23.797533035 CEST	53	49228	8.8.8.8	192.168.2.4
May 27, 2021 12:19:24.458014965 CEST	59794	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:24.507740021 CEST	53	59794	8.8.8.8	192.168.2.4
May 27, 2021 12:19:24.756906033 CEST	49228	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:24.809983969 CEST	53	49228	8.8.8.8	192.168.2.4
May 27, 2021 12:19:25.444036007 CEST	59794	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:25.495666027 CEST	53	59794	8.8.8.8	192.168.2.4
May 27, 2021 12:19:25.762906075 CEST	49228	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:25.815773964 CEST	53	49228	8.8.8.8	192.168.2.4
May 27, 2021 12:19:26.479964018 CEST	59794	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:26.529629946 CEST	53	59794	8.8.8.8	192.168.2.4
May 27, 2021 12:19:27.777894020 CEST	49228	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:27.832885981 CEST	53	49228	8.8.8.8	192.168.2.4
May 27, 2021 12:19:28.479964018 CEST	59794	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:28.529583931 CEST	53	59794	8.8.8.8	192.168.2.4
May 27, 2021 12:19:30.998775005 CEST	55916	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:31.059257030 CEST	53	55916	8.8.8.8	192.168.2.4
May 27, 2021 12:19:31.793821096 CEST	49228	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:31.848583937 CEST	53	49228	8.8.8.8	192.168.2.4
May 27, 2021 12:19:32.494513988 CEST	59794	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:32.544198990 CEST	53	59794	8.8.8.8	192.168.2.4
May 27, 2021 12:19:33.728296995 CEST	52752	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:33.786938906 CEST	53	52752	8.8.8.8	192.168.2.4
May 27, 2021 12:19:33.945214987 CEST	60542	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:34.015734911 CEST	53	60542	8.8.8.8	192.168.2.4
May 27, 2021 12:19:41.046710014 CEST	60689	53	192.168.2.4	8.8.8.8
May 27, 2021 12:19:41.111323118 CEST	53	60689	8.8.8.8	192.168.2.4
May 27, 2021 12:20:08.998707056 CEST	64206	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:09.159256935 CEST	53	64206	8.8.8.8	192.168.2.4
May 27, 2021 12:20:09.952162981 CEST	50904	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:10.088035107 CEST	53	50904	8.8.8.8	192.168.2.4
May 27, 2021 12:20:10.691210985 CEST	57525	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:10.749833107 CEST	53	57525	8.8.8.8	192.168.2.4
May 27, 2021 12:20:11.238377094 CEST	53814	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:11.299762011 CEST	53	53814	8.8.8.8	192.168.2.4
May 27, 2021 12:20:11.360506058 CEST	53418	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:11.360542059 CEST	62833	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:11.413310051 CEST	53	62833	8.8.8.8	192.168.2.4
May 27, 2021 12:20:11.430227041 CEST	53	53418	8.8.8.8	192.168.2.4
May 27, 2021 12:20:12.014544010 CEST	59260	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:12.078059912 CEST	53	59260	8.8.8.8	192.168.2.4
May 27, 2021 12:20:12.963347912 CEST	49944	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:13.013243914 CEST	53	49944	8.8.8.8	192.168.2.4
May 27, 2021 12:20:14.497909069 CEST	63300	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:14.555495977 CEST	53	63300	8.8.8.8	192.168.2.4
May 27, 2021 12:20:15.633404970 CEST	61449	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:15.700700045 CEST	53	61449	8.8.8.8	192.168.2.4
May 27, 2021 12:20:16.087634087 CEST	51275	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:16.148740053 CEST	53	51275	8.8.8.8	192.168.2.4
May 27, 2021 12:20:17.433156013 CEST	63492	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:17.491736889 CEST	53	63492	8.8.8.8	192.168.2.4
May 27, 2021 12:20:18.058110952 CEST	58945	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:18.121025085 CEST	53	58945	8.8.8.8	192.168.2.4
May 27, 2021 12:20:20.009033918 CEST	60779	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:20.069425106 CEST	53	60779	8.8.8.8	192.168.2.4
May 27, 2021 12:20:48.676882982 CEST	64014	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:48.745353937 CEST	53	64014	8.8.8.8	192.168.2.4
May 27, 2021 12:20:50.060724974 CEST	57091	53	192.168.2.4	8.8.8.8
May 27, 2021 12:20:50.119281054 CEST	53	57091	8.8.8.8	192.168.2.4

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
May 27, 2021 12:18:54.886615038 CEST	192.168.2.4	8.8.8.8	0x91a7	Standard query (0)	www.dickinsonsolicitors.co.uk	A (IP address)	IN (0x0001)
May 27, 2021 12:18:55.989085913 CEST	192.168.2.4	8.8.8.8	0x7194	Standard query (0)	use.fontawesome.com	A (IP address)	IN (0x0001)
May 27, 2021 12:18:56.158404112 CEST	192.168.2.4	8.8.8.8	0xb4cd	Standard query (0)	maxcdn.bootstrapcdn.com	A (IP address)	IN (0x0001)
May 27, 2021 12:18:57.604526997 CEST	192.168.2.4	8.8.8.8	0xbc78	Standard query (0)	cdn.yoshki.com	A (IP address)	IN (0x0001)
May 27, 2021 12:19:11.270299911 CEST	192.168.2.4	8.8.8.8	0x8bc8	Standard query (0)	www.dickinsonsolicitors.co.uk	A (IP address)	IN (0x0001)
May 27, 2021 12:19:30.998775005 CEST	192.168.2.4	8.8.8.8	0x9fba	Standard query (0)	www.youtube.com	A (IP address)	IN (0x0001)
May 27, 2021 12:19:33.728296995 CEST	192.168.2.4	8.8.8.8	0x6bea	Standard query (0)	googleads.g.doubleclick.net	A (IP address)	IN (0x0001)
May 27, 2021 12:19:33.945214987 CEST	192.168.2.4	8.8.8.8	0xdbf1	Standard query (0)	static.doubleclick.net	A (IP address)	IN (0x0001)
May 27, 2021 12:20:11.360506058 CEST	192.168.2.4	8.8.8.8	0x7e26	Standard query (0)	i.ytimg.com	A (IP address)	IN (0x0001)
May 27, 2021 12:20:11.360542059 CEST	192.168.2.4	8.8.8.8	0x33f9	Standard query (0)	yt3.ggpht.com	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
May 27, 2021 12:18:54.962934017 CEST	8.8.8.8	192.168.2.4	0x91a7	No error (0)	www.dickinsonsolicitors.co.uk		185.216.78.150	A (IP address)	IN (0x0001)
May 27, 2021 12:18:56.046847105 CEST	8.8.8.8	192.168.2.4	0x7194	No error (0)	use.fontawesome.com	fontawesome-cdn.fonticons.netdna-cdn.com		CNAME (Canonical name)	IN (0x0001)
May 27, 2021 12:18:56.046847105 CEST	8.8.8.8	192.168.2.4	0x7194	No error (0)	fontawesome-cdn.fonticons.netdna-cdn.com		23.111.9.35	A (IP address)	IN (0x0001)
May 27, 2021 12:18:56.218046904 CEST	8.8.8.8	192.168.2.4	0xb4cd	No error (0)	maxcdn.bootstrapcdn.com		104.18.11.207	A (IP address)	IN (0x0001)
May 27, 2021 12:18:56.218046904 CEST	8.8.8.8	192.168.2.4	0xb4cd	No error (0)	maxcdn.bootstrapcdn.com		104.18.10.207	A (IP address)	IN (0x0001)
May 27, 2021 12:18:57.815435886 CEST	8.8.8.8	192.168.2.4	0xbc78	No error (0)	cdn.yoshki.com	ssl.cdn.yoshki.com.c.footprint.net		CNAME (Canonical name)	IN (0x0001)
May 27, 2021 12:19:11.345462084 CEST	8.8.8.8	192.168.2.4	0x8bc8	No error (0)	www.dickinsonsolicitors.co.uk		185.216.78.150	A (IP address)	IN (0x0001)
May 27, 2021 12:19:31.059257030 CEST	8.8.8.8	192.168.2.4	0x9fba	No error (0)	www.youtube.com	youtube-ui.l.google.com		CNAME (Canonical name)	IN (0x0001)
May 27, 2021 12:19:33.786938906 CEST	8.8.8.8	192.168.2.4	0x6bea	No error (0)	googleads.g.doubleclick.net		216.58.207.130	A (IP address)	IN (0x0001)
May 27, 2021 12:19:34.015734911 CEST	8.8.8.8	192.168.2.4	0xdbf1	No error (0)	static.doubleclick.net	static-doubleclick-net.l.google.com		CNAME (Canonical name)	IN (0x0001)
May 27, 2021 12:20:11.413310051 CEST	8.8.8.8	192.168.2.4	0x33f9	No error (0)	yt3.ggpht.com	photos-ugc.l.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)
May 27, 2021 12:20:11.413310051 CEST	8.8.8.8	192.168.2.4	0x33f9	No error (0)	photos-ugc.l.googleusercontent.com		142.250.185.65	A (IP address)	IN (0x0001)
May 27, 2021 12:20:11.430227041 CEST	8.8.8.8	192.168.2.4	0x7e26	No error (0)	i.ytimg.com		172.217.22.246	A (IP address)	IN (0x0001)
May 27, 2021 12:20:11.430227041 CEST	8.8.8.8	192.168.2.4	0x7e26	No error (0)	i.ytimg.com		216.58.207.150	A (IP address)	IN (0x0001)
May 27, 2021 12:20:11.430227041 CEST	8.8.8.8	192.168.2.4	0x7e26	No error (0)	i.ytimg.com		216.58.207.182	A (IP address)	IN (0x0001)
May 27, 2021 12:20:11.430227041 CEST	8.8.8.8	192.168.2.4	0x7e26	No error (0)	i.ytimg.com		172.217.20.246	A (IP address)	IN (0x0001)
May 27, 2021 12:20:11.430227041 CEST	8.8.8.8	192.168.2.4	0x7e26	No error (0)	i.ytimg.com		172.217.23.22	A (IP address)	IN (0x0001)
May 27, 2021 12:20:11.430227041 CEST	8.8.8.8	192.168.2.4	0x7e26	No error (0)	i.ytimg.com		172.217.23.54	A (IP address)	IN (0x0001)
May 27, 2021 12:20:11.430227041 CEST	8.8.8.8	192.168.2.4	0x7e26	No error (0)	i.ytimg.com		172.217.23.86	A (IP address)	IN (0x0001)
May 27, 2021 12:20:11.430227041 CEST	8.8.8.8	192.168.2.4	0x7e26	No error (0)	i.ytimg.com		172.217.22.214	A (IP address)	IN (0x0001)

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
May 27, 2021 12:18:55.109036922 CEST	185.216.78.150	443	192.168.2.4	49734	CN=dickinsonsolicitors.co.uk CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Tue May 18 11:26:13 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021	Mon Aug 16 11:26:13 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=R3, O=Let's Encrypt, C=US	CN=ISRG Root X1, O=Internet Security Research Group, C=US	Fri Sep 04 02:00:00 CEST 2020	Mon Sep 15 18:00:00 CEST 2025
					CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Wed Jan 20 20:14:03 CET 2021	Mon Sep 30 20:14:03 CEST 2024
May 27, 2021 12:18:55.109158039 CEST	185.216.78.150	443	192.168.2.4	49735	CN=dickinsonsolicitors.co.uk CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Tue May 18 11:26:13 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021	Mon Aug 16 11:26:13 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=R3, O=Let's Encrypt, C=US	CN=ISRG Root X1, O=Internet Security Research Group, C=US	Fri Sep 04 02:00:00 CEST 2020	Mon Sep 15 18:00:00 CEST 2025
					CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Wed Jan 20 20:14:03 CET 2021	Mon Sep 30 20:14:03 CEST 2024
May 27, 2021 12:18:56.279680967 CEST	23.111.9.35	443	192.168.2.4	49740	CN=*.fontawesome.com, O=Fonticons Inc, L=Bentonville, ST=Arkansas, C=US CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 13 01:00:00 CET 2020 Thu Sep 24 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006	Wed Dec 15 00:59:59 CET 2021 Tue Sep 24 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Sep 24 02:00:00 CEST 2020	Tue Sep 24 01:59:59 CEST 2030
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
May 27, 2021 12:18:56.317358017 CEST	23.111.9.35	443	192.168.2.4	49738	CN=*.fontawesome.com, O=Fonticons Inc, L=Bentonville, ST=Arkansas, C=US CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 13 01:00:00 CET 2020 Thu Sep 24 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006	Wed Dec 15 00:59:59 CET 2021 Tue Sep 24 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Sep 24 02:00:00 CEST 2020	Tue Sep 24 01:59:59 CEST 2030
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
May 27, 2021 12:18:56.632200956 CEST	104.18.11.207	443	192.168.2.4	49749	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Mar 01 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Tue Mar 01 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 27, 2021 12:18:56.632200956 CEST	104.18.11.207	443	192.168.2.4	49749	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
May 27, 2021 12:18:56.635560989 CEST	104.18.11.207	443	192.168.2.4	49748	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Mar 01 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Tue Mar 01 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
May 27, 2021 12:18:56.635560989 CEST	104.18.11.207	443	192.168.2.4	49748	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
May 27, 2021 12:19:11.475298882 CEST	185.216.78.150	443	192.168.2.4	49774	CN=dickinsonsolicitors.co.uk CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Tue May 18 11:26:13 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021	Mon Aug 16 11:26:13 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=R3, O=Let's Encrypt, C=US	CN=ISRG Root X1, O=Internet Security Research Group, C=US	Fri Sep 04 02:00:00 CEST 2020	Mon Sep 15 18:00:00 CEST 2025
					CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Wed Jan 20 20:14:03 CET 2021	Mon Sep 30 20:14:03 CEST 2024
May 27, 2021 12:19:33.902995110 CEST	216.58.207.130	443	192.168.2.4	49788	CN=*.g.doubleclick.net CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US	CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Mon May 03 11:01:23 CEST 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020	Mon Jul 26 11:01:22 CEST 2021 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=GTS CA 1C3, O=Google Trust Services LLC, C=US	CN=GTS Root R1, O=Google Trust Services LLC, C=US	Thu Aug 13 02:00:42 CEST 2020	Thu Sep 30 02:00:42 CEST 2027
					CN=GTS Root R1, O=Google Trust Services LLC, C=US	CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Fri Jun 19 02:00:42 CEST 2020	Fri Jan 28 01:00:42 CET 2028
May 27, 2021 12:19:33.903892994 CEST	216.58.207.130	443	192.168.2.4	49787	CN=*.g.doubleclick.net CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US	CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Mon May 03 11:01:23 CEST 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020	Mon Jul 26 11:01:22 CEST 2021 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=GTS CA 1C3, O=Google Trust Services LLC, C=US	CN=GTS Root R1, O=Google Trust Services LLC, C=US	Thu Aug 13 02:00:42 CEST 2020	Thu Sep 30 02:00:42 CEST 2027
					CN=GTS Root R1, O=Google Trust Services LLC, C=US	CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Fri Jun 19 02:00:42 CEST 2020	Fri Jan 28 01:00:42 CET 2028
May 27, 2021 12:20:11.567326069 CEST	142.250.185.65	443	192.168.2.4	49801	CN=*.googleusercontent.com CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US	CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Mon May 03 12:24:22 CEST 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020	Mon Jul 26 12:24:21 CEST 2021 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=GTS CA 1C3, O=Google Trust Services LLC, C=US	CN=GTS Root R1, O=Google Trust Services LLC, C=US	Thu Aug 13 02:00:42 CEST 2020	Thu Sep 30 02:00:42 CEST 2027
					CN=GTS Root R1, O=Google Trust Services LLC, C=US	CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Fri Jun 19 02:00:42 CEST 2020	Fri Jan 28 01:00:42 CET 2028
May 27, 2021 12:20:11.568861961 CEST	142.250.185.65	443	192.168.2.4	49802	CN=*.googleusercontent.com CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US	CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Mon May 03 12:24:22 CEST 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020	Mon Jul 26 12:24:21 CEST 2021 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=GTS CA 1C3, O=Google Trust Services LLC, C=US	CN=GTS Root R1, O=Google Trust Services LLC, C=US	Thu Aug 13 02:00:42 CEST 2020	Thu Sep 30 02:00:42 CEST 2027
					CN=GTS Root R1, O=Google Trust Services LLC, C=US	CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Fri Jun 19 02:00:42 CEST 2020	Fri Jan 28 01:00:42 CET 2028
May 27, 2021 12:20:11.618895054 CEST	172.217.22.246	443	192.168.2.4	49803	CN=edgestatic.com CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US	CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Mon May 03 11:00:32 CEST 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020	Mon Jul 26 11:00:31 CEST 2021 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=GTS CA 1C3, O=Google Trust Services LLC, C=US	CN=GTS Root R1, O=Google Trust Services LLC, C=US	Thu Aug 13 02:00:42 CEST 2020	Thu Sep 30 02:00:42 CEST 2027
					CN=GTS Root R1, O=Google Trust Services LLC, C=US	CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Fri Jun 19 02:00:42 CEST 2020	Fri Jan 28 01:00:42 CET 2028
May 27, 2021 12:20:11.625742912 CEST	172.217.22.246	443	192.168.2.4	49804	CN=edgestatic.com CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US	CN=GTS CA 1C3, O=Google Trust Services LLC, C=US CN=GTS Root R1, O=Google Trust Services LLC, C=US CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Mon May 03 11:00:32 CEST 2021 Thu Aug 13 02:00:42 CEST 2020 Fri Jun 19 02:00:42 CEST 2020	Mon Jul 26 11:00:31 CEST 2021 Thu Sep 30 02:00:42 CEST 2027 Fri Jan 28 01:00:42 CET 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=GTS CA 1C3, O=Google Trust Services LLC, C=US	CN=GTS Root R1, O=Google Trust Services LLC, C=US	Thu Aug 13 02:00:42 CEST 2020	Thu Sep 30 02:00:42 CEST 2027
					CN=GTS Root R1, O=Google Trust Services LLC, C=US	CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE	Fri Jun 19 02:00:42 CEST 2020	Fri Jan 28 01:00:42 CET 2028

Code Manipulations

Statistics

Behavior

Click to jump to process

System Behavior

Analysis Process: iexplore.exe PID: 6824 Parent PID: 800

General

Start time:	12:18:53
Start date:	27/05/2021
Path:	C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Imagebase:	0x7ff737010000
File size:	823560 bytes
MD5 hash:	6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Analysis Process: iexplore.exe PID: 6912 Parent PID: 6824

General

Start time:	12:18:54
Start date:	27/05/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6824 CREDAT:17410 /prefetch:2
Imagebase:	0x290000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report https://www.dickinsonsolicitors.co.uk/coronavirus-covid-19-notice-june-2020/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Overview

Sigma Overview

Signature Overview

Compliance:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTPS Packets

Code Manipulations

Statistics

Behavior

System Behavior

Analysis Process: iexplore.exe PID: 6824 Parent PID: 800

General

Analysis Process: iexplore.exe PID: 6912 Parent PID: 6824

General

Disassembly