flash

https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy@candies-twentytwo.io

Status: finished
Submission Time: 13.10.2021 19:09:56
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    502282
  • API (Web) ID:
    869858
  • Analysis Started:
    13.10.2021 19:12:08
  • Analysis Finished:
    13.10.2021 19:20:08
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
52/100

IPs

IP Country Detection
172.217.168.1
United States
54.230.206.106
United States
172.217.168.45
United States
Click to see the 2 hidden entries
239.255.255.250
Reserved
67.227.248.137
United States

Domains

Name IP Detection
d26p066pn2w0s0.cloudfront.net
54.230.206.106
google.com
142.250.203.110
accounts.google.com
172.217.168.45
Click to see the 8 hidden entries
clients.l.google.com
172.217.168.78
insurance.insuretym.com
67.227.248.137
googlehosted.l.googleusercontent.com
172.217.168.1
clients2.googleusercontent.com
0.0.0.0
clients2.google.com
0.0.0.0
candies-twentytwo.io
0.0.0.0
logo.clearbit.com
0.0.0.0
www.candies-twentytwo.io
0.0.0.0

URLs

Name Detection
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/?client_id=PSACQnYyNumKgoTvEUp5rB&redirect_uri=https%3A%2F%2Fwww.candies-twentytwo.io%2F&protectedtoken=false&id=Y2FuZGllcy10d2VudHl0d28uaW8=&Country=US&x=YW5keUBjYW5kaWVzLXR3ZW50eXR3by5pbw==&i=outlook
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/?client_id=PSACQnYyNumKgoTvEUp5rB&redirect_uri=https%3A%2F%2Fwww.candies-twentytwo.io%2F&protectedtoken=false&id=Y2FuZGllcy10d2VudHl0d28uaW8=&Country=US&x=YW5keUBjYW5kaWVzLXR3ZW50eXR3by5pbw==&i=outlook
https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy@candies-twentytwo.io
Click to see the 96 hidden entries
https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy
https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy@candies-twentytwo.io
https://insurance.insuretym.com
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
http://candies-twentytwo.io/favicon.ico
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/fonts/Roboto-Regular.woff2
https://preprod-hangouts-googleapis.sandbox.google.com
https://www.google.com
https://hangouts.google.com/hangouts/_/logpref
https://candies-twentytwo.io/images/favicon/favicon-96x96.png
https://creativecommons.org/publicdomain/zero/1.0/.
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/favicon-96x96.png
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
https://candies-twentytwo.io/images/favicon/android-chrome-192x192.png
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/images/icons/icons.svg
https://github.com/madler/zlib/blob/master/zlib.h
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/android-chrome-192x192.pngN
https://dns.google
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/style.css
https://support.google.com/chromecast/troubleshooter/2995236
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/api.css
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
https://payments.google.com/payments/v4/js/integrator.js
https://www.google.com;
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/js/framework.min.js
https://csp.withgoogle.com/csp/hosted-libraries-pushers
https://www.google.com/images/x2.gif
https://logo.clearbit.com/office365.com?
https://insurance.insuretym.com/icewarpapi/
https://www.google.com/images/dot2.gif
https://play.google.com/log?format=json&hasfast=true
https://candies-twentytwo.io/images/favicon/favicon-32x32.png
http://tools.ietf.org/html/rfc1950
https://www.google.com/
https://candies-twentytwo.io/images/favicon/apple-touch-icon-72x72.png
https://feedback.googleusercontent.com
https://clients6.google.com
https://candies-twentytwo.io/images/favicon/apple-touch-icon-114x114.png
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/favicon-32x32.png
https://www.candies-twentytwo.io/
https://insurance.insuretym.com/
https://www.google.com/images/cleardot.gif
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/pikaday.css
https://www.google.com/log?format=json&hasfast=true
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/api.cssV
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/?client_id=PSACQnYyNumKgoTvEUp5rB&
https://sandbox.google.com/payments/v4/js/integrator.js
https://insurance.insuretym.com/wp-include/reports/genWeb/bundle.min.js
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/js/bundle.min.js
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/fonts/Roboto-Medium.woff2
https://accounts.google.com/MergeSession
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
https://candies-twentytwo.io/images/favicon/apple-touch-icon-60x60.png
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/manifest.json
https://insurance.insuretym.com/wp-include/reports/genWeb/config.js
https://hangouts.clients6.google.com
https://candies-twentytwo.io/images/favicon/apple-touch-icon-144x144.png
https://accounts.google.com
https://candies-twentytwo.io/images/favicon/apple-touch-icon-180x180.png
https://clients2.google.com/cr/report
http://angularjs.org
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/images/background.svg
https://github.com/angular/material
https://apis.google.com
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/images/favicon/manifest.jsonChIKBw
https://www-googleapis-staging.sandbox.google.com
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
https://clients2.google.com
https://candies-twentytwo.io/images/favicon/apple-touch-icon-76x76.png
http://www.apache.org/licenses/LICENSE-2.0
https://www.google.com/intl/en-US/chrome/blank.html
https://ogs.google.com
https://candies-twentytwo.io/images/favicon/apple-touch-icon-152x152.png
https://insuretym.com/
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/style.css%
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/js/bundle.min.js8
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
https://hangouts.google.com/
https://logo.clearbit.com/office365.com
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/js/config.js
https://candies-twentytwo.io/images/favicon/apple-touch-icon-57x57.png
http://llvm.org/):
https://meetings.clients6.google.com
https://candies-twentytwo.io/images/favicon/apple-touch-icon-120x120.png
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/
https://insurance.insuretym.com/wp-include/reports/genWeb/framework.min.js
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
https://support.google.com/chromecast/answer/2998456
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/images/favicon/manifest.json
https://clients2.googleusercontent.com
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/android-chrome-192x192.png
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/favicon-16x16.png
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
https://clients2.google.com/service/update2/crx

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old.. (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\7090edc0-f3de-41b5-aff6-848ea8b0568c.tmp
ASCII text, with very long lines, with no line terminators
#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old=" (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent StateMP (copy)
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.oldmg (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old/v (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b9e9fb22-4518-4ede-ab0c-d72de20bb3bd.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c9e1512e-965d-45fd-b9cb-5d485f0d8073.tmp
very short file (no magic)
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.olde8 (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e951f4ae-f3b5-4921-a78b-e1fd4811a7ce.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ed8855d7-f5f6-4553-bf02-d844021857b1.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old. (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
#
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\01bdba33-5b7a-4a08-8ff6-d93f05cfa88b.tmp
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\35f571cd-ad0c-4983-9e9b-efcf872f90da.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\6003783f-c771-4357-9d97-ff63cbcf03c5.tmp
SysEx File -
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2a16e56c-c3ea-4b80-bd3d-5d7d7f7bd56d.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2ebca454-bcae-4a7e-9160-77416a6f1ad9.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\45bbc3b1-c8df-46b4-8da4-a8cbc504556c.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\954b3ada-246e-4e8d-91ed-4fbea563c6b0.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old. (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5dc4e4e594caf8e4_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8f75485cfa400fd0_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eaf07a6405f89499_0
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index. (copy)
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old. (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldAA (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old@= (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last SessionXP (copy)
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsn (copy)
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
SQLite 3.x database, last written using SQLite version 3032001
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State>. (copy)
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State} (copy)
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesm (copy)
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3032001
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.t (copy)
HTML document, ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\42dd92ad-78b6-4360-bb35-1ea8c01b7a17.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
#