Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Chrome Cache Entry: 56
|
ASCII text, with very long lines (548)
|
downloaded
|
||
|
Chrome Cache Entry: 57
|
ASCII text, with very long lines (17699)
|
downloaded
|
||
|
Chrome Cache Entry: 58
|
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 59
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 60
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 61
|
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 62
|
ASCII text, with very long lines (1468), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 63
|
ASCII text, with very long lines (56359), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 64
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 65
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 66
|
ASCII text, with very long lines (32077)
|
downloaded
|
||
|
Chrome Cache Entry: 67
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 68
|
ASCII text, with very long lines (1266)
|
downloaded
|
||
|
Chrome Cache Entry: 69
|
PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 70
|
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 71
|
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 72
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 73
|
ASCII text, with very long lines (636)
|
downloaded
|
||
|
Chrome Cache Entry: 74
|
PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 75
|
ASCII text, with very long lines (636)
|
downloaded
|
There are 11 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2256 --field-trial-handle=2228,i,10163994630552975519,8458782952242880411,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://u11274505.ct.sendgrid.net/ls/click?upn=u001.xbKAJPUlNzBpPoo-2BvJOvExH-2BDY0F3cjPbxyIYVrYi891Q3fv1PEoS1zATMtfFNX7fUI6t9jmZ-2FQT-2Bq3BvGTXf2nwkAaZzH38QmRsBxcSP7pgGtwYaNusvuZ8-2B8YBX-2FaPOSNuyI068YUtuIImm-2FG8ZzSSKtaYVdLXXNL8Zexzy9gpXvlLfjPcI9K4GvXWmcKqr-2Futqo0VrMQyRCUTWSY8Ju1JOqAwW3jvQfb-2FGlVN49A-3DA3uJ_83Mm6JGxYeyjWUEVVwNw-2FOQR5KenWSXlrmgVLdCQ0m0nm-2BVkoMuv0AM3K3klFnd-2BVFk-2F6wXDTATFPLhGF6LXpO8flMHbxHnWuVZU4-2B2kcQ7rtXL1s-2FB5dzTWvoVXthEfeS-2FsiBYprBy0Gv3BE1R5WeWR-2BLU7ogV9cUTkRV0fWzI2J2LK-2FnWMPOuiXqkYsOoOxdR-2FSve2X6PYNPBxjRC-2B1A-3D-3D"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://u11274505.ct.sendgrid.net/ls/click?upn=u001.xbKAJPUlNzBpPoo-2BvJOvExH-2BDY0F3cjPbxyIYVrYi891Q3fv1PEoS1zATMtfFNX7fUI6t9jmZ-2FQT-2Bq3BvGTXf2nwkAaZzH38QmRsBxcSP7pgGtwYaNusvuZ8-2B8YBX-2FaPOSNuyI068YUtuIImm-2FG8ZzSSKtaYVdLXXNL8Zexzy9gpXvlLfjPcI9K4GvXWmcKqr-2Futqo0VrMQyRCUTWSY8Ju1JOqAwW3jvQfb-2FGlVN49A-3DA3uJ_83Mm6JGxYeyjWUEVVwNw-2FOQR5KenWSXlrmgVLdCQ0m0nm-2BVkoMuv0AM3K3klFnd-2BVFk-2F6wXDTATFPLhGF6LXpO8flMHbxHnWuVZU4-2B2kcQ7rtXL1s-2FB5dzTWvoVXthEfeS-2FsiBYprBy0Gv3BE1R5WeWR-2BLU7ogV9cUTkRV0fWzI2J2LK-2FnWMPOuiXqkYsOoOxdR-2FSve2X6PYNPBxjRC-2B1A-3D-3D
|
 |
||
|
https://033scsalas.buzz/index.php?csrftoken=MTcxOTk5MDk2MTZjYzg2YjY1MDJiYjVhY2M0NWMwYmFiOGZmMGRmYWU5ZmZkMDA3ZmFiZGE0MGEwNzNmNjRiZDc5Nzk4MzUzZjhhZDBhODg1OA==
|
111.90.140.113
|
|
|
|
https://033scsalas.buzz/?email=dba@chu-brest.fr
|
111.90.140.113
|
|
|
|
https://033scsalas.buzz/?email=
|
unknown
|
|
|
|
https://033scsalas.buzz/l/?email=dba%40chu-brest.fr&sessid=MTcxOTk5MDk2MTZjYzg2YjY1MDJiYjVhY2M0NWMwYmFiOGZmMGRmYWU5ZmZkMDA3ZmFiZGE0MGEwNzNmNjRiZDc5Nzk4MzUzZjhhZDBhODg1OA%3D%3D
|
111.90.140.113
|
|
|
|
https://033scsalas.buzz/l?email=dba%40chu-brest.fr&sessid=MTcxOTk5MDk2MTZjYzg2YjY1MDJiYjVhY2M0NWMwYmFiOGZmMGRmYWU5ZmZkMDA3ZmFiZGE0MGEwNzNmNjRiZDc5Nzk4MzUzZjhhZDBhODg1OA%3D%3D
|
111.90.140.113
|
|
|
|
https://033scsalas.buzz/l/login.php?puid=oyDQ6Dg0oe9zdTFU&origin=1&url=http%3A%2F%2Fchu-brest.fr
|
|
||
|
https://033scsalas.buzz/red.php?tap=1oOBi7dMeB4HsLkm1I5KFnbEckHMYrWHbEFKZSSTJyj0ExuOXtByy8ilTG7CMh5UF9pTplpYSb1KfxCxjU6c6dj6tKwUptK8aBbAtzGSJmFSg8YZlXsoG8zmWNto8wFG
|
|
||
|
https://developers.google.com/recaptcha/docs/faq#localhost_support
|
unknown
|
||
|
https://cdn.jsdelivr.net/jquery.cookie/1.4.1/jquery.cookie.min.js
|
151.101.129.229
|
||
|
https://support.google.com/recaptcha#6262736
|
unknown
|
||
|
https://cloud.google.com/recaptcha-enterprise/billing-information
|
unknown
|
||
|
https://recaptcha.net
|
unknown
|
||
|
https://www.apache.org/licenses/
|
unknown
|
||
|
about:blank
|
|||
|
https://www.google.com/recaptcha/api2/clr?k=6Le0OQUqAAAAAN3d1QaxcB7guTlgrXCB1t6JB6R4
|
142.250.186.164
|
||
|
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/md5.js
|
104.17.25.14
|
||
|
https://support.google.com/recaptcha/?hl=en#6223828
|
unknown
|
||
|
https://cloud.google.com/contact
|
unknown
|
||
|
https://hurenbijintermarishoeksteen.nl/?pid=Email
|
111.90.140.113
|
||
|
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
|
unknown
|
||
|
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt
|
142.250.186.164
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://www.google.com/recaptcha/api.js?render=6Le0OQUqAAAAAN3d1QaxcB7guTlgrXCB1t6JB6R4
|
142.250.184.228
|
||
|
https://www.google.com/js/bg/afyAhS2Qsep4R8kB-t327Ct0yEitujmPfyHorrAGcXw.js
|
142.250.186.164
|
||
|
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
|
unknown
|
||
|
https://code.jquery.com/jquery-1.12.4.min.js
|
151.101.130.137
|
||
|
https://support.google.com/recaptcha/#6175971
|
unknown
|
||
|
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0OQUqAAAAAN3d1QaxcB7guTlgrXCB1t6JB6R4&co=aHR0cHM6Ly8wMzNzY3NhbGFzLmJ1eno6NDQz&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=g0id37o8i6xk
|
|||
|
https://www.google.com/recaptcha/api2/reload?k=6Le0OQUqAAAAAN3d1QaxcB7guTlgrXCB1t6JB6R4
|
142.250.186.164
|
||
|
https://www.gstatic.c..?/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__.
|
unknown
|
||
|
https://logo.clearbit.com/chu-brest.fr
|
13.32.27.44
|
||
|
https://www.google.com/recaptcha/api2/
|
unknown
|
||
|
https://logo.clearbit.com/chu-brest.fr?size=100
|
13.32.27.44
|
||
|
https://support.google.com/recaptcha
|
unknown
|
There are 24 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
033scsalas.buzz
|
111.90.140.113
|
|
|
|
hurenbijintermarishoeksteen.nl
|
111.90.140.113
|
||
|
jsdelivr.map.fastly.net
|
151.101.129.229
|
||
|
d26p066pn2w0s0.cloudfront.net
|
13.32.27.44
|
||
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
|
217.20.57.18
|
||
|
code.jquery.com
|
151.101.130.137
|
||
|
cdnjs.cloudflare.com
|
104.17.25.14
|
||
|
u11274505.ct.sendgrid.net
|
167.89.123.147
|
||
|
www.google.com
|
216.58.212.164
|
||
|
cdn.jsdelivr.net
|
unknown
|
||
|
time.windows.com
|
unknown
|
||
|
confirmed.onelink.me
|
unknown
|
||
|
logo.clearbit.com
|
unknown
|
There are 4 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
111.90.140.113
|
hurenbijintermarishoeksteen.nl
|
Malaysia
|
|
|
|
167.89.123.147
|
u11274505.ct.sendgrid.net
|
United States
|
||
|
216.58.212.164
|
www.google.com
|
United States
|
||
|
13.32.27.44
|
d26p066pn2w0s0.cloudfront.net
|
United States
|
||
|
13.32.27.77
|
unknown
|
United States
|
||
|
151.101.129.229
|
jsdelivr.map.fastly.net
|
United States
|
||
|
192.168.2.7
|
unknown
|
unknown
|
||
|
151.101.130.137
|
code.jquery.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.186.164
|
unknown
|
United States
|
||
|
142.250.186.100
|
unknown
|
United States
|
||
|
142.250.184.228
|
unknown
|
United States
|
||
|
104.17.25.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
142.250.74.196
|
unknown
|
United States
|
There are 4 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://033scsalas.buzz/l/login.php?puid=oyDQ6Dg0oe9zdTFU&origin=1&url=http%3A%2F%2Fchu-brest.fr
|
|
|
|
https://033scsalas.buzz/red.php?tap=1oOBi7dMeB4HsLkm1I5KFnbEckHMYrWHbEFKZSSTJyj0ExuOXtByy8ilTG7CMh5UF9pTplpYSb1KfxCxjU6c6dj6tKwUptK8aBbAtzGSJmFSg8YZlXsoG8zmWNto8wFG
|
||
|
https://033scsalas.buzz/red.php?tap=1oOBi7dMeB4HsLkm1I5KFnbEckHMYrWHbEFKZSSTJyj0ExuOXtByy8ilTG7CMh5UF9pTplpYSb1KfxCxjU6c6dj6tKwUptK8aBbAtzGSJmFSg8YZlXsoG8zmWNto8wFG
|
||
|
about:blank
|
||
|
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0OQUqAAAAAN3d1QaxcB7guTlgrXCB1t6JB6R4&co=aHR0cHM6Ly8wMzNzY3NhbGFzLmJ1eno6NDQz&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=g0id37o8i6xk
|