Windows Analysis Report https://securisync.intermedia.net/us2/s/IpnIUjFRDCv9PeEVchmZ5r003e9fc4

Overview

General Information

Sample URL:	https://securisync.intermedia.net/us2/s/IpnIUjFRDCv9PeEVchmZ5r003e9fc4
Analysis ID:	436463
Infos:
Most interesting Screenshot:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Found iframes

Classification

Signatures

Phishing:

Found iframes

Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: Iframe src: https://www.intermedia.net/crossdomain/frame.html
Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: Iframe src: https://app-sj01.marketo.com/index.php/form/XDFrame
Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: Iframe src: https://www.intermedia.net/crossdomain/frame.html
Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: Iframe src: https://app-sj01.marketo.com/index.php/form/XDFrame
Source: https://www.intermedia.com/products/securisync	HTTP Parser: Iframe src: https://www.intermedia.net/crossdomain/frame.html
Source: https://www.intermedia.com/products/securisync	HTTP Parser: Iframe src: https://app-sj01.marketo.com/index.php/form/XDFrame
Source: https://www.intermedia.com/products/securisync	HTTP Parser: Iframe src: https://www.intermedia.net/crossdomain/frame.html
Source: https://www.intermedia.com/products/securisync	HTTP Parser: Iframe src: https://app-sj01.marketo.com/index.php/form/XDFrame

Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: No <meta name="author".. found
Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: No <meta name="author".. found
Source: https://www.intermedia.com/products/securisync	HTTP Parser: No <meta name="author".. found
Source: https://www.intermedia.com/products/securisync	HTTP Parser: No <meta name="author".. found

Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: No <meta name="copyright".. found
Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: No <meta name="copyright".. found
Source: https://www.intermedia.com/products/securisync	HTTP Parser: No <meta name="copyright".. found
Source: https://www.intermedia.com/products/securisync	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 199.193.202.116:443 -> 192.168.2.3:49681 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.202.116:443 -> 192.168.2.3:49680 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.69:443 -> 192.168.2.3:49687 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.69:443 -> 192.168.2.3:49686 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.119:443 -> 192.168.2.3:49689 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.119:443 -> 192.168.2.3:49688 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49691 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49692 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49690 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49693 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49695 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49694 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49696 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49698 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49699 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.202.116:443 -> 192.168.2.3:49700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49702 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.93.80:443 -> 192.168.2.3:49704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.93.80:443 -> 192.168.2.3:49703 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.27.190:443 -> 192.168.2.3:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.27.190:443 -> 192.168.2.3:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.3:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.3:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.144.84:443 -> 192.168.2.3:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.144.84:443 -> 192.168.2.3:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.125.140.154:443 -> 192.168.2.3:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.125.140.154:443 -> 192.168.2.3:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.41:443 -> 192.168.2.3:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.41:443 -> 192.168.2.3:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.29:443 -> 192.168.2.3:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.29:443 -> 192.168.2.3:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.69:443 -> 192.168.2.3:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.69:443 -> 192.168.2.3:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.111:443 -> 192.168.2.3:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.111:443 -> 192.168.2.3:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.156.70:443 -> 192.168.2.3:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.156.70:443 -> 192.168.2.3:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 80.75.66.243:443 -> 192.168.2.3:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 80.75.66.243:443 -> 192.168.2.3:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.131:443 -> 192.168.2.3:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.131:443 -> 192.168.2.3:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 93.158.134.119:443 -> 192.168.2.3:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 93.158.134.119:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 154.47.36.17:443 -> 192.168.2.3:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 154.47.36.17:443 -> 192.168.2.3:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.147.68:443 -> 192.168.2.3:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.147.68:443 -> 192.168.2.3:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.68:443 -> 192.168.2.3:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.68:443 -> 192.168.2.3:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.137.162:443 -> 192.168.2.3:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.137.162:443 -> 192.168.2.3:49768 version: TLS 1.2

Source: securisync[1].htm.2.dr	String found in binary or memory: <a class="fancybox-media vid-link with-icon" href="https://www.youtube.com/watch?v=IFcmZPTAtic">See how SecuriSync protects against ransomware-related downtime</a> equals www.youtube.com (Youtube)
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: <a class="facebook social-icon" target="_blank" href="https://www.facebook.com/intermedia.inc"> equals www.facebook.com (Facebook)
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: <a class="linkedin social-icon" target="_blank" href="https://www.linkedin.com/company/intermedia"> equals www.linkedin.com (Linkedin)
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: <a class="linkedin social-icon" target="_blank" href="https://www.youtube.com/channel/UCU-qlUSGWdMC95HVO5hHPrg "> equals www.youtube.com (Youtube)
Source: gtm[1].js.2.dr	String found in binary or memory: "vtp_html":"\u003Cscript type=\"text\/gtmscript\"\u003E!function(b,e,f,g,a,c,d){b.fbq\|\|(a=b.fbq=function(){a.callMethod?a.callMethod.apply(a,arguments):a.queue.push(arguments)},b._fbq\|\|(b._fbq=a),a.push=a,a.loaded=!0,a.version=\"2.0\",a.queue=[],c=e.createElement(f),c.async=!0,c.src=g,d=e.getElementsByTagName(f)[0],d.parentNode.insertBefore(c,d))}(window,document,\"script\",\"https:\/\/connect.facebook.net\/en_US\/fbevents.js\");fbq(\"dataProcessingOptions\",[\"LDU\"],0,0);fbq(\"init\",\"387569738474119\");fbq(\"track\",\"PageView\");\u003C\/script\u003E\n\u003Cnoscript\u003E\u003Cimg height=\"1\" width=\"1\" style=\"display:none\" src=\"https:\/\/www.facebook.com\/tr?id=387569738474119\u0026amp;ev=PageView\u0026amp;noscript=1\u0026amp;dpo=LDU\u0026amp;dpoco=0\u0026amp;dpost=0\"\u003E\u003C\/noscript\u003E", equals www.facebook.com (Facebook)
Source: customization[1].json.2.dr	String found in binary or memory: "VideosLink": "https://www.youtube.com/playlist?list=PLCRe8TVknTfsvF3zPUZWzwYpDJVlcLz6e", equals www.youtube.com (Youtube)
Source: 387569738474119[1].js.2.dr	String found in binary or memory: (function(a,b,c,d){var e={exports:{}};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage\|\|function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correctly on this page"},"");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]\|\|(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModuleRegistered=function(b,a){f.fbIsModuleLoaded(b)\|\|(f.__fbeventsModules[b]=a)});f.ensureModuleRegistered("signalsFBEventsGetIwlUrl",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=f.getFbeventsModules("signalsFBEventsGetTier");e.exports=function(b,c){c=a(c);c=c==null?"www.facebook.com":"www."+c+".facebook.com";return"https://"+c+"/signals/iwl.js?pixel_id="+b}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("signalsFBEventsGetTier",function(){return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEvents.plugins.iwlbootstrapper",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var c=f.getFbeventsModules("SignalsFBEventsIWLBootStrapEvent"),d=f.getFbeventsModules("SignalsFBEventsLogging"),g=f.getFbeventsModules("SignalsFBEventsNetworkConfig"),h=f.getFbeventsModules("SignalsFBEventsPlugin"),i=f.getFbeventsModules("signalsFBEventsGetIwlUrl"),j=f.getFbeventsModules("signalsFBEventsGetTier"),k=d.logUserError,l=/^https:\/\/.\.facebook\.com$/i,m="FACEBOOK_IWL_CONFIG_STORAGE_KEY",n=a.sessionStorage?a.sessionStorage:{getItem:function(a){return null},removeItem:function(a){},setItem:function(a,b){}};e.exports=new h(function(d,e){function h(c,d){var e=b.createElement("script");e.async=!0;e.onload=function(){if(!a.FacebookIWL\|\|!a.FacebookIWL.init)return;var b=j(g.ENDPOINT);b!=null&&a.FacebookIWL.set&&a.FacebookIWL.set("tier",b);d()};a.FacebookIWLSessionEnd=function(){n.removeItem(m),a.close()};e.src=i(c,g.ENDPOINT);b.body&&b.body.appendChild(e)}var o=!1,p=function(a){return!!(e&&e.pixelsByID&&Object.prototype.hasOwnProperty.call(e.pixelsByID,a))};function q(){if(o)return;var b=n.getItem(m);if(!b)return;b=JSON.parse(b);var c=b.pixelID,d=b.graphToken,e=b.sessionStartTime;o=!0;h(c,function(){var b=p(c)?c:null;a.FacebookIWL.init(b,d,e)})}function r(b){if(o)return;h(b,func
Source: gtm[1].js.2.dr	String found in binary or memory: E=V("YT"),D=function(){e(C)};J(u.vtp_gtmOnSuccess);if(E)E.ready&&E.ready(D);else{var I=V("onYouTubeIframeAPIReady");qt("onYouTubeIframeAPIReady",function(){I&&I();D()});J(function(){for(var R=V("document"),Q=R.getElementsByTagName("script"),S=Q.length,T=0;T<S;T++){var Z=Q[T].getAttribute("src");if(b(Z,"iframe_api")\|\|b(Z,"player_api"))return}for(var L=R.getElementsByTagName("iframe"),W=L.length,ca=0;ca<W;ca++)if(!t&&c(L[ca],C.ic)){U("https://www.youtube.com/iframe_api");t=!0;break}})}}else J(u.vtp_gtmOnSuccess)} equals www.youtube.com (Youtube)
Source: gtm[1].js.2.dr	String found in binary or memory: Math.round(p);v["gtm.videoCurrentTime"]=Math.round(q);v["gtm.videoElapsedTime"]=Math.round(f);v["gtm.videoPercent"]=r;v["gtm.videoVisible"]=t;return v},ug:function(){e=cb()},Db:function(){d()}}};var zq=["www.youtube.com","www.youtube-nocookie.com"],Aq,Bq=!1,Cq=0; equals www.youtube.com (Youtube)
Source: www-widgetapi[1].js.2.dr	String found in binary or memory: n.setup=function(a,b){var c=document;if(a="string"===typeof a?c.getElementById(a):a)if(c="iframe"===a.tagName.toLowerCase(),b.host\|\|(b.host=c?Db(a.src):"https://www.youtube.com"),this.i=new Si(b),c\|\|(b=aj(this,a),this.m=a,(c=a.parentNode)&&c.replaceChild(b,a),a=b),this.h=a,this.h.id\|\|(this.h.id="widget"+Ga(this.h)),Mi[this.h.id]=this,window.postMessage){this.l=new P;bj(this);b=Z(this.i,"events");for(var d in b)b.hasOwnProperty(d)&&this.addEventListener(d,b[d]);for(var e in Oi)Oi.hasOwnProperty(e)&& equals www.youtube.com (Youtube)
Source: yt-tracking[1].js.2.dr	String found in binary or memory: tag.src = "https://www.youtube.com/player_api"; equals www.youtube.com (Youtube)
Source: gtm[1].js.2.dr	String found in binary or memory: var p=["www.youtube.com","www.youtube-nocookie.com"],q={UNSTARTED:-1,ENDED:0,PLAYING:1,PAUSED:2,BUFFERING:3,CUED:5},r,t=!1;(function(u){Y.__ytl=u;Y.__ytl.m="ytl";Y.__ytl.o=!0;Y.__ytl.priorityOverride=0})(function(u){u.vtp_triggerStartOption?m(u):vl(function(){m(u)})})}(); equals www.youtube.com (Youtube)
Source: player_api[1].js0.2.dr	String found in binary or memory: var scriptUrl = 'https:\/\/www.youtube.com\/s\/player\/997fe684\/www-widgetapi.vflset\/www-widgetapi.js';try{var ttPolicy=window.trustedTypes.createPolicy("youtube-widget-api",{createScriptURL:function(x){return x}});scriptUrl=ttPolicy.createScriptURL(scriptUrl)}catch(e){}if(!window["YT"])var YT={loading:0,loaded:0};if(!window["YTConfig"])var YTConfig={"host":"https://www.youtube.com"}; equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: securisync.intermedia.net

Source: tag[1].js.2.dr	String found in binary or memory: http://127.0.0.1
Source: IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].htm.2.dr	String found in binary or memory: http://angularjs.org
Source: st[1].js.2.dr	String found in binary or memory: http://bestiejs.github.io/json3
Source: vendor.bundle[1].js.2.dr	String found in binary or memory: http://g.co/ng/security#xss)
Source: vendor.bundle[1].js.2.dr	String found in binary or memory: http://g.co/ng/security#xss).
Source: st[1].js.2.dr	String found in binary or memory: http://james.padolsey.com
Source: jquery-custom-ui.min[1].js.2.dr	String found in binary or memory: http://jquery.com/
Source: st[1].js.2.dr, jquery-custom-ui.min[1].js.2.dr	String found in binary or memory: http://jquery.org/license
Source: st[1].js.2.dr	String found in binary or memory: http://kit.mit-license.org
Source: st[1].js.2.dr	String found in binary or memory: http://sizzlejs.com/
Source: st[1].js.2.dr	String found in binary or memory: http://unlicense.org/UNLICENSE
Source: jquery.lazyload[1].js.2.dr	String found in binary or memory: http://www.appelsiini.net/projects/lazyload
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: http://www.intermedia.co.uk/why-intermedia
Source: compliance[1].htm.2.dr	String found in binary or memory: http://www.intermedia.co.uk/why-intermedia/compliance
Source: securisync[1].htm.2.dr	String found in binary or memory: http://www.intermedia.com/products/securisync
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: http://www.intermedia.com/why-intermedia
Source: compliance[1].htm.2.dr	String found in binary or memory: http://www.intermedia.com/why-intermedia/compliance
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: http://www.jdpower.com
Source: jquery.lazyload[1].js.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: customization[1].json.2.dr	String found in binary or memory: https://account.securisync.intermedia.net/login/v1.1/
Source: gtm[1].js.2.dr	String found in binary or memory: https://ade.googlesyndication.com/ddm/activity
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://admin.us2sync.myonlinedata.net/provisioning
Source: js[2].js.2.dr, gtm[1].js.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: analytics[1].js.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://app-sj01.marketo.com/index.php/form/XDFrame
Source: customization[1].json.2.dr	String found in binary or memory: https://apps.apple.com/us/app/securisync/id471324547
Source: customization[1].json.2.dr	String found in binary or memory: https://auth.myonlinedata.net/locator/
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://auth.us2sync.myonlinedata.net/auth
Source: forms2[1].css.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=33654
Source: js[2].js.2.dr, gtm[1].js.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://cp.intermedia.net/ControlPanel/Login
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://cp.serverdata.net/Portal/Partner/Login
Source: www-widgetapi[1].js.2.dr	String found in binary or memory: https://developers.google.com/youtube/iframe_api_reference#Events
Source: munchkin[1].js0.2.dr	String found in binary or memory: https://developers.marketo.com/?p=7696
Source: munchkin[1].js.2.dr	String found in binary or memory: https://developers.marketo.com/MunchkinLicense.pdf
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://fonts.gstatic.com/
Source: gtm[1].js.2.dr	String found in binary or memory: https://github.com/krux/postscribe/blob/master/LICENSE.
Source: vendor.bundle[1].js.2.dr	String found in binary or memory: https://goo.gl/X2J8zc.
Source: vendor.bundle[1].js.2.dr	String found in binary or memory: https://goo.gl/wIDDiL
Source: customization[1].json.2.dr	String found in binary or memory: https://howto.securisync.com
Source: why-intermedia[1].htm0.2.dr, securisync[1].htm.2.dr	String found in binary or memory: https://kb.intermedia.net
Source: securisync[1].htm.2.dr	String found in binary or memory: https://kb.intermedia.net/Article/2554
Source: securisync[1].htm.2.dr	String found in binary or memory: https://kb.intermedia.net/Article/2652
Source: customization[1].json.2.dr	String found in binary or memory: https://kb.intermedia.net/article/3315
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://kms.us2sync.myonlinedata.net/kms
Source: tag[1].js.2.dr	String found in binary or memory: https://mc.yandex.
Source: tag[1].js.2.dr	String found in binary or memory: https://mc.yandex.md/cc
Source: js[2].js.2.dr, gtm[1].js.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://partnersales.intermedia.net
Source: customization[1].json.2.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=net.intermedia.securisync.ui&hl=en
Source: insight.min[1].js.2.dr	String found in binary or memory: https://px.ads.linkedin.com/collect?
Source: insight.min[1].js.2.dr	String found in binary or memory: https://px.ads.linkedin.com/insight_tag_errors.gif?
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisyn.com/products/securisynclic_share=IpnIUjFRDCv9PeEVchmZ5r003e9f
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisyn.com/why-intermedia/complianceRoot
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisyn.com/why-intermediasynclic_share=IpnIUjFRDCv9PeEVchmZ5r003e9f
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.int
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.inte9fc4
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.inteRoot
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.inteame.html
Source: customization[1].json.2.dr	String found in binary or memory: https://securisync.intermedia.net/downloads/securisync/documents/SecuriSync%20Get%20Started%20Guide%
Source: customization[1].json.2.dr	String found in binary or memory: https://securisync.intermedia.net/downloads/securisync/documents/SecuriSync-Get-Started-Guide-for-Fi
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://securisync.intermedia.net/us2
Source: IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].htm.2.dr	String found in binary or memory: https://securisync.intermedia.net/us2/
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr, {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.intermedia.net/us2/s/IpnIUjFRDCv9PeEVchmZ5r003e9fc4
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.intermedia.net/us2/s/IpnIUjFRDCv9PeEVchmZ5r003e9fc4Root
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.intermedia.net/us2/s/IpnIUjFRDCv9PeEVchmZ5r003e9fc4ermedia.net/us2/s/IpnIUjFRDCv9
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://securisync.intermedia.net/us2/s/file?public_share=IpnIUjFRDCv9PeEVchmZ5r003e9fc4
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://securisync.intermedia.net/us2/s/login?public_share=IpnIUjFRDCv9PeEVchmZ5r003e9fc4
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.intermedia.net/us2/s/login?public_share=IpnIUjFRDCv9PeEVchmZ5r003eRoot
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisynermedia.net/us2/s/file?public_share=IpnIUjFRDCv9PeEVchmZ5r003e9f
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisynermedia.net/us2/s/login?public_share=IpnIUjFRDCv9PeEVchmZ5r003e9
Source: gtm[1].js.2.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: st[1].js.2.dr	String found in binary or memory: https://st1.dialogtech.com/st/
Source: st[1].js.2.dr	String found in binary or memory: https://st1.dialogtech.com/st/locations
Source: st[1].js.2.dr	String found in binary or memory: https://st2.dialogtech.com/st/log
Source: analytics[1].js.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: st[1].js.2.dr	String found in binary or memory: https://stcdproducer.dialogtech.com/v1/data
Source: analytics[1].js.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://twitter.com/intermedia_net
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/chats
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/data
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/data_sse
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/diagnostic
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/metadata
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/update
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/v3
Source: tp.widget.sync.bootstrap.min[1].js.2.dr	String found in binary or memory: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://wopi.us2sync.myonlinedata.net/wopi
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.anymeeting.com/AccountManager/Login.aspx
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: analytics[1].js.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: analytics[1].js.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: js[2].js.2.dr, gtm[1].js.2.dr	String found in binary or memory: https://www.google.com
Source: js[2].js.2.dr, gtm[1].js.2.dr	String found in binary or memory: https://www.googletagmanager.com/a?id=
Source: js[2].js.2.dr, gtm[1].js.2.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-N47LFD
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.co.uk/
Source: frame[1].htm.2.dr, why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.com
Source: customization[1].json.2.dr	String found in binary or memory: https://www.intermedia.com/assets/pdf/legal/Intermedia-SecuriSync-EULA.pdf
Source: customization[1].json.2.dr	String found in binary or memory: https://www.intermedia.com/assets/pdf/legal/Intermedia-SecuriSync-ExternalUserTerms.pdf
Source: customization[1].json.2.dr	String found in binary or memory: https://www.intermedia.com/assets/pdf/legal/Intermedia-SecuriSync-Open-Source-Notice-File.pdf
Source: why-intermedia[1].htm0.2.dr, customization[1].json.2.dr	String found in binary or memory: https://www.intermedia.com/assets/pdf/legal/PrivacyPolicy.pdf
Source: imagestore.dat.2.dr	String found in binary or memory: https://www.intermedia.com/assets/tracked/img/favicon.ico
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.com/blog/animal-hospital-and-pet-resort-sets-new-standards/
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.com/blog/judicial-district-uses-technology-to-keep-courts-in-session/
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.com/blog/should-your-business-offer-flexible-work-arrangements-permanently/
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.com/blog/stranded-oil-leverages-intermedias-communications-and-collaboration-
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.com/blog/whats-the-best-cloud-storage-for-business/
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.com/blog/why-cloud-phone-systems-are-the-future/
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.com/login/voice
Source: customization[1].json.2.dr	String found in binary or memory: https://www.intermedia.com/products/SecuriSync
Source: customization[1].json.2.dr, securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.com/products/securisync
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/products/securisynclic_share=IpnIUjFRDCv9PeEVchmZ5r003e9fc4
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/products/securisynclic_share=IpnIUjFRDCv9PeEVchmZ5r003e9fc4a.net/us2/s/fi
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/products/securisyncrCloud
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr, why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia
Source: www.intermedia[1].xml.2.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia"
Source: customization[1].json.2.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia/
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr, compliance[1].htm.2.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia/compliance
Source: www.intermedia[1].xml.2.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia/compliance"
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia/complianceare=IpnIUjFRDCv9PeEVchmZ5r003e9fc4
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia/compliancezIT
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/why-intermediarWorry-Free
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/why-intermediasynclic_share=IpnIUjFRDCv9PeEVchmZ5r003e9fc4
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/why-intermediasynclic_share=IpnIUjFRDCv9PeEVchmZ5r003e9fc4com/products/se
Source: frame[1].htm.2.dr	String found in binary or memory: https://www.intermedia.net
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.net/blog
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.net/blog/category/services/securisync/
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.net/crossdomain/frame.html
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.net/report/ransomware
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.net/report/ransomware#continuity
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.linkedin.com/company/intermedia
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.tsia.com
Source: www-widgetapi[1].js.2.dr, player_api[1].js0.2.dr	String found in binary or memory: https://www.youtube.com
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.youtube.com/channel/UCU-qlUSGWdMC95HVO5hHPrg
Source: gtm[1].js.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api
Source: yt-tracking[1].js.2.dr	String found in binary or memory: https://www.youtube.com/player_api
Source: customization[1].json.2.dr	String found in binary or memory: https://www.youtube.com/playlist?list=PLCRe8TVknTfsvF3zPUZWzwYpDJVlcLz6e
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.youtube.com/watch?v=IFcmZPTAtic
Source: tag[1].js.2.dr	String found in binary or memory: https://yandexmetrica.com
Source: tag[1].js.2.dr	String found in binary or memory: https://yastatic.net/s3/gdpr/popup/v2/
Source: tag[1].js.2.dr	String found in binary or memory: https://ymetrica1.com/watch/3/1
Source: securisync[1].htm.2.dr	String found in binary or memory: https://youtu.be/enLvRvNVEdY

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49694
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49693
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49692
Source: unknown	Network traffic detected: HTTP traffic on port 49692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49690
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49689
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49688
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49687
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49686
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49685
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49684
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49683
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49682
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49681
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49680
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49687 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 199.193.202.116:443 -> 192.168.2.3:49681 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.202.116:443 -> 192.168.2.3:49680 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.69:443 -> 192.168.2.3:49687 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.69:443 -> 192.168.2.3:49686 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.119:443 -> 192.168.2.3:49689 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.119:443 -> 192.168.2.3:49688 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49691 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49692 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49690 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49693 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49695 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49694 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49696 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49698 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49699 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.202.116:443 -> 192.168.2.3:49700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49702 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.93.80:443 -> 192.168.2.3:49704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.93.80:443 -> 192.168.2.3:49703 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.27.190:443 -> 192.168.2.3:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.27.190:443 -> 192.168.2.3:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.3:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.3:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.144.84:443 -> 192.168.2.3:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.144.84:443 -> 192.168.2.3:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.125.140.154:443 -> 192.168.2.3:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.125.140.154:443 -> 192.168.2.3:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.41:443 -> 192.168.2.3:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.41:443 -> 192.168.2.3:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.29:443 -> 192.168.2.3:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.29:443 -> 192.168.2.3:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.69:443 -> 192.168.2.3:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.69:443 -> 192.168.2.3:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.111:443 -> 192.168.2.3:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.111:443 -> 192.168.2.3:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.156.70:443 -> 192.168.2.3:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.156.70:443 -> 192.168.2.3:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 80.75.66.243:443 -> 192.168.2.3:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 80.75.66.243:443 -> 192.168.2.3:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.131:443 -> 192.168.2.3:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.131:443 -> 192.168.2.3:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 93.158.134.119:443 -> 192.168.2.3:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 93.158.134.119:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 154.47.36.17:443 -> 192.168.2.3:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 154.47.36.17:443 -> 192.168.2.3:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.147.68:443 -> 192.168.2.3:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.147.68:443 -> 192.168.2.3:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.68:443 -> 192.168.2.3:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.68:443 -> 192.168.2.3:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.137.162:443 -> 192.168.2.3:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.137.162:443 -> 192.168.2.3:49768 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@3/152@33/23

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF94C390ACE305242B.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5888 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5888 CREDAT:17410 /prefetch:2	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
80.75.66.243	apikeys-lb.civiccomputing.com	United Kingdom	20860	IOMART-ASGB	false
13.224.89.41	d31y97ze264gaa.cloudfront.net	United States	16509	AMAZON-02US	false
52.200.121.85	heapanalytics.com	United States	14618	AMAZON-AESUS	false
107.162.156.70	stnumreq.dialogtech.com	United States	55002	DEFENSE-NETUS	false
192.28.144.84	abrtp1.marketo.com	United States	15224	OMNITUREUS	false
13.224.99.69	d38au5kn48shwv.cloudfront.net	United States	16509	AMAZON-02US	false
157.240.17.15	scontent.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
192.28.147.68	524-vts-832.mktoresp.com	United States	53580	MARKETOUS	false
13.224.99.68	widget.trustpilot.com	United States	16509	AMAZON-02US	false
162.244.197.119	auth.myonlinedata.net	United States	19780	AS-INTERMEDIA2US	false
13.224.99.29	dl7g9llrghqi1.cloudfront.net	United States	16509	AMAZON-02US	false
93.158.134.119	mc.yandex.ru	Russian Federation	13238	YANDEXRU	false
162.244.197.215	www.intermedia.net	United States	19780	AS-INTERMEDIA2US	false
199.193.200.116	auth.us2sync.myonlinedata.net	United States	16406	AS-INTERMEDIAUS	false
13.224.99.111	d3bipqqt7o7bp0.cloudfront.net	United States	16509	AMAZON-02US	false
142.250.186.131	www.google.ch	United States	15169	GOOGLEUS	false
108.174.11.69	pop-eda6.mix.linkedin.com	United States	14413	LINKEDINUS	false
104.16.93.80	sj01.mktoedge.com	United States	13335	CLOUDFLARENETUS	false
107.162.137.162	stproducer.dialogtech.com	United States	55002	DEFENSE-NETUS	false
154.47.36.17	mc.webvisor.org	United States	174	COGENT-174US	false
74.125.140.154	stats.l.doubleclick.net	United States	15169	GOOGLEUS	false
199.193.202.116	securisync.intermedia.net	United States	16406	AS-INTERMEDIAUS	false
104.18.27.190	tracking.g2crowd.com	United States	13335	CLOUDFLARENETUS	false

Contacted Domains

Name	IP	Active
abrtp1.marketo.com	192.28.144.84	true
mc.yandex.ru	93.158.134.119	true
stproducer.dialogtech.com	107.162.137.162	true
pop-eda6.mix.linkedin.com	108.174.11.69	true
d3bipqqt7o7bp0.cloudfront.net	13.224.99.111	true
sj01.mktoedge.com	104.16.93.80	true
auth.myonlinedata.net	162.244.197.119	true
dl7g9llrghqi1.cloudfront.net	13.224.99.29	true
scontent.xx.fbcdn.net	157.240.17.15	true
stnumreq.dialogtech.com	107.162.156.70	true
tracking.g2crowd.com	104.18.27.190	true
www.intermedia.net	162.244.197.215	true
d38au5kn48shwv.cloudfront.net	13.224.99.69	true
auth.us2sync.myonlinedata.net	199.193.200.116	true
524-vts-832.mktoresp.com	192.28.147.68	true
stats.l.doubleclick.net	74.125.140.154	true
www.intermedia.com	162.244.197.215	true
us2sync.myonlinedata.net	199.193.200.116	true
apikeys-lb.civiccomputing.com	80.75.66.243	true
securisync.intermedia.net	199.193.202.116	true
heapanalytics.com	52.200.121.85	true
www.google.ch	142.250.186.131	true
widget.trustpilot.com	13.224.99.68	true
d31y97ze264gaa.cloudfront.net	13.224.89.41	true
mc.webvisor.org	154.47.36.17	true
cc.cdn.civiccomputing.com	unknown	unknown
cdn.jsdelivr.net	unknown	unknown
apikeys.civiccomputing.com	unknown	unknown
stats.g.doubleclick.net	unknown	unknown
js.driftt.com	unknown	unknown
app-sj01.marketo.com	unknown	unknown
www.youtube.com	unknown	unknown
st2.dialogtech.com	unknown	unknown
cdn.heapanalytics.com	unknown	unknown
rtp-static.marketo.com	unknown	unknown
www.linkedin.com	unknown	unknown
abrtp1-cdn.marketo.com	unknown	unknown
connect.facebook.net	unknown	unknown
px.ads.linkedin.com	unknown	unknown
st1.dialogtech.com	unknown	unknown
munchkin.marketo.net	unknown	unknown
snap.licdn.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://www.intermedia.com/why-intermedia/compliance	false	unknown
https://www.intermedia.com/products/securisync	false	unknown
https://securisync.intermedia.net/us2/s/file?public_share=IpnIUjFRDCv9PeEVchmZ5r003e9fc4	false	high

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\QAD0GKHX\www.intermedia[1].xml	UTF-8 Unicode text, with very long lines, with no line terminators	A0322D672212693D3555E84156905952	E8186F924765371F3CD84DA437C06D8F56FE0148	1817852BAB07C18BA32A73B225A42B0E6D1D7C0F4C0BAE7BE54FA05CC848CE1F
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\VRE5PYW9\app-sj01.marketo[1].xml	ASCII text, with no line terminators	0D5CF74DDF811D25498277F34E978169	9AB80B8E43B3FBC9A01BBD6F8A5B0154CC9B3977	15ED7A5A0D48DE496914AB2E2A21CCE1899A207ED78A3F1244A268C154B6DD5F
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C4C43A1B-D023-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	18812A4B8F31C3D00C0E6C1C243573CD	987687EE656D4D947ADD0EC70900691621FD7B09	872F0B7EA6810D64F1C339376A5B4BE49F095EF916CA7637BCF00CBB59BE9E5E
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	967843ADF3A52DBC2BCD1C8E2E33EE60	921C0C78E08380542E31969ADC4958E39F9C4080	FCE830C7F5809DB9D3F553DE03FA421819BAE633339B6A4F1CB592BFCBC33F34
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{CCA3CA89-D023-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	F4E3EC6571F15B5136A92BEF90485078	657B7E01D6D30A7308B9145CFF800ED2317472E2	006FD8330388C7763FF021C7EC79E5435C705B1DFAFF03F3856FF2F60E507609
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat	data	4BCE4ABD0EF1D9C8D424A7E186927381	333392BB1BEEAC829DE5F651C877A0D97C2F7907	8FAE18B23DCABE7609EEDFD5300F58168C31FD7CE96E7D79991555AB4C741251
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\2164[1].js	ASCII text, with no line terminators	A454F56F4DEF70095E30E7676718042E	DB6A025FAFED1D1AD75A6D8BBA133D473ECC58B0	3DAE93A05EDD9DCFC1864B87178A31E0BFA93E1A9B1C486C6E9CBF73CAE87862
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\387569738474119[1].js	ASCII text, with very long lines	CB9D2CC6DB300AF8ECC64CA58188F394	1D189C37B0E23CA76C2B7B66B26B05AED6FC7C39	207FF6097684196739A88981B2B68DF01D3D5A7C55AE2FFD29EED0B5024B5223
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\387569738474119[2].js	ASCII text, with very long lines	701A9A99E83FD26B924DE9F7B52BEB08	2A14FAD1125D75936E71EDADD0AD835D0C01163A	5D4787248BFB504C4794D889B8A37292B31298B85043BDA1423A723496AECD68
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\anz[1].svg	SVG Scalable Vector Graphics image	532EF3AF87C8DBCCCE983DDFB9B1C292	287824D996658A732EFF87A676CEF7F252CBF23F	20A57D334BEF19A28C7923E5265368E05378F1DF22CDC009ABDE3BFBC99165D9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\cookieControl-8.0.min[1].js	ASCII text, with very long lines, with no line terminators	F24896C64426938C08CF496385EFA363	3807F981E07BE72FF8CBAEA86E9CA1FB398055CD	F7747F6B3C907BCDF5BB5D567461E79A9B68C03587D0B11400DEB85C8526916A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\favicon[1].ico	MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel	2AF95D1CDA9CCD4648425BEBA0C63493	65F52235E955684ABFAD3D54343E238FEAE29800	20FAF4C65CD8F4D71D43D91095C3793038D6E136F0C8DEF56893BD2DF6573FE3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\fbevents[1].js	ASCII text, with very long lines	38EEDE6B7D7BC51D9D0935E3850DAD20	D0B0061C020A48B5DFB8CC19C15694D8B7E6896F	547F226C6E04B6654144617685448D360E2A92D908C6FB646761A1E6D4850004
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\forms2.min[1].js	ASCII text, with very long lines	C63399EEAEB21D1CFCA1CB417241FFB3	ADFDEB23C7C69395F3D21C57E5DDFBD3883742B5	014DE295141A456CEDA8E3C4762085E53DCA50F91DDF65906D227F70CF0B1A55
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\forms2[1].css	ASCII text	56655DA87943D0E5EF98E742AE6EE3D2	AA87802906516962A3EC0F444031F7154B70F0AF	256E42104F48A5FA80B031DA12DC56ACDE224FBA3F9810F8F8192B39136D365A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\heap-160018915[1].js	ASCII text, with very long lines	12A094086DA134B6FA692657972A18C0	F266100BA2BE89210C1DBA292BF919A000E5DEB6	88F24BBEB910DFE3D1C2FC76C6EB5860C795BA1E03B8F83BA192A20CE95B6DE0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\index[1].css	UTF-8 Unicode text, with very long lines	5285DE3994EB2AC1EC1EA96245CBEB9F	F915D7463E39FA7212AAFD8686AC99A9E02F175D	1FD8700114435E8E9FFB5382063850DC5DB52FE36D8B8E6D669719D85BEEEB67
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\insight.min[1].js	ASCII text, with very long lines	C4440888B2ED74F2A104115FC1D3C737	81359FD8D29CF6AFFD5B27317C379E53DDAEF00F	6E6E6A03E72A528C28884B50BF296425667F38DD0AAF1DD17CE89199FFC85271
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\js[1].js	ASCII text, with very long lines	0CF95A92F21874296132A62BD48009DD	27B5A3EA9F20C43E402E413D21DDA8C967E39D95	FF80923943F362EFA62AAF278C3CCF585336327C49A34A58D0E4EA115415D60A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\js[2].js	ASCII text, with very long lines	56F4CEDBC49B8DF2D9B63995F69EC6E4	63A28E6CC0F9A11BC6372B3C6EB140B5F52B41F7	A8C73927510B8D436F50B35F17D10F1D17A6A922330DA194034FD358151E9360
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\log[1].gif	GIF image data, version 89a, 1 x 1	07FFF40B5DD495ACA2AC4E1C3FBC60AA	E8AC224BA9EE97E87670ED6F3A2F0128B7AF9FE4	A065920DF8CC4016D67C3A464BE90099C9D28FFE7C9E6EE3A18F257EFC58CBD7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\nav-icon-call[1].png	PNG image data, 80 x 80, 8-bit colormap, non-interlaced	E30030A957D8ED23C71A2DB82BD709EC	B652882DF04E7DBA61D977C526771CB12B7A105A	D8C7DEC6908AC6EF016739EA4E8F8D410D9CC40490306F7FB69C25629B6EC62E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\player_api[1].js	ASCII text, with very long lines	3D3E3C53D48FA10E5ABF56B76F139A7A	13448CD0EB2BBA2BC3EC7B3685C01ED0C9D4D9DD	10F6603F20B432AD5F6B93637040194F015FE89F98D7CFB32BE357A56157E60A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\products-overview-form[1].js	ASCII text, with CRLF line terminators	61D4FC7D426AAE9CE4ED3B9D1B5535D1	3C80467AC11AF21B831B90F473509909BACAE5DB	DF5F4BB0E14082B01062F356BC422759D1EF4F4FEE08C9E94E6E9FFE2D7F56EF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\rtp[1].js	UTF-8 Unicode text, with very long lines	ECEAEFFED5B1FA7076EE630319871556	D770F211BFB7284652118C8B8BB9F4984C7B82BE	A78A4E9FE1B48CB0595E5C2AC139737D5E165A8E50D40AF41E0359E74D47FC86
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\search-icon[1].png	PNG image data, 61 x 61, 8-bit/color RGBA, non-interlaced	237DFCB521D7FA90B6F2B9E59D2B2F4B	6F961369A4795EACBD58DA0ACB78E80FD15D0303	74855A78E1A4EE0416297176C142E5B794C5D1F8234D4492208FBCA9BE5759E2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\shares[1].json	ASCII text, with very long lines, with no line terminators	A5CD0FA4FC04D9F5908BE0190B97B3AD	000E28640DF1D59FD6CBA6B7454C6DF8687BFE1B	6FA5421BF6630EB873265195F9D04F9012EAEB730C6D86F722DC0955A0E5AB4D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\splash[1].htm	SVG Scalable Vector Graphics image	3686AC40F8A4FF14BF5CBD63FFC7CCB6	B14BFCD26CF97FFF7E426CD3A545685664F315D4	D1F32DA2A06264EAEE97EAD33E16D9C7BDFDC3F76B65974012778A666C844B80
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\styles[1].css	ASCII text, with very long lines, with no line terminators	C3207A7F7CB79FBEA4BF4C6C5F5BB788	A262568E0B9793B2BFB7F29C225B7D51B9E3C55F	03BBCE587AA64B6AC10B02F1F99B4222446AC3013AC86EC774D95FEECC7593F9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\styles[2].css	ASCII text, with very long lines, with no line terminators	691A5CFC704071F9EEE6BD16C2E05907	DD8C0595E948442E22C06CADD66CE37B54D28089	1E4BDD15474296A17AEC7FC908F6FF92AED7ED022A3EF8A81BAFCF81A3A56BF9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\sync_cookie_image_decide[1].gif	GIF image data, version 89a, 1 x 1	DF3E567D6F16D040326C7A0EA29A4F41	EA7DF583983133B62712B5E73BFFBCD45CC53736	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\top-nav-login-customer[1].png	PNG image data, 65 x 65, 8-bit colormap, non-interlaced	E9533B1B38ECB12CE7200C5BEDC4DA94	CB1168A57E93A6DDE44287B8BF24BC77FD8009B1	E8037017C383707EB6C4F6727EFC2C8F5DD964173138B41A07ABF3D083DEA08B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\top-nav-login-pp[1].png	PNG image data, 65 x 65, 8-bit colormap, non-interlaced	2D5D13763BB4016441F41EAEC08A10AB	7972A2F79727F42E2E1B1F69269A50DF601AB3B9	A0AF5D5E291D636ED7DE1C4DDA2F5FE0F8653EE96BE905303C8D72A959315CDC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\top-nav-login-sp[1].png	PNG image data, 65 x 65, 8-bit colormap, non-interlaced	493745D5F68A08D06C7707C06404E7E8	4FC36346DB5F39432FD91F80DA88E04791E648EB	F4031B4E6A31E32219C91DC84B188F1D5CA966C1D6E8C1F6E12FD08F45366E84
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\tp.widget.bootstrap.min[1].js	UTF-8 Unicode (with BOM) text, with very long lines	9D1F10064929DD7D6F92910FA34B6A30	D2BE9DAEDDA05026B932656771280AA61F02D1A9	D279EA376A7E45170F380D993C36D80DA1617E38237C05491E5B0B840E75F0F0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\tp.widget.sync.bootstrap.min[1].js	UTF-8 Unicode (with BOM) text, with very long lines	901928912893C693700FE1B09842B5DD	08773982E60D89A23E354DACB481E6C347946D1E	BD90495A01D0E283633E1B39FA2E683C85DB34C41D8BD4611D3B222EE8E80CA8
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\us2[1].json	ASCII text, with very long lines, with no line terminators	49801BBC6D9DD6B9C88651D258777BF4	1BD84D02ADCC20D4DDFF5D66431C115681FAECD1	8FA1CED7830F0A169CA060D350DD9CEF24E98BFCC70C960798220C75720E0DBC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\v[1].json	ASCII text, with no line terminators	616798DA289105560D85A616408D14F1	5BD13AF1C8666F1678A6D51736661B379D75E53B	0A30EC6F61A194399029DD0AEB5C9F969485759BAF18FC2BE00E53EC27E68119
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\v[2].json	ASCII text, with no line terminators	616798DA289105560D85A616408D14F1	5BD13AF1C8666F1678A6D51736661B379D75E53B	0A30EC6F61A194399029DD0AEB5C9F969485759BAF18FC2BE00E53EC27E68119
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\visitWebPage[1].txt	ASCII text, with no line terminators	E0AA021E21DDDBD6D8CECEC71E9CF564	9CE3BD4224C8C1780DB56B4125ECF3F24BF748B7	565339BC4D33D72817B583024112EB7F5CDF3E5EEF0252D6EC1B9C9A94E12BB3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\why-intm-header[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1379x920, frames 3	7F3C29C11B6301C50FD0E340974AECBD	C481643B8AC758BDC65E3DA508A3BA147334B83A	696699AD11DE9EF4A4477E4A78C58A1C6FC900CF567F6B0EFDCD62B798AB1619
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\yse3ch7dkr4r[1].js	ASCII text, with very long lines, with no line terminators	A623A00422F2430B47912C809845AEF4	1BABCE22629DA1B15239F536454F1726CDFF545B	1A0C1D42F2AAC5AFB70F36B15178BDCE6EA776C594C3077A89FE7046D2FD5D5B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\19278121[1].gif	GIF image data, version 89a, 1 x 1	DE658DFAC8CD9A064973E5F2B15CC2BB	BBADA5C0D3C5419AE0E2151762581DE7DC584217	06D9D619915BC999F01FBD1B283A9DB8F1BC5CE9B216FF335CC1B349EB239517
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\2164[1].js	ASCII text, with no line terminators	A454F56F4DEF70095E30E7676718042E	DB6A025FAFED1D1AD75A6D8BBA133D473ECC58B0	3DAE93A05EDD9DCFC1864B87178A31E0BFA93E1A9B1C486C6E9CBF73CAE87862
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BC_carousel[1].png	PNG image data, 1180 x 501, 8-bit colormap, non-interlaced	4EBBD33FEE194504C590B8C92F6C84E0	30DF575C0D1F3778368C64837B3EDE5694459874	173D889CCACB09C6543BFF0E22B78A72B948243B3250D1807A2ADD853531190E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\XDFrame[1].htm	HTML document, ASCII text	10B454C9F5D3C5DA2C0B712A2DE0F913	D6149559E23E4F615472E0AC20B6970FDB871888	B009509439667DF44830CB84F993EBFBF0E4087460178F81004CE3620D210ED5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\buy-srs[1].png	PNG image data, 548 x 178, 8-bit colormap, non-interlaced	E97794574E27C9BB861C6A6CFE4B492B	95FFE1355DFF279DFE9924AD96DEE91703A0BB49	156E5C0C7236EB6E227055454510AEEC83306B94A9CD21DAD281B65DB4861656
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\collect[1].gif	GIF image data, version 89a, 1 x 1	28D6814F309EA289F847C69CF91194C6	0F4E929DD5BB2564F7AB9C76338E04E292A42ACE	8337212354871836E6763A41E615916C89BAC5B3F1F0ADF60BA43C7C806E1015
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\customization[1].json	UTF-8 Unicode text, with very long lines	C1D7027B94AD35670A22C6FC9A191AE9	4B0BF8C71463362BD53C0EAC136D315224F8CDB0	51D2637001D0319C74605A4C67820507B496ED23222DC7EB014DA43C88C71448
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\dinot-fonts[1].css	ASCII text, with CRLF line terminators	C8D9C00C09F6456923FB928B07812C7A	7B5E96F4883AA2E2100298CC593D71ED733AB78C	46FA301C20F53EBEEE5DFC4145D0C49F9E9983E678FC145B543149E27F1A88D7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\empty[1].png	PNG image data, 1 x 1, 1-bit colormap, non-interlaced	BAAE77A879C2A3C0713F77C3E87EECA3	BCB783AC5156D5F57E7886DE12C77C051723F694	1743B80176C7A9B725D2E472694B728AE510BBDAE78EE5D33D58278221F552D9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\en-us[1].json	UTF-8 Unicode text, with very long lines	2A65F99A6749B994B8649DD2EE8E86B6	6C291039F34A9161C8B291D0072448846825832B	CAB75C625068FB3EABF5FCBE3DDEACF5540AD0A468F94E46A9F51302137694FA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\environment-control-white-logo[1].png	PNG image data, 690 x 400, 8-bit colormap, non-interlaced	50A345943413BC556CE41430C299F682	64764120461067097474A3F3507CD93D991B5B51	33DEECEEE9AA4798B6621DEA96E7A7102586159DFE8DB8E92EC586DC3900F4D4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\favicon[1].htm	HTML document, ASCII text, with very long lines, with CRLF line terminators	8733845B95D7854BCEFDC976AC81E5D6	5AE2231C6E37E24617ECEB0441BA1C965F5EAEDF	FB316FCC85245B709926B495A8AB46B0499DB9D5FF94948852767E8108A3D9D1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\footer-arrow-icon[1].png	PNG image data, 40 x 40, 8-bit colormap, non-interlaced	28AA689ED06A4A853462D2897E992799	2AD85AF0A54671EE275C19151DE4DAE526BE1204	C5AECD0FCD8A14DC752D9D4D92B629E16A3D5B642D266E2FDFFAF0A59EC3F250
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\forms2-theme-simple[1].css	ASCII text	2B284FDD03DFA5CC9998DEC2320C6626	7066B6CFC1DB11CA2A58BCD1D91A77EA4AEDDA98	14C8C62DC692FD8FAA04434E3FED25E7C23D596B732F9DB88F6E9F9FF5DFA61C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\getForm[1].js	ASCII text, with very long lines, with no line terminators	DF7E1A8D2E473127D72E40CD434377E7	48B6ED9AA9A3F55215193FCCCF1E9E25979309E6	F4A38768318120D9120F224C5C71813EAC513784366FE2BF97A7AE78AA78B716
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\getForm[2].js	ASCII text, with very long lines, with no line terminators	0DC43B4A3DBF4A839EA9D2C625A31537	ABF6F24EE8605E91BA5FF6F401E6EF9BD3686FD9	02E06177EC471FEF0BBDDCE7CEE01F39333F1B9A524C3A032B87E57A5C36094F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\gtm[1].js	ASCII text, with very long lines	FE9A025F2E51A8DBF4638C87F937C0C8	5C286380093098A1F4BBF149E8018C20E50B1286	548058C1A29D8B9A3EDC34D6F7CBBB825E8BCCAA59FD0BA4583E5DB742A2F519
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\hp-jd-power-2020-banner[1].png	PNG image data, 93 x 98, 8-bit colormap, non-interlaced	B852E491D4604A4957A15E6DFF0590B3	31A00A7DD8CCC3DFBFE5E76710ED08D7F51AA6A6	7427202BC077491D2AEFB5CCFE99F8C6F2154477647EEE5B955C7165D11E4ACB
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.lazyload[1].js	ASCII text, with CRLF line terminators	9CF75FCB01680B20AA14877FBFED09D0	EDCEC71F9A1B394D544D545BFD04A454964B53AA	01D0CBAE3C3100A8F5DAC3C2B701AC1D03D672766AEA7AD16A7DF1FFB9567D46
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.min[1].js	ASCII text, with very long lines	2F6B11A7E914718E0290410E85366FE9	69BB69E25CA7D5EF0935317584E6153F3FD9A88C	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.min[2].js	ASCII text, with very long lines	3576A6E73C9DCCDBBC4A2CF8FF544AD7	06E872300088B9BA8A08427D28ED0EFCDF9C6FF5	61C6CAEBD23921741FB5FFE6603F16634FCA9840C2BF56AC8201E9264D6DACCF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\log[1].gif	GIF image data, version 89a, 1 x 1	07FFF40B5DD495ACA2AC4E1C3FBC60AA	E8AC224BA9EE97E87670ED6F3A2F0128B7AF9FE4	A065920DF8CC4016D67C3A464BE90099C9D28FFE7C9E6EE3A18F257EFC58CBD7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\log[2].gif	GIF image data, version 89a, 1 x 1	07FFF40B5DD495ACA2AC4E1C3FBC60AA	E8AC224BA9EE97E87670ED6F3A2F0128B7AF9FE4	A065920DF8CC4016D67C3A464BE90099C9D28FFE7C9E6EE3A18F257EFC58CBD7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\log[3].gif	GIF image data, version 89a, 1 x 1	07FFF40B5DD495ACA2AC4E1C3FBC60AA	E8AC224BA9EE97E87670ED6F3A2F0128B7AF9FE4	A065920DF8CC4016D67C3A464BE90099C9D28FFE7C9E6EE3A18F257EFC58CBD7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\log[4].gif	GIF image data, version 89a, 1 x 1	07FFF40B5DD495ACA2AC4E1C3FBC60AA	E8AC224BA9EE97E87670ED6F3A2F0128B7AF9FE4	A065920DF8CC4016D67C3A464BE90099C9D28FFE7C9E6EE3A18F257EFC58CBD7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\munchkin[1].js	ASCII text, with very long lines	19A9335FD71267D56E65BC19390F3100	5042BC92CCEFFA7B81EA347257B50F561D2FADA4	99FA5A280296B5FC7B63433EE121A359FC68C4A37F04A87D363E751164B96FF1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\notosans-regular[1].woff	Web Open Font Format, TrueType, length 177660, version 0.0	81A8568CAC4D108B27251AB7D3934878	162FF3E962F707F6E4F2371AA6F7693B91EB3D80	BD3C4F90A93C6FE474FCFF25CCE4A6C385479BA27E2BF5246ECCF98FAC44EC18
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\rc-securisync-451[1].png	PNG image data, 347 x 225, 8-bit colormap, non-interlaced	75CE13A0DAA7BA5F2FC23048BAE0E693	1350CB37DE86F4879E37F637719273A8F4862550	EEDB993411A09790C412842634E52B8843EA0211946478910E0D9AED87CB9AEF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\share_locked[1].svg	SVG Scalable Vector Graphics image	C1DA7CED4AD18704A8D54FBEF9023307	1CA17AAFF18B515D6EE68D108A9A8DBB9DA8CE63	EA203AFFD02A4BF5AD82DCB8172D6B113586355CE083167AEA5DD264387DCF4D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\st[1].js	ASCII text, with very long lines	0441B0776F5AE65AE8768F93634A9A91	71669103C81BB4507746262E5E8A968F5D7FFA09	48F5C2A7C2388C4E92027F06D6D866DE874C6A378E14FE5EBF300549B8F2C2CF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\support_jd_banner_stripe_2020[1].png	PNG image data, 4323 x 393, 8-bit/color RGBA, non-interlaced	50B60A9851C319BE4DDBADDBAB43B13D	9C0DE5F4DD4F57A45E017D6FF11B8CA89A6C70A4	5F995910970636CA56E6E6E6E02876EE55F8636BE66D57D1218850D7ECF43CD5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\uk[1].svg	SVG Scalable Vector Graphics image	6E069BC611DF5D6255310CF09C81820E	1B1085F1C166E26D73D7E79F092498BCB37E939C	E36A0334B5A5BB97B63AAA8E6CE82DF606CEA57EB2032053EBE9C9C3F82F49E6
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\usa[1].svg	SVG Scalable Vector Graphics image	76ABB09A873C38FCE5364EC25F972AE8	A5E1FC9BD6FBAE64DA465B3B08A309E90BB2807E	2FF1689FB3A632923DA9187B2AAA7484C1057F44B6DE57A820DCD4B4D7537ED7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\user[1].json	ASCII text, with very long lines, with no line terminators	E7066551D63019537A6921BD5CEC7A18	EFA502AB5C5D407F5F6249323166D08A03999AC7	1505B48B50A09AFBCA505D000BD1379C4289596145A6742481B06E46E148B204
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\wf-overview-icon[1].png	PNG image data, 155 x 155, 8-bit colormap, non-interlaced	F9EF07918D551E48C90C5E2AF348B286	EB4D9979A05B1045EF5EFABD298E175098C00B34	2FAFE73869280D455C9CA5F7EADFE46CD88EDD8C0E14E320F2B63E14565F3161
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\wf_sections_icons-05[1].png	PNG image data, 151 x 151, 8-bit colormap, non-interlaced	D97F28B0F585523547ABCC404E895670	E57EAB5327CC4E7BA8E32D1CB597D3180027DA66	6CB266CBC5BA65BDBFA5530DB25AB7933063E8818CAF7553258998361D2D8D59
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\why-intermedia[1].htm	HTML document, ASCII text, with CRLF line terminators	CD2E0E43980A00FB6A2742D3AFD803B8	81FFBD1712AFE8CDF138B570C0FC9934742C33C1	BD9DF047D51943ACC4BC6CF55D88EDB5B6785A53337EE2A0F74DD521AEDDE87D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\1.c4a40125.chunk[1].js	ASCII text, with very long lines, with no line terminators	FEBF7D902AE73F91794CCBCC7E8311B8	A642C122550C571E8EF671D5B329AF855DB75C73	5D4C9E4E2736F1EB6CA99B65A38FC0576ACA0181A27ED53F20321A18DEC89256
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\2.391f7772.chunk[1].js	ASCII text, with very long lines, with no line terminators	D4F4094FB08B73360126836A86255481	BE09BCA4311124B25937C79177A6BC281BD6BD1D	529A93E7619B60C50091D5D4C05302194A29305A462A7D689F91AB946C287719
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\3.1104c0c2.chunk[1].js	ASCII text, with very long lines, with no line terminators	47626329B55086CF19E6CB5F10A3AFD1	2EC87F320CB29E7D381CA92D38205FA63F17622E	F83596F4A0A3BD6431651E2547AC64A4898F040958A3D8D7F3D4BA0DF74AD091
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\advert[1].gif	GIF image data, version 89a, 1 x 1	DF3E567D6F16D040326C7A0EA29A4F41	EA7DF583983133B62712B5E73BFFBCD45CC53736	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\analytics[1].js	ASCII text, with very long lines	6DF1787C4BE82D1BB24F8BFFA10C7738	3634E839429E462E49C5F42B75FBFB4BA318AF6D	2CB09C7B3E19BFC41743CA3624EF81C3258D56525647FEAC76AA757E0292627A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\collect[1].gif	GIF image data, version 89a, 1 x 1	A1CA693368CFE6AB208F1F1BB8C2EF58	31A655D748475A8A3E5246F591EA2A81F6BFA938	89BC4F148F94BA4EDA1E4AAA2FD899D5495C9A297CF848CF7670F78A3251EBA7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\fbevents[1].js	ASCII text, with very long lines	38EEDE6B7D7BC51D9D0935E3850DAD20	D0B0061C020A48B5DFB8CC19C15694D8B7E6896F	547F226C6E04B6654144617685448D360E2A92D908C6FB646761A1E6D4850004
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\fbevents[2].js	ASCII text, with very long lines	38EEDE6B7D7BC51D9D0935E3850DAD20	D0B0061C020A48B5DFB8CC19C15694D8B7E6896F	547F226C6E04B6654144617685448D360E2A92D908C6FB646761A1E6D4850004
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\files[1].json	ASCII text, with very long lines, with no line terminators	26F1B6B72E74DB9758B1A6E41C8F4150	7A954F50D1A72F4555263BF0C7F61EFFFE688339	1937B14907EC62026C0FB9EEC3B7906BA9FA7AD67B6C175ADF1144ED12462434
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\intm-logo-wide[1].svg	SVG Scalable Vector Graphics image	5A60366C9E2C66D01677BF49D15B7559	26B9E1368545507B8430B08AE0A5008373704107	5D71E23C21819077F7EBCDCB8A7B9BFEA9F9B9DB0726C01F73180DB2FB85059D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\jquery-custom-ui.min[1].js	ASCII text, with very long lines	5A9F8DD85D85AFD20544BD437A505338	0BE5CCE9FF0CDF0B3489A67E9F9F2B4830BC7D4B	35F273E01E70DB780AE423347DFFECFC27CC348BA4ABBD6099331559A7C5CD31
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\js[1].js	ASCII text, with very long lines	0CF95A92F21874296132A62BD48009DD	27B5A3EA9F20C43E402E413D21DDA8C967E39D95	FF80923943F362EFA62AAF278C3CCF585336327C49A34A58D0E4EA115415D60A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\linkedin[1].svg	SVG Scalable Vector Graphics image	8628F5D87595ABB35032DF3F72616F3A	C6C911C21F1AE88C10F88BD4701FB41A5648E62E	42F783331A40FA41DCA92D62F4105A10129ECEB77EF41703196881200F647BB0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\log[1].gif	GIF image data, version 89a, 1 x 1	07FFF40B5DD495ACA2AC4E1C3FBC60AA	E8AC224BA9EE97E87670ED6F3A2F0128B7AF9FE4	A065920DF8CC4016D67C3A464BE90099C9D28FFE7C9E6EE3A18F257EFC58CBD7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\logo_footer[1].svg	SVG Scalable Vector Graphics image	59EAAE579953618D99219E4AFF0EF9C4	4731CF4159078CC8556B7762033CED94C3B69C80	0D8B52244F88CAAE91DEE1F45B9D296631B105D317946EE70097D0267BB48364
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\mostimpt-securisync[1].png	PNG image data, 359 x 254, 8-bit colormap, non-interlaced	D27B5B10F218D9DCD6F8D4EA51F07E15	0ECBB98B01C01B617C608D1560336D847054EA9E	90EC47439C588211F361E9479EE40FEAB870A589054DD7600774BE49B7128821
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\munchkin[1].js	ASCII text, with very long lines	5379C4A40FF8AE9D2FC6484DD1C57349	797FA2B713AD85F8535AFFF56E8A21FBD3328CE8	026C5DB877DA222D2316BF1197B8947A96C7623D51A4D462C91BF927DECE3429
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\notosans-semibold[1].woff	Web Open Font Format, TrueType, length 179696, version 0.0	D37A9E1A68AD99613B0734A8813333C4	CED8191EB7B0DA02CBF9879FABFFB252F2160D49	1F825E1387E3131C7A317CFE05B0519A1AF23D41CA99CB7B5F53C6129F35E79A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\partials[1].js	HTML document, ASCII text, with very long lines	148A97118941BBEC7D56679793EB8863	A58D45A992A922F5B518830E9CB73625B0FC636E	2A6E3B046303941C763D4F4E16F48613A03EBA41F6456AB05E98DDA83212B129
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\player_api[1].js	ASCII text, with very long lines	533EFF24EBBE43EF4C6E147992020DC3	A550239FD617A992D8C62510702C8A25723F6150	805C978B06B771610476FAF71921CFF8D013C59D45423B70DC0328E753A90BAF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\polyfills.bundle[1].js	UTF-8 Unicode text, with very long lines, with NEL line terminators	95DACC88598C45155D69D26688ED62CF	5C9AE7F5CAF56177DF1037723C16D34BE89F54AC	67207F98601FF8596D2C2B50657BE692E9EC71F2BE70D5FD8E197B26EDB6114E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\resources_image_wp-09_about-our-infrastructure[1].png	PNG image data, 347 x 225, 8-bit colormap, non-interlaced	FBCAF9D14799007C7D3D143B63BDC1D9	F31473FD5B9544AB05522710CCA058D73DBE87C7	76FD6BCB7772170FE3DD2907341C9C23155878FAEB5F3E9CB49334CF726C87D3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\scripts[1].js	ASCII text, with very long lines	7F92978E61FADC5116AC2567063D3404	4ABC75550A2A4966F2E5D76804E1A178267F35BD	CC90D11AF8B1FC571445297B1AE4F25C0C88A4CD19A7673506A0B451E5592A2C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\search[1].js	ASCII text, with CRLF line terminators	2B635BDE313063B9CB650E06CF6EEB75	3677E5C372459E9A69BD05ADC1DA556FD2041D2D	CBCE9C5964C1BFA119A57A2CB570714D3E2462FF36EAB62488E1D0FE4BD1F500
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\sgm[1].txt	ASCII text, with no line terminators	EE782B1213A79574B604AEE632794EFC	E9212AE5228A57B389A6F023389024A94D2AA0EC	25B4E974DC91D718D1B66BF120388C20DA6DFD3A886EC8401AF1C269DD169A44
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\sgm[2].txt	ASCII text, with no line terminators	EE782B1213A79574B604AEE632794EFC	E9212AE5228A57B389A6F023389024A94D2AA0EC	25B4E974DC91D718D1B66BF120388C20DA6DFD3A886EC8401AF1C269DD169A44
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\tag[1].js	C source, UTF-8 Unicode (with BOM) text, with very long lines	02828EAAB6CA010512FF4D8CF5BEC0C2	17FD5684F3FA3BA8FB78EBBCCBD6EB928247BCC5	6F08FF3FF8180E1FA497F4D1EE6351B432A3DF92AC7C8FE8A745E09E58781456
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\top-nav-login-ac[1].png	PNG image data, 65 x 65, 8-bit colormap, non-interlaced	EAD384394DA3ABA6FC923C56D47BCA41	D633978C91F50FF1DE637F5DE5BE879DE453E54F	1B69DAF1804D6350AB863E0AA4E084AE92A8654F0F406D3BD5529D3D8AD025F5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\top-nav-login-anymeeting[1].png	PNG image data, 65 x 65, 8-bit colormap, non-interlaced	F7AA58EDC342C61CA9032319B0E0FE23	16093832713227E538937ACADC6874692BB16953	A897D409B2063568784959907CBBD505ACCBDE09B577C6C7C0CFAA39BEA60215
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\twitter[1].svg	SVG Scalable Vector Graphics image	E0DB3C432F689D5FCFC6F512F8C014DD	9C5762BF2CFCF041A8A10D153274D32FF659426A	A3EA1174A340C3E03F74BDC85EA779FBB62BD4E409DD0787724F6BDAD4C4E1F0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\v[1].json	ASCII text, with no line terminators	616798DA289105560D85A616408D14F1	5BD13AF1C8666F1678A6D51736661B379D75E53B	0A30EC6F61A194399029DD0AEB5C9F969485759BAF18FC2BE00E53EC27E68119
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\wf-complianc-icon[1].png	PNG image data, 156 x 157, 8-bit colormap, non-interlaced	9389E40E01BAEB9F2225206A163782CF	9596B924B9CE42A2CB2A01D39B5B98D9F76E4BE3	4EDF09B399ED9198B108DB17B07F2033933B3B1AC4C3DDAF21AAF9C7C160FF35
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\why-intermedia[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	C383B8177E3FCB8FF6F42F325A3C3DB0	44844501B1B6904BF121FF09404765A3FB25EBE8	3976D74181F838CE24A0B491BED410895B7E828C155E0896A06ACD1F8C3BDD40
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\www-widgetapi[1].js	ASCII text, with very long lines	4AA19ADC9D9DC8E397E7121DA731E154	F93A13E46657C2961CEADEA8CC04B326DD51DB6B	6216350F8F0B2A5DB239A96A6DF67AF9AC4DB6FCBBD468F00FA41BFEB0F2249B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\youtube[1].svg	SVG Scalable Vector Graphics image	7A60F7F584F5834DBD361FE3D3E2695E	91C7701A020319421DD7FA80098A8F3893A2C330	2FB71212E2C940697081698AFC20A832912B499E2044166B079F2DC86D2BC0F3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\2164[1].js	ASCII text, with no line terminators	A454F56F4DEF70095E30E7676718042E	DB6A025FAFED1D1AD75A6D8BBA133D473ECC58B0	3DAE93A05EDD9DCFC1864B87178A31E0BFA93E1A9B1C486C6E9CBF73CAE87862
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].htm	HTML document, ASCII text, with very long lines, with CRLF line terminators	8733845B95D7854BCEFDC976AC81E5D6	5AE2231C6E37E24617ECEB0441BA1C965F5EAEDF	FB316FCC85245B709926B495A8AB46B0499DB9D5FF94948852767E8108A3D9D1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\XDFrame[1].htm	HTML document, ASCII text	10B454C9F5D3C5DA2C0B712A2DE0F913	D6149559E23E4F615472E0AC20B6970FDB871888	B009509439667DF44830CB84F993EBFBF0E4087460178F81004CE3620D210ED5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\app.bundle[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	144EA7488239EFA62867ED14F0A1BB19	FD93AC01DA1983D08E0315227EC6BB05F9E88D27	980C237545654A404B16799FA8903F19DF8E89495D974294B5D634C4BB63095A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\bundle[1].js	ASCII text, with very long lines, with no line terminators	E8F6A6869D03D1A8D52AE11D5757B92F	7CBD245A21869966B76AD554DF4A3C1334DE02B5	7D5D8939021AFC0BC16E0FE07F126DD16CC79E8127BB4D0E48B1F4CE7ABD61FD
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\burger[1].svg	SVG Scalable Vector Graphics image	BF672540D6768CBE384231ABDB6B784F	6C0E5F7B0F8CED04B7060E930DCCE03199ED80C4	87EFBF8116836891695475EDDF6733EB4FD5D72B66E4F1A3DCBD469AF0A4C6D9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\compliance[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	9C04A6D11AD4A84E35C7689DF183D2BB	1B48A513F6F4935D0FA9F3D4244E875C488C631D	974362C81C0F31E09505F04A6CF92A02229E4D6595F86F960CDE7FF672854C55
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json	ASCII text, with very long lines, with no line terminators	E4CA75A8170ED05C77474135826D6C9C	412EE34B30CCFE4D1F15A7C568B7FCC3741EC86E	3A9B11994A5B0749B0647C2E9F8A0D49697FBCBEBD0921986D3A8E20703F1213
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\facebook[1].svg	SVG Scalable Vector Graphics image	77A868628CFC31666EF45A198E926EA9	E5EA6D7936C1E9D7B59EFA91C214E08CC71C44C2	B96ECF6EC337678D1A9B6C47F113BB645C991482210B70EF5E5B9B51271E4FE8
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\forge[1].js	ASCII text, with very long lines	5B01907D67933E744C2830DCF8C7EB17	6CCE37B69239698EDF0526683F4ED7D4F4C91338	EC77A38AB7349C1981F4E24B357FCDF82E12BFFAB67A43C2481424C642DCB48B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\frame[1].htm	HTML document, ASCII text, with CRLF line terminators	F7E7EC3D0A21EC0B9DD88309A1395770	189C56B53AE010F82DE293C038C155E21C46B8CC	4216077DBE6385D9DB849AD40562DC7D5C919AE0584E391AA2E5EE8C5A963FAC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\ga-integration-2.0.4[1].js	ASCII text, with very long lines, with no line terminators	CFD84EA6865E772828527B0485A0EB7E	E762FD95B610CD38921D07E93D684E2FFE5CAEE5	278CD45917F5FEE0E5710B34F2C03A3652544FE5A6CCEA56CBBD0BD7324BF5E7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\header-securisync-icon[1].png	PNG image data, 75 x 75, 8-bit colormap, non-interlaced	2962A4939ED94AB124AE6B980C832286	96B32B312C4C5FF13A49936EDF4BAEA556F577EE	E5A39DA1A319E75877753209C8A8F8FCFF47C604A21E66593C0F8DE05F770BDC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\header-srs-desktop[1].png	PNG image data, 1916 x 1002, 8-bit colormap, non-interlaced	8A94E10399A551330868BF4F045B3D1C	5EBCC60E2E176AC754407F13E3C9EC05F91167B7	0A7B1A97064E3171ED4A8348AE0B10E0AC96C1B1A31BA1A57B7A9DE3ACF25036
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\im-tabs[1].js	ASCII text	B21FE2F08C3D0D310134604A6F7B83E6	EA5EC887C7D7DC7B812922C7A54BC5AA5BC94377	E4F5678CA46E8B06B5BCE4FDF36A9B0DC7271BB4DC40DD6C95FA6F81DF067C6B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\jquery-ui-insightera-custom-1.9.6[1].css	ASCII text, with very long lines, with no line terminators	7F5B0BEE9B1F7AF8413B351CBCECA223	11A0235C17ACC781311B6AB1201895B43923D52D	339B2B60E94B6DC169FD9E5B68AC16B1CA08EF6A4968E98A0F43C2ADD405E79A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\libs[1].js	UTF-8 Unicode text, with very long lines	874DF4B24B3385B1E4D4C7CB34A9A7E5	6FD08073685DFED455B4EA354FBE7FAA5F5AF2E8	9D5B98D88ADC77A00C292672BE6290BF6BD09698EADED6C9276FB5DF86F2729C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\local-reseller-icon[1].svg	SVG Scalable Vector Graphics image	5416B9F013CACDCD72A0C8783EAF53C5	44D7E718A1A445EE62D63B94C1306647AE7EC3FE	2ABB46679FF1DC6B62750343626D53255CEE0A52E8C7CDD06818E882BCF80C59
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\logo[1].svg	SVG Scalable Vector Graphics image	F91AF4330C09AE755F38CA5477FCDBCA	83EE22F5699E6E381912744C5839709031547A3F	8BAD040935B2B6AC45E16D0AA2AE3284C8320296AF6BC17ABD9C9EDF7142570D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\play_btn[1].svg	SVG Scalable Vector Graphics image	1099E196E941DCC8598C771B32A1D8A9	BC3B325A252337412CD20B94ECCA2B78FBAE93D4	BA3C90B25F89AC5604C9E0B30C71FEAB4BC3C0F8221855FE170FB7D1C9ACBCB5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\securisync[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	C35CB1157F22337D6D948711E0F66D7C	395E01B5244A41B2D330C55AAC5CA19FBB1B5158	D33255ECA4867B7777AE3DF9B1184D78C6E05D60F808BF31653454EE48B6018E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\support_jd_banner_stripe_mobile_2020[1].png	PNG image data, 1515 x 539, 8-bit/color RGBA, non-interlaced	24D312996A352D42BE3A0218EB2EFB64	D6E4DB1399E75D80BA0C3BFA55DEEE377B6BDE47	957B2F93B6396DFCAE4A313E26BC67FF56D8C80324D78489420E83F4EC3E2479
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\vendor.bundle[1].js	data	5539679A7EE3933B06D5866576324487	DC21EFA123A16AD913ED93817E2EE38D0FC621BA	65FBFF4930C7BD0F7EB70E973D5F1FA00F3532AAB97D77F767F9F617B6FE7154
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\visitWebPage[1].txt	ASCII text, with no line terminators	E0AA021E21DDDBD6D8CECEC71E9CF564	9CE3BD4224C8C1780DB56B4125ECF3F24BF748B7	565339BC4D33D72817B583024112EB7F5CDF3E5EEF0252D6EC1B9C9A94E12BB3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\visitWebPage[2].txt	ASCII text, with no line terminators	E0AA021E21DDDBD6D8CECEC71E9CF564	9CE3BD4224C8C1780DB56B4125ECF3F24BF748B7	565339BC4D33D72817B583024112EB7F5CDF3E5EEF0252D6EC1B9C9A94E12BB3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\wf_sections_icons-01[1].png	PNG image data, 151 x 151, 8-bit colormap, non-interlaced	772A2E047CA40F7470232344D9E9D8F8	5CE12C7AF8B0D206DB0D50CAD1BED9CF4A7004A1	63EED4FDF90024FD6D61A670E8B491A1D975D66F6664D13394FC3E92B1051BC3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\wf_sections_icons-02[1].png	PNG image data, 151 x 151, 8-bit colormap, non-interlaced	5597259D95F07F20E4ED3679C3F77094	A2AF37CFBEFEF08E306C66E92C14D78158910BF9	F3D7A9F5C0C22112C6761E72C85B058B294F0A25CFC52C2804FC0177A7B66EF1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\wf_sections_icons-03[1].png	PNG image data, 151 x 151, 8-bit colormap, non-interlaced	81A240EE0A3EFE66140156933D3AF427	6A5661EAF169DFFC35A4EBCCEF9BEF5F7FE6D91B	4D712403AD17DD7E344E02819FE1E0D6CC096DAEA51EA0A38F5658F9EBB2A85A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\wf_sections_icons-04[1].png	PNG image data, 151 x 151, 8-bit colormap, non-interlaced	79D8567E69ECCACB8991EB359D056F6A	5D1A68F8FA9732F85CA9B63953D8FC7FC6D9ED0D	0A3FCAAFF240874B54D9D65C27A25D9C8425BED12E09D02C9DC0EA9DF7DE30A8
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\wfe-icon-compliance[1].png	PNG image data, 151 x 151, 8-bit colormap, non-interlaced	EF812A11C9B3AD00D9C0C2EBD439E1E7	BABDAA2A2DC54463C66E426FFF380E6DC7920C21	36C7E17EAF34296FBD2EACBCB4CFE74392F01A95DB924BC4BC946CD01E0AD7DE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\wfe-icon-onboarding[1].png	PNG image data, 151 x 151, 8-bit colormap, non-interlaced	1886B9DE844FF9DB7F4E4275D686D0CA	FF0B10C35D74679F019BE3ABA6DB8E553FBEE6FE	75C16A19D7DC25B2EB294EE61A29E7C6F9A4D9A927956B3A291CEFCA4C49D4CA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\wfe-icon-reliability[1].png	PNG image data, 151 x 151, 8-bit colormap, non-interlaced	12A39F674C0714AE09D99FAA7736A4C6	B6FCCDB25188AD0425FAD1E5586D36188A077A15	7BDBF74E32211034E71C8799137AD3B66A8FC3B03E02896DF9FE2F19F6A90758
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\wfe-icon-security[1].png	PNG image data, 151 x 151, 8-bit colormap, non-interlaced	D50FDE95C0027D4CCCE821927B2C4832	6B5D1AFEA0AB8F07C99D9CA08AC943B04A73D7C0	23F14F160146D4E3C4D4CFC4A38F2CEADEDE1E1F067D7197E6D62F4DEC6F1225
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\wfe-icon-support[1].png	PNG image data, 151 x 151, 8-bit colormap, non-interlaced	1D35E1D712A241C2ABF00BAE1AD7E081	0E9138D14479CA4B2F2A79832AF9559747A2DF84	3FF67073E213BC1FF81F91F7D12B7CE5F1C65748695E1C63A05C3DEF1C81AC79
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\yt-tracking[1].js	ASCII text, with CRLF line terminators	F8197DA7A4A11BE80BB042A27768F392	0DEE6F5A302256C62DAE0BF1EE603D280FA1CB29	093A2A7A3A0572A89827A90B398C9A7311782201A1AA1285905A8F6D7994AE04
C:\Users\user\AppData\Local\Temp\~DF6CD2237FDF276D3D.TMP	data	AB889A32AB9ACD33E816C2422337C69A	1190C6B34DED2D295827C2A88310D10A8B90B59B	4D6EC54B8D244E63B0F04FBE2B97402A3DF722560AD12F218665BA440F4CEFDA
C:\Users\user\AppData\Local\Temp\~DF7C8DA5896C7BBD32.TMP	data	4E6B8E9B0429BD9CFCF71D89EE232875	22FCD3912AF1766F1215DF27AAA51163A4B26EBD	6EFE6CEB2E6F280D138688209A5D5A53FADD69DEC7423FC9BF93BED2F8D63701
C:\Users\user\AppData\Local\Temp\~DF94C390ACE305242B.TMP	data	D35C0BAEF2243E59EA00354459A5A275	52FC9B2EE84059198A55A98D53741238E9588918	B1F70C3F173214E8C728CA2C8458FC11590842CBC353FBF26C0B4D7FE8F3342D

Phishing:

Found iframes

Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: Iframe src: https://www.intermedia.net/crossdomain/frame.html
Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: Iframe src: https://app-sj01.marketo.com/index.php/form/XDFrame
Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: Iframe src: https://www.intermedia.net/crossdomain/frame.html
Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: Iframe src: https://app-sj01.marketo.com/index.php/form/XDFrame
Source: https://www.intermedia.com/products/securisync	HTTP Parser: Iframe src: https://www.intermedia.net/crossdomain/frame.html
Source: https://www.intermedia.com/products/securisync	HTTP Parser: Iframe src: https://app-sj01.marketo.com/index.php/form/XDFrame
Source: https://www.intermedia.com/products/securisync	HTTP Parser: Iframe src: https://www.intermedia.net/crossdomain/frame.html
Source: https://www.intermedia.com/products/securisync	HTTP Parser: Iframe src: https://app-sj01.marketo.com/index.php/form/XDFrame

Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: No <meta name="author".. found
Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: No <meta name="author".. found
Source: https://www.intermedia.com/products/securisync	HTTP Parser: No <meta name="author".. found
Source: https://www.intermedia.com/products/securisync	HTTP Parser: No <meta name="author".. found

Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: No <meta name="copyright".. found
Source: https://www.intermedia.com/why-intermedia/compliance	HTTP Parser: No <meta name="copyright".. found
Source: https://www.intermedia.com/products/securisync	HTTP Parser: No <meta name="copyright".. found
Source: https://www.intermedia.com/products/securisync	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 199.193.202.116:443 -> 192.168.2.3:49681 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.202.116:443 -> 192.168.2.3:49680 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.69:443 -> 192.168.2.3:49687 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.69:443 -> 192.168.2.3:49686 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.119:443 -> 192.168.2.3:49689 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.119:443 -> 192.168.2.3:49688 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49691 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49692 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49690 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49693 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49695 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49694 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49696 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49698 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49699 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.202.116:443 -> 192.168.2.3:49700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49702 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.93.80:443 -> 192.168.2.3:49704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.93.80:443 -> 192.168.2.3:49703 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.27.190:443 -> 192.168.2.3:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.27.190:443 -> 192.168.2.3:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.3:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.3:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.144.84:443 -> 192.168.2.3:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.144.84:443 -> 192.168.2.3:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.125.140.154:443 -> 192.168.2.3:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.125.140.154:443 -> 192.168.2.3:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.41:443 -> 192.168.2.3:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.41:443 -> 192.168.2.3:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.29:443 -> 192.168.2.3:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.29:443 -> 192.168.2.3:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.69:443 -> 192.168.2.3:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.69:443 -> 192.168.2.3:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.111:443 -> 192.168.2.3:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.111:443 -> 192.168.2.3:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.156.70:443 -> 192.168.2.3:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.156.70:443 -> 192.168.2.3:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 80.75.66.243:443 -> 192.168.2.3:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 80.75.66.243:443 -> 192.168.2.3:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.131:443 -> 192.168.2.3:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.131:443 -> 192.168.2.3:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 93.158.134.119:443 -> 192.168.2.3:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 93.158.134.119:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 154.47.36.17:443 -> 192.168.2.3:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 154.47.36.17:443 -> 192.168.2.3:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.147.68:443 -> 192.168.2.3:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.147.68:443 -> 192.168.2.3:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.68:443 -> 192.168.2.3:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.68:443 -> 192.168.2.3:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.137.162:443 -> 192.168.2.3:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.137.162:443 -> 192.168.2.3:49768 version: TLS 1.2

Source: securisync[1].htm.2.dr	String found in binary or memory: <a class="fancybox-media vid-link with-icon" href="https://www.youtube.com/watch?v=IFcmZPTAtic">See how SecuriSync protects against ransomware-related downtime</a> equals www.youtube.com (Youtube)
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: <a class="facebook social-icon" target="_blank" href="https://www.facebook.com/intermedia.inc"> equals www.facebook.com (Facebook)
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: <a class="linkedin social-icon" target="_blank" href="https://www.linkedin.com/company/intermedia"> equals www.linkedin.com (Linkedin)
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: <a class="linkedin social-icon" target="_blank" href="https://www.youtube.com/channel/UCU-qlUSGWdMC95HVO5hHPrg "> equals www.youtube.com (Youtube)
Source: gtm[1].js.2.dr	String found in binary or memory: "vtp_html":"\u003Cscript type=\"text\/gtmscript\"\u003E!function(b,e,f,g,a,c,d){b.fbq\|\|(a=b.fbq=function(){a.callMethod?a.callMethod.apply(a,arguments):a.queue.push(arguments)},b._fbq\|\|(b._fbq=a),a.push=a,a.loaded=!0,a.version=\"2.0\",a.queue=[],c=e.createElement(f),c.async=!0,c.src=g,d=e.getElementsByTagName(f)[0],d.parentNode.insertBefore(c,d))}(window,document,\"script\",\"https:\/\/connect.facebook.net\/en_US\/fbevents.js\");fbq(\"dataProcessingOptions\",[\"LDU\"],0,0);fbq(\"init\",\"387569738474119\");fbq(\"track\",\"PageView\");\u003C\/script\u003E\n\u003Cnoscript\u003E\u003Cimg height=\"1\" width=\"1\" style=\"display:none\" src=\"https:\/\/www.facebook.com\/tr?id=387569738474119\u0026amp;ev=PageView\u0026amp;noscript=1\u0026amp;dpo=LDU\u0026amp;dpoco=0\u0026amp;dpost=0\"\u003E\u003C\/noscript\u003E", equals www.facebook.com (Facebook)
Source: customization[1].json.2.dr	String found in binary or memory: "VideosLink": "https://www.youtube.com/playlist?list=PLCRe8TVknTfsvF3zPUZWzwYpDJVlcLz6e", equals www.youtube.com (Youtube)
Source: 387569738474119[1].js.2.dr	String found in binary or memory: (function(a,b,c,d){var e={exports:{}};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage\|\|function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correctly on this page"},"");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]\|\|(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModuleRegistered=function(b,a){f.fbIsModuleLoaded(b)\|\|(f.__fbeventsModules[b]=a)});f.ensureModuleRegistered("signalsFBEventsGetIwlUrl",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=f.getFbeventsModules("signalsFBEventsGetTier");e.exports=function(b,c){c=a(c);c=c==null?"www.facebook.com":"www."+c+".facebook.com";return"https://"+c+"/signals/iwl.js?pixel_id="+b}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("signalsFBEventsGetTier",function(){return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEvents.plugins.iwlbootstrapper",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var c=f.getFbeventsModules("SignalsFBEventsIWLBootStrapEvent"),d=f.getFbeventsModules("SignalsFBEventsLogging"),g=f.getFbeventsModules("SignalsFBEventsNetworkConfig"),h=f.getFbeventsModules("SignalsFBEventsPlugin"),i=f.getFbeventsModules("signalsFBEventsGetIwlUrl"),j=f.getFbeventsModules("signalsFBEventsGetTier"),k=d.logUserError,l=/^https:\/\/.\.facebook\.com$/i,m="FACEBOOK_IWL_CONFIG_STORAGE_KEY",n=a.sessionStorage?a.sessionStorage:{getItem:function(a){return null},removeItem:function(a){},setItem:function(a,b){}};e.exports=new h(function(d,e){function h(c,d){var e=b.createElement("script");e.async=!0;e.onload=function(){if(!a.FacebookIWL\|\|!a.FacebookIWL.init)return;var b=j(g.ENDPOINT);b!=null&&a.FacebookIWL.set&&a.FacebookIWL.set("tier",b);d()};a.FacebookIWLSessionEnd=function(){n.removeItem(m),a.close()};e.src=i(c,g.ENDPOINT);b.body&&b.body.appendChild(e)}var o=!1,p=function(a){return!!(e&&e.pixelsByID&&Object.prototype.hasOwnProperty.call(e.pixelsByID,a))};function q(){if(o)return;var b=n.getItem(m);if(!b)return;b=JSON.parse(b);var c=b.pixelID,d=b.graphToken,e=b.sessionStartTime;o=!0;h(c,function(){var b=p(c)?c:null;a.FacebookIWL.init(b,d,e)})}function r(b){if(o)return;h(b,func
Source: gtm[1].js.2.dr	String found in binary or memory: E=V("YT"),D=function(){e(C)};J(u.vtp_gtmOnSuccess);if(E)E.ready&&E.ready(D);else{var I=V("onYouTubeIframeAPIReady");qt("onYouTubeIframeAPIReady",function(){I&&I();D()});J(function(){for(var R=V("document"),Q=R.getElementsByTagName("script"),S=Q.length,T=0;T<S;T++){var Z=Q[T].getAttribute("src");if(b(Z,"iframe_api")\|\|b(Z,"player_api"))return}for(var L=R.getElementsByTagName("iframe"),W=L.length,ca=0;ca<W;ca++)if(!t&&c(L[ca],C.ic)){U("https://www.youtube.com/iframe_api");t=!0;break}})}}else J(u.vtp_gtmOnSuccess)} equals www.youtube.com (Youtube)
Source: gtm[1].js.2.dr	String found in binary or memory: Math.round(p);v["gtm.videoCurrentTime"]=Math.round(q);v["gtm.videoElapsedTime"]=Math.round(f);v["gtm.videoPercent"]=r;v["gtm.videoVisible"]=t;return v},ug:function(){e=cb()},Db:function(){d()}}};var zq=["www.youtube.com","www.youtube-nocookie.com"],Aq,Bq=!1,Cq=0; equals www.youtube.com (Youtube)
Source: www-widgetapi[1].js.2.dr	String found in binary or memory: n.setup=function(a,b){var c=document;if(a="string"===typeof a?c.getElementById(a):a)if(c="iframe"===a.tagName.toLowerCase(),b.host\|\|(b.host=c?Db(a.src):"https://www.youtube.com"),this.i=new Si(b),c\|\|(b=aj(this,a),this.m=a,(c=a.parentNode)&&c.replaceChild(b,a),a=b),this.h=a,this.h.id\|\|(this.h.id="widget"+Ga(this.h)),Mi[this.h.id]=this,window.postMessage){this.l=new P;bj(this);b=Z(this.i,"events");for(var d in b)b.hasOwnProperty(d)&&this.addEventListener(d,b[d]);for(var e in Oi)Oi.hasOwnProperty(e)&& equals www.youtube.com (Youtube)
Source: yt-tracking[1].js.2.dr	String found in binary or memory: tag.src = "https://www.youtube.com/player_api"; equals www.youtube.com (Youtube)
Source: gtm[1].js.2.dr	String found in binary or memory: var p=["www.youtube.com","www.youtube-nocookie.com"],q={UNSTARTED:-1,ENDED:0,PLAYING:1,PAUSED:2,BUFFERING:3,CUED:5},r,t=!1;(function(u){Y.__ytl=u;Y.__ytl.m="ytl";Y.__ytl.o=!0;Y.__ytl.priorityOverride=0})(function(u){u.vtp_triggerStartOption?m(u):vl(function(){m(u)})})}(); equals www.youtube.com (Youtube)
Source: player_api[1].js0.2.dr	String found in binary or memory: var scriptUrl = 'https:\/\/www.youtube.com\/s\/player\/997fe684\/www-widgetapi.vflset\/www-widgetapi.js';try{var ttPolicy=window.trustedTypes.createPolicy("youtube-widget-api",{createScriptURL:function(x){return x}});scriptUrl=ttPolicy.createScriptURL(scriptUrl)}catch(e){}if(!window["YT"])var YT={loading:0,loaded:0};if(!window["YTConfig"])var YTConfig={"host":"https://www.youtube.com"}; equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: securisync.intermedia.net

Source: tag[1].js.2.dr	String found in binary or memory: http://127.0.0.1
Source: IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].htm.2.dr	String found in binary or memory: http://angularjs.org
Source: st[1].js.2.dr	String found in binary or memory: http://bestiejs.github.io/json3
Source: vendor.bundle[1].js.2.dr	String found in binary or memory: http://g.co/ng/security#xss)
Source: vendor.bundle[1].js.2.dr	String found in binary or memory: http://g.co/ng/security#xss).
Source: st[1].js.2.dr	String found in binary or memory: http://james.padolsey.com
Source: jquery-custom-ui.min[1].js.2.dr	String found in binary or memory: http://jquery.com/
Source: st[1].js.2.dr, jquery-custom-ui.min[1].js.2.dr	String found in binary or memory: http://jquery.org/license
Source: st[1].js.2.dr	String found in binary or memory: http://kit.mit-license.org
Source: st[1].js.2.dr	String found in binary or memory: http://sizzlejs.com/
Source: st[1].js.2.dr	String found in binary or memory: http://unlicense.org/UNLICENSE
Source: jquery.lazyload[1].js.2.dr	String found in binary or memory: http://www.appelsiini.net/projects/lazyload
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: http://www.intermedia.co.uk/why-intermedia
Source: compliance[1].htm.2.dr	String found in binary or memory: http://www.intermedia.co.uk/why-intermedia/compliance
Source: securisync[1].htm.2.dr	String found in binary or memory: http://www.intermedia.com/products/securisync
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: http://www.intermedia.com/why-intermedia
Source: compliance[1].htm.2.dr	String found in binary or memory: http://www.intermedia.com/why-intermedia/compliance
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: http://www.jdpower.com
Source: jquery.lazyload[1].js.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: customization[1].json.2.dr	String found in binary or memory: https://account.securisync.intermedia.net/login/v1.1/
Source: gtm[1].js.2.dr	String found in binary or memory: https://ade.googlesyndication.com/ddm/activity
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://admin.us2sync.myonlinedata.net/provisioning
Source: js[2].js.2.dr, gtm[1].js.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: analytics[1].js.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://app-sj01.marketo.com/index.php/form/XDFrame
Source: customization[1].json.2.dr	String found in binary or memory: https://apps.apple.com/us/app/securisync/id471324547
Source: customization[1].json.2.dr	String found in binary or memory: https://auth.myonlinedata.net/locator/
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://auth.us2sync.myonlinedata.net/auth
Source: forms2[1].css.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=33654
Source: js[2].js.2.dr, gtm[1].js.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://cp.intermedia.net/ControlPanel/Login
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://cp.serverdata.net/Portal/Partner/Login
Source: www-widgetapi[1].js.2.dr	String found in binary or memory: https://developers.google.com/youtube/iframe_api_reference#Events
Source: munchkin[1].js0.2.dr	String found in binary or memory: https://developers.marketo.com/?p=7696
Source: munchkin[1].js.2.dr	String found in binary or memory: https://developers.marketo.com/MunchkinLicense.pdf
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://fonts.gstatic.com/
Source: gtm[1].js.2.dr	String found in binary or memory: https://github.com/krux/postscribe/blob/master/LICENSE.
Source: vendor.bundle[1].js.2.dr	String found in binary or memory: https://goo.gl/X2J8zc.
Source: vendor.bundle[1].js.2.dr	String found in binary or memory: https://goo.gl/wIDDiL
Source: customization[1].json.2.dr	String found in binary or memory: https://howto.securisync.com
Source: why-intermedia[1].htm0.2.dr, securisync[1].htm.2.dr	String found in binary or memory: https://kb.intermedia.net
Source: securisync[1].htm.2.dr	String found in binary or memory: https://kb.intermedia.net/Article/2554
Source: securisync[1].htm.2.dr	String found in binary or memory: https://kb.intermedia.net/Article/2652
Source: customization[1].json.2.dr	String found in binary or memory: https://kb.intermedia.net/article/3315
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://kms.us2sync.myonlinedata.net/kms
Source: tag[1].js.2.dr	String found in binary or memory: https://mc.yandex.
Source: tag[1].js.2.dr	String found in binary or memory: https://mc.yandex.md/cc
Source: js[2].js.2.dr, gtm[1].js.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://partnersales.intermedia.net
Source: customization[1].json.2.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=net.intermedia.securisync.ui&hl=en
Source: insight.min[1].js.2.dr	String found in binary or memory: https://px.ads.linkedin.com/collect?
Source: insight.min[1].js.2.dr	String found in binary or memory: https://px.ads.linkedin.com/insight_tag_errors.gif?
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisyn.com/products/securisynclic_share=IpnIUjFRDCv9PeEVchmZ5r003e9f
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisyn.com/why-intermedia/complianceRoot
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisyn.com/why-intermediasynclic_share=IpnIUjFRDCv9PeEVchmZ5r003e9f
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.int
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.inte9fc4
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.inteRoot
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.inteame.html
Source: customization[1].json.2.dr	String found in binary or memory: https://securisync.intermedia.net/downloads/securisync/documents/SecuriSync%20Get%20Started%20Guide%
Source: customization[1].json.2.dr	String found in binary or memory: https://securisync.intermedia.net/downloads/securisync/documents/SecuriSync-Get-Started-Guide-for-Fi
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://securisync.intermedia.net/us2
Source: IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].htm.2.dr	String found in binary or memory: https://securisync.intermedia.net/us2/
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr, {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.intermedia.net/us2/s/IpnIUjFRDCv9PeEVchmZ5r003e9fc4
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.intermedia.net/us2/s/IpnIUjFRDCv9PeEVchmZ5r003e9fc4Root
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.intermedia.net/us2/s/IpnIUjFRDCv9PeEVchmZ5r003e9fc4ermedia.net/us2/s/IpnIUjFRDCv9
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://securisync.intermedia.net/us2/s/file?public_share=IpnIUjFRDCv9PeEVchmZ5r003e9fc4
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://securisync.intermedia.net/us2/s/login?public_share=IpnIUjFRDCv9PeEVchmZ5r003e9fc4
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisync.intermedia.net/us2/s/login?public_share=IpnIUjFRDCv9PeEVchmZ5r003eRoot
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisynermedia.net/us2/s/file?public_share=IpnIUjFRDCv9PeEVchmZ5r003e9f
Source: {C4C43A1D-D023-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://securisynermedia.net/us2/s/login?public_share=IpnIUjFRDCv9PeEVchmZ5r003e9
Source: gtm[1].js.2.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: st[1].js.2.dr	String found in binary or memory: https://st1.dialogtech.com/st/
Source: st[1].js.2.dr	String found in binary or memory: https://st1.dialogtech.com/st/locations
Source: st[1].js.2.dr	String found in binary or memory: https://st2.dialogtech.com/st/log
Source: analytics[1].js.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: st[1].js.2.dr	String found in binary or memory: https://stcdproducer.dialogtech.com/v1/data
Source: analytics[1].js.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://twitter.com/intermedia_net
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/chats
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/data
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/data_sse
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/diagnostic
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/metadata
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/update
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://us2sync.myonlinedata.net/v3
Source: tp.widget.sync.bootstrap.min[1].js.2.dr	String found in binary or memory: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Source: us2[1].json.2.dr, externalshare_IpnIUjFRDCv9PeEVchmZ5r003e9fc4[1].json.2.dr	String found in binary or memory: https://wopi.us2sync.myonlinedata.net/wopi
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.anymeeting.com/AccountManager/Login.aspx
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: analytics[1].js.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: analytics[1].js.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: js[2].js.2.dr, gtm[1].js.2.dr	String found in binary or memory: https://www.google.com
Source: js[2].js.2.dr, gtm[1].js.2.dr	String found in binary or memory: https://www.googletagmanager.com/a?id=
Source: js[2].js.2.dr, gtm[1].js.2.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-N47LFD
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.co.uk/
Source: frame[1].htm.2.dr, why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.com
Source: customization[1].json.2.dr	String found in binary or memory: https://www.intermedia.com/assets/pdf/legal/Intermedia-SecuriSync-EULA.pdf
Source: customization[1].json.2.dr	String found in binary or memory: https://www.intermedia.com/assets/pdf/legal/Intermedia-SecuriSync-ExternalUserTerms.pdf
Source: customization[1].json.2.dr	String found in binary or memory: https://www.intermedia.com/assets/pdf/legal/Intermedia-SecuriSync-Open-Source-Notice-File.pdf
Source: why-intermedia[1].htm0.2.dr, customization[1].json.2.dr	String found in binary or memory: https://www.intermedia.com/assets/pdf/legal/PrivacyPolicy.pdf
Source: imagestore.dat.2.dr	String found in binary or memory: https://www.intermedia.com/assets/tracked/img/favicon.ico
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.com/blog/animal-hospital-and-pet-resort-sets-new-standards/
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.com/blog/judicial-district-uses-technology-to-keep-courts-in-session/
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.com/blog/should-your-business-offer-flexible-work-arrangements-permanently/
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.com/blog/stranded-oil-leverages-intermedias-communications-and-collaboration-
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.com/blog/whats-the-best-cloud-storage-for-business/
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.com/blog/why-cloud-phone-systems-are-the-future/
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.com/login/voice
Source: customization[1].json.2.dr	String found in binary or memory: https://www.intermedia.com/products/SecuriSync
Source: customization[1].json.2.dr, securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.com/products/securisync
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/products/securisynclic_share=IpnIUjFRDCv9PeEVchmZ5r003e9fc4
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/products/securisynclic_share=IpnIUjFRDCv9PeEVchmZ5r003e9fc4a.net/us2/s/fi
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/products/securisyncrCloud
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr, why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia
Source: www.intermedia[1].xml.2.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia"
Source: customization[1].json.2.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia/
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr, compliance[1].htm.2.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia/compliance
Source: www.intermedia[1].xml.2.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia/compliance"
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia/complianceare=IpnIUjFRDCv9PeEVchmZ5r003e9fc4
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/why-intermedia/compliancezIT
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/why-intermediarWorry-Free
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/why-intermediasynclic_share=IpnIUjFRDCv9PeEVchmZ5r003e9fc4
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.com/why-intermediasynclic_share=IpnIUjFRDCv9PeEVchmZ5r003e9fc4com/products/se
Source: frame[1].htm.2.dr	String found in binary or memory: https://www.intermedia.net
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.intermedia.net/blog
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.net/blog/category/services/securisync/
Source: ~DF7C8DA5896C7BBD32.TMP.1.dr	String found in binary or memory: https://www.intermedia.net/crossdomain/frame.html
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.net/report/ransomware
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.intermedia.net/report/ransomware#continuity
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.linkedin.com/company/intermedia
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.tsia.com
Source: www-widgetapi[1].js.2.dr, player_api[1].js0.2.dr	String found in binary or memory: https://www.youtube.com
Source: why-intermedia[1].htm0.2.dr	String found in binary or memory: https://www.youtube.com/channel/UCU-qlUSGWdMC95HVO5hHPrg
Source: gtm[1].js.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api
Source: yt-tracking[1].js.2.dr	String found in binary or memory: https://www.youtube.com/player_api
Source: customization[1].json.2.dr	String found in binary or memory: https://www.youtube.com/playlist?list=PLCRe8TVknTfsvF3zPUZWzwYpDJVlcLz6e
Source: securisync[1].htm.2.dr	String found in binary or memory: https://www.youtube.com/watch?v=IFcmZPTAtic
Source: tag[1].js.2.dr	String found in binary or memory: https://yandexmetrica.com
Source: tag[1].js.2.dr	String found in binary or memory: https://yastatic.net/s3/gdpr/popup/v2/
Source: tag[1].js.2.dr	String found in binary or memory: https://ymetrica1.com/watch/3/1
Source: securisync[1].htm.2.dr	String found in binary or memory: https://youtu.be/enLvRvNVEdY

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49694
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49693
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49692
Source: unknown	Network traffic detected: HTTP traffic on port 49692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49690
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49689
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49688
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49687
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49686
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49685
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49684
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49683
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49682
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49681
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49680
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49687 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 199.193.202.116:443 -> 192.168.2.3:49681 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.202.116:443 -> 192.168.2.3:49680 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.69:443 -> 192.168.2.3:49687 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.69:443 -> 192.168.2.3:49686 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.119:443 -> 192.168.2.3:49689 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.119:443 -> 192.168.2.3:49688 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49691 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49692 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49690 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49693 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49695 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.200.121.85:443 -> 192.168.2.3:49694 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49696 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49698 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.200.116:443 -> 192.168.2.3:49699 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.193.202.116:443 -> 192.168.2.3:49700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49702 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.93.80:443 -> 192.168.2.3:49704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.93.80:443 -> 192.168.2.3:49703 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.27.190:443 -> 192.168.2.3:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.27.190:443 -> 192.168.2.3:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.3:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.3:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.144.84:443 -> 192.168.2.3:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.144.84:443 -> 192.168.2.3:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.125.140.154:443 -> 192.168.2.3:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.125.140.154:443 -> 192.168.2.3:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.41:443 -> 192.168.2.3:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.89.41:443 -> 192.168.2.3:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.244.197.215:443 -> 192.168.2.3:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.29:443 -> 192.168.2.3:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.29:443 -> 192.168.2.3:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.69:443 -> 192.168.2.3:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.69:443 -> 192.168.2.3:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.111:443 -> 192.168.2.3:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.111:443 -> 192.168.2.3:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.156.70:443 -> 192.168.2.3:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.156.70:443 -> 192.168.2.3:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 80.75.66.243:443 -> 192.168.2.3:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 80.75.66.243:443 -> 192.168.2.3:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.131:443 -> 192.168.2.3:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.131:443 -> 192.168.2.3:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 93.158.134.119:443 -> 192.168.2.3:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 93.158.134.119:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 154.47.36.17:443 -> 192.168.2.3:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 154.47.36.17:443 -> 192.168.2.3:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.147.68:443 -> 192.168.2.3:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.28.147.68:443 -> 192.168.2.3:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.68:443 -> 192.168.2.3:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.99.68:443 -> 192.168.2.3:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.137.162:443 -> 192.168.2.3:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.162.137.162:443 -> 192.168.2.3:49768 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@3/152@33/23

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF94C390ACE305242B.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5888 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5888 CREDAT:17410 /prefetch:2	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

ID:	436463
Product:	CloudBasic
Start time:	03:54:26
Start date:	18.06.2021
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Windows Analysis Report https://securisync.intermedia.net/us2/s/IpnIUjFRDCv9PeEVchmZ5r003e9fc4

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing:

Compliance:

Networking:

System Summary:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Contacted Domains

Contacted URLs