Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

http://outlookplug.webstarts.com

Status: finished
Submission Time: 2021-01-14 02:39:50 +01:00
Malicious

Comments

Tags

Details

  • Analysis ID:
    339436
  • API (Web) ID:
    580800
  • Analysis Started:
    2021-01-14 02:39:50 +01:00
  • Analysis Finished:
    2021-01-14 02:45:20 +01:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 56
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP Country Detection
108.177.119.154
 United States
31.13.92.174
 Ireland
104.16.19.94
 United States
Click to see the 19 hidden entries
76.223.7.137
 United States
198.145.13.12
 United States
52.42.142.48
 United States
13.224.94.84
 United States
104.244.42.193
 United States
185.60.216.35
 Ireland
52.25.41.2
 United States
54.149.60.28
 United States
46.101.248.169
 Netherlands
52.218.217.235
 United States
172.67.202.97
 United States
13.248.166.219
 United States
152.199.21.141
 United States
108.177.126.156
 United States
13.224.94.11
 United States
104.153.233.177
 United States
31.13.92.14
 Ireland
31.13.92.36
 Ireland
54.145.10.249
 United States

Domains

Name IP Detection
maxcdn.bootstrapcdn.com
 0.0.0.0
www.webstarts.com
 76.223.7.137
cs510.wpc.edgecastcdn.net
 152.199.21.141
Click to see the 39 hidden entries
m.facebook.com
 0.0.0.0
abs.twimg.com
 0.0.0.0
cdn.secure.website
 0.0.0.0
outlookplug.webstarts.com
 0.0.0.0
stats.g.doubleclick.net
 0.0.0.0
code.jquery.com
 0.0.0.0
www.youtube.com
 0.0.0.0
www.facebook.com
 0.0.0.0
z-p42-instagram.c10r.facebook.com
 31.13.92.174
files.secure.website
 0.0.0.0
stats.webstarts.com
 0.0.0.0
connect.facebook.net
 0.0.0.0
static.doubleclick.net
 0.0.0.0
static.xx.fbcdn.net
 0.0.0.0
ws-customer-file-upload-storage.s3.amazonaws.com
 0.0.0.0
a-200000005.gator.io
 0.0.0.0
www.instagram.com
 0.0.0.0
googleads.g.doubleclick.net
 0.0.0.0
stats.webstarts.com.re.getclicky.com
 198.145.13.12
twitter.com
 104.244.42.193
pagead46.l.doubleclick.net
 108.177.119.154
f000.backblazeb2.com
 104.153.233.177
gatorapi.com
 52.25.41.2
stats.l.doubleclick.net
 108.177.126.156
instagram.com
 54.145.10.249
dk64etyg7glz4.cloudfront.net
 13.224.94.11
fbcdn.net
 31.13.92.36
geolocation-db.com
 46.101.248.169
loc1.hitsprocessor.com
 52.42.142.48
star-mini.c10r.facebook.com
 31.13.92.36
counter.hitslink.com
 54.149.60.28
fbsbx.com
 31.13.92.36
scontent.xx.fbcdn.net
 31.13.92.14
s3-us-west-2-w.amazonaws.com
 52.218.217.235
a23e8ffd6a08828ba.awsglobalaccelerator.com
 13.248.166.219
cdnjs.cloudflare.com
 104.16.19.94
www.google.co.uk
 108.177.127.94
trasactionsmtp.com
 172.67.202.97
facebook.com
 31.13.92.36

URLs

Name Detection
https://f000.backblazeb2.com/file/rainfowl-sunburntness-11958196052/index.html
https://f000.backblazeb2.com/file/rainfowl-sunburntness-11958196052/index.html
https://www.instagram.com/accounts/login/-sunburntnes
Click to see the 97 hidden entries
https://www.google.%/ads/ga-audiences?
https://youtu.be/
http://youtube.com/streaming/metadata/segment/102015
https://twitter.com/webstarts?lang=en-xx
https://outlookplug.webstarts.com/
https://abs.twimg.com/responsive-web/client-web-legacy/vendors~main.6e9c09d5.js
https://trasactionsmtp.com/email-list/favicons/of.ico
https://www.instagram.com/accounts/login/
https://twitter.com/webstarts?lang=pl
https://files.secure.website/wscfus/10030793/images/photodune9144342youngselfemployedwomantakingcust
https://files.secure.website/wscfus/10030793/2509174/12376344-10153416756916158-7587847680655729965-
https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0
https://abs.twimg.com/responsive-web/client-web-legacy/main.c0955c45.js
https://www.webstarts.com/favicon.ico
https://cdn.secure.website/library/images/minimal-webstarts-logo-w64.png
https://twitter.com/webstarts
https://twitter.com/webstarts?lang=fr
http://designer-platform.webstarts.com
https://twitter.c
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/O2aKM2iSbOw.png
https://www.webstarts.com?lts=siteFooter
https://abs.twimg.com/favicons/twitter.ico
https://cdn.secure.website/client-site-resources/10623448/css/index.css?r=20210113224946
https://twitter.com/webstarts?lang=fi
https://cdn.secure.website/library/jquery/jquery-1.11.1.min.js
https://www.instagram.com/favicon.ico
https://cdn.secure.website/ws/1610576166/library/material.min.js
https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css
https://www.instagram.com/accounts/login/-sunburntness-11958196052/index.html
https://twitter.com/webstarts?lang=ro
https://youtube.com/api/drm/fps?ek=uninitialized
https://fburl.com/debugjs.
https://twitter.com/webstarts?lang=en-GB
https://cdnjs.cloudflare.com/ajax/libs/noUiSlider/10.1.0/nouislider.min.js
https://www.instagram.com/freewebsitebuilder
https://cdn.secure.website/ws/1610576166/library/ui-common.js
http://schema.org
http://outlookplug.webstarts.com/
https://www.webstarts.com/?lts=siteFooter
https://twitter.com/webstartstsogin/-sunburntnes
https://www.webstarts.ai
https://twitter.com/webstarts?lang=pt
https://files.secure.website/wscfus/10623448/28212628/remittance-advice-w300-o.png
https://www.webstarts.com
https://ton.twitter.com/responsive-web-internal/sourcemaps/client-web-legacy/ondemand.Dropdown.ed3ce
https://connect.facebook.net/en_US/all.js
http://daneden.me/animate
https://github.com/twbs/bootstrap/blob/master/LICENSE)
https://cdn.secure.website/library/slideout/slideout.js
http://getbootstrap.com)
https://cdn.secure.website/ws/1610576166/library/ripples.min.css
https://twitter.com/webstarts?lang=ur
https://www.youtube.com/embed/KfOK_iNDMk0?wmode=transparent&theme=dark&controls=1&autohide=0&loop=0&
https://admin.youtube.com
https://www.webstarts.com/
https://cdn.secure.website/
https://twitter.com/webstarts?lang=uk
https://www.instagram.com/accounts/login/
https://www.internalfb.com/intern/invariant/
https://twitter.com/webstarts?lang=cs
https://ton.twitter.com/responsive-web-internal/sourcemaps/client-web-legacy/sharedCore.aebd1355.js.
https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0
https://twitter.com/webstarts?lang=ta
https://www.webstarts.com/?lts=siteFootert
https://twitter.com/webstarts?lang=sv
https://twitter.com/webstarts?lang=de
https://designs.webstarts.com/preview/tn_
https://twitter.com/webstarts?lang=tr
https://twitter.com/webstarts?lang=da
https://cdn.secure.website/client-site-resources/10623448/css/site.css?r=20210113224945
https://cdn.secure.website/library/users/common.css
https://twitter.com/webstarts?lang=th
https://static.webstarts.com/library/images/effects/liftedshadow_m-hq.png);
https://twitter.com/webstarts?lang=fa
https://files.secure.website/wscfus/10030793/2399437/team-w300-o.jpg
https://stats.g.doubleclick.net/j/collect?
https://twitter.com/webstarts?lang=ga
https://files.secure.website/wscfus/10030793/2509188/73x73-w73-o.png
https://twitter.com/webstarts?lang=eu
https://www.cloudflare.com/5xx-error-landing
https://affiliate.webstarts.com/
https://twitter.com/webstarts?lang=es
https://twitter.com/webstarts?lang=el
https://twitter.com/webstarts?lang=en
https://ws-customer-file-upload-storage.s3.amazonaws.com/wscfus/10030793/variations/ec5ab9d295891bd7
https://cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.4/js/standalone/selectize.min.js
https://files.secure.website/wscfus/10030793/2399437/team-w1500-o.jpg
https://www.linkedin.com/company/webstarts
https://www.youtube.com/generate_204?cpn=
https://static.webstarts.com/library/images/effects/gradient-shiny-hq.png);
https://twitter.com/webstarts?lang=vi
https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0
https://files.secure.website/wscfus/10623448/28212628/remittance-advice-w1000-o.png
https://abs.twimg.com/responsive-web/client-web-legacy/icon-ios.b1fc7275.png
https://twitter.com/webstarts?lang=fil
https://files.secure.website/wscfus/10623448/28212628/remittance-advice-w100-o.png
https://files.secure.website/wscfus/10030793/2399437/team-w750-o.jpg

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
 Web Open Font Format, TrueType, length 20012, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\index-layout-desktop[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\icon[1].css
 ASCII text
 #
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\hsts-pixel[1].gif
 GIF image data, version 89a, 1 x 1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\font-awesome.min[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\fbds[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\common[1].js
 ASCII text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\common[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\bootstrap.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\bootstrap.min[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\Wicyz0CP9aP[1].png
 PNG image data, 124 x 272, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\QMKkyuXszIl[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\KFOmCnqEu92Fr1Mu4mxM[1].woff
 Web Open Font Format, TrueType, length 19824, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\index[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\KFOkCnqEu92Fr1Mu51xIIzQ[1].woff
 Web Open Font Format, TrueType, length 21528, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\KFOjCnqEu92Fr1Mu51S7ACc6CsI[1].woff
 Web Open Font Format, TrueType, length 21564, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\IxxDAbiZepi[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\wse-ft[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\workingatdesk-1[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\webstarts[1].htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\ripples.min[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\photodune9144342youngselfemployedwomantakingcustomerordersbyphonem-1[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1732x1155, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\photodune12401033confidenthairdressersmilingatcameraatthehairsalonm-1[1].jpg
 JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1732x1155, frames 3
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\minimal-webstarts-logo-w32[1].png
 PNG image data, 32 x 30, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\mem8YaGs126MiZpBA-UFVZ0d[1].woff
 Web Open Font Format, TrueType, length 18100, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\KfOK_iNDMk0[1].htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\mem5YaGs126MiZpBA-UN8rs-Vg[1].woff
 Web Open Font Format, TrueType, length 57568, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\mem5YaGs126MiZpBA-UN7rg-Vg[1].woff
 Web Open Font Format, TrueType, length 57908, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\material.min[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\jsonp[1].htm
 HTML document, ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\js[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\jquery.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\gt6eFSovvve[1].png
 PNG image data, 144 x 142, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\gXGblHShPYH[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\fetch-polyfill[1].js
 Pascal source, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\favicon[1].ico
 MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\ckajo9HPAG9[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\T0ALW3DI.htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\mem6YaGs126MiZpBA-UFUJ0d[1].woff
 Web Open Font Format, TrueType, length 53024, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\www-player[1].css
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\ws-logo[1].png
 PNG image data, 304 x 70, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\webstarts[1].htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\vendors~main.6e9c09d5[1].js
 UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\tr[1].gif
 GIF image data, version 89a, 1 x 1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\site[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\public-icons.min[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\polyfills.18e394f5[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\nouislider.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\layout-desktop[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\jsonp[1].htm
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\arrive.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\mem8YaGs126MiZpBA-U1UQ[1].woff
 Web Open Font Format, TrueType, length 55268, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\mem5YaGs126MiZpBA-UNirk-Vg[1].woff
 Web Open Font Format, TrueType, length 57632, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jquery-1.12.4.min[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\index[1].htm
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\in[1].js
 UTF-8 Unicode text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\fontawesome-webfont[1].eot
 Embedded OpenType (EOT), FontAwesome family
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\flUhRq6tzZclQEJ-Vdg-IuiaDsNa[1].woff
 Web Open Font Format, TrueType, length 126472, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\favicon[1].ico
 MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\ec5ab9d295891bd7f73dfd25e194228c-o-1000[1].png
 PNG image data, 1000 x 99, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\dNxa0yUpsIh[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\base[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\memnYaGs126MiZpBA-UFUKWyV-hv[1].woff
 Web Open Font Format, TrueType, length 53016, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\QCK3OA84.htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\MP5kZee0h8r[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\LCiIf9aRZOiGo-rZWYW1l_276pjefaUTlX6AOZACUqw[1].js
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\HPft0FukSSP[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\B1L3YS7R.htm
 HTML document, UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\dikxvqf\imagestore.dat
 data
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EF4FBDFB-5654-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EF4FBDFA-5654-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{EF4FBDF8-5654-11EB-90E5-ECF4BB570DC9}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\QALADACS\twitter[1].xml
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DURNCK2N\m.facebook[1].xml
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\T4MIXIS5.htm
 HTML document, ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\mem5YaGs126MiZpBA-UN_r8OUuhv[1].woff
 Web Open Font Format, TrueType, length 18668, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\mem5YaGs126MiZpBA-UN_r8-Vg[1].woff
 Web Open Font Format, TrueType, length 56908, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\mem5YaGs126MiZpBA-UN7rgOUuhv[1].woff
 Web Open Font Format, TrueType, length 18900, version 1.1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\main.c0955c45[1].js
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\ga[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\en.e4e70a25[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\embed[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\dynamicfooterscript[1].js
 HTML document, ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\css[1].css
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\bootstrap-material-design.min[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\ad_status[1].js
 ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\XQFNDQXmYCq[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\8P7RGF10\www.youtube[1].xml
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\OfUfeQVPy67[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\O2aKM2iSbOw[1].png
 PNG image data, 196 x 196, 8-bit colormap, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\9DEtaxzqX0F[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\0B8nRfh39bl[1].css
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\www-embed-player[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\twitter[1].ico
 PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\transparent[1].gif
 GIF image data, version 89a, 1 x 1
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\selectize.min[1].js
 UTF-8 Unicode text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\pxI6JNlsBwR[1].js
 ASCII text, with very long lines
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\of[1].htm
 HTML document, ASCII text
 #
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\memnYaGs126MiZpBA-UFUKXGUehv[1].woff
 Web Open Font Format, TrueType, length 54016, version 1.1
 #