Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy@candies-twentytwo.io

Status: finished
Submission Time: 2021-10-13 19:09:56 +02:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    502281
  • API (Web) ID:
    869857
  • Analysis Started:
    2021-10-13 19:11:10 +02:00
  • Analysis Finished:
    2021-10-13 19:18:34 +02:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 52
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
172.217.168.1
 United States
54.230.206.51
 United States
172.217.168.45
 United States
Click to see the 3 hidden entries
142.250.181.238
 United States
239.255.255.250
 Reserved
67.227.248.137
 United States

Domains

Name IP Detection
d26p066pn2w0s0.cloudfront.net
 54.230.206.51
google.com
 142.250.203.110
accounts.google.com
 172.217.168.45
Click to see the 9 hidden entries
clients.l.google.com
 142.250.181.238
insurance.insuretym.com
 67.227.248.137
googlehosted.l.googleusercontent.com
 172.217.168.1
clients2.googleusercontent.com
 0.0.0.0
clients2.google.com
 0.0.0.0
clientconfig.passport.net
 0.0.0.0
candies-twentytwo.io
 0.0.0.0
logo.clearbit.com
 0.0.0.0
www.candies-twentytwo.io
 0.0.0.0

URLs

Name Detection
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/?client_id=FgjdptDJGZoUaM7YHx41X8&redirect_uri=https%3A%2F%2Fwww.candies-twentytwo.io%2F&protectedtoken=false&id=Y2FuZGllcy10d2VudHl0d28uaW8=&Country=US&x=YW5keUBjYW5kaWVzLXR3ZW50eXR3by5pbw==&i=outlook
https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy@candies-twentytwo.io
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/?client_id=FgjdptDJGZoUaM7YHx41X8&redirect_uri=https%3A%2F%2Fwww.candies-twentytwo.io%2F&protectedtoken=false&id=Y2FuZGllcy10d2VudHl0d28uaW8=&Country=US&x=YW5keUBjYW5kaWVzLXR3ZW50eXR3by5pbw==&i=outlook
Click to see the 97 hidden entries
https://apis.google.com
https://clients2.google.com
https://github.com/angular/material
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/images/background.svg
http://angularjs.org
https://clients2.google.com/cr/report
https://candies-twentytwo.io/images/favicon/apple-touch-icon-180x180.png
https://accounts.google.com
https://candies-twentytwo.io/images/favicon/apple-touch-icon-144x144.png
https://meet.google.com
https://hangouts.clients6.google.com
https://insurance.insuretym.com/wp-include/reports/genWeb/config.js
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/manifest.json
https://candies-twentytwo.io/images/favicon/apple-touch-icon-60x60.png
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
https://accounts.google.com/MergeSession
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/fonts/Roboto-Medium.woff2
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/js/bundle.min.js
https://insurance.insuretym.com/wp-include/reports/genWeb/bundle.min.js
https://sandbox.google.com/payments/v4/js/integrator.js
https://www.google.com/log?format=json&hasfast=true
https://play.google.com
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/pikaday.css
https://www.google.com/images/cleardot.gif
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
https://support.google.com/chromecast/answer/2998456
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
https://insurance.insuretym.com/wp-include/reports/genWeb/framework.min.js
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/
https://candies-twentytwo.io/images/favicon/apple-touch-icon-120x120.png
https://meetings.clients6.google.com
https://candies-twentytwo.io/images/favicon/apple-touch-icon-57x57.png
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/js/config.js
https://logo.clearbit.com/office365.com
https://hangouts.google.com/
https://api.w.org/
https://www-googleapis-staging.sandbox.google.com
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/js/bundle.min.js8
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/style.css%
https://insuretym.com/
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/images/favicon/manifest.jsonD
https://candies-twentytwo.io/images/favicon/apple-touch-icon-152x152.png
https://ogs.google.com
https://www.google.com/intl/en-US/chrome/blank.html
http://www.apache.org/licenses/LICENSE-2.0
https://candies-twentytwo.io/images/favicon/apple-touch-icon-76x76.png
https://insurance.insuretym.com/
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
https://www.google.com
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/style.css
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
https://dns.google
https://www.google.com/tools/feedback
https://github.com/madler/zlib/blob/master/zlib.h
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/images/icons/icons.svg
https://candies-twentytwo.io/images/favicon/android-chrome-192x192.png
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/favicon-96x96.png
https://creativecommons.org/publicdomain/zero/1.0/.
https://candies-twentytwo.io/images/favicon/favicon-96x96.png
https://hangouts.google.com/hangouts/_/logpref
https://support.google.com/chromecast/troubleshooter/2995236
https://preprod-hangouts-googleapis.sandbox.google.com
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/fonts/Roboto-Regular.woff2
http://candies-twentytwo.io/favicon.ico
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/?client_id=FgjdptDJGZoUaM7YHx41X8&
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/fonts/Roboto-Regular.woff2ChIKBw3n
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
http://dbushell.com/
https://insurance.insuretym.com
https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy@candies-twentytwo.io
https://crash.corp.google.com/samples?reportid=&q=
https://apis.google.com/js/client.js
https://www.google.com/images/dot2.gif
https://www.candies-twentytwo.io/
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/favicon-32x32.png
https://candies-twentytwo.io/images/favicon/apple-touch-icon-114x114.png
https://clients6.google.com
https://feedback.googleusercontent.com
https://candies-twentytwo.io/images/favicon/apple-touch-icon-72x72.png
https://www.google.com/
https://docs.google.com
http://tools.ietf.org/html/rfc1950
https://candies-twentytwo.io/images/favicon/favicon-32x32.png
https://play.google.com/log?format=json&hasfast=true
https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy
https://insurance.insuretym.com/wp-json/
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
https://insurance.insuretym.com/icewarpapi/
https://logo.clearbit.com/office365.com?
https://www.google.com/images/x2.gif
https://csp.withgoogle.com/csp/hosted-libraries-pushers
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/js/framework.min.js
https://www.google.com;
https://payments.google.com/payments/v4/js/integrator.js
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/api.css

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.oldck (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old (copy)
 ASCII text
 #
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\0c6c11d4-dd66-426c-bb49-4aa2b819fff2.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\a2d20088-966f-4854-bb7f-fccd8a615bd4.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old. (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State.. (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old. (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferenceswe (copy)
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
 UTF-8 Unicode text, with very long lines, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
 SQLite 3.x database, last written using SQLite version 3032001
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a971f674-99dc-4731-a9bb-7163417aba92.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\ae351136-7d7b-40f5-a75a-330742cb8022.tmp
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old8 (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
 MPEG-4 LOAS
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT` (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent StateMP (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a6eb5b72-ccef-4148-9f74-b1411d6b9e1e.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a226f832-3cc3-4dcd-9bbb-44b349591bdf.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old.. (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/ (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldll (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
 SQLite 3.x database, last written using SQLite version 3032001
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index (copy)
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eaf07a6405f89499_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8f75485cfa400fd0_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5dc4e4e594caf8e4_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7f891074-1b99-4ebd-9d05-17fa119646cb.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\544892d2-36a4-4312-ac0c-04c6d912b729.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4d3d671e-5f60-40db-bf20-d8c9b1efc9da.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4719f2d7-3813-4d2a-bbae-a39294b56185.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\86e84f21-0d8e-4c7d-9247-852d2b5bdd76.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateB} (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State3} (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
 SQLite 3.x database, last written using SQLite version 3032001
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.oldDa (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last TabsT (copy)
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Sessiona. (copy)
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\5c924a5c-3e6a-4a04-b6b6-67634238614b.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
 SQLite 3.x database, last written using SQLite version 3032001
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old.d (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
 ASCII text
 #