Play interactive tour

Edit tour

Analysis Report https://spark.adobe.com/page/QbyXJuM93yIVE/

Overview

General Information

Sample URL:	https://spark.adobe.com/page/QbyXJuM93yIVE/
Analysis ID:	433445
Infos:
Most interesting Screenshot:

Detection

HTMLPhisher

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Yara detected HtmlPhish10

Phishing site detected (based on image similarity)

Phishing site detected (based on logo template match)

HTML body contains low number of good links

HTML title does not match URL

Invalid T&C link found

Classification

Process Tree

System is w10x64

iexplore.exe (PID: 5348 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 1396 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5348 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

Dropped Files

Source	Rule	Description	Author	Strings
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\index[1].htm	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Antivirus / Scanner detection for submitted sample

Show sources

Source: https://spark.adobe.com/page/QbyXJuM93yIVE/

SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering

Antivirus detection for URL or domain

Show sources

Source: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html

SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

Yara detected HtmlPhish10

Show sources

Source: Yara match	File source: 302494.2.links.csv, type: HTML
Source: Yara match	File source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\index[1].htm, type: DROPPED

Phishing site detected (based on image similarity)

Show sources

Source: https://s3.amazonaws.com/simbla-static-2/2021/03/5f62058623af52001def0028/5f6206ef6b7cb60019717fbd/dyhfi-5aMVYr0pY-U3mFXQJG.svg

Matcher: Found strong image similarity, brand: Microsoft

Jump to dropped file

Phishing site detected (based on logo template match)

Show sources

Source: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html

Matcher: Template: microsoft matched

Source: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html	HTTP Parser: Number of links: 0
Source: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html	HTTP Parser: Number of links: 0

Source: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html	HTTP Parser: Title: Login does not match URL
Source: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html	HTTP Parser: Title: Login does not match URL
Source: https://spark.adobe.com/page/QbyXJuM93yIVE/	HTTP Parser: Title: Xinia Rodrguez Hernndez, comparti un archivo contigo de forma segura. does not match URL
Source: https://spark.adobe.com/page/QbyXJuM93yIVE/	HTTP Parser: Title: Xinia Rodrguez Hernndez, comparti un archivo contigo de forma segura. does not match URL
Source: https://spark.adobe.com/page/QbyXJuM93yIVE/	HTTP Parser: Title: Xinia Rodrguez Hernndez, comparti un archivo contigo de forma segura. does not match URL
Source: https://spark.adobe.com/page/QbyXJuM93yIVE/	HTTP Parser: Title: Xinia Rodrguez Hernndez, comparti un archivo contigo de forma segura. does not match URL

Source: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html	HTTP Parser: Invalid link: Privacy & cookies
Source: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html	HTTP Parser: Invalid link: Privacy & cookies

Source: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html	HTTP Parser: No <meta name="author".. found
Source: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html	HTTP Parser: No <meta name="author".. found
Source: https://spark.adobe.com/page/QbyXJuM93yIVE/	HTTP Parser: No <meta name="author".. found
Source: https://spark.adobe.com/page/QbyXJuM93yIVE/	HTTP Parser: No <meta name="author".. found
Source: https://spark.adobe.com/page/QbyXJuM93yIVE/	HTTP Parser: No <meta name="author".. found
Source: https://spark.adobe.com/page/QbyXJuM93yIVE/	HTTP Parser: No <meta name="author".. found

Source: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html	HTTP Parser: No <meta name="copyright".. found
Source: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html	HTTP Parser: No <meta name="copyright".. found
Source: https://spark.adobe.com/page/QbyXJuM93yIVE/	HTTP Parser: No <meta name="copyright".. found
Source: https://spark.adobe.com/page/QbyXJuM93yIVE/	HTTP Parser: No <meta name="copyright".. found
Source: https://spark.adobe.com/page/QbyXJuM93yIVE/	HTTP Parser: No <meta name="copyright".. found
Source: https://spark.adobe.com/page/QbyXJuM93yIVE/	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Source: unknown	HTTPS traffic detected: 143.204.209.124:443 -> 192.168.2.3:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 143.204.209.124:443 -> 192.168.2.3:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.64:443 -> 192.168.2.3:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.64:443 -> 192.168.2.3:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.64:443 -> 192.168.2.3:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.64:443 -> 192.168.2.3:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.64:443 -> 192.168.2.3:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.217.36.38:443 -> 192.168.2.3:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.217.36.38:443 -> 192.168.2.3:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.64:443 -> 192.168.2.3:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.241.69.226:443 -> 192.168.2.3:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.241.69.226:443 -> 192.168.2.3:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.3:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.3:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.111.9.35:443 -> 192.168.2.3:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.111.9.35:443 -> 192.168.2.3:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.217.36.38:443 -> 192.168.2.3:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.217.36.38:443 -> 192.168.2.3:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.149.64:443 -> 192.168.2.3:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.149.64:443 -> 192.168.2.3:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.250.252.43:443 -> 192.168.2.3:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.250.252.43:443 -> 192.168.2.3:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.3:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.3:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.188.95.229:443 -> 192.168.2.3:49769 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.188.95.229:443 -> 192.168.2.3:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.16.66:443 -> 192.168.2.3:49771 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.16.66:443 -> 192.168.2.3:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 18.203.205.32:443 -> 192.168.2.3:49773 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.248.139.119:443 -> 192.168.2.3:49776 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 63.32.113.5:443 -> 192.168.2.3:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 63.32.113.5:443 -> 192.168.2.3:49777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.236.176.210:443 -> 192.168.2.3:49781 version: TLS 1.2

Source: unsupported[1].htm.3.dr	String found in binary or memory: <a href="https://www.facebook.com/AdobeSpark" target="_blank" data-analytics-context="footer" data-type="facebook" equals www.facebook.com (Facebook)
Source: scripts[2].js.3.dr	String found in binary or memory: if ($a.href.startsWith('https://www.facebook.')) { equals www.facebook.com (Facebook)
Source: scripts[2].js.3.dr	String found in binary or memory: if ($a.href.startsWith('https://www.linkedin.com')) { equals www.linkedin.com (Linkedin)
Source: scripts[2].js.3.dr	String found in binary or memory: if ($a.href.startsWith('https://www.youtube.com')) { equals www.youtube.com (Youtube)
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: <a id="gnav_1285" href="https://www.facebook.com/adobe" class="feds-navLink" target="_blank" data-feds-action="none" data-feds-element="link" daa-ll="Facebook-1"> equals www.facebook.com (Facebook)
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: <a id="gnav_1295" href="https://www.linkedin.com/company/adobe" class="feds-navLink" target="_blank" data-feds-action="none" data-feds-element="link" daa-ll="LinkedIn-3"> equals www.linkedin.com (Linkedin)
Source: RCe6dc2e9778374db3a379eac1ca59177c-file.min[1].js.3.dr	String found in binary or memory: var w_sp=_satellite,loadScript=w_sp._loadScript;w_sp._loadFBScript=function(){var a,e,t,n,o,i,c;a=window,e=document,t="script",n="https://connect.facebook.net/en_US/fbevents.js",a.fbq\|\|(o=a.fbq=function(){o.callMethod?o.callMethod.apply(o,arguments):o.queue.push(arguments)},a._fbq\|\|(a._fbq=o),(o.push=o).loaded=!0,o.version="2.0",o.queue=[],(i=e.createElement(t)).async=!0,i.src=n,(c=e.getElementsByTagName(t)[0]).parentNode.insertBefore(i,c))},w_sp._loadGtag=function(e,t){loadScript("//www.googletagmanager.com/gtag/js?id="+e,function(){function a(){gTagdataLayer.push(arguments)}window.gTagdataLayer=window.dataLayer\|\|[],a("js",new Date),a("config",e),t&&(a("config","AW-1004494713"),a("config","AW-983956512"),a("config","AW-951622910"))})};var uuid=w_sp.cookie.get("aam_uuid")\|\|"";digitalData._set("digitalData.adobe.experienceCloud.audienceManager","uuid"),w_sp.track("trackConsent"); equals www.facebook.com (Facebook)

Source: unknown

DNS traffic detected: queries for: page.adobespark-assets.com

Source: aksb.min[1].js.3.dr	String found in binary or memory: http://code.google.com/p/episodes/
Source: m-unsupported-88cd3215[1].js.3.dr	String found in binary or memory: http://feross.org
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: http://github.com/janl/mustache.js
Source: publish.combined.fp-67aad4c89568b23c662905b8b4fd16bd[1].js.3.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: http://jquery.org/license
Source: chrome[1].js.3.dr	String found in binary or memory: http://mathiasbynens.be/demo/url-regex
Source: m-unsupported-88cd3215[1].js.3.dr	String found in binary or memory: http://medialize.github.io/URI.js/
Source: popper.min[1].js.3.dr	String found in binary or memory: http://opensource.org/licenses/MIT).
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000000000ffd9
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000132df
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000132e1
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000132e3
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d3
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d4
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d6
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d7
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d8
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d9
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000000001705b
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000176ff
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/000000000000000000017701
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/000000000000000000017703
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/000000000000000000017706
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: http://typekit.com/eulas/000000000000000000017709
Source: pps7abe[1].css0.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9aee45
Source: pps7abe[1].css0.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9aee47
Source: onz5gap[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3068
Source: pps7abe[1].css0.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f83
Source: pps7abe[1].css0.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f84
Source: pps7abe[1].css0.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f85
Source: pps7abe[1].css0.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f86
Source: pps7abe[1].css0.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f88
Source: onz5gap[1].js.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f8a
Source: pps7abe[1].css0.3.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f8c
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: http://underscorejs.org/LICENSE
Source: scripts[2].js.3.dr, marvelcommon-51100480[1].js.3.dr, aksb.min[1].js.3.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chrome[1].js.3.dr	String found in binary or memory: http://www.iport.it)
Source: m-unsupported-88cd3215[1].js.3.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.html
Source: imagestore.dat.3.dr	String found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Source: imagestore.dat.3.dr	String found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~
Source: imagestore.dat.3.dr	String found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(
Source: RC881683c91a4d4caaa3e05264c5d96242-file.min[1].js.3.dr	String found in binary or memory: https://ade0164.d41.co/sync/
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: https://adobesearch.adobe.io/autocomplete/completions
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://adobespark.uservoice.com
Source: en-US_bundle-6a358124[1].js.3.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/articles/218956027
Source: en-US_bundle-6a358124[1].js.3.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/articles/219243657
Source: en-US_bundle-6a358124[1].js.3.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/articles/219243657-Can-students-use-Adobe-Spark-
Source: login[1].htm0.3.dr, unsupported[1].htm.3.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/categories/202688167-Adobe-Spark
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/requests/new
Source: resume[1].htm.3.dr	String found in binary or memory: https://adobesparkpost.app.link/8n80l2HauZ
Source: logo[1].htm.3.dr	String found in binary or memory: https://adobesparkpost.app.link/g8sk4xb8AV
Source: express[1].htm.3.dr	String found in binary or memory: https://adobesparkpost.app.link/jsoIbkwCVeb
Source: express[1].htm.3.dr	String found in binary or memory: https://adobesparkpost.app.link/nfQW2NoCVeb
Source: index[1].htm.3.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: https://apps.apple.com/sg/app/adobe-creative-cloud/id852473028
Source: express[1].htm.3.dr	String found in binary or memory: https://apps.apple.com/us/app/adobe-spark-post-create-stunning/id1051937863
Source: login[1].htm0.3.dr	String found in binary or memory: https://assets.adobedtm.com
Source: RC036830be72f242959c7b9ca66cef0c85-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC036830be72f242959c7b9ca66cef0c8
Source: RC1a4f9c4f0d8a4bba917d5412b0c552b7-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC1a4f9c4f0d8a4bba917d5412b0c552b
Source: RC5e5d1b9fe0a942c38190dc2199529941-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC5e5d1b9fe0a942c38190dc219952994
Source: RC6f46e43fa6d44dbeb45cc5801ffded0e-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC6f46e43fa6d44dbeb45cc5801ffded0
Source: RC79efbb271cf948cfab38a46c3c4c4786-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC79efbb271cf948cfab38a46c3c4c478
Source: RC7ef3b955b7e947769bff08d7ce2a0937-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC7ef3b955b7e947769bff08d7ce2a093
Source: RC881683c91a4d4caaa3e05264c5d96242-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC881683c91a4d4caaa3e05264c5d9624
Source: RC89c6d3bd15f043db95a5a0a4b5cc9da0-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC89c6d3bd15f043db95a5a0a4b5cc9da
Source: RCa8534599c5d1425b9b1fceaf046699bf-source.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RCa8534599c5d1425b9b1fceaf046699b
Source: RCbb47518ad08d43699044c6ef46f39ebb-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RCbb47518ad08d43699044c6ef46f39eb
Source: RCe6dc2e9778374db3a379eac1ca59177c-file.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RCe6dc2e9778374db3a379eac1ca59177
Source: launch-EN919758db9a654a17bac7d184b99c4820.min[1].js.3.dr	String found in binary or memory: https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.js
Source: scripts[2].js.3.dr	String found in binary or memory: https://blog.adobespark.com/
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=378607
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=449857
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=470258
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=589347
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.jquery.com/ticket/12359
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.jquery.com/ticket/13378
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=137337
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: https://cc-collab.adobe.io/profile
Source: login[1].htm0.3.dr	String found in binary or memory: https://cdn.cookielaw.org
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Source: 7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.3.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/googleData.json
Source: 7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.3.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iab2Data.json
Source: 7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.3.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iabData.json
Source: index[1].htm.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Source: index[1].htm.3.dr	String found in binary or memory: https://code.jquery.com/jquery-3.1.1.min.js
Source: index[1].htm.3.dr	String found in binary or memory: https://code.jquery.com/jquery-3.2.1.slim.min.js
Source: index[1].htm.3.dr	String found in binary or memory: https://code.jquery.com/jquery-3.3.1.js
Source: RCe6dc2e9778374db3a379eac1ca59177c-file.min[1].js.3.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: en[1].js.3.dr	String found in binary or memory: https://developer.akamai.com/tools/boomerang#mpulse-session-information
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: headIE.fp-f9e44dbeef5252f4d02c4ed9c4b6a618[1].js.3.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/NodeList/forEach
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#resolved-values
Source: publish.combined.fp-67aad4c89568b23c662905b8b4fd16bd[1].js.3.dr	String found in binary or memory: https://fb.me/react-polyfills
Source: m-unsupported-88cd3215[1].js.3.dr	String found in binary or memory: https://feross.org
Source: m-unsupported-88cd3215[1].js.3.dr	String found in binary or memory: https://feross.org/opensource
Source: all[1].css.3.dr	String found in binary or memory: https://fontawesome.com
Source: all[1].css.3.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: index[1].htm.3.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Archivo
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/archivonarrow/v12/tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXo.woff)
Source: 7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.3.dr	String found in binary or memory: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Source: bootstrap.min[1].css.3.dr, bootstrap.min[1].js.3.dr	String found in binary or memory: https://getbootstrap.com)
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://github.com/eslint/eslint/issues/3229
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://github.com/eslint/eslint/issues/6125
Source: head.fp-00a38324dab316803fdc74cba4ad7ab9[1].js.3.dr	String found in binary or memory: https://github.com/focus-trap/focus-trap/blob/master/LICENSE
Source: head.fp-00a38324dab316803fdc74cba4ad7ab9[1].js.3.dr	String found in binary or memory: https://github.com/focus-trap/tabbable/blob/master/LICENSE
Source: chrome[1].js.3.dr	String found in binary or memory: https://github.com/janl/mustache.js/issues/186
Source: chrome[1].js.3.dr	String found in binary or memory: https://github.com/janl/mustache.js/issues/189
Source: chrome[1].js.3.dr	String found in binary or memory: https://github.com/janl/mustache.js/issues/244
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: https://github.com/kriskowal/q/blob/v1/LICENSE
Source: bootstrap.min[1].css.3.dr, bootstrap.min[1].js.3.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: bootstrap.min[1].js.3.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#category-listed
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-option-disabled
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-enabled
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
Source: {683BBEE3-CB31-11EB-90E4-ECF4BB862DED}.dat.2.dr	String found in binary or memory: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html
Source: ~DFC4A1A4D0DCF200B3.TMP.2.dr	String found in binary or memory: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html?asset_id=4
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace
Source: chrome[1].js.3.dr	String found in binary or memory: https://issues.apache.org/jira/browse/COUCHDB-577
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://jquery.com/
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://jquery.org/license
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://jsperf.com/getall-vs-sizzle/2
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://jsperf.com/thor-indexof-vs-for/5
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: https://lodash.com/
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: https://lodash.com/license
Source: index[1].htm.3.dr	String found in binary or memory: https://login.microsoftonline.com/
Source: index[1].htm.3.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Source: index[1].htm.3.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.
Source: marvelcommon-51100480[1].js.3.dr	String found in binary or memory: https://openjsf.org/
Source: en-US_bundle-6a358124[1].js.3.dr	String found in binary or memory: https://opsparc.gsfc.nasa.gov/?sdid=MC95SNMJ&mv=social
Source: rbi5aua[1].js0.3.dr, vtg4qoo[1].js0.3.dr, onz5gap[1].js.3.dr	String found in binary or memory: https://p.typekit.net/p.gif
Source: RCbb47518ad08d43699044c6ef46f39ebb-file.min[1].js.3.dr	String found in binary or memory: https://p13n-stage.adobe.io/psdk/v2/content
Source: RCbb47518ad08d43699044c6ef46f39ebb-file.min[1].js.3.dr	String found in binary or memory: https://p13n.adobe.io/psdk/v2/content
Source: QbyXJuM93yIVE[2].htm.3.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/base-fonts.gz.js
Source: QbyXJuM93yIVE[2].htm.3.dr, imagestore.dat.3.dr, ~DFC4A1A4D0DCF200B3.TMP.2.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/images/favicon.ico
Source: QbyXJuM93yIVE[2].htm.3.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/noscript.gz.css
Source: QbyXJuM93yIVE[2].htm.3.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/runtime-prod.gz.js
Source: QbyXJuM93yIVE[2].htm.3.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/runtime.gz.css
Source: QbyXJuM93yIVE[2].htm.3.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/themes/crisp-fonts.gz.js
Source: QbyXJuM93yIVE[2].htm.3.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/typekit-load.gz.js
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=com.adobe.cc
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: https://prod.adobeccstatic.com/appl/latest/AppLauncher.css
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: https://prod.adobeccstatic.com/appl/latest/AppLauncher.js
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-48
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-54
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-57
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-59
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-61
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-64
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://promisesaplus.com/#point-75
Source: publish.combined.fp-67aad4c89568b23c662905b8b4fd16bd[1].js.3.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: index[1].htm.3.dr	String found in binary or memory: https://s3.amazonaws.com/simbla-static-2/2021/03/5f62058623af52001def0028/5f6206ef6b7cb60019717fbd/9
Source: index[1].htm.3.dr	String found in binary or memory: https://s3.amazonaws.com/simbla-static-2/2021/03/5f62058623af52001def0028/5f6206ef6b7cb60019717fbd/d
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://sizzlejs.com/
Source: {683BBEE3-CB31-11EB-90E4-ECF4BB862DED}.dat.2.dr	String found in binary or memory: https://spark.adobe.co
Source: login[1].htm0.3.dr	String found in binary or memory: https://static.adobelogin.com/imslib/imslib.min.js
Source: privacy[1].htm0.3.dr	String found in binary or memory: https://static.adobelogin.com/imslib/imslib.min.js
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://support.apple.com/downloads/safari
Source: scripts[2].js.3.dr	String found in binary or memory: https://twitter.com
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: https://twitter.com/Adobe
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://twitter.com/AdobeSpark
Source: index[1].htm.3.dr	String found in binary or memory: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Source: onz5gap[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/180c9d/00000000000000003b9b3f8a/27/
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/1da05b/0000000000000000000132df/27/
Source: onz5gap[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/3d913c/000000000000000000017709/26/
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/40207f/0000000000000000000176ff/27/
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/4b3e87/000000000000000000017706/27/
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/6c57c4/0000000000000000000158d6/26/
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/74fc30/0000000000000000000158d4/26/
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/8f4e31/0000000000000000000132e3/27/
Source: onz5gap[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/
Source: onz5gap[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: scripts[2].js.3.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/9951d2/0000000000000000000158d7/26/
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/9d1933/00000000000000000001705b/26/
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/a0c22f/00000000000000003b9b3f84/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/a0c22f/00000000000000003b9b3f84/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/a0c22f/00000000000000003b9b3f84/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/aa41d0/00000000000000003b9b3f86/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/aa41d0/00000000000000003b9b3f86/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/aa41d0/00000000000000003b9b3f86/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: scripts[2].js.3.dr	String found in binary or memory: https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8
Source: onz5gap[1].js.3.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: scripts[2].js.3.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/cb695f/000000000000000000017701/27/
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/d5d9b2/00000000000000000000ffd9/26/
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/d8f71f/0000000000000000000132e1/27/
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/e030d3/0000000000000000000158d3/26/
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/e09494/00000000000000003b9aee45/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/e09494/00000000000000003b9aee45/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css0.3.dr	String found in binary or memory: https://use.typekit.net/af/e09494/00000000000000003b9aee45/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: vtg4qoo[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/eaf09c/000000000000000000017703/27/
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/edcf1e/0000000000000000000158d9/26/
Source: rbi5aua[1].js0.3.dr	String found in binary or memory: https://use.typekit.net/af/fe9c8e/0000000000000000000158d8/26/
Source: privacy[1].htm0.3.dr	String found in binary or memory: https://use.typekit.net/pps7abe.css
Source: login[1].htm0.3.dr	String found in binary or memory: https://use.typekit.net/vtg4qoo.css
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://use.typekit.net/vtg4qoo.js
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: jquery-3.3.1[1].js.3.dr	String found in binary or memory: https://web.archive.org/web/20141116233347/http://fluidproject.org/blog/2008/01/09/getting-setting-a
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: https://www.adobe.io/
Source: RC1a4f9c4f0d8a4bba917d5412b0c552b7-file.min[1].js.3.dr	String found in binary or memory: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Source: scripts[2].js.3.dr	String found in binary or memory: https://www.facebook.
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://www.google.com/chrome/browser/desktop/index.html
Source: chrome[1].js.3.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?
Source: scripts[2].js.3.dr	String found in binary or memory: https://www.instagram.com
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://www.instagram.com/AdobeSpark
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: https://www.instagram.com/adobe/
Source: scripts[2].js.3.dr	String found in binary or memory: https://www.linkedin.com
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: https://www.linkedin.com/company/adobe
Source: unsupported[1].htm.3.dr	String found in binary or memory: https://www.mozilla.org/firefox
Source: scripts[2].js.3.dr	String found in binary or memory: https://www.pinterest.
Source: www.adobe.com[1].htm0.3.dr	String found in binary or memory: https://www.workfront.com/
Source: scripts[2].js.3.dr	String found in binary or memory: https://www.youtube.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: unknown	HTTPS traffic detected: 143.204.209.124:443 -> 192.168.2.3:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 143.204.209.124:443 -> 192.168.2.3:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.64:443 -> 192.168.2.3:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.64:443 -> 192.168.2.3:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.64:443 -> 192.168.2.3:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.64:443 -> 192.168.2.3:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.64:443 -> 192.168.2.3:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.217.36.38:443 -> 192.168.2.3:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.217.36.38:443 -> 192.168.2.3:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.9.66.64:443 -> 192.168.2.3:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.241.69.226:443 -> 192.168.2.3:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.241.69.226:443 -> 192.168.2.3:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.3:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.3:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.111.9.35:443 -> 192.168.2.3:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.111.9.35:443 -> 192.168.2.3:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.3:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.217.36.38:443 -> 192.168.2.3:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.217.36.38:443 -> 192.168.2.3:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.3:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.149.64:443 -> 192.168.2.3:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.149.64:443 -> 192.168.2.3:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.250.252.43:443 -> 192.168.2.3:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.250.252.43:443 -> 192.168.2.3:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.3:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.3:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.188.95.229:443 -> 192.168.2.3:49769 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.188.95.229:443 -> 192.168.2.3:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.16.66:443 -> 192.168.2.3:49771 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.16.66:443 -> 192.168.2.3:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 18.203.205.32:443 -> 192.168.2.3:49773 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.248.139.119:443 -> 192.168.2.3:49776 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 63.32.113.5:443 -> 192.168.2.3:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 63.32.113.5:443 -> 192.168.2.3:49777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.236.176.210:443 -> 192.168.2.3:49781 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.win@3/252@20/17

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF1BB40EF508D5D8DB.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5348 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5348 CREDAT:17410 /prefetch:2

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Source: Contact_72px_lt-gray[1].svg.3.dr	Binary or memory string: NEIBESjjzwKWaQEmuhbGgACFWDKdB5OZZSX+agjjkcZegD1y0h+ELA7oCf9h2TzH5Lk87RNpJWUz
Source: LawEnforcement_72px_lt-gray[1].svg.3.dr	Binary or memory string: 4RfwbOThACGyTEZ5moRPrV2QweL6BvvMQAZIZXEdT2O5NEPgUsRJGSwFUuYlgyhgfSp3NY2hgKUv
Source: Policies_72px_lt-gray[1].svg.3.dr	Binary or memory string: 4tB1EVplopO2rztHQjrQqeMUbUqdlUYbWkVkAS0rzSFGk5qfcFFaK8X2oKw7N1FayNdH7BQ+Tst9

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	Security Software Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	File and Directory Discovery1	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://spark.adobe.com/page/QbyXJuM93yIVE/	1%	Virustotal		Browse
https://spark.adobe.com/page/QbyXJuM93yIVE/	0%	Avira URL Cloud	safe
https://spark.adobe.com/page/QbyXJuM93yIVE/	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

Source	Detection	Scanner	Link
cs1100.wpc.omegacdn.net	0%	Virustotal	Browse
adobelogin-origin.prod.ims.adobejanus.com	0%	Virustotal	Browse
services.prod.ims.adobejanus.com	0%	Virustotal	Browse
imagesosweetphotography.com	3%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label
https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering
https://page.adobespark-assets.com/runtime/1.22/typekit-load.gz.js	0%	URL Reputation	safe
https://page.adobespark-assets.com/runtime/1.22/typekit-load.gz.js	0%	URL Reputation	safe
https://page.adobespark-assets.com/runtime/1.22/typekit-load.gz.js	0%	URL Reputation	safe
https://openjsf.org/	0%	URL Reputation	safe
https://openjsf.org/	0%	URL Reputation	safe
https://openjsf.org/	0%	URL Reputation	safe
https://ade0164.d41.co/sync/	0%	URL Reputation	safe
https://ade0164.d41.co/sync/	0%	URL Reputation	safe
https://ade0164.d41.co/sync/	0%	URL Reputation	safe
https://page.adobespark-assets.com/runtime/1.22/images/favicon.ico	0%	URL Reputation	safe
https://page.adobespark-assets.com/runtime/1.22/images/favicon.ico	0%	URL Reputation	safe
https://page.adobespark-assets.com/runtime/1.22/images/favicon.ico	0%	URL Reputation	safe
http://www.iport.it)	0%	Avira URL Cloud	safe
https://page.adobespark-assets.com/runtime/1.22/runtime-prod.gz.js	0%	URL Reputation	safe
https://page.adobespark-assets.com/runtime/1.22/runtime-prod.gz.js	0%	URL Reputation	safe
https://page.adobespark-assets.com/runtime/1.22/runtime-prod.gz.js	0%	URL Reputation	safe
https://prod.adobeccstatic.com/appl/latest/AppLauncher.css	0%	URL Reputation	safe
https://prod.adobeccstatic.com/appl/latest/AppLauncher.css	0%	URL Reputation	safe
https://prod.adobeccstatic.com/appl/latest/AppLauncher.css	0%	URL Reputation	safe
https://promisesaplus.com/#point-59	0%	URL Reputation	safe
https://promisesaplus.com/#point-59	0%	URL Reputation	safe
https://promisesaplus.com/#point-59	0%	URL Reputation	safe
https://promisesaplus.com/#point-57	0%	URL Reputation	safe
https://promisesaplus.com/#point-57	0%	URL Reputation	safe
https://promisesaplus.com/#point-57	0%	URL Reputation	safe
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(	0%	URL Reputation	safe
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(	0%	URL Reputation	safe
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(	0%	URL Reputation	safe
https://promisesaplus.com/#point-54	0%	URL Reputation	safe
https://promisesaplus.com/#point-54	0%	URL Reputation	safe
https://promisesaplus.com/#point-54	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
dd20fzx9mj46f.cloudfront.net	13.32.16.66	true	false		high
cs1100.wpc.omegacdn.net	152.199.23.37	true	false	0%, Virustotal, Browse	unknown
adobelogin-origin.prod.ims.adobejanus.com	63.32.113.5	true	false	0%, Virustotal, Browse	unknown
services.prod.ims.adobejanus.com	34.248.139.119	true	false	0%, Virustotal, Browse	unknown
maxcdn.bootstrapcdn.com	104.18.11.207	true	false		high
fontawesome-cdn.fonticons.netdna-cdn.com	23.111.9.35	true	false		high
dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com	3.250.252.43	true	false		high
imagesosweetphotography.com	162.241.69.226	true	false	3%, Virustotal, Browse	unknown
spark.adobeprojectm.com	143.204.209.124	true	false		unknown
s3.amazonaws.com	52.217.36.38	true	false		high
cdnjs.cloudflare.com	104.16.18.94	true	false		high
adobe.com.ssl.d1.sc.omtrdc.net	15.188.95.229	true	false		unknown
demdex.net.ssl.sc.omtrdc.net	15.236.176.210	true	false		unknown
adobe.tt.omtrdc.net	18.203.205.32	true	false		unknown
page.adobespark-assets.com	65.9.66.64	true	false		unknown
cdn.cookielaw.org	104.16.149.64	true	false		high
geolocation.onetrust.com	104.20.184.68	true	false		high
use.typekit.net	unknown	unknown	false		high
ims-na1.adobelogin.com	unknown	unknown	false		high
assets.adobedtm.com	unknown	unknown	false		high
aadcdn.msftauth.net	unknown	unknown	false		unknown
ds-aksb-a.akamaihd.net	unknown	unknown	false		high
use.fontawesome.com	unknown	unknown	false		high
p.typekit.net	unknown	unknown	false		high
code.jquery.com	unknown	unknown	false		high
adobedc.demdex.net	unknown	unknown	false		high
dpm.demdex.net	unknown	unknown	false		high
static.adobelogin.com	unknown	unknown	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://www.linkedin.com	scripts[2].js.3.dr	false		high
https://code.jquery.com/jquery-3.2.1.slim.min.js	index[1].htm.3.dr	false		high
https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC881683c91a4d4caaa3e05264c5d9624	RC881683c91a4d4caaa3e05264c5d96242-file.min[1].js.3.dr	false		high
https://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/	jquery-3.3.1[1].js.3.dr	false		high
https://page.adobespark-assets.com/runtime/1.22/typekit-load.gz.js	QbyXJuM93yIVE[2].htm.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled	jquery-3.3.1[1].js.3.dr	false		high
https://assets.adobedtm.com	login[1].htm0.3.dr	false		high
https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace	jquery-3.3.1[1].js.3.dr	false		high
https://www.youtube.com	scripts[2].js.3.dr	false		high
https://fontawesome.com	all[1].css.3.dr	false		high
https://static.adobelogin.com/imslib/imslib.min.js	privacy[1].htm0.3.dr	false		high
https://www.instagram.com	scripts[2].js.3.dr	false		high
https://github.com/twbs/bootstrap/graphs/contributors)	bootstrap.min[1].js.3.dr	false		high
https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/d?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css0.3.dr	false		high
https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon	jquery-3.3.1[1].js.3.dr	false		high
https://use.typekit.net/af/8f4e31/0000000000000000000132e3/27/	vtg4qoo[1].js0.3.dr	false		high
https://bugzilla.mozilla.org/show_bug.cgi?id=687787	jquery-3.3.1[1].js.3.dr	false		high
https://use.typekit.net/af/e09494/00000000000000003b9aee45/27/l?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css0.3.dr	false		high
https://bugs.chromium.org/p/chromium/issues/detail?id=470258	jquery-3.3.1[1].js.3.dr	false		high
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	index[1].htm.3.dr	false		high
https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/d?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css0.3.dr	false		high
https://openjsf.org/	marvelcommon-51100480[1].js.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://use.typekit.net/af/3d913c/000000000000000000017709/26/	rbi5aua[1].js0.3.dr	false		high
https://ade0164.d41.co/sync/	RC881683c91a4d4caaa3e05264c5d96242-file.min[1].js.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://adobespark.uservoice.com	unsupported[1].htm.3.dr	false		high
https://developer.akamai.com/tools/boomerang#mpulse-session-information	en[1].js.3.dr	false		high
https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/a?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css0.3.dr	false		high
https://use.typekit.net/af/e09494/00000000000000003b9aee45/27/a?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css0.3.dr	false		high
https://use.typekit.net/af/edcf1e/0000000000000000000158d9/26/	rbi5aua[1].js0.3.dr	false		high
https://jsperf.com/getall-vs-sizzle/2	jquery-3.3.1[1].js.3.dr	false		high
https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/d?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css0.3.dr	false		high
https://github.com/kriskowal/q/blob/v1/LICENSE	marvelcommon-51100480[1].js.3.dr	false		high
http://underscorejs.org/LICENSE	marvelcommon-51100480[1].js.3.dr	false		high
https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC89c6d3bd15f043db95a5a0a4b5cc9da	RC89c6d3bd15f043db95a5a0a4b5cc9da0-file.min[1].js.3.dr	false		high
https://jquery.com/	jquery-3.3.1[1].js.3.dr	false		high
https://adobespark.zendesk.com/hc/en-us/articles/219243657	en-US_bundle-6a358124[1].js.3.dr	false		high
https://github.com/twbs/bootstrap/blob/master/LICENSE)	bootstrap.min[1].css.3.dr, bootstrap.min[1].js.3.dr	false		high
https://use.typekit.net/vtg4qoo.css	login[1].htm0.3.dr	false		high
https://adobesparkpost.app.link/nfQW2NoCVeb	express[1].htm.3.dr	false		high
https://sizzlejs.com/	jquery-3.3.1[1].js.3.dr	false		high
https://use.typekit.net/af/9951d2/0000000000000000000158d7/26/	rbi5aua[1].js0.3.dr	false		high
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js	www.adobe.com[1].htm0.3.dr	false		high
https://adobespark.zendesk.com/hc/en-us/articles/218956027	en-US_bundle-6a358124[1].js.3.dr	false		high
https://npms.io/search?q=ponyfill.	marvelcommon-51100480[1].js.3.dr	false		high
https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC5e5d1b9fe0a942c38190dc219952994	RC5e5d1b9fe0a942c38190dc2199529941-file.min[1].js.3.dr	false		high
https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8	scripts[2].js.3.dr	false		high
https://use.typekit.net/af/9d1933/00000000000000000001705b/26/	rbi5aua[1].js0.3.dr	false		high
https://www.linkedin.com/company/adobe	www.adobe.com[1].htm0.3.dr	false		high
https://bugs.jquery.com/ticket/12359	jquery-3.3.1[1].js.3.dr	false		high
https://cdn.cookielaw.org	login[1].htm0.3.dr	false		high
https://twitter.com/Adobe	www.adobe.com[1].htm0.3.dr	false		high
https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8	scripts[2].js.3.dr	false		high
https://fontawesome.com/license/free	all[1].css.3.dr	false		high
https://s3.amazonaws.com/simbla-static-2/2021/03/5f62058623af52001def0028/5f6206ef6b7cb60019717fbd/d	index[1].htm.3.dr	false		high
https://page.adobespark-assets.com/runtime/1.22/images/favicon.ico	QbyXJuM93yIVE[2].htm.3.dr, imagestore.dat.3.dr, ~DFC4A1A4D0DCF200B3.TMP.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://www.iport.it)	chrome[1].js.3.dr	false	Avira URL Cloud: safe	low
http://www.opensource.org/licenses/mit-license.html	marvelcommon-51100480[1].js.3.dr	false		high
https://cdn.cookielaw.org/vendorlist/googleData.json	7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.3.dr	false		high
https://github.com/jquery/jquery/pull/557)	jquery-3.3.1[1].js.3.dr	false		high
https://use.typekit.net/af/180c9d/00000000000000003b9b3f8a/27/	onz5gap[1].js.3.dr	false		high
http://www.opensource.org/licenses/mit-license	m-unsupported-88cd3215[1].js.3.dr	false		high
https://bugs.chromium.org/p/chromium/issues/detail?id=378607	jquery-3.3.1[1].js.3.dr	false		high
http://typekit.com/eulas/00000000000000003b9b3f8a	onz5gap[1].js.3.dr	false		high
http://typekit.com/eulas/00000000000000003b9b3f8c	pps7abe[1].css0.3.dr	false		high
http://typekit.com/eulas/0000000000000000000176ff	vtg4qoo[1].js0.3.dr	false		high
https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC79efbb271cf948cfab38a46c3c4c478	RC79efbb271cf948cfab38a46c3c4c4786-file.min[1].js.3.dr	false		high
https://adobesparkpost.app.link/jsoIbkwCVeb	express[1].htm.3.dr	false		high
https://cdn.cookielaw.org/vendorlist/iab2Data.json	7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.3.dr	false		high
https://use.typekit.net/af/74fc30/0000000000000000000158d4/26/	rbi5aua[1].js0.3.dr	false		high
https://page.adobespark-assets.com/runtime/1.22/runtime-prod.gz.js	QbyXJuM93yIVE[2].htm.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://s3.amazonaws.com/simbla-static-2/2021/03/5f62058623af52001def0028/5f6206ef6b7cb60019717fbd/9	index[1].htm.3.dr	false		high
https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/l?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css0.3.dr	false		high
https://prod.adobeccstatic.com/appl/latest/AppLauncher.css	www.adobe.com[1].htm0.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://use.typekit.net/af/d5d9b2/00000000000000000000ffd9/26/	rbi5aua[1].js0.3.dr	false		high
https://drafts.csswg.org/cssom/#resolved-values	jquery-3.3.1[1].js.3.dr	false		high
https://bugs.chromium.org/p/chromium/issues/detail?id=589347	jquery-3.3.1[1].js.3.dr	false		high
https://twitter.com/AdobeSpark	unsupported[1].htm.3.dr	false		high
https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/l?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css0.3.dr	false		high
https://code.jquery.com/jquery-3.1.1.min.js	index[1].htm.3.dr	false		high
https://use.typekit.net/af/eaf09c/000000000000000000017703/27/	vtg4qoo[1].js0.3.dr	false		high
https://reactjs.org/docs/error-decoder.html?invariant=	publish.combined.fp-67aad4c89568b23c662905b8b4fd16bd[1].js.3.dr	false		high
https://adobesparkpost.app.link/g8sk4xb8AV	logo[1].htm.3.dr	false		high
http://typekit.com/eulas/0000000000000000000158d4	rbi5aua[1].js0.3.dr	false		high
https://html.spec.whatwg.org/multipage/syntax.html#attributes-2	jquery-3.3.1[1].js.3.dr	false		high
http://typekit.com/eulas/0000000000000000000158d3	rbi5aua[1].js0.3.dr	false		high
https://promisesaplus.com/#point-59	jquery-3.3.1[1].js.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://mathiasbynens.be/demo/url-regex	chrome[1].js.3.dr	false		high
https://promisesaplus.com/#point-57	jquery-3.3.1[1].js.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/l?primer=388f68b35a7cbf1ee3543172445c2	pps7abe[1].css0.3.dr	false		high
https://github.com/eslint/eslint/issues/3229	jquery-3.3.1[1].js.3.dr	false		high
https://use.typekit.net/pps7abe.css	privacy[1].htm0.3.dr	false		high
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico~(	imagestore.dat.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://promisesaplus.com/#point-54	jquery-3.3.1[1].js.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://typekit.com/eulas/0000000000000000000158d9	rbi5aua[1].js0.3.dr	false		high
https://code.jquery.com/jquery-3.3.1.js	index[1].htm.3.dr	false		high
http://typekit.com/eulas/0000000000000000000158d8	rbi5aua[1].js0.3.dr	false		high
https://use.typekit.net/af/fe9c8e/0000000000000000000158d8/26/	rbi5aua[1].js0.3.dr	false		high
http://typekit.com/eulas/0000000000000000000158d7	rbi5aua[1].js0.3.dr	false		high
http://typekit.com/eulas/0000000000000000000158d6	rbi5aua[1].js0.3.dr	false		high
https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled	jquery-3.3.1[1].js.3.dr	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
23.111.9.35	fontawesome-cdn.fonticons.netdna-cdn.com	United States	33438	HIGHWINDS2US	false
18.203.205.32	adobe.tt.omtrdc.net	United States	16509	AMAZON-02US	false
52.217.36.38	s3.amazonaws.com	United States	16509	AMAZON-02US	false
15.188.95.229	adobe.com.ssl.d1.sc.omtrdc.net	United States	16509	AMAZON-02US	false
104.20.184.68	geolocation.onetrust.com	United States	13335	CLOUDFLARENETUS	false
63.32.113.5	adobelogin-origin.prod.ims.adobejanus.com	United States	16509	AMAZON-02US	false
104.16.18.94	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
104.18.11.207	maxcdn.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
104.16.149.64	cdn.cookielaw.org	United States	13335	CLOUDFLARENETUS	false
3.250.252.43	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
34.248.139.119	services.prod.ims.adobejanus.com	United States	16509	AMAZON-02US	false
143.204.209.124	spark.adobeprojectm.com	United States	16509	AMAZON-02US	false
13.32.16.66	dd20fzx9mj46f.cloudfront.net	United States	7018	ATT-INTERNET4US	false
65.9.66.64	page.adobespark-assets.com	United States	16509	AMAZON-02US	false
152.199.23.37	cs1100.wpc.omegacdn.net	United States	15133	EDGECASTUS	false
15.236.176.210	demdex.net.ssl.sc.omtrdc.net	United States	16509	AMAZON-02US	false
162.241.69.226	imagesosweetphotography.com	United States	46606	UNIFIEDLAYER-AS-1US	false

General Information

Joe Sandbox Version:	32.0.0 Black Diamond
Analysis ID:	433445
Start date:	11.06.2021
Start time:	20:50:19
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 5m 53s
Hypervisor based Inspection enabled:	false
Report type:	light
Cookbook file name:	browseurl.jbs
Sample URL:	https://spark.adobe.com/page/QbyXJuM93yIVE/
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	25
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal72.phis.win@3/252@20/17
Cookbook Comments:	Adjust boot time Enable AMSI Browsing link: https://spark.adobe.com/page/QbyXJuM93yIVE/?page-mode=static Browsing link: https://spark.adobe.com/page/QbyXJuM93yIVE/images/bcd59be0-d709-488b-984a-26f4b039794a.jpg?asset_id=45a3c176-eaaf-4a47-932b-ff179d0bfafe&img_etag=%2254149f4c8a6730544e57e0f99fa17c62%22&size=1024 Browsing link: https://imagesosweetphotography.com/rnp/Office365_Personal/Office365/PDF/Login/index.html Browsing link: https://spark.adobe.com/page/QbyXJuM93yIVE Browsing link: https://spark.adobe.com/about?r=reader_page_logo Browsing link: https://spark.adobe.com/make/logo-maker?r=reader_page_learnmore Browsing link: https://spark.adobe.com/login?r=reader_page_bumper_createyourown Browsing link: http://www.adobe.com/legal/terms.html Browsing link: http://www.adobe.com/go/privacy Browsing link: https://spark.adobe.com/login?r=reader_page_topbar_createyourown Browsing link: https://spark.adobe.com/templates/resumes/
Warnings:	Show All Exclude process from analysis (whitelisted): taskhostw.exe, MpCmdRun.exe, BackgroundTransferHost.exe, ielowutil.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe, UsoClient.exe TCP Packets have been reduced to 100 Created / dropped Files have been reduced to 100 Excluded IPs from analysis (whitelisted): 52.255.188.83, 13.64.90.137, 88.221.62.148, 23.32.238.210, 23.32.238.192, 23.37.33.211, 69.16.175.42, 69.16.175.10, 142.250.180.234, 142.250.180.202, 95.101.22.203, 95.101.22.195, 152.199.19.161, 184.30.20.234, 184.30.20.56, 184.30.20.134, 99.86.4.96, 99.86.4.45, 99.86.4.66, 99.86.4.33, 2.23.155.186, 2.23.155.193, 20.50.102.62, 2.20.142.210, 2.20.142.209, 20.54.26.129, 20.82.209.183, 92.122.213.194, 92.122.213.247, 2.17.179.193, 84.53.167.113 Excluded domains from analysis (whitelisted): e6653.dscf.akamaiedge.net, cds.s5x3j6q5.hwcdn.net, cn-assets.adobedtm.com.edgekey.net, spark.adobe.com, fs-wildcard.microsoft.com.edgekey.net, ds-aksb-a.akamaihd.net.edgesuite.net, cdn.onenote.net.edgekey.net, e11290.dspg.akamaiedge.net, use-stls.adobe.com.edgesuite.net, ssl-delivery.adobe.com.edgekey.net, wildcard.weather.microsoft.com.edgekey.net, audownload.windowsupdate.nsatc.net, watson.telemetry.microsoft.com, au-bg-shim.trafficmanager.net, fonts.googleapis.com, fs.microsoft.com, stls.adobe.com-cn.edgesuite.net.globalredir.akadns.net, ajax.googleapis.com, ris-prod.trafficmanager.net, aadcdnoriginneu.azureedge.net, ris.api.iris.microsoft.com, a1910.dscq.akamai.net, blobcollector.events.data.trafficmanager.net, a1815.dscr.akamai.net, e1553.dspg.akamaiedge.net, geo2.adobe.com, cs9.wpc.v0cdn.net, e4578.dscg.akamaiedge.net, au.download.windowsupdate.com.edgesuite.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, e15275.g.akamaiedge.net, arc.msn.com, iecvlist.microsoft.com, go.microsoft.com, arc.trafficmanager.net, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, cdn.onenote.net, client.messaging.adobe.com, sstats.adobe.com, skypedataprdcolwus17.cloudapp.net, iris-de-prod-azsc-neu.northeurope.cloudapp.azure.com, p.typekit.net-v3.edgekey.net, ie9comview.vo.msecnd.net, tile-service.weather.microsoft.com, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, stls.adobe.com-cn.edgesuite.net, aadcdnoriginneu.ec.azureedge.net, adobeid-na1.services.adobe.com, skypedataprdcoleus17.cloudapp.net, e7808.dscg.akamaiedge.net, go.microsoft.com.edgekey.net, a1988.dscg1.akamai.net, www.adobe.com Not all processes where analyzed, report is missing behavior information Report size getting too big, too many NtCreateFile calls found. Report size getting too big, too many NtDeviceIoControlFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\1I6UUPZI\www.adobe[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	514
Entropy (8bit):	4.756650107708426
Encrypted:	false
SSDEEP:	12:JsrsrUGemKm6Fz5JR+YirUGemKm6Fz5JR+YirUGemKm6Fz5JR+YirUGemKm6Fz5e:W0U1mKm6DfB2U1mKm6DfB2U1mKm6DfBu
MD5:	BA218B6A98C50D8491DA1AED1C96FB8A
SHA1:	7C5EB873E5729BD2093FD680F340F835D4AF3499
SHA-256:	1CF6E3FD62BEECE0FC300A31727E99F4A4DA062B5330B2B0FC8E07A27F701389
SHA-512:	CE22D301ABF4C31DED7D0136BC0CA7FEFABCF9924F6F43BEDC30ACEC61D4CD66790759A8A23A975735475A01A3865F488D9A7D404177F22E482F906221D515F4
Malicious:	false
Reputation:	low
Preview:	<root></root><root></root><root><item name="com.adobe.reactor.dataElementCookiesMigrated" value="true" ltime="1065049952" htime="30891838" /></root><root><item name="com.adobe.reactor.dataElementCookiesMigrated" value="true" ltime="1065049952" htime="30891838" /></root><root><item name="com.adobe.reactor.dataElementCookiesMigrated" value="true" ltime="1065049952" htime="30891838" /></root><root><item name="com.adobe.reactor.dataElementCookiesMigrated" value="true" ltime="1065049952" htime="30891838" /></root>

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\MJSPUUKN\spark.adobe[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	135
Entropy (8bit):	4.695192817640191
Encrypted:	false
SSDEEP:	3:D90aK1ryRtFwsnObemKmlULF0VqHlJR3sotQX8qSeUdEmKb:JFK1rUFjgemKm6GVqHlJR3sqC4eDb
MD5:	2851C1761FAF9E2465567D73BCED44D3
SHA1:	264642F4A557C072AAA80D3F606BF8287D490693
SHA-256:	5C1E37069F04A6279DBDD23801BED721CBB4AF89D2F061DCD3D2530A78C9BA81
SHA-512:	81B08A11F449CED231C776FBBDD142C34A4D7779335182B1B61E48B029C58F98C0299782127369E8AF016CC59B25FB6141B53B99B7488C02B8035622B0C5A270
Malicious:	false
Reputation:	low
Preview:	<root></root><root><item name="com.adobe.reactor.dataElementCookiesMigrated" value="true" ltime="1040989952" htime="30891838" /></root>

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{683BBEE1-CB31-11EB-90E4-ECF4BB862DED}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	30296
Entropy (8bit):	1.8557540454327688
Encrypted:	false
SSDEEP:	192:rIZfZ32GWTt45fjnEsMuMc/emGDfTn3cX:rIhmdR+uGLKM
MD5:	53112B2191FBB2F84AB6B147A7C2CD4F
SHA1:	F9BE357779949B33BA0F510B10C50E960DF84332
SHA-256:	3176F1D615D30812E6A67EDEB0B60A84A2EE8832B4C3567BDB999BFE0BDA763C
SHA-512:	C87C6D9A26AD4A39F77FEC97CA6DA15CFA1653A4445087A4CBE69238C52601857E0BEB3F1672EB130BECF48FBB8A1E37ED8D970C9E34A0BE4F6A0584F1697D58
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{683BBEE3-CB31-11EB-90E4-ECF4BB862DED}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	187544
Entropy (8bit):	2.6597985923449396
Encrypted:	false
SSDEEP:	768:cVFZzHpfkP98IAxBxwxhSkGuxC0UJpNUOGzUTDaGXRZDHcibGCsXumjR:cVFZzHpfkPsvifvGuo0UJtGzM9ZTciH+
MD5:	390A1D1DAB763E6ED4BB975E4603AC95
SHA1:	1C7E6D5528890A70B5F3E5A0D001C89FF864CC0E
SHA-256:	CBABFBDB08825A6E182FD330CF425B4DCEEFF91D06FD84772780199410D66D44
SHA-512:	221DC64400B0D45518131C109BBD2C72D01CFCDC7475563231CAC11EEC2B2067C03B8AEA5F5A7C9675D3228D678F105C1901B3277A00A4A72BA7CE4BED3E8290
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6E57C72B-CB31-11EB-90E4-ECF4BB862DED}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	16984
Entropy (8bit):	1.5635395577342546
Encrypted:	false
SSDEEP:	48:IwVGcprMGwpaNG4pQRGrapbSkGQpKiG7HpRlJTGIpG:rLZkQv6hBS8ANTtA
MD5:	8519FB7E32973C96095BF714F022C7BD
SHA1:	EEF8B7529989971EE28B63755B7CF495049E311F
SHA-256:	E27CE563600BC3280FB1523A797F38C716E97C2AE5772B24C14511E36C25EE07
SHA-512:	00E7717D183C309B1603B97F2BCAF4E929121A769D3E2F042D4FDEEBA7211136DB53F898926CCE3A212E6653B79796C48A4D406F3A72DE032F0F35DD1F352288
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	46954
Entropy (8bit):	3.023010094425228
Encrypted:	false
SSDEEP:	96:MdmsffEX9QQQQQucj70sI2NmU3GJ70sI2NmU3GT:egnWmUzWmUy
MD5:	FCFFD86B6347DDEC3D468B79FFDB7618
SHA1:	1ADF8D9D24B46104B9C37DFA4A83A45A90731DED
SHA-256:	46A2DF36AB3F4960D41CB6E538FCEB6CA73CF54B536DA209D3A2F1E5BE86DB2F
SHA-512:	3F4AFBA043974C150542EE592B281DA695E4980D58EDEFC5D42210F8488C9097FAE0435D38931F3377217501988F4EC64D8DCAC540E444FC622853EAF5EAC3A1
Malicious:	false
Reputation:	low
Preview:	B.h.t.t.p.s.:././.p.a.g.e...a.d.o.b.e.s.p.a.r.k.-.a.s.s.e.t.s...c.o.m./.r.u.n.t.i.m.e./.1...2.2./.i.m.a.g.e.s./.f.a.v.i.c.o.n...i.c.o........... .... .........(... ...@..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................70..7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...70..............................7`..7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7`......................70..7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...70..................7...7...7...7...7...7.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Cookies_72px_lt-gray[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	29593
Entropy (8bit):	6.132885465655844
Encrypted:	false
SSDEEP:	768:37Mv1nW4/4c6v1Nn8Zh8xMYS8k2eBP2y0Ejn1:Av1n1Q/48xK2mjx
MD5:	DC2C21E75D20CE5B00C78499D3B2DEAD
SHA1:	4D507BBB930FA9BDCE35371538B3C6A74549C503
SHA-256:	2076A1B099924D72F8B2D636645C5598444CEF873335E9D400CC7C8285CC96A1
SHA-512:	E4644CDCB754C783185642E029E7FE6617134C9E2DBB2F95B8ED4E6B3DF5828A47BF7E0CD3A709EF07379C27522F1AFD666FF8333846F9942A4572E0355D9B5E
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/content/dam/cc1/en/privacy/images/Cookies_72px_lt-gray.svg
Preview:	<?xml version="1.0" encoding="utf-8"?>. Generator: Adobe Illustrator 19.2.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->.<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" [..<!ENTITY ns_extend "http://ns.adobe.com/Extensibility/1.0/">..<!ENTITY ns_ai "http://ns.adobe.com/AdobeIllustrator/10.0/">..<!ENTITY ns_graphs "http://ns.adobe.com/Graphs/1.0/">..<!ENTITY ns_vars "http://ns.adobe.com/Variables/1.0/">..<!ENTITY ns_imrep "http://ns.adobe.com/ImageReplacement/1.0/">..<!ENTITY ns_sfw "http://ns.adobe.com/SaveForWeb/1.0/">..<!ENTITY ns_custom "http://ns.adobe.com/GenericCustomNamespace/1.0/">..<!ENTITY ns_adobe_xpath "http://ns.adobe.com/XPath/1.0/">.]>.<svg version="1.1" id="adobeNews_x5F_72_x5F_lt-ou" xmlns:x="&ns_extend;" xmlns:i="&ns_ai;" xmlns:graph="&ns_graphs;".. xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" width="72px" height="72px".. viewBox="-359 271 72 72" style="enab

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\LawEnforcement_72px_lt-gray[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	28018
Entropy (8bit):	6.123287231997608
Encrypted:	false
SSDEEP:	768:3B3bnD+0T1bo4s83RvlSqEOSt1uRgzgd6Hio:I0Bo49h32I6HT
MD5:	203D2596591DD98304B03BDBCFE7948A
SHA1:	145A9AB021FA39848CBF9E95DB7132554469934C
SHA-256:	F0F7F1BB8276F731235B5519886DEF7081CE2AF2A906567888F5CC1F7BBD78C1
SHA-512:	2A36BE5EF21D35EA123BE7CFDB88BC1C025AE359E80068E9E1FAB66748E15D268A7A9162CA0FE5364F34852E5EBA88DE665C5F5710668783ADC55A91D6825629
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/content/dam/cc1/en/privacy/images/LawEnforcement_72px_lt-gray.svg
Preview:	<?xml version="1.0" encoding="utf-8"?>. Generator: Adobe Illustrator 19.2.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->.<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" [..<!ENTITY ns_extend "http://ns.adobe.com/Extensibility/1.0/">..<!ENTITY ns_ai "http://ns.adobe.com/AdobeIllustrator/10.0/">..<!ENTITY ns_graphs "http://ns.adobe.com/Graphs/1.0/">..<!ENTITY ns_vars "http://ns.adobe.com/Variables/1.0/">..<!ENTITY ns_imrep "http://ns.adobe.com/ImageReplacement/1.0/">..<!ENTITY ns_sfw "http://ns.adobe.com/SaveForWeb/1.0/">..<!ENTITY ns_custom "http://ns.adobe.com/GenericCustomNamespace/1.0/">..<!ENTITY ns_adobe_xpath "http://ns.adobe.com/XPath/1.0/">.]>.<svg version="1.1" id="adobeNews_x5F_72_x5F_lt-ou" xmlns:x="&ns_extend;" xmlns:i="&ns_ai;" xmlns:graph="&ns_graphs;".. xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" width="72px" height="72px".. viewBox="-359 271 72 72" style="enab

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\RCe6dc2e9778374db3a379eac1ca59177c-file.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	1036
Entropy (8bit):	5.378727716575342
Encrypted:	false
SSDEEP:	24:1589tiKYZ76e5RdAfrDyRWZ9GMqtZyG4i40bNo0kg/:15m3KRGfvywISGzNug/
MD5:	5C24C5F808D268C1A5D1C380A1CD26FF
SHA1:	47F82274964AC16C28CA270B7805D8B7A5A00CF9
SHA-256:	4A3B36C5434FD05AF57464CA641D329B57AFFF68490F2A3D6490EA2CB8578236
SHA-512:	1E27DADF37C653A6F3BDA2AB90C8B250396B1701DFD5A712946AC5760150B3B080579ACCB2389F9A0DDA218F97061B4842ACED13839B7E7F5F7D04EC984C8DB0
Malicious:	false
Reputation:	low
IE Cache URL:	https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RCe6dc2e9778374db3a379eac1ca59177c-file.min.js
Preview:	// For license information, see `https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RCe6dc2e9778374db3a379eac1ca59177c-file.js`..var w_sp=_satellite,loadScript=w_sp._loadScript;w_sp._loadFBScript=function(){var a,e,t,n,o,i,c;a=window,e=document,t="script",n="https://connect.facebook.net/en_US/fbevents.js",a.fbq\|\|(o=a.fbq=function(){o.callMethod?o.callMethod.apply(o,arguments):o.queue.push(arguments)},a._fbq\|\|(a._fbq=o),(o.push=o).loaded=!0,o.version="2.0",o.queue=[],(i=e.createElement(t)).async=!0,i.src=n,(c=e.getElementsByTagName(t)[0]).parentNode.insertBefore(i,c))},w_sp._loadGtag=function(e,t){loadScript("//www.googletagmanager.com/gtag/js?id="+e,function(){function a(){gTagdataLayer.push(arguments)}window.gTagdataLayer=window.dataLayer\|\|[],a("js",new Date),a("config",e),t&&(a("config","AW-1004494713"),a("config","AW-983956512"),a("config","AW-951622910"))})};var uuid=w_sp.cookie.get("aam_uuid")\|\|"";digitalData._set("digitalData.adobe.experienceCloud.audienceManager"

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\SPRK_color_v2@2x[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1934
Entropy (8bit):	4.543427398694442
Encrypted:	false
SSDEEP:	48:Ci1LbWxBa8zBtKJwzWOxCKWZDPzKiODCTCZ:Zh6Ba8zbK6X3WVP2DCTCZ
MD5:	F858A5C4E786F511FABE5D35DA995F65
SHA1:	DFC968D018C16B8E4853AA17418C9F4302CADC6C
SHA-256:	CDA6CA3F0B46DB2E50DDB33DC50438CC2D1C22CF71650CD457912BDD9718A6EF
SHA-512:	ADE9CE8069690298C4A2CDE1FE1D066B8FA2D60DDD2A43177A7ADE92A648C349A05236D2C1C6EBA1A821A620E803FA68EE9FECD777FCD3CB37F961A97F6F4219
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/images/SPRK_color_v2@2x.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 56 54"><defs><style>.cls-2{fill:#fa0f00}</style></defs><g id="Layer_2" data-name="Layer 2"><g id="Surfaces"><g id="Spark_Surface" data-name="Spark Surface"><rect width="56" height="54" rx="9.91" fill="#370000" id="Outline_no_shadow" data-name="Outline no shadow"/></g></g><g id="Outlined_Mnemonics_Logos" data-name="Outlined Mnemonics & Logos"><g id="Sp"><path class="cls-2" d="M18.05 38.37A18.68 18.68 0 0114.3 38a12.08 12.08 0 01-2.83-.91c-.2-.09-.3-.3-.3-.62v-4.12a.22.22 0 01.09-.2.25.25 0 01.25 0 11.84 11.84 0 003.29 1.17 12.74 12.74 0 003.4.48 5.28 5.28 0 003-.65 1.91 1.91 0 00.9-1.61 2.13 2.13 0 00-.29-1.12 3.1 3.1 0 00-1-1 11.61 11.61 0 00-2-1l-1.85-.78a13.89 13.89 0 01-3.54-2.05 6 6 0 01-1.75-2.35 7.53 7.53 0 01-.49-2.7 6.64 6.64 0 014-6.2 11.25 11.25 0 014.89-1 22.84 22.84 0 013.31.23 7.22 7.22 0 012.39.71.52.52 0 01.26.48v3.89c0 .05 0 .1-.1.16s-.14.06-.24 0a9.9 9.9 0 00-2.5-.65 14.11 14.11 0 00-3.19-.25 7.28 7.28 0 00-1.81.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\browser-icon-firefox[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 126 x 126, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	23048
Entropy (8bit):	7.9780311101032595
Encrypted:	false
SSDEEP:	384:we/3EjkOuVoC1api2CeizbIn15L2/A0hF7S8Q24cMTbJ6KtgDeu47SFpdnRYsJJ5:t0QaCEpxHOMnPyz3FMTbJKu7STdnRRJn
MD5:	CB5D8684D59755A275761D3FD5A3DE21
SHA1:	F69AB8011CD09A7A77536F8C227CE05981DB7791
SHA-256:	180764AE8307B091F22104F366FAE7830DF994763C613977F4F3EE70D194A695
SHA-512:	44B86DE85BD786152AF0600528E9EA1BFB5494FDD9A01D9D795A892B765DDEABFD45AB7AF18A8D1250E70795863F1168256025FEDD7EFE29C9F1AFB3DCF726D6
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/images/landing/browser-icon-firefox.png
Preview:	.PNG........IHDR...~...~......#......tEXtSoftware.Adobe ImageReadyq.e<...(iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c111 79.158325, 2015/09/10-01:10:20 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2015 (Macintosh)" xmpMM:InstanceID="xmp.iid:5F7D65790FF011E69AFE8E50F5F6CE89" xmpMM:DocumentID="xmp.did:5F7D657A0FF011E69AFE8E50F5F6CE89"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:5F7D65770FF011E69AFE8E50F5F6CE89" stRef:documentID="xmp.did:5F7D65780FF011E69AFE8E50F5F6CE89"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>wF.r..VvIDATx....%Uy/....\|.>...f.U...C08F$OM...I.3&.$..#.\5&...5.$.5...8.( .43..<..3.y.....VU.....n.H..?...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\css[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	223
Entropy (8bit):	5.142612311542767
Encrypted:	false
SSDEEP:	6:0IFFDK+Q+56ZRWHMqh7izlpdRSRk68k3tg9EFNin:jFI+QO6ZRoMqt6p3Tk9g9CY
MD5:	72C5D331F2135E52DA2A95F7854049A3
SHA1:	572F349BB65758D377CCBAE434350507341ACD7B
SHA-256:	C3A12D7E8F6B2B1F5E4CD0C9938DFC79532AEF90802B424EE910093F156586DA
SHA-512:	9EA12CC277C9858524083FEBBE1A3E61FDECE5268F63B14C9FFAFE29396C7CCDB3B07BE10E829936BCCD8F3B9E39DCFA6BC4316F189E4CEA914F1D06916DB66B
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.googleapis.com/css?family=Archivo+Narrow&display=swap
Preview:	@font-face {. font-family: 'Archivo Narrow';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/archivonarrow/v12/tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXo.woff) format('woff');.}.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\dNKL09H9F Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 67148, version 0.0
Category:	downloaded
Size (bytes):	67148
Entropy (8bit):	7.993959168595968
Encrypted:	true
SSDEEP:	1536:nxeF+rR7LkiELPhmOHVSAJTtSrsJBD7JVstEBSQm+aScA+tWB:wEkJzh7S2xysvPst2SQSSzR
MD5:	227960928668E1D655DBAAAE5FE23C11
SHA1:	128EF93AB71A18BA1DB0855C165D050ED8702037
SHA-256:	DFD5B4454E0BEF1EBBE0940DFA3BFB117BEE9E3DF150FA55BE633114816E7179
SHA-512:	BDB17CBB62E2C6B4AF737C7201214A563C27CDC38E1924B2C6EB351950F81A06A10E2DFDD783C82AB108D9758D77DA0A45BA82B08C210F4D8977A33AA6364B3B
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/4b3e87/000000000000000000017706/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Preview:	wOFFOTTO...L................................BASE...X...F...Fe.].CFF ...T...G...CP...DYNA............G9GDYN......1...e. .GPOS......#...S4...0GSUB...x.........0.OS/2.......Y...`^B{.cmap.......S.....lgasp................head.......4...6..%phhea...(...!...$....hmtx...........x.nD.maxp...L.........^P.name...............]post........... ...2..............ideoromn..DFLT..cyrl..grek..latn...................U..............x.c`d```5.2)1O........(.p>9..F.W.....5........;...x...n.0....'E..}..{hZ..8...@29.....~hH....;t.#.......y..@.(.5.!.!....RW.............[x...G....65[.......z~..A.?X...rU......s....#......<{>F...\|..2.;X..<.P..1Z....}eu^..bi.)c.WR..L...Vb.+]..l.W...1..e:...,.#.....z<.:.S.:.....E..........P*...c....T..6..T.. .d..HF.....X...v.~......G........9. .Bq\.FX.`.M.c....s..e....h.3v.....8.fH....4gM..+...X..R....Y..KD....D.......?..=N.<..._.........y......C...U....[.....~.lN.~.....W..{.\^;..?.._..a...T...t.....K.Y....}...2..x.c`f.`na`e``.b.```...q.F..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[10] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 66304, version 0.0
Category:	downloaded
Size (bytes):	66304
Entropy (8bit):	7.993959805787878
Encrypted:	true
SSDEEP:	1536:VeO6ShUivo8vaO8pnTzDOTXL/kxtcA+uDWB:p6DJWaO4iT7/4tzk
MD5:	9E6E819AE9D8993A2B10353EFF16497D
SHA1:	1410161D0CA8CA3966897CAB50E45A14B721C056
SHA-256:	81B4B3BC1EFD4F08F212308D9727BC21A40E38B5464B6B25EBDE1B2E24D13F05
SHA-512:	D9D88E8987EE2F45BFA0B211AAA7DFEB9C39718E9A037FAE625AF4E6806E04D4C8316B58363EEA93E9BA6C23B6F514925D4841C95CDFB103693688D5EFC71DAB
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/40207f/0000000000000000000176ff/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Preview:	wOFFOTTO...........D........................BASE...X...F...Fe(].CFF ...T........6...DYNA...P.........gG9GDYN...T.../...a... GPOS.....#...T.;..GSUB...0.........0.OS/2.......Y...`[.t.cmap.......S.....lgasp................head.......4...6..%`hhea...(...!...$....hmtx...........x..].maxp...L.........^P.name.............8I.post........... ...2..............ideoromn..DFLT..cyrl..grek..latn...................`..............x.c`d```5.{..9...+.3........P..?.?....1 ....$.._..!x..An.@....I..jo0.>...!..$H........`a{.=Ab.u.]...B..E..T..<...Y....3.{o....._.....k....x......c.Mj.......f~..B......9...s..A.V......g.Mj.{>F...\|..0.[.5>=.P..1X....}iuV..\|n..)b..R..TL...b.K].X.R...M..!..H...?....N...N...p..x..21...wS.J.T.m...;.Jv..Y....e..B.....kk....o.&.rn....z~u...%. .Bq\..X.`.M.b.....)p...Y-........r.L.`.5+..i>5.;.<..C3%'...U...X......D..{.!F.~...8=..c.~y.{w.s..{..U........._....~.j......)Sg.....R^:.u[v..m.....j.eJ.w.u.T.....Oy.s-..m.x..x.c`f......................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 21964, version 0.0
Category:	downloaded
Size (bytes):	21964
Entropy (8bit):	7.9725559995125685
Encrypted:	false
SSDEEP:	384:ANBtlENfUp59YhNFBz4TpgYHLgvE/vvkacO8syS9taWGsSwBytxwhuAd/tDW:sN8Up8hNf4lJHLgvE/0Pbsr9tXSOytxv
MD5:	25704A0DEF6040D9ED167F36D3F28242
SHA1:	FBB0D647FC706FC8867EF28DE3A03BD42FA7BDF0
SHA-256:	246BA9C4AB21AC5BB04019666F63AA321BD893478FC4DFF77B25C86FBB5BF36F
SHA-512:	39F31749C8008B106539FB4C249280E25A8FFD9771AB8FF3C45FDF5663C7F8BFDB8CF58766AB12263DE1C7F59DCA51B1691299390975C70556E46EA289868F2D
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/74fc30/0000000000000000000158d4/26/d?subset_id=2&fvd=i1&v=3
Preview:	wOFF......U.................................DYNA..............t.FFTM............]..<GDEF...D...8...B...<GDYN...\|.........j..GPOS...`...K.....L..OS/2.......Y...`~wz+cmap..U4........+..wcvt .......$...$....fpgm...........e#./.gasp................glyf......Dy..v8.3.head.......4...6.i;.hhea...H... ...$.k.4hmtx..Q(...?...lJVC.loca..Sh.........:-Tmaxp...h... ... ....name...........~v..?post..U ....... ...(prep.......R...R].oc.........o1.......T......x........6.<.D.D.@.>.:.1.5.8.3.,.F.B..x.]Q.N[A.......c..hS.fB...$.W...vc9B.\.b\..P Q..k.h().A..R>.O@bfM.(....s..r..]Z.y..R......v...t}...v.@..^.n...`3.rG....-.!.i'P....6...>.d..AK3MO....B`...0....../X....C.i..s..Ks....k..vp&"?..hj..@._:.z>.b.r.0...S.d".f2].T-3.up...;X.Js....U.......-.2KC...1B.$.BN9w.?)P>..1....a..q.50.....fS.{.0~.G..o..>..6F..X.`...QU...s/.....3.%`y.._'..;6..em.C.....2....U.......tJ......p.X...R.v....`H.F..h-;....d/...........x.c`d```b8Z.2.c<..W.y..@..S.....v.88.....q.1.......x..AN.@....@..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[2] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 20540, version 0.0
Category:	downloaded
Size (bytes):	20540
Entropy (8bit):	7.970560806372044
Encrypted:	false
SSDEEP:	384:Fo1SMQ+uypEPZJnq9tVxtO0TKJOOr4ohDCR/Iowk+hkFo31JAM7/Se:FoQ9+u7nSBM0+4ohDiQhkS3cMDSe
MD5:	F7DFBBC4491156A7123A80DD7F9A1AA7
SHA1:	643F976CF7504CBF212657C25BE954A73F7F3F04
SHA-256:	6778F1BCD6798ADE72372490A2BC16AD9BE3A23996E86878AF0C8F429B429CB9
SHA-512:	D9689A58CA5C421105B1846BD35C51C0AAA7B3D928F2EE04BF00D3679FFCE90FBA5C12829626F090CED0ECDE1158D5A7068AB7EC401B2ACDC25DB4324940F804
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/3d913c/000000000000000000017709/26/d?subset_id=2&fvd=n6&v=3
Preview:	wOFF......P<................................DYNA............4.(.FFTM............]...GDEF...d...8...B...<GDYN................GPOS...\|...x...@.z..OS/2.......Y...`..zpcmap..O.........+..wcvt .......0...0...Jfpgm...........e#./.gasp................glyf......>...b...`.head.......5...6..;.hhea...l... ...$...hmtx..K....-...lx.8.loca..M..........U.Rmaxp....... ... ...Tname...........u....post..O........ ...(prep.......s....^`...........o1.......2......x........6...\|.....n.....................u........x.]Q.N[A.......c..hS.fB...$.W...vc9B.\.b\..P Q..k.h().A..R>.O@bfM.(....s..r..]Z.y..R......v...t}...v.@..^.n...`3.rG....-.!.i'P....6...>.d..AK3MO....B`...0....../X....C.i..s..Ks....k..vp&"?..hj..@._:.z>.b.r.0...S.d".f2].T-3.up...;X.Js....U.......-.2KC...1B.$.BN9w.?)P>..1....a..q.50.....fS.{.0~.G..o..>..6F..X.`...QU...s/.....3.%`y.._'..;6..em.C.....2....U.......tJ......p.X...R.v....`H.F..h-;....d/...........x.c`d```b8z.;.h<..W.y..@..S.*V...+...........T..........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[3] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 22376, version 0.0
Category:	downloaded
Size (bytes):	22376
Entropy (8bit):	7.9745730846169725
Encrypted:	false
SSDEEP:	384:nAizO59XJQcmATaTY6S0r89SmOrPuaDuXo0J22vNYckNcL5VjWV3ncNHFb:1AQcmATaTYn0g9Wiaso0wqKNM5pmcfb
MD5:	74B4BA34F532FC0C6C7C557A65B733B6
SHA1:	CA3CF7110DF3502935D79F055BFFE00A55087C3A
SHA-256:	58C894C70D7848BD09B94AF1754E5532DCAC4189ED48F9AA3AB5E1ACEF4376C1
SHA-512:	29A5BA44B73F6AD9F3AFA09ACA3326E1BD8FD0C79C681D91A03E12B46D09A198E2CD5A1B6AFAE7F59F2E4DFC4AC64480F0F96E22FE8879C22C3A8F52A2B98B5B
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/6c57c4/0000000000000000000158d6/26/d?subset_id=2&fvd=i6&v=3
Preview:	wOFF......Wh.......\|........................DYNA..............t.FFTM............]...GDEF.......8...B...<GDYN.............j..GPOS...........J.w..OS/2...T...Y...`..zvcmap..V.........+..wcvt .......^...^.C..fpgm...$.......e#./.gasp................glyf......E...s..r.Ahead.......5...6.V;.hhea....... ...$.W.phmtx..R....N...l{k,Lloca..U.............maxp....... ... ....name............#.g?post..V........ ...(prep.......t....i.D..........o1.......=......x........6...\|.........................................@.k...........u.e.....R.7.9.;.F............x.]Q.N[A.......c..hS.fB...$.W...vc9B.\.b\..P Q..k.h().A..R>.O@bfM.(....s..r..]Z.y..R......v...t}...v.@..^.n...`3.rG....-.!.i'P....6...>.d..AK3MO....B`...0....../X....C.i..s..Ks....k..vp&"?..hj..@._:.z>.b.r.0...S.d".f2].T-3.up...;X.Js....U.......-.2KC...1B.$.BN9w.?)P>..1....a..q.50.....fS.{.0~.G..o..>..6F..X.`...QU...s/.....3.%`y.._'..;6..em.C.....2....U.......tJ......p.X...R.v....`H.F..h-;....d/.*..........x.c`d```

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[4] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 20720, version 0.0
Category:	downloaded
Size (bytes):	20720
Entropy (8bit):	7.971274872077512
Encrypted:	false
SSDEEP:	384:ep0ld6FR9PFBI+qyX9W69gNqcJddRjJpyZc+2HC9j2SDGDYfLrDYSzJgIY:K0ld6VtBI+qy069gAa1Jx+G6zDGDYfH0
MD5:	185A2AFC0935C94FBB5683112A905CE2
SHA1:	4EB450182B9C658C6916CDDED80D3922E90DDCD8
SHA-256:	F81CA8209A0526BEF58A70CF4288A1B1F8A02D8B1F7F8E3BC4B8A179323A1DFD
SHA-512:	A8C1BCA226F757C2BC8A096E31D2E05B2F8C184A531D93CDE6A26974A10B96005F4F341D52A80404919CE050BE8F89EE91EFC7D996936B37879DFD85CAA36E9A
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/9951d2/0000000000000000000158d7/26/d?subset_id=2&fvd=n4&v=3
Preview:	wOFF......P........`........................DYNA............4.(.FFTM............]...GDEF...p...8...B...<GDYN................GPOS...........@.J.OS/2.......Y...`~.z~cmap..PX........+..wcvt .......2...2.A.0fpgm...........e#./.gasp................glyf...L..?...bT.@..head.......4...6.E;.hhea...x... ...$.I..hmtx..L`...,...le.BVloca..N.............maxp....... ... ....name...........iZ.[.post..PD....... ...(prep...............>.........o1..............x........6...`.n.\|.....Z.................O...t.c......x.]Q.N[A.......c..hS.fB...$.W...vc9B.\.b\..P Q..k.h().A..R>.O@bfM.(....s..r..]Z.y..R......v...t}...v.@..^.n...`3.rG....-.!.i'P....6...>.d..AK3MO....B`...0....../X....C.i..s..Ks....k..vp&"?..hj..@._:.z>.b.r.0...S.d".f2].T-3.up...;X.Js....U.......-.2KC...1B.$.BN9w.?)P>..1....a..q.50.....fS.{.0~.G..o..>..6F..X.`...QU...s/.....3.%`y.._'..;6..em.C.....2....U.......tJ......p.X...R.v....`H.F..h-;....d/.*..........x.c`d```b8Z.9.?...+.<....._.K`.....p......@.@......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[5] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 22492, version 0.0
Category:	downloaded
Size (bytes):	22492
Entropy (8bit):	7.974382432382698
Encrypted:	false
SSDEEP:	384:yDLC8fp6SXkpD0a74PboHnd4VZK1Jnn3J0YjWkPpSjYmRja+eUZ5EJSyT7MYLQ:iW8h6rD0ak8nyZ2ysrpeYmRcdfE
MD5:	A2CAF0BD8F7084A90E2053AD61157C78
SHA1:	9E35E2810DCCB3C791CEB2818B16EFA9328C307E
SHA-256:	6537EEA8561F3D0903E4CAABB123C0AF961A09218290C678285B7C27ED335E54
SHA-512:	1FAE0E3EC674A092FAD4813182C77144F698AEA5715BD94540CF4AB8CF865165CD1BC57A56E56254B3F8C0E9F10227FCFCE33FA2020D616CB0D7ADA1CBBB89DC
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/fe9c8e/0000000000000000000158d8/26/d?subset_id=2&fvd=i4&v=3
Preview:	wOFF......W........P........................DYNA..............t.FFTM............]...GDEF.......8...B...<GDYN.............j..GPOS.......-...J.E..OS/2...X...Y...`~.zEcmap..WD........+..wcvt .......\...\...Xfpgm... .......e#./.gasp................glyf......E1..s.C..head.......4...6.W;.hhea....... ...$.Y.4hmtx..S0...E...lg.5.loca..Ux...........maxp....... ... ....name................post..W0....... ...(prep...............:.........o1.......'......x........6...`.n.\|.....x.....u.............q.......k.>.W.......~.^.N.s...H.7.9.;.c.J.L.F...P..x.]Q.N[A.......c..hS.fB...$.W...vc9B.\.b\..P Q..k.h().A..R>.O@bfM.(....s..r..]Z.y..R......v...t}...v.@..^.n...`3.rG....-.!.i'P....6...>.d..AK3MO....B`...0....../X....C.i..s..Ks....k..vp&"?..hj..@._:.z>.b.r.0...S.d".f2].T-3.up...;X.Js....U.......-.2KC...1B.$.BN9w.?)P>..1....a..q.50.....fS.{.0~.G..o..>..6F..X.`...QU...s/.....3.%`y.._'..;6..em.C.....2....U.......tJ......p.X...R.v....`H.F..h-;....d/.*..........x.c`d```b8./

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[6] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 20932, version 0.0
Category:	downloaded
Size (bytes):	20932
Entropy (8bit):	7.97207524312144
Encrypted:	false
SSDEEP:	384:3wgN6IL9Cl+QE5TQoI23a0zC9/IY1eizt+wcCMPyv2GTPNo/B1:AgN62MlkrI23a0G+keiBL4jKoZ1
MD5:	E0F2BB6FEFF9005FADFAA0DEAC9F17D3
SHA1:	5BCF4E553881D43087F31A8B47172F1F695E461B
SHA-256:	809F249AF3A361113340A14136F8464AB4A1A23E47B05F71375115E6C23FFC92
SHA-512:	8426F3F16F8B9FABC3F47DD3984156C723387E0F1FC804B25FE427B9B120E78CB376185BE701555ACBC9E26D2A8611F598C9DCB393B0950369A653632901F9C4
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/edcf1e/0000000000000000000158d9/26/d?subset_id=2&fvd=n3&v=3
Preview:	wOFF......Q.................................DYNA............4.(.FFTM............]...GDEF...H...8...B...<GDYN................GPOS...`.......@...YOS/2.......W...`~wz1cmap..Q,........+..wcvt .............6fpgm...........e#./.gasp................glyf...(..@...e.....head.......4...6..;.hhea...P... ...$....hmtx..M@.......lVRI.loca..O`...........maxp...p... ... ....name...........Q%.{.post..Q........ ...(prep.......i...v..ym.........o1..............x........6.h.R.\.^.h.r.Y.z.`.d.m.j.t.L.F.J.f..x.]Q.N[A.......c..hS.fB...$.W...vc9B.\.b\..P Q..k.h().A..R>.O@bfM.(....s..r..]Z.y..R......v...t}...v.@..^.n...`3.rG....-.!.i'P....6...>.d..AK3MO....B`...0....../X....C.i..s..Ks....k..vp&"?..hj..@._:.z>.b.r.0...S.d".f2].T-3.up...;X.Js....U.......-.2KC...1B.$.BN9w.?)P>..1....a..q.50.....fS.{.0~.G..o..>..6F..X.`...QU...s/.....3.%`y.._'..;6..em.C.....2....U.......tJ......p.X...R.v....`H.F..h-;....d/...........x.c`d```b8Z...h<..W.y..@..S..........`..r9.j....l..x...J.@

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[7] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 24436, version 0.0
Category:	downloaded
Size (bytes):	24436
Entropy (8bit):	7.978037120154255
Encrypted:	false
SSDEEP:	384:b2q7Hwg9s0WrCWQYOL4VhwnhHa63bzKnWhF52DHilk+9y5yS6P8N:KqrsYL4vwh663fKW/50iZ9IyZPs
MD5:	6D26AE32705F04BD2CCC4DC335F15809
SHA1:	6F67C23951FB9426FA426436CCC1CE1E6FDDF220
SHA-256:	6E52D4DF448460F8B6C6C8DC776745BE4C85A9D18981772A89C9876B4E19FB37
SHA-512:	687973BC1D027B36AC99E2B7AA9928B35148E7AA742B13FCF2A20B0947B7ED27EA470E770856711C584221E88F3FBEA5AA3A93A58DC59DB7794320E9B11F019A
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/9d1933/00000000000000000001705b/26/d?subset_id=2&fvd=i3&v=3
Preview:	wOFF......_t................................BASE.......F...Fe!].DYNA...............bGDYN.......#...Q.4.xGPOS...........dG...OS/2...X...\...`.}..cmap..]........8..}.cvt .......R....6...fpgm...0.......p...Ygasp................glyf......BX..w....Mhead.......6...6....hhea......."...$....hmtx..WX...+...z....loca..Y...._.....4..maxp....... ... .B..name............yJ..post..[........Q..$uprep............R.>...............ideoromn..DFLT..cyrl..grek..latn...................Y......x.c` .X..>.>.l.......=.g...............0.FU.........I...,o......4.=H..1...BX8a..x.Viw.F..yI..,%.-ja..i.F&l...A.c ]......;...._.d.s.7~Z../$...p...w.....e.Z...../...&..<..M.Q\|(;{!e....Q......DD"P...D...Y.d\|.QF..WM.-=..[.A.U.~.:.;..f3th=.%U.U.H.=R.e..+I+....W.P.N"i....H..g..h5..(.l..(R$..A.y....................V.K..../y.w9?)..[.-9...#;8;]....V.7.d;.U.....[6;.......L/4#X*_!..O(..HV..S....l.D.z....O..8bJ\3F.twtB.u....=.....w.......Q.'.DJ..M.6..XI.Jj.+&Ny..._.v..3.8....C.VNTr<..i&S.vR.hJ.(%......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[8] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 66740, version 0.0
Category:	downloaded
Size (bytes):	66740
Entropy (8bit):	7.99411972026963
Encrypted:	true
SSDEEP:	1536:J4lzR3d/ZD6MCYkk+e5Hj9EgKWB/uS7wcA+vVWB:ql9NZ/CYFjjKgKU/uLzh
MD5:	02BDAC466185E4E1161BBFAB2C066327
SHA1:	5C0C5E8BDB41694C8AD5605D5C1FFF7EB0702EBA
SHA-256:	AC44BE8F65384DEF37D9091D668E54A4B79AB6A3156C5D8CFBD3268BEC558971
SHA-512:	01C761222E6DB3A3F81DAD88191BAA8A020536C4F8EF8692796B94C68AB1FDD4EF672D8DB24336E12BA32F0F96079E9D388EFD93433E9FF62BB8976596F65CD9
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/cb695f/000000000000000000017701/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Preview:	wOFFOTTO....................................BASE...X...F...Fe$].CFF ...H...a.....w..DYNA............$G9GDYN......-...a./..GPOS......#...T<"9.`GSUB.............0.OS/2.......Y...`\Wv.cmap...`...S.....lgasp................head.......4...6..%uhhea.......!...$....hmtx...h.......x7wW.maxp...@.........^P.name................post...L....... ...2..............ideoromn..DFLT..cyrl..grek..latn...................\..............x.c`d```5.z...1...+.3........p..?.?/K... ....$...A.!x.RKn.0..9N...Qt.5.v..R 8.Wv..Y%...%..........0...]t.S...@G...M..!q.{3C.Q....<t.o.=.a...^a...>...>9....a.........J.....O.=..b.{.x{......p.......~8\|......$.....:..U.h.84F...e].ul.J.I...f..F.u......2.q1..,.#...xr5..m..N]......N..,D..].P..ii.e...Trx6.....6I(#...z..S]..9Tz.1rY.f....'..U.G..P..D..P".&^....8.,x].....7.....e..sl.F.Jc#.Y..s...Th............aL.....E...t..(;..U...;....,......^H...LJ..g.x.A^[....X.._.g6.kb..}G..%.n.e......}.X....]?g^;~C.^4..t...<...x.c`f\|.8.......).....B3.1.1.E.Y..XX..X.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[9] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, CFF, length 66508, version 0.0
Category:	downloaded
Size (bytes):	66508
Entropy (8bit):	7.994636853689064
Encrypted:	true
SSDEEP:	1536:4p7762bluKjsVQJU/x14nXWjvxpGeDKTeEPiBlnQcA+yWB:q362bluKjqQWr4nG7xpP2PiEz0
MD5:	49B061D6468547558176037211AA630C
SHA1:	B02FD5987ED77AF837699BB13C7E838018943423
SHA-256:	F89C62C68380B4BB548E4E24E284348FE9E98730F54F7E0C8942F6AA3BE9DA37
SHA-512:	406D0D0BF1A669E16B9CA101B2DA10C222BBB780DF7B2CB235E2C9F765351846F2A94044C55B0080B875E951FC87462A76B29BE8CD4605EB4D462D321347A490
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/eaf09c/000000000000000000017703/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Preview:	wOFFOTTO....................................BASE...X...F...Fe!].CFF ...L.......dX.\\DYNA.............GG9GDYN.......1...a....GPOS...P..#...THAH.5GSUB.............0.OS/2.......Y...`].y.cmap...x...S.....lgasp................head.......5...6..%ghhea... ...!...$....hmtx...........xg.P.maxp...D.........^P.name............E..post...d....... ...2..............ideoromn..DFLT..cyrl..grek..latn...................Y..............x.c`d```5._.._<..W.f..@....^0....~.).......@.....N...x...n.@.....!.V,.@.cGV.FB$m..j.H..6N<i..`O#...@..X.$<......#g........x....^}.-.x.S..t1.\|......,=.b...............S.J\|...e..s.O......;.]j>z>D.\|.\|.W...1...R.b.....}muQ..ra...R.3)Fy......T..1...s..c.g...d8..O....'M......FW...-...X..+c...H....t..].\|=.e"..R........o.fm.......:T.^Q..z...c(.S..........a..w.KN{.l...M]..tu9...k.b.L.N...v...Y..R.[0....1...C*/..8.^...GM..r....jvfx..<.o..t.P.....=Kv-.kr..n.....5.%.9].>q......f:.3<C.e9.-5.:Yz4O....:e....+b.}.oS..1x.c`f.........).....B3.1.1..E.9..XX

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\dyhfi-5aMVYr0pY-U3mFXQJG[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	3651
Entropy (8bit):	4.094801914706141
Encrypted:	false
SSDEEP:	96:wO4DZ+Stb/jY+eo4hAryAes9mBYYQgWLDm9:wToSBjlevudl9nO
MD5:	EE5C8D9FB6248C938FD0DC19370E90BD
SHA1:	D01A22720918B781338B5BBF9202B241A5F99EE4
SHA-256:	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
SHA-512:	C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
Malicious:	false
Reputation:	low
IE Cache URL:	https://s3.amazonaws.com/simbla-static-2/2021/03/5f62058623af52001def0028/5f6206ef6b7cb60019717fbd/dyhfi-5aMVYr0pY-U3mFXQJG.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\e167f221-0472-4320-9404-14f41724f844[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 203 x 249, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	3809
Entropy (8bit):	7.920687878821694
Encrypted:	false
SSDEEP:	96:v/Vhv/pWo2dmOjLyIBj31Bav7K+2B3hmo1nh14AWgfTzYTm7YJ1Du8c:DudXjLyuhBajk391nh5Wa7YJhc
MD5:	16691C5D502FCFB529CF5230B2CB0269
SHA1:	1E8485F95FAD9D8A484F7BC36E607FB63728F611
SHA-256:	DCC8ADED0CCB659813E676ED6E157BB43D56AF555D930370A2402F755CD58892
SHA-512:	5BA36AA5BAD8FAE6CEA323E26B5401B67599FE258503E1D6606228C740C2F34E9449C313C37D4CE113DD62F29D369D1D8E44B0D774DAFAC80F15F1C43FF03A61
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/page/QbyXJuM93yIVE/images/e167f221-0472-4320-9404-14f41724f844.png?asset_id=9f27af98-835a-42e3-ab9a-c22dae398358&img_etag=%220dfe1271c4feee62a37d4f324ddee500%22&size=3140
Preview:	.PNG........IHDR...............1.....PLTE.........................!..* .3+.5-.=6.B;.HB.MG.SN.[V.`[.hc.nj.so........................................zw........................................................{{{iiicccWWWHHH>>>999,,,'''%%%....................IDATx..{W.>..i.mAE...V`...\o{.............iJ.....K.\|Hf2I....v.V).....{.m..I[i..uE......ulJ..v.,.S....(...e.=...p9P...K5-$n@S....qi..4Q.k..0M...@.K,..\|L.O...+.._`..(.h..o$..Z....u(....P..Z.aL....y.N...gq..On.&."..4.z..KU...<\|H....BK...7.5:<./...=..D...)Aa..v..YV...+.p[.)n.r.H+K..cD.9.....K..&..gNz...pbp......h0'.-X...".!...)..&'.\|ZK[..0#{....b.:.l....U0v....\M..Ma......K.t9.P..0.0.3'...(.c.....`4u.Y.x.........(.i4}..N....L.X.a.!.t2...;..&+,....h3.......9.`Z.fa......0r...f....a2......-..+...1@.X...&k,.]j0.l.0T.`..fa...L.Y.0.l.0t.....Pm.L6Y.0.l.0t...U..zk.LfY...`:.Y..hdj.....]0.B..S..Z.....dh.d..A..C..(..>...gt..i.P2d.a..I.tb;t.F...C;.H.&@......m...sm.i.gHA.._.c.5J..;.P.q....G..5..m....``.d..m....H..$J.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\favicon[1].ico Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	5430
Entropy (8bit):	1.952456287520738
Encrypted:	false
SSDEEP:	24:EslvlQNp0eCeAuyAwNtmUc3lKFWoX6UwjobtSl554VqQBzttYtlbd6e2u:FYfCzuyAacQWoWjobtc4VqUztQlbIeB
MD5:	DC94F1054A50B313EE14BBD3D4BC1C0A
SHA1:	B871EFBBD59E202329352C18B775F7C5743AA8DE
SHA-256:	8E263FEF3E738AC1882B97A05CAAF21BBFFC0BDABDF4A7E8338453C18E1E90EC
SHA-512:	A66B30C2E23F0D43F06B7C6889892AF0975C79037FB145FD01E84D4FA04234CDF8B32ECEE8FE29FA5FD13DB682485E4EFC7B2F3E8B9D23BDC12586CE417AA080
Malicious:	false
Reputation:	low
IE Cache URL:	https://ims-na1.adobelogin.com/favicon.ico?cache_bust=ca2ca95ab280b
Preview:	............ .h...&... .... .........(....... ..... ............................................................................................8...........................................................8...................................Q...........#......................................."...@...@.......................................x...............H...................M...............x...............................................................................X...............s...........v...............X.....................................................................................................................................................................5...5...............................................................................................................p...........................p.......................................................................................................H...................H..............................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\favicon_a_eupayfgghqiai7k9sol6lg2[1].ico Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
Category:	downloaded
Size (bytes):	17174
Entropy (8bit):	2.9129715116732746
Encrypted:	false
SSDEEP:	24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO
MD5:	12E3DAC858061D088023B2BD48E2FA96
SHA1:	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
SHA-256:	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
SHA-512:	C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
Malicious:	false
Reputation:	low
IE Cache URL:	https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Preview:	..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\feds[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	110405
Entropy (8bit):	5.222898217709142
Encrypted:	false
SSDEEP:	1536:BWmeHO9kHfJqtKeH34S1+x2iHcXbIfk75YRpYh1XcxfzTzkOFrCl+zasafXojdjW:BWQkHfJeKeH3BQY1
MD5:	927E6FA55AB244AC1E006C884AA8072E
SHA1:	0B6250B58D417D761F085917E7D4A93E00A2BA89
SHA-256:	47EE874D27CF6862C03E07A1A384334B5BF07808B73013F7D6172F004E63A028
SHA-512:	AB669D340E507C0CAD7E24F714CD3219B38EB885ACF7432A3A637E0D065A6C188BD607BFF50C53CC8FD63F57B79E1C3E6F849C66963A4910977EB9137C3BC5C4
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/etc.clientlibs/globalnav/clientlibs/base/feds.js
Preview:	window.__fedsSegmentation = '100';./! feds v0.51.0 built on Mon, 24 May 2021 06:11:49 GMT /.!function(e){var t={};function n(r){if(t[r])return t[r].exports;var i=t[r]={i:r,l:!1,exports:{}};return e[r].call(i.exports,i,i.exports,n),i.l=!0,i.exports}n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{configurable:!1,enumerable:!0,get:r})},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=166)}([,,,,function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});var r=function(){function e(e,t){for(var n=0;n<t.length;n++){var r=t[n];r.enumerable=r.enumerable\|\|!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(e,r.key,r)}}return function(t,n,r){return n&&e(t.prototype,n),r&&e(t,r),t}}();var i="fedsDebug",o="*",a="Debug mode",s=function(){function e(){var t=this,n=arguments.length>0&&void 0!==argum

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\head.fp-00a38324dab316803fdc74cba4ad7ab9[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
Category:	downloaded
Size (bytes):	141116
Entropy (8bit):	5.30072949013579
Encrypted:	false
SSDEEP:	1536:oh2bb1H+uuod92HpEMQqgQzDLTSYmv9Ktq2GXevsAUwx/VKbDlWJfwPf:RH+HY0zcuvsAFJs
MD5:	00A38324DAB316803FDC74CBA4AD7AB9
SHA1:	75321253B2C91E253BF2C775B589B2C096AAC1D3
SHA-256:	0CCDD4428614FDCEF969060F2ECC4EC6FF99FEFB968A49B4C987FD4506D33C81
SHA-512:	A927CF78845EFD12E39B058286E1C2ECC503B152C910F334F592A0266E0D340B5066AC6A21EB478DA39F08B647651F0DF1841E7F3D00AE44719C0FC596DDA81E
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/etc.hawks.dexterlibs/dexter/clientlibs/base/head.fp-00a38324dab316803fdc74cba4ad7ab9.js
Preview:	!function(e){var t=window.webpackJsonp;window.webpackJsonp=function(n,o,a){for(var s,u,c,l=0,d=[];l<n.length;l++)u=n[l],r[u]&&d.push(r[u][0]),r[u]=0;for(s in o)Object.prototype.hasOwnProperty.call(o,s)&&(e[s]=o[s]);for(t&&t(n,o,a);d.length;)d.shift()();if(a)for(l=0;l<a.length;l++)c=i(i.s=a[l]);return c};var n={},r={6:0};function i(t){if(n[t])return n[t].exports;var r=n[t]={i:t,l:!1,exports:{}};return e[t].call(r.exports,r,r.exports,i),r.l=!0,r.exports}i.m=e,i.c=n,i.d=function(e,t,n){i.o(e,t)\|\|Object.defineProperty(e,t,{configurable:!1,enumerable:!0,get:n})},i.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return i.d(t,"a",t),t},i.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},i.p="",i.oe=function(e){throw console.error(e),e},i(i.s=584)}([,,function(e,t,n){var r=n(13),i=n(9),o=n(38),a=n(36),s=n(58),u=function(e,t,n){var c,l,d,f,h=e&u.F,p=e&u.G,v=e&u.S,g=e&u.P,m=e&u.B,b=p?r:v?r[t]\|\|(r[t]={}):(r[t]\|\|{}).prototype,y=p?i:i[t]\|\|(i[t]=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\headIE.fp-f9e44dbeef5252f4d02c4ed9c4b6a618[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
Category:	downloaded
Size (bytes):	71836
Entropy (8bit):	5.2834062351912525
Encrypted:	false
SSDEEP:	768:akRyhGekI/d65mve+R6ohN3KjAXCxnRGO7AevGBVGcgTSnTK3o9ufC:akRyhGek7E3KEXChwOsKTSOg
MD5:	F9E44DBEEF5252F4D02C4ED9C4B6A618
SHA1:	6EFF709B896F31AE0F73C4F493DC081D51771F20
SHA-256:	673875DD89E08974EAA386C2D7DF3F510C9D012E0DF65138347DD739F154EB1B
SHA-512:	9558927F687C05A1AF27F8E42A5592CF820A06AE6F26EC8A3F3E4BB9689FE4964A7DA6CEB23ADF99871167150E5CA3B191DC1CA6301BCF8085909EBB9E986317
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/etc.hawks.dexterlibs/dexter/clientlibs/base/headIE.fp-f9e44dbeef5252f4d02c4ed9c4b6a618.js
Preview:	// Nodelist ForEach polyfill from.// https://developer.mozilla.org/en-US/docs/Web/API/NodeList/forEach..window.NodeList&&!NodeList.prototype.forEach&&(NodeList.prototype.forEach=function(o,t){t=t\|\|window;for(var i=0;i<this.length;i++)o.call(t,this[i],i,this)});..!function(t){var n={};function r(e){if(n[e])return n[e].exports;var o=n[e]={i:e,l:!1,exports:{}};return t[e].call(o.exports,o,o.exports,r),o.l=!0,o.exports}r.m=t,r.c=n,r.d=function(t,n,e){r.o(t,n)\|\|Object.defineProperty(t,n,{configurable:!1,enumerable:!0,get:e})},r.n=function(t){var n=t&&t.__esModule?function(){return t.default}:function(){return t};return r.d(n,"a",n),n},r.o=function(t,n){return Object.prototype.hasOwnProperty.call(t,n)},r.p="",r(r.s=619)}([,,function(t,n,r){var e=r(13),o=r(9),i=r(38),u=r(36),c=r(58),a=function(t,n,r){var s,f,l,h,p=t&a.F,v=t&a.G,d=t&a.S,y=t&a.P,g=t&a.B,m=v?e:d?e[n]\|\|(e[n]={}):(e[n]\|\|{}).prototype,b=v?o:o[n]\|\|(o[n]={}),x=b.prototype\|\|(b.prototype={});for(s in v&&(r=n),r)l=((f=!p&&m&&void 0!==m[

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\icon-footer-instagram-grey[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1970
Entropy (8bit):	4.761536310074538
Encrypted:	false
SSDEEP:	48:cOAvf3vrBSH7QZRYaHYZ/wPtI6Z0/YJCnAwuHm6:Evf/rOyRYagYPf0/km0
MD5:	3AA1FDA78E24D8147732E483AB53D82C
SHA1:	2F68DEC16E343C8F97E8838A2A97D60C071F531E
SHA-256:	FA7FAE8A66DF78B001F3B9DD2BEF5913638614D202E256E9513034DB6B26ED58
SHA-512:	57BECD76540E1FDE0FBD0923459BDAEF1260D2494D33329B944B021331D6511D828F9844DD07AB946F042A0239FF5D9E7DC77896BEFADAE4A81A301AFB9E67C3
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/images/icon-footer-instagram-grey.svg
Preview:	<?xml version="1.0" encoding="utf-8"?>. Generator: Adobe Illustrator 22.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->.<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px".. viewBox="0 0 67 67" style="enable-background:new 0 0 67 67;" width="67" height="67" xml:space="preserve">.<style type="text/css">...st0{fill:#717F8A;}.</style>.<title>icon-footer-twitter</title>.<g>..<path class="st0" d="M34.5,4.1c-16.6,0-30,13.4-30,30s13.4,30,30,30c16.6,0,30-13.4,30-30S51,4.1,34.5,4.1z M51,40.9...c0,1.4-0.3,2.8-0.8,4c-0.9,2.2-2.6,4-4.9,4.9c-1.3,0.5-2.7,0.7-4,0.8c-1.8,0.1-2.3,0.1-6.9,0.1c-4.5,0-5.1,0-6.9-0.1...c-1.4,0-2.8-0.3-4-0.8c-2.2-0.9-4-2.6-4.9-4.9c-0.5-1.3-0.7-2.7-0.8-4c-0.1-1.8-0.1-2.3-0.1-6.9c0-4.5,0-5.1,0.1-6.9...c0-1.4,0.3-2.8,0.8-4c0.9-2.2,2.6-4,4.9-4.9c1.3-0.5,2.7-0.7,4-0.8c1.8-0.1,2.3-0.1,6.9-0.1c4.5,0,5.1,0,6.9,0.1...c1.4,0,2.8,0.3,4,0.8c2.2,0.9,4,2.6,4.9,4.9c0.5,1.3,0.7,2.7,0.8,4c0.1,1.8,0.1,2.3,

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\legal-localnav[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	81256
Entropy (8bit):	5.2799384671215925
Encrypted:	false
SSDEEP:	1536:7LCZ7oREbUgoM7jZNvdXLc4kfmmNtKehLA1npt47NoUjr:7a1NVc4kfmmZ477U/
MD5:	FADC09E7F64253F814C47F1E8424F193
SHA1:	305A3B47B1E42643E4E107C68C382674312657D2
SHA-256:	A5B3C08C5D820DBDF061B9407754432A74AE34A7C2D71BA526BC9DCCBBFE7AB2
SHA-512:	9EAC543D1FBA6BB3F09719D6A5A2490D1498C56A0F175170E9251288A6DE0DABE8DAB3698CB71FC9A67D4D530803A1D1B9F6EDDC2EA1FF8DB4EDD747D9398BD0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/services/feds.res_1.js/head/en/acom/corporate-mega-menu/legal-localnav.js
Preview:	/! applauncher v0.51.0 built on Mon, 24 May 2021 06:11:49 GMT /.!function(e){var n={};function t(a){if(n[a])return n[a].exports;var r=n[a]={i:a,l:!1,exports:{}};return e[a].call(r.exports,r,r.exports,t),r.l=!0,r.exports}t.m=e,t.c=n,t.d=function(e,n,a){t.o(e,n)\|\|Object.defineProperty(e,n,{configurable:!1,enumerable:!0,get:a})},t.n=function(e){var n=e&&e.__esModule?function(){return e.default}:function(){return e};return t.d(n,"a",n),n},t.o=function(e,n){return Object.prototype.hasOwnProperty.call(e,n)},t.p="",t(t.s=198)}({198:function(e,n,t){t(199),e.exports=t(200)},199:function(e,n,t){"use strict";var a=window.feds.utilities,r=a.loadResource,o=a.getParamValuesFromCookie,i=a.isEmptyObject,c=a.isFunction,s=a.getPropertySafely,p=a.imslib,l=new(0,a.Debug)({control:"applauncher"}),u={},h={config:{scriptPath:void 0,stylePath:void 0,theme:void 0,locale:void 0,environment:void 0}},d={assetID:{css:"applauncherCSS",js:"applauncherJS"},analyticsContext:{consumer:{name:"feds",version:"latest",pl

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\login[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	downloaded
Size (bytes):	39223
Entropy (8bit):	5.3936911578768605
Encrypted:	false
SSDEEP:	768:2l1lHt/JNVFGJIeNI9ReC0bG5woJhEZCvjgDMiB+2ahy2DdLSpcFFac:cFe0erbGYZCvjkM2ahy2DVpFac
MD5:	FDCE41FF9635E46BEE087277B75EE40A
SHA1:	3E59E014154419F4CE61F2B8891D50BAD288C036
SHA-256:	E39B4865093966232A14BFC540779A5E46EB46521470D0FE27944B5CFA014493
SHA-512:	92E66173B60FFB135429B36E146082756AF922179A7D29BA216627002650A37625AC56CAB43FC1C7C69003EE312B50CBCA58A6AEAEC40134AB215FB7B1F52921
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/sp/login?r=reader_page_topbar_createyourown
Preview:	<!DOCTYPE html>.<html lang="en-US">.<head>. <script nomodule>document.location.href = '/unsupported';</script>. <title>Make Images, Videos and Web Stories for Free in Minutes \| Adobe Spark</title>. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />. <meta name="viewport" content="width=device-width,shrink-to-fit=no,user-scalable=no,initial-scale = 1.0,maximum-scale = 1.0">.<script type="text/javascript">.;window.NREUM\|\|(NREUM={});NREUM.init={privacy:{cookies_enabled:true}};.window.NREUM\|\|(NREUM={}),__nr_require=function(t,e,n){function r(n){if(!e[n]){var i=e[n]={exports:{}};t[n][0].call(i.exports,function(e){var i=t[n][1][e];return r(i\|\|e)},i,i.exports)}return e[n].exports}if("function"==typeof __nr_require)return __nr_require;for(var i=0;i<n.length;i++)r(n[i]);return r}({1:[function(t,e,n){function r(t){try{c.console&&console.log(t)}catch(e){}}var i,o=t("ee"),a=t(22),c={};try{i=localStorage.getItem("__nr_flags").split(","),console&&"function"==typeof con

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\marvel-ui-faf07216[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	1787
Entropy (8bit):	4.813025886465329
Encrypted:	false
SSDEEP:	24:/ewdsJs+PkYbe3wgKTPJLw2bAvAEUQs1ZC7q8hDNNKkZOENYTnQ5l1egaKQKUL:kCBYbe3apyUQWGDNNKwNYT41dajV
MD5:	9B374CB80282B92896CA0F5BFAF07216
SHA1:	B31941ED10E9E8F193F5DC53A82038176576B2A1
SHA-256:	D80D62755CC96593980D61D32B743B30834D3DEF42E152168000841F143ED8A5
SHA-512:	892A94C95403380DCF02759F5AEABEFC2B9FD99CFF6899F830B3C166B9DD78520C763EFBA6989DB207D872526A2568CC3273B85120F2E4D74997E27CCF90436D
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/marvel-core/css/marvel-ui-faf07216.css
Preview:	a,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,button,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,em,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,input,ins,kbd,label,legend,li,mark,menu,nav,object,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{box-sizing:border-box;margin:0;padding:0;border:0;font-size:100%;font:inherit;font-family:sans-serif;font-weight:300;text-rendering:optimizeLegibility;vertical-align:top}article,aside,details,figcaption,figure,footer,header,hgroup,menu,nav,section{display:block}body{line-height:1;font-size:13px}ol,ul{list-style:none}blockquote,q{quotes:none}blockquote:after,blockquote:before,q:after,q:before{content:"";content:none}table{border-collapse:collapse;border-spacing:0}body,html{height:100%}body{background-color:#555;position:relative;-webkit-font-smoothing:antialiased;-moz-os

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_102523b575492841801eee551ccfbc5fca141ecdf[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	7748
Entropy (8bit):	7.967969343054038
Encrypted:	false
SSDEEP:	192:s1td9I+lqTuiLBBJ336V5z7ruuXZjt8e71eNoSIuJWGQYCML7S:s1n9IzqiLBnEh5Dz183IGWG7CK7S
MD5:	9618DAAD1415374273C08A03FC810D3B
SHA1:	C5C3053DC21B5D61327F942911A3235D6E0D6041
SHA-256:	8827D2B41AE04837CD2AC4D9CDEEAFCB1ABD7344F04F12A00A1A98F1F6C54BC4
SHA-512:	4F373F8513E4563C843F449AF2738B91CD31EF2FFAC9AF8722A4BAB727D7B475733C0894057C5587848EF54049943BEDB7DEBD57AFDAD8D5026E5EBECD58A907
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8X........a..;..ALPH.`....Gn$I.z).V$..pU...#.?..a.....D>.....~........O..~...S>._.K.S1/Q........f...P...J.X..I:Q.z..$.V.....8r.F.d.....{.{DL...=.&..3.DS...ie.`...........V?..V.h..j.....@C?..p.].n..$lg.R+...$\...$A.$....<.T...YDfF...EL.-....irC.p....&.{...m.h.>..II.q&..]...b]..w_....u..d..I.El.DR.\vf.....IV.h.O..s.{A..~c....$I..2....{.{.75f...U.!...TDH$..WD..d..t..@...A^..$.$Id....F.....xd.)..E"...6....Va.N.......#............R.. ...$.$..~.."..3..Q....3[.T.._5.C.6m.B.Dc...s.s....".b....h..~.sc>{.>."I=.:..U."...@f........,L.b.\.W........).....ps.}.#D.n.<...d......frd........4.j.Zw...{;.p.DP...H6..}.P...+.5X<v..:.."....g[j.... .:/.&.'<.?yx.Ew..&}y..9g....S..=....s..*.[x..Z ?/..W8.........g...d{....m....C..5...=.D/.l..;`{Yf..ko.@........RZ....._.?.......m...E...D......&...=P..<...4.hJ.\..#..1f..NF...7..>..A.7G.E......p7>..m.....ma.sy..m..DF...3..@../..^.<.....4...L.<zJ./.!.bkX+8....J..#}...j...o...\|..r.../W.i..O.P.. H.D9G.{

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1137e79890ce81304b92d7de7a647c33a4dccc5cf[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	10166
Entropy (8bit):	7.980335588969246
Encrypted:	false
SSDEEP:	192:Nqz5k4EZWcOb+Pdabb/J7Kek2aDZMdjKraGVlml4jVeFqJ+0y4UNUIlt6u:NqVk4EZWtPb/J7KUrZIlml4jVe0J+0yB
MD5:	AC4B894929F12B25E4AC637F21948D49
SHA1:	BFCEBDBC9077D935395CE6B55456E3B5CC7BF51B
SHA-256:	83AD177DD306C271A7A0103CCE1606099C6901C231FE98E5A5DF2A4FEC52FEE9
SHA-512:	0C1218A5AF0F655A8E60A101529B0045E1D23C34355B6E917E84BAC884D1EEA896D0F8FBEB0D78E326D3020AAB9C5D4A1D18AF7D92B31498D950409EA1F3A17C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_1137e79890ce81304b92d7de7a647c33a4dccc5cf.png?width=2000&format=webply&optimize=medium
Preview:	RIFF.'..WEBPVP8 .'.........k.>u6.H$.".&.j....in.`2..o...C<.......o............;........n.......G....!.Y.'.O..._..%.i....g...c..........k..............._......#...o./........s..._.../.........W...?................o...u..............QWz%...c.h..3V...L}M..fj...Z....7..[...A1.4.}]...8&..}.....kM.m..g@.5.z,.X'..I{mi..Z....D..{_^c=.8...T.z....[>......%.....i..7~....?....g.....57.1...y.&.\|..i:b5..(.y...H.N...E..3.Vw..Ji<...+-...Y.. .q.m:.j.D....P.>..#Vr....N..eW..?&..4:,M.{}..Ew...'...D.Y.../..W.@H...\..e....;O.E.Wr\|..U..?U.nB..".C.....W.R.y.....\|+Z...2..-..=)....o}t(jh\|..>...H.L.:....s......T7...._h....Z.YO.\|...!["'..9/.....f(!.7M.LS.e..i..Q..}<g..d^.V).B..u.bB.}.'..@..N...b..C.@...wL....5...q......$#...7e.2.Z...M...0t^...........W4HK...h....\...#.&......f.....0@b?'...?....r].$V).......^<....4....A...S.h......wp.SI.be+..t...>..{...2=.Z@%.......5].0.X.....Fm.R...]._. .s..'...{q.....&"K..A"..n..\.......N...}(5.......J-m.....U.u..E.K...!Hf.=...m.d"..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_124e34d3819ffeb81b5d7792530ea9a99961b1948[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	11192
Entropy (8bit):	7.981805427063665
Encrypted:	false
SSDEEP:	192:LdKp2W9606CMmRJCgF8Vu7mTAZzTTQuGH1rT8dC/PVbwA4bEKAO0DNFb:8pI06Cd7amHxTTQuS3/Pl+bEKAO0DNF
MD5:	1052D0B4FE4E3D6A976E0C0D866DA0F0
SHA1:	1C141848060AEC58146088BE62CB390B94B84A01
SHA-256:	98DB8F4F2D6892EBBF1B22663E02F4BADC8882CE22D361C057BF0456AB7112D1
SHA-512:	58845C78647D57984710FF361224093C480E03081E80F64658081541D4ACC98A32F4D24A94C9D911500C33D120B56D69B0510B18072303C5E4F17E4C3BEC6420
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_124e34d3819ffeb81b5d7792530ea9a99961b1948.png?width=2000&format=webply&optimize=medium
Preview:	RIFF.+..WEBPVP8 .+........k.>u6.H$."!&s.p...en.O8l.@../...s^".c....f...w..0.0~...y......O...[.q.%.5....&#.......?._=.xz....9_8e...J~o...?.u.)...S....?......7./...\|..W...?b=.}t.../........g._..~..................o....._.?.?......j...O..;?U....~..t{............8^.6p-r..{m.N.=..^...Dv.......X.#.@Z1Q..(...N].Q>;nqW"D^.N.v.=.;....=,....3.L.....Y....R."...QP9.3j."..."._7...}......z...O!.<.9B.A6}..(N.....L.W.\|..Z<....!.TR.nol%..c..S.k..K.h.....@.b..,.D...e.WF.0(2;.M.o.;N.J.M.]..9V$.o......&.V.?...4:1L..tj(...0A......l.E.cup....y!Z.......5.d:A.........D'./9.........5..rI..g8..#..B.,..@..E.......v..{-......[....^..8m..Yo8....B#..gs.o..sQ....s.6=..,........'.`..............."......=.0..B../.{...^]\_..1.....$.......??.A.y.+..6.w..\|....b.4..).RW..!...=.Mw2...j...4...XuL..6o...Co.'..F;..f...xq;>...{W] XCP........\|Z..6a.......wBd...v7.o2&.a...q.#A..S.....i>.8.. ...<....s..Fe.{.]..".....K<.b.Mc."..~.......X.kv.c..=.-u?...\._....4..D.Q.>/.imy#.z.33$.G.d*

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_13f42f554dae61fb2c87c959ba3208317bb5507e0[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	11784
Entropy (8bit):	7.9831602641192365
Encrypted:	false
SSDEEP:	192:Qt+4/zDayc+lmbX0CqiTPZ6759stI2pTQX9TuTeHVt3OVZXFOLh+JPAA8WsBrfnK:sjfa9+yEC1y9D2CNKTeHVt+Vt4uoAqB2
MD5:	16667B7A0A947BA132EE07695FBFE064
SHA1:	2862AE32B7815D0EF1A59B6D5991618E3C62E74A
SHA-256:	1145213435965C31D4B56341EF55D4B24BA935AC7647A3E5A2C3A41B9E75BCBA
SHA-512:	74DCB02EA68CB39DBDB43F6E9121E7D019C5F89693489DC54BFD89AD846C81F5A4F642ADCFBBC5503EAF020AFEC2F54ADE1F6D3551BF65093D8E63ABB775C6EE
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_13f42f554dae61fb2c87c959ba3208317bb5507e0.png?width=2000&format=webply&optimize=medium
Preview:	RIFF....WEBPVP8 .-........k.>u4.G.."!'4.....en..7........3.....{\|.v.......y.~.t........%.........]e..=F.f}:}.?........e...H..~......L.!./...v?...d..O....w.g...................?..vRl_.b}.}....O.....~..............?......W.k....i>....h.....w.......}e.....o._........x........F;D..t.."..Ox..v.Fc.\....c..~>..Q......A...`.f+U.Sc.r.. (..'.(..pR.[qX.,<.3L..dF"..3.:.DGI.~...9..\|..L....._-...O+....tJZXs...7.`...~...v2.bp/~........X..0q.....Rd..bI(4.Ej.?G.....J.z4.6.>a.Y.p.]...Lg.Q+E.....lX.W\.q.)...R}..5C..I.]..0...D........22...w.........0d}..]....GF].+.#G.)"s......N#..Q .I...Q].....u.S`b....&:....S.L.P....{.:/.@$b/>Ib.A_A8...Rj\\..a.P.K.XC..O(....\|0...8..u..].....p..d.,A..p....^....E........KC4...S\|....Z0J}..\x...n...n.%o.R.=I....TT.JX&.i..O.]:...;(......v.y..f...1............c.f.K?....>..wj.......}.....'.7.Ue\|_....._%j.../....j..d+=+..Y...X..\..ok.b.>J ..\s....!..r 0..l..u...X.g&.9.......>..O....n.X+...E./....~...t.....#~.2.c{EO.H..6P.\2

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1483169d9ed54a159cea2c7282c24b5a771f38d79[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	10386
Entropy (8bit):	7.985491005040909
Encrypted:	false
SSDEEP:	192:zOHbO4AT7Nu3Zot4hi/vR/NG8TLTOeVp0AWpuEGYLSWssKfUczrUB5:iHS4AT4OxIITfgpSYLSxsKfXf05
MD5:	4CE22C5215DDEFB3293DA733ED46267F
SHA1:	14C577DB5B066AAC812B438EE9F039EBEEBF7495
SHA-256:	9C177E49CF1A6AFD3D4DDF2C94247EF65210AFDCC8778D21F8992DE8BD54B44B
SHA-512:	6C04C6BB9844CC30CC4963B9D5346747134B3775ECF50E852F5F099677E9F7BBC864E9F0AA91E41EDAFF5BD26C9A53BF703E57C11BC13E8C79AD9B4D532E60D1
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_1483169d9ed54a159cea2c7282c24b5a771f38d79.png?width=2000&format=webply&optimize=medium
Preview:	RIFF.(..WEBPVP8 ~(..p......k.>u:.I$."$$2.....gn..RL.0..3....s..u.17.....5zG........=3....=H<.e..d.L.......o...v...tQ...z.{s.....>....o....^..u.....7.?..xO......#...w..jF..1.z..V....:.=/.b.B.....N>..fJ.i...I.........CV.y.i5M.}_ 2..#!r.;..1<...PZr$.e0..z..{.@.....MAt.....w..\.^....L.vk....IW@>V..B..C.qv..+.vD3.......A.....D..r.O.R?.H.e8.G.O..Q 31.y.3H....{....$6..B..k.n^....q../.&....l.Z..i...^U......{]zB...;....(.....M./....v+......R.Z...n'.1-...:l.V...q0}...U.d...gD.<.d0.......B.....}.\|m.........!..f....e,....}.}..5.....6.~.fL.-.AO...h...O.".1c......;4....m..!r.p.XvI.m..q.#..S...C.TYo-@.Q..v..Q.{......?>P....V......:....M....L..R.\......p.U.Y:...x..6.u.~n3.v......4......$(..;N..n.....6..-..+Jf..B../.#..C.....+cz.....z.".(S..G.[.0oS..o....dg......~p...F[.p..e.,\..].e..8q@rK..].P?..o....`.~.R{.w.j..(....U]..&..Vs........[[.s..z.p.q.m.~..wb.bkT...5........g....j4......H..EeG+ .G4.....v].E.].)!.HCw.....p....7......K.....]..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1634648ec8e96f938b7af9d04f6b33dd47639079d[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	13372
Entropy (8bit):	7.984703496501977
Encrypted:	false
SSDEEP:	192:0WVz7LnL/Ni3zkmU0iFEVOztyQdGMpXtu1zfC+rI24IYk96JZBtUjWlI:tVzvZi3wMmEVGdGY9DEb4IMTU5
MD5:	0BFC76C835AC811DC2DA141D6B5A29A2
SHA1:	CFDD383500A5A16B55D0277CA018D787ECB0C3E6
SHA-256:	88FA63967AB0D4E7C9EDB61E5BAE0251F0B54CAA9BEDFAD1012358D3D705A577
SHA-512:	56EC87F78A92CACFB745DD6471F9441059BD6A0250EDE511B6E5409732E214E2F0F81A791A52FA505CBFAA9E9C0A2F9EAF9E0157B47635200B277A584A0A6444
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_1634648ec8e96f938b7af9d04f6b33dd47639079d.png?width=2000&format=webply&optimize=medium
Preview:	RIFF44..WEBPVP8 (4.........k.>u4.G.."!%.L`...cn.p.@..\....}.~.%%....d........O......A...z......w.....g....L.R.............-=.?..qt.._...;....e./..A{o...s.O.._.7......y.C./._."}..............j.......}.:W.....=..M.7.......~..C..._\..}....$.....C./...?s.../....._...?.~Y...Q...O.?..?.............mo...?r.....L....b..t..#.?M...Ub..s.A.....b2....W.z.8K>8...&. .4....w#.1...~.f\|/jI`d~Tv.=+<.[s..A.DMW..`i..C.7.H..%.Y.&.....S..X...........Ls=/...q..W..D....,l.6..W...Z.m.....F..9.....i8...(pT..X..l[.c.K..L0.ZWRc....`........P.^..}.D...W....>....k0.....%h..["l.r.JZ....)..{...;.......3...-.d...!.L4.\|C...c.........kF.+.....@<r_G..&.W...J8.3.PM..,...o.m.Qu.....=..<.]..}}..H.H......).'...lV..P.......'z.z...%.A'_.j1.....P..7k!...p.F.R..eh<......F.E....,..f_.=..'pv..&....~..&.[."7.cO..g$h...t.......fr(NE..Z...O.L.2.T.....j.K.).0.L.g.#...q.q.\|.X..(k..=.l....'.......4...5..D..&\|.'z.c.W....!.....I.S..2..V..<....2...3.R..\|...H.h.".4R...BmAm....[._.Tt....$z...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_17a679af01aefbb64a6df5151c42b14558683b8bf[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	9250
Entropy (8bit):	7.975672208577694
Encrypted:	false
SSDEEP:	192:I0dp78X10EPjS+morlggq8qKMX7Bs46t0TMhy15ENNMzzgy3xa:IgpGR5rlHq8pMXls46uTMQ1Qcxa
MD5:	B7208A9A26F914E96E063E8978136FE1
SHA1:	0B18AA33D9FF66D2BB3B76883FDD130AAF5C713E
SHA-256:	8C29335D71C59F5368B71EF1B51A5FDD970AD9F8968AAE78DC599E8D6BC44065
SHA-512:	104CA8A2251AAA691E3185B8580217466A3F209CE6CDF21625CA7AECB9D1288853CA010B2DE1B9A2B3EA82DC4B85B13DFF4723473A631DF39B73030B6456481F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/create/media_17a679af01aefbb64a6df5151c42b14558683b8bf.png?width=2000&format=webply&optimize=medium
Preview:	RIFF.$..WEBPVP8X..............ALPH.......I.i....m.m.m.m.m....s.u...#"&..M..l.n#Fy..,d....g)..<.6...o2z................#...u.....msE!.0...e.hd.f~...#.mX/.3#.u8.hC.ay.. .0.{.#.q..........U....U._..n^`u..n]G;2-......4xC....^.qc......_...9.....tT.oH.^..&9...8.`\|...V......s...4...F1....7........:c.&..>T2Y...`.Y&.P]3..6..F)...;er..4....Cd... .....`D..........?..O.'........?..O.'........?..O.'......vB..v...a.4;.K.....C.'........?..O.'...\|..b%..CV.CaT..i..].%.........:.jV........p..L...i..d3....4O....M.AR....h...../..>!...A...f...j...eF.y.)i.`....T!...w@...-".-TpB[..4.c..FsDg..>...Erq..85.L.c..T.5.}.J.Q......^..7..[...^x...p.S.^'..h.......B...d.f........X.A..oq;...n..c.].g.. ....J.~..{BBb..Fy...k._\|...}.3.1x#x....%.......[.KBn.VP8 .!..0........>.F.K...!..a@..gn..J.....\|.....Q..#?.6....r.v....U..c.../P^]....7....7y......{sz..z.{...2............M.<h..ao-.f...Um.LB...ZK.Sp....e....Oh.3(..]=P.j........#.=...b......L..%.GL.jK:......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_18213dc89b86cad2ba1ec4d4d422be8ddbeddff77[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	10362
Entropy (8bit):	7.981486280225858
Encrypted:	false
SSDEEP:	192:qVu9zG+97Gbx7lcUdp7yEF5lVBNeSxwydKlCfpFpopm8T3/PFDx:Mu7G0Ud4ILCyRDE3
MD5:	3EF437420507DDEA237643058194827A
SHA1:	E6342ECD457C545BBEEF97D3D1EDEB743B60D295
SHA-256:	42BF6CAA029E18AA42360773590164C56E9BFD52A1C0E7A178D64266CCC2DE6C
SHA-512:	41C923B158476946D8B6B256B258B5CEAEDEE8B37C5CD23BB7D50497B136C5B1B4BBF4AB25E92B9240A4F078771F5FA43C1D42113E795079E8BA2479D0E7D004
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_18213dc89b86cad2ba1ec4d4d422be8ddbeddff77.png?width=2000&format=webply&optimize=medium
Preview:	RIFFr(..WEBPVP8 f(..0......k.>u4.H...!%3.....in....N../...Y...9.....U...w.&..$.._s.5.....;.G....1?..7...P_.?................_..~J.e\|....^...........?.?.?..D...w............M.......o._....8.I......._k?........................S....._._.....B4h..L_....).1.L:.{f..Uk.#.Tt..Dq...! .Wn^b.\|C...N...xe.=u._.}.h....Klk......g2.S^_.4Z....J.X.H.......H.XR_...^...X.....D....x{.. ..3Y.'.@K........g^..L...."}-~...8..S.K013.4...M..i,...(...._..&h.2]...i.9......%3.0W...S.....PU...7YnVP.Ig.....g].g.f...S^....oT.....b.Y.oUt......l.vP.,.7...`..t.M.F$q.Z...D4`.{.%.U...c.......K.\|.CZ....`.3.....W....x.4..f../..R.>...L.jKh...?.,KYX....G-F.0.!:.....=OB.4]4...u.nWe.5.......\....6....q..<\|,..?:......e..BaF,{...gu.c.D4.&.b..<ERC....@'..l.m.u.05...;3+....lx.....S.."..8..c.....@..;...C..+....m.D...v.h....u..W...ip?-.L.#0.o:A....3...Q.....M..<.0.8..&..0.#.26+.O..8....'.[.s..}v.2E[7X.O.......b.ng.../.X......C.w..r./:<..q5...;......2..9...j9......Tx.. .(Ux..H-3..P.#.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_18f5956fe507e677844b26f056a31426ee8bd8b29[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	9046
Entropy (8bit):	7.9762557737334285
Encrypted:	false
SSDEEP:	192:qTse9aZjjMbSLxUw37Y/6tC0MHePZKmfX82yMMdPXsDPvFdTKLAqU2ic:qTsJlgbS1U0A6t0eX82yMMdPcz9pKLsc
MD5:	52F45154DFAAA9768A1AC5A475BDEAF5
SHA1:	B190585DE7BBFEEBBB7AB72213ADD9E90F4BE276
SHA-256:	D4349A04E0CEBC02D67615B3FE04816B520DFC3505A348C8726BA85C8606F1A9
SHA-512:	5F5C04917BBFEBE4A20A55050BF959932728CA35C2A05E5BFADBDFA59470C019EFC7691680164BB88C627A195FB6CE9DE6CCE79FD9387E3DFA95040F3A25406C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_18f5956fe507e677844b26f056a31426ee8bd8b29.png?width=2000&format=webply&optimize=medium
Preview:	RIFFN#..WEBPVP8 B#...~.....k.>u6.H....%7K(...in.q..[9...S........z.{....}...._R:.w.....x...._.~.>@...O.O.+.W.{+...^...}......?.}F...k...o._........7...O..........R......7.............L..^..p.....[....O,3.D..EU8..(..F.TG.q.3...0.c.l...}........px...^........Ym.9\..._c..E...k..N..N.`..d1..A.m............+DNHg.R,.......8..l....o..tB.".....?.T....Z...z..f..1.c:................../...;...J...A..PQw...@...)Et!..d&.%\Y.km....\|;].Ts0%..N.Y.`..@.f....`....@.,.r8.L/~..j..sk.......\%~.2g./U;..s".Zy.`....72.\&...t..P...z....t...r.nd.6........+....&........M...j-.I./.:v..p}IM.(..j;u.;.%E.H.s.47..k.Q>...G.l0DQZ}~.D.....)}>}W....U..j.....C+.^UN.A..#..j/Z.leX../...q..#2.RRKM....\.{\...........5]..d<.....w.......D..<.n.n...b[M$..rq.h.A....Wjr-.+.n1.+."q.f$.~!.<.Y.X...IYx.{...5....ib..:..Va..^.C...=........+.(....K(.....U.'..s..kI...M/.-....N.<I.s^I.h..H`.......G#...>.`3..\|t.1.......e5...S.i...n....e....x..'....N.....TC....S....}...5.5[)Z..q.od...k.e9

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_19690ef1d10ce326d9fd8530393422c4d2fde5ddb[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	1377
Entropy (8bit):	7.79708309396711
Encrypted:	false
SSDEEP:	24:kpNe6VFdypn1BnIlOjiQgEM5suQQyEwsSDFz7rNgDP/ZksyJe:0lVFIX1IfQK5VQowBDNVMHZTyU
MD5:	46E24BF75338D88531D9C9A9FAC860A4
SHA1:	846CD5E2564418A3D0A04EB0BB36F99AB2A1A83D
SHA-256:	1ED8A77069423B11B9EA64FC0B99F967BDD332B833C15D5264098BA747897228
SHA-512:	1FFA3C7A3A239B209A801D748913095AD00AD1F5E4A641AF0F742DC4096A6B084CE52F2C27533F859AD4D9111AD15542F4D92DA517DBFEDEE2C3EF500A240543
Malicious:	false
Reputation:	low
Preview:	RIFF.3..WEBPVP8 .3..P......k.>u4.H$..!&U,X...gn.l.`.?..4..R.d..Kq8...../>j.o.....g....K/0......{.z....o.....'....`.-.......s...\...#..j...~..q............_....'...o..v.C...k................).A..._.......vA....z.{..o._...~..>.o.7..........O.c.....?y..~.y&}+..._...?.?......_..........6.....S.w.... ..?....%....'./..u../....~..1...q.o.C.)U....D..g.~.[...C...y. p..%`.9P@L.mp.G;.[`...C..,...r.).'=Y.....S.....)..[^-.........7.@e.m........9.I....L..q>.9J...8......PkQ.>.mR...;gh%...1qe..K4...l..._...?+.w9...l...3Z...c`..j.G!.T..F...........m.aV......V.P.&....b.........f.D.&\`.b.7..RK/..>#....}`:<M.........I.Z..)....\...,I.V.j...af~....k7.!...].^.V...M....4H>..IM}...z..\.O.P..<(....y..'..L....#iT...-./.;.RM..4..Nd.....A.I...K....J......ws.....3..Ps..3^>..s...H.u..oC...K3.I"WC...IB......'..`....m.k ........?.`)+.:l. .6.".o...7U6>34.dC..u......z.DxB..<..P.{..+f...B.......~x.%p.oV..p.,.}......\|7{.^...1........h..N....P.e......59..`.....E....e...#..(..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1a3a5d0b4d3b4cdafd28d6e4e2582aa89694802d1[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	4558
Entropy (8bit):	7.958882710309189
Encrypted:	false
SSDEEP:	96:TlffEfmVIHeCGEiM71+w0aiQMH+8o7sBW1mJuF3xZN0ICzBjm11p9N4F:lfYmVcutM7Qw0zx+8oYspJN0IC01b4F
MD5:	052165C682929705609F7693A800066F
SHA1:	A29DA6BBCA865268645015C4669E6003197578AD
SHA-256:	DDCFB48F42BE1B0425CEF45361A5FD64F967484CD7925078A109B8522CA27644
SHA-512:	C1156D247C7AC6C512E92A91C0E322AAB2FF1F28A0AE6D93943678111CAF2E462AD45E93575439B36B2B749ABE5D30B41BAAB618E70A72ACB93B2840DA71D036
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/media_1a3a5d0b4d3b4cdafd28d6e4e2582aa89694802d1.png?width=2000&format=webply&optimize=medium
Preview:	RIFF....WEBPVP8 ....0a.......>.>.I%.".(Rm`...in.K....g]_...R..........O...M.....r?K......N............k.....?.x.j..`......~..m....>.?......j.z........m.MS.v..6.&3c."..O8=BS..RA.....Po\|.u.X.<.WAF;\..A.T.....7.o.L.....s..c....,...4....P....t....QK.6..9..>...'.......5.b..."_..&\W...R@..?+....O_U.1,...Z....`.\|lA.[..B....c..a..Z..."R.6.......L....D.l..`.n.a.7..W[^O....2...u...L?Q..Nx.V.@...8X'.........@.N.L..... t.y.....~..;...DZ0V.........['.....;..QS..[w.)..<.m.)............E.z.O...>.V..."L......}..r@Y.9...a..o.x...'.!.6T....-ro.....)~...h...,b5..+;......F.........]...D.}.........6Wqj:.t..pe...8....zfB..z.U..9znLu..[..r4..e..D....a.......M..9.WY\|tG..s.,<.~Y#...e..iM..k...3..K@.`;.0xf..#...QB...G....-K..&.AZ...b.W.C.n%..sB.sj}Zu....6.&..;^X...Xv......V..&..;P.......Z....B.......0......K..................T.g..u}.....\5<.uz8.Y5...+.Jo........LD._.e....E)zp.[..r...x,F..I...._...{;.........{...?..7...V\|C=x.*8...{`..r.k....g.9..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1add7401488fed12c28150125da85e141e2081d96[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	7262
Entropy (8bit):	7.972800657105986
Encrypted:	false
SSDEEP:	96:gZZJ9S+eUWHuU0Rqk9q4+zzMFIxKWOGjj2v7n+AaCVP4CrbrmzY4fO5NALOTHxYY:gZZJxWZ0RDq4+zzRxk2jcj5axeaEazQ
MD5:	13AB0F1839F68C406E8F6F9CF3C359B0
SHA1:	0931E45F5C57946B5948A750E4F50229E3C3DF70
SHA-256:	8FDAA9139DFC94373125757FF37216A14866FDE9F86AC4C4491CE5F50240E663
SHA-512:	E412AD3AFC5EDE4EEBAB8FE0A2C9AAD0F57EFB190EDE428D289E5ED2A02393C2506C8C94654DD9FA265DEE5D60E472886E0FFCFD6F080F24E279BCD220F67A24
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_1add7401488fed12c28150125da85e141e2081d96.png?width=2000&format=webply&optimize=medium
Preview:	RIFFV...WEBPVP8 J...pr...*..k.>u4.I$..!#P.x...in.r..>r........g.o...~y.9......?{;d..K>q..._.<..{...?........O..C.q'...}w..x..?............~.?..Q.g.g...O..y...g....O.?....+.........W.......?..m.........7.o..r...8.X.9c....8.X.9b..........:...B..2.T...U#U..<.^..)_.I.K~q.RR..'h..........h.#.6\|.f .]IQ_..lpRFL...N._........8.X.9X...=..e......j.......y...d.%.b....._..G..C..v6R.q..}...`...........G.=6<.."..`.H.&..CX..0.Bw1....#......\|..?..L$..p.8.Kv..l.KN...x..v..]..nK..........,.{u....=.[...e[..^.........._......J..Y...v\@v...=R..e..PhJ-.u.....V.+i..k.....Yb#.....{b.u@...^X1.....C.'...[.y.p......e"..Y........@......\%0.+ 2...f....{..YY...`7.......o+P.j.E\|w.`.$...~.......t....... ..b..1.S......x.z.....T."....G......%...L..y[[....M(.Bl.._..af:j.8a.>.<_...C.N....&...,t.6.8Yc&.UF#.6....^.(..p,e.!...@..d....8....s.8..N32../............9@9Sq.b.{7...).r<.Za..?.?.u..q.\|.o..O..x..[w.....q...Y.T........"z.V..[Z`...p..#...Fy.7.....n......qE.<.cPh...P.[@..7.%.3b..\..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1d1cd9f4f52ee7cd0886e8fde08f4157e1756841e[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	15102
Entropy (8bit):	7.985800241575201
Encrypted:	false
SSDEEP:	384:B5JhElyFrcMAo1GJot1gchE1hDo8XOef0pEKzIhr0:BDhElyFrcBo1vgFRvzfWTcr0
MD5:	9BE513D1D1EF7881B749103564658A38
SHA1:	69DEC5AC6B1DB57E6C7979FF771391E13BB689D8
SHA-256:	C46F2D8C9678C20CDD1456A671ECC328B88B4140F4FF5F30788E4DFF4E681867
SHA-512:	6E59069EBC74B2152467F14E7339820F6F430882F922C3490F414408215B42CCA07CD2D81918FE8310116FB1A8B760AFFFAF73CCEC8335CD0D5B9CB72D0BFE81
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_1d1cd9f4f52ee7cd0886e8fde08f4157e1756841e.png?width=2000&format=webply&optimize=medium
Preview:	RIFF.:..WEBPVP8 .:.........k.>u2.H$..!'..@...gn...g.m./.?-.g.~T....?>..?.z..........G....7..S>._...O.e.u.w.<5...t~/.B.e..z.......~..f}.._.?...~3...+......?....l}o}.m.......?......7..._.?.z..O.....?.~....[.i...o.W...g<.>..............?n..............n.........w.+.G...?......].....'....u..o.&.vB.B..\|m.2....f`."o.K..^.....1c.......c.1.El...._h.=Y....Cw............z.UV:in.N...[,M..#....:W...#`y..t#tGs.^%....=x.Q.b...e.cA.. .kn.2".l...m..0.Y.vc...-y..k..T..T..(..d.@`...Hj..{r.d...1.=.e.l.Z...hA..y.&...a..-..b...u..C. R.{+aZ....y$...}.>.....HFZ.)..}s5......G.r.....A-..W,.l..'...@EB.{....Y?..&..A-?...mS......Cx..W.u..7Z5}.oB.]...G.....c(....I.%....@4o../........r.5.....V.qw...n.>\'X..........i..S..E3.....&.&.U......O8+.....Y.(.$..6../(....$/.GS=K..K{&?../.Z.6\|tZ..Ls..oh.)..5Y..N........g"...~$.S.I.....J.\,...3..p.=&.........8.....Z.<.-Q.c3=f.j.<.`..1.....0.o$..?L.b.}......X......^.9&U..B..l..k.*r..k/....w4.{Xba.F&)~...z........,gbt.u#..[&...v<.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1d9fdd5a9f0a44850f1d4382b18c262e10e037bb8[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	8596
Entropy (8bit):	7.97469152074191
Encrypted:	false
SSDEEP:	192:tINgmnhdNKQTKRCAgIv1Wrf/ybCnTFeKc3Y05XiwAiQWccxZN:UgmpKzRhgIv1WrnygTQKc3Y08wHQlc7N
MD5:	D88D227EB4294347E04D4795538EEE7B
SHA1:	4086720333814A7EDDBB2E9BB44806E043EF61C7
SHA-256:	8124F3C0082F65A439C5C2E0D3C668F2A18C4C776CCEEBC3B614676975B6B3F4
SHA-512:	AC62136BC0B92F1644D7043935151998D92E3B242D5F49F98E9A03E24550178A16383327CC5642778C39DE6A1D1276DF16C8F377C93B623F2834DE5DC9B3D0D0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_1d9fdd5a9f0a44850f1d4382b18c262e10e037bb8.png?width=2000&format=webply&optimize=medium
Preview:	RIFF.!..WEBPVP8 .!.........k.>u8.H..""$t:...cn.k..E.^l...._...U...a........{.....z......w........Y..........u.;...?..._..d.._...?]?.{Q.....o.........K......W.O....G......>a....^d}....;...o.....~..........=.z.....+(.AL..C...z...aq....`.........QISf..e.p...Z.......].d.......y.F....8....k.'..TU........D....l&I..4..[O....}.5.M.-...3`.1)...%...n0.P\N.I'...+_.5<7!..[.Sn-.Lt.DQ35.A...........O.N_....=.+[..?.....~mYA&....r..../.(...q....;....H....X0.YC...G-..@CS.^....0..=?i.\...E4..i@...G4.`.6...t^..WU...FYB.N.....7....R~...G}{..T...T.<....K.X.o.../.......<V........5...KB..GJ?.I..E.O.h...i...$..0.H%U).]l....S...V?$`"..o?.G.E...p......+.cS&.jufM.p.kq.E...s..E..{....N"....^....<0..._..~@1...j..4..Q...7...]vp.K..)E...no...Wo.5.....{.X6...5w.......i....-tQ...y>VQ.$.F4.Hp..0..{t.^.....{n;.VONh.W7.8.EO.o...&...,..8....~...T.WJ-..E.Vak..AZ.5FP>wB.j.\b.((..8...ja.g7Kh-.r.X........o.^....npa0.$.x..V.!......\|..S..Da....8..=...?az..R.sc&.j....`m..6.R(.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1e13cbc31404e8b28464e9b87cd8a6537e45b579d[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	10730
Entropy (8bit):	7.979522682402237
Encrypted:	false
SSDEEP:	192:xj8sHk6ii6qNk8+spzbLa27iidstJO9fzANJO9MO83s4Qf0NLX5CUvS0tzK2uHu:xjTHkpiggtC2uSstJqfzAdjoCtLS0tV
MD5:	2E13C36813551BA9A53B95EBE85D23B6
SHA1:	A17AD1BE00D473D2107ED041360423BABC7BDBDC
SHA-256:	368A81B50ED78494D7CE5A31D84CF6F648F14042016A20478F8B872E3D277D64
SHA-512:	52A057CCB45B9068094AE4F95E431445439145576D94FFE4AA884B157ED8E77182A04EADA29B642E529EA2929C57F32D7396F14EDA31E9EB3A321AFD01CE1D0F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_1e13cbc31404e8b28464e9b87cd8a6537e45b579d.png?width=2000&format=webply&optimize=medium
Preview:	RIFF.)..WEBPVP8 .).........k.>u6.H$."!%t<`...in.\|.q....\....._..............(.....).........B{#.'......6.)..............?..\|.b.Q.3.w..`/V~o......"..?......_.~............'.?.?....>....................G...7.......?A........?...?....I....?...t....&.....mG'...r{.mG'.s.....'X..;....%I.r.....\|+A.\|Bf..../R....:....~..&WM.v......g....9..j&.......\W..3b.RRs..".rt.F$/..o.x..\....e...k..Xj...}7..<2......h..L?L.NZ.n..>.C...oG.......`lA.........'......%1^OO.M..-..x.!.H..W5....^.....s....d)gcuo......u....Q.q..c.(..."@...0.P.....Z.r.k.....]..=.9.y1.....q.i%4#..\|...#.....\.G..<...]N.....b.o..\.m...'Z.........>....VR...K.Yt=}a/..h../<R...\|!......O..Yo.....0=...#......?.>....A.].yo.;..Z/.......a..l".1..=#=3.......Q....Lm D.F5+...Z.(H,[Y+cw.J....`.\|F.-...L.Q..S:..[.Z+..0....[.g.\`..!.A.k,...M..`...H...w.%..O'....5.7...h.\|..5)S.+...l.Vw..I.....&......<.p.{.b....b..0... .0.K...N....^R.L.M...Q?...b.pl.......!.#.^...)A.....km..8..P*.e<.....p?.~..s.....q.t....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1edd2ae4453e3478187f2c8b4963eb73bac41e495[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	886
Entropy (8bit):	7.747822647805888
Encrypted:	false
SSDEEP:	24:kd/+3ZrtardldiUZshyimwmJkeEeh0lcs/:8GpxaYUSVreEeh0lF/
MD5:	9938139ED32D58FD73BCC9B5412A385A
SHA1:	16B606B8CF3605FDFAFD989AA70163067A98FE87
SHA-256:	30FA794B2C59DB895CFAFD8F86F39844DA93856AD4E460C5DB42041B40B51AEC
SHA-512:	3C6CF77B07B61809731050212879728928CB8779AD5AC0D9FC268C437CA868EA81876FFF18CECB905F621F8537BE0679960E8E36B7362022DD169F44E9499337
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 .....d.......>.D.I%.#!&5.....gn.p.....u.M........G..r~`..'..y.y....@.#.F.......-._......f......._.....=..I...^....;.O.k.B.?:...[.v@_.8o(.......5N......LP.m...W.LP.m...W.FZ={Y?.qz.b.e.,N8...M....1z..d{,..~I.[.-..@..B.CE...Gv...!A{.02W\zC.+t.[{2....X.O\h...Y.I7...1@FdB+ DV.L...........K...`.O......D...._.....6.f..}.D1R..o......B.".D&<..<0jb...C6...%u.....<s.bX.xJ...]n...vO6~K.)..MOwJ..>.....-.X.J.....0/.F..d..e.hs9.L.I..4{X.R6..V9i..z4..k88..Ms.F.o.J.mD..#.w..#.7@......p...a.....J%@.'..F<....M......S.v...$.,.S.6.{..r..,..R..L ..?..D...Q-.. u5....{V.EE..L=D.v..R{.M.T.F.`9..c.....p.@....e.N.M..@b...\.j.M.H.......d....3.....4.G.}.r...U.ws..?..x..iF.\.n../..y...H.0PJ.)s.....z.y..uJ.<.(...A.R.yU..OX.N.c.,......h...:E.7.*W.Z`..P..&...O!.V..]...zF..hd.j..b..hd.j..b....Mf.?....e.[.r..[(.D_..lS\|.?..$..\|..Jh.w...j.].............ye

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\noscript.gz[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	6887
Entropy (8bit):	4.668876157824901
Encrypted:	false
SSDEEP:	96:/SIxZvVJlZiK1ia87ErUiLJgMio6VLtXq+eoIk/QDasFJ+kIB+oldfWJgYb4d3M:PuYiBtXjevaQDaEIJgn
MD5:	BAA266F5BD7729A2ED64E929B835083A
SHA1:	6388FF647E1F0FC306C8CDA8765D90109A26DF15
SHA-256:	858FDF50C5FC5B2E92A07EBC4EE0ACA98BB5518455080ADAF3F1CD62575526EF
SHA-512:	E7DEF66977E5E95FD1F28F0CF680FE783F217E3A6BEE7285E0FC4855FA2632517D1B5E232A8698509B6DBE23B8FBD1B02ACA32169442308103E31373E3349ADB
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/noscript.gz.css
Preview:	.article,.publication-viewer,.section,.wp-swipe-panel-group{overflow:visible!important}#luca-splash{display:none}.wp-swipe-panel-group-panel{display:block!important;overflow:visible!important;visibility:visible!important;-webkit-transform:none!important;-moz-transform:none!important;-o-transform:none!important;-ms-transform:none!important;transform:none!important}.section{visibility:visible!important;position:relative!important;top:auto!important;right:auto!important;bottom:auto!important;left:auto!important;max-height:none!important;box-sizing:border-box}.title-section{height:80%!important}.title-section *{-webkit-transform:none!important;-moz-transform:none!important;-o-transform:none!important;-ms-transform:none!important;transform:none!important}.title-section .title-header{overflow:hidden}.single-column-section{height:auto!important}.single-column-section .section-background{position:static!important;width:100%;height:50vh}.section-background{z-index:0!important}.fullscreen-photo-

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\organizer[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	104
Entropy (8bit):	4.655646724079179
Encrypted:	false
SSDEEP:	3:xC1QtrrX8YDGLSMLBs6TeQca9r5qn:xC1QtnRDQSKprca/qn
MD5:	580A7ACDCEF4380F0D805227BEE8B5A5
SHA1:	E8F88656955C9BB5F788587E2F7BB8E936B5A39E
SHA-256:	D153238766EB74073E2497DF5D37EB9B37172485F36981A702FA7D8483CF03AB
SHA-512:	5CE7FF2AF32A53FE1809CA63CD8C56A79FB6CFB77D765C47B3DC0C9874D29CB6A50D9418C9CF2E390B2E1A45D16EB20A085A87440F30FDB1EBABD7EA47CE1EB3
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/sp-storage/organizer?n=1623437508044&incCollabOnly=none
Preview:	window._sgPreloadUnauth = true; if (window.marvel) { window.marvel.events.trigger('sg-preload-ready'); }

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\p[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	35
Entropy (8bit):	2.9302005337813077
Encrypted:	false
SSDEEP:	3:CUHaaatrllH5:aB
MD5:	81144D75B3E69E9AA2FA3E9D83A64D03
SHA1:	F0FBC60B50EDF5B2A0B76E0AA0537B76BF346FFC
SHA-256:	9B9265C69A5CC295D1AB0D04E0273B3677DB1A6216CE2CCF4EFC8C277ED84B39
SHA-512:	2D073E10AE40FDE434EB31CBEDD581A35CD763E51FB7048B88CAA5F949B1E6105E37A228C235BC8976E8DB58ED22149CFCCF83B40CE93A28390566A28975744A
Malicious:	false
Reputation:	low
IE Cache URL:	https://p.typekit.net/p.gif?s=1&k=rbi5aua&ht=tk&h=spark.adobe.com&f=171.172.173.174.175.176.5474.5475.146&a=1655249&js=1.20.0&app=typekit&e=js&_=1623469884845
Preview:	GIF89a.............,..............;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\p[2].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	35
Entropy (8bit):	2.9302005337813077
Encrypted:	false
SSDEEP:	3:CUHaaatrllH5:aB
MD5:	81144D75B3E69E9AA2FA3E9D83A64D03
SHA1:	F0FBC60B50EDF5B2A0B76E0AA0537B76BF346FFC
SHA-256:	9B9265C69A5CC295D1AB0D04E0273B3677DB1A6216CE2CCF4EFC8C277ED84B39
SHA-512:	2D073E10AE40FDE434EB31CBEDD581A35CD763E51FB7048B88CAA5F949B1E6105E37A228C235BC8976E8DB58ED22149CFCCF83B40CE93A28390566A28975744A
Malicious:	false
Reputation:	low
IE Cache URL:	https://p.typekit.net/p.gif?s=1&k=vtg4qoo&ht=tk&h=spark.adobe.com&f=7180.7182.7184.22474.10294.10296.10302&a=1655249&js=1.20.0&app=typekit&e=js&_=1623469896755
Preview:	GIF89a.............,..............;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\privacy-localnav[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	31335
Entropy (8bit):	4.958008782350183
Encrypted:	false
SSDEEP:	768:c9y3EclHZ9bY/MKOIoLmsLa/fWlIWJal0J4WWZ1l8T7iqfVjDUsk4iPXPIXepPos:c9y3EPV
MD5:	E3376A0572623280639DCDAC7AFC5FC7
SHA1:	429E088AC83645B6AE01CADA3A5837203F2967DE
SHA-256:	7F41AB61FA67B67606A55C29D77603AFDFD1CB10C160C7036176D1539C06291C
SHA-512:	126DA92C6EF11477DA1C5087576ED27EC8690E530DE0A40B62BA593745EFFFC3D5057501CF4DF0829680E3B3BF2337A5765C8A3364239B8554EED52CAC2323E8
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/services/feds.res_1.css/head/en/acom/corporate-mega-menu/privacy-localnav.css
Preview:	/! applauncher v0.51.0 built on Mon, 24 May 2021 06:11:49 GMT /.#feds-header .applauncher-element{display:none}@media screen and (min-width:600px){#feds-header .applauncher-element{display:flex}}#feds-header .applauncher-element .app-launcher-container{display:flex;align-items:center}#feds-header .applauncher-element .app-launcher-container .react-spectrum-provider{position:static}html[dir=rtl] #feds-header .applauncher-element{display:none}#feds-header .feds-appLauncher .app-launcher-overlay-container{top:0!important;left:0!important;right:0;width:auto}#feds-header .feds-appLauncher .app-launcher-popover{border-top-left-radius:0;border-top-right-radius:0;border-bottom-left-radius:4px;border-bottom-right-radius:4px;overflow:hidden}#feds-header .feds-appLauncher .spectrum-Popover-tip{display:none}#feds-header .feds-appLauncher.feds-focus-ring .app-launcher-icon{outline:none}@media screen and (min-width:1200px){#feds-header .feds-appLauncher.feds-focus-ring .app-launcher-icon{outline:2

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\privacy[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	242
Entropy (8bit):	5.112303491915906
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwol6hEr6VX16hu9nPjL2OJi+KqD:J0+ox0RJWWPmURT
MD5:	603135FFA99C99EBB6FFD7EF15DA8695
SHA1:	23A1A98130B2E61338488568BC33668B74D13760
SHA-256:	64162C4EB0A1C365FD77EF01458B6C7967AAE790E3E41ABE18ECBF7C7D210439
SHA-512:	FABF700B5CD145EA54862968220F841E107F0A871CFC9A34C100FDAB5B8761BE5B9C03CE425A849F0AEABFD2F72B675A2B617BF0698C55A8ED74F6CAC9887203
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>301 Moved Permanently</title>.</head><body>.<h1>Moved Permanently</h1>.<p>The document has moved <a href="https://www.adobe.com/privacy.html">here</a>.</p>.</body></html>.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\rbi5aua[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	dropped
Size (bytes):	19114
Entropy (8bit):	5.570400661578598
Encrypted:	false
SSDEEP:	384:KefQe2tpIgIPs51iRm2lIew42noFeFsP9btiCtpIaCR:NQMq1iRm2XwMqsbbt6J
MD5:	D464D0A61D4E34F4C431CA31D0F7E6E8
SHA1:	73716727BFD77BA586E907A9FFC33FFC39CA73BF
SHA-256:	29B51B31FAF8A954EC0209189E1A6491AFE94CBE50D1E16679FBA7561AD2BC5C
SHA-512:	9B6FB7EBF94F0B42242A335B72B0C6A43DA7071B6AE9715FF70F96D54A4CA157D16A6F11B7D4C3573053E96DE06DD30791AB655BD55EEB5F3FB68989C3CB8B6D
Malicious:	false
Reputation:	low
Preview:	/. The Typekit service used to deliver this font or fonts for use on websites. * is provided by Adobe and is subject to these Terms of Use. * http://www.adobe.com/products/eulas/tou_typekit. For font license. * information, see the list below.. . proxima-nova:. * - http://typekit.com/eulas/0000000000000000000158d3. * - http://typekit.com/eulas/0000000000000000000158d4. * - http://typekit.com/eulas/000000000000000000017709. * - http://typekit.com/eulas/0000000000000000000158d6. * - http://typekit.com/eulas/0000000000000000000158d7. * - http://typekit.com/eulas/0000000000000000000158d8. * - http://typekit.com/eulas/0000000000000000000158d9. * - http://typekit.com/eulas/00000000000000000001705b. * proxima-nova-condensed:. * - http://typekit.com/eulas/00000000000000000000ffd9. . . 2009-2021 Adobe Systems Incorporated. All Rights Reserved.. */.if(!window.Typekit)window.Typekit={};window.Typekit.config={"a":"1655249","c":[".tk-proxima-nova","\"proxima-nova\",sans-

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\resume[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	29860
Entropy (8bit):	5.336118019104802
Encrypted:	false
SSDEEP:	384:QcqgrhFCbzs/syscBbV3peHlX58J61FYPSdppeoJX1voYAtrBchWyTAiIaD1adQy:ZDRSwGlBH71z4
MD5:	B5E54419B7EFEED6E4754663FB34AFBD
SHA1:	2D50AE237D8EA963A9FCA1DDDB86FE9E2299E799
SHA-256:	54E61AEB95BE92C8F60F4DAA3EEF07C2F6DB0E927EEC0CCFCDF6DAA42C9AC73C
SHA-512:	DC2A2A87816BF2EF481402500D64671A97DE5A367E0C2D9F9ED612EFBBB733ED4D9D0E807B0662CDA8DAE0AFDBB3A65D3959FE9888A9472D34FE2D76368CF897
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/resume
Preview:	<!DOCTYPE html><html><head><title>Free Resume Templates \| Adobe Spark</title><link rel="canonical" href="https://www.adobe.com/express/discover/templates/resume"><meta name="x-source-hash" content="9Akjq+sAdBpcoocA"><meta name="description" content="With Adobe Spark, choose from dozens of resume templates online to help you easily create your own custom resume in minutes. All creative skill levels are welcome."><meta property="og:title" content="Free Resume Templates \| Adobe Spark"><meta property="og:description" content="With Adobe Spark, choose from dozens of resume templates online to help you easily create your own custom resume in minutes. All creative skill levels are welcome."><meta property="og:url" content="https://www.adobe.com/express/discover/templates/resume"><meta property="og:image" content="https://www.adobe.com/express/discover/templates/media_1d475ea237f3632359c1538d48da93b1deff5ed7e.png?width=1200&format=pjpg&optimize=medium"><meta property="og:image:secure_u

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\runtime.gz[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	73425
Entropy (8bit):	4.977204259182636
Encrypted:	false
SSDEEP:	768:lfwoF8BD5hj74zan5tDdSJkR5f2zSJI3JxETmkN13hychWMobOGU9O:lfwoF8BDn5tZ/RJ2SN13hs
MD5:	413473DA67E4B51BA0944226E77C3F56
SHA1:	D8A80CE0CA07C5A65D9FE76EE6A5DB3D68668E78
SHA-256:	630DD73CC8AD2A52615AED23D16CAB6F05C1307655414D4EBE97B6E252302A8D
SHA-512:	451C48BCA87744FB76B40CE4A65E853FF3E3F3658A9AD9D483F0385D79EFC916358D6B42BF4EC1AE782F696ACD77A476E3155080B5FF18E4F68488CE46D0CBA6
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/runtime.gz.css
Preview:	.wp-progress-bar,.wp-progress-bar-clip,.wp-progress-bar-view{top:0;left:0;position:absolute}.article iframe,.article img{max-width:100%}.report-abuse-dialog .report-abuse-dialog-article-contents,html{-webkit-tap-highlight-color:transparent}.wp-progress-bar{right:0;bottom:auto;height:1em}.wp-progress-bar-clip{right:0;bottom:0}.wp-progress-bar-view{right:auto;bottom:0;width:0%;background-color:#000}.wp-scrollbar{z-index:5;position:absolute;opacity:0;background-color:rgba(255,255,255,.8);-webkit-transition:opacity .3s ease-out;-moz-transition:opacity .3s ease-out;-o-transition:opacity .3s ease-out;-ms-transition:opacity .3s ease-out;transition:opacity .3s ease-out;box-shadow:0 0 2px rgba(0,0,0,.5)}.wp-scrollbar.visible{opacity:1}.wp-scrollbar-track{position:absolute;top:2px;right:2px;bottom:2px;left:2px}.wp-scrollbar-thumb{position:absolute;top:0;left:0;background-color:rgba(0,0,0,.5)}.wp-scrollbar.horizontal{right:16px;bottom:0;left:0;height:16px}.wp-scrollbar.horizontal .wp-scrollbar-th

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\s11330293842804[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 2 x 2
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.0780023067505042
Encrypted:	false
SSDEEP:	3:CnwltxlHlrn:Xn
MD5:	AD480FD0732D0F6F1A8B06359E3A42BB
SHA1:	A544538683A2DFE574EEB2E358AC8FCC78289D50
SHA-256:	A1ECBAED793A1F564C49C671F2DD0CE36F858534EF6D26B55783A06B884CC506
SHA-512:	8717074DDF1198D27B9918132A550CB4BA343794CC3D304A793F9D78C9FF6C4929927B414141D40B6F6AD296725520F4C63EDEB660ED530267766C2AB74EE4A9
Malicious:	false
Reputation:	low
Preview:	GIF89a.............!.......,............Q.;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\scripts[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text
Category:	dropped
Size (bytes):	36587
Entropy (8bit):	5.031973795792918
Encrypted:	false
SSDEEP:	384:U1qVZSpe137a6wbqWcqS5G399ah4qAUaww3boPONH7uh3fDntOX4jQt41gvUxUPU:UMZPjw/u/P0NHyBJa4j/b6g
MD5:	B17288A1E30B569809A86C18E9BB2175
SHA1:	C04F72BE58D7D8473718CBF00C7BBDF8E1321519
SHA-256:	54F6DE9BE24813BE1C6F8CC2E86D7587E4E4EB6D19A17176B0AC733790145F42
SHA-512:	3FEF9E8D01643A802FBDDF93A19F36B26254C393384F8B41A7DA0397826AAE2F2446D837B7A952197061FC5440CF1FC8CBF0483D601ED19BFBCA25F8F54EEAA6
Malicious:	false
Reputation:	low
Preview:	/. Copyright 2021 Adobe. All rights reserved.. * This file is licensed to you under the Apache License, Version 2.0 (the "License");. * you may not use this file except in compliance with the License. You may obtain a copy. * of the License at http://www.apache.org/licenses/LICENSE-2.0. . Unless required by applicable law or agreed to in writing, software distributed under. * the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS. * OF ANY KIND, either express or implied. See the License for the specific language. * governing permissions and limitations under the License.. /./ global window, navigator, document, fetch, performance, PerformanceObserver,. FontFace, sessionStorage, Image /./ eslint-disable no-console */..export function toClassName(name) {. return name && typeof name === 'string'. ? name.toLowerCase().replace(/[^0-9a-z]/gi, '-'). : '';.}..export function createTag(name, attrs) {. const el = document.createElement(n

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\scripts[2].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text
Category:	downloaded
Size (bytes):	36587
Entropy (8bit):	5.031973795792918
Encrypted:	false
SSDEEP:	384:U1qVZSpe137a6wbqWcqS5G399ah4qAUaww3boPONH7uh3fDntOX4jQt41gvUxUPU:UMZPjw/u/P0NHyBJa4j/b6g
MD5:	B17288A1E30B569809A86C18E9BB2175
SHA1:	C04F72BE58D7D8473718CBF00C7BBDF8E1321519
SHA-256:	54F6DE9BE24813BE1C6F8CC2E86D7587E4E4EB6D19A17176B0AC733790145F42
SHA-512:	3FEF9E8D01643A802FBDDF93A19F36B26254C393384F8B41A7DA0397826AAE2F2446D837B7A952197061FC5440CF1FC8CBF0483D601ED19BFBCA25F8F54EEAA6
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/scripts/scripts.js
Preview:	/. Copyright 2021 Adobe. All rights reserved.. * This file is licensed to you under the Apache License, Version 2.0 (the "License");. * you may not use this file except in compliance with the License. You may obtain a copy. * of the License at http://www.apache.org/licenses/LICENSE-2.0. . Unless required by applicable law or agreed to in writing, software distributed under. * the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS. * OF ANY KIND, either express or implied. See the License for the specific language. * governing permissions and limitations under the License.. /./ global window, navigator, document, fetch, performance, PerformanceObserver,. FontFace, sessionStorage, Image /./ eslint-disable no-console */..export function toClassName(name) {. return name && typeof name === 'string'. ? name.toLowerCase().replace(/[^0-9a-z]/gi, '-'). : '';.}..export function createTag(name, attrs) {. const el = document.createElement(n

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\sparkfavicon_v2[1].ico Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	4286
Entropy (8bit):	2.2437058322637595
Encrypted:	false
SSDEEP:	24:suZgizzxxEKfLOQQEsmcpG3xbWT//zvUUUUUUUUUUUUUUUUUUUUUUNl:HgizzxxEKzOQBbcpS5WT//zVl
MD5:	79FBE30FC79A42EAA8A32DC344959E0E
SHA1:	09AC6EE75F9686BAD2003926C5FA8DB80777E981
SHA-256:	01F2FA23190A55B0B5F9DF0E0B66E23D136B7701BA3CC9A71FDAEDD409D92345
SHA-512:	FFCED953A2A53C1370FECE0E366D7AC304ACFFAE6E44F571BD2EFED6E225149647F64704332160AFA8DCD6C946B3AAAA6A80C5BD6900612F56687DC35ED5EB24
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/images/sparkfavicon_v2.ico
Preview:	...... .... .........(... ...@..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................70..7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...70..............................7`..7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7`......................70..7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...70..................7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...7...................7...7...7...7...7...7...7...7...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\styles[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	12546
Entropy (8bit):	4.665514700841603
Encrypted:	false
SSDEEP:	192:lOzWVwH6jCZDitH75vH1V/FAF/1Sr+aGF5OJE9h0To9ZXspA:95171PFAF95bFQ98XH
MD5:	50ED2FA269F431C0A417BFE9FDED33E2
SHA1:	80D79B3245378859380B393629721F306FF7924D
SHA-256:	3DC5C5C6562569E53273584B35FFF491E32E2E5F37100A21B2BC488F229A7EA7
SHA-512:	14526A2FA99B0949CE15B9A6477A808326E0E1F4D6666EF4C03DF73421726008B2E300403D2D9F9F884D029E9AEE8DBA8134E9C0609C7D011D28F21AB6D0A6A2
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/styles/styles.css
Preview:	body {. font-family: 'adobe-clean', 'Adobe Clean', sans-serif;. background-color: #FFF;. color: #232323;. margin: 0;. padding: 0;.}..main {. display: none;.}..main.appear {. display: block;.}../* gnav placeholder /..header {. box-sizing: border-box;. border-bottom: 1px solid #EAEAEA;. height: 153px;. position: relative;. background-color: white;.}..#feds-header {. opacity: 0;.}..#feds-header.appear {. opacity: 1;.}..#header-placeholder {. height: 64px;. position: absolute;. top: 0;. left: 0;. width: 100%;. z-index: 10;. -webkit-font-smoothing: antialiased;. border-bottom: 1px solid #EAEAEA;. transition: all 0.3s;. background-color: white;.}..#header-placeholder.disappear {. / display: none; */. opacity: 0;. z-index: -1;.}..#header-placeholder .desktop {. display: none;.}..#header-placeholder .mobile {. display: flex;. justify-content: space-between;. align-items: center;. height: 64px;. box-sizing: border-box;. pad

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\terms[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	110120
Entropy (8bit):	4.636880406496779
Encrypted:	false
SSDEEP:	1536:KK7WGD3IrPXnBo8y+i6Eb1BcythHKS9mxLpyATX7a1KaWve5:KQWGDGy+Pw1SyKhxlyAna19W25
MD5:	DEA3D9CE4B53033BC97B82A14AA8B494
SHA1:	C073F7DAD38A8A1CC74F8E43DBF4942AF82D710A
SHA-256:	00E63B78181930A260BBB984DCA2A3BEC9187B982B424F7BAA59C7E7BF3445BF
SHA-512:	6424FBCFD44269E079BEA7D809B945490049E2FE780F0644C014B24511105AF070956E8215BEA8F0B2B4801497AAAC80E0888FFB0F774096E0A49849A8D6B90B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/legal/terms.html
Preview:	.<!DOCTYPE HTML>.<html class="spectrum--medium" lang="en">. <head>. <title>Legal</title>. <link rel="canonical" href="https://www.adobe.com/legal/terms.html"/>. .. . . . <link rel="alternate" hreflang="en-IE" href="https://www.adobe.com/ie/legal/terms.html"/>. . <link rel="alternate" hreflang="de" href="https://www.adobe.com/de/legal/terms.html"/>. . <link rel="alternate" hreflang="uk-UA" href="https://www.adobe.com/ua/legal/terms.html"/>. . <link rel="alternate" hreflang="ar-kw" href="https://www.adobe.com/mena_ar/legal/terms.html"/>. . <link rel="alternate" hreflang="en-us" href="https://www.adobe.com/legal/terms.html"/>. . <link rel="alternate" hreflang="lv-LV" href="https://www.adobe.com/lv/legal/terms.html"/>. . <link rel="alternate" hreflang="en-IL" href="https://www.adobe.com/il_en/legal/terms.html"/>. . <link rel="

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\themetwo.fp-abc573155522bcda0452e193dff7aa91[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	301880
Entropy (8bit):	4.99900233389085
Encrypted:	false
SSDEEP:	384:LreqQVUz4G0X5AgD6zicPvT67qm032cRHO9y/SbOD6mCroWKa8E8UoGofHo+zwci:OzW6xPcgy/N6FroFrf+Lq7TnuWy19
MD5:	ABC573155522BCDA0452E193DFF7AA91
SHA1:	EDB2799FBA37BF41FE9C2DC898D4C0650A10DB14
SHA-256:	8602171F79058FCB3DBFA67B3DC823C3C49838E89A7D195FE9B1D7D350ABD6F7
SHA-512:	1A265935DE18CE88EB0F281C284264F530F7ACDDBABF4FC53E1DD4A1D0FC41660F68450E3B5D89DEF2B4EC56D4671695B2960C99AAB89D3F297541229AF29F5D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/etc.hawks.dexterlibs/dexter/clientlibs/base/themetwo.fp-abc573155522bcda0452e193dff7aa91.css
Preview:	.spectrum-Icon{display:inline-block;color:inherit;fill:currentColor}.spectrum-Icon.is-animated{transition:color .15s ease-in-out,fill .15s ease-in-out}.spectrum-Icon--sizeXXS,.spectrum-Icon--sizeXXS img,.spectrum-Icon--sizeXXS svg{height:.5625rem;width:.5625rem}.spectrum-Icon--sizeXS,.spectrum-Icon--sizeXS img,.spectrum-Icon--sizeXS svg{height:.75rem;width:.75rem}.spectrum-Icon--sizeS,.spectrum-Icon--sizeS img,.spectrum-Icon--sizeS svg{height:1.125rem;width:1.125rem}.spectrum-Icon--sizeM,.spectrum-Icon--sizeM img,.spectrum-Icon--sizeM svg{height:1.5rem;width:1.5rem}.spectrum-Icon--sizeL,.spectrum-Icon--sizeL img,.spectrum-Icon--sizeL svg{height:2.25rem;width:2.25rem}.spectrum-Icon--sizeXL,.spectrum-Icon--sizeXL img,.spectrum-Icon--sizeXL svg{height:3rem;width:3rem}.spectrum-Icon--sizeXXL,.spectrum-Icon--sizeXXL img,.spectrum-Icon--sizeXXL svg{height:4.5rem;width:4.5rem}.spectrum-Icon,.spectrum-UIIcon{display:inline-block;color:inherit;fill:currentColor;pointer-events:none}.spectrum-Ico

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\AdobeMessagingClient[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	43023
Entropy (8bit):	5.093775594974975
Encrypted:	false
SSDEEP:	192:t3CRpHzGF0nOCsnuETVaEBark4KxclmJPuiftIQgZq49N6N6B6zXv:MlOCe/MlmJ72Uv
MD5:	5266C0496AEA1B7C81096892463F494E
SHA1:	9FE262885D2904B5E7AA1A20D0BE3A9AC3EF7A23
SHA-256:	42A7E891FBD24FC0F4CF796EAA6CDEB5C8C02F12E0FFC97F0495A7B1547DC6DD
SHA-512:	E5F207FD74CFDE14B81A12CFABB2A0CBC1AC13C5F0EECBDC6B96A1B2E16199B3214F3A53377A56797E4DA3C398176CE0D294584D07DC08F4464004C25B647B7E
Malicious:	false
Reputation:	low
IE Cache URL:	https://client.messaging.adobe.com/latest/AdobeMessagingClient.css
Preview:	.adbMsgClientWrapper #adbmsgContainer *, .adbMsgClientWrapper #adbmsgContainer :after, .adbMsgClientWrapper #adbmsgContainer :before{box-sizing:border-box}.adbMsgClientWrapper #adbmsgContainer .outwardAnimate{transition:opacity .3s;animation-name:a;animation-duration:.3s;animation-timing-function:cubic-bezier(0,0,.4,1);-webkit-transition:opacity .3s;-webkit-animation-name:a;-webkit-animation-duration:.3s;-webkit-animation-timing-function:cubic-bezier(0,0,.4,1);-moz-transition:opacity .3s;-moz-animation-name:a;-moz-animation-duration:.3s;-moz-animation-timing-function:cubic-bezier(0,0,.4,1)}@keyframes a{0%{transform:scale(.83);opacity:0}to{transform:scale(1);opacity:1}}.adbMsgClientWrapper #adbmsgContainer .adbmsgCta{display:none;cursor:pointer;border-radius:60px;background-color:#fff;border:2px solid #505050;box-shadow:0 2px 4px rgba(0,0,0,.15);padding:0;width:60px;height:60px;margin:0 auto;text-align:center;text-decoration:none;font-size:20px;color:#34495e;vertical-align:middle;outlin

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\AdobeMessagingClient[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	80030
Entropy (8bit):	5.275128670974739
Encrypted:	false
SSDEEP:	1536:IJNl9DG2TEKR15lkFjiHSr77p6YIwJ5wWqXRka1D:kl9DddlkRiHSr77p6YPnOhjd
MD5:	32376A13A9DF84A831BEEC25F1517E05
SHA1:	50E358858B953BE902CDE80E61138D4F07923EB4
SHA-256:	D5346FB4C7D07C2875ABC2C887DF83B5FBB4FE932A3FCA574BE7D0AD667ADC12
SHA-512:	A8FB4402036CA2EFA29B113153BF525935AB3C916296C79C4D6DCC92229A765CF2C31FEA528B4B3B2C632AC31F5CFB22A2C2587DB472D58060D8D2CAB3BBCC61
Malicious:	false
Reputation:	low
IE Cache URL:	https://client.messaging.adobe.com/latest/AdobeMessagingClient.js
Preview:	!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.AdobeMessagingClient=t():e.AdobeMessagingClient=t()}("undefined"!=typeof self?self:this,function(){return function(e){var t={};function n(a){if(t[a])return t[a].exports;var i=t[a]={i:a,l:!1,exports:{}};return e[a].call(i.exports,i,i.exports,n),i.l=!0,i.exports}return n.m=e,n.c=t,n.d=function(e,t,a){n.o(e,t)\|\|Object.defineProperty(e,t,{configurable:!1,enumerable:!0,get:a})},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=17)}([function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0});var a=Object.assign\|\|function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var a in n)Object.prototype.hasOwnProperty.call(n,a)&&(e[a]=n[a])}return e},i=function()

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\Adobe_Corporate_Horizontal_Red_HEX[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	397
Entropy (8bit):	4.973746262232231
Encrypted:	false
SSDEEP:	6:tvKIiad4mc4sl3UtpMaguk0BNbO9Z1PHtDjt9INFW39mmJEVitksmHSXqY:tvG1KWanstDjXI4mwIUmyX7
MD5:	4BC0619E030E91ACFDA414626A41B770
SHA1:	BF0BEA50B7C0092B34EB8C06A3DDB52F37AA1860
SHA-256:	57AEBAB4A35ADC7CA5DFA15DC58A19B1457FB314881C3A4CC320CB79E8F006ED
SHA-512:	CF614C4A5C8269F4DCF01694BE15B847783DE0E6CADC914C879C46F6C4B014AF30FD4FA64F27144BA0CFB0F921E8D15BA592147AA0CE29440A18081AD9A69F24
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/content/dam/cc/icons/Adobe_Corporate_Horizontal_Red_HEX.svg
Preview:	<svg id="Layer_1" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 133.46 118.11"><defs><style>.cls-1{fill:#fa0f00;}</style></defs><polygon class="cls-1" points="84.13 0 133.46 0 133.46 118.11 84.13 0"/><polygon class="cls-1" points="49.37 0 0 0 0 118.11 49.37 0"/><polygon class="cls-1" points="66.75 43.53 98.18 118.11 77.58 118.11 68.18 94.36 45.18 94.36 66.75 43.53"/></svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\Policies_72px_lt-gray[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	28449
Entropy (8bit):	6.1296006799069325
Encrypted:	false
SSDEEP:	768:37Y73fMwXqXlPGT4Ch21JSP39z6dHuUN+3nw:k73fMwsPGT81cwuUow
MD5:	EFB6F897542A02F53A3859AAEFBD7013
SHA1:	1CABA3B56B5AB14798C12C84C565AFE2A28DC2DD
SHA-256:	B0AE115BC1ED8A5D8D3FE58E43A43AB6B54ADC35555D38A09BB44B22A0617A78
SHA-512:	AC718B0FF41B2B34F38273E9EF7B3CD93AF51B4A3BD635F48E8D8E1F85A64AC9723E2F4AA69EC2062A152A2DC8940DC967ECA93E46DCFFD33C3B5766DB8BE05F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/content/dam/cc1/en/privacy/images/Policies_72px_lt-gray.svg
Preview:	<?xml version="1.0" encoding="utf-8"?>. Generator: Adobe Illustrator 19.2.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->.<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" [..<!ENTITY ns_extend "http://ns.adobe.com/Extensibility/1.0/">..<!ENTITY ns_ai "http://ns.adobe.com/AdobeIllustrator/10.0/">..<!ENTITY ns_graphs "http://ns.adobe.com/Graphs/1.0/">..<!ENTITY ns_vars "http://ns.adobe.com/Variables/1.0/">..<!ENTITY ns_imrep "http://ns.adobe.com/ImageReplacement/1.0/">..<!ENTITY ns_sfw "http://ns.adobe.com/SaveForWeb/1.0/">..<!ENTITY ns_custom "http://ns.adobe.com/GenericCustomNamespace/1.0/">..<!ENTITY ns_adobe_xpath "http://ns.adobe.com/XPath/1.0/">.]>.<svg version="1.1" id="adobeNews_x5F_72_x5F_lt-ou" xmlns:x="&ns_extend;" xmlns:i="&ns_ai;" xmlns:graph="&ns_graphs;".. xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" width="72px" height="72px".. viewBox="-359 271 72 72" style="enab

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\Privacy-Image-1-1440x340.jpg.img[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, baseline, precision 8, 445x300, frames 3
Category:	downloaded
Size (bytes):	39763
Entropy (8bit):	7.739200940948953
Encrypted:	false
SSDEEP:	768:5BYydlHQ1aBlM4zpnkAwb/+CQTku32yXKA+jYsarj4:5B5HS4VkARNwuvK7kd4
MD5:	357C45BE36FA0CE8E2CD561773C30BDA
SHA1:	1E8A908D9D14AAB718B48CF4CDD59267021ED235
SHA-256:	FCB9BA715B4E111C01919EE7CF40128753FDBCE86DE4C68773AD951A15F5D78A
SHA-512:	773B20DF99A75E7FD0B676D93B80ABFE76B2A7DE62AE460E84439E97F9B774A21AB22E531F5342F2CAF2A32B958922F3CE9E2075FCC0DACB8E5D9E1E837A92AC
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/content/dam/cc1/en/privacy/images/Privacy-Image-1-1440x340.jpg.img.jpg
Preview:	......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c128 79.159141, 2016/03/22-01:13:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:dfc28c09-91b3-4a6f-b4b7-71c30de60aff" stRef:documentID="adobe:docid:photoshop:88fe6a1c-4e88-1179-af16-f6a1d25c9bdd" stRef:originalDocumentID="xmp.did:7a7371c8-54c7-431d-9b1f-f4993a9b061f"/> </rdf:Description> </rdf:RDF> </x:xmpmeta>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\Privacy-Image-2-1440x340.jpg.img[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, baseline, precision 8, 445x300, frames 3
Category:	downloaded
Size (bytes):	28243
Entropy (8bit):	7.617174108691038
Encrypted:	false
SSDEEP:	768:JBYyi06jKtH4Vb7G77cv5eg9ZNjueEEF3y:JBm0wUYVm77m96j0y
MD5:	5AC5CC8B77615A24CB4A981921EB751D
SHA1:	AEB7E76ABEE2DB25192833AC34A50D2C2A9C75B7
SHA-256:	459A34EDCD31C4D24A58F9D8C5E36F092D5AA3A62B70F8012A2DB7C2B5FDD5B0
SHA-512:	2833A7C0B4E7B957FDC2410BC8101D7E534E2C7FDEB42398B908419F21B1582F4E8F63590587331F485472AFAE82F30423B37263C5699E3D65009388717D7FD5
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/content/dam/cc1/en/privacy/images/Privacy-Image-2-1440x340.jpg.img.jpg
Preview:	......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c128 79.159141, 2016/03/22-01:13:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:715ed33e-e62b-4e66-bb93-54d394e3b830" stRef:documentID="adobe:docid:photoshop:9561acbc-4e88-1179-af16-f6a1d25c9bdd" stRef:originalDocumentID="xmp.did:abae1003-6656-4926-aeda-82e235185e72"/> </rdf:Description> </rdf:RDF> </x:xmpmeta>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\RC036830be72f242959c7b9ca66cef0c85-file.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	323
Entropy (8bit):	5.286853143462955
Encrypted:	false
SSDEEP:	6:jwkMKngJv0KgiSP8AlSHS0mCMHDXRMvKyupXMYGGX6SHMWkiezW3T5OtunadXZfJ:jvgeASPRZfRny6cYGkcOeqD5OFdXv/ZJ
MD5:	C3227D3B12693BAACF400A5433937584
SHA1:	3517AD497A87EBB909D3060CB67EE179424AEF69
SHA-256:	B0C9DF48D4E25F293A62DF986B6120EF3C9CA942460A2BD6D94484CB09C4DA91
SHA-512:	D68C489C88213B963DE5DF428B9E5BD9EE30B8025B16DD6562D5F5BBEB33AC4F45408FEB06AF9F2E72A75677C402ADBF4DA727DCCE9892722A4D392A7F1B146D
Malicious:	false
Reputation:	low
IE Cache URL:	https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC036830be72f242959c7b9ca66cef0c85-file.min.js
Preview:	// For license information, see `https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC036830be72f242959c7b9ca66cef0c85-file.js`.._satellite._poll(function(){_satellite.track("trackMarketoForm")},[function(){if(document.querySelector(".marketoForm")\|\|window.MktoForms2)return!0}],{timeout:1e5,interval:100});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\RC7ef3b955b7e947769bff08d7ce2a0937-file.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	8239
Entropy (8bit):	5.075853204397136
Encrypted:	false
SSDEEP:	192:5A9VBWBHmEHEtyQ6rGIrbvUPQ46dChfOPXy23GZ4sMuF7pNsBVvttnM:5Oshm8EtyQfIrbvUPQ46d+WPXy2WesMu
MD5:	B80EFF8BA8537232E18B8A50A75003E8
SHA1:	6B718323F19A0F9FC806FEF12C5EEA08505FC6DC
SHA-256:	533A9B21E225E9DE11919B3038EF52A1DAA59E8F5AC49CE0AB8BCF777DA2B432
SHA-512:	C3DBC62D3FF28D828DD79CC4EA0199FA1641BB7BADA0D42C604A94FDFF83809D02D9076237665FF8DA7C662D974F1564BEAA9DE2A39E12F56E9BDD08C6A8A23E
Malicious:	false
Reputation:	low
IE Cache URL:	https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC7ef3b955b7e947769bff08d7ce2a0937-file.min.js
Preview:	// For license information, see `https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC7ef3b955b7e947769bff08d7ce2a0937-file.js`..!function(){var e=_satellite,t=(e.windowProperty,e.path),a=document.referrer,r=(e.loc.href,e.oneTrustIsHostEnabled),o=e._index;if(-1!==t.search(/\/products\/xd/)&&e.track("pageload-xdDownload"),r("d26x5ounzdjojj.cloudfront.net")&&-1!==t.search(/\/(uk\|africa\|gr_en\|be_nl\|be_fr\|be_en\|cz\|cis_en\|cy_en\|dk\|de\|ee\|es\|fr\|ie\|il_en\|it\|lv\|lt\|lu_de\|lu_en\|lu_fr\|hu\|mt\|mena_en\|nl\|no\|at\|pl\|pt\|ro\|ch_de\|si\|sk\|ch_fr\|fi\|se\|ch_it\|tr\|bg\|ru\|cis_ru\|ua\|mena_ar\|il_he)\//)&&(o(t,"/creativecloud/business.html")\|\|o(t,"/creativecloud/business/teams.html")\|\|o(t,"/creativecloud/business/teams/features.html")\|\|o(t,"/creativecloud/business/teams/deploy-and-manage.html")\|\|o(t,"/creativecloud/business/teams/plans.html")\|\|o(t,"/enterprise.html")\|\|o(t,"/business/enterprise.html")\|\|o(t,"/creativecloud.html"))&&e.track("thirdPartyTBWTag"),e.groupEnabled("C0004")&&(o(t,"/products/capti

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\RCa8534599c5d1425b9b1fceaf046699bf-source.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	830
Entropy (8bit):	5.144479495488463
Encrypted:	false
SSDEEP:	24:15jzct/Bw5jHJj2lBfJKnKD8cQcj+D+NplHln:15st/Bw5L52lBfi63Kqzpt
MD5:	A468404B5E53FA4A8F6E26CC11D508D4
SHA1:	EC691D97B30A5A07D5EA977B904F77C311B5A4C0
SHA-256:	F3AE23D72EB26BE500F273BD2824D8504B7144E136D76D0C2D73CE2E4809537B
SHA-512:	F4CCD6704922BCF4F63E6DE11771A5468A631A6A8A4D90B9B7203B9AB820BCE849F4B22209425A4C68809F54A65B797EB2DFE138FBF13DF160F38C55A8318B76
Malicious:	false
Reputation:	low
IE Cache URL:	https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RCa8534599c5d1425b9b1fceaf046699bf-source.min.js
Preview:	// For license information, see `https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RCa8534599c5d1425b9b1fceaf046699bf-source.js`.._satellite.__registerScript('https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RCa8534599c5d1425b9b1fceaf046699bf-source.min.js', "_satellite.getVar(\"digitalData.organization.demandbase\").then(function(e){_satellite.setVar(\"aep_demandbase\",e),_satellite.getVar(\"digitalData.primaryUser.primaryProfile.profileInfo\").then(function(){_satellite._promises&&_satellite._promises[\"digitalData.primaryEvent.eventInfo.interaction.impression\"]?_satellite._promises[\"digitalData.primaryEvent.eventInfo.interaction.impression\"].then(function(e){digitalData._set(\"digitalData.aep.impression\",e),_satellite.track(\"pageview\")}):_satellite.track(\"pageview\")})});");

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\all[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	54641
Entropy (8bit):	4.712564291864468
Encrypted:	false
SSDEEP:	768:SuV31Uz1RPq4NvvU63HJYkQCZ/WMQyjJKp7CzsGnQzU:SuczrC4NnzHSBCkgu7cs1w
MD5:	251D28BD755F5269A4531DF8A81D5664
SHA1:	C0F035B41B23C6E8FAB735F618AA3CFF0897B4F9
SHA-256:	AFDC6BF2DE981FFD7D370B76F44E7580572F197EFBE214B9CFA4005D189D8EAE
SHA-512:	8111F411C21C6011644139DBA4EF24D1696C0F6D31E55CE384E0353A0F3E65402170C502BDDF803C3DF9149C371B31C03F77BE98FDBC61C0C9C55AFBE399681F
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.fontawesome.com/releases/v5.7.0/css/all.css
Preview:	/!. Font Awesome Free 5.7.0 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */..fa,.fab,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:.08em solid #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pull-lef

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\arrow-down-white[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	457
Entropy (8bit):	5.337403808865378
Encrypted:	false
SSDEEP:	6:TMVBdbjBubdgXRxVnzVEn6VWB3qmc4slZKYnic4sf3nU6AqOrbq6jHzhMdAuOS:TMHdPBu5i/nzVJ/KYf3n2NrPHCT
MD5:	65C98FE770DF88672CDC4286AB61235D
SHA1:	CD8889551C6FCC6A9B48D63F311019CC24DEF75F
SHA-256:	6FCB3483F32434F91E4BA90A5A728AD5AD1C402A4929B991098B5FCFEA4D2F9D
SHA-512:	3B8DDDF3416B0559AFCB9371D0B14F3941836A921B3593419CC47417F377D65BCB252C13EDAB07D1AD5C00D2D51B06C004D5C5DB812090741AE77E647D49EB61
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/images/landing/arrow-down-white.svg
Preview:	<?xml version="1.0" encoding="utf-8"?>. Generator: Adobe Illustrator 20.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->.<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px".. viewBox="0 0 10 5" style="enable-background:new 0 0 10 5;" xml:space="preserve">.<style type="text/css">...st0{fill:#FFFFFF;}.</style>.<path id="caret" class="st0" d="M0,0l5,5l5-5L0,0z"/>.</svg>.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\arrow-right[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 18 x 25, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	442
Entropy (8bit):	7.029622930176089
Encrypted:	false
SSDEEP:	6:6v/lhPzQynDi3URTCMkLPJsbjShtfGQHVxFX0o/A5VFnWMFd4+0hS+qz58OCox5Z:6v/7MM9CXJsbcf1xFXoWkOhSVNB7Z
MD5:	28A18EE67AF8D721211ED08164E72CB9
SHA1:	C643A55A18EF870B88FA1CAFED098A12F001384F
SHA-256:	78260D8829368E46D58D02B613EC0C0E19AEE5C159AA4BA255D032D283C30187
SHA-512:	FF21CE7DEE9E5B298BEFD0B67869A4E582097712B0A8D23E10050DFC60BD4B7BD26B0EA077865AA0D6FF57E204A74187874572B243584220C7B23FB0CC127F52
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/images/arrow-right.png
Preview:	.PNG........IHDR.............<.~.....sBIT....\|.d.....pHYs...........~.....tEXtSoftware.Adobe Fireworks CS6......tEXtCreation Time.9/11/13.9I.....IDAT8...!o.@.....d?.....#L...BW..\..\.YP....@T.\..>..{;...e.....I....q.dDrGr..#....w".].2k\|.. ..)......F..@.us!.=..........H..L.s).7..".]...Ug.u.W..;..,HD.EQ..2....!..1....<.X....9M.w.".</d..x.pk.......$.Uqw..&....VEdW8A..[...{4.UU.h ..._. ...^)u....b.Z....8..W..."..).&\....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\base-fonts.gz[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	72
Entropy (8bit):	4.675124266644529
Encrypted:	false
SSDEEP:	3:yLRmcpZBLvG/tLAfimqW7RmMe:yL/pZtvG1AiMRmMe
MD5:	1C75FB60A6530DC7F95725DED413DC13
SHA1:	A6F43A1C5E1039C212879090EFA6411008528FAD
SHA-256:	E99BEC104ED648FAB6ECA0D41AB2B793A05E6A3305B24483C681C5BD5CF5C325
SHA-512:	6C606EEE1E84DAD4064F4F579FE7AA95C028167474BE75A9486996E368E3717FD5252D98652F98E0128324F92957C241B44B79B6502925EF8B8F2B9F4A3A7500
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/base-fonts.gz.js
Preview:	document.write('<script src="//use.typekit.net/onz5gap.js"><\/script>');

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\bcd59be0-d709-488b-984a-26f4b039794a[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, baseline, precision 8, 220x229, frames 3
Category:	downloaded
Size (bytes):	14927
Entropy (8bit):	7.34003334947223
Encrypted:	false
SSDEEP:	192:V9/3KkVzGkjk+8fQQqnSV+mjIqtQAI65VDUAIGvEnEwwGUoV0jkcMB9lT7UyJb1f:V9ykgv+8fCnsISDnDU/GSEwLUTk5L3cG
MD5:	A4258635525A0FF2E61771633BBE6F0D
SHA1:	77C70C5E1775E653D9114F4B75A74EE9B10939D9
SHA-256:	7BEFD5121F64823782B982EE7DD34B10240C98F2B9E16F4DF797827CEE5B301E
SHA-512:	77C51C4874B25763108033C27E4ABACF72B65B140BCB7C5D906DD91EC49959E657416B3577EC5873847BD544F7BC374D7EC28CF6559C02BACDC0BA02CC439F78
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/page/QbyXJuM93yIVE/images/bcd59be0-d709-488b-984a-26f4b039794a.jpg?asset_id=45a3c176-eaaf-4a47-932b-ff179d0bfafe&img_etag=%2254149f4c8a6730544e57e0f99fa17c62%22&size=1024
Preview:	......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c005 79.164590, 2020/12/09-11:57:44 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/"> <xmpMM:DerivedFrom rdf:parseType="Resource"/> </rdf:Description> </rdf:RDF> </x:xmpmeta>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\big-yellow-exclamation-point[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 110 x 102, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2410
Entropy (8bit):	7.569854461422992
Encrypted:	false
SSDEEP:	48:ukNNn2ktJ3PRre/eOxtZlfqY+rj1zXnUgO/GaCq7f:lf2OeeqlfF+ndXRO+Tqb
MD5:	0C48944C6F37B353D14892E8EB9862DE
SHA1:	8FED687740AED3F235F634A67203C61EB7F5FCAE
SHA-256:	8473E148A6C6B2199C07BD7DC0CEB54A5D943D0FEE634D56620763A42346813B
SHA-512:	BD455D36AE29735C9D737D11CDEC81A761A63203CB08B37C161D3ACAE61A542BB238C58137123224B469EE9BF7A4005E125B15DBA966A23AFCBA7BCB5737D628
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/images/landing/big-yellow-exclamation-point.png
Preview:	.PNG........IHDR...n...f.....*.......tEXtSoftware.Adobe ImageReadyq.e<...(iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c111 79.158325, 2015/09/10-01:10:20 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2015 (Macintosh)" xmpMM:InstanceID="xmp.iid:07CAF5790F2F11E6B83680AF73847A41" xmpMM:DocumentID="xmp.did:07CAF57A0F2F11E6B83680AF73847A41"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:07CAF5770F2F11E6B83680AF73847A41" stRef:documentID="xmp.did:07CAF5780F2F11E6B83680AF73847A41"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>F.Ep....IDATx..[l.E..- .....RA.F....(.......x..T.[@...Qh....../..}..._.._4!.Q../.....h..~.....=..3.3../....9=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\bootstrap.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	144877
Entropy (8bit):	5.049937202697915
Encrypted:	false
SSDEEP:	1536:GcoqwrUPyDHU7c7TcDEBi82NcuSELL4d/+oENM6HN26Q:VoPgPard2oENM6HN26Q
MD5:	450FC463B8B1A349DF717056FBB3E078
SHA1:	895125A4522A3B10EE7ADA06EE6503587CBF95C5
SHA-256:	2C0F3DCFE93D7E380C290FE4AB838ED8CADFF1596D62697F5444BE460D1F876D
SHA-512:	93BF1ED5F6D8B34F53413A86EFD4A925D578C97ABC757EA871F3F46F340745E4126C48219D2E8040713605B64A9ECF7AD986AA8102F5EA5ECF9228801D962F5D
Malicious:	false
Reputation:	low
IE Cache URL:	https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Preview:	/!. Bootstrap v4.0.0 (https://getbootstrap.com). * Copyright 2011-2018 The Bootstrap Authors. * Copyright 2011-2018 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). /:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace},::after,::before{box-sizing:border-box}html{font-family:sans

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\browser-icon-safari[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	25115
Entropy (8bit):	7.984846894248758
Encrypted:	false
SSDEEP:	384:7jYMKpmdNqN0obP7YnB6pZj1MyPpC9/Hhw691Q/+3ryGjtx54ZNNlRiwnY1X:7MxqPoIMMyRcBw692jGjtKnlMwUX
MD5:	23B02AAF3435635E1E6C324D759B56CA
SHA1:	7DA557E711F8ADD60FE6493789ADCB97B6922A2B
SHA-256:	22B7C23F2DED34B2B0AF1B6D908A533130ABAB7EB32711052D0CAAB35D50BEBB
SHA-512:	7FF438AEEBB35FCC2F62C68E3EDD6C9914BF608BDDFC62B4AD20E91AF937A2395F882BF0CF85CFF2730B6BF4B145110E60FFF7F1F7AFE6FCDBE4A0C8885AC80F
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/images/landing/browser-icon-safari.png
Preview:	.PNG........IHDR...\|...\|............tEXtSoftware.Adobe ImageReadyq.e<...(iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c111 79.158325, 2015/09/10-01:10:20 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2015 (Macintosh)" xmpMM:InstanceID="xmp.iid:87E1179C0FF011E69AFE8E50F5F6CE89" xmpMM:DocumentID="xmp.did:87E1179D0FF011E69AFE8E50F5F6CE89"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:5F7D657F0FF011E69AFE8E50F5F6CE89" stRef:documentID="xmp.did:5F7D65800FF011E69AFE8E50F5F6CE89"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.q+...^.IDATx..}...U...g...onz.i........*.......bC,X...../J.Ai..H.B.!..z{9........3..s.O.....)w.93..k.o...p].

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\crisp-fonts.gz[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	139
Entropy (8bit):	4.811599389940217
Encrypted:	false
SSDEEP:	3:yLRmcpZBLvG/tLAJ2qW7RmMjuRmcszgcukrQLJkgfw0zRjf:yL/pZtvG1M2JRmMju/0gcu/LugfwmRr
MD5:	361FE227C22294543FE0FD29B8D28C0A
SHA1:	1D32C0DC6F27CA2A6C67E5C79DFC08DD39511B03
SHA-256:	17D7DDB7C7C94BA00A4F60835AC14512B6574E5D6B81E99542D44BDA414AACD0
SHA-512:	85C7DA240B8283EF24F91AFCB472AF9E9E2E91A5B6F4E7370E774A50F1BAA0F6DF47E7173854B6593FB4EC8673BF682B7122C3877902AE414F0FDD0334C937B0
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/themes/crisp-fonts.gz.js
Preview:	document.write('<script src="//use.typekit.net/rbi5aua.js"><\/script>'),document.write("<script>try{Typekit.load();}catch(e){}<\/script>");

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\d[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 33188, version 0.0
Category:	downloaded
Size (bytes):	33188
Entropy (8bit):	7.983177376379406
Encrypted:	false
SSDEEP:	768:wGSOatUd5GncZIdLNrOAumby3gbvrHaebJVNXQ8V:wBJm0cZsBOXyrbba8V
MD5:	DCA4F55F778D14EC5C839B53B11329ED
SHA1:	A467C967D419B74EFC0FE8142B4399E3B3BBB083
SHA-256:	AF901B92645CD64D10F4AC5059A9C94F6AABED7295425C03694B8C0FC5126655
SHA-512:	D5A116A469C8C40AC2630BBAB5B8A7ECFB34C9C704396A403BAE29F5579484E70D3E735872F84DC7ADFB4CC7BA8407A91EB4F5B99D78B2073E2B5B2FFB3A6D5E
Malicious:	false
Reputation:	low
IE Cache URL:	https://use.typekit.net/af/d5d9b2/00000000000000000000ffd9/26/d?subset_id=2&fvd=i3&v=3
Preview:	wOFF..............%<........................DYNA................GDYN...\|.......I..J.GPOS.......j....C.W.LTSH.......p....APzOS/2.......X...`o.nAVDMX.......\|....i.qMcmap...........x;.=.cvt ...$...8...8.#..fpgm...\.......s.Y.7glyf...t..\O......q.hdmx..n........(.J.head...`...6...6....hhea...H.......$.s..hmtx..y\|......xj ..loca..{....a...\|.d,.maxp...h... ... ...~name.............\|.post..~........PV...prep...t...\|.....Tx.x...C`...D..]m.m.m.m.i...6I.4.m..y.,..,...d....Hn$'..%.)dJR.T..?zS.4.iIc.IGZ..t2...... 3.Qf&..Bf.IV..ld...f?...2.9.;..).K.%..G..F~......o_)D.Y.......E..QX...,AQ.LI..R...)a.(CIY.R....#.)#+PVVt.D9.@e..T.U.h.F%Y...UdM..;jQM...C.{K]j.z...eoh@m.:..uec..k.P_6..lFC{Es...4.-ib/i......d[.....B....@+{NGZ.N...ik..B;.....dw...t.=.${......]e_..c..]....@O9.^..A........2..r...p.......d... 9...........f..g...8..r.#-...S.-.2...X9.qr..-..L...(g3I....d9.)r>S-..L.....1...r...Rf.e..,g.\.<.R.a...j..5,...H.c.\.......F..M,..YaQla...Ur;..6;X#w.V.b..b7...6.l.H..I.g.<.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\favicon[1].ico Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel
Category:	downloaded
Size (bytes):	9662
Entropy (8bit):	1.5933577223587498
Encrypted:	false
SSDEEP:	48:97gzdbklTMl1sy6TMenl7ulGt/3GmjAAp:970sI2NmU3GY
MD5:	B28BF60DD7E50B6DFFD394EBC0F9057A
SHA1:	9EA7EED87B689757780322989EF426AEFFDC8F7A
SHA-256:	BF24C9E4D37F94D4BD2F870228FF421CA54B2949DB3391DBD3818EC0E6DB0F5F
SHA-512:	B16A7F756E38FFE4BBCC0394A6E41593CC9FE68AACA6350C1C20D10E7A284EBFC7937C15726D0F43A3ABD7C43D128A041A109CAC2C8F240707FE1997E633E025
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/favicon.ico
Preview:	......00.... ..%......(...0...`..... ......$.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................A...........................................................................................................V...............................'...............................................A..........................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\feds[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	19028
Entropy (8bit):	5.098268325706334
Encrypted:	false
SSDEEP:	384:Jb8heJDYD+yQUAP/92Z6Rs/AQpol4+69503RYUSs8Ukz+OsUIKn:JpSkhKbolDPu
MD5:	17B3EB9912F46B292F6795D2FA3CFFF8
SHA1:	590CD8694B66307EAA7D4E7D963CD0E3ADB116AC
SHA-256:	4AB608687D1DD3AA66920F68409D76EE184A963675DC733BF7EC629A072981E6
SHA-512:	591B57D580337E50BDA4301A035AE1AB2D48CF3F0D73FE388584011F1E391CCC5C363BDC3C813F717DA3EC4E845B001FCF127457907183A21BC1EF85D6164D0E
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/etc.clientlibs/globalnav/clientlibs/base/feds.css
Preview:	/! feds v0.51.0 built on Mon, 24 May 2021 06:11:49 GMT /.[class=aem-AuthorLayer] #feds-subnav{position:relative}.Subnav-wrapper li{margin:0}#AdobeSecondaryNav{max-width:100vw}#AdobeSecondaryNav.Subnav-wrapper{position:absolute;top:100%;right:0;left:0;min-height:60px;display:flex;justify-content:center;font-family:inherit;box-sizing:border-box;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;transition:height .3s ease;z-index:1;opacity:0;transform:translateZ(0);overflow:hidden}#AdobeSecondaryNav.Subnav-wrapper--active{opacity:1;overflow:visible}#AdobeSecondaryNav.Subnav-wrapper ,#AdobeSecondaryNav.Subnav-wrapper :after,#AdobeSecondaryNav.Subnav-wrapper :before{box-sizing:border-box}.feds-header--rebranding #AdobeSecondaryNav.Subnav-wrapper{font-family:inherit}#AdobeSecondaryNav.Subnav-wrapper .Subnav-background{position:absolute;top:0;right:0;bottom:0;left:0;width:100%;height:100%;background-color:#f8f8f8;content:"";transition:opacity .3s ease;pointer-events:none

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\icon-footer-twitter[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	764
Entropy (8bit):	4.2898721619383515
Encrypted:	false
SSDEEP:	12:tvveD/lIhNZHvr3t8bYDnNAxLgeZLU9YtxYMPWzG4BsVrvl5JiqC8n:tXeD/epp8QnNCLgQbbJMG4er1iqC8n
MD5:	41324C2374C498667DF60F5DB9ED29BC
SHA1:	E1D68AD0BCB242CC76D34A7D71C78ACFF9F25EFC
SHA-256:	1C48D8EDF7F69BC479F00DD25EB2399DD2BF6F0AA3BF128089B0A7A1D8958D5E
SHA-512:	851F947CEC590D196CFA1FD2390D4D380FB0E4F008B0813CC0A15CD1CBFEAF94883ECE65EEBEFA5C98B91E7F77EED99F213D601C49FA972B403DE9181414A955
Malicious:	false
Reputation:	low
IE Cache URL:	https://spark.adobe.com/images/icon-footer-twitter.svg
Preview:	<svg id="Layer_1" xmlns="http://www.w3.org/2000/svg" width="67" height="67" viewBox="0 0 67 67"><style>.st0{fill:#717f8a}</style><path class="st0" d="M38.2 22.3c-2.6 1-4.3 3.4-4.1 6.1l.1 1-1-.1c-3.8-.5-7.1-2.1-10-4.9L21.7 23l-.4 1c-.8 2.3-.3 4.7 1.3 6.3.8.9.6 1-.8.5-.5-.2-.9-.3-1-.2-.1.1.4 2.1.8 2.8.5 1.1 1.7 2.1 2.9 2.7l1 .5h-1.2c-1.2 0-1.2 0-1.1.5.4 1.4 2.1 2.8 3.9 3.5l1.3.4-1.1.7c-1.7 1-3.6 1.5-5.6 1.6-.9 0-1.7.1-1.7.2 0 .2 2.6 1.4 4 1.9 4.5 1.4 9.8.8 13.7-1.6 2.8-1.7 5.7-5 7-8.2.7-1.7 1.4-4.9 1.4-6.4 0-1 .1-1.1 1.2-2.3.7-.7 1.3-1.4 1.5-1.6.2-.4.2-.4-.9 0-1.8.6-2 .6-1.2-.4.6-.7 1.4-1.9 1.4-2.3 0-.1-.3 0-.7.2-.4.2-1.2.5-1.8.7l-1.1.4-1-.7c-.6-.4-1.4-.8-1.8-.9-.9-.4-2.6-.4-3.5 0zM34 64C17.4 64 4 50.6 4 34S17.4 4 34 4s30 13.4 30 30-13.4 30-30 30z"/></svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\imslib.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	46020
Entropy (8bit):	5.247108485619506
Encrypted:	false
SSDEEP:	768:6y/BMM1ALvYYtNwaIQzhxmQuLWpXcFJw+YoSorR:hgjia012XcFJHYoSo1
MD5:	B439B689448BCAF4ED270F5AF5477C37
SHA1:	6E71ACE46CA64143CA6C7373D2C3DB960EB8F5C0
SHA-256:	4492E3E27970CDEF4E460DA2FA944B12C09AF19575447F91DFECD9D587818A0B
SHA-512:	9541DBAEBE8CC3DA98259BFD0AFB003BEFF471C91CACBA35E446B199D961C55DA1642485B6E00F73949AB65BA9C2EC5EBE7E48833FD61588B18C10C8FDD4D9FF
Malicious:	false
Reputation:	low
IE Cache URL:	https://static.adobelogin.com/imslib/imslib.min.js
Preview:	/! imslib.js 1.13.0 18d23dc-b2b44fe /.Array.prototype.every\|\|(Array.prototype.every=function(e,t){"use strict";var n,i;if(null==this)throw new TypeError("this is null or not defined");var o=Object(this),r=o.length>>>0;if("function"!=typeof e)throw new TypeError;for(1<arguments.length&&(n=t),i=0;i<r;){if(i in o)if(!e.call(n,o[i],i,o))return!1;i++}return!0}),Array.prototype.forEach\|\|(Array.prototype.forEach=function(e,t){var n,i;if(null===this)throw new TypeError(" this is null or not defined");var o=Object(this),r=o.length>>>0;if("function"!=typeof e)throw new TypeError(e+" is not a function");for(1<arguments.length&&(n=t),i=0;i<r;){i in o&&e.call(n,o[i],i,o),i++}}),Array.prototype.includes\|\|(Array.prototype.includes=function(e,t){"use strict";if(null==this)throw new TypeError("Array.prototype.includes called on null or undefined");var n=Object(this),i=parseInt(n.length,10)\|\|0;if(0===i)return!1;var o,r,s=parseInt(t,10)\|\|0;for(0<=s?o=s:(o=i+s)<0&&(o=0);o<i;){if(e===(r=n[o])\|\|e!=e&&r!=r

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\initConfig[1].json Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	134
Entropy (8bit):	4.596346617979037
Encrypted:	false
SSDEEP:	3:YWADlFtcmRzHAgJw3BFtcmRzHAgJkMKRjEmb:YWATBHAgJCFBHAgJtKgQ
MD5:	E78AAE29253C4894EF77C2263DF2AF0E
SHA1:	F4BB400456EB30EB1D131549B777F405CCC1D348
SHA-256:	599A201A8BCF34F862C99ED2109D9DAB8083C751FA16AA2EE87382FDAC0E1042
SHA-512:	E4BA14CBBC16AF7E9897557DE666A9EFBFCCA8E066F1AF66D2FD583743DEBE68D9BF8A2500CD02EC7D58B1CDD0EF92EEBD20E6ACC7D1D56E29A49A755913717F
Malicious:	false
Reputation:	low
IE Cache URL:	https://client.messaging.adobe.com/2.28.2/initConfig.json
Preview:	{"serverUrl": "https://server.messaging.adobe.com", "wsUrl": "https://server.messaging.adobe.com", "callAfterUpdateAccessToken": true}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery-3.2.1.slim.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	69597
Entropy (8bit):	5.369216080582935
Encrypted:	false
SSDEEP:	1536:qNhEyjjTikEJO4edXXe9J578go6MWX2xkjVe4c4j2ll2Ac7pK3F71QDU8CuT:Exc2yjq4j2uYnQDU8CuT
MD5:	5F48FC77CAC90C4778FA24EC9C57F37D
SHA1:	9E89D1515BC4C371B86F4CB1002FD8E377C1829F
SHA-256:	9365920887B11B33A3DC4BA28A0F93951F200341263E3B9CEFD384798E4BE398
SHA-512:	CAB8C4AFA1D8E3A8B7856EE29AE92566D44CEEAD70C8D533F2C98A976D77D0E1D314719B5C6A473789D8C6B21EBB4B89A6B0EC2E1C9C618FB1437EBC77D3A269
Malicious:	false
Reputation:	low
IE Cache URL:	https://code.jquery.com/jquery-3.2.1.slim.min.js
Preview:	/! jQuery v3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_evalUrl,-event/ajax,-effects,-effects/Tween,-effects/animatedSelector \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b\|\|d;var c=b.createElement("script");c.text=a,b.head.appendChild(c).parentNode.removeChild(c)}var q="3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_e

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	85578
Entropy (8bit):	5.366055229017455
Encrypted:	false
SSDEEP:	1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2
MD5:	2F6B11A7E914718E0290410E85366FE9
SHA1:	69BB69E25CA7D5EF0935317584E6153F3FD9A88C
SHA-256:	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
SHA-512:	0D40BCCAA59FEDECF7243D63B33C42592541D0330FEFC78EC81A4C6B9689922D5B211011CA4BE23AE22621CCE4C658F52A1552C92D7AC3615241EB640F8514DB
Malicious:	false
Reputation:	low
IE Cache URL:	https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Preview:	/! jQuery v2.2.4 \| (c) jQuery Foundation \| jquery.org/license /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\lightbox_close@2x[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1453
Entropy (8bit):	6.759166148396455
Encrypted:	false
SSDEEP:	24:B1hnBWwh82lYSKw5hVa64XVKT3JryJ3Vo5hVa6fGjwKZRfp2XOBY6:v1kvnLI600J3e7cVh2XOb
MD5:	13198D9E24E4047B757E69F32897B19D
SHA1:	868CEB3BDC559535E5E638A9E145F35005AF33C6
SHA-256:	2603DCB84908061D1A9E31DA6080328BF7867BFC4AA7A1A9A0FBD25E5942A043
SHA-512:	86D943EFB966752531E91911D5F1A9B27CD5003D2E96F19CAE833F88DF856A59C099B237E5EEDC840E00CFF6B9F34E6583B2F2F676EFAEC5055E5030198E5810
Malicious:	false
Reputation:	low
IE Cache URL:	https://page.adobespark-assets.com/runtime/1.22/images/lightbox_close@2x.png
Preview:	.PNG........IHDR...(...(........m....tEXtSoftware.Adobe ImageReadyq.e<...xiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.155772, 2014/01/13-19:44:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:0e41a95d-3ffa-4ff2-9f01-79e98faa126a" xmpMM:DocumentID="xmp.did:A061BB706D2311E4A705EAFA721C606B" xmpMM:InstanceID="xmp.iid:A061BB6F6D2311E4A705EAFA721C606B" xmp:CreatorTool="Adobe Photoshop CC 2014 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:caa2ca59-503f-4ad4-961c-e872383c57cd" stRef:documentID="xmp.did:0e41a95d-3ffa-4ff2-9f01-79e98faa126a"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>F.M.....IDATx...1J.@......DR(.iia

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\location[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	182
Entropy (8bit):	4.685293041881485
Encrypted:	false
SSDEEP:	3:LUfGC48HlHJ2R4OE9HQnpK9fQ8I5CMnRMRU8x4RiiP22/90+apWyRHfHO:nCf4R5ElWpKWjvRMmhLP2saVO
MD5:	C4F67A4EFC37372559CD375AA74454A3
SHA1:	2B7303240D7CBEF2B7B9F3D22D306CC04CBFBE56
SHA-256:	C72856B40493B0C4A9FC25F80A10DFBF268B23B30A07D18AF4783017F54165DE
SHA-512:	1EE4D2C1ED8044128DCDCDB97DC8680886AD0EC06C856F2449B67A6B0B9D7DE0A5EA2BBA54EB405AB129DD0247E605B68DC11CEB6A074E6CF088A73948AF2481
Malicious:	false
Reputation:	low
IE Cache URL:	https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Preview:	jsonFeed({"country":"CH","state":"ZH","stateName":"Zurich","zipcode":"8152","timezone":"Europe/Zurich","latitude":"47.43000","longitude":"8.57180","city":"Zurich","continent":"EU"});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\main.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	13691
Entropy (8bit):	5.381448070810353
Encrypted:	false
SSDEEP:	384:OYICUsySZX0Ljd0kg41VOEMFWKjzI4omXFKJvm4Qrb7H9g:OrTUUjd0zBEMFWCI+xg
MD5:	2DFF659EF77A2D4E7D76BF2CFC77C59D
SHA1:	6852E5A30F3186122B4CE704DA88D6BABBC4A8A3
SHA-256:	4CF1ADE01D47C67B3312F6750D7BAAA76C1CB0D1384FF654B255DE1A859DE959
SHA-512:	E279C04EE7ACE51A60E9E020BD272122CAD995BD4FA8D4F5658C506F788D33CBBCDCB83A63D8A2513980690D0F30B4927A71766ADD5AEBF6DA680090D2D69DA6
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/marketingtech/main.min.js
Preview:	!function(){"use strict";var e,t,n=document,a=Object.defineProperty,i="replace",o=function(e){return e=e[i](/%2523access_token%253D.?%2526/gim,"%2526")[i](/%23access_token%3D.?%26/gim,"%26")[i](/#access_token=.*?&/gim,"&")[i](/information=[^\&]+/,"")[i](/puser=[^\&]+/,"")[i](/fnuser=[^\&]+/,"")[i](/lnuser=[^\&]+/,"")};try{var r="referrer",c=n[r],s=o(c);s!==c&&a(n,r,{configurable:!0,value:s})}catch(e){}e=window,t=function(){function e(e,t){u.add(e,t),f\|\|(f=_(u.drain))}function t(e){var t,n=v(e);return null==e\|\|n!=p&&n!=h\|\|(t=e.then),v(t)==h&&t}function n(){for(var e=0;e<this.chain.length;e++)a(this,1===this.state?this.chain[e].success:this.chain[e].failure,this.chain[e]);this.chain.length=0}function a(e,n,a){var i,o;try{!1===n?a.reject(e.msg):(i=!0===n?e.msg:n.call(void 0,e.msg))===a.promise?a.reject(m("Promise-chain cycle")):(o=t(i))?o.call(i,a.resolve,a.reject):a.resolve(i)}catch(e){a.reject(e)}}function i(a){var r,s=this;if(!s.triggered){s.triggered=!0,s.def&&(s=s.def);try{(r=t(a))

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_101f95855e967721bf3a66e02d5c53da102e51674[1].jpeg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	2426
Entropy (8bit):	7.911752375782477
Encrypted:	false
SSDEEP:	48:HPiJJswAeBpYYzTXC9uWsHy0ITQEVy7+zXQrbgWVmL2F0gHbBMtL:viJJWeB2okubHX+QEVKaXQrbgdEb2
MD5:	D429C48D851C6A5FD97402FE1ECF4792
SHA1:	1247216ADE627ED5F346D0C09F707A11B902FBF9
SHA-256:	2F6C56593996954A745B48834D9914C2D00BF0236C51BADACDD92C9869129402
SHA-512:	5B90F888B95159B08607E7BFEF2CB762D4A8986D3DCF42603932B0EFDB99C66A06B5BA4DDD40B53BB633E2B8B97C81CD3572CDCEBE4A140EE4DFA17CA344EEE3
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/create/media_101f95855e967721bf3a66e02d5c53da102e51674.jpeg?width=2000&format=webply&optimize=medium
Preview:	RIFFr...WEBPVP8 f....9.......>u8.H..".#5.....M.-.......i.....V....y..G.~.~..g..O...>.....c.c.)........u....?.{......q...e.3.s....]..o...../j_...^Z.....:.?.y{.G..t0.K/.>Z}..I.q.j.V..z.=.(...2{.jQ[.U.)......2.^.......]..\..n0..G.......Ki4Y=...B!:\.....,\....\...g.q`n;.u..V;..d...b..iD.....D....p.Ht....QP.$...,5..(h(..o?.=n.R....i.!.U.`5.C$...Y!3....Gv..%.....;......:.W..g.I..<.(5..k.iU..`.j(.7.j\[.x.........0.....UZI....he.t.@jl..j..q.aL.m.8&......\|.a...lAW...+R.............mw...Q..~S....fcCW.....gF.no....Y.m.......W..S.v.....d...v.B.....y~VbTJ..Ai./~...Flp....KI".......j.8......8..`..<..).?....)\.;,....o.v.H.:.....M.s...KN.;l.e.0..Y,..1....<L$...#.......;.........1....?2Y$.n...0.......b<.\.i.{..C.\|~:.e..L."8J9...q#.2*<.%U...?y.H.c.<.v.8...x.....+%.\.Vq.....Y,....=.!..d}.S.?....G..&.Q.g.......}..S..4.!...k..Y.D....?.n8.+.y...7._.[.<..V'0.(.B[.i[....b.3s..%.@u.........]....\|5z.c\|.F...'..M`x. E.]..I...%.c.."}.j.!.;.......}.;...N.O.r.D.R.k

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_106afd3797eb2a517c646ebca3f2ca33b6f7cbc1f[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	13470
Entropy (8bit):	7.983517407990372
Encrypted:	false
SSDEEP:	384:24JNlMW+H+3lPfzkNvpaAEykLcHypRhw2FYgJ4Z8aKCvMBr:24J3aQPfwNvppEX4Ha9KrZKRBr
MD5:	F44C4E9822BC37504FD35B946CE4D6AB
SHA1:	DE7870635E9B8B83060048B9A6237E2BA5614A61
SHA-256:	34FCF35AB3F931C64AB6B742B954D3CAFAA163787BB9660B37A7B245F8D546E1
SHA-512:	7A7C68083966A04D58495CCD15F9C5DD0AE255A34BD7847AE6D0C386E2965B8B9897F5FF1DD226BF1E13F60AE9B2A7E3A72BD8B57E683AF04114475C57DACA94
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_106afd3797eb2a517c646ebca3f2ca33b6f7cbc1f.png?width=2000&format=webply&optimize=medium
Preview:	RIFF.4..WEBPVP8 .4..0......k.>u4.G...!&.....eK.{....S...{..')...=.y.}.?.....#......C.s.w..TG........p._.~?.............>e./.g.....{?...........r.....g.....?.<[....@.Z.w.........?....3..?......M.+....._._....y.......?.?....&............?........_..._......8...[.?._..n.......X?e......k.=.....u.e[X.sw....q..\..5d..o7.M.....hY.....8@p.......$.N..:..P.\|....?+}. ..`Fgy...!.i...."p.P....V.J.\|.{m.9R..R.v...}MFa.._+.t.n...g..~....Cr{.....Y.h..^x.a.C.$.k...Uq.k:.?..........t.-.......LX.:..z..w.S../.....R...t...%.M...\i?s.z..].3..oD...n..r...\|.\|....M.../...X...D".;_...5J...o#..<.x@.!....;...w>...OS.."......(`.... .i#t.]..@R./..N.NsG-..X.OQ.Q..1....=1..Zd..d.T.............a..K..FXr.<u.p-......J..?.]...Mp).@*.l...,.e..'..+......7.,O....xrx..G.#....k.... .PM1.L%r.=\|.l.....N.?d......,Q.NS\.p.......}..).i....O...G...n:"...-n.qE.4.#4GS......v..n......L....^.....;#.'+.,...&\P.9.2....GKdL..A.3P......_.....SSD.)..nv......8.d.;W..$]..f.m......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_11ac71813080b7ad80d8486ba8212b564a66f1d25[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	8602
Entropy (8bit):	7.980706577311374
Encrypted:	false
SSDEEP:	192:0Vb5mwlQbI9SDD9SEpabX0yTyPB5i3Ky5y6qfo5GmE:0/MqSsECXsZ5k4vmE
MD5:	3519DBDEC738221B4ED56F146889B0C5
SHA1:	8368D90BB91AB4BF312B31A0959AE311AEE8FB7E
SHA-256:	F3884FE1C01470D8BDA7E399CF81D46299FFC11C39FD6F2C74A164607505B0BB
SHA-512:	570E2481C9A11A30EE6E7025248FC2518B1416F37F2BD3134FE4EBD6BBC870E017F95CE329DAB48F3B28D4CD138AE14F8BC4AEEB175FB0710E503141F3ACDDEF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_11ac71813080b7ad80d8486ba8212b564a66f1d25.png?width=2000&format=webply&optimize=medium
Preview:	RIFF.!..WEBPVP8 .!.........k.>u6.H$.".%s;@...en.K.O....W...<"......K.....;.o.O.....X.../.W...../.?P.:..~.?...^>...\|.=@?..9.....n...xK...x..../..;_....'....m..}....?..........^..r.O.w..........A.k.........G....+............v-.7./...5.....>....y.\..WH%.. ....UY..v..l..D..\|...=...Lzl(....Mi..g....y.R...X.P.1^Z.....PJ.U.sqy;..).qT..s.r.7...J.UW...]..u:..&..Vug.....wz.l2...6.6.)........x..].)Fn..X....q.^~....^.5.Q:RT'#.W.~.>\.........JZ.=\|{....e.g..S.73.R.w..dT.T.,....%.o\|....8..]..:..6._...Rm1.:..>._..1..4...D.h.#.PVI)...@..=.......r....;.Lh...q.(.n...\|u.C.../.......A......8..Q....H.D;..g..;Z..X...[..z... .~..J...j..5l..Z}.....>.GU.1.R}.qF....a.E.9..L......}{....>G$...Q......@...^..!.$..SML.u.....r...p....+?.Cg.....(.-.D.......v...]..n.u.Z&...&...&u...nT].1MS.q.......1.D\|.>..o.......`?l.&.b.....@..-..I..pe..OJ.\|C/\|...x.....)...&._+.A..+.=...U...?...d..^#A.:r.~...TPQ0#..R'6....y.@..d....ZLZ.u..s;I. .t.+..f.g..{.6...........D...J.l.p.9

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_12be25e65cc93e1440bc25fe8d545d5755fbd3f9d[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	12744
Entropy (8bit):	7.984434447626562
Encrypted:	false
SSDEEP:	384:m2VKB+rxH6ZgKPsL5Dw6qXoDYr9FplMsIyBo/1a:mfK6Zg6U5E64oK9FXMGo/E
MD5:	75340F2CA756FB72A15C6A269E20C3B6
SHA1:	96157EBE0D3D143A2C6B11F52D881C0AA9BA01E5
SHA-256:	8A1461DA7256179A86600B5C14F2BBDEF900851D8F40D82FC7B438AF8D89DEF9
SHA-512:	C72DE25E4AB647F10E062012DADE8B3FBA672A2AA529AD1EB320665F54AD40A3F5C1F32657BF424118BF7CB8018DE09A0E0C4A0BE20F42D9F0F9CE9749525E28
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_12be25e65cc93e1440bc25fe8d545d5755fbd3f9d.png?width=2000&format=webply&optimize=medium
Preview:	RIFF.1..WEBPVP8 .1........k.>u2.H$..!.w.H...gn.[....IL...?L;y..lp.j.....g.?w................".u.M..................b.i....P_.?..........-..G./..Q...w.../@.I......O...?....;...Y.[.....?....5.s.....w./.?..h>.?......S.W.........o...../m_...?s.....O....~..."&...H1...-....a3#..;[..z.'.-../..B..i:.&........}.....x..G.f.,x56....N:t.k....m7.Y;.?...NW.h<<m.......U.Y.ya9.i........O..1Y....}...q...rA.,Q....2..;.-.N.\|.~W.Y.O%H5WP<....+4l.t\|Eh.xX..ZwH.7F...h.-.VL...]0........\|...'....,b..Q.F...N.i..]lQ.............?...o....l..+..lb..\c.O.(...0.q).....>..J.(4.52.....4.)....Qr.2..h.R.^..>;.=...3.7....pr.z...;..&..O1)t.....{...v.32j).S........q......<..1........LK....<{.M...[.g. .....KV..q.,..jO..s..4.a...b....7..G#..TaY.YO/yX=1....D...QS.."9s....yR..Q.....6.......r.Vo4R..U...[K..$..Y'.j..w.._.W.....K......5..2...-..1.m~...2.,Y...PF..+..'./...&.....Q..QD.....N.3Y...G0...!..W\|_y....a.ZK.n.l.,.J..........4................a.8...5\.........nA_/.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_12f25246ef43123b4685f4a829d1afba8e4a646b1[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	9036
Entropy (8bit):	7.979243285294048
Encrypted:	false
SSDEEP:	192:bShJQ+GGsmNrAiBacmHkZrL+d/EvBTvEnBeXHNU5PD9S+UDagS+tKo7Qb/:eO0reNHk1qYpvkBeOD9Syd+tKo0b/
MD5:	FDB7A0E70AD1278B121F752914FB73C3
SHA1:	7DA23F1E586B1EA4B12418BA3730BF3B26240FD7
SHA-256:	4F95CE6CDD0362E9C563F8F8739C82ED4FD08A909D43CD6583F44370EF94D56B
SHA-512:	2D3E1B882D5BEF85604FE0A4166BD772BCDCD57D2FA2BCBF7E7866426EBD6F48C0777D6600E079EAC89C161E2B7020EF939E6736DFE96967CAA5DF35A40B934C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.adobe.com/express/discover/templates/media_12f25246ef43123b4685f4a829d1afba8e4a646b1.png?width=2000&format=webply&optimize=medium
Preview:	RIFFD#..WEBPVP8 8#........k.>u4.G.."!#.....en.s.._.......~.{..p.~......@.G._k...7.../.?u.'ug._..~..'...~..Q....P/.......l.>`.....u......?..}$...a..._.......#.{.....o.>s~........../..o......?j....jz......z.b.b..O....Z.....qA^..ZQ+..u......9.{`&.X.W...W.(Q.D._.`.Y.I9..N... ....T'.5_/!W681..z..)J;I.....`V=#.o.v.1...)EVZL...."#..<`pg..4.}6{....{..e....^..a..z._uF....p.W.k..=....{o^..=..[.@...@K G0..6O.W.1f2+\..+kO:...:...<.l;I......sRV>7......ZAU.{.......n.x.xYI........t\|..].2R...O....f.w.@.G.8..../..t...V).\......t.4..dvo.G8......:....0L..TK....R...G.%.IPM"B_.E...:.".@..K.... ...&.LQ.^.uTa.$JZ..9q......o.S..x.@U.\|..n.2S...Qi.\|T....2....L..?GE.K-P.m3.H.gH.b*h.^...r...L.,.A..83\|.Y6.m`...........n....1X....zvr.@..~J...tJ..Sb.....I..T`.x...\...k........swSu\...c.... .,>f..k.6#=.6.b.?...,..D...H.....S@....;.."Nr..x..V..l.o...[0..=......q..p....V.........`.c.^.3...O....=M....\|.bU.....]5YH.\|. K....66.z.M...X.Cz..F...7g.H........\|....o.19

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jun 11, 2021 20:51:05.395179033 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.395266056 CEST	49712	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.437644958 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.437680960 CEST	443	49712	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.437767029 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.437802076 CEST	49712	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.445548058 CEST	49712	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.445596933 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.487859964 CEST	443	49712	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.487879038 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.487893105 CEST	443	49712	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.487905979 CEST	443	49712	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.487978935 CEST	49712	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.488158941 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.488178015 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.488241911 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.488297939 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.489881992 CEST	443	49712	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.489980936 CEST	49712	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.490055084 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.490161896 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.526468992 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.526603937 CEST	49712	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.532994986 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.533380032 CEST	49712	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.533413887 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.568883896 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.568989992 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.569022894 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.569075108 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.569111109 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.569192886 CEST	443	49712	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.569947958 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.571824074 CEST	443	49712	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.571852922 CEST	443	49712	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.571935892 CEST	49712	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.571970940 CEST	49712	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.572552919 CEST	49712	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.575339079 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.575380087 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.575484037 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.575562954 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.575594902 CEST	443	49712	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.577923059 CEST	443	49712	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.578027010 CEST	49712	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.612257957 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.614845991 CEST	443	49712	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.932991982 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.933039904 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.933074951 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.933124065 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.933191061 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.933238029 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.933254957 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.934072971 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.934113979 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.934252977 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.934298992 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:05.935250998 CEST	443	49711	143.204.209.124	192.168.2.3
Jun 11, 2021 20:51:05.935446024 CEST	49711	443	192.168.2.3	143.204.209.124
Jun 11, 2021 20:51:06.084583044 CEST	49714	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.084656000 CEST	49715	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.084939003 CEST	49716	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.084980965 CEST	49717	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.085202932 CEST	49718	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.128000975 CEST	443	49714	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.128046036 CEST	443	49715	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.128117085 CEST	49714	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.128189087 CEST	49715	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.128484964 CEST	443	49716	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.128518105 CEST	443	49717	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.128546000 CEST	443	49718	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.128577948 CEST	49716	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.128622055 CEST	49717	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.130146027 CEST	49717	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.130165100 CEST	49718	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.130238056 CEST	49715	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.130420923 CEST	49716	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.130600929 CEST	49718	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.130815983 CEST	49714	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.171976089 CEST	443	49717	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.172005892 CEST	443	49715	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.172231913 CEST	443	49716	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.172283888 CEST	443	49718	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.172585964 CEST	443	49714	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.174338102 CEST	443	49715	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.174396038 CEST	443	49715	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.174439907 CEST	443	49716	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.174479008 CEST	443	49716	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.174638033 CEST	443	49717	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.174679995 CEST	443	49717	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.174891949 CEST	443	49718	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.174932003 CEST	443	49718	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.175004959 CEST	443	49714	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.175048113 CEST	443	49714	65.9.66.64	192.168.2.3
Jun 11, 2021 20:51:06.175143957 CEST	49717	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.175193071 CEST	49716	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.175194025 CEST	49715	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.175210953 CEST	49714	443	192.168.2.3	65.9.66.64
Jun 11, 2021 20:51:06.175247908 CEST	49718	443	192.168.2.3	65.9.66.64

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jun 11, 2021 20:50:58.042288065 CEST	50620	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:50:58.103204012 CEST	53	50620	8.8.8.8	192.168.2.3
Jun 11, 2021 20:50:59.413362980 CEST	64938	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:50:59.466907978 CEST	53	64938	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:00.613487959 CEST	60152	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:00.666641951 CEST	53	60152	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:01.408262014 CEST	57544	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:01.458342075 CEST	53	57544	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:02.566750050 CEST	55984	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:02.617019892 CEST	53	55984	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:04.193471909 CEST	64185	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:04.255718946 CEST	53	64185	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:04.310888052 CEST	65110	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:04.363790035 CEST	53	65110	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:05.321393967 CEST	58361	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:05.381845951 CEST	53	58361	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:05.584660053 CEST	63492	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:05.638067007 CEST	53	63492	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:06.013844013 CEST	60831	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:06.080357075 CEST	53	60831	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:06.268663883 CEST	60100	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:06.331408978 CEST	53	60100	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:07.080768108 CEST	53195	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:07.139199018 CEST	53	53195	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:07.333152056 CEST	50141	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:07.398286104 CEST	53	50141	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:07.583931923 CEST	53023	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:07.637077093 CEST	53	53023	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:08.875915051 CEST	49563	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:08.926295042 CEST	53	49563	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:09.804524899 CEST	51352	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:09.857197046 CEST	53	51352	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:11.014122963 CEST	59349	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:11.064243078 CEST	53	59349	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:12.103969097 CEST	57084	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:12.154021025 CEST	53	57084	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:13.588728905 CEST	58823	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:13.647377968 CEST	53	58823	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:15.119159937 CEST	57568	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:15.170696974 CEST	53	57568	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:16.205678940 CEST	50540	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:16.258867025 CEST	53	50540	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:17.375380039 CEST	54366	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:17.426009893 CEST	53	54366	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:19.933572054 CEST	53034	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:19.986855984 CEST	53	53034	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:21.414635897 CEST	57762	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:21.466202974 CEST	53	57762	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:21.479156971 CEST	55435	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:21.546885014 CEST	53	55435	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:26.919037104 CEST	50713	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:26.980156898 CEST	53	50713	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:27.509789944 CEST	56132	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:27.512357950 CEST	58987	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:27.515842915 CEST	56579	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:27.518296957 CEST	60633	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:27.541834116 CEST	61292	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:27.565431118 CEST	53	58987	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:27.576766968 CEST	53	56132	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:27.578382969 CEST	53	56579	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:27.585633039 CEST	53	60633	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:27.592279911 CEST	53	61292	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:27.674124956 CEST	63619	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:27.735364914 CEST	53	63619	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:28.887248993 CEST	64938	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:28.951518059 CEST	53	64938	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:31.816226006 CEST	61946	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:31.879195929 CEST	53	61946	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:34.242947102 CEST	64910	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:34.297796965 CEST	53	64910	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:35.030606985 CEST	52123	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:35.094155073 CEST	53	52123	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:35.277909994 CEST	64910	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:35.330940008 CEST	53	64910	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:35.713207006 CEST	56130	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:35.726929903 CEST	56338	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:35.773917913 CEST	53	56130	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:35.790009975 CEST	53	56338	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:36.141285896 CEST	52123	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:36.205270052 CEST	53	52123	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:36.868441105 CEST	59420	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:36.919663906 CEST	53	59420	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:37.115375996 CEST	58784	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:37.159337044 CEST	52123	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:37.183365107 CEST	53	58784	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:37.221170902 CEST	53	52123	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:37.698158979 CEST	63978	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:37.758342028 CEST	53	63978	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:37.914319992 CEST	62938	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:37.974494934 CEST	53	62938	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:38.155625105 CEST	64910	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:38.211288929 CEST	53	64910	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:38.676584959 CEST	55708	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:38.739618063 CEST	53	55708	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:39.201029062 CEST	52123	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:39.262763977 CEST	53	52123	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:39.879297018 CEST	56803	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:39.942493916 CEST	53	56803	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:40.169764042 CEST	64910	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:40.222923040 CEST	53	64910	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:40.225617886 CEST	57145	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:40.285789967 CEST	53	57145	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:41.045890093 CEST	55359	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:41.107573986 CEST	53	55359	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:41.895905018 CEST	58306	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:41.957532883 CEST	53	58306	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:42.073792934 CEST	64124	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:42.140470982 CEST	53	64124	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:42.564616919 CEST	49361	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:42.631962061 CEST	53	49361	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:43.197552919 CEST	52123	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:43.259227991 CEST	53	52123	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:44.131443024 CEST	63150	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:44.182111025 CEST	64910	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:44.191643953 CEST	53	63150	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:44.236644983 CEST	53	64910	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:46.537410975 CEST	53279	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:46.599045038 CEST	53	53279	8.8.8.8	192.168.2.3
Jun 11, 2021 20:51:52.788136005 CEST	56881	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:51:52.851403952 CEST	53	56881	8.8.8.8	192.168.2.3
Jun 11, 2021 20:52:16.687635899 CEST	53642	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:52:16.757827044 CEST	53	53642	8.8.8.8	192.168.2.3
Jun 11, 2021 20:52:34.670533895 CEST	55667	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:52:34.749212980 CEST	53	55667	8.8.8.8	192.168.2.3
Jun 11, 2021 20:52:41.336004019 CEST	54833	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:52:41.400748968 CEST	53	54833	8.8.8.8	192.168.2.3
Jun 11, 2021 20:53:07.931663990 CEST	62476	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:53:07.932060957 CEST	49705	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:53:07.997639894 CEST	53	49705	8.8.8.8	192.168.2.3
Jun 11, 2021 20:53:08.006320953 CEST	53	62476	8.8.8.8	192.168.2.3
Jun 11, 2021 20:53:09.538918972 CEST	61477	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:53:09.600512981 CEST	53	61477	8.8.8.8	192.168.2.3
Jun 11, 2021 20:53:10.375077009 CEST	61633	53	192.168.2.3	8.8.8.8
Jun 11, 2021 20:53:10.438184023 CEST	53	61633	8.8.8.8	192.168.2.3

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Jun 11, 2021 20:51:06.013844013 CEST	192.168.2.3	8.8.8.8	0x9bbf	Standard query (0)	page.adobespark-assets.com	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:06.268663883 CEST	192.168.2.3	8.8.8.8	0x4967	Standard query (0)	use.typekit.net	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:07.080768108 CEST	192.168.2.3	8.8.8.8	0x405d	Standard query (0)	s3.amazonaws.com	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:07.333152056 CEST	192.168.2.3	8.8.8.8	0xe2b	Standard query (0)	p.typekit.net	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:21.479156971 CEST	192.168.2.3	8.8.8.8	0xe116	Standard query (0)	page.adobespark-assets.com	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:26.919037104 CEST	192.168.2.3	8.8.8.8	0xda94	Standard query (0)	imagesosweetphotography.com	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:27.512357950 CEST	192.168.2.3	8.8.8.8	0x3f7c	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:27.515842915 CEST	192.168.2.3	8.8.8.8	0x7404	Standard query (0)	maxcdn.bootstrapcdn.com	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:27.541834116 CEST	192.168.2.3	8.8.8.8	0xcdb2	Standard query (0)	use.fontawesome.com	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:27.674124956 CEST	192.168.2.3	8.8.8.8	0xf65d	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:28.887248993 CEST	192.168.2.3	8.8.8.8	0xc936	Standard query (0)	aadcdn.msftauth.net	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:35.713207006 CEST	192.168.2.3	8.8.8.8	0xb0b4	Standard query (0)	assets.adobedtm.com	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:35.726929903 CEST	192.168.2.3	8.8.8.8	0x631d	Standard query (0)	cdn.cookielaw.org	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:36.868441105 CEST	192.168.2.3	8.8.8.8	0xf5e2	Standard query (0)	dpm.demdex.net	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:37.115375996 CEST	192.168.2.3	8.8.8.8	0xc4c8	Standard query (0)	geolocation.onetrust.com	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:38.676584959 CEST	192.168.2.3	8.8.8.8	0xa674	Standard query (0)	static.adobelogin.com	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:39.879297018 CEST	192.168.2.3	8.8.8.8	0x7c5	Standard query (0)	adobe.tt.omtrdc.net	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:41.895905018 CEST	192.168.2.3	8.8.8.8	0x9c73	Standard query (0)	ims-na1.adobelogin.com	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:42.564616919 CEST	192.168.2.3	8.8.8.8	0x1d98	Standard query (0)	adobedc.demdex.net	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:44.131443024 CEST	192.168.2.3	8.8.8.8	0xf710	Standard query (0)	ds-aksb-a.akamaihd.net	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Jun 11, 2021 20:51:05.381845951 CEST	8.8.8.8	192.168.2.3	0xf1ca	No error (0)	spark.adobeprojectm.com		143.204.209.124	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:05.381845951 CEST	8.8.8.8	192.168.2.3	0xf1ca	No error (0)	spark.adobeprojectm.com		143.204.209.91	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:05.381845951 CEST	8.8.8.8	192.168.2.3	0xf1ca	No error (0)	spark.adobeprojectm.com		143.204.209.78	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:05.381845951 CEST	8.8.8.8	192.168.2.3	0xf1ca	No error (0)	spark.adobeprojectm.com		143.204.209.48	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:06.080357075 CEST	8.8.8.8	192.168.2.3	0x9bbf	No error (0)	page.adobespark-assets.com		65.9.66.64	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:06.080357075 CEST	8.8.8.8	192.168.2.3	0x9bbf	No error (0)	page.adobespark-assets.com		65.9.66.38	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:06.080357075 CEST	8.8.8.8	192.168.2.3	0x9bbf	No error (0)	page.adobespark-assets.com		65.9.66.115	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:06.080357075 CEST	8.8.8.8	192.168.2.3	0x9bbf	No error (0)	page.adobespark-assets.com		65.9.66.77	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:06.331408978 CEST	8.8.8.8	192.168.2.3	0x4967	No error (0)	use.typekit.net	use-stls.adobe.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:07.139199018 CEST	8.8.8.8	192.168.2.3	0x405d	No error (0)	s3.amazonaws.com		52.217.36.38	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:07.398286104 CEST	8.8.8.8	192.168.2.3	0xe2b	No error (0)	p.typekit.net	p.typekit.net-v3.edgekey.net		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:21.546885014 CEST	8.8.8.8	192.168.2.3	0xe116	No error (0)	page.adobespark-assets.com		65.9.66.64	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:21.546885014 CEST	8.8.8.8	192.168.2.3	0xe116	No error (0)	page.adobespark-assets.com		65.9.66.77	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:21.546885014 CEST	8.8.8.8	192.168.2.3	0xe116	No error (0)	page.adobespark-assets.com		65.9.66.115	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:21.546885014 CEST	8.8.8.8	192.168.2.3	0xe116	No error (0)	page.adobespark-assets.com		65.9.66.38	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:26.980156898 CEST	8.8.8.8	192.168.2.3	0xda94	No error (0)	imagesosweetphotography.com		162.241.69.226	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:27.565431118 CEST	8.8.8.8	192.168.2.3	0x3f7c	No error (0)	code.jquery.com	cds.s5x3j6q5.hwcdn.net		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:27.578382969 CEST	8.8.8.8	192.168.2.3	0x7404	No error (0)	maxcdn.bootstrapcdn.com		104.18.11.207	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:27.578382969 CEST	8.8.8.8	192.168.2.3	0x7404	No error (0)	maxcdn.bootstrapcdn.com		104.18.10.207	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:27.592279911 CEST	8.8.8.8	192.168.2.3	0xcdb2	No error (0)	use.fontawesome.com	fontawesome-cdn.fonticons.netdna-cdn.com		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:27.592279911 CEST	8.8.8.8	192.168.2.3	0xcdb2	No error (0)	fontawesome-cdn.fonticons.netdna-cdn.com		23.111.9.35	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:27.735364914 CEST	8.8.8.8	192.168.2.3	0xf65d	No error (0)	cdnjs.cloudflare.com		104.16.18.94	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:27.735364914 CEST	8.8.8.8	192.168.2.3	0xf65d	No error (0)	cdnjs.cloudflare.com		104.16.19.94	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:28.951518059 CEST	8.8.8.8	192.168.2.3	0xc936	No error (0)	aadcdn.msftauth.net	aadcdnoriginneu.azureedge.net		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:28.951518059 CEST	8.8.8.8	192.168.2.3	0xc936	No error (0)	cs1100.wpc.omegacdn.net		152.199.23.37	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:35.773917913 CEST	8.8.8.8	192.168.2.3	0xb0b4	No error (0)	assets.adobedtm.com	cn-assets.adobedtm.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:35.790009975 CEST	8.8.8.8	192.168.2.3	0x631d	No error (0)	cdn.cookielaw.org		104.16.149.64	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:35.790009975 CEST	8.8.8.8	192.168.2.3	0x631d	No error (0)	cdn.cookielaw.org		104.16.148.64	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:36.919663906 CEST	8.8.8.8	192.168.2.3	0xf5e2	No error (0)	dpm.demdex.net	gslb-2.demdex.net		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:36.919663906 CEST	8.8.8.8	192.168.2.3	0xf5e2	No error (0)	gslb-2.demdex.net	edge-irl1.demdex.net		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:36.919663906 CEST	8.8.8.8	192.168.2.3	0xf5e2	No error (0)	edge-irl1.demdex.net	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:36.919663906 CEST	8.8.8.8	192.168.2.3	0xf5e2	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		3.250.252.43	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:36.919663906 CEST	8.8.8.8	192.168.2.3	0xf5e2	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		18.200.233.208	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:36.919663906 CEST	8.8.8.8	192.168.2.3	0xf5e2	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		34.254.147.143	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:36.919663906 CEST	8.8.8.8	192.168.2.3	0xf5e2	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		52.17.93.232	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:36.919663906 CEST	8.8.8.8	192.168.2.3	0xf5e2	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		52.16.73.168	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:36.919663906 CEST	8.8.8.8	192.168.2.3	0xf5e2	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		54.171.219.200	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:36.919663906 CEST	8.8.8.8	192.168.2.3	0xf5e2	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		54.195.125.109	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:36.919663906 CEST	8.8.8.8	192.168.2.3	0xf5e2	No error (0)	dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com		52.19.195.165	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:37.183365107 CEST	8.8.8.8	192.168.2.3	0xc4c8	No error (0)	geolocation.onetrust.com		104.20.184.68	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:37.183365107 CEST	8.8.8.8	192.168.2.3	0xc4c8	No error (0)	geolocation.onetrust.com		104.20.185.68	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:37.758342028 CEST	8.8.8.8	192.168.2.3	0xd123	No error (0)	adobe.com.ssl.d1.sc.omtrdc.net		15.188.95.229	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:37.758342028 CEST	8.8.8.8	192.168.2.3	0xd123	No error (0)	adobe.com.ssl.d1.sc.omtrdc.net		15.236.176.210	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:37.758342028 CEST	8.8.8.8	192.168.2.3	0xd123	No error (0)	adobe.com.ssl.d1.sc.omtrdc.net		13.36.218.177	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:38.739618063 CEST	8.8.8.8	192.168.2.3	0xa674	No error (0)	static.adobelogin.com	adobelogin-static.prod.ims.adobejanus.com		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:38.739618063 CEST	8.8.8.8	192.168.2.3	0xa674	No error (0)	adobelogin-static.prod.ims.adobejanus.com	dd20fzx9mj46f.cloudfront.net		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:38.739618063 CEST	8.8.8.8	192.168.2.3	0xa674	No error (0)	dd20fzx9mj46f.cloudfront.net		13.32.16.66	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:39.942493916 CEST	8.8.8.8	192.168.2.3	0x7c5	No error (0)	adobe.tt.omtrdc.net		18.203.205.32	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:39.942493916 CEST	8.8.8.8	192.168.2.3	0x7c5	No error (0)	adobe.tt.omtrdc.net		34.252.156.174	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:39.942493916 CEST	8.8.8.8	192.168.2.3	0x7c5	No error (0)	adobe.tt.omtrdc.net		34.252.166.160	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:39.942493916 CEST	8.8.8.8	192.168.2.3	0x7c5	No error (0)	adobe.tt.omtrdc.net		34.251.77.56	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:39.942493916 CEST	8.8.8.8	192.168.2.3	0x7c5	No error (0)	adobe.tt.omtrdc.net		52.51.251.137	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:39.942493916 CEST	8.8.8.8	192.168.2.3	0x7c5	No error (0)	adobe.tt.omtrdc.net		52.212.164.82	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:39.942493916 CEST	8.8.8.8	192.168.2.3	0x7c5	No error (0)	adobe.tt.omtrdc.net		54.75.9.158	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:39.942493916 CEST	8.8.8.8	192.168.2.3	0x7c5	No error (0)	adobe.tt.omtrdc.net		52.212.193.208	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:41.107573986 CEST	8.8.8.8	192.168.2.3	0x50ef	No error (0)	services.prod.ims.adobejanus.com		34.248.139.119	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:41.107573986 CEST	8.8.8.8	192.168.2.3	0x50ef	No error (0)	services.prod.ims.adobejanus.com		63.32.113.5	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:41.107573986 CEST	8.8.8.8	192.168.2.3	0x50ef	No error (0)	services.prod.ims.adobejanus.com		108.128.108.210	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:41.107573986 CEST	8.8.8.8	192.168.2.3	0x50ef	No error (0)	services.prod.ims.adobejanus.com		52.209.27.136	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:41.107573986 CEST	8.8.8.8	192.168.2.3	0x50ef	No error (0)	services.prod.ims.adobejanus.com		99.81.92.132	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:41.107573986 CEST	8.8.8.8	192.168.2.3	0x50ef	No error (0)	services.prod.ims.adobejanus.com		52.213.176.171	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:41.957532883 CEST	8.8.8.8	192.168.2.3	0x9c73	No error (0)	ims-na1.adobelogin.com	adobelogin.prod.ims.adobejanus.com		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:41.957532883 CEST	8.8.8.8	192.168.2.3	0x9c73	No error (0)	adobelogin.prod.ims.adobejanus.com	adobelogin-origin.prod.ims.adobejanus.com		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:41.957532883 CEST	8.8.8.8	192.168.2.3	0x9c73	No error (0)	adobelogin-origin.prod.ims.adobejanus.com		63.32.113.5	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:41.957532883 CEST	8.8.8.8	192.168.2.3	0x9c73	No error (0)	adobelogin-origin.prod.ims.adobejanus.com		108.128.108.210	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:41.957532883 CEST	8.8.8.8	192.168.2.3	0x9c73	No error (0)	adobelogin-origin.prod.ims.adobejanus.com		99.81.92.132	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:41.957532883 CEST	8.8.8.8	192.168.2.3	0x9c73	No error (0)	adobelogin-origin.prod.ims.adobejanus.com		34.248.139.119	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:41.957532883 CEST	8.8.8.8	192.168.2.3	0x9c73	No error (0)	adobelogin-origin.prod.ims.adobejanus.com		52.209.27.136	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:41.957532883 CEST	8.8.8.8	192.168.2.3	0x9c73	No error (0)	adobelogin-origin.prod.ims.adobejanus.com		52.213.176.171	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:42.631962061 CEST	8.8.8.8	192.168.2.3	0x1d98	No error (0)	adobedc.demdex.net	demdex.net.ssl.sc.omtrdc.net		CNAME (Canonical name)	IN (0x0001)
Jun 11, 2021 20:51:42.631962061 CEST	8.8.8.8	192.168.2.3	0x1d98	No error (0)	demdex.net.ssl.sc.omtrdc.net		15.236.176.210	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:42.631962061 CEST	8.8.8.8	192.168.2.3	0x1d98	No error (0)	demdex.net.ssl.sc.omtrdc.net		13.36.218.177	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:42.631962061 CEST	8.8.8.8	192.168.2.3	0x1d98	No error (0)	demdex.net.ssl.sc.omtrdc.net		15.188.95.229	A (IP address)	IN (0x0001)
Jun 11, 2021 20:51:44.191643953 CEST	8.8.8.8	192.168.2.3	0xf710	No error (0)	ds-aksb-a.akamaihd.net	ds-aksb-a.akamaihd.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Jun 11, 2021 20:51:05.489881992 CEST	143.204.209.124	443	192.168.2.3	49712	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:05.489881992 CEST	143.204.209.124	443	192.168.2.3	49712	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:05.490055084 CEST	143.204.209.124	443	192.168.2.3	49711	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:05.490055084 CEST	143.204.209.124	443	192.168.2.3	49711	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:06.177361012 CEST	65.9.66.64	443	192.168.2.3	49715	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:06.177361012 CEST	65.9.66.64	443	192.168.2.3	49715	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:06.177649975 CEST	65.9.66.64	443	192.168.2.3	49716	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:06.177649975 CEST	65.9.66.64	443	192.168.2.3	49716	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:06.177941084 CEST	65.9.66.64	443	192.168.2.3	49717	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:06.177941084 CEST	65.9.66.64	443	192.168.2.3	49717	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:06.177979946 CEST	65.9.66.64	443	192.168.2.3	49718	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:06.177979946 CEST	65.9.66.64	443	192.168.2.3	49718	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:06.178282976 CEST	65.9.66.64	443	192.168.2.3	49714	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:06.178282976 CEST	65.9.66.64	443	192.168.2.3	49714	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:07.475579023 CEST	52.217.36.38	443	192.168.2.3	49721	CN=s3.amazonaws.com, O="Amazon.com, Inc.", L=Seattle, ST=Washington, C=US CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Aug 04 02:00:00 CEST 2020 Tue Dec 08 13:05:07 CET 2015	Mon Aug 09 14:00:00 CEST 2021 Sat May 10 14:00:00 CEST 2025	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:07.475579023 CEST	52.217.36.38	443	192.168.2.3	49721	CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Dec 08 13:05:07 CET 2015	Sat May 10 14:00:00 CEST 2025		3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:07.548233032 CEST	52.217.36.38	443	192.168.2.3	49722	CN=s3.amazonaws.com, O="Amazon.com, Inc.", L=Seattle, ST=Washington, C=US CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Aug 04 02:00:00 CEST 2020 Tue Dec 08 13:05:07 CET 2015	Mon Aug 09 14:00:00 CEST 2021 Sat May 10 14:00:00 CEST 2025	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:07.548233032 CEST	52.217.36.38	443	192.168.2.3	49722	CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Dec 08 13:05:07 CET 2015	Sat May 10 14:00:00 CEST 2025		3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:21.641757965 CEST	65.9.66.64	443	192.168.2.3	49736	CN=spark.adobe.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Jun 05 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013	Fri Jun 10 14:00:00 CEST 2022 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
Jun 11, 2021 20:51:21.641757965 CEST	65.9.66.64	443	192.168.2.3	49736	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		37f463bf4616ecd445d4a1937da06e19
Jun 11, 2021 20:51:27.305636883 CEST	162.241.69.226	443	192.168.2.3	49738	CN=imagesosweetphotography.com CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Tue May 18 02:00:00 CEST 2021 Mon May 18 02:00:00 CEST 2015 Thu Jan 01 01:00:00 CET 2004	Tue Aug 17 01:59:59 CEST 2021 Sun May 18 01:59:59 CEST 2025 Mon Jan 01 00:59:59 CET 2029	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US	CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	Mon May 18 02:00:00 CEST 2015	Sun May 18 01:59:59 CEST 2025
					CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Thu Jan 01 01:00:00 CET 2004	Mon Jan 01 00:59:59 CET 2029
Jun 11, 2021 20:51:27.314332008 CEST	162.241.69.226	443	192.168.2.3	49737	CN=imagesosweetphotography.com CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Tue May 18 02:00:00 CEST 2021 Mon May 18 02:00:00 CEST 2015 Thu Jan 01 01:00:00 CET 2004	Tue Aug 17 01:59:59 CEST 2021 Sun May 18 01:59:59 CEST 2025 Mon Jan 01 00:59:59 CET 2029	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US	CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	Mon May 18 02:00:00 CEST 2015	Sun May 18 01:59:59 CEST 2025
					CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Thu Jan 01 01:00:00 CET 2004	Mon Jan 01 00:59:59 CET 2029
Jun 11, 2021 20:51:27.666563988 CEST	104.18.11.207	443	192.168.2.3	49746	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Mar 01 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Tue Mar 01 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:27.666563988 CEST	104.18.11.207	443	192.168.2.3	49746	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:27.667941093 CEST	104.18.11.207	443	192.168.2.3	49745	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Mar 01 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Tue Mar 01 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:27.667941093 CEST	104.18.11.207	443	192.168.2.3	49745	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:27.697223902 CEST	23.111.9.35	443	192.168.2.3	49750	CN=*.fontawesome.com, O=Fonticons Inc, L=Bentonville, ST=Arkansas, C=US CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 13 01:00:00 CET 2020 Thu Sep 24 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006	Wed Dec 15 00:59:59 CET 2021 Tue Sep 24 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Sep 24 02:00:00 CEST 2020	Tue Sep 24 01:59:59 CEST 2030
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Jun 11, 2021 20:51:27.697465897 CEST	23.111.9.35	443	192.168.2.3	49749	CN=*.fontawesome.com, O=Fonticons Inc, L=Bentonville, ST=Arkansas, C=US CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 13 01:00:00 CET 2020 Thu Sep 24 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006	Wed Dec 15 00:59:59 CET 2021 Tue Sep 24 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Sep 24 02:00:00 CEST 2020	Tue Sep 24 01:59:59 CEST 2030
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Jun 11, 2021 20:51:27.836237907 CEST	104.16.18.94	443	192.168.2.3	49753	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Wed Oct 21 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Thu Oct 21 01:59:59 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:27.836237907 CEST	104.16.18.94	443	192.168.2.3	49753	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:27.846576929 CEST	104.16.18.94	443	192.168.2.3	49752	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Wed Oct 21 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Thu Oct 21 01:59:59 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:27.846576929 CEST	104.16.18.94	443	192.168.2.3	49752	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:27.846743107 CEST	52.217.36.38	443	192.168.2.3	49741	CN=s3.amazonaws.com, O="Amazon.com, Inc.", L=Seattle, ST=Washington, C=US CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Aug 04 02:00:00 CEST 2020 Tue Dec 08 13:05:07 CET 2015	Mon Aug 09 14:00:00 CEST 2021 Sat May 10 14:00:00 CEST 2025	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:27.846743107 CEST	52.217.36.38	443	192.168.2.3	49741	CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Dec 08 13:05:07 CET 2015	Sat May 10 14:00:00 CEST 2025		3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:27.855108023 CEST	52.217.36.38	443	192.168.2.3	49742	CN=s3.amazonaws.com, O="Amazon.com, Inc.", L=Seattle, ST=Washington, C=US CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Aug 04 02:00:00 CEST 2020 Tue Dec 08 13:05:07 CET 2015	Mon Aug 09 14:00:00 CEST 2021 Sat May 10 14:00:00 CEST 2025	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:27.855108023 CEST	52.217.36.38	443	192.168.2.3	49742	CN=DigiCert Baltimore CA-2 G2, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Dec 08 13:05:07 CET 2015	Sat May 10 14:00:00 CEST 2025		3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:29.170438051 CEST	152.199.23.37	443	192.168.2.3	49755	CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu May 13 02:00:00 CEST 2021 Wed Sep 23 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006	Sat May 14 01:59:59 CEST 2022 Mon Sep 23 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Sep 23 02:00:00 CEST 2020	Mon Sep 23 01:59:59 CEST 2030
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Jun 11, 2021 20:51:29.170835972 CEST	152.199.23.37	443	192.168.2.3	49754	CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu May 13 02:00:00 CEST 2021 Wed Sep 23 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006	Sat May 14 01:59:59 CEST 2022 Mon Sep 23 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Sep 23 02:00:00 CEST 2020	Mon Sep 23 01:59:59 CEST 2030
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Jun 11, 2021 20:51:35.962260962 CEST	104.16.149.64	443	192.168.2.3	49762	CN=cookielaw.org, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Jun 01 02:00:00 CEST 2021 Mon Jan 27 13:48:08 CET 2020	Wed Jun 01 01:59:59 CEST 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:35.962260962 CEST	104.16.149.64	443	192.168.2.3	49762	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:35.962702036 CEST	104.16.149.64	443	192.168.2.3	49763	CN=cookielaw.org, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Jun 01 02:00:00 CEST 2021 Mon Jan 27 13:48:08 CET 2020	Wed Jun 01 01:59:59 CEST 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:35.962702036 CEST	104.16.149.64	443	192.168.2.3	49763	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:37.054620028 CEST	3.250.252.43	443	192.168.2.3	49764	CN=*.demdex.net, OU=Digital Marketing, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Dec 02 01:00:00 CET 2020 Thu Sep 24 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006	Mon Jan 03 00:59:59 CET 2022 Tue Sep 24 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Sep 24 02:00:00 CEST 2020	Tue Sep 24 01:59:59 CEST 2030
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Jun 11, 2021 20:51:37.085609913 CEST	3.250.252.43	443	192.168.2.3	49765	CN=*.demdex.net, OU=Digital Marketing, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Dec 02 01:00:00 CET 2020 Thu Sep 24 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006	Mon Jan 03 00:59:59 CET 2022 Tue Sep 24 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Thu Sep 24 02:00:00 CEST 2020	Tue Sep 24 01:59:59 CEST 2030
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Jun 11, 2021 20:51:37.707302094 CEST	104.20.184.68	443	192.168.2.3	49766	CN=onetrust.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Fri Feb 12 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Sat Feb 12 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:37.707302094 CEST	104.20.184.68	443	192.168.2.3	49766	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:37.708684921 CEST	104.20.184.68	443	192.168.2.3	49767	CN=onetrust.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Fri Feb 12 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Sat Feb 12 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:37.708684921 CEST	104.20.184.68	443	192.168.2.3	49767	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:37.868438005 CEST	15.188.95.229	443	192.168.2.3	49769	CN=sstats.adobe.com, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon May 18 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Aug 25 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:37.868438005 CEST	15.188.95.229	443	192.168.2.3	49769	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:37.868803024 CEST	15.188.95.229	443	192.168.2.3	49768	CN=sstats.adobe.com, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon May 18 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Wed Aug 25 14:00:00 CEST 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:37.868803024 CEST	15.188.95.229	443	192.168.2.3	49768	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		3faf2df7ab96c36419c31725cb1fa7d6
Jun 11, 2021 20:51:38.882415056 CEST	13.32.16.66	443	192.168.2.3	49771	CN=static.adobelogin.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Sep 18 02:00:00 CEST 2019 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006	Wed Sep 22 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Jun 11, 2021 20:51:38.929336071 CEST	13.32.16.66	443	192.168.2.3	49772	CN=static.adobelogin.com, OU=IT, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Sep 18 02:00:00 CEST 2019 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006	Wed Sep 22 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Jun 11, 2021 20:51:40.240529060 CEST	18.203.205.32	443	192.168.2.3	49773	CN=*.tt.omtrdc.net, O=Adobe Inc., L=SAN JOSE, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon Nov 02 01:00:00 CET 2020 Fri Mar 08 13:00:00 CET 2013	Wed Nov 10 00:59:59 CET 2021 Wed Mar 08 13:00:00 CET 2023	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:40.240529060 CEST	18.203.205.32	443	192.168.2.3	49773	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Mar 08 13:00:00 CET 2013	Wed Mar 08 13:00:00 CET 2023		9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:41.246932030 CEST	34.248.139.119	443	192.168.2.3	49776	CN=ims-na1.adobelogin.com, O=Adobe Inc., L=San Jose, ST=ca, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Feb 24 01:00:00 CET 2021 Wed Sep 23 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006	Tue Mar 01 00:59:59 CET 2022 Mon Sep 23 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	3faf2df7ab96c36419c31725cb1fa7d6
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Sep 23 02:00:00 CEST 2020	Mon Sep 23 01:59:59 CEST 2030
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Jun 11, 2021 20:51:42.139192104 CEST	63.32.113.5	443	192.168.2.3	49778	CN=ims-na1.adobelogin.com, O=Adobe Inc., L=San Jose, ST=ca, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Feb 24 01:00:00 CET 2021 Wed Sep 23 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006	Tue Mar 01 00:59:59 CET 2022 Mon Sep 23 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Sep 23 02:00:00 CEST 2020	Mon Sep 23 01:59:59 CEST 2030
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Jun 11, 2021 20:51:42.140290976 CEST	63.32.113.5	443	192.168.2.3	49777	CN=ims-na1.adobelogin.com, O=Adobe Inc., L=San Jose, ST=ca, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Feb 24 01:00:00 CET 2021 Wed Sep 23 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006	Tue Mar 01 00:59:59 CET 2022 Mon Sep 23 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Sep 23 02:00:00 CEST 2020	Mon Sep 23 01:59:59 CEST 2030
					CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Fri Nov 10 01:00:00 CET 2006	Mon Nov 10 01:00:00 CET 2031
Jun 11, 2021 20:51:42.771106005 CEST	15.236.176.210	443	192.168.2.3	49781	CN=adobedc.demdex.net, O=Adobe Systems Incorporated, L=San Jose, ST=California, C=US CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Wed Oct 14 02:00:00 CEST 2020 Tue Oct 22 14:00:00 CEST 2013	Mon Nov 15 00:59:59 CET 2021 Sun Oct 22 14:00:00 CEST 2028	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 11, 2021 20:51:42.771106005 CEST	15.236.176.210	443	192.168.2.3	49781	CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Tue Oct 22 14:00:00 CEST 2013	Sun Oct 22 14:00:00 CEST 2028		9e10692f1b7f78228b2d4e424db3a98c

Code Manipulations

Statistics

Behavior

Click to jump to process

System Behavior

Analysis Process: iexplore.exe PID: 5348 Parent PID: 792

General

Start time:	20:51:03
Start date:	11/06/2021
Path:	C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Imagebase:	0x7ff68eda0000
File size:	823560 bytes
MD5 hash:	6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Analysis Process: iexplore.exe PID: 1396 Parent PID: 5348

General

Start time:	20:51:04
Start date:	11/06/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5348 CREDAT:17410 /prefetch:2
Imagebase:	0x240000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, File monitoring, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, Azure AD, GCP, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report https://spark.adobe.com/page/QbyXJuM93yIVE/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Overview

Dropped Files

Sigma Overview

Signature Overview

AV Detection:

Phishing:

Compliance:

Networking:

System Summary:

Malware Analysis System Evasion:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

URLs from Memory and Binaries

Contacted IPs

Public

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTPS Packets

Code Manipulations

Statistics

Behavior

System Behavior

Analysis Process: iexplore.exe PID: 5348 Parent PID: 792

General

Analysis Process: iexplore.exe PID: 1396 Parent PID: 5348

General

Disassembly