Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://angeloeyez.blogspot.com

Status: finished
Submission Time: 2020-07-03 08:44:26 +02:00
Malicious

Comments

Tags

Details

  • Analysis ID:
    243151
  • API (Web) ID:
    382006
  • Analysis Started:
    2020-07-03 08:45:02 +02:00
  • Analysis Finished:
    2020-07-03 08:50:47 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 56
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report
malicious
Score: 11/80
malicious

IPs

IP Country Detection
172.217.18.161
 United States
216.58.207.65
 United States
185.199.109.153
 Netherlands
Click to see the 7 hidden entries
172.217.23.97
 United States
172.217.22.66
 United States
172.217.21.194
 United States
59.127.213.219
 Taiwan; Republic of China (ROC)
172.217.18.98
 United States
216.58.206.2
 United States
172.217.16.162
 United States

Domains

Name IP Detection
www.googletagservices.com
 0.0.0.0
www.blogger.com
 0.0.0.0
3.bp.blogspot.com
 0.0.0.0
Click to see the 14 hidden entries
1.bp.blogspot.com
 0.0.0.0
googleads.g.doubleclick.net
 0.0.0.0
code.jquery.com
 0.0.0.0
resources.blogblog.com
 0.0.0.0
adservice.google.co.uk
 0.0.0.0
lh3.googleusercontent.com
 0.0.0.0
pagead46.l.doubleclick.net
 172.217.21.194
www.blogblog.com
 0.0.0.0
angeloeyez.blogspot.com
 0.0.0.0
googlehosted.l.googleusercontent.com
 172.217.18.161
xmr.omine.org
 59.127.213.219
photos-ugc.l.googleusercontent.com
 172.217.23.97
angeloeyez.github.io
 185.199.109.153
blogspot.l.googleusercontent.com
 216.58.207.65

URLs

Name Detection
https://xmr.omine.org/assets/v7.js
http://www.twitter.com/
https://resources.blogblog.com/img/widgets/icon_contactform_cross.gif
Click to see the 97 hidden entries
https://angeloeyez.blogspot.com/2020/06/all-clean-cln-01.html#more
https://1.bp.blogspot.com/-MEU0yps9KZ4/XtYQpiPpgOI/AAAAAAABFe0/3kuzRzAQZUExLG2Ieo1kLJguqYNgyq3VQCK4B
https://angeloeyez.blogspot.com/2020/06/keep-b1.html#commentsmoretskeep-b1.html
https://resources.blogblog.com/img/icon_inprogress.gif
https://angeloeyez.blogspot.com/feeds/4658405517440814697/comments/default
https://www.blogger.com/comment-iframe.g?blogID=5682877374648862806&postID=1752906290415956518&skin=
https://angeloeyez.blogspot.com/2020/06/all-clean-cln-01.htmlts
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=4209736874329189702&target=fa
https://angeloeyez.blogspot.com/2018/06/credssp-oracle.html#more
http://schema.org
https://angeloeyez.blogspot.com/2020/06/wiekurt-qt-m2006.html
https://angeloeyez.blogspot.com/2020/06/keep-b1.html#more
https://zenorocha.github.io/clipboard.js
http://www.amazon.com/
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=4209736874329189702&target=
https://www.blogger.com/profile/14975359921633576132
https://1.bp.blogspot.com/-cS4QE7z0UJY/XtiUkmtX64I/AAAAAAABFkk/ryM13B6l4KkrOMSjtErUji-slKE6MMjqACK4B
https://1.bp.blogspot.com/-wgBITkbOB30/XtYQqwwkWsI/AAAAAAABFfM/5fBbQm8s6jo0InU_yP3RBzKfRcavLffsgCK4B
https://googleads.g.doubleclick.net/pagead/html/r20200624/r20190131/zrt_lookup.html
https://angeloeyez.blogspot.com/2020/06/all-clean-cln-01.html#comment-form
https://angeloeyez.blogspot.com/search?updated-max=2020-06-01T14:37:00%2B08:00&max-results=7
https://angeloeyez.blogspot.com/search/label/%E9%9B%BB%E8%85%A6-Windows
https://twitter.com/intent/tweet?text=
https://googleads.g.doubleclick.net
https://angeloeyez.blogspot.com/2019/03/tcl-2-tcl.html
https://angeloeyez.blogspot.com/search/label/%E7%94%9F%E6%B4%BB
https://angeloeyez.blogspot.com/favicon.ico~
https://www.blogger.com/static/v1/jsbin/3906480537-lbx__zh_tw.js
https://angeloeyez.blogspot.com/search/label/%E9%96%B1%E8%AE%80
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=4209736874329189702&target=em
https://1.bp.blogspot.com/-CjQzgUVQs1I/VfjLLoXKeZI/AAAAAAAAq1I/uWLATRNqGVQ/s640/1AFDE130BC.jpeg
http://angeloeyez.blogspot.com/2020/06/miiiw-s500.html
https://www.blogger.com/feeds/5682877374648862806/posts/default/2361653809031461826
https://www.blogger.com/feeds/5682877374648862806/posts/default/4658405517440814697
https://angeloeyez.blogspot.com/2020/06/news-my-c2.html
https://www.blogger.com/feeds/5682877374648862806/posts/default/4585261388580268433
http://flickr.com/photos/
https://angeloeyez.blogspot.com/2020/06/miiiw-s500.html#more
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5682877374648862806&zx=e9116e0e-e
https://1.bp.blogspot.com/-XbQifbJ1Tnk/XtYQpy7bHPI/AAAAAAABFe4/kbu5MKhMMVsIJFEnHtOz-tqgvL4zz1eeQCK4B
https://angeloeyez.blogspot.com/search/label/%E9%9B%BB%E8%85%A6-C%23
https://cdn.ampproject.org/
https://angeloeyez.blogspot.com/search/label/%E7%94%9F%E6%B4%BB-%E5%81%A5%E5%BA%B7
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=2361653809031461826&target=tw
https://angeloeyez.blogspot.com/search/label/%E8%AA%AA%E6%98%8E%E6%9B%B8
http://www.nytimes.com/
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=4658405517440814697&target=tw
https://angeloeyez.blogspot.com/search/label/%E7%94%9F%E6%B4%BB-%E6%A4%8D%E7%89%A9
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=1752906290415956518&target=tw
https://stats.g.doubleclick.net/j/collect
https://angeloeyez.blogspot.com/feeds/4585261388580268433/comments/default
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=4585261388580268433&target=fa
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=3709245699006979105&target=em
https://angeloeyez.blogspot.com/2020/06/alaska-258.html
https://angeloeyez.blogspot.com/2020/06/keep-b1.html#comments
https://lh3.googleusercontent.com/ULB6iBuCeTVvSjjjU1A-O8e9ZpVba6uvyhtiWRti_rBAs9yMYOFBujxriJRZ-A=h60
https://angeloeyez.blogspot.com/2020/06/xiaomi-wcj02zm.html#more
https://www.blogblog.com/indie/mspin_white_large.svg)
https://angeloeyez.blogspot.com/2020/06/miiiw-s500.html#commentslogspot.com/2020/06/miiiw-s500.html
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=4658405517440814697&target=fa
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=4658405517440814697&target=
https://angeloeyez.blogspot.com/2020/06/miiiw-s500.html6
https://www.blogger.com/comment-iframe.g?blogID=5682877374648862806&postID=4585261388580268433&skin=
https://1.bp.blogspot.com/-SJ7QXltKcNQ/XtYQqpWDA1I/AAAAAAABFfE/cTLplgboL9oDizJJd0v70WSHfgCrjUJDwCK4B
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=2361653809031461826&target=
https://angeloeyez.blogspot.com/2020/06/miiiw-s500.html#comments
https://angeloeyez.blogspot.com/2020/06/xiaomi-wcj02zm.html#comments
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&
https://angeloeyez.blogspot.com/search/label/%E6%A8%B9%E6%A2%85%E6%B4%BE
https://www.blogger.com/comment-iframe.g?blogID=5682877374648862806&postID=4658405517440814697&skin=
https://angeloeyez.blogspot.com/2019/03/tcl-1-tcl.html
https://www.blogger.com
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=3709245699006979105&target=tw
https://angeloeyez.blogspot.com/search/label/NodeMCU
https://1.bp.blogspot.com/-CjQzgUVQs1I/VfjLLoXKeZI/AAAAAAAAq1I/uWLATRNqGVQ/w144-h144-p-k-no-nu/1AFDE
http://angeloeyez.blogspot.com/2020/06/news-my-c2.html
https://resources.blogblog.com/img/blank.gif
http://googleads.g.doubleclick.net
https://angeloeyez.blogspot.com/search/label/%E9%9B%BB%E8%85%A6-%E8%BB%9F%E9%AB%94
https://angeloeyez.blogspot.com/2020/06/xiaomi-wcj02zm.html
http://search.yahoo.com/mrss/
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=4585261388580268433&target=tw
https://angeloeyez.blo
https://1.bp.blogspot.com/-Ic3IgTElrc0/XtYQpIKst2I/AAAAAAABFes/drjzzt9ujWE1b_NFH1UWKJ-rnTc-0WtfQCK4B
https://www.blogger.com/go/adspersonalization
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=1752906290415956518&target=
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=3709245699006979105&target=fa
https://angeloeyez.blogspot.com/2020/06/keep-b1.html01.html#morets
https://angeloeyez.blogspot.com/2020/06/miiiw-s500.html#morets
https://www.blogger.com/rpc_relay.html
https://resources.blogblog.com/blogblog/data/res/3657663798-indie_compiled.js
http://angeloeyez.blogspot.com/2020/06/xiaomi-wcj02zm.html
https://angeloeyez.blogspot.com/favicon.ico
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=8232875381038004256&target=pi
https://googleads.g.doubleclick.net/pagead/html/r20200624/r20190131/zrt_lookup.html#
https://www.blogger.com/share-post.g?blogID=5682877374648862806&postID=4585261388580268433&target=em
http://www.reddit.com/

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\f[1].txt
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\KFOjCnqEu92Fr1Mu51TjASc6CsI[1].woff
 Web Open Font Format, TrueType, length 22204, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\HTx0L209KT-LmIE9N7OR6eiycOe1_Dbw[1].woff
 Web Open Font Format, TrueType, length 10564, version 1.1
 #
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\8iS4t_U6IaKemPWr82PlmZXzRS0AbHqoxNAc16Mbkt4[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\4585261388580268433[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\1AFDE130BC[1].jpeg
 [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 600x399, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\1752906290415956518[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\zrt_lookup[1].htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\treeLabel-v2.0[3].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\treeLabel-v2.0[2].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\treeLabel-v2.0[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\sprite_comment_v1.css[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\sodar2[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\KFOmCnqEu92Fr1Mu4mxM[1].woff
 Web Open Font Format, TrueType, length 20268, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\comment-iframe[1].htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\close[1].gif
 GIF image data, version 89a, 16 x 16
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\ads[2].htm
 HTML document, ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\ads[1].htm
 HTML document, ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\Page 7 (quality=66)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\Page 7 (quality=64)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\Page 5 (quality=66)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\Page 5 (quality=65)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\Page 4 (quality=64)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\Page 2 (quality=66)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\Page 13 (quality=65)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\all-clean-cln-01[1].htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\202006021618111008[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2250x2997, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PKAQFTEH\202006011427551000[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2045x2706, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\wiekurt-qt-m2006[1].htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\unnamed[1].png
 PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\treeLabel-v2.0[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\sprite_v1_6.css[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\keep-b1[1].htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\cookienotice[1].js
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\comment-iframe[3].htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\comment-iframe[2].htm
 gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\comment-iframe[1].htm
 gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\analytics[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\KFOlCnqEu92Fr1MmWUlfBBc-[1].woff
 Web Open Font Format, TrueType, length 20356, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\ads[1].htm
 HTML document, ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\Page 9 (quality=66)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\Page 9 (quality=65)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\Page 9 (quality=64)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\Page 8 (quality=66)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\Page 8 (quality=65)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\Page 5 (quality=64)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\Page 4 (quality=65)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\Page 2 (quality=64)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\Page 11 (quality=65)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\P24S97MI\Page 10 (quality=64)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\Page 3 (quality=64)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\Page 2 (quality=65)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\Page 10 (quality=65)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\Page 1 (quality=66)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\Page 1 (quality=65).webp[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\???(1)_3[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2107x2699, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\???(1)_1[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1878x2486, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\???(1)_0[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1859x2417, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\8iS4t_U6IaKemPWr82PlmZXzRS0AbHqoxNAc16Mbkt4[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\3KM1FS17.htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\202006021630191000[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1679x2278, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\v8bxa9r\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\Page 3 (quality=65)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D0812F8B-BCF8-11EA-AAE7-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C9B06959-BCF8-11EA-AAE7-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C9B06957-BCF8-11EA-AAE7-9CC1A2A860C6}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\summary[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\???(1)_7[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2080x2697, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\???(1)_6[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2118x2810, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\???(1)_5[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1949x2619, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\???(1)_4[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1760x2331, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\978235614-comment_from_post_iframe[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\4658405517440814697[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\3906480537-lbx__zh_tw[1].js
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\2806403702-widgets[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\2361653809031461826[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\O0N4T4W6\202006021621141000[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1811x2790, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\summary[3].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\summary[2].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\BHYH095B\angeloeyez.blogspot[1].xml
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\runner[1].htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\rdp1[1].png
 PNG image data, 584 x 241, 8-bit/color RGB, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\mspin_black_large[1].svg
 SVG Scalable Vector Graphics image
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\jquery-3.3.1.min[2].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\comment-iframe[1].htm
 gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\clipboard.min[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\anon36[1].png
 PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\PostSeries_AEz_v1[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\Page 8 (quality=66)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\Page 6 (quality=64)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5N37O3UG\Page 3 (quality=66)[1].webp
 [none]x[none], YUV color, decoders should clamp
 #