Windows Analysis Report Corona als Dank.docx

Overview

General Information

Sample Name:	Corona als Dank.docx
Analysis ID:	441230
MD5:	a19832a2c9c96060b65abb12ec718d6e
SHA1:	3f7a955accb1b1a9ea77a8f02006fa8781f1232c
SHA256:	44756d412d9244cc966b63f44435779e9d9d6fe55fd15c08818b1614c8f81312
Infos:
Most interesting Screenshot:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	60%

Signatures

IP address seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

Classification

Signatures

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

File opened: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\MSVCR90.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49167 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.129.26:443 -> 192.168.2.22:49169 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49172 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49171 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49173 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49176 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49174 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49175 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.129.26:443 -> 192.168.2.22:49170 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.102.176.152:443 -> 192.168.2.22:49178 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.102.176.152:443 -> 192.168.2.22:49177 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49183 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.231.78.0:443 -> 192.168.2.22:49181 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.231.78.0:443 -> 192.168.2.22:49182 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.217:443 -> 192.168.2.22:49186 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.217:443 -> 192.168.2.22:49187 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49185 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49184 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.61.163:443 -> 192.168.2.22:49188 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.61.163:443 -> 192.168.2.22:49189 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.2.188.208:443 -> 192.168.2.22:49190 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.2.188.208:443 -> 192.168.2.22:49191 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.2.188.208:443 -> 192.168.2.22:49192 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.188:443 -> 192.168.2.22:49193 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.188:443 -> 192.168.2.22:49194 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49196 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49197 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.198:443 -> 192.168.2.22:49202 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.22:49211 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.198:443 -> 192.168.2.22:49204 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.22:49212 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.212.162:443 -> 192.168.2.22:49214 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.212.162:443 -> 192.168.2.22:49215 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.212.162:443 -> 192.168.2.22:49216 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.35:443 -> 192.168.2.22:49227 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.35:443 -> 192.168.2.22:49228 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.37:443 -> 192.168.2.22:49218 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.37:443 -> 192.168.2.22:49217 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.194:443 -> 192.168.2.22:49230 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.194:443 -> 192.168.2.22:49229 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.35:443 -> 192.168.2.22:49234 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.35:443 -> 192.168.2.22:49235 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49238 version: TLS 1.2

Networking:

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 151.101.194.217 151.101.194.217
Source: Joe Sandbox View	IP Address: 52.2.188.208 52.2.188.208

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 7dcce5b76c8b17472d024758970a406b

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

File created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{E195542A-72A2-4470-89E8-B7D87A58E0E0}.tmp

Jump to behavior

Source: global traffic

HTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.artsenvoorwaarheid.nlDNT: 1Connection: Keep-Alive

Source: gtm[1].js.3.dr	String found in binary or memory: "vtp_html":"\n\u003Cscript type=\"text\/gtmscript\"\u003E!function(b,e,f,g,a,c,d){b.fbq\|\|(a=b.fbq=function(){a.callMethod?a.callMethod.apply(a,arguments):a.queue.push(arguments)},b._fbq\|\|(b._fbq=a),a.push=a,a.loaded=!0,a.version=\"2.0\",a.queue=[],c=e.createElement(f),c.async=!0,c.src=g,d=e.getElementsByTagName(f)[0],d.parentNode.insertBefore(c,d))}(window,document,\"script\",\"\/\/connect.facebook.net\/en_US\/fbevents.js\");fbq(\"init\",\"1566517726971189\");fbq(\"track\",\"PageView\");\u003C\/script\u003E\n\u003Cnoscript\u003E\u003Cimg height=\"1\" width=\"1\" style=\"display:none\" src=\"https:\/\/www.facebook.com\/tr?id=1566517726971189\u0026amp;ev=PageView\u0026amp;noscript=1\"\u003E\u003C\/noscript\u003E\n", equals www.facebook.com (Facebook)
Source: identity[1].js.3.dr	String found in binary or memory: (function(a,b,c,d){var e={exports:{}};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage\|\|function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correctly on this page"},"");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]\|\|(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModuleRegistered=function(b,a){f.fbIsModuleLoaded(b)\|\|(f.__fbeventsModules[b]=a)});f.ensureModuleRegistered("signalsFBEventsGetIwlUrl",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=f.getFbeventsModules("signalsFBEventsGetTier");e.exports=function(b,c){c=a(c);c=c==null?"www.facebook.com":"www."+c+".facebook.com";return"https://"+c+"/signals/iwl.js?pixel_id="+b}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("signalsFBEventsGetTier",function(){return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEvents.plugins.iwlbootstrapper",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var c=f.getFbeventsModules("SignalsFBEventsIWLBootStrapEvent"),d=f.getFbeventsModules("SignalsFBEventsLogging"),g=f.getFbeventsModules("SignalsFBEventsNetworkConfig"),h=f.getFbeventsModules("SignalsFBEventsPlugin"),i=f.getFbeventsModules("signalsFBEventsGetIwlUrl"),j=f.getFbeventsModules("signalsFBEventsGetTier"),k=d.logUserError,l=/^https:\/\/.\.facebook\.com$/i,m="FACEBOOK_IWL_CONFIG_STORAGE_KEY",n=a.sessionStorage?a.sessionStorage:{getItem:function(a){return null},removeItem:function(a){},setItem:function(a,b){}};e.exports=new h(function(d,e){function h(c,d){var e=b.createElement("script");e.async=!0;e.onload=function(){if(!a.FacebookIWL\|\|!a.FacebookIWL.init)return;var b=j(g.ENDPOINT);b!=null&&a.FacebookIWL.set&&a.FacebookIWL.set("tier",b);d()};a.FacebookIWLSessionEnd=function(){n.removeItem(m),a.close()};e.src=i(c,g.ENDPOINT);b.body&&b.body.appendChild(e)}var o=!1,p=function(a){return!!(e&&e.pixelsByID&&Object.prototype.hasOwnProperty.call(e.pixelsByID,a))};function q(){if(o)return;var b=n.getItem(m);if(!b)return;b=JSON.parse(b);var c=b.pixelID,d=b.graphToken,e=b.sessionStartTime;o=!0;h(c,function(){var b=p(c)?c:null;a.FacebookIWL.init(b,d,e)})}function r(b){if(o)return;h(b,func
Source: gtm[1].js.3.dr	String found in binary or memory: function Tq(a,b){}function Uq(a,b,c){};var Vq=!!A.MutationObserver,Wq=void 0,Xq=function(a){if(!Wq){var b=function(){var c=H.body;if(c)if(Vq)(new MutationObserver(function(){for(var e=0;e<Wq.length;e++)J(Wq[e])})).observe(c,{childList:!0,subtree:!0});else{var d=!1;hc(c,"DOMNodeInserted",function(){d\|\|(d=!0,J(function(){d=!1;for(var e=0;e<Wq.length;e++)J(Wq[e])}))})}};Wq=[];H.body?b():J(b)}Wq.push(a)};var Zq=["www.youtube.com","www.youtube-nocookie.com"],$q,ar=!1,br=0; equals www.youtube.com (Youtube)
Source: YZ4GE8GX.txt.3.dr	String found in binary or memory: www.linkedin.com/ equals www.linkedin.com (Linkedin)

Source: unknown

DNS traffic detected: queries for: www.artsenvoorwaarheid.nl

Source: 77EC63BDA74BD0D0E0426DC8F8008506.3.dr	String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: http://dev.wix.com/
Source: santa-components.prod[1].js.3.dr	String found in binary or memory: http://feross.org
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://img.youtube.com/vi/CakiQCH5ZY0/mqdefault.jpg
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://img.youtube.com/vi/CakiQCH5ZY0/mqdefault.jpg"
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: http://investors.wix.com/
Source: bolt-custom-elements.min[1].js.3.dr	String found in binary or memory: http://polymer.github.io/AUTHORS.txt
Source: bolt-custom-elements.min[1].js.3.dr	String found in binary or memory: http://polymer.github.io/CONTRIBUTORS.txt
Source: bolt-custom-elements.min[1].js.3.dr	String found in binary or memory: http://polymer.github.io/LICENSE.txt
Source: bolt-custom-elements.min[1].js.3.dr	String found in binary or memory: http://polymer.github.io/PATENTS.txt
Source: minified[1].js.3.dr	String found in binary or memory: http://rock.mit-license.org
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://static.wixstatic.com/media/139571a1212e4d3d8074041626ba3ed6.jpg
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://static.wixstatic.com/media/139571a1212e4d3d8074041626ba3ed6.jpg"
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://static.wixstatic.com/media/bc001baa4397444f809fa5f147c28a9e.jpg
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://static.wixstatic.com/media/bc001baa4397444f809fa5f147c28a9e.jpg"
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://static.wixstatic.com/media/d967ba93f0314c78924edc8a8c8cfa15.jpg
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://static.wixstatic.com/media/d967ba93f0314c78924edc8a8c8cfa15.jpg"
Source: lodash.min[1].js.3.dr	String found in binary or memory: http://underscorejs.org/LICENSE
Source: helvetica[1].css.3.dr, internet-explorer[1].htm.3.dr	String found in binary or memory: http://webfonts.fonts.com
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.WantToKnow.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.artsenvoorwaarheid.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.bluetiger.studio.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.deblijeB.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.deguldenmiddenweg.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.denieuwewereld.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.deoorlogreedsverloren.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.devrijemare.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.eenoorlogreesverloren.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.moederhart.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.vaccinvrij.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.vrouwenvoorvrijheid.nl
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: http://www.wix.com/blog
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: http://www.wix.com/jobs/main
Source: gtm[1].js.3.dr	String found in binary or memory: https://ade.googlesyndication.com/ddm/activity
Source: gtm[1].js.3.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: analytics[1].js.3.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: f[1].txt.3.dr	String found in binary or memory: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://bo.wix.com/suricate/
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://browser.sentry-cdn.com/4.6.2/bundle.min.js
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://browser.sentry-cdn.com/5.21.4/bundle.min.js
Source: wixui.Captcha.chunk[1].js.3.dr	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=3056
Source: wixui.Captcha.chunk[1].js.3.dr	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=4118
Source: gtm[1].js.3.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://de.wix.com/outdated-browser/internet-explorer
Source: wixui.Captcha.chunk[1].js.3.dr	String found in binary or memory: https://developers.google.com/maps/faq#languagesupport
Source: wixui.Captcha.chunk[1].js.3.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/language
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://es.wix.com/outdated-browser/internet-explorer
Source: wixui.Captcha.chunk[1].js.3.dr	String found in binary or memory: https://facebook.github.io/react/docs/top-level-api.html#react.createclass
Source: react.production.min[1].js.3.dr	String found in binary or memory: https://fb.me/react-polyfills
Source: santa-components.prod[1].js.3.dr	String found in binary or memory: https://feross.org/opensource
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/amaticsc/v16/TUZ3zwprpvBS1izr_vOMscGKfLUE.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/amaticsc/v16/TUZyzwprpvBS1izr_vOECOSZ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/anton/v15/1Ptgg87LROyAm3Kz-Ck.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs_.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51oq.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/barlow/v5/7cHrv4kjgoGqM7E_Cfs7wHk.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/barlow/v5/7cHsv4kjgoGqM7E_CfOA5WouvTw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/basic/v10/xfu_0WLxV2_XKTNw6Fc.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/caudex/v10/esDQ311QOP6BJUr4zfKH.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/caudex/v10/esDS311QOP6BJUr4yMKDtbw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/caudex/v10/esDT311QOP6BJUrwdteUkp8F.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/caudex/v10/esDV311QOP6BJUr4yMo4kK8BMpM.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/chelseamarket/v8/BCawqZsHqfr89WNP_IApC8tzKChiJgk.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cinzel/v11/8vIU7ww63mVu7gtR-kwKxNvkNOjw-jHgfY3lCw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cinzel/v11/8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lCw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cookie/v12/syky-y18lb0tSbf9kgqU.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/corben/v14/LYjAdGzzklQtCMpFHCZQqnos.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/corben/v14/LYjDdGzzklQtCMpNpwND.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cormorantgaramond/v10/co3WmX5slCNuHLi8bLeY9MK7whWMhyjYrEPzvD-KzhU.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cormorantgaramond/v10/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQEl5fvg-O.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cormorantgaramond/v10/co3ZmX5slCNuHLi8bLeY9MK7whWMhyjYrEtImSw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cormorantgaramond/v10/co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtM.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/damion/v10/hv-XlzJ3KEUe_YZkamww.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/dancingscript/v16/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7B1i03Sup6.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/dancingscript/v16/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup6.woff)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GR1SDk_YAPI.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GR2SDk_YAPIlWk.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GR4SDk_YAPIlWk.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GR5SDk_YAPIlWk.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GR6SDk_YAPIlWk.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GR7SDk_YAPIlWk.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GRxSDk_YAPIlWk.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweD81ZyHKpWiGIg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweDQ1ZyHKpWiGIg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweDU1ZyHKpWiGIg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweDY1ZyHKpWiGIg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweDc1ZyHKpWiGIg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweDg1ZyHKpWiGIg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweDs1ZyHKpWg.woff2)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v15/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI95.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v15/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-DPNkBI95.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v15/SlGFmQSNjdsmc35JDF1K5GRwUjcdlttVFm-rI7dbR799U64.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v15/SlGFmQSNjdsmc35JDF1K5GRwUjcdlttVFm-rI7e8QL99U64.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/enriqueta/v10/gokpH6L7AUFrRvV44HVr92-3n9xD.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/enriqueta/v10/goksH6L7AUFrRvV44HVjTEqk.woff)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/enriqueta/v9/gokpH6L7AUFrRvV44HVr92-3kdxFiafDFtAi.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/enriqueta/v9/gokpH6L7AUFrRvV44HVr92-3n9xFiafDFg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/enriqueta/v9/goksH6L7AUFrRvV44HVjQkqisv5Io53K.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/enriqueta/v9/goksH6L7AUFrRvV44HVjTEqisv5Iow.woff2)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/forum/v11/6aey4Ky-Vb8Ew8IROpQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/frederickathegreat/v10/9Bt33CxNwt7aOctW2xjbCstzwVKsIBVV--SjxbE.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/jockeyone/v10/HTxpL2g2KjCFj4x8WI6AnIHxGg.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/josefinslab/v13/lW-qwjwOK3Ps5GSJlNNkMalnrxShJj4wo7AR-pHveD0NKIie.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/josefinslab/v13/lW-qwjwOK3Ps5GSJlNNkMalnrxShJj4wo7AR-pHvnzoNKIie.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/josefinslab/v13/lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W71msR349LA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/josefinslab/v13/lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W776rR349LA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/jura/v16/z7NOdRfiaC4Vd8hhoPzfb5vBTP1d7ZumR_4.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/jura/v16/z7NOdRfiaC4Vd8hhoPzfb5vBTP266pumR_4.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/kellyslab/v11/-W_7XJX0Rz3cxUnJC5t6fkQLeA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHjxsAXC-s.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPHw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u_w4BMUTPHjxsI5wq_Gwfr.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wWA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/librebaskerville/v9/kmKhZrc3Hgbbcjq75U4uslyuy4kn0qNcWxEQCg.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/librebaskerville/v9/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcY.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/librebaskerville/v9/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxU.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/lobster/v23/neILzCirqoswsqX9zoKmNQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/marckscript/v11/nwpTtK2oNgBA3Or78gapdwuyyCg5.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/monoton/v10/5h1aiZUrOngCibe4TkHLRA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZ2.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUQjIg1_i6t8kCHKm459WxRyS7g.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD-A.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhzQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/mrdehaviland/v9/OpNVnooIhJj96FdB73296ksbOg3F60U.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/niconne/v10/w8gaH2QvRug1_rTfnQyn3w.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/noticiatext/v10/VuJ2dNDF2Yv9qppOePKYRP12Zjte.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/noticiatext/v10/VuJodNDF2Yv9qppOePKYRP12Ywtan0g.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/noticiatext/v10/VuJpdNDF2Yv9qppOePKYRP1-3R5NuGvW.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/noticiatext/v10/VuJrdNDF2Yv9qppOePKYRP12YwPhulvShDM.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMQQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMQQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/overlock/v10/Z9XQDmdMWRiN1_T9Z7Tc0FWJhr6j9w.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/overlock/v10/Z9XSDmdMWRiN1_T9Z7xizfmLtro.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/overlock/v10/Z9XTDmdMWRiN1_T9Z7Tc2O6slQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/overlock/v10/Z9XVDmdMWRiN1_T9Z7TZ6Oo.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/patrickhand/v14/LDI1apSQOAYtSuYWp8ZhfYe8XsLN.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/play/v12/6ae84K2oVqwItm4TCpAy3A.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/play/v12/6aez4K2oVqwIvtU2GQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v22/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UXtHA
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v22/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtU.
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtU.
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlEw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLmy15VF9eI.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfedA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiGyp8kv8JHgFVrJJLucHtG.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/questrial/v13/QdVUSTchPBm7nuUeVf70viFj.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfJg.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrMfJg.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrc.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrc.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TzBic6CsI.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc-.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxM.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/rozhaone/v8/AlZy_zVFtYP12Zncg2kRcn3_.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sacramento/v8/buEzpo6gcdjy0EiZMBUG4C0f-w.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sail/v11/DPEjYwiBxwYJJBPJBw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sarina/v11/-F6wfjF3ITQwasLRKUrT.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/signika/v12/vEFO2_JTCgwQ5ejvMV0O96D01E8J0tJXHKbBjMg.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/signika/v12/vEFO2_JTCgwQ5ejvMV0O96D01E8J0tKwG6bBjMg.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/spinnaker/v12/w8gYH2oyX-I0_rvR6HmX23YM.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/suezone/v5/taiJGmd_EZ6rqscQgOFMmo0.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY9z_wNahGAdqQ43Rh_ebrnlwyYfEPxPoGU3ms5pIfe.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY9z_wNahGAdqQ43Rh_ebrnlwyYfEPxPoGUOWw5pIfe.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fr.wix.com/outdated-browser/internet-explorer
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://frog.wix.com/bt?src=29&evid=3
Source: bundle.min[1].js0.3.dr, bundle.min[1].js.3.dr	String found in binary or memory: https://github.com/getsentry/sentry-javascript
Source: gtm[1].js.3.dr	String found in binary or memory: https://github.com/krux/postscribe/blob/master/LICENSE.
Source: imageClientApi[1].js.3.dr	String found in binary or memory: https://github.com/madrobby/zepto/blob/master/MIT-LICENSE
Source: imageClientApi[1].js.3.dr	String found in binary or memory: https://github.com/madrobby/zepto/blob/master/src/detect.js#files
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://github.com/wix/yoshi/issues/2689
Source: minified[1].js.3.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: f[1].txt0.3.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1006927621/?random
Source: gsap.min[1].js.3.dr	String found in binary or memory: https://greensock.com
Source: gsap.min[1].js.3.dr	String found in binary or memory: https://greensock.com/standard-license
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://ja.wix.com/outdated-browser/internet-explorer
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://ko.wix.com/outdated-browser/internet-explorer
Source: lodash.min[1].js.3.dr	String found in binary or memory: https://lodash.com/
Source: lodash.min[1].js.3.dr	String found in binary or memory: https://lodash.com/license
Source: lodash.min[1].js.3.dr, lodash.min[1].js0.3.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.
Source: lodash.min[1].js.3.dr	String found in binary or memory: https://openjsf.org/
Source: gtm[1].js.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: gtm[1].js.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com/
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://polyfill.io/v3/polyfill.min.js?features=fetch
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://pt.wix.com/outdated-browser/internet-explorer
Source: insight.min[1].js.3.dr	String found in binary or memory: https://px.ads.linkedin.com/collect?
Source: insight.min[1].js.3.dr	String found in binary or memory: https://px.ads.linkedin.com/insight_tag_errors.gif?
Source: react-dom.production.min[1].js.3.dr, react.production.min[1].js.3.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: wixui.Captcha.chunk[1].js.3.dr	String found in binary or memory: https://recaptcha.net/recaptcha/api.js
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://ru.wix.com/outdated-browser/internet-explorer
Source: core[1].js.3.dr	String found in binary or memory: https://s.pinimg.com/ct/lib/main.c6ca189a.js
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://siteassets.parastorage.com/pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.addres
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://siteassets.parastorage.com/pages/singlePage/viewerViewModeJson
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/client/pfavico.ico
Source: imagestore.dat.3.dr	String found in binary or memory: https://static.parastorage.com/client/pfavico.ico~
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/Container_DefaultAreaSkin.0b1317f3.chun
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/FiveGridLine_NotchDashedLine.aad659a0.c
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/SlideShowSlide.ed4bbfec.chunk.min.css
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/VerticalMenu_VerticalMenuSolidColorSkin
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/VideoPlayer.06bb53f1.chunk.min.css
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/bootstrap-components-responsive.4c4fb78
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/componentSdks.53d69c69.bundle.min.js
Source: F2MQQRVE.htm.3.dr, thunderboltElements.07dab272.bundle.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/thunderboltElements.07dab272.bundle.min
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v11/wixMade
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v7/helvetic
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/santa/1.1651.0
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/tag-manager-client/1.427.0/siteTags.bundle.min.js
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/web/1.1777.0/javascript/wysiwyg/viewer/deprecatedbrowsers/Up
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-bolt/1.7264.0
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-bolt/1.7264.0/bolt-main/app/bolt-custom-elements.min.js
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-bolt/1.7264.0/bolt-main/app/main-r.min.js
Source: F2MQQRVE.htm.3.dr, internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-perf-measure/1.501.0/wix-perf-measure.bundle.min.js
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/bi-common.inline.126f35b2.bundle.min.js
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/bi.inline.cf9319d3.bundle.min.js
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/bi.inline.cf9319d3.bundle.min.js.map
Source: F2MQQRVE.htm.3.dr, bootstrap-features.53639d1b.bundle.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/bootstrap-features.53639d1b.bundle.min.
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/browser-deprecation.inline.36d57dbc.bun
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/createPlatformWorker.inline.f762923e.bu
Source: custom-elements-polyfill.39b1b49f.chunk.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/custom-elements-polyfill.39b1b49f.chunk
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/externals-registry.inline.d76c0075.bund
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/initCustomElements.inline.b649141a.bund
Source: intersection-observer-polyfill.67fb87dd.chunk.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/intersection-observer-polyfill.67fb87dd
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/main.a9ba068a.bundle.min.js
Source: main.a9ba068a.bundle.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/main.a9ba068a.bundle.min.js.map
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/sendFedopsLoadStarted.inline.5a36bd68.b
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/tslib.inline.909b9ad8.bundle.min.js
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/tslib.inline.909b9ad8.bundle.min.js.map
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/webpack-runtime.2bd38f9a.bundle.min.js.
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/windowMessageRegister.inline.6ff9ddf9.b
Source: wix-resize-observer-polyfill.56f8c1c1.chunk.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/wix-resize-observer-polyfill.56f8c1c1.c
Source: viewerComponentService.bundle[1].js.3.dr, dataRefs.bundle.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-ui-santa/1.1606.0/
Source: F2MQQRVE.htm.3.dr, internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/core-js-bundle
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/focus-within-polyfill
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/lodash
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/react
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/react-dom
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/requirejs-bolt
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/whatwg-fetch
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.wixstatic.com/media/311dce_77ca1007cf83485da0b7e16ffb9735ac~mv2.png/v1/fill/w_1200
Source: analytics[1].js.3.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: f[1].txt.3.dr, analytics[1].js.3.dr	String found in binary or memory: https://tagassistant.google.com/
Source: fetch.umd[1].js.3.dr	String found in binary or memory: https://tools.ietf.org/html/rfc7230#section-3.2
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://users.wix.com/wix-users
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://www.artsenvoorwaarheid.nl
Source: F2MQQRVE.htm.3.dr, ~DFF2A861D030BF6D04.TMP.2.dr	String found in binary or memory: https://www.artsenvoorwaarheid.nl/
Source: {822F0859-D85A-11EB-ADCF-ECF4BBB5915B}.dat.2.dr	String found in binary or memory: https://www.artsenvoorwaarheid.nl/Root
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://www.artsenvoorwaarheid.nl/informed-consent
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.google.com
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://www.google.com/intl/en/chrome/
Source: f[2].txt.3.dr	String found in binary or memory: https://www.google.com/pagead/1p-user-list/642100862/?random
Source: f[1].txt1.3.dr	String found in binary or memory: https://www.google.com/pagead/1p-user-list/819384062/?random
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.google.com/pagead/conversion_async.js
Source: f[2].txt.3.dr	String found in binary or memory: https://www.google.de/pagead/1p-user-list/642100862/?random
Source: f[1].txt1.3.dr	String found in binary or memory: https://www.google.de/pagead/1p-user-list/819384062/?random
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.googletagmanager.com/a?id=
Source: gtm[1].js.3.dr, f[1].txt.3.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/new/
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://www.nvkp.nl/fileadmin/nvkp/pdf/NVKP_kinderen_en_Covid-19_met_bronnen.pdf
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://www.wix.com/favicon.ico
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://www.wix.com/outdated-browser/internet-explorer

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49227
Source: unknown	Network traffic detected: HTTP traffic on port 49185 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49189
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49188
Source: unknown	Network traffic detected: HTTP traffic on port 49181 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49186
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49185
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49184
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49183
Source: unknown	Network traffic detected: HTTP traffic on port 49189 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49182
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49181
Source: unknown	Network traffic detected: HTTP traffic on port 49204 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49195 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49176 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49191 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49214 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49218
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49217
Source: unknown	Network traffic detected: HTTP traffic on port 49184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49216
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49215
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49214
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49212
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49211
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49177
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49176
Source: unknown	Network traffic detected: HTTP traffic on port 49190 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49175
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49174
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49173
Source: unknown	Network traffic detected: HTTP traffic on port 49188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49172
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49171
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49170
Source: unknown	Network traffic detected: HTTP traffic on port 49228 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49167 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49177 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49238 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49217 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49169
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49202
Source: unknown	Network traffic detected: HTTP traffic on port 49187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49167
Source: unknown	Network traffic detected: HTTP traffic on port 49183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49231 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49174 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49235 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49216 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49218 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49238
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49235
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49234
Source: unknown	Network traffic detected: HTTP traffic on port 49186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49182 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49231
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49197
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49230
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49196
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49195
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49194
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49193
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49192
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49191
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49190
Source: unknown	Network traffic detected: HTTP traffic on port 49196 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49229 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49175 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49169 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49229
Source: unknown	Network traffic detected: HTTP traffic on port 49215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49228

Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49167 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.129.26:443 -> 192.168.2.22:49169 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49172 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49171 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49173 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49176 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49174 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49175 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.129.26:443 -> 192.168.2.22:49170 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.102.176.152:443 -> 192.168.2.22:49178 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.102.176.152:443 -> 192.168.2.22:49177 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49183 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.231.78.0:443 -> 192.168.2.22:49181 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.231.78.0:443 -> 192.168.2.22:49182 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.217:443 -> 192.168.2.22:49186 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.217:443 -> 192.168.2.22:49187 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49185 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49184 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.61.163:443 -> 192.168.2.22:49188 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.61.163:443 -> 192.168.2.22:49189 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.2.188.208:443 -> 192.168.2.22:49190 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.2.188.208:443 -> 192.168.2.22:49191 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.2.188.208:443 -> 192.168.2.22:49192 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.188:443 -> 192.168.2.22:49193 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.188:443 -> 192.168.2.22:49194 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49196 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49197 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.198:443 -> 192.168.2.22:49202 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.22:49211 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.198:443 -> 192.168.2.22:49204 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.22:49212 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.212.162:443 -> 192.168.2.22:49214 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.212.162:443 -> 192.168.2.22:49215 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.212.162:443 -> 192.168.2.22:49216 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.35:443 -> 192.168.2.22:49227 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.35:443 -> 192.168.2.22:49228 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.37:443 -> 192.168.2.22:49218 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.37:443 -> 192.168.2.22:49217 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.194:443 -> 192.168.2.22:49230 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.194:443 -> 192.168.2.22:49229 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.35:443 -> 192.168.2.22:49234 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.35:443 -> 192.168.2.22:49235 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49238 version: TLS 1.2

Source: classification engine

Classification label: clean1.winDOCX@4/145@23/16

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

File created: C:\Users\user\Desktop\~$rona als Dank.docx

Jump to behavior

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

File created: C:\Users\user\AppData\Local\Temp\CVRB8C3.tmp

Jump to behavior

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE 'C:\Program Files\Microsoft Office\Office14\WINWORD.EXE' /Automation -Embedding
Source: unknown	Process created: C:\Program Files\Internet Explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\Internet Explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3044 CREDAT:275457 /prefetch:2
Source: C:\Program Files\Internet Explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3044 CREDAT:275457 /prefetch:2	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\StartupItems

Jump to behavior

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

File opened: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\MSVCR90.dll

Jump to behavior

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
185.230.61.163	163.www.sv5.wix.com	Israel	58182	WIX_COMIL	false
34.96.106.200	td-static-34-96-106-200.parastorage.com	United States	15169	GOOGLEUS	false
157.240.17.35	star-mini.c10r.facebook.com	United States	32934	FACEBOOKUS	false
157.240.17.15	scontent.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
35.246.6.109	td-balancer-euw2-6-109.wixdns.net	United States	15169	GOOGLEUS	false
151.101.194.217	browser.sentry-cdn.com	United States	54113	FASTLYUS	false
142.250.186.35	www.google.de	United States	15169	GOOGLEUS	false
104.17.71.188	fast.fonts.com	United States	13335	CLOUDFLARENETUS	false
142.250.185.198	dart.l.doubleclick.net	United States	15169	GOOGLEUS	false
34.231.78.0	bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
52.2.188.208	sentry-nlb-e70282e8a06dcc98.elb.us-east-1.amazonaws.com	United States	14618	AMAZON-AESUS	false
151.101.129.26	polyfill.io	United States	54113	FASTLYUS	false
142.250.185.194	pagead46.l.doubleclick.net	United States	15169	GOOGLEUS	false
34.102.176.152	gcp.media-router.wixstatic.com	United States	15169	GOOGLEUS	false
216.58.212.162	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
108.174.11.37	pop-esv5.mix.linkedin.com	United States	14413	LINKEDINUS	false

Contacted Domains

Name	IP	Active
www.google.de	142.250.186.35	true
star-mini.c10r.facebook.com	157.240.17.35	true
dart.l.doubleclick.net	142.250.185.198	true
pagead46.l.doubleclick.net	142.250.185.194	true
browser.sentry-cdn.com	151.101.194.217	true
td-balancer-euw2-6-109.wixdns.net	35.246.6.109	true
pop-esv5.mix.linkedin.com	108.174.11.37	true
gcp.media-router.wixstatic.com	34.102.176.152	true
fast.fonts.com	104.17.71.188	true
td-static-34-96-106-200.parastorage.com	34.96.106.200	true
scontent.xx.fbcdn.net	157.240.17.15	true
163.www.sv5.wix.com	185.230.61.163	true
googleads.g.doubleclick.net	216.58.212.162	true
sentry-nlb-e70282e8a06dcc98.elb.us-east-1.amazonaws.com	52.2.188.208	true
polyfill.io	151.101.129.26	true
td-username-euw2-6-109.wix.com	35.246.6.109	true
bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com	34.231.78.0	true
4382365.fls.doubleclick.net	unknown	unknown
www.facebook.com	unknown	unknown
static.wixstatic.com	unknown	unknown
siteassets.parastorage.com	unknown	unknown
www.linkedin.com	unknown	unknown
connect.facebook.net	unknown	unknown
px.ads.linkedin.com	unknown	unknown
ct.pinterest.com	unknown	unknown
adservice.google.de	unknown	unknown
en.wix.com	unknown	unknown
www.artsenvoorwaarheid.nl	unknown	unknown
frog.wix.com	unknown	unknown
snap.licdn.com	unknown	unknown
s.pinimg.com	unknown	unknown
sentry.wixpress.com	unknown	unknown
static.parastorage.com	unknown	unknown
www.wix.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://www.artsenvoorwaarheid.nl/	false	Avira URL Cloud: safe	unknown

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

File opened: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\MSVCR90.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49167 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.129.26:443 -> 192.168.2.22:49169 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49172 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49171 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49173 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49176 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49174 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49175 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.129.26:443 -> 192.168.2.22:49170 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.102.176.152:443 -> 192.168.2.22:49178 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.102.176.152:443 -> 192.168.2.22:49177 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49183 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.231.78.0:443 -> 192.168.2.22:49181 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.231.78.0:443 -> 192.168.2.22:49182 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.217:443 -> 192.168.2.22:49186 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.217:443 -> 192.168.2.22:49187 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49185 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49184 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.61.163:443 -> 192.168.2.22:49188 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.61.163:443 -> 192.168.2.22:49189 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.2.188.208:443 -> 192.168.2.22:49190 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.2.188.208:443 -> 192.168.2.22:49191 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.2.188.208:443 -> 192.168.2.22:49192 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.188:443 -> 192.168.2.22:49193 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.188:443 -> 192.168.2.22:49194 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49196 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49197 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.198:443 -> 192.168.2.22:49202 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.22:49211 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.198:443 -> 192.168.2.22:49204 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.22:49212 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.212.162:443 -> 192.168.2.22:49214 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.212.162:443 -> 192.168.2.22:49215 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.212.162:443 -> 192.168.2.22:49216 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.35:443 -> 192.168.2.22:49227 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.35:443 -> 192.168.2.22:49228 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.37:443 -> 192.168.2.22:49218 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.37:443 -> 192.168.2.22:49217 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.194:443 -> 192.168.2.22:49230 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.194:443 -> 192.168.2.22:49229 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.35:443 -> 192.168.2.22:49234 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.35:443 -> 192.168.2.22:49235 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49238 version: TLS 1.2

Networking:

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 151.101.194.217 151.101.194.217
Source: Joe Sandbox View	IP Address: 52.2.188.208 52.2.188.208

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 7dcce5b76c8b17472d024758970a406b

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

File created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{E195542A-72A2-4470-89E8-B7D87A58E0E0}.tmp

Jump to behavior

Source: global traffic

Source: gtm[1].js.3.dr	String found in binary or memory: "vtp_html":"\n\u003Cscript type=\"text\/gtmscript\"\u003E!function(b,e,f,g,a,c,d){b.fbq\|\|(a=b.fbq=function(){a.callMethod?a.callMethod.apply(a,arguments):a.queue.push(arguments)},b._fbq\|\|(b._fbq=a),a.push=a,a.loaded=!0,a.version=\"2.0\",a.queue=[],c=e.createElement(f),c.async=!0,c.src=g,d=e.getElementsByTagName(f)[0],d.parentNode.insertBefore(c,d))}(window,document,\"script\",\"\/\/connect.facebook.net\/en_US\/fbevents.js\");fbq(\"init\",\"1566517726971189\");fbq(\"track\",\"PageView\");\u003C\/script\u003E\n\u003Cnoscript\u003E\u003Cimg height=\"1\" width=\"1\" style=\"display:none\" src=\"https:\/\/www.facebook.com\/tr?id=1566517726971189\u0026amp;ev=PageView\u0026amp;noscript=1\"\u003E\u003C\/noscript\u003E\n", equals www.facebook.com (Facebook)
Source: identity[1].js.3.dr	String found in binary or memory: (function(a,b,c,d){var e={exports:{}};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage\|\|function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correctly on this page"},"");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]\|\|(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModuleRegistered=function(b,a){f.fbIsModuleLoaded(b)\|\|(f.__fbeventsModules[b]=a)});f.ensureModuleRegistered("signalsFBEventsGetIwlUrl",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=f.getFbeventsModules("signalsFBEventsGetTier");e.exports=function(b,c){c=a(c);c=c==null?"www.facebook.com":"www."+c+".facebook.com";return"https://"+c+"/signals/iwl.js?pixel_id="+b}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("signalsFBEventsGetTier",function(){return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEvents.plugins.iwlbootstrapper",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var c=f.getFbeventsModules("SignalsFBEventsIWLBootStrapEvent"),d=f.getFbeventsModules("SignalsFBEventsLogging"),g=f.getFbeventsModules("SignalsFBEventsNetworkConfig"),h=f.getFbeventsModules("SignalsFBEventsPlugin"),i=f.getFbeventsModules("signalsFBEventsGetIwlUrl"),j=f.getFbeventsModules("signalsFBEventsGetTier"),k=d.logUserError,l=/^https:\/\/.\.facebook\.com$/i,m="FACEBOOK_IWL_CONFIG_STORAGE_KEY",n=a.sessionStorage?a.sessionStorage:{getItem:function(a){return null},removeItem:function(a){},setItem:function(a,b){}};e.exports=new h(function(d,e){function h(c,d){var e=b.createElement("script");e.async=!0;e.onload=function(){if(!a.FacebookIWL\|\|!a.FacebookIWL.init)return;var b=j(g.ENDPOINT);b!=null&&a.FacebookIWL.set&&a.FacebookIWL.set("tier",b);d()};a.FacebookIWLSessionEnd=function(){n.removeItem(m),a.close()};e.src=i(c,g.ENDPOINT);b.body&&b.body.appendChild(e)}var o=!1,p=function(a){return!!(e&&e.pixelsByID&&Object.prototype.hasOwnProperty.call(e.pixelsByID,a))};function q(){if(o)return;var b=n.getItem(m);if(!b)return;b=JSON.parse(b);var c=b.pixelID,d=b.graphToken,e=b.sessionStartTime;o=!0;h(c,function(){var b=p(c)?c:null;a.FacebookIWL.init(b,d,e)})}function r(b){if(o)return;h(b,func
Source: gtm[1].js.3.dr	String found in binary or memory: function Tq(a,b){}function Uq(a,b,c){};var Vq=!!A.MutationObserver,Wq=void 0,Xq=function(a){if(!Wq){var b=function(){var c=H.body;if(c)if(Vq)(new MutationObserver(function(){for(var e=0;e<Wq.length;e++)J(Wq[e])})).observe(c,{childList:!0,subtree:!0});else{var d=!1;hc(c,"DOMNodeInserted",function(){d\|\|(d=!0,J(function(){d=!1;for(var e=0;e<Wq.length;e++)J(Wq[e])}))})}};Wq=[];H.body?b():J(b)}Wq.push(a)};var Zq=["www.youtube.com","www.youtube-nocookie.com"],$q,ar=!1,br=0; equals www.youtube.com (Youtube)
Source: YZ4GE8GX.txt.3.dr	String found in binary or memory: www.linkedin.com/ equals www.linkedin.com (Linkedin)

Source: unknown

DNS traffic detected: queries for: www.artsenvoorwaarheid.nl

Source: 77EC63BDA74BD0D0E0426DC8F8008506.3.dr	String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: http://dev.wix.com/
Source: santa-components.prod[1].js.3.dr	String found in binary or memory: http://feross.org
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://img.youtube.com/vi/CakiQCH5ZY0/mqdefault.jpg
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://img.youtube.com/vi/CakiQCH5ZY0/mqdefault.jpg"
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: http://investors.wix.com/
Source: bolt-custom-elements.min[1].js.3.dr	String found in binary or memory: http://polymer.github.io/AUTHORS.txt
Source: bolt-custom-elements.min[1].js.3.dr	String found in binary or memory: http://polymer.github.io/CONTRIBUTORS.txt
Source: bolt-custom-elements.min[1].js.3.dr	String found in binary or memory: http://polymer.github.io/LICENSE.txt
Source: bolt-custom-elements.min[1].js.3.dr	String found in binary or memory: http://polymer.github.io/PATENTS.txt
Source: minified[1].js.3.dr	String found in binary or memory: http://rock.mit-license.org
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://static.wixstatic.com/media/139571a1212e4d3d8074041626ba3ed6.jpg
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://static.wixstatic.com/media/139571a1212e4d3d8074041626ba3ed6.jpg"
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://static.wixstatic.com/media/bc001baa4397444f809fa5f147c28a9e.jpg
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://static.wixstatic.com/media/bc001baa4397444f809fa5f147c28a9e.jpg"
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://static.wixstatic.com/media/d967ba93f0314c78924edc8a8c8cfa15.jpg
Source: bolt-main-prod-old[1].js.3.dr	String found in binary or memory: http://static.wixstatic.com/media/d967ba93f0314c78924edc8a8c8cfa15.jpg"
Source: lodash.min[1].js.3.dr	String found in binary or memory: http://underscorejs.org/LICENSE
Source: helvetica[1].css.3.dr, internet-explorer[1].htm.3.dr	String found in binary or memory: http://webfonts.fonts.com
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.WantToKnow.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.artsenvoorwaarheid.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.bluetiger.studio.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.deblijeB.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.deguldenmiddenweg.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.denieuwewereld.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.deoorlogreedsverloren.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.devrijemare.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.eenoorlogreesverloren.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.moederhart.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.vaccinvrij.nl
Source: ~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp.0.dr	String found in binary or memory: http://www.vrouwenvoorvrijheid.nl
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: http://www.wix.com/blog
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: http://www.wix.com/jobs/main
Source: gtm[1].js.3.dr	String found in binary or memory: https://ade.googlesyndication.com/ddm/activity
Source: gtm[1].js.3.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: analytics[1].js.3.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: f[1].txt.3.dr	String found in binary or memory: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://bo.wix.com/suricate/
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://browser.sentry-cdn.com/4.6.2/bundle.min.js
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://browser.sentry-cdn.com/5.21.4/bundle.min.js
Source: wixui.Captcha.chunk[1].js.3.dr	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=3056
Source: wixui.Captcha.chunk[1].js.3.dr	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=4118
Source: gtm[1].js.3.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://de.wix.com/outdated-browser/internet-explorer
Source: wixui.Captcha.chunk[1].js.3.dr	String found in binary or memory: https://developers.google.com/maps/faq#languagesupport
Source: wixui.Captcha.chunk[1].js.3.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/language
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://es.wix.com/outdated-browser/internet-explorer
Source: wixui.Captcha.chunk[1].js.3.dr	String found in binary or memory: https://facebook.github.io/react/docs/top-level-api.html#react.createclass
Source: react.production.min[1].js.3.dr	String found in binary or memory: https://fb.me/react-polyfills
Source: santa-components.prod[1].js.3.dr	String found in binary or memory: https://feross.org/opensource
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/amaticsc/v16/TUZ3zwprpvBS1izr_vOMscGKfLUE.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/amaticsc/v16/TUZyzwprpvBS1izr_vOECOSZ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/anton/v15/1Ptgg87LROyAm3Kz-Ck.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs_.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51oq.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/barlow/v5/7cHrv4kjgoGqM7E_Cfs7wHk.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/barlow/v5/7cHsv4kjgoGqM7E_CfOA5WouvTw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/basic/v10/xfu_0WLxV2_XKTNw6Fc.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/caudex/v10/esDQ311QOP6BJUr4zfKH.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/caudex/v10/esDS311QOP6BJUr4yMKDtbw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/caudex/v10/esDT311QOP6BJUrwdteUkp8F.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/caudex/v10/esDV311QOP6BJUr4yMo4kK8BMpM.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/chelseamarket/v8/BCawqZsHqfr89WNP_IApC8tzKChiJgk.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cinzel/v11/8vIU7ww63mVu7gtR-kwKxNvkNOjw-jHgfY3lCw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cinzel/v11/8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lCw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cookie/v12/syky-y18lb0tSbf9kgqU.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/corben/v14/LYjAdGzzklQtCMpFHCZQqnos.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/corben/v14/LYjDdGzzklQtCMpNpwND.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cormorantgaramond/v10/co3WmX5slCNuHLi8bLeY9MK7whWMhyjYrEPzvD-KzhU.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cormorantgaramond/v10/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQEl5fvg-O.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cormorantgaramond/v10/co3ZmX5slCNuHLi8bLeY9MK7whWMhyjYrEtImSw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/cormorantgaramond/v10/co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtM.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/damion/v10/hv-XlzJ3KEUe_YZkamww.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/dancingscript/v16/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7B1i03Sup6.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/dancingscript/v16/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup6.woff)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GR1SDk_YAPI.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GR2SDk_YAPIlWk.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GR4SDk_YAPIlWk.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GR5SDk_YAPIlWk.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GR6SDk_YAPIlWk.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GR7SDk_YAPIlWk.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GRxSDk_YAPIlWk.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweD81ZyHKpWiGIg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweDQ1ZyHKpWiGIg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweDU1ZyHKpWiGIg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweDY1ZyHKpWiGIg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweDc1ZyHKpWiGIg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweDg1ZyHKpWiGIg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v12/SlGWmQSNjdsmc35JDF1K5GRweDs1ZyHKpWg.woff2)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v15/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI95.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v15/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-DPNkBI95.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v15/SlGFmQSNjdsmc35JDF1K5GRwUjcdlttVFm-rI7dbR799U64.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/ebgaramond/v15/SlGFmQSNjdsmc35JDF1K5GRwUjcdlttVFm-rI7e8QL99U64.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/enriqueta/v10/gokpH6L7AUFrRvV44HVr92-3n9xD.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/enriqueta/v10/goksH6L7AUFrRvV44HVjTEqk.woff)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/enriqueta/v9/gokpH6L7AUFrRvV44HVr92-3kdxFiafDFtAi.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/enriqueta/v9/gokpH6L7AUFrRvV44HVr92-3n9xFiafDFg.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/enriqueta/v9/goksH6L7AUFrRvV44HVjQkqisv5Io53K.woff2)
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/enriqueta/v9/goksH6L7AUFrRvV44HVjTEqisv5Iow.woff2)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/forum/v11/6aey4Ky-Vb8Ew8IROpQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/frederickathegreat/v10/9Bt33CxNwt7aOctW2xjbCstzwVKsIBVV--SjxbE.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/jockeyone/v10/HTxpL2g2KjCFj4x8WI6AnIHxGg.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/josefinslab/v13/lW-qwjwOK3Ps5GSJlNNkMalnrxShJj4wo7AR-pHveD0NKIie.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/josefinslab/v13/lW-qwjwOK3Ps5GSJlNNkMalnrxShJj4wo7AR-pHvnzoNKIie.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/josefinslab/v13/lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W71msR349LA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/josefinslab/v13/lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W776rR349LA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/jura/v16/z7NOdRfiaC4Vd8hhoPzfb5vBTP1d7ZumR_4.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/jura/v16/z7NOdRfiaC4Vd8hhoPzfb5vBTP266pumR_4.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/kellyslab/v11/-W_7XJX0Rz3cxUnJC5t6fkQLeA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHjxsAXC-s.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPHw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u_w4BMUTPHjxsI5wq_Gwfr.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wWA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/librebaskerville/v9/kmKhZrc3Hgbbcjq75U4uslyuy4kn0qNcWxEQCg.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/librebaskerville/v9/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcY.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/librebaskerville/v9/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxU.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/lobster/v23/neILzCirqoswsqX9zoKmNQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/marckscript/v11/nwpTtK2oNgBA3Or78gapdwuyyCg5.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/monoton/v10/5h1aiZUrOngCibe4TkHLRA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZ2.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUQjIg1_i6t8kCHKm459WxRyS7g.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD-A.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhzQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/mrdehaviland/v9/OpNVnooIhJj96FdB73296ksbOg3F60U.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/niconne/v10/w8gaH2QvRug1_rTfnQyn3w.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/noticiatext/v10/VuJ2dNDF2Yv9qppOePKYRP12Zjte.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/noticiatext/v10/VuJodNDF2Yv9qppOePKYRP12Ywtan0g.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/noticiatext/v10/VuJpdNDF2Yv9qppOePKYRP1-3R5NuGvW.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/noticiatext/v10/VuJrdNDF2Yv9qppOePKYRP12YwPhulvShDM.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMQQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMQQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/overlock/v10/Z9XQDmdMWRiN1_T9Z7Tc0FWJhr6j9w.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/overlock/v10/Z9XSDmdMWRiN1_T9Z7xizfmLtro.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/overlock/v10/Z9XTDmdMWRiN1_T9Z7Tc2O6slQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/overlock/v10/Z9XVDmdMWRiN1_T9Z7TZ6Oo.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/patrickhand/v14/LDI1apSQOAYtSuYWp8ZhfYe8XsLN.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/play/v12/6ae84K2oVqwItm4TCpAy3A.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/play/v12/6aez4K2oVqwIvtU2GQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v22/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UXtHA
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v22/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtU.
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtU.
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlEw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLmy15VF9eI.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfedA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiGyp8kv8JHgFVrJJLucHtG.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/questrial/v13/QdVUSTchPBm7nuUeVf70viFj.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfJg.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrMfJg.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrc.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrc.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TzBic6CsI.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzQ.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc-.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxM.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/rozhaone/v8/AlZy_zVFtYP12Zncg2kRcn3_.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sacramento/v8/buEzpo6gcdjy0EiZMBUG4C0f-w.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sail/v11/DPEjYwiBxwYJJBPJBw.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/sarina/v11/-F6wfjF3ITQwasLRKUrT.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/signika/v12/vEFO2_JTCgwQ5ejvMV0O96D01E8J0tJXHKbBjMg.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/signika/v12/vEFO2_JTCgwQ5ejvMV0O96D01E8J0tKwG6bBjMg.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/spinnaker/v12/w8gYH2oyX-I0_rvR6HmX23YM.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/suezone/v5/taiJGmd_EZ6rqscQgOFMmo0.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY9z_wNahGAdqQ43Rh_ebrnlwyYfEPxPoGU3ms5pIfe.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY9z_wNahGAdqQ43Rh_ebrnlwyYfEPxPoGUOWw5pIfe.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/worksans/v9/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoA.woff)
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://fr.wix.com/outdated-browser/internet-explorer
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://frog.wix.com/bt?src=29&evid=3
Source: bundle.min[1].js0.3.dr, bundle.min[1].js.3.dr	String found in binary or memory: https://github.com/getsentry/sentry-javascript
Source: gtm[1].js.3.dr	String found in binary or memory: https://github.com/krux/postscribe/blob/master/LICENSE.
Source: imageClientApi[1].js.3.dr	String found in binary or memory: https://github.com/madrobby/zepto/blob/master/MIT-LICENSE
Source: imageClientApi[1].js.3.dr	String found in binary or memory: https://github.com/madrobby/zepto/blob/master/src/detect.js#files
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://github.com/wix/yoshi/issues/2689
Source: minified[1].js.3.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: f[1].txt0.3.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1006927621/?random
Source: gsap.min[1].js.3.dr	String found in binary or memory: https://greensock.com
Source: gsap.min[1].js.3.dr	String found in binary or memory: https://greensock.com/standard-license
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://ja.wix.com/outdated-browser/internet-explorer
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://ko.wix.com/outdated-browser/internet-explorer
Source: lodash.min[1].js.3.dr	String found in binary or memory: https://lodash.com/
Source: lodash.min[1].js.3.dr	String found in binary or memory: https://lodash.com/license
Source: lodash.min[1].js.3.dr, lodash.min[1].js0.3.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.
Source: lodash.min[1].js.3.dr	String found in binary or memory: https://openjsf.org/
Source: gtm[1].js.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: gtm[1].js.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com/
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://polyfill.io/v3/polyfill.min.js?features=fetch
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://pt.wix.com/outdated-browser/internet-explorer
Source: insight.min[1].js.3.dr	String found in binary or memory: https://px.ads.linkedin.com/collect?
Source: insight.min[1].js.3.dr	String found in binary or memory: https://px.ads.linkedin.com/insight_tag_errors.gif?
Source: react-dom.production.min[1].js.3.dr, react.production.min[1].js.3.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: wixui.Captcha.chunk[1].js.3.dr	String found in binary or memory: https://recaptcha.net/recaptcha/api.js
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://ru.wix.com/outdated-browser/internet-explorer
Source: core[1].js.3.dr	String found in binary or memory: https://s.pinimg.com/ct/lib/main.c6ca189a.js
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://siteassets.parastorage.com/pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.addres
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://siteassets.parastorage.com/pages/singlePage/viewerViewModeJson
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/client/pfavico.ico
Source: imagestore.dat.3.dr	String found in binary or memory: https://static.parastorage.com/client/pfavico.ico~
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/Container_DefaultAreaSkin.0b1317f3.chun
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/FiveGridLine_NotchDashedLine.aad659a0.c
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/SlideShowSlide.ed4bbfec.chunk.min.css
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/VerticalMenu_VerticalMenuSolidColorSkin
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/VideoPlayer.06bb53f1.chunk.min.css
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/bootstrap-components-responsive.4c4fb78
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/componentSdks.53d69c69.bundle.min.js
Source: F2MQQRVE.htm.3.dr, thunderboltElements.07dab272.bundle.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/editor-elements/dist/thunderboltElements.07dab272.bundle.min
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v11/wixMade
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v7/helvetic
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/santa/1.1651.0
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/tag-manager-client/1.427.0/siteTags.bundle.min.js
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/web/1.1777.0/javascript/wysiwyg/viewer/deprecatedbrowsers/Up
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-bolt/1.7264.0
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-bolt/1.7264.0/bolt-main/app/bolt-custom-elements.min.js
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-bolt/1.7264.0/bolt-main/app/main-r.min.js
Source: F2MQQRVE.htm.3.dr, internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-perf-measure/1.501.0/wix-perf-measure.bundle.min.js
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/bi-common.inline.126f35b2.bundle.min.js
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/bi.inline.cf9319d3.bundle.min.js
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/bi.inline.cf9319d3.bundle.min.js.map
Source: F2MQQRVE.htm.3.dr, bootstrap-features.53639d1b.bundle.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/bootstrap-features.53639d1b.bundle.min.
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/browser-deprecation.inline.36d57dbc.bun
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/createPlatformWorker.inline.f762923e.bu
Source: custom-elements-polyfill.39b1b49f.chunk.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/custom-elements-polyfill.39b1b49f.chunk
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/externals-registry.inline.d76c0075.bund
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/initCustomElements.inline.b649141a.bund
Source: intersection-observer-polyfill.67fb87dd.chunk.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/intersection-observer-polyfill.67fb87dd
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/main.a9ba068a.bundle.min.js
Source: main.a9ba068a.bundle.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/main.a9ba068a.bundle.min.js.map
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/sendFedopsLoadStarted.inline.5a36bd68.b
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/tslib.inline.909b9ad8.bundle.min.js
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/tslib.inline.909b9ad8.bundle.min.js.map
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/webpack-runtime.2bd38f9a.bundle.min.js.
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/windowMessageRegister.inline.6ff9ddf9.b
Source: wix-resize-observer-polyfill.56f8c1c1.chunk.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-thunderbolt/dist/wix-resize-observer-polyfill.56f8c1c1.c
Source: viewerComponentService.bundle[1].js.3.dr, dataRefs.bundle.min[1].js.3.dr	String found in binary or memory: https://static.parastorage.com/services/wix-ui-santa/1.1606.0/
Source: F2MQQRVE.htm.3.dr, internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/core-js-bundle
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/focus-within-polyfill
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/lodash
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/react
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/react-dom
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/requirejs-bolt
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.parastorage.com/unpkg/whatwg-fetch
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://static.wixstatic.com/media/311dce_77ca1007cf83485da0b7e16ffb9735ac~mv2.png/v1/fill/w_1200
Source: analytics[1].js.3.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: f[1].txt.3.dr, analytics[1].js.3.dr	String found in binary or memory: https://tagassistant.google.com/
Source: fetch.umd[1].js.3.dr	String found in binary or memory: https://tools.ietf.org/html/rfc7230#section-3.2
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://users.wix.com/wix-users
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://www.artsenvoorwaarheid.nl
Source: F2MQQRVE.htm.3.dr, ~DFF2A861D030BF6D04.TMP.2.dr	String found in binary or memory: https://www.artsenvoorwaarheid.nl/
Source: {822F0859-D85A-11EB-ADCF-ECF4BBB5915B}.dat.2.dr	String found in binary or memory: https://www.artsenvoorwaarheid.nl/Root
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://www.artsenvoorwaarheid.nl/informed-consent
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.google.com
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://www.google.com/intl/en/chrome/
Source: f[2].txt.3.dr	String found in binary or memory: https://www.google.com/pagead/1p-user-list/642100862/?random
Source: f[1].txt1.3.dr	String found in binary or memory: https://www.google.com/pagead/1p-user-list/819384062/?random
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.google.com/pagead/conversion_async.js
Source: f[2].txt.3.dr	String found in binary or memory: https://www.google.de/pagead/1p-user-list/642100862/?random
Source: f[1].txt1.3.dr	String found in binary or memory: https://www.google.de/pagead/1p-user-list/819384062/?random
Source: gtm[1].js.3.dr	String found in binary or memory: https://www.googletagmanager.com/a?id=
Source: gtm[1].js.3.dr, f[1].txt.3.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.3.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://www.mozilla.org/en-US/firefox/new/
Source: F2MQQRVE.htm.3.dr	String found in binary or memory: https://www.nvkp.nl/fileadmin/nvkp/pdf/NVKP_kinderen_en_Covid-19_met_bronnen.pdf
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://www.wix.com/favicon.ico
Source: internet-explorer[1].htm.3.dr	String found in binary or memory: https://www.wix.com/outdated-browser/internet-explorer

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49227
Source: unknown	Network traffic detected: HTTP traffic on port 49185 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49189
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49188
Source: unknown	Network traffic detected: HTTP traffic on port 49181 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49186
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49185
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49184
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49183
Source: unknown	Network traffic detected: HTTP traffic on port 49189 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49182
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49181
Source: unknown	Network traffic detected: HTTP traffic on port 49204 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49195 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49176 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49191 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49214 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49218
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49217
Source: unknown	Network traffic detected: HTTP traffic on port 49184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49216
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49215
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49214
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49212
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49211
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49177
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49176
Source: unknown	Network traffic detected: HTTP traffic on port 49190 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49175
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49174
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49173
Source: unknown	Network traffic detected: HTTP traffic on port 49188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49172
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49171
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49170
Source: unknown	Network traffic detected: HTTP traffic on port 49228 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49167 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49177 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49238 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49217 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49169
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49202
Source: unknown	Network traffic detected: HTTP traffic on port 49187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49167
Source: unknown	Network traffic detected: HTTP traffic on port 49183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49231 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49174 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49235 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49216 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49218 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49238
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49235
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49234
Source: unknown	Network traffic detected: HTTP traffic on port 49186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49182 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49231
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49197
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49230
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49196
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49195
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49194
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49193
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49192
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49191
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49190
Source: unknown	Network traffic detected: HTTP traffic on port 49196 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49229 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49175 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49169 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49229
Source: unknown	Network traffic detected: HTTP traffic on port 49215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49228

Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49167 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.129.26:443 -> 192.168.2.22:49169 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49172 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49171 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49173 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49176 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49174 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49175 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.129.26:443 -> 192.168.2.22:49170 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.102.176.152:443 -> 192.168.2.22:49178 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.102.176.152:443 -> 192.168.2.22:49177 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49183 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.231.78.0:443 -> 192.168.2.22:49181 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.231.78.0:443 -> 192.168.2.22:49182 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.217:443 -> 192.168.2.22:49186 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.194.217:443 -> 192.168.2.22:49187 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49185 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.246.6.109:443 -> 192.168.2.22:49184 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.61.163:443 -> 192.168.2.22:49188 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.61.163:443 -> 192.168.2.22:49189 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.2.188.208:443 -> 192.168.2.22:49190 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.2.188.208:443 -> 192.168.2.22:49191 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.2.188.208:443 -> 192.168.2.22:49192 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.188:443 -> 192.168.2.22:49193 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.188:443 -> 192.168.2.22:49194 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49196 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49197 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.198:443 -> 192.168.2.22:49202 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.22:49211 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.198:443 -> 192.168.2.22:49204 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.15:443 -> 192.168.2.22:49212 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.212.162:443 -> 192.168.2.22:49214 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.212.162:443 -> 192.168.2.22:49215 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.58.212.162:443 -> 192.168.2.22:49216 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.35:443 -> 192.168.2.22:49227 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.186.35:443 -> 192.168.2.22:49228 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.37:443 -> 192.168.2.22:49218 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.174.11.37:443 -> 192.168.2.22:49217 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.194:443 -> 192.168.2.22:49230 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.194:443 -> 192.168.2.22:49229 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.35:443 -> 192.168.2.22:49234 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.240.17.35:443 -> 192.168.2.22:49235 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.22:49238 version: TLS 1.2

Source: classification engine

Classification label: clean1.winDOCX@4/145@23/16

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

File created: C:\Users\user\Desktop\~$rona als Dank.docx

Jump to behavior

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

File created: C:\Users\user\AppData\Local\Temp\CVRB8C3.tmp

Jump to behavior

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE 'C:\Program Files\Microsoft Office\Office14\WINWORD.EXE' /Automation -Embedding
Source: unknown	Process created: C:\Program Files\Internet Explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\Internet Explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3044 CREDAT:275457 /prefetch:2
Source: C:\Program Files\Internet Explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3044 CREDAT:275457 /prefetch:2	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\StartupItems

Jump to behavior

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

File opened: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\MSVCR90.dll

Jump to behavior

Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE	Process information set: NOOPENFILEERRORBOX	Jump to behavior

ID:	441230
Product:	CloudBasic
Start time:	14:47:27
Start date:	28.06.2021
Sample:	Corona als Dank.docx
Cookbook:	defaultwindowsofficecookbook.jbs
System description:	Windows 7 x64 SP1 with Office 2010 SP2 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
Architecture:	WINDOWS
MD5:	a19832a2c9c96060b65abb12ec718d6e
SHA1:	3f7a955accb1b1a9ea77a8f02006fa8781f1232c
SHA256:	44756d412d9244cc966b63f44435779e9d9d6fe55fd15c08818b1614c8f81312
Filetype:	Word Microsoft Office Open XML Format document (49504/1) 49.01%

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506	Microsoft Cabinet archive data, 61020 bytes, 1 file	2902DE11E30DCC620B184E3BB0F0C1CB	5D11D14A2558801A2688DC2D6DFAD39AC294F222	E6A7F1F8810E46A736E80EE5AC6187690F28F4D5D35D130D410E20084B2C1544
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506	data	A924971BF538FC7CF77BFD2230924E08	6A2290C099F00E8B5CD9AE78CE418BB1F4B40712	B68F2603780F879F9353EDA23D9FD39D9E0CA4B07E256C669C25573F41F7D99B
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	DA597791BE3B6E732F0BC8B20E38EE62	1125C45D285C360542027D7554A5C442288974DE	5B2C34B3C4E8DD898B664DBA6C3786E2FF9869EFF55D673AA48361F11325ED07
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\MP98E46N\www.wix[1].xml	ASCII text, with very long lines, with no line terminators	FFE1FF03BE9445755001FEDB8E338B8C	F575FF145531800C1537A35CB210BBED97A52955	E0506F713DCDD3F892F65660C20BEAB6C46B32DB406F2ED882E23ED9554753CF
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{822F0857-D85A-11EB-ADCF-ECF4BBB5915B}.dat	Microsoft Word Document	99407C7AD25C5EB96E03F5AA16CC730C	BD3B4D0DAC43F6C17F30705AF7240C79FD3E3999	8BECF02A849C96627A86115B8CA8B521D31C0C57B78A7B75CA58CFCCE80C80EE
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{822F0859-D85A-11EB-ADCF-ECF4BBB5915B}.dat	Microsoft Word Document	B5D5451040A493256D8F5D315983DCEE	BB81843C7E21D61CE5256A2F9872A63C647B44CB	3702A140993696CE73BFE7ADED7F30E319E7ED0D4F848597B5DA7A7419E0EFF8
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9928C6D3-D85A-11EB-ADCF-ECF4BBB5915B}.dat	Microsoft Word Document	A19C5B7BFDC5254423E0C131738D48A7	112F8963B47D560FB9B372E93DAFA61C838450D6	8CE476361B240C7BAF3E4A3DBE6BA65E0C8753B985195372A150E7F794AF3E77
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\lr5drzg\imagestore.dat	data	2A3DEDBED1F7425CFC1062B3A017FD73	D6771AD13E9D1D5137C1ECCA4627CA868B1A515C	3FA7DBA70AD80939A2F9E185A925BB3AD8CCD59008B1CF341EB4BF5FD15880E0
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\3d84bae5ad4d4d8a96de15e9f4b79a08[1].svg	SVG Scalable Vector Graphics image	4D0FFCA03B31AE92FB3459ACF490DB9A	4D94E2F3BEF0A284997C1D18EAF83514C40F1F72	C2DC7E0BECDBAB5E9A5C79E527BB95FEC10667645CC6F2F8177F5E0F4F585EA1
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\bolt-components[1].js	ASCII text, with very long lines	4AAA5B353FC13CC4D663255ED0CEE7C7	B377411DCD8DAE53A57636620CED628EC716263F	61665413ECBD4B293E42FFB74DF9D777FEE7B88ED79F56E7738786B131E1E254
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\bolt-custom-elements.min[1].js	UTF-8 Unicode text, with very long lines	74617A356F6C89B687D1119B3D2B532C	D24C8CCACE36E06B20D51595A8F0BB9B1F6148AC	3E5CED91EFBF38CB2FBF01DA33BBDE1B54FFD75C9D4E46C5A1C72928A0501E6E
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\color.min[1].js	ASCII text, with very long lines	7F8F0363808B72AE76DE192F51689D33	212EEE29A63222FD2B558CC5F432347EE31407D8	CE88CFE2A86DD05C6ED0B3A876C0FD93C3B5CCCAE146D2FB9CF0BA2E2EC729F6
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\comboBoxInput.min[1].js	UTF-8 Unicode text, with very long lines	00F241AA303942FD276951555595909C	FEF3B3743F9C1CDCD0C721257ECD2518A56159C2	3601506B77DB5387EBA5B37EE822469B053D30233B9B9CCF0A94BDA50DEC0400
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\components.min[1].js	UTF-8 Unicode text, with very long lines	09CE194FFCE597D89F2925A3064ADB14	9BCA6646FEB35112AA9300364D43E7753A863739	5647256A5B2A82B190036331306BBC74D447456DC95BCF0270579FCF573122A9
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\componentsCore.min[1].js	ASCII text, with very long lines	D6CF1EBA6C70BECBEF2E84177BE65EF7	D496CF49D9EFBFA8622950A9353A9AEB959D5C35	151A1E3A41FD50F31D96EB76EE9C3F2160387B8DF4E751C2DD92584BF18665BD
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\dataRefs.bundle[1].js	ASCII text, with very long lines	F9566BB58AE69CE40A18EF585AECB63C	4B369BE919F55D3C594749D16741BFA1C148A3B4	6B3B422CFAE9850BD0D8CF21582A5A7FE5A5419D219183841DE3732B4810F167
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\f[1].txt	ASCII text, with very long lines, with no line terminators	B6040C8B4CC68C2280D4A03433512ABD	CE1310D66C871889CAEE1D9721DCF8E03721CAD3	F6D40D28DC5AD8998DB2FF238DBE3D5E5F4EBA1868985D80131AC3A98DCF7F3A
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\favicon[1].ico	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	DA597791BE3B6E732F0BC8B20E38EE62	1125C45D285C360542027D7554A5C442288974DE	5B2C34B3C4E8DD898B664DBA6C3786E2FF9869EFF55D673AA48361F11325ED07
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\fetch.umd[1].js	ASCII text	456C02EE2A496580A24E5AEE614BA9B3	508EF9378B49D348BC88C92E02F459724971EA5F	9A0C4301B6E804A7A808EB69694ED08567605811AE9BEF1D3F19C88E20BDEC92
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\helvetica[1].css	ASCII text, with very long lines	39099ECA9738473EAA97CA6D87F4A5BF	6BA90D5D62954E52271BB44A2F5EE008CA576FAE	2A238BAB6155365B6F5257D64D17277B0E70E5A217B90D53F2A3FC96F6707A9E
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\imageClientApi[1].js	UTF-8 Unicode text, with very long lines	BF11A31D6BD9EAD3F8EF9C871D38EAB7	EF16C90A04FF70B304F222A6FFC97336D817FED9	7A1E77C13481F363D05F6612817E84C7C27F2E294AB84609C5442542F63C80AF
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\internet-explorer[1].htm	HTML document, UTF-8 Unicode text, with very long lines	2909FF085BFA6DF335D90A6B800B4754	34082C0ADB144A674A899876C1A3F6299F3D3A3C	DFA6F160548A2B080CB97C4F8407273C334F708EBA7BD4BAF38060EF5F6E535A
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\layout.min[1].js	ASCII text, with very long lines	3C7BE492D3FCBF651216971F47F16B47	AD5ACD4A9EF738034D62240D58682AEB9C540490	4420362D8F902E22B9562DB3B9AA303531AD297D15ED3E17BDDB19047A4C729D
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\lodash.min[1].js	ASCII text, with very long lines	9BECC40FB1D85D21D0CA38E2F7069511	AE854B04025DB8B7F48FDD6DEDF41E77EAE44394	A9705DFC47C0763380D851AB1801BE6F76019F6B67E40E9B873F8B4A0603F7A9
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\main.a9ba068a.bundle.min[1].js	ASCII text, with very long lines	8C73CAA238BB7708721AF6FD22CD5BCC	ECEB37269E2D0126EF65F1D5D492869365FDDBD4	4828215E368CDDB0EBDAF5D047C35C70E172C6125B0F5CEB5775D70B8BEA8CB9
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\main.c6ca189a[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	FC68B47C0F233BB6631EE8E94771528F	3DB3643B63E57E026D2D89B285FB669E7CDAF194	6E68C7F596671913CDE21EA0A5C4367B743A79422D87B0659E22F00673C5AEB8
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\minified[1].js	UTF-8 Unicode text, with very long lines, with LF, NEL line terminators	18EB21E8D1074FD7A594D3748BA0CB33	0A226FA07A6E2DB5F5F03F1E980740CB67CEBFFA	C64775436F34A6D26E276BBBC97BECDA2D4C73F15D70D5B13587D72123DFC5FD
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\react.production.min[1].js	ASCII text, with very long lines	EDF56A42BCA6B565BF7DFCBD8FFC221A	31CB4CEA0064ED80C1B0C5F5D58E1956A7E2293F	C9486F126615859FC61AC84840A02B2EFC920D287A71D99D708C74B2947750FE
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\requirejs.min[1].js	ASCII text, with very long lines, with no line terminators	18823F6A6D208EE1E361BB266AB794D5	E9FA356AC13BD24C051804A6E4EC3E053BC8001C	D5F10F852B112A514A19F2B778EEF5D2D1307878757F0A24539C051831CEFAF8
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\tr[1].gif	GIF image data, version 89a, 1 x 1	B798F4CE7359FD815DF4BDF76503B295	F8CC6ADDF1707AD236AD9970B0A48F9733D07DA5	10D8D42D73A02DDB877101E72FBFA15A0EC820224D97CEDEE4CF92D571BE5CAA
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\warmupUtils.min[1].js	ASCII text, with very long lines	1A5877338994D930F3A420B91DE9FE58	C0C7E4F7DDC46F78117C8499D1653DD729364F95	F1AA81CE2B1B682CD90663DA8326B775569B78C2A12836BE751ED6360698FFCE
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\warmupUtils[1].js	UTF-8 Unicode text, with very long lines	AFC6490902D6657926F4A87927EE82FE	DD9C648CB400CDAD9CA8B47FA6F0FAC359D8F6A6	9751D4502766815EE357F5E4712E77B9DCB8E07E0E707F9C1AA48E5D5D0E6515
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\wixMadefor[1].css	ASCII text	D76884A66F7EE1E86BE1841EE2B954F4	7BA60D9EAECD1E5CC809368B5912BBA8F370D3E2	DB704B465A4ED21E3950FE3FFD95DBAA22F130D73AE7064D7E1EB643BF68A4C1
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\wixui.Captcha.chunk[1].js	ASCII text, with very long lines, with CRLF, LF line terminators	6B17728A7AF8BBB32B5C1D8B8D219BA8	72E31504D27646632B85508B89B61D74889D5DD4	E5ABAD50092D7EE0D9C75945152BCB383F43BD78D6502B0B670EF096A616F3A6
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\wixui.StylableButton.chunk[1].js	ASCII text, with very long lines	F75363F15AEB3199495C50D3FB3167E1	35B6F65FDA472D5105D72AC3E71AB585D9EFCB09	D0C8E3EC83BD76EC5724A8DD62EAFA0709B74A5BB6DEA6D3CF1B5FE53C882EF5
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\zepto.min[1].js	ASCII text, with very long lines	50A4556B0089CFA1CB61E88EA23BBCCE	6865443A258954FA19B8AA682E1F4C77D42493D1	BEB9F5E32ED61FBCE010497242A9B6B8219242B5FFC636038E7891510C773725
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\050b1948-f226-4d20-a65a-15d8ed031222[1].woff	Web Open Font Format, TrueType, length 22912, version 1.0	6AA6E18FE4F8FCAF8147E6196A2ED4F2	94850CC02FDD10CE3626B4717A20BA2A84E36720	4A636E6C5A476278C861C00829AFB12B122F074B1E34693C8C6788D857D66D2F
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\1006927621[1].gif	GIF image data, version 89a, 1 x 1	D89746888DA2D9510B64A9F031EAECD5	D5FCEB6532643D0D84FFE09C40C481ECDF59E15A	EF1955AE757C8B966C83248350331BD3A30F658CED11F387F8EBF05AB3368629
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\26b8484e-52e3-44ac-b958-865809934ebb[1].woff	Web Open Font Format, TrueType, length 48908, version 1.0	B1C2C4A57ABC248FA5B015E5DD93000C	E287387E70687D521E839DF86F38CFF3F1D71301	4D18B41D696C25E7E1A9372398C555C52162D9C995552E792ECDC054274CC8F2
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\36c796_223f054ee81b4205b73998fe4dce1fb2~mv2[1].jpg	[TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 245x98, frames 3	639FBF0EAFE4AECDBBBAFCA7A2851D48	D00CD2EA32466878BCF42E555A20387D85886594	14540CBA108F63B6A17B23C9DA7387F04C19BB75B582DB684719163ADA14297D
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\642100862[1].gif	GIF image data, version 89a, 1 x 1	6A3F2D147842187CD48B1546EDDD5BA0	AB278C31189DF2939428CF81A3850A2C6DBF5E2E	D4990F907BCA02F02B3D41216EEA5461609D4BCBA07A3CBEE0D7CF28A6D0D864
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\67da9da8-4b53-4407-9184-abce69bfc8b5[1].woff	Web Open Font Format, TrueType, length 31640, version 1.0	24174D7A19C1C3BDB8863E4D5966C81E	C6D6A0E39D2F1F02875D29645922100ACD5F67CC	AEB41D763A82AA10BFE8C920F7C7DC92A6F4FD07083AA9272F488C1834F21CBA
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\819384062[1].gif	GIF image data, version 89a, 1 x 1	6A3F2D147842187CD48B1546EDDD5BA0	AB278C31189DF2939428CF81A3850A2C6DBF5E2E	D4990F907BCA02F02B3D41216EEA5461609D4BCBA07A3CBEE0D7CF28A6D0D864
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\9362bca5-b362-4543-a051-2129e2def911[1].woff	Web Open Font Format, TrueType, length 22131, version 1.0	C79267643FBCE46F7FE3B1A1A390B5E5	946A77EA7F1DFD9990A448087A93367D311C618D	734C66A2EBF94202AB98FA4F2AE3874FA5582E5579114D2567FBD85012916365
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\F2MQQRVE.htm	HTML document, UTF-8 Unicode text, with very long lines	612F638153331AFEBAEBBD3342A1113F	DFA74B975063102F7C6F4DC35E811722697655F3	A5A2C8167B9F85AD1C47C9F89337CA2F179EBCC642303963E17E22A029F8E8AA
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\WixMadeforDisplay_W_Bd[1].woff	Web Open Font Format, TrueType, length 27080, version 1.13107	19D333269CAABD296357B1A7E72FBB5D	FBE6AB746415B8713FFFE51DFFFDC3C9D59BC40C	8A6A9A30D97D0C3591326A34B222515BA5A5B7D16E68F4FF49DDBE0FA13EB541
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\WixMadeforText_W_It[1].woff	Web Open Font Format, TrueType, length 27412, version 1.13107	8E17780BCDC9E29BFDF2B5EC643E7B3B	CFBB4904DAF466D0AD0864DC43249C30866E7285	507BC6DAB5FCF62276BFEE3155DDF6083AE9EBB54729FB56040A60DEE9C705B3
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\analytics-event-adapter.bundle.min[1].js	ASCII text, with very long lines	B52699D1ECC78BA53EEB09387232F122	216F19C6339FB0DDD4AB634500F1A14BF3A31C34	B13F6BD317BB3A04B14262D8F535E4F5C8773352513DC698CF7A3305F4AC9E71
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\analytics[1].js	ASCII text, with very long lines	042B7183D8645F5CF9D0D6ACD5FF8358	447A98467EA31E253ECB63EE8564C8B5E1E77D58	73D6A5EA11FB7BF6E6A6CCD44B1635D52C79B0A00623D0387C9DDDD4B7C68E89
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\bundle.min[1].js	UTF-8 Unicode text, with very long lines	CA197586ED80A7767CC602668C7B18BE	4C529C1C294D362DE3CC90CAF487FFEEA8827F56	D58AE5786D8A1FECE18908C69B138536CB2FC61A5507ACFC2A7107A2D31F10DD
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\coreUtils[1].js	UTF-8 Unicode text, with very long lines	FEFA989A1F936A1372036154B69DCA6A	B09FA1B7AA091DE9D946887DA05F8B0978989298	4C200060AB0507A801B7BE75C1DC313213AE0F97BAD1B8A8F30E8A6E7502A4C0
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\dataRefs.bundle.min[1].js	ASCII text, with very long lines	9A2AD0B81CF5F46469435545EC3B7104	268225661D68496F35E6B349DCA76EA33AE34EFC	6C36B17EEF5EF3AA7F1086E689A34C0FB765F6764B2CDEE97975DE049CA70AF6
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\f[1].txt	ASCII text, with very long lines, with no line terminators	BD2DB6BB122E3A08F4FA8435FC4B47D4	3702481D984D9F303F76F451F6DFDFAB46A1DF5A	57FDBEA2496F74AA186E1106D698E9005DEFF40B266474C872DBB004DBD5256A
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\f[2].txt	ASCII text, with very long lines, with no line terminators	B05F16DD239CCCF2C618B75656046D36	6D267295BA5828DB5A1AFB06AC1FA82D6FF36833	24673FA988F4E9A5167816D9D8913903372DA1E43D8DC36B1DE8B329BC77AC28
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\frame-listener.bundle.min[1].js	ASCII text, with very long lines	D829108208F1EB9B9BC884C5E6C43A54	05A79B7F0738CFD2F2FE3C6CEBDBD0A7702EB44C	22EE05C11B27143CF6474926408154A2723EC321249FAF6684BACA657F64B723
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\insight.min[1].js	ASCII text, with very long lines	C4440888B2ED74F2A104115FC1D3C737	81359FD8D29CF6AFFD5B27317C379E53DDAEF00F	6E6E6A03E72A528C28884B50BF296425667F38DD0AAF1DD17CE89199FFC85271
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\lodash.min[1].js	ASCII text, with very long lines	BC0594C54450E8AC689739B6B198067A	32F09EC3EC0950F47A35FC0D656559D5B164DACD	55E35A1415438685F71FE809DFB0E94FF9D3B994DD8D8AE8F7206BB878D59A84
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\overrides.bundle[1].js	ASCII text	2E3F3B6393C59BC6AB16AAFC53E537B4	0E541D34E050FF4CEDE41D94CF3AA4E02DE2B5B0	D0EA72D47CE376B628257394F8ACB5DED4A33B1FFB73EF9F1A023C8C972D52DD
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\siteTags.bundle.min[1].js	ASCII text, with very long lines	74B64900831A2E814A8FF0CDEDCF80CB	AF47310E4A322F6CA516C97BD6DF09C38C36177E	A055462E069AB37C3C269BF8B80C7C1AAFA72B7D2F0B7699833F87558B06A0CC
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\skin-utils[1].js	ASCII text, with very long lines	A14782F687921049A8B790DDD8585B03	4F931B2C0F446FAB96CBC029EF87E0E8187A8FDA	73DB5B78DBB98A5758A9FCC7FE9B381678375B287341D7638EB8915ACB3B4997
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\skins.min[1].js	UTF-8 Unicode text, with very long lines	970A5A90DD7AEB73F403E86EE4849B87	92A921A29F5761C1F0E4C2D39779CED837A9D18B	B9362DD9B9D3272E10799E1B366D08279BA21E45766E15E994597131B4D87526
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\src=4382365;type=count;cat=websi0;ord=1;num=4397511000816;gtm=2wg6n0;u1=undefined;~oref=https___www.wix[1].htm	HTML document, ASCII text, with very long lines, with no line terminators	F84C21E13587FA410F294A5FFC07105A	9271766F54253750F6059B8CAD1875F71C3B5654	12AFD579411EF1A7E88BB2C74B39B68E90A4DCFB1E273450A863C8DABCD9CD64
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\src=4382365;type=count;cat=websi0;ord=1;num=4397511000816;gtm=2wg6n0;u1=undefined;~oref=https___www.wix[2].htm	HTML document, ASCII text, with no line terminators	5EDEA4CDE2C1A9C8E8150DEAF71CE73D	725019DAAF24DED79DCAAC96C897CC4727CC8B35	05978957C6C8B028F2785DC77271C286BFAC76E30B7BCD7E835C2927FBE897CF
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\thirdPartyAnalytics.min[1].js	C source, ASCII text, with very long lines	907C5062AE2E2C1732B12348708E30A0	832E34675A984610BF11BE4810D0ECEEF30FE240	32567FEC7314C675F45B50A968C9B6AB076AB459C00362CFE7EC8CFD08A18D1A
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\tr[1].gif	GIF image data, version 89a, 1 x 1	B798F4CE7359FD815DF4BDF76503B295	F8CC6ADDF1707AD236AD9970B0A48F9733D07DA5	10D8D42D73A02DDB877101E72FBFA15A0EC820224D97CEDEE4CF92D571BE5CAA
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\urlblockindex[1].bin	data	FA518E3DFAE8CA3A0E495460FD60C791	E4F30E49120657D37267C0162FD4A08934800C69	775853600060162C4B4E5F883F9FD5A278E61C471B3EE1826396B6D129499AA7
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\v3[1].gif	GIF image data, version 89a, 1 x 1	9B8D19F4310C758344E40BF17FBC7E85	2290EF058812D5F5E398736E2316CBA8CF8093CF	37B17C5135A176A9474521AF147D96DFA1FB4CA0F43F00D1400BD1885BE3AB9B
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\v3[2].gif	GIF image data, version 89a, 1 x 1	9B8D19F4310C758344E40BF17FBC7E85	2290EF058812D5F5E398736E2316CBA8CF8093CF	37B17C5135A176A9474521AF147D96DFA1FB4CA0F43F00D1400BD1885BE3AB9B
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\viewerComponentService.bundle[1].js	ASCII text, with very long lines	5F3E9DF0BD2ABB3656165C971DEDAF4D	B09C2DF939E0AFB70A1BBEC93357D4CFC47E10DA	B0522077490AFBABD5D4F924A89FE89E842EFEB98822526294D3D1CEF33B6EB1
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\viewerScript.bundle.min[1].js	ASCII text, with very long lines	89FF53B24905C33CB74C5831238E80AE	E7971439BF381FD02F6AAFF879BB05726D47A7AD	F48DE2017182C4BA6F7011A1B6CDBFB3BBB25C4B285393009E9944198EBB4DC8
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\wix-dom-sanitizer[1].js	ASCII text, with very long lines	BF53692C2D49A9E59E611AF682416BB4	87ED7DA4FD43B66A124D4180CE69596C88672F6D	76F4A71B7ED39504017336D133F172CECEF1B2505E2557746E44F4647097BE5E
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\wix-resize-observer-polyfill.56f8c1c1.chunk.min[1].js	ASCII text, with very long lines	41F8238C3628CF2F1006CEA34CCF3231	5801EA10823609B8E835716A030EC6AF7A08BAC4	5075CD8D885EEEE885C19B24251B671E81F1D542E5C810397E5DAE49A124F7D0
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\xss.min[1].js	ASCII text, with very long lines, with no line terminators	03A1F336E798CB76FD006A89BB5C86CD	22DD332C6E792D26784CA427F4E95BB45AB5EDA1	7021FC60565C79ECBE0D8113A83DBF68E9E719EFEAC07B360D9CDA18863E5A55
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\50ac1699-f3d2-47b6-878f-67a368a17c41[1].woff	Web Open Font Format, TrueType, length 22537, version 1.0	AFC80FD38B63916E55B3434D6DC50AA8	A93E6A628D615ECC4A03268D615B2C7339BB82CA	8E1FB2C958070695B9633261993A47CDAC70A25EB9C321EA0DC7207036D5140D
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\704136006388169[1].js	ASCII text, with very long lines	7D7A91C5FB82395B67E33FB5F283A68D	AAB171A1DDAFF79719B87844909E0E6EE6C54431	D1284DE679390F5B2E27DBAB52AD23761F66996A58425929E44C9AEE1EAED5B8
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\ProfileCardController.bundle.min[1].js	ASCII text, with very long lines	DE322298E943CF779F4CB282D2F369B4	768894FB2B1FF1160082228075F36CF6AE792587	C0F2B17933B579AC121A4A02C50A30E18DF4865DA27693C6EC8AD2341EFA73D2
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\WixMadeforText_W_MdIt[1].woff	Web Open Font Format, TrueType, length 29748, version 1.13107	32F3E3707D0AB7F9D86367FB30425ABF	BE74B2636AE55828943F0145479557A1F44FBD8A	0570726D9B35862B303637EFFD8718EE7E2BE3088EFFD566BEE07D443AEEE6EB
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\WixMadeforText_W_Md[1].woff	Web Open Font Format, TrueType, length 27876, version 1.13107	7EFC62924AA0D697C0FE9592A2DA44A5	27D1436BD7E9C36ECCBD295622584E1332E8DDE5	158A4B3011AB5707FA5A4AE4FD3858A187A13022E1AA9C98EE5ACDF04AC4C6BF
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\WixMadeforText_W_Rg[1].woff	Web Open Font Format, TrueType, length 26104, version 1.13107	1A0CA11ADF2C74087410EC6D02B86AA7	E8B0C1A2D023E989D0270898F8C863AB5F9DF11F	F2E3AE2666C03A75C5A9DF7073540DE7E55E168327AEA24BDFE1F9D7796C6F0C
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\activityi;src=4382365;type=count;cat=websi0;ord=1;num=4397511000816;gtm=2wg6n0;u1=undefined;~oref=https___www.wix[1].htm	HTML document, ASCII text, with very long lines, with no line terminators	D79A4A451F7EC7C544DBF9D73C45C03D	A69F4ABB11D564D7FB5E26A5FA491743BD475247	C477B0D9C6A1A2F32EAAE814521DF22B96FEB7C0F8EDA74B6267BB2C152CF47C
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\backgroundCommon.min[1].js	ASCII text, with very long lines	D80649607043BFA952989CCA71197D59	E6EC186A15B37B4F33AC8886B184A9D0305C6F56	59C24AC72D1B4C54D7D470C8F48EE7116CBD4E924DBF5D5D05FD4D30575B6577
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\bat[1].js	ASCII text, with very long lines, with no line terminators	5562385CBAFDDC33276BA10BA59890F7	A030EE46C99511E12EBB6257138FBE3E75232540	73E2E5173ED0D5A77B02914FA0EF1F67BB53143DA75F0348F558F95565220CA1
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\bc176270-17fa-4c78-a343-9fe52824e501[1].woff	Web Open Font Format, TrueType, length 30192, version 1.0	4DC77F0FF1474412272BA230B085D035	E2558F88D8F2878B4A5510967D107223B6C29BD1	C629B3CE163A14DF3B642F01044A989647EBBDB0F7D5D1D95783BDCE89A8A666
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\bootstrap-features.53639d1b.bundle.min[1].js	ASCII text, with very long lines	16EF54B37117FB41D86C1FF75EA6E79E	A812A5EB71AB8F1F3534E8CACC56685DBAA217EF	8AC1BCBAF1AE78F7E6BB52DEEDCEBF9FE7DCA269C1E3476CB1AFFFDE2809AFF9
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\bundle.min[1].js	ASCII text, with very long lines	6167461CDB31A9A37C6CB908EE20F437	2351DAECD6BBEE25A9790FF7887AA2D995A5EB81	010C6C3D69720442EB181274E95F61FBBB3486DA6338E3BA129287B7077627FE
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\ca003289-5ee3-45c2-94ad-36c743c35fc1[1].woff	Web Open Font Format, TrueType, length 31147, version 1.0	F3471862C553872A8A36648B3D1F55D4	FD60A4A0674CFCB218C2CC425222501D78815087	8177D7B57C7E74E786593452C92DCCE54B2610766530F30E856848E56A603E46
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\cdn_detect[1]	ASCII text	7C12772809C1C0C3DEDA6103B10FDFA0	12039D6DD9A7E27622301E935B6EEFC78846802E	4795A1C2517089E4DF569AFD77C04E949139CF299C87F012B894FCCF91DF4594
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\core[1].js	ASCII text, with very long lines, with no line terminators	57947439B864E017FEED0D94316D5A8C	BB614192B65263446730B24D157A7DE812344394	503F17F1EAD39E733BBF304E686D367D5C7051A5DF079F15B7E251B479959B13
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\custom-elements-polyfill.39b1b49f.chunk.min[1].js	ASCII text, with very long lines	DFE52C9F7BABD80F905E827D5F55933B	E7E488D0063A2C563A09DDF8868F00746D7E5CCE	988E9DD23AA9172B6C5494C1C8F0CBF88ACC1D90D6B5014FE7884D024B28D326
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\displayer.min[1].js	ASCII text, with very long lines	978C38A84D041B8081A7E7C7AC37AA3D	39E070B520F2475E7DF8C69DAC7BE8F806BFEA84	A57295E4D49D2ACE0D529E2EABDFC2B9957F7986116CE3079B6397DAD0CB0F72
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\focus-within-polyfill[1].js	ASCII text, with very long lines	C187011C9A45C15A6FCBF5D62A5D755F	E3FD6FAED2154EE94559F362EA0390B46ABF75BB	452A163BE231D77006015E7D6F2A5B8AB5987D915C1F1E6907DDFBBA3AEC6EEC
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\galleriesCommon.min[1].js	ASCII text, with very long lines	01D80E46A9B39435AC06B3C210BDF2C8	9BD64459F8CC105C84779C5E25912174437CD2C2	22B1E0568CFC5107C5D59C07056BA7C03F39C9666F1D70701FC89B9FFFC2AF3B
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\identity[1].js	ASCII text, with very long lines	A4B4E2FB56CBAC0AA769F30236149A3B	2B80252D14157774F2F06A65EE9B55B66CF4D8DB	3BEA34F20C813024F046166FB0AD98A8EB93D5AB93052CEB993EEE238ECE5B66
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\imageZoom.min[1].js	ASCII text, with very long lines	40BFEEEE9DB56B7C198C3FC40F037C96	2DB70EA24C760A0BFCE5E0747312D2416CDA9A4D	6AFE17ED07B060DCFBF39804D0ABC5F9B6514C57B956ED29FD51021E67286128
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\intersection-observer-polyfill.67fb87dd.chunk.min[1].js	ASCII text, with very long lines	E9B45B82453DD736C5DF26BB5AF37C03	541A574186A57C42A2CF001745C311F75B7DE1CF	B638F0A9AB14A9DEDDBA3576B7B8299C419D980ACFF9DE9EE1B62C02093C2F49
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\main-r.min[1].js	UTF-8 Unicode text, with very long lines	E68524881B247597994CE5FAF1ACE88F	AC3DCD3CACBD8BB6D076171E6BD961CBC44A0659	1EE4BD7DA67BCEDB101FA317B6B6619FEAAB6797458BF87D501B9846BE80FC8F
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\mobileLayoutUtils.min[1].js	ASCII text, with very long lines	F9312036ED8D97FBF474A25E24B3CE64	26198A3647E40E7E22BD58739CE1D497A707A10D	4B7ED33BC551F23E4CDB54C2A9D05DAEA0A718FFD911049E8D762DFE8E59B2DE
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\pm-rpc.min[1].js	ASCII text, with very long lines	6D2CE335B730660879C0B6949489201C	04207F9F622E642A257E7C60EB95368F8C77D49E	F6F745CF79C117E16618576087B958DF0B47361BB672BD270F37CC7246C85FA7
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\santa-components.prod[1].js	UTF-8 Unicode text, with very long lines	FCA502DA484645AC792BAEA4F24A48EB	CBCBB91C2B5C7DD2483CE65D10FB5EF7E8757D70	F00D4C9E8A993C8799CE055C21F8BF9EE8475C20B3B1A04708568BB7CC028BC4
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\skinExports.min[1].js	ASCII text, with very long lines	E3B310E8689B6965D19169917C521FB4	198FFCD1FCA30A54E77AAEC71CE000772FDB1C30	33B44DD1DD54694D140CAFA355D6F929354909A8DF68CF24E739B0ED3FB13FB3
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\viewerViewModeJson[1].json	UTF-8 Unicode text, with very long lines, with no line terminators	A44F1D0E278CEAFA2A4C196BE3E330B9	E215FBFE0E87F5E09195D674AFDE774CD555F965	F4E1BB17B15E3B4A318E74EF943FEB689C59DCC5B99B378F644676585E87B694
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\viewerViewModeJson[2].json	ASCII text, with very long lines, with no line terminators	0DDD51DEAAC875812ACFF08EEE8865E8	0AA7DD170116F406FBBA61255A53CB2C589C801E	EEA53DA93D00FE18DC4A8563A22F8646542EBCF41AB21CE26A3F5F65E5C600FC
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\49631ce8-9201-47a8-8874-45371417c35f[1].woff	Web Open Font Format, TrueType, length 46997, version 1.0	27D4ADB0671DCD86A9D940D0619D9768	B4F8BBA6352C36D0A1D45B506BDC27BA6D6FC5AE	A5441B3F8476E6178BAC04CD2C8204C4D30B6DF8408ACF90317EB583DF7DB4D5
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\ScrollToPlugin.min[1].js	ASCII text, with very long lines, with no line terminators	D29232AA62F9740CB6F1A8CEDC26D8DC	E6742CEE6B36AE8EB1BF26D4529BC7BA2AEB8D3E	7090E6A71A15E2D47E830528798A657BECC16D41B78EADE27EC8624EA6A38812
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\WixMadeforText_W_BdIt[1].woff	Web Open Font Format, TrueType, length 28692, version 1.13107	9557403059EA8B62EF946E44250971FA	F5D7EA5B2DDE5D291490E7AF03DD72E70114299B	0871C5BF40DA6C907DFD85E3803AC0A950029E66BA1C970B7F4BD5F713541B59
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\WixMadeforText_W_Bd[1].woff	Web Open Font Format, TrueType, length 26940, version 1.13107	1B77CABA6C9D4D264DD5E101A8326D9D	0AEF11FFF06D2A166705A50E44E545B3D7FE5DF3	640522494DAF6FB6A791DC1D67AE7A3884D25F87E439A83EC59BAF71D5E39D63
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\bolt-main-prod-old[1].js	UTF-8 Unicode text, with very long lines	9F28BA3398110B8ADBAF3CFA5448424B	6DA96C048375B63FE8C53DF4DBD81982B7E5D268	5248C7F1D9BC66B3F095B9DCF9A8205B1EB23807FCD7A5BF20DC79BB35514B1B
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\bolt-main-r.animations[1].js	ASCII text, with very long lines	5112E2448CDFCD600FD8AE8CEA4F2E18	81EB20408588FBF6773DA8870DC81B2CDC2EEAD9	5F64A46FE3986511A45732CE9A888E738131FD614CE1B06E565CD589AABB25C8
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\bolt-main-r.init[1].js	ASCII text, with very long lines	25A63C0AE966BD76C3C5765B7D3BEACD	2A6E2E3B7959C14A554477AFE15B6ABC0B4854B6	9D24704FA0C1018EF8660960C12B1DF87796883E2318FE731C70AF1AC8F3E553
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\bolt-main-r.vendors~init[1].js	UTF-8 Unicode text, with very long lines	D6474CD7BFB01E1CEC10034FF8E78D9F	14BC582F100995F0C280FEC721B1EE393FE520F7	01B6CEF8BAA50E5A8180621C6496301EDB7E1C835F195031323725463D2B59E7
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\bundle.min[1].js	ASCII text, with very long lines	E2A262292E08E10807A052B02C5951E9	21769E4CBA828D2225D4247D1B14D550C77954E3	635B050935D2360B9D5FD1F7E7FA3C6B949A14809518AF434C0F31F3AF393046
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\clientWorker.0eb5dbb0.bundle.min[1].js	ASCII text, with very long lines	880560D747C808A74D002B46F6694083	0769072C4D4C91321FCCF8E20455F3F93CF692DC	654B21E72D445BD5010627EBA4639C65A51C8B2B92E83F3F63B2B1ED5EC5A339
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\coreUtils.min[1].js	UTF-8 Unicode text, with very long lines	0FE10139CBFED012C055D8A44B10641A	65199F4D007FB04D255A7C97A7C5A369D61810DB	F61C07CF695B3F699393F9BF4024F36D221D57B90B58D9BA90A301B3F502876F
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\f[1].txt	ASCII text, with very long lines	5EF22C21B317FD3D68435F65D5D32C25	5BDF3EDE274481C5FA9DC71169719A6329D7F609	92BD24374FB205C765A133D522ACB2772693D2CCD486B7855E2447918DE296A1
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\fbevents[1].js	ASCII text, with very long lines	7D0176E2E41E8C19FEBAD043A44369D2	74717141EE34016163D0625497697AEDB618E7EE	F35FD99C15DE392199C3C5B116FAB65BB8AAAAA74BCF1C1729E9E01BB26780E7
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\gsap.min[1].js	ASCII text, with very long lines	663FD753CAE2B462CF8ED119C3F991AB	06A63BC0EC823880B5420C23071E3C3C0582C11A	732117AC92A33B760D9290A33F1541762EE9449DC417EA249B5A0DF50738AD16
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\gtm[1].js	ASCII text, with very long lines	37E24F383C42D99C2E4A90E5A21D013F	8500E5B83AC2B7666065ECEA7AE275A1F2496D37	DF091208001F0E5B08AD2704A4AE085DDF643BBE1BF7664AA76140A5A34B22E6
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\pfavico[1].ico	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel	B53CE85A6CCE2AE00037A6CA13C90866	292D9AEB457AB7FEDBAD452854332AEFF267A78E	33C1436F8C40CA2582D091C449FCCC34ED9BF73F02526C5FDEF44F4F06C6321B
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\polyfill.min[1].js	data	42E531D2C282ACC7A2EC77E00CEC1D10	87B8F7A381B07C2771F3CF4B651F304470B5F4D8	38F84B4BF4D91C67D64FFBEE5CC4B6A39BAA9653E5369532D902F9F06F650A57
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\react-dom.production.min[1].js	ASCII text, with very long lines	DCF51763FB4A654E15A4E6E7754CA5D2	BF19EC32AF23FB8F2C0C75549A3996B725F80D35	BC5B7797E8A595E365C1385B0D47683D3A85F3533C58D499659B771C48EC6D25
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\santa-animations[1].js	ASCII text, with very long lines	19F081BF57FC59651F6948EBD9FE63D5	3173319BAD8974EB84224F416A293DC0F326E018	B0BB3035E130188B671956EF5BD957B9281C19151CE60A742F4AD460CE1E3BC3
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\santa-components-layout.prod[1].js	ASCII text, with very long lines	7E287BDF343DA557A915BFCB40AE08E4	96790857D76D8EA49F533C89D848FAC73DCCF76C	C661B9B701C71340A925671BA2888A3E59AD66301D97490E82FAA8F5A01AE519
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\textCommon.min[1].js	ASCII text, with very long lines	56CE57CA0F78C1AB251596C253AC711B	D407A6A577BC5AB9923144E6F2FD533AFC854489	FBF6CBE620C3A67FBE96FB584E322C290C007E8FCB9666BE52AAB0586679FD65
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\thunderboltElements.07dab272.bundle.min[1].js	ASCII text, with very long lines	67EE84519E54E331B9B20436117F1767	DE4D402C43EE1B3DA3EFEEAD320BDEB3B44C69E6	62C8078243968370D037C844C32744A14579CE75A302902FB52B186A18E1BD0C
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\tpaComponents.min[1].js	UTF-8 Unicode text, with very long lines	8498201A1530B7390D646F3ED7FA5D42	30907233847D6EB2F3723E64B2CC7FEC9566F90D	3A676AC279CCE9BA7F68A291589783F0E322FEA414C7551848F78449ACB3698B
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\wix-perf-measure.bundle.min[1].js	ASCII text, with very long lines	0E37060EF731C573612C3D7024490E64	26463B9C00B3EF3BEB89340399D5FEA74986FAF1	85A0E12E2B9DA4C18F8C348295244537AA93518D6151CEF0BF94E15358D4D32D
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\wixFreemiumBanner.min[1].js	HTML document, UTF-8 Unicode text, with very long lines	141A4EB927C4D7FD81F6344DF8B1DE6E	0112AE5D15519E993A41771FB3009A08BFD07912	AF7E09C58D9C820B8EE69C03F93DC6739DD8B9C5E945B07C91EA4D1138528E4C
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{0385B391-F231-42A8-B360-3F92DE6148F2}.tmp	data	88ED780A37B17DFB1A0AFB601CA08579	EE28D68357B4B02FDA017B455C86A2F9A35033C9	637EC231B766204FCD6AE73DF4C646B507387561B2440D756110D66DD60A5B7B
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{7621A4C2-B642-4F8D-8632-93AA6D767CE8}.tmp	data	1089E06FE44342CDCE0226CD53195A95	7853AAD9C2217CE31696AC7EAF3E96DCA635A9AD	52DB0E5018D1EDFB7602E24ED985CF6B1633AF26AF1B12B33648BF95AA9B2404
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{E195542A-72A2-4470-89E8-B7D87A58E0E0}.tmp	data	5D4D94EE7E06BBB0AF9584119797B23A	DBB111419C704F116EFA8E72471DD83E86E49677	4826C0D860AF884D3343CA6460B0006A7A2CE7DBCCC4D743208585D997CC5FD1
C:\Users\user\AppData\Local\Temp\Cab426C.tmp	Microsoft Cabinet archive data, 61020 bytes, 1 file	2902DE11E30DCC620B184E3BB0F0C1CB	5D11D14A2558801A2688DC2D6DFAD39AC294F222	E6A7F1F8810E46A736E80EE5AC6187690F28F4D5D35D130D410E20084B2C1544
C:\Users\user\AppData\Local\Temp\Tar426D.tmp	data	E4731F8A3E7352DBA44EC7D3DD15BAEA	D5CA0025FBD356DEB8EDE35001F93039625562A5	6C78EF77ACEF978321CCD30EE126FB7D30285BC186DDBDBE8B3E8F6E69D01353
C:\Users\user\AppData\Local\Temp\~DF558E196AB3AA55A0.TMP	data	C53630AC5583E3992E77C4901BAE9014	C35E4EB7FCBBEF3A227D54F22C25EE6F19AA024B	649C28996918CF5908C1E9FCA27E04CA73EC7D062FD9FFD00310EA1CBAAA9E2E
C:\Users\user\AppData\Local\Temp\~DFD129E0721F3AA129.TMP	data	F92732D887A3CC060C6CED3A5A1C6062	8E236F25B5E78A59AA6CC8B6D59DCD54648DB169	0279E5BEC8A124EA4573113EDC9412EC9412A1AB46DCC39F15630A25077F6769
C:\Users\user\AppData\Local\Temp\~DFF2A861D030BF6D04.TMP	data	B182EB63C703CC1F900AEA81E80E2386	0ECECA4DE9D035285F67784D14941E3DB128B68F	882D30D30FBEA28922000C717D0C8AFE45297E10273FC84323B48F5D90D593BF
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Corona als Dank.LNK	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Wed Aug 26 14:08:13 2020, mtime=Wed Aug 26 14:08:13 2020, atime=Mon Jun 28 20:47:31 2021, length=109718, window=hide	AC9047576FACAC0D7EAFF724BAE27687	7294C92C3DB56944CF519A23A66B1808B6B0ABAF	C670BDA2567372711FE94CF278AA8E15AEBCD7A927F993727BF5656660B032B7
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat	ASCII text, with CRLF line terminators	CCBB9B13D6396D97C17E0A84124E68D4	1683102B95F038BA363DDFA37B291C3D366A2A39	57460E3C69F379A47D864B0C46D36D6E6FCA453DACAE527751EB51D5014AABC3
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm	data	4CDEC46BF4C5E1435E277CB4821D6306	506F3E77835A2AE504189833D4EF30799A0ACE45	39A3F2156450758ACBBCB3D8E9461BB4CDD93F41A3EC3A4013F4EB8D2A906537
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\CT4F91JY.txt	ASCII text	214FC9AC0298B7F318265AA6D2EC1E95	054AC35D48A069636C5B04ED564387FA43A0B804	02E3C98379B0F9092B162684A3CE7ED5894B4A7F341AE116C4BAB3164506526C
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\RMZ2SHSQ.txt	ASCII text	02596EDEDC4AF6B32C43A39BCA10C3F9	0985907D6C5F2D12CD9241B49FAA6CC99192465A	311EFF412EB9643F45C5041126A3232EAE44175B3E111A61FD6243432C4A21DC
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\UCHMB3RH.txt	ASCII text	1F87310936BFDB20EC381538E9F4FF3E	D864DCDD64D6D46C60DF0CDF4CE16FE679A92272	AD32E3DBC59BA37DADF7DD6021444C8D9133F881030251661FCEA5644D89D3F1
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\UHF8WI88.txt	ASCII text	4EF4AD08BD5B376F097350662E0FDEED	D771E87B77F529E2A88F89C4B284F0D03B9C5347	A36399452892437A260727963C0D72193DBB73555D2AC2DCDB7CE457F9BD1C74
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\XYEHMSD2.txt	ASCII text	C48A49C41C87D31A5EB34AF0F2C79E14	239602FE9BA5D05A86BAC71F155237D724851CE5	A0E854E0558ACDC67E4A114E062CC8A7263B8B723E43B501298E8FE8218D5297
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\YZ4GE8GX.txt	ASCII text	1AF90BDBDC204C475C4CE9AA5F9FA4A6	96ACCDAF1013BDED70B7EA88E44D1CBE7F150AAC	54A8003613164F62A9A880F44333FFF1DC0060D0F958AF1775E4EF59D3F7E1E3
C:\Users\user\Desktop\~$rona als Dank.docx	data	4CDEC46BF4C5E1435E277CB4821D6306	506F3E77835A2AE504189833D4EF30799A0ACE45	39A3F2156450758ACBBCB3D8E9461BB4CDD93F41A3EC3A4013F4EB8D2A906537

Windows Analysis Report Corona als Dank.docx

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance:

Networking:

System Summary:

Hooking and other Techniques for Hiding and Protection:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Contacted Domains

Contacted URLs