Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://doc.clickup.com/d/h/dgfma-27/710cedf22e388d1

Status: finished
Submission Time: 2021-11-02 16:36:42 +01:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    513883
  • API (Web) ID:
    881453
  • Analysis Started:
    2021-11-02 16:40:13 +01:00
  • Analysis Finished:
    2021-11-02 16:47:52 +01:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 64
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Full Report Management Report IOC Report
clean
0/100

IPs

IP Country Detection
18.194.89.172
 United States
216.239.36.54
 United States
52.222.236.50
 United States
Click to see the 77 hidden entries
18.66.112.90
 United States
18.204.101.20
 United States
13.32.99.34
 United States
104.244.42.131
 United States
104.19.154.83
 United States
18.169.251.168
 United States
157.240.27.35
 United States
52.223.40.198
 United States
54.69.84.146
 United States
104.17.128.171
 United States
104.16.101.12
 United States
108.174.11.85
 United States
142.250.203.97
 United States
172.217.168.45
 United States
34.234.150.139
 United States
13.32.99.26
 United States
54.147.21.139
 United States
172.217.168.8
 United States
104.18.27.190
 United States
50.87.150.0
 United States
138.197.155.84
 United States
35.244.142.80
 United States
18.193.151.4
 United States
142.250.145.154
 United States
34.193.113.164
 United States
151.101.1.108
 United States
172.217.168.3
 United States
172.66.41.40
 United States
18.66.97.110
 United States
13.32.121.73
 United States
18.66.112.76
 United States
142.250.203.110
 United States
18.66.112.118
 United States
18.66.97.12
 United States
18.66.97.111
 United States
151.101.12.157
 United States
18.66.112.122
 United States
54.76.144.107
 United States
104.18.10.207
 United States
52.28.94.139
 United States
192.229.221.185
 United States
239.255.255.250
 Reserved
52.222.236.11
 United States
18.66.139.27
 United States
52.222.214.92
 United States
216.58.215.227
 United States
54.245.46.233
 United States
108.161.189.78
 United States
3.225.133.12
 United States
185.33.220.243
 Netherlands
44.238.216.23
 United States
3.234.77.173
 United States
104.16.18.94
 United States
104.18.21.191
 United States
151.101.1.2
 United States
35.174.127.31
 United States
216.58.215.238
 United States
54.85.240.191
 United States
18.66.112.18
 United States
104.17.68.176
 United States
52.58.90.176
 United States
52.222.236.39
 United States
18.168.94.208
 United States
151.101.1.140
 United States
99.83.219.81
 United States
104.244.42.197
 United States
18.66.112.24
 United States
104.19.155.83
 United States
13.32.99.55
 United States
34.199.234.25
 United States
172.217.168.66
 United States
18.66.139.40
 United States
18.66.139.43
 United States
44.237.209.143
 United States
157.240.17.15
 United States
104.17.210.204
 United States
172.217.168.68
 United States

Domains

Name IP Detection
cdn.pdst.fm
 35.244.142.80
embeds.driftcdn.com
 13.32.99.26
doc-cdn.clickup.com
 18.66.112.24
Click to see the 97 hidden entries
d279x8308vq8mj.cloudfront.net
 18.66.112.76
api.clickup.com
 18.194.89.172
widget.intercom.io
 13.32.99.55
www-googletagmanager.l.google.com
 172.217.168.8
pop-esv5.mix.linkedin.com
 108.174.11.37
ws.zoominfo.com
 104.16.101.12
www-google-analytics.l.google.com
 216.58.215.238
accounts.google.com
 172.217.168.45
stackpath.bootstrapcdn.com
 104.18.10.207
nexus-websocket-a.intercom.io
 35.174.127.31
vars.hotjar.com
 18.66.139.40
script.hotjar.com
 18.66.112.122
a2f905133e04e4d35ade9cd4751dd35b-4fd69d4b6621dbbd.elb.us-east-1.amazonaws.com
 54.85.240.191
scontent.xx.fbcdn.net
 157.240.17.15
insight.adsrvr.org
 52.223.40.198
us-central1-adaptive-growth.cloudfunctions.net
 216.239.36.54
pop-edc2.mix.linkedin.com
 108.174.11.85
dl7g9llrghqi1.cloudfront.net
 18.66.112.118
x.clearbit.com
 18.169.251.168
js.hs-analytics.net
 104.17.68.176
d3uwzcb5nysxzm.cloudfront.net
 52.222.214.92
hat.thepointyspritesclub.com
 18.66.139.27
app-cdn.clickup.com
 0.0.0.0
doc.clickup.com
 0.0.0.0
aadcdn.msauth.net
 0.0.0.0
acdn.adnxs.com
 0.0.0.0
www.redditstatic.com
 0.0.0.0
conversation.api.drift.com
 0.0.0.0
static.hotjar.com
 0.0.0.0
clients2.google.com
 0.0.0.0
js.driftt.com
 0.0.0.0
clients2.googleusercontent.com
 0.0.0.0
use.fontawesome.com
 0.0.0.0
sdk-services.minervaknows.com
 0.0.0.0
stats.g.doubleclick.net
 0.0.0.0
global-v2.clearbit.com
 18.168.94.208
5001341-41.chat.api.drift.com
 0.0.0.0
metrics.api.drift.com
 0.0.0.0
presence.api.drift.com
 0.0.0.0
static.ads-twitter.com
 0.0.0.0
alb.reddit.com
 0.0.0.0
js.hscollectedforms.net
 104.17.128.171
ib.anycast.adnxs.com
 185.33.220.243
app.clickup.com
 18.193.151.4
api.getdrip.com
 52.222.236.11
t14171786.p.clickup-attachments.com
 18.66.112.18
gentle-meadow-3800.shrouded-lake-4691.herokuspace.com
 44.237.209.143
js.hs-scripts.com
 104.17.210.204
match.adsrvr.org
 52.223.40.198
px.steelhousemedia.com
 54.245.46.233
d2ycxbs0cq3yaz.cloudfront.net
 13.32.121.73
quora.map.fastly.net
 151.101.1.2
static-cdn.hotjar.com
 52.222.236.39
usage.trackjs.com
 138.197.155.84
q.quora.com
 3.225.133.12
tracking.g2crowd.com
 104.18.27.190
cs1227.wpc.alphacdn.net
 192.229.221.185
www.google.com
 172.217.168.68
d3dib22dsdvm11.cloudfront.net
 18.66.97.111
dx.steelhousemedia.com
 54.69.84.146
js.intercomcdn.com
 18.66.139.43
cdnjs.cloudflare.com
 104.16.18.94
track.hubspot.com
 104.19.155.83
t.co
 104.244.42.197
client.mutinycdn.com
 13.32.99.34
core.thepointyspritesclub.com
 34.199.234.25
platform.twitter.map.fastly.net
 151.101.12.157
d10w4ikcrdu13z.cloudfront.net
 18.66.97.12
ee15ba61-wschat-wschatalb-6fcf-2062696737.us-east-1.elb.amazonaws.com
 18.204.101.20
cu-prod-de-ws.eu-central-1.elasticbeanstalk.com
 52.58.90.176
clickup.com
 18.66.112.90
forms.hubspot.com
 104.19.154.83
dualstack.reddit.map.fastly.net
 151.101.1.140
afe79c04fd8464db69f453355c110684-6aa967fe209738b1.elb.us-east-1.amazonaws.com
 54.147.21.139
dancevida.com
 50.87.150.0
alb-event-1454785217.us-east-1.elb.amazonaws.com
 34.234.150.139
d5txjkmyderx.cloudfront.net
 18.66.97.12
googlehosted.l.googleusercontent.com
 142.250.203.97
calendly.com
 172.66.41.40
clients.l.google.com
 142.250.203.110
prod.appnexus.map.fastly.net
 151.101.1.108
www.google.co.uk
 216.58.215.227
reddit.map.fastly.net
 151.101.1.140
googleads.g.doubleclick.net
 172.217.168.66
in-live.live.eks.hotjar.com
 54.76.144.107
gstaticadssl.l.google.com
 172.217.168.3
www.googleoptimize.com
 142.250.203.110
api-iam.intercom.io
 99.83.219.81
maxcdn.bootstrapcdn.com
 104.18.10.207
monetization-framework.bsa.netdna-cdn.com
 108.161.189.78
ww.steelhousemedia.com
 44.238.216.23
dysvscllmejh2.cloudfront.net
 52.222.236.50
s.twitter.com
 104.244.42.131
stats.l.doubleclick.net
 142.250.145.154
fluffy-alpaca-j1w7zdv61tmqz86b33z4c6tl.herokudns.com
 3.234.77.173
js.hs-banner.com
 104.18.21.191
star-mini.c10r.facebook.com
 157.240.27.35

URLs

Name Detection
https://sdk-services.minervaknows.com/tunnel/index.html?xdm_e=https%3A%2F%2Fclickup.com&xdm_c=default5389&xdm_p=1
https://www.google.com/images/dot2.gif
https://www.google.com/tools/feedback
Click to see the 54 hidden entries
http://www.apache.org/licenses/LICENSE-2.0
https://dns.google
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
https://www.google.com/intl/en-US/chrome/blank.html
https://ogs.google.com
https://support.google.com/chromecast/troubleshooter/2995236
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
https://payments.google.com/payments/v4/js/integrator.js
https://www.google.com;
https://googleads.g.doubleclick.net
https://hangouts.google.com/
https://www.google.com/images/x2.gif
https://clients2.google.com
https://meetings.clients6.google.com
https://play.google.com/log?format=json&hasfast=true
https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
http://tools.ietf.org/html/rfc1950
https://support.google.com/chromecast/answer/2998456
https://clients2.googleusercontent.com
https://doc.clickup.com/d/h/dgfma-27/710cedf22e388d1
https://docs.google.com
https://www.google.com/
https://feedback.googleusercontent.com
https://www.google.co.uk
https://clients2.google.com/service/update2/crx
https://clients6.google.com
https://meet.google.com
https://apis.google.com/js/client.js
https://www.google.com/images/cleardot.gif
https://js.driftt.com/core?embedId=dxfgnwx9niuc&region=US&forceShow=false&skipCampaigns=false&sessionId=51f50fdc-cab6-4534-a616-c5d9535e693b&sessionStarted=1635896519.113&campaignRefreshToken=97217105-29d7-45cc-aa23-fa5f6ec739c4&hideController=false&pageLoadStartTime=1635896502841&mode=CHAT&driftEnableLog=false
https://crash.corp.google.com/samples?reportid=&q=
https://www.google.com/log?format=json&hasfast=true
https://sandbox.google.com/payments/v4/js/integrator.js
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
https://accounts.google.com/MergeSession
https://preprod-hangouts-googleapis.sandbox.google.com
https://www.google.com
https://www.googleoptimize.com
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1635896502841
https://hangouts.clients6.google.com
https://clickup.com/?utm_source=clickup&utm_medium=doc&utm_campaign=14171786
https://doc.clickup.com/d/h/dgfma-27/710cedf22e388d12
https://hangouts.google.com/hangouts/_/logpref
https://accounts.google.com
https://clients2.google.com/cr/report
http://angularjs.org
https://creativecommons.org/publicdomain/zero/1.0/.
https://github.com/angular/material
https://apis.google.com
https://us-central1-adaptive-growth.cloudfunctions.net
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
https://github.com/madler/zlib/blob/master/zlib.h
https://www-googleapis-staging.sandbox.google.com
https://stats.g.doubleclick.net

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\cs\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\hi\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\fr\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\fil\messages.json
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\fi\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\et\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\es_419\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\es\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\en_GB\messages.json
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\en\messages.json
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\el\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\de\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\da\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\hr\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\ca\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\bg\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\bb5c1034-db5b-44fd-9dde-3d4a27929949.tmp
 Google Chrome extension, version 3
 #
C:\Users\user\AppData\Local\Temp\b71ac7ab-7b08-4c52-b455-202b7471d2b7.tmp
 very short file (no magic)
 #
C:\Users\user\AppData\Local\Temp\920805d9-f1e3-4f74-a020-618d5b3595eb.tmp
 Google Chrome extension, version 3
 #
C:\Users\user\AppData\Local\Temp\42a5e963-1e63-42d4-a5be-5152e63bf5f4.tmp
 very short file (no magic)
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\d633b3ed-eae4-4586-9c92-2030e25bb835.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\c9883b85-0a05-4a3d-9eeb-32d7df1b873a.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\a31a9a66-ea59-45c9-a7e4-8b752862b527.tmp
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateiC (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State. (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\pt_PT\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\zh_TW\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\zh_CN\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\vi\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\uk\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\tr\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\th\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\sv\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\sr\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\sl\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\sk\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\ru\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\ro\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\pt_BR\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\pl\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\nl\messages.json
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\nb\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\lv\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\lt\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\ko\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\ja\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\it\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\id\messages.json
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Temp\scoped_dir6600_443859871\CRX_INSTALL\_locales\hu\messages.json
 UTF-8 Unicode text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5cab01e5-00a0-4267-9f2f-25048009478e.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\ (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9a06a518-2a00-4dc8-a9df-b8eefa68fa7e.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\85b1897b-40dd-4a36-88c9-a43ca7ae2e23.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\85854394-f043-4d22-a26c-9e6b64c96a87.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesrO (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\569baa0d-a828-4763-9a02-8bb6e60b6685.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\534f35dd-e55a-4395-b594-37d864d190d7.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\24afbe05-2cc6-4a3d-b74b-e8bc731f8626.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\17641d58-96f6-461d-a767-9da121ba3f84.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\8cfc8cec-ad05-4085-bf48-f704c60445c8.tmp
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\4957f72f-c20e-4139-abe5-be3aa277a0bb.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\20e2d359-defc-45ae-b19b-ff08f5cacaaa.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\1e36a580-b618-4913-8590-efbf8ad35c5f.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\196cb929-19ca-416d-9aea-672f5031c0c6.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\08b3984d-2389-4f9a-bd23-e9b132d48017.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fcafcbf8-344b-448a-ba7b-b4deb242271e.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENTMP (copy)
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c93ab753-fb64-44cf-b0d9-d3a1c87f616b.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c7b49cf5-8eef-443e-93bf-6ff2ad0d6605.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c65b2555-4813-406f-919a-c255279dc9a9.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c50ea795-e894-4750-9cde-20a142015f97.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\aec44e02-d87c-43b1-b127-f08ba9140069.tmp
 very short file (no magic)
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a1ab4027-fee8-4615-a381-623252bb0600.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\f0e63c3a-5353-4d2b-a6f4-e22457659e11.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\44a78d28-a3fb-4026-812d-04b4d1f5cc10.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesr@ (copy)
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
 UTF-8 Unicode text, with very long lines, with no line terminators
 #