Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41
|
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 14:13:05 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 14:13:05 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 14:13:05 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 14:13:05 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 14:13:05 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\ExperimentStoreData.json (copy)
|
ASCII text, with very long lines (5740), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\ExperimentStoreData.json.tmp
|
ASCII text, with very long lines (5740), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addonStartup.json.lz4 (copy)
|
Mozilla lz4 compressed data, originally 23432 bytes
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addonStartup.json.lz4.tmp
|
Mozilla lz4 compressed data, originally 23432 bytes
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\prefs-1.js
|
ASCII text, with very long lines (1717), with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\prefs.js (copy)
|
ASCII text, with very long lines (1717), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionCheckpoints.json (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionCheckpoints.json.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\targeting.snapshot.json (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\targeting.snapshot.json.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\Downloads\Rapport notaire.zip (copy)
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\Downloads\Rapport notaire.zip.crdownload (copy)
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\Downloads\abc857c5-f532-43af-95c2-412877b0dd14.tmp
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
Chrome Cache Entry: 289
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 292
|
ASCII text, with very long lines (61817), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 293
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 295
|
Web Open Font Format, TrueType, length 31120, version 1.6554
|
downloaded
|
||
|
Chrome Cache Entry: 296
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 297
|
ASCII text, with very long lines (42170)
|
downloaded
|
||
|
Chrome Cache Entry: 298
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 299
|
Web Open Font Format (Version 2), TrueType, length 27440, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 300
|
ASCII text, with very long lines (4103), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 302
|
Unicode text, UTF-8 text, with very long lines (51384), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 303
|
ASCII text, with very long lines (25927), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 307
|
ASCII text, with very long lines (65448)
|
dropped
|
||
|
Chrome Cache Entry: 309
|
ASCII text, with very long lines (50817), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 314
|
ASCII text, with very long lines (9935), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 315
|
ASCII text, with very long lines (20232)
|
dropped
|
||
|
Chrome Cache Entry: 317
|
Web Open Font Format (Version 2), TrueType, length 35884, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 318
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 323
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 324
|
ASCII text, with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 325
|
HTML document, ASCII text, with very long lines (589)
|
downloaded
|
||
|
Chrome Cache Entry: 327
|
ASCII text, with very long lines (3673)
|
dropped
|
||
|
Chrome Cache Entry: 328
|
ASCII text, with very long lines (9022), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 329
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 330
|
SVG Scalable Vector Graphics image
|
downloaded
|
There are 35 hidden files, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://wetransfer.com/downloads/3483eba9491531b4a13707c3998f130020241025134818/296c73c5e51889d3d64ebe318afe30e020241025134818/2dd380?t_exp=1730123298&t_lsid=1daecd17-3fd5-4a7c-8f4c-088440cc6eb1&t_network=email&t_rid=YXV0aDB8NjcxN2MxNGI4MTBjNTBiYWNmM2Q4NjQy&t_s=download_link&t_ts=1729864098
|
|||
|
http://detectportal.firefox.com/canonical.html
|
34.107.221.82
|
||
|
http://detectportal.firefox.com/success.txt?ipv4
|
34.107.221.82
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
jsdelivr.map.fastly.net
|
151.101.65.229
|
||
|
sp-20200324121949090600000008-54648268.eu-west-1.elb.amazonaws.com
|
52.18.119.21
|
||
|
us-west1.prod.sumo.prod.webservices.mozgcp.net
|
34.149.128.2
|
||
|
ipv4only.arpa
|
192.0.0.171
|
||
|
cm.g.doubleclick.net
|
172.217.18.98
|
||
|
prod.ads.prod.webservices.mozgcp.net
|
34.117.188.166
|
||
|
www.google.com
|
142.250.184.196
|
||
|
boostrapincore.web.app
|
199.36.158.100
|
||
|
wetransfer.fides-cdn.ethyca.com
|
18.245.86.74
|
||
|
normandy-cdn.services.mozilla.com
|
35.201.103.21
|
||
|
bsp-proxy.wetransfer.net
|
54.72.144.2
|
||
|
match.adsrvr.org
|
3.33.220.150
|
||
|
star-mini.c10r.facebook.com
|
157.240.253.35
|
||
|
prod.balrog.prod.cloudops.mozgcp.net
|
35.244.181.201
|
||
|
cfecgc-orange.org
|
51.91.62.54
|
||
|
dna8twue3dlxq.cloudfront.net
|
13.32.121.50
|
||
|
dyna.wikimedia.org
|
185.15.59.224
|
||
|
d1ykf07e75w7ss.cloudfront.net
|
108.138.6.136
|
||
|
download.wetransfer.com
|
18.245.60.113
|
||
|
analytics-v2.wetransfer.com
|
13.32.27.128
|
||
|
prod.pinterest.global.map.fastly.net
|
151.101.64.84
|
||
|
youtube-ui.l.google.com
|
172.217.16.142
|
||
|
di.rlcdn.com
|
35.244.174.68
|
||
|
googleads.g.doubleclick.net
|
216.58.212.162
|
||
|
reddit.map.fastly.net
|
151.101.65.140
|
||
|
dualstack.pinterest.map.fastly.net
|
151.101.0.84
|
||
|
ekstrom.wetransfer.net
|
34.249.221.218
|
||
|
wetransfer.com
|
143.204.98.71
|
||
|
experiments.wetransfer.com
|
13.33.187.114
|
||
|
tagging.wetransfer.com
|
18.245.46.94
|
||
|
nolan.wetransfer.net
|
108.138.26.38
|
||
|
example.org
|
93.184.215.14
|
||
|
prod.detectportal.prod.cloudops.mozgcp.net
|
34.107.221.82
|
||
|
services.addons.mozilla.org
|
151.101.193.91
|
||
|
dg2iu7dxxehbo.cloudfront.net
|
18.172.103.101
|
||
|
contile.services.mozilla.com
|
34.117.188.166
|
||
|
prod.content-signature-chains.prod.webservices.mozgcp.net
|
34.160.144.191
|
||
|
insight.adsrvr.org
|
35.71.131.137
|
||
|
scontent.xx.fbcdn.net
|
157.240.0.6
|
||
|
push.services.mozilla.com
|
34.107.243.93
|
||
|
ara.paa-reporting-advertising.amazon
|
18.245.46.47
|
||
|
prod.classify-client.prod.webservices.mozgcp.net
|
35.190.72.216
|
||
|
twitter.com
|
104.244.42.193
|
||
|
s.amazon-adsystem.com
|
98.82.156.207
|
||
|
e-prod-alb-s105-us-east-1-01.adzerk.net
|
3.229.24.36
|
||
|
api.pico.bendingspoonsapps.com
|
34.102.204.67
|
||
|
prod.remote-settings.prod.webservices.mozgcp.net
|
34.149.100.209
|
||
|
ax-0001.ax-msedge.net
|
150.171.27.10
|
||
|
cdn.wetransfer.com
|
143.204.98.51
|
||
|
auth-session-caching.wetransfer.net
|
52.16.114.39
|
||
|
ib.anycast.adnxs.com
|
37.252.171.21
|
||
|
atmrouhjd.web.app
|
199.36.158.100
|
||
|
telemetry-incoming.r53-2.services.mozilla.com
|
34.120.208.123
|
||
|
www.cfecgc-orange.org
|
unknown
|
||
|
spocs.getpocket.com
|
unknown
|
||
|
snowplow.wetransfer.com
|
unknown
|
||
|
firefox.settings.services.mozilla.com
|
unknown
|
||
|
www.youtube.com
|
unknown
|
||
|
js.adsrvr.org
|
unknown
|
||
|
privacy.wetransfer.com
|
unknown
|
||
|
pixel.rubiconproject.com
|
unknown
|
||
|
detectportal.firefox.com
|
unknown
|
||
|
connect.facebook.net
|
unknown
|
||
|
normandy.cdn.mozilla.net
|
unknown
|
||
|
shavar.services.mozilla.com
|
unknown
|
||
|
www.ouestfrance-immo.com
|
unknown
|
||
|
www.reddit.com
|
unknown
|
||
|
cdn.jsdelivr.net
|
unknown
|
||
|
ct.pinterest.com
|
unknown
|
||
|
content-signature-2.cdn.mozilla.net
|
unknown
|
||
|
support.mozilla.org
|
unknown
|
||
|
www.facebook.com
|
unknown
|
||
|
c.amazon-adsystem.com
|
unknown
|
||
|
public.profitwell.com
|
unknown
|
||
|
s.pinimg.com
|
unknown
|
||
|
ib.adnxs.com
|
unknown
|
||
|
e-10220.adzerk.net
|
unknown
|
||
|
www.wikipedia.org
|
unknown
|
There are 68 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.185.228
|
unknown
|
United States
|
||
|
151.101.0.84
|
dualstack.pinterest.map.fastly.net
|
United States
|
||
|
52.18.119.21
|
sp-20200324121949090600000008-54648268.eu-west-1.elb.amazonaws.com
|
United States
|
||
|
18.245.60.113
|
download.wetransfer.com
|
United States
|
||
|
52.31.129.65
|
unknown
|
United States
|
||
|
104.18.187.31
|
unknown
|
United States
|
||
|
18.245.86.118
|
unknown
|
United States
|
||
|
34.249.221.218
|
ekstrom.wetransfer.net
|
United States
|
||
|
142.250.185.227
|
unknown
|
United States
|
||
|
98.82.156.207
|
s.amazon-adsystem.com
|
United States
|
||
|
13.32.121.50
|
dna8twue3dlxq.cloudfront.net
|
United States
|
||
|
2.18.64.22
|
unknown
|
European Union
|
||
|
151.101.128.84
|
unknown
|
United States
|
||
|
34.102.204.67
|
api.pico.bendingspoonsapps.com
|
United States
|
||
|
142.250.185.142
|
unknown
|
United States
|
||
|
143.204.98.51
|
cdn.wetransfer.com
|
United States
|
||
|
18.245.46.47
|
ara.paa-reporting-advertising.amazon
|
United States
|
||
|
142.250.184.226
|
unknown
|
United States
|
||
|
13.32.27.128
|
analytics-v2.wetransfer.com
|
United States
|
||
|
35.71.131.137
|
insight.adsrvr.org
|
United States
|
||
|
34.120.208.123
|
telemetry-incoming.r53-2.services.mozilla.com
|
United States
|
||
|
54.72.144.2
|
bsp-proxy.wetransfer.net
|
United States
|
||
|
13.32.27.113
|
unknown
|
United States
|
||
|
142.250.184.196
|
www.google.com
|
United States
|
||
|
142.250.185.67
|
unknown
|
United States
|
||
|
3.33.220.150
|
match.adsrvr.org
|
United States
|
||
|
34.104.35.123
|
unknown
|
United States
|
||
|
52.210.213.171
|
unknown
|
United States
|
||
|
157.240.0.35
|
unknown
|
United States
|
||
|
108.138.6.136
|
d1ykf07e75w7ss.cloudfront.net
|
United States
|
||
|
52.13.186.250
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.185.195
|
unknown
|
United States
|
||
|
35.244.174.68
|
di.rlcdn.com
|
United States
|
||
|
216.58.212.162
|
googleads.g.doubleclick.net
|
United States
|
||
|
157.240.253.35
|
star-mini.c10r.facebook.com
|
United States
|
||
|
51.91.62.54
|
cfecgc-orange.org
|
France
|
||
|
34.160.144.191
|
prod.content-signature-chains.prod.webservices.mozgcp.net
|
United States
|
||
|
18.245.46.38
|
unknown
|
United States
|
||
|
151.101.192.84
|
unknown
|
United States
|
||
|
142.250.185.74
|
unknown
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
13.32.121.100
|
unknown
|
United States
|
||
|
108.138.26.38
|
nolan.wetransfer.net
|
United States
|
||
|
18.172.103.101
|
dg2iu7dxxehbo.cloudfront.net
|
United States
|
||
|
151.101.64.84
|
prod.pinterest.global.map.fastly.net
|
United States
|
||
|
69.173.144.139
|
unknown
|
United States
|
||
|
192.168.2.17
|
unknown
|
unknown
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
157.240.0.6
|
scontent.xx.fbcdn.net
|
United States
|
||
|
143.204.98.71
|
wetransfer.com
|
United States
|
||
|
34.117.188.166
|
prod.ads.prod.webservices.mozgcp.net
|
United States
|
||
|
13.33.187.114
|
experiments.wetransfer.com
|
United States
|
||
|
98.82.157.231
|
unknown
|
United States
|
||
|
150.171.28.10
|
unknown
|
United States
|
||
|
172.217.18.98
|
cm.g.doubleclick.net
|
United States
|
||
|
52.16.114.39
|
auth-session-caching.wetransfer.net
|
United States
|
||
|
142.250.186.138
|
unknown
|
United States
|
||
|
142.250.110.84
|
unknown
|
United States
|
||
|
18.245.86.74
|
wetransfer.fides-cdn.ethyca.com
|
United States
|
||
|
151.101.65.229
|
jsdelivr.map.fastly.net
|
United States
|
||
|
34.149.100.209
|
prod.remote-settings.prod.webservices.mozgcp.net
|
United States
|
||
|
3.229.24.36
|
e-prod-alb-s105-us-east-1-01.adzerk.net
|
United States
|
||
|
34.107.243.93
|
push.services.mozilla.com
|
United States
|
||
|
34.107.221.82
|
prod.detectportal.prod.cloudops.mozgcp.net
|
United States
|
||
|
150.171.27.10
|
ax-0001.ax-msedge.net
|
United States
|
||
|
157.240.251.9
|
unknown
|
United States
|
||
|
199.36.158.100
|
boostrapincore.web.app
|
United States
|
||
|
18.245.46.94
|
tagging.wetransfer.com
|
United States
|
||
|
35.244.181.201
|
prod.balrog.prod.cloudops.mozgcp.net
|
United States
|
||
|
18.245.46.51
|
unknown
|
United States
|
||
|
143.204.98.85
|
unknown
|
United States
|
||
|
35.190.72.216
|
prod.classify-client.prod.webservices.mozgcp.net
|
United States
|
||
|
108.138.26.10
|
unknown
|
United States
|
||
|
142.250.186.66
|
unknown
|
United States
|
||
|
37.252.171.21
|
ib.anycast.adnxs.com
|
European Union
|
There are 66 hidden IPs, click here to show them.