Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

http://199.38.59.80

Status: finished
Submission Time: 2020-07-03 18:55:14 +02:00
Clean

Comments

Tags

Details

  • Analysis ID:
    243298
  • API (Web) ID:
    382297
  • Analysis Started:
    2020-07-03 18:55:14 +02:00
  • Analysis Finished:
    2020-07-03 19:00:53 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
clean
Score: 2
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
54.152.104.186
 United States
63.34.37.82
 United States
34.253.133.202
 United States
Click to see the 41 hidden entries
13.224.102.91
 United States
45.60.65.64
 United States
52.210.253.186
 United States
3.81.179.112
 United States
52.216.133.221
 United States
185.63.145.5
 United States
34.252.111.25
 United States
216.58.207.35
 United States
216.58.212.162
 United States
52.202.106.32
 United States
209.167.231.17
 United States
185.60.216.19
 Ireland
172.217.23.162
 United States
13.224.102.111
 United States
34.194.150.218
 United States
13.224.102.77
 United States
172.217.16.130
 United States
13.224.100.124
 United States
216.58.205.230
 United States
18.202.138.86
 United States
3.212.202.28
 United States
3.127.178.105
 United States
52.200.148.45
 United States
104.26.0.65
 United States
54.86.230.231
 United States
104.16.133.229
 United States
216.58.205.226
 United States
151.101.1.2
 United States
54.209.247.25
 United States
185.33.220.243
 Netherlands
23.111.9.35
 United States
54.85.190.177
 United States
104.26.1.65
 United States
54.88.54.220
 United States
185.60.216.35
 Ireland
35.174.210.7
 United States
34.197.190.228
 United States
34.213.106.51
 United States
34.107.224.119
 United States
199.38.59.80
 United States
54.209.17.233
 United States

Domains

Name IP Detection
c.6sc.co
 0.0.0.0
embedwistia-a.akamaihd.net
 0.0.0.0
s1017.t.eloqua.com
 0.0.0.0
Click to see the 89 hidden entries
a.quora.com
 0.0.0.0
fast.wistia.com
 0.0.0.0
www.bomgar.com
 0.0.0.0
www.beyondtrust.com
 0.0.0.0
googleads.g.doubleclick.net
 0.0.0.0
px.ads.linkedin.com
 0.0.0.0
connect.facebook.net
 0.0.0.0
embed-ssl.wistia.com
 0.0.0.0
img.en25.com
 0.0.0.0
adservice.google.co.uk
 0.0.0.0
js.adsrvr.org
 0.0.0.0
m.addthis.com
 0.0.0.0
match.adsrvr.org
 0.0.0.0
fg8vvsvnieiv3ej16jby.litix.io
 0.0.0.0
j.6sc.co
 0.0.0.0
s3.amazonaws.com
 0.0.0.0
js.driftt.com
 0.0.0.0
secure.adnxs.com
 0.0.0.0
scout-cdn.salesloft.com
 0.0.0.0
scout.salesloft.com
 0.0.0.0
ad.doubleclick.net
 0.0.0.0
m.addthisedge.com
 0.0.0.0
rp.liadm.com
 0.0.0.0
cdn-3.convertexperiments.com
 0.0.0.0
ib.adnxs.com
 0.0.0.0
snap.licdn.com
 0.0.0.0
pipedream.wistia.com
 0.0.0.0
sjs.bizographics.com
 0.0.0.0
embed-fastly.wistia.com
 0.0.0.0
1040408-8.chat.api.drift.com
 0.0.0.0
www.linkedin.com
 0.0.0.0
s7.addthis.com
 0.0.0.0
presence.api.drift.com
 0.0.0.0
www.facebook.com
 0.0.0.0
cdn.heapanalytics.com
 0.0.0.0
distillery.wistia.com
 0.0.0.0
dpm.demdex.net
 0.0.0.0
pixel.advertising.com
 0.0.0.0
b.6sc.co
 0.0.0.0
event.api.drift.com
 0.0.0.0
customer.api.drift.com
 0.0.0.0
ads.yahoo.com
 0.0.0.0
insight.adsrvr.org
 0.0.0.0
ps.eyeota.net
 3.127.178.105
match-1943069928.eu-west-1.elb.amazonaws.com
 52.208.216.178
srfktne.x.incapdns.net
 45.60.65.64
cdnjs.cloudflare.com
 104.16.133.229
sync.crwdcntrl.net
 52.210.253.186
pagead.l.doubleclick.net
 216.58.205.226
3bs672wg.easyredirengine.com
 34.213.106.51
livepixel-production.bln.liveintent.com
 54.209.17.233
prod-east-stats-tap-alb-627711272.us-east-1.elb.amazonaws.com
 18.233.89.106
a2f905133e04e4d35ade9cd4751dd35b-4fd69d4b6621dbbd.elb.us-east-1.amazonaws.com
 35.174.210.7
idsync.rlcdn.com
 34.107.224.119
scontent.xx.fbcdn.net
 185.60.216.19
q.quora.com
 34.238.223.59
s3-1.amazonaws.com
 52.216.115.77
dl7g9llrghqi1.cloudfront.net
 13.224.102.77
dg2iu7dxxehbo.cloudfront.net
 13.224.100.124
scout.us1.salesloft.com
 34.227.202.160
1040408-8.live.api.drift.com
 255.255.255.255
dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
 18.202.138.86
ee15ba61-wschat-wschatalb-6fcf-2062696737.us-east-1.elb.amazonaws.com
 107.23.25.207
p01.t.eloqua.com
 209.167.231.17
metrics.api.drift.com
 34.197.190.228
alb-event-1454785217.us-east-1.elb.amazonaws.com
 52.72.214.125
cdn.sitesearch360.com
 172.67.72.116
pop-efr5.mix.linkedin.com
 185.63.145.5
ib.anycast.adnxs.com
 37.252.172.37
sitesearch360.com
 104.26.1.65
ml314.com
 34.253.133.202
www.google.co.uk
 216.58.207.35
bf28cd64-customer-customer-9515-1340689491.us-east-1.elb.amazonaws.com
 54.152.104.186
enrichment.api.drift.com
 54.88.54.220
insight-566961044.eu-west-1.elb.amazonaws.com
 63.34.37.82
heapanalytics.com
 52.202.106.32
embeds.driftcdn.com
 13.224.102.91
targeting.api.drift.com
 52.200.148.45
dart.l.doubleclick.net
 216.58.205.230
ds-geoycpi-uno.gycpi.b.yahoodns.net
 87.248.118.22
a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.com
 3.212.202.28
prod.ups-eu-central-1.aolp-ds-prd.aws.oath.cloud
 35.158.60.52
beyondtrust-bomgar12.netdna-ssl.com
 23.111.9.35
pagead46.l.doubleclick.net
 172.217.23.130
d38au5kn48shwv.cloudfront.net
 13.224.102.107
star-mini.c10r.facebook.com
 185.60.216.35
scout.salesloft.netdna-cdn.com
 23.111.9.64
quora.map.fastly.net
 151.101.1.2
prod-east-pipedream-alb-988701200.us-east-1.elb.amazonaws.com
 3.81.179.112

URLs

Name Detection
https://www.beyondtrust.com/assets/images/beyondtrust-brand-socialmedia_card.jpg
http://opensource.org/licenses/GPL-2.0
https://www.beyondtrust.com/assets/images/logos/BeyondTrust_Vert_White.png
Click to see the 97 hidden entries
https://sourcemaps.bomgar.com/16.1.1/62199/content/rep_list-min.js.map
http://www.symauth.com/cps0(
https://www.beyondtrust.com/resources/webcasts/urgent-security-response-methods-to-enable-the-remote
http://nsis.sf.net/NSIS_ErrorError
https://www.beyondtrust.com/assets/images/icons/BT_icons_website_homepage_01.png
https://www.beyondtrust.com/resources/comparisons
https://www.beyondtrust.com/solutions#beyondinsight
https://www.beyondtrust.com/assets/js/main.min.js
https://www.beyondtrust.com/press
https://www.beyondtrust.com/assets/images/resource-cards/Buyers_Guide_Privileged_Access_Management.p
https://twitter.com/beyondtrust
https://www.beyondtrust.com/remote-workers
http://199.38.59.80/
https://www.beyondtrust.com/assets/js/traffic.min.js
https://www.beyondtrust.com/assets/images/logos/beyondtrust/solutions--privilege-mgmt.png
https://www.beyondtrust.com/assets/images/icons/BT_icons_website_homepage_04.png
https://www.beyondtrust.com/assets/images/homepage-customers-csc-white.png
https://www.beyondtrust.com/resources
http://199.38.59.80/content/issue_form.js
https://www.beyondtrust.com/remote-access/features/vault
http://www.reddit.com/
http://199.38.59.80/content/portal.js
https://www.beyondtrust.com/assets/images/banner-images/upm-homepage-banner.jpg);background-repeat:
http://199.38.59.80/help?show_help=help_session_keyse=John
http://199.38.59.80/content/loading.gif
https://www.beyondtrust.com/services/training
https://www.beyondtrust.com/touch-icon.png?v=4
https://www.beyondtrust.com/forms/manage-subscriptions
https://www.beyondtrust.com/assets/images/logos/beyondtrust/solutions--password-mgmt.png
https://www.beyondtrust.com/forms/manage-cookies/dismiss
https://www.beyondtrust.com/favicon.png?v=4
http://199.38.59.80/content/globe.png
https://www.beyondtrust.com/forms/newsletter
https://www.beyondtrust.com/fr/
http://www.youtube.com/
https://insight.adsrvr.org/track/up?adv=1en7y2s&ref=https%3A%2F%2Fwww.beyondtrust.com%2F&upid=6uq859
http://www.symauth.com/rpa00
http://199.38.59.80/help?show_help=help_issues_menu
https://www.google.%/ads/ga-audiences
http://nsis.sf.net/NSIS_Error
https://www.beyondtrust.com/docs/index.htm
https://js.driftt.com/include/
http://199.38.59.80/content/public.css
https://www.beyondtrust.com/(
https://embed-ssl.wistia.com/deliveries/8fa7f30623a07839b1f6e2dfa49323d3.jpg
http://199.38.59.80/content/rep_list.js
https://www.beyondtrust.com/%
https://www.beyondtrust.com/assets/images/Frictionless-300x300.png
https://www.beyondtrust.com
http://199.38.59.80/he
https://px.ads.linkedin.com/collect?
https://www.beyondtrust.com/privilege-management/windows-mac
https://www.beyondtrust.com/resources/whitepapers/pam-buyers-guide
http://199.38.59.80/favicon.ico
https://www.beyondtrust.com/ko/
https://www.beyondtrust.com/assets/images/Limitless-300x300.png
https://www.beyondtrust.com/assets/images/Accelerated-300x300.png
http://www.bomgar.com
https://cdnjs.cloudflare.com/ajax/libs/normalize/3.0.3/normalize.min.css
http://199.38.59.80/api/content/core.js
https://www.beyondtrust.com/assets/images/icons/BT_icons_website_homepage_06.png
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&
https://www.beyondtrust.com/es/
https://bnjmnt4n.now.sh/
http://199.38.59.80/download_client_connector?id=1&name=John+Bordelon&download=1
https://www.beyondtrust.com/remote-access
https://www.beyondtrust.com/assets/images/logos/homepage-wynn-resorts-white.png
https://a.quora.com
https://www.beyondtrust.com/partners
https://ads.yahoo.com
https://www.googletraveladservices.com/travel/vacations/clk/pagead/conversion/
https://www.beyondtrust.com/weee-request
https://fast.wistia.com/embed/medias/trm0z8ho70.jsonp
http://199.38.59.80/help?show_help=help_issues_menue=John
https://www.beyondtrust.com/blog
https://stats.g.doubleclick.net/j/collect
https://www.beyondtrust.com/assets/js/formFields.min.js
https://fast.wistia.com/assets/external/E-v1.js
https://github.com/krux/postscribe/blob/master/LICENSE.
http://199.38.59.80/help?show_help=helRoot
http://199.38.59.80/RRemote
https://sourcemaps.bomgar.com/16.1.1/62199/content/access_key_input-min.js.map
https://www.beyondtrust.com/resources/whitepapers
http://www.videolan.org/x264.html
https://www.beyondtrust.com/resources/case-studies
http://www.bomgar.com/0
https://www.beyondtrust.com/assets/images/BT_website_PAM_Cloud_1000x500.jpg
http://code.jquery.com/jquery-1.6.4.js
https://www.beyondtrust.com/password-safe
https://caniuse.com/#search=webp
https://www.beyondtrust.com/resources/whitepapers/universal-privilege-management
https://www.beyondtrust.com/events
https://raw.githubusercontent.com/stefanpenner/es6-promise/master/LICENSE
https://www.beyondtrust.com/gobeyond2020
https://www.beyondtrust.com/solutions
https://www.beyondtrust.com/assets/images/homepage-customers-ihg-white.png
https://1040408-8.live.api.drift.com

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\css[3].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\index[1].htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\homepage-wynn-resorts-white[1].png
 PNG image data, 180 x 80, 8-bit/color RGBA, non-interlaced
 #
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\homepage-customers-starbucks-black-and-white[1].png
 PNG image data, 120 x 122, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\homepage-customers-carbonite-white[1].png
 PNG image data, 188 x 19, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\help[1].htm
 HTML document, ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\heap-3462970183[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\gtm[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\curved-pattern[1].png
 PNG image data, 627 x 805, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\curved-pattern-navy[1].png
 PNG image data, 863 x 79, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\csync[1].gif
 GIF image data, version 89a, 1 x 1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\css[5].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\css[4].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\issue_form[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\css[2].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\core[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\common[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\chat[1].png
 PNG image data, 52 x 52, 8-bit/color RGB, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\R8PFL6V8.txt
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\MessageSlider-d86bc4d786a84a98f15e[1].js
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\Limitless-300x300[1].png
 PNG image data, 300 x 300, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\KFOmCnqEu92Fr1Mu4mxM[1].woff
 Web Open Font Format, TrueType, length 20268, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\E-v1[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\Datasheet_ADBridge_resource-card[1].png
 PNG image data, 310 x 150, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\AwayMessage-LiveAudienceMessagePreview-MessageSlider-Minimized-ProductAnnouncementSlider-ProductAnno-9041cd50-a7cd77e304b4701dfef0[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\bomgar-scc-w0yc30w5gix78fwzx6ydxf6dh1y1gg7g67776yc40jc90[1].exe
 PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\allIntegrations[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\access_key_input[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\P0K9QI8T.htm
 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
 Web Open Font Format, TrueType, length 20464, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\Frictionless-300x300[1].png
 PNG image data, 300 x 300, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\BT_website_PAM_Cloud_1000x500[1].jpg
 gd-jpeg v1.0 (using IJG JPEG v90), quality = 88", baseline, precision 8, 1000x500, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\BT_icons_website_homepage_06[1].png
 PNG image data, 417 x 417, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\BT_icons_website_homepage_04[1].png
 PNG image data, 417 x 417, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\BT_UPM_Journey[1].png
 PNG image data, 310 x 150, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\AwayMessage-acd43076b13318f42ba1[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\AwayMessage-LiveAudienceMessagePreview-MessageSlider-Minimized-ProductAnnouncementSlider-ProductAnno-9041cd50-f2fbd730d31e70f8c1a2[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\Buyers_Guide_Privileged_Access_Management[1].png
 PNG image data, 310 x 150, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\AwayMessage-90e93783db0c17447d7c[1].js
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\6si.min[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\v2[1].json
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\upm-homepage-banner[1].jpg
 gd-jpeg v1.0 (using IJG JPEG v90), quality = 94", baseline, precision 8, 1600x436, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\traffic.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\styles.min[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\public[2].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\public[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\portal[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\normalize.min[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\mobile[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\csync[1].gif
 GIF image data, version 89a, 1 x 1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\b1c77d3701c2f794787e02eebf55df21[1].png
 PNG image data, 240 x 72, 8-bit/color RGBA, interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\S6u9w4BMUTPHh6UVSwiPHw[1].woff
 Web Open Font Format, TrueType, length 28052, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\S6u9w4BMUTPHh50XSwiPHw[1].woff
 Web Open Font Format, TrueType, length 27524, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\MessageSlider-8acb1a840239d97bd009[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\BeyondTrust_Vert_White[1].png
 PNG image data, 1134 x 865, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\Accelerated-300x300[1].png
 PNG image data, 300 x 300, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\93CIFCF5.htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\8fa7f30623a07839b1f6e2dfa49323d3[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\0695c17de45138db67c5b14f57166c7fd7ea87be[2].dat
 ISO Media, MP4 Base Media v1 [IS0 14496-12:2003]
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\0695c17de45138db67c5b14f57166c7fd7ea87be[1].dat
 ISO Media, MP4 Base Media v1 [IS0 14496-12:2003]
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\6aw4uvh\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\drift-translations-en_US-abb1a962e25d7bf81c6b[1].js
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
 XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7C19A26F-BD99-11EA-AADE-C25F135D3C65}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{75FFAF85-BD99-11EA-AADE-C25F135D3C65}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{75FFAF83-BD99-11EA-AADE-C25F135D3C65}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\pixel[1].gif
 GIF image data, version 89a, 1 x 1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\BT_icons_website_homepage_02[1].png
 PNG image data, 417 x 417, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\vendors-widget-f7b33595702d669de678[1].js
 data
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\uyftdv4t2k95[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\up_loader.1.1.0[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\trm0z8ho70[2].js
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\trm0z8ho70[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\start_session[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\solutions--password-mgmt[1].png
 PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\sitesearch360-v9.min[1].js
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\react-intl-locale-data-en-68d22e6e4ef4c61f742c[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\qevents[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\portal[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\D1YBPPLZ\www.beyondtrust[1].xml
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\moment-8cfc6f8ea9976b6c2ad8[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\js[2].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\js[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\jquery[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\insight.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\imsync[1].htm
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\homepage-rbc-white[1].png
 PNG image data, 146 x 190, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\homepage-customers-williamssonoma-white[1].png
 PNG image data, 238 x 17, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\fbevents[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\favicon[1].png
 PNG image data, 480 x 480, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\favicon[1].ico
 MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
 #