Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

http://toplogicielespion.com

Status: finished
Submission Time: 2020-01-30 20:51:42 +01:00
Suspicious
Phishing

Comments

Tags

Details

  • Analysis ID:
    204706
  • API (Web) ID:
    306961
  • Analysis Started:
    2020-01-30 20:51:43 +01:00
  • Analysis Finished:
    2020-01-30 20:59:18 +01:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
suspicious
Score: 20
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
52.28.80.73
 United States
54.204.26.223
 United States
31.13.92.14
 Ireland
Click to see the 35 hidden entries
104.24.112.237
 United States
104.26.14.123
 United States
52.49.104.91
 United States
216.58.207.130
 United States
185.64.189.110
 United Kingdom
151.101.2.2
 United States
104.20.150.37
 United States
52.58.74.100
 United States
104.236.73.120
 United States
87.248.118.23
 United Kingdom
104.18.73.113
 United States
34.95.120.147
 United States
198.100.150.204
 Canada
35.157.249.39
 United States
147.75.84.39
 Switzerland
64.202.112.63
 United States
63.32.160.203
 United States
31.13.92.36
 Ireland
34.245.243.239
 United States
172.217.23.35
 United States
87.250.251.119
 Russian Federation
104.18.72.113
 United States
104.121.177.8
 United States
34.195.16.241
 United States
185.33.223.216
 Netherlands
172.217.22.194
 United States
108.177.15.154
 United States
172.217.23.66
 United States
35.190.72.21
 United States
3.122.174.9
 United States
151.101.112.84
 United States
52.214.49.237
 United States
104.28.30.118
 United States
147.75.32.99
 Switzerland
147.75.32.13
 Switzerland

Domains

Name IP Detection
stats.g.doubleclick.net
 0.0.0.0
ekr.zdassets.com
 0.0.0.0
cm.g.doubleclick.net
 0.0.0.0
Click to see the 67 hidden entries
static.hotjar.com
 0.0.0.0
script.hotjar.com
 0.0.0.0
track.mspy.click
 0.0.0.0
static.zdassets.com
 0.0.0.0
ads.yahoo.com
 0.0.0.0
vc.hotjar.io
 0.0.0.0
pixel.advertising.com
 0.0.0.0
ct.pinterest.com
 0.0.0.0
ups.analytics.yahoo.com
 0.0.0.0
d.adroll.com
 0.0.0.0
d.adroll.mgr.consensu.org
 0.0.0.0
adserver-vpc-alb-3-890571764.eu-west-1.elb.amazonaws.com
 63.32.160.203
map20-100.s.section.io
 147.75.32.99
ib.anycast.adnxs.com
 185.33.223.216
i.hoverwatch.com
 198.100.150.204
www.hoverwatch.com
 0.0.0.0
eb2.3lift.com
 0.0.0.0
ib.adnxs.com
 0.0.0.0
api.ipify.org
 0.0.0.0
s.pinimg.com
 0.0.0.0
googleads.g.doubleclick.net
 0.0.0.0
dsum-sec.casalemedia.com
 0.0.0.0
simage2.pubmatic.com
 0.0.0.0
vars.hotjar.com
 0.0.0.0
map16-100.s.section.io
 147.75.32.13
connect.facebook.net
 0.0.0.0
s.adroll.com
 0.0.0.0
trc.taboola.com
 0.0.0.0
pixel.rubiconproject.com
 0.0.0.0
www.facebook.com
 0.0.0.0
x.bidswitch.net
 0.0.0.0
sync.outbrain.com
 0.0.0.0
powerlinegroupinc.go2cloud.org
 34.245.243.239
adserver-vpc-alb-1-1446435489.eu-west-1.elb.amazonaws.com
 52.214.49.237
static2.mspy.com
 104.20.150.37
toplogicielespion.com
 104.28.30.118
idsync.rlcdn.com
 35.190.72.21
scontent.xx.fbcdn.net
 31.13.92.14
highstermobile.com
 104.24.112.237
tracker.mspy.com
 104.20.150.37
prod.ups-yahoo.aolp-ds-prd.aws.oath.cloud
 3.122.174.9
stats.mspy.com
 104.20.150.37
www.mspy.fr
 104.26.14.123
hoverwatch.com
 104.236.73.120
store.payproglobal.com
 104.121.177.8
in.hotjar.com
 52.49.104.91
cf.zdassets.com
 104.18.72.113
www.mspy.com
 104.20.150.37
alb-aws-fr-bswx-2-1673521430.eu-central-1.elb.amazonaws.com
 52.58.74.100
mc.yandex.ru
 87.250.251.119
prod.ups-eu-central-1.aolp-ds-prd.aws.oath.cloud
 35.157.249.39
mspy.go2cloud.org
 34.245.243.239
www.google.co.uk
 172.217.23.35
dualstack.pinterest.map.fastly.net
 151.101.112.84
elb097307-934924932.us-east-1.elb.amazonaws.com
 54.204.26.223
dualstack.engagement-bus-prod-641612343.eu-central-1.elb.amazonaws.com
 52.28.80.73
pug22000nf.pubmatic.com
 185.64.189.110
map16.e.section.io
 147.75.32.99
ds-geoycpi-uno.gycpi.b.yahoodns.net
 87.248.118.23
f2.taboola.map.fastly.net
 151.101.2.2
stats.l.doubleclick.net
 108.177.15.154
nydc1.outbrain.org
 64.202.112.63
us-u.openx.net
 34.95.120.147
pagead46.l.doubleclick.net
 216.58.207.130
star-mini.c10r.facebook.com
 31.13.92.36
q.quora.com
 34.195.16.241
pagead.l.doubleclick.net
 172.217.23.66

URLs

Name Detection
https://www.hoverwatch.com/cz/
https://static2.mspy.com/assets/img/sb-widget-logo-b.png
https://github.com/twbs/bootstrap/blob/master/LICENSE)
Click to see the 97 hidden entries
http://schema.org/CreativeWork
https://www.androidguys.com/community/mspy-for-android-keep-tabs-on-your-childrens-online-activity/
https://www.mspy.fr/photos.html
https://www.hotjarconsent.com/el.html
https://www.mspy.fr/how-mspy-works.html
https://www.hotjarconsent.com/
https://jquery.com/
https://www.hoverwatch.com/it/
https://www.mspy.fr/imessage.html
https://toplogicielespion.com/wp-content/uploads/2019/11/Highster-Mobile-iPhone-e1574176763370.png
https://www.googletraveladservices.com/travel/flights/clk
https://toplogicielespion.com/wp-content/uploads/2019/10/prix-mspy.png
http://127.0.0.1
https://schema.org
https://toplogicielespion.com/wp-content/uploads/2019/11/highster-mobile-tableau-de-commande-269x155
https://toplogicielespion.com/mspy-avis/"
https://www.pinterest.com/highstermobile25/
https://highstermobile.com/instagram
https://www.mspy.fr/?region=ZH&aff_id=ho_5548&utm_source=HasOffers&utm_medium=ho_5548&c=CH&city=Opfi
https://toplogicielespion.coRoot
https://toplogicielespion.com/blog/JBlog
https://www.mspy.fr/resellertc.html
https://www.hotjar.com
https://www.hoverwatch.com/sk/
https://highstermobile.com/faq
https://toplogicielespion.com/#/schema/person/c6cf28a6498f4a6239881997f037fe1d
http://www.amazon.com/
https://toplogicielespion.com/wp-content/uploads/2019/10/La-main-dune-femme-utilisant-un-smartphone-
https://yastatic.net/q/global-notifications/cc/_lego-cc
https://static2.mspy.com/favicon.ico
https://toplogicielespion.com/wp-content/uploads/2019/11/hoverwatch-logo-1-275x149.png
http://schema.org/BreadcrumbList
https://www.hotjarconsent.com/fi.html
https://d.adroll.com/uev/
https://static2.mspy.com/assets/img/pt.svg
https://www.mspy.fr/mentions-legales.html
http://www.imagemagick.org
https://www.mspy.fr/instagram.html
https://mc.admetrica.ru/sync_cookie_image_check
https://www.hotjarconsent.com/zh.html
https://sizzlejs.com/
https://twitter.com/mSpycom
https://highstermobile.com/end-user-license-agreement
http://www.youtube.com/channel/UC-3vAsy4_2Lmo_F2wV5bDGg
http://www.linotype.comhttp://www.linotype.comAvenir
https://static2.mspy.com/assets/img/_main-block-bg.jpg
https://www.mspy.fr/espionner-sms.html
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&
https://toplogicielespion.com/Root
https://toplogicielespion.com/blog/"
https://www.fatherly.com/gear/best-surveillance-apps-for-parents/
https://highstermobile.com/#website
https://toplogicielespion.com/
https://s.adroll.com
https://q.quora.com/_/ad/
https://www.stopbullying.gov/
https://www.mspy.fr/affiliates.html
https://www.mspy.fr/about.html
https://toplogicielespion.com/wp-content/uploads/2019/11/hoverwatch-avis-e1574180245715.jpg
https://toplogicielespion.com/#website
https://tr.mspy.com/
https://static2.mspy.com/apple-touch-icon-76x76.png
https://www.mspy.fr/espionner-snapchat.html
https://toplogicielespion.com/wp-content/uploads/2019/11/Hoverwatch-qualite
https://www.securitymetrics.com/site_certificate?id=1695256&tk=f83f3ee89f75725f57c7442c1fd877c4
https://toplogicielespion.com/wp-content/uploads/2019/11/hoverwatch-logo-1-184x100.png
https://static.zdassets.com/ekr/snippet.js?key=f0d17f31-d8b7-4a01-ba25-d9be9ea07bf8
https://ar.mspy.com/
https://www.mspy.fr/instagram-spy.html
https://www.ibm.com/developerworks/community/blogs/bae6a745-faab-4ee8-8c3b-0ce483a04daf/entry/Octobe
https://static2.mspy.com/apple-touch-icon-114x114.png
https://www.hotjarconsent.com/sv.html
https://www.hoverwatch.com/
https://thenextweb.com/guests/mspy-spy-app-review/#.tnw_amYhnYnv
https://toplogicielespion.com/avis/#webpage
https://www.hotjarconsent.com/fr.html
https://www.hotjarconsent.com/pl.html
https://toplogicielespion.com/wp-content/uploads/2019/10/Espionnage-de-donne
https://www.mspy.fr/espionner-tinder.html
https://toplogicielespion.com/mspy-avis/r
https://instagram.com/mspy_app/
https://toplogicielespion.com/wp-content/uploads/2019/11/logo-01.png
https://twitter.com/Highster_App
https://toplogicielespion.com/wp-content/themes/toplogicielespion/img/No_Image_Available.jpg
http://www.reddit.com/
https://toplogicielespion.com/wp-content/uploads/2019/11/hoverwatch-avis-300x150.jpg
https://highstermobile.com/#logo
https://highstermobile.com
https://www.mspy.fr/product.html
https://stats.g.doubleclick.net/j/collect
https://www.mspy.fr/reseller.html
https://toplogicielespion.com/wp-content/uploads/2019/10/activite
https://highstermobile.com/avada/wp-content/uploads/2015/10/highster-logo.png
http://getbootstrap.com)
https://highstermobile.com/iphone-monitoring
https://highstermobile.com/
https://www.hoverwatch.com/nl/

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\favicon[1].ico
 MS Windows icon resource - 1 icon, 48x48, 32 planes, 32 bits/pixel
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\roundtrip[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\plane[1].png
 PNG image data, 751 x 647, 8-bit/color RGBA, non-interlaced
 #
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\phone[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\opensans-extrabold-webfont[1].woff
 Web Open Font Format, TrueType, length 25944, version 1.0
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\mspy-avis[1].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\memnYaGs126MiZpBA-UFUKWyV9hvIqU[1].woff
 Web Open Font Format, TrueType, length 24076, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\main.532239b0[1].js
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\language[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\js[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\img-prome[1].png
 PNG image data, 644 x 353, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\image02[1].jpg
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\hoverwatch-avis-300x150[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x150, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\search-icon[1].png
 PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\favicon-32x32[1].png
 PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\blog[1].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\bat[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\avis[1].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\arrow-down[1].png
 PNG image data, 20 x 11, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\app[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\analytics[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\all[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\VZ4MZCE0.htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\No_Image_Available[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x209, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\NP9E46UD.htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\js[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\favicon[2].ico
 MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\favicon[1].ico
 PNG image data, 16 x 16, 4-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\android[1].png
 PNG image data, 112 x 180, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\LO5V7J4ZF5HWTLXCEY4ET3[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\AvenirNextLTPro-It[1].otf
 OpenType font data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\tr[1].gif
 GIF image data, version 89a, 1 x 1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\scene[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\redesign2[1].css
 UTF-8 Unicode (with BOM) text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\pt[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\muli-regular-webfont[1].woff
 Web Open Font Format, TrueType, length 25056, version 1.0
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\logo[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\NK40WK7H.htm
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\hoverwatch-logo-1[1].png
 PNG image data, 316 x 171, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\hoverwatch-avis[1].htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\favicon-32x32[1].png
 PNG image data, 32 x 32, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\fatherly-logo[1].png
 PNG image data, 111 x 29, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\f[1].txt
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\core[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\box-469cf41adb11dc78be68c1ae7f9457a4[1].htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\ajax-loader[1].gif
 GIF image data, version 89a, 16 x 16
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\about-line-center[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\sendrolling[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\app[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\advert[1].gif
 GIF image data, version 89a, 1 x 1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\about-line-left[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\AvenirNextLTPro-Demi[1].otf
 OpenType font data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\7X68JLAX.htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\2932208283672778[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\vt2ljlo\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\comment_espionner[1].jpg
 [TIFF image data, big-endian, direntries=12, height=516, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=700], baseline, precision 8, 700x385, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2A9083AE-439A-11EA-AAE3-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{20721892-439A-11EA-AAE3-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{20721890-439A-11EA-AAE3-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\WL9SA3PY\toplogicielespion[1].xml
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\UEVQABUD\www.mspy[1].xml
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\8D58UTWP\vars.hotjar[1].xml
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\2LKSGFKE\highstermobile[1].xml
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\mem6YaGs126MiZpBA-UFUK0ddcs[1].woff
 Web Open Font Format, TrueType, length 23836, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\Credit_Card_Safe_light[1].png
 PNG image data, 150 x 82, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\746989835745064[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\6FQ6CVN0.htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\4ZGASJ79.js
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\1x1.trans[1].gif
 GIF image data, version 89a, 1 x 1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\zendesk-cookie[1].htm
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\step-start-watching[1].svg
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\payment[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\normalize[1].css
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\modules.9ad849c74ae56ab50f63[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\minus[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\mem8YaGs126MiZpBA-UFUZ0d[1].woff
 Web Open Font Format, TrueType, length 24592, version 1.1
 #
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
 PNG image data, 16 x 16, 4-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\mem5YaGs126MiZpBA-UN_r8OVuhv[1].woff
 Web Open Font Format, TrueType, length 25228, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\map-pin-3d[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\main-about[1].png
 PNG image data, 399 x 202, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\main-about-300x152[1].png
 PNG image data, 300 x 152, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\js[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\invisible[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\index[1].js
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\hoverwatch-avis-275x138[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 275x138, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\glyphicons-halflings-regular[1].eot
 Embedded OpenType (EOT), GLYPHICONS Halflings family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\fr[1].htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\common_24ef6b97f72e0af1b3c44d67c1a83ab1[1].js
 UTF-8 Unicode text, with very long lines
 #