Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

http://ulta.cm/

Status: finished
Submission Time: 2020-07-01 16:18:42 +02:00
Malicious
Phishing
Phisher

Comments

Tags

Details

  • Analysis ID:
    242617
  • API (Web) ID:
    380948
  • Analysis Started:
    2020-07-01 16:18:43 +02:00
  • Analysis Finished:
    2020-07-01 16:23:51 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 56
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
94.103.81.134
 Russian Federation
51.83.134.7
 France
103.224.182.250
 Australia
Click to see the 8 hidden entries
66.42.86.241
 United States
147.75.102.199
 Switzerland
104.18.226.52
 United States
63.34.150.94
 United States
172.67.195.108
 United States
103.224.182.206
 Australia
45.141.59.52
 Germany
104.16.132.229
 United States

Domains

Name IP Detection
cdn.onesignal.com
 104.18.226.52
apploopsapp.com
 94.103.81.134
b875c2d197a4b75575a6b0c9a1f3bd50-100.s.section.io
 147.75.102.199
Click to see the 12 hidden entries
api.mdsyzz.com
 172.67.195.108
apphroadapp.com
 94.103.81.134
cdnjs.cloudflare.com
 104.16.132.229
ulta.cm
 103.224.182.250
ngmnetwork-elb5.go2cloud.org
 63.34.150.94
bitcoinerawebsoft.com
 51.83.134.7
bidr.trellian.com
 103.224.182.206
etracking.pro
 66.42.86.241
investingalerts.pro
 45.141.59.52
cdn.jsdelivr.net
 0.0.0.0
go.t500trck.com
 0.0.0.0
static.hotjar.com
 0.0.0.0

URLs

Name Detection
https://bitcoinerawebsoft.com/images/favico.png
http://www.reddit.com/
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yJQB6x8/MOEdXlvPk7SJnDufONEVL5wEOpsPPwF59bY2Wj
Click to see the 55 hidden entries
http://www.apache.org/licenses/LICENSE-2.0
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css
http://www.nytimes.com/
https://bitcoinerawebsoft.com
https://etracking.pro/
https://investingalerts.pro/ch/bartarelli/index.hs.pro/ch/bartarelli/index.htm?uclick=uqe24pbl&uclic
https://www.googletraveladservices.com/travel/clk/pagead/conversion/
https://static.hotjar.com/c/hotjar-
http://bidr.trellian.com/javascript/jscheck.js
http://go.t50Fapi%2Fv1%2Fpixels%2F98264834%3Fpixels%3D808&apg=1&push=osYq7a5le89qN0SGzCBg%2BLRRzZ%2B
http://bidr.trellian.com/r.php?u=https%3A%2F%2Fetracking.pro%2Fclick.php%3Fkey%3Dqwed8r9svfdrrszcggrl%26subid%3D346117748%26kw%3D.ch.01%26sid%3D2020070200191306a9469c7188a82a14&s=j
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/fonts/glyphicons-halflings-regular.eo
https://stats.g.doubleclick.net/j/collect
https://etracking.pro/nlp/index.php?offer_id=1139&aff_id=5220&aff_sub2=e9da5uqe24pbl5fe&url_bnm_redi
https://getbootstrap.com)
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yJQB6x8%2FMOEdXlvPk7SJnDufONEVL5wEOpsPPwF59bY2WjouFAE14lH7MAIGxyqtIj6rNwbvujO4iW1SFFSjO2TCXWvLW6%2BCdm0yIYXnsffEcT9%2FxrEs36Yq7a5le89qN0SGzCBg%2BLRRzZ%2BPwFyp%2BO32ixI1LdbJOhjCRExMta9A0ROwIfXct8hZf7daqKJeQ8y4prvX7%2FORiSTi%2BRAYaX3iHfVEHRjVce5nGQYmtmmU1vkSjC6zpuLqNfaANig1X9CN0VH3fPzDJrngoLwmXLwUBIR63YXT3hBhQHfBac8iHsX4cUaMOVhcQELDlFlY%2BuJdogz%2BUgmWluOqMMExRLcoLMu7yHnLLyn33zO14P3H3llEXVksH%2FB217iAqs0pPwfprh3v6nfUEQ8Mx0vFH%2F15k8He2cCLduSt90wLIfGxcYLdfXFXhk7q9LsUPuAF6TGQVkNDLjrO5e4NuliOgbl0PWB%2BZ0DEGlIx%2FSgjjJAFgkDJV9ukV78IlSrMt1Dg7PbpCGXgfJH%2BmpBNjGZN6YhbYXCm5ELAQ6B9fG0ttJcqcfAHS%2BkjnqgesOoOcumawfelQpIaUqOKkXYtL8JppZL%2FtrQVfi3ubGgMFYE2wtwg5ckDt2VaW9FZ5k6TLqV0k6dRgvXJy6VoM9iqr6MdXh5Rp6z8FTeXwUhpHbp83V5JwzDvOMezu59X6AHzD6o%2BUQ%3D%3D
https://www.google.%/ads/ga-audiences
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/fonts/glyphicons-halflings-regular.tt
http://www.youtube.com/
http://ulta.cm/
https://github.com/jackocnr/intl-tel-input.git
https://github.com/twbs/bootstrap/blob/master/LICENSE)
http://www.wikipedia.com/
http://www.live.com/
https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css
http://bidr.trellian.com/r.php?u=https%3A%2F%2Fetracking.pro%2Fclick.php%3Fkey%3Dqwed8r9svfdrrszcggr
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/fonts/glyphicons-halflings-regular.sv
https://bitcoinerawebsoft.com/?click=98264834&mode=optin&api_url=%2F%2Fapploopsapp.com%2Fapi%2Fv1&pL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/fonts/glyphicons-halflings-regular.wo
https://etracking.pro/click.php?lp=1
https://www.googletraveladservices.com/travel/vacations/clk/pagead/conversion/
https://fontawesome.io/license
https://etracking.pro/favicon.ico
http://go.t500trck.com/aff_c?offer_id=1139&aff_id=5220&aff_sub2=e9da5uqe24pbl5fe
https://api.hostip.info/get_json.php?ip=
http://go.t50Root
https://apphroadapp.com/api/v1/geo
https://cdn.jsdelivr.net/npm/intl-tel-input
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&
http://www.amazon.com/
https://fontawesome.io
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.2/js/intlTelInput.min.js
http://www.twitter.com/
https://fontawesome.comhttps://fontawesome.comFont
https://fontawesome.com/license/free
https://api.mdsyzz.info
https://fontawesome.com
http://bidr.trellian.com/favicon.ico
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yJQB6x8%2FMOEdXlvPk7SJnDufONEVL5wEOpsPPwF59bY2
http://www.videolan.org/x264.html
http://getbootstrap.com)
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.2/css/intlTelInput.css
https://github.com/krux/postscribe/blob/master/LICENSE.
http://bidr.trellian.c
https://investingalerts.pro/ch/bartarelli/index.htm?uclick=uqe24pbl&uclickhash=uqe24pbl-uqe24pbl-pmi

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\index[1].htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\recaptcha__en[1].js
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\hiqtte24snwgkglyozuw[1].jpg
 [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:07:27 16:42:24], progressive, precision 8, 749x329, frames 3
 #
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\check[1].png
 PNG image data, 30 x 29, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\tick[1].png
 PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\testimonial4[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 482x446, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\testimonial3[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 482x446, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\testimonial2[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 482x446, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\testimonial1[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 482x446, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\styles__ltr[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\style[1].css
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\seenon[1].png
 [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:06:22 23:29:56], baseline, precision 8, 644x51, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\secure-trading[1].png
 PNG image data, 138 x 30, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\feature-img-1[1].png
 PNG image data, 119 x 113, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\pers-sprite[1].png
 PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\norton[1].png
 PNG image data, 80 x 43, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\mcafee[1].png
 PNG image data, 130 x 31, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\main.min[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\logo[1].png
 PNG image data, 1408 x 249, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\jscheck[1].js
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\join-us-bg[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2800x423, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\girl-holding-bitcoin[1].png
 PNG image data, 822 x 988, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\features-section-bg[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1928x1440, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\feature-img-3[1].png
 PNG image data, 124 x 112, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\feature-img-2[1].png
 PNG image data, 120 x 102, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\fa-solid-900[1].eot
 Embedded OpenType (EOT), Font Awesome 5 Free Solid family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z15[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z3[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z2[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z23[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z22[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z21[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z20[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z1[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z19[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z18[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z17[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z16[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\jfn5vt9dszilcurtwjlo[1].png
 PNG image data, 358 x 173, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z14[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z13[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z12[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z11[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\z10[1].jpg
 JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 50x50, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\xo0rgoorgbynpgw4kyqp[1].png
 PNG image data, 358 x 173, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\wy3fkittrrlvgut3odp2[1].png
 PNG image data, 358 x 173, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\w04ebxsdt1iehtc0j2ti[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 900x357, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\ooo3goob2pv5nlmdwwas[1].png
 PNG image data, 358 x 173, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\n4donflljypzf0jwaysp[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 336x182, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\kdsy10yyahownwemccbo[1].png
 PNG image data, 358 x 173, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\auto-push.min[1].js
 UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\api[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\anchor[1].htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\analytics[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\all.min[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\ainicniusbw2nyx3hlfi[1].png
 PNG image data, 358 x 173, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\KFOmCnqEu92Fr1Mu4mxP[1].ttf
 TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularht
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\KFOlCnqEu92Fr1MmYUtfBBc9[1].ttf
 TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto BlackRegularVersion 2.137; 2017Roboto-Bla
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\AsSeen[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x114, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\4zUBXLAMpjNjOZapL8pPAJwjFPlM6m_UqaAcXs9zzgI[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\v8bxa9r\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\ch[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{DB262748-BBA5-11EA-AAE7-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D3F77D14-BBA5-11EA-AAE7-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D3F77D12-BBA5-11EA-AAE7-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\BHYH095B\bitcoinerawebsoft[1].xml
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\ulprhvedsgozq6r6gy8t[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 502x564, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\custom[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\custom-alt[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\css[1]
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\bootstrap.min[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\bitgo[1].png
 PNG image data, 92 x 38, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\SFLogo[1].png
 PNG image data, 150 x 57, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\6NCCVA6T.htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\xjfu04hzwv1fubhhu6l7[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x469, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\wy3[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x450, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\wy2[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 768x500, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\wy1-1[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 850x478, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\wjee55cioggkempejeeg[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 660x358, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\233F11ZL\www.google[1].xml
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\rob3[1].png
 PNG image data, 358 x 177, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\r2[1].htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\pzeyweyjzrlzoje4avlz[1].png
 PNG image data, 660 x 358, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\pre-footer-bg[1].jpg
 [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2800x305, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\pptvygoaqatnopkvguc4[1].png
 PNG image data, 660 x 358, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\l4tebgz5cuohroqtccyi[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x392, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\intlTelInput[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\intlTelInput.min[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\index-en[1].dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\flags[1].png
 PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\fa-regular-400[1].eot
 Embedded OpenType (EOT), Font Awesome 5 Free Regular family
 #