Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
88a4dd8-Contract Agreement-Final378208743.pdf
|
PDF document, version 1.4, 1 pages
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\705fc684-7b4c-4ad7-84a3-037d0478636c.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\8d4a1802-9405-4ac3-bf65-033a204a2d9d.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF442fbf.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-241122004425Z-158.bmp
|
PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 15, database pages 21, cookie 0x5, schema 4,
UTF-8, version-valid-for 15
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
|
Certificate, Version=3
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheAcro65536.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 25, database pages 3, cookie 0x2, schema 4, UTF-8,
version-valid-for 25
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache64.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI3f48b.LOG
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\A9uy6jxj_7ps3ho_5ss.tmp
|
PDF document, version 1.6, 0 pages
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-11-21 19-44-23-224.log
|
ASCII text, with very long lines (393)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
|
ASCII text, with very long lines (393), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\0e7fe321-4795-48fd-937d-24a92c907c06.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\5796cdd4-205c-46d1-8fc6-4c0be70dd45f.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\ad316f5c-ded9-4644-81f1-69ab8080ec6c.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\feebd3f5-d7aa-45f5-8435-96c176760a9a.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
|
dropped
|
||
|
Chrome Cache Entry: 224
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 225
|
ASCII text, with very long lines (24745), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 226
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 227
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 228
|
ASCII text, with very long lines (65448)
|
downloaded
|
||
|
Chrome Cache Entry: 229
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 230
|
ASCII text, with very long lines (19948), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 231
|
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 232
|
ASCII text, with very long lines (1297), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 233
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 234
|
ASCII text, with very long lines (47694)
|
downloaded
|
||
|
Chrome Cache Entry: 235
|
ASCII text, with very long lines (12331)
|
dropped
|
||
|
Chrome Cache Entry: 236
|
ASCII text, with very long lines (21229)
|
downloaded
|
||
|
Chrome Cache Entry: 237
|
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 238
|
ASCII text, with very long lines (1297), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 239
|
ASCII text, with very long lines (19948), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 240
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 241
|
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 242
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 243
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 244
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 245
|
PNG image data, 93 x 32, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 246
|
ASCII text, with very long lines (44405)
|
downloaded
|
||
|
Chrome Cache Entry: 247
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 248
|
Unicode text, UTF-8 text, with very long lines (59934)
|
downloaded
|
||
|
Chrome Cache Entry: 249
|
Unicode text, UTF-8 text, with very long lines (12183), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 250
|
ASCII text, with very long lines (19759), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 251
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 252
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 253
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 254
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 255
|
ASCII text, with very long lines (65448)
|
dropped
|
||
|
Chrome Cache Entry: 256
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 257
|
Unicode text, UTF-8 text, with very long lines (59934)
|
dropped
|
||
|
Chrome Cache Entry: 258
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 259
|
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 260
|
ASCII text, with very long lines (1993), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 261
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 262
|
ASCII text, with very long lines (65451)
|
dropped
|
||
|
Chrome Cache Entry: 263
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 264
|
ASCII text, with very long lines (65451)
|
downloaded
|
||
|
Chrome Cache Entry: 265
|
Unicode text, UTF-8 text, with very long lines (7287)
|
downloaded
|
||
|
Chrome Cache Entry: 266
|
ASCII text, with very long lines (6371), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 267
|
Unicode text, UTF-8 text, with very long lines (12183), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 268
|
PNG image data, 74 x 17, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 269
|
ASCII text, with very long lines (47694)
|
dropped
|
||
|
Chrome Cache Entry: 270
|
HTML document, Unicode text, UTF-8 text, with very long lines (49962)
|
downloaded
|
||
|
Chrome Cache Entry: 271
|
ASCII text, with very long lines (24745), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 272
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 273
|
ASCII text, with very long lines (47694)
|
downloaded
|
||
|
Chrome Cache Entry: 274
|
ASCII text, with very long lines (6371), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 275
|
ASCII text, with very long lines (1888), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 276
|
ASCII text, with very long lines (32743)
|
downloaded
|
||
|
Chrome Cache Entry: 277
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 278
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 279
|
PNG image data, 93 x 32, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 280
|
ASCII text, with very long lines (21229)
|
dropped
|
||
|
Chrome Cache Entry: 281
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 282
|
PNG image data, 74 x 17, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 283
|
ASCII text, with very long lines (19759), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 284
|
ASCII text, with very long lines (12331)
|
downloaded
|
||
|
Chrome Cache Entry: 285
|
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 286
|
HTML document, ASCII text, with CRLF line terminators
|
downloaded
|
There are 102 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\88a4dd8-Contract Agreement-Final378208743.pdf"
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0"
--lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log"
--mojo-platform-channel-handle=2104 --field-trial-handle=1576,i,7778364788539376484,13892049268547561153,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "http://cofnbpbnp.edwardrochford.com/"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=2004,i,4934935075161904789,1666638043353878344,262144
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://optout.networkadvertising.org/?c=1
|
unknown
|
||
|
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
|
104.16.80.73
|
||
|
https://www.cloudflare.com/domain-registration-agreement/
|
unknown
|
||
|
https://www.cloudflare.com/privacypolicy/
|
|||
|
https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1732236456796&uuid=758bcdce-8488-42a1-ab4a-bc4a1463a288&integration=reddit&opt_out=0&v=rdt_65e23bc4&sh=1024&sw=1280
|
151.101.193.140
|
||
|
https://www.cloudflare.com/cdn-cgi/rum?
|
104.16.123.96
|
||
|
https://www.cloudflare.com/component---src-components-page-page-template-tsx-c7ec2b92ba43b220ad2d.js
|
104.16.123.96
|
||
|
https://px.ads.linkedin.com/collect/?pid=28851&fmt=gif
|
unknown
|
||
|
https://www.cloudflare.com/page-data/sq/d/3199558980.json
|
104.16.123.96
|
||
|
https://feedback-form.truste.com/watchdog/request
|
unknown
|
||
|
https://www.cloudflare.com/application/privacypolicy/
|
unknown
|
||
|
https://www.youronlinechoices.eu/
|
unknown
|
||
|
https://performance.radar.cloudflare.com/beacon.js
|
104.18.30.78
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8e64e8030b0f41a1/1732236431248/Mua-stk82s8Uh5l
|
104.18.94.41
|
||
|
https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Fprivacypolicy
|
unknown
|
||
|
https://www.icann.org/
|
unknown
|
||
|
https://challenges.cloudflare.com/turnstile/v0/g/e4025c85ea63/api.js
|
104.18.95.41
|
||
|
https://ot.www.cloudflare.com/public/vendor/onetrust/scripttemplates/202407.2.0/otBannerSdk.js
|
104.16.123.96
|
||
|
https://cf-assets.www.cloudflare.com/slt3lc6tev37/6i8d186tH2iueYvgwVRaJf/ab27fd31033bdd31aea69065480
|
unknown
|
||
|
https://www.cloudflare.com/static/z/i.js
|
104.16.123.96
|
||
|
https://assets.adobedtm.com/f597f8065f97/065ba81630d7/launch-efab6d095ce0.js
|
unknown
|
||
|
https://ot.www.cloudflare.com/public/vendor/onetrust/consent/b1e05d49-f072-4bae-9116-bdb78af15448/b1e05d49-f072-4bae-9116-bdb78af15448.json
|
104.16.123.96
|
||
|
http://www.cloudflare.com/
|
unknown
|
||
|
https://bhm.nkctjwys.ru/09o/
|
unknown
|
||
|
https://cf-assets.www.cloudflare.com/slt3lc6tev37/4sfL2iS6H10uq2waT6ehym/ad18b77fa469ce07f23d22e19ab
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/
|
unknown
|
||
|
https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2
|
unknown
|
||
|
https://ot.www.cloudflare.com/public/vendor/onetrust/scripttemplates/otSDKStub.js
|
104.16.123.96
|
||
|
https://www.cloudflare.com/page-data/sq/d/3934964512.json
|
104.16.123.96
|
||
|
https://www.cloudflare.com/cookie-policy/
|
unknown
|
||
|
https://cdn.logr-ingest.com/logger-1.min.js
|
172.67.209.99
|
||
|
https://ot.www.cloudflare.com/public/vendor/onetrust/scripttemplates/202407.2.0/assets/otCommonStyles.css
|
104.16.123.96
|
||
|
https://cf-assets.www.cloudflare.com/slt3lc6tev37/42XkFj9Uywkm8Jahf62RtP/0563d91cc1fa54da2bf2c50bad8
|
unknown
|
||
|
https://tag.demandbase.com/1be41a80498a5b73.min.js
|
unknown
|
||
|
https://www.cloudflare.com/page-data/privacypolicy/page-data.json
|
104.16.123.96
|
||
|
https://www.cloudflare.com/page-data/sq/d/1048862057.json
|
104.16.123.96
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/680930461:1732235203:jrED_oGo2JF8bJiwpRvO_8sOUWg0QFQb8ehhvplZwmY/8e64e8030b0f41a1/DYO3QnCNLArvSzw2uX3rINUk.z6NhJnn9i1zNP.sZAY-1732236426-1.1.1.1-B8KUhpsjPa90mGpUNFeUFCp2eal6zVFyr.lIZ3_vEVJMfp1HfM8G3mV0Gx1AKIHL
|
104.18.94.41
|
||
|
https://www.cloudflare.com/static/z/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQ2xvdWRmbGFyZSdzJTIwUHJpdmFjeSUyMFBvbGljeSUyMCU3QyUyMENsb3VkZmxhcmUlMjIlMkMlMjJ4JTIyJTNBMC40NDY3MDcwMTAyODgwMTc5NiUyQyUyMnclMjIlM0ExMjgwJTJDJTIyaCUyMiUzQTEwMjQlMkMlMjJqJTIyJTNBODcwJTJDJTIyZSUyMiUzQTEwMzQlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuY2xvdWRmbGFyZS5jb20lMkZwcml2YWN5cG9saWN5JTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EzMDAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
|
104.16.123.96
|
||
|
https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1732236456796&uuid=758bcdce-8488-42a
|
unknown
|
||
|
http://x1.i.lencr.org/
|
unknown
|
||
|
https://github.com/jonsuh/hamburgers
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1407429724:1732235304:0_9eNcgzTkXhROScbNvxcXFsNLdoTHw78Jw0jCNo_Rw/8e64e4c9d826c445/Ncsppj6b1HEO03IDSSfavWcamCQzTmQ.6DTzMw.sNj0-1732236294-1.1.1.1-4UDyvQCbcq66g0MzU1h0MyMmH2GUPhezoiU5Q0zntoFiWgFEuRKl40HNdV5olzoo
|
104.18.94.41
|
||
|
https://jonsuh.com/hamburgers
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8e64e8030b0f41a1&lang=auto
|
104.18.94.41
|
||
|
https://www.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
|
104.16.123.96
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8e64e4c9d826c445/1732236299004/C_i6EShR0lniK2j
|
104.18.94.41
|
||
|
https://www.cloudflare.com/a06cff934e9579536ce1c10bad21c1d6d7f63ae0-90484db4602d401d94ca.js
|
104.16.123.96
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nnq76/0x4AAAAAAA0VAeAxv-jXkoV6/auto/fbE/normal/auto/
|
104.18.94.41
|
||
|
https://googleads.g.doubleclick.net
|
unknown
|
||
|
https://www.cloudflare.com/static/z/s.js?z=
|
unknown
|
||
|
https://www.cloudflare.com/static/z/t
|
unknown
|
||
|
https://www.cloudflare.com/page-data/sq/d/333361657.json
|
104.16.123.96
|
||
|
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8AD56F28618A50850A495FB6%40AdobeOrg&d_nsid=0&ts=1732236454856
|
46.137.25.195
|
||
|
https://www.icann.org/resources/pages/approved-with-specs-2013-09-17-en
|
unknown
|
||
|
https://www.cloudflare.com
|
unknown
|
||
|
https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
|
104.18.95.41
|
||
|
https://cct.google/taggy/agent.js
|
unknown
|
||
|
https://scout-cdn.salesloft.com/sl.js
|
unknown
|
||
|
https://static.ads-twitter.com/uwt.js
|
unknown
|
||
|
https://www.cloudflare.com/webpack-runtime-b3591ce6aa4f636a58bb.js
|
104.16.123.96
|
||
|
https://www.cloudflare.com/174-242772ef10d8d161ae24.js
|
104.16.123.96
|
||
|
https://ad.doubleclick.net
|
unknown
|
||
|
https://www.cloudflare.com/app-4d632200c4089b10cecf.js
|
104.16.123.96
|
||
|
https://snap.licdn.com/li.lms-analytics/insight.min.js
|
unknown
|
||
|
https://www.cloudflare.com/img/privacyoptions.svg
|
104.16.123.96
|
||
|
http://cofnbpbnp.edwardrochford.com/)
|
unknown
|
||
|
https://td.doubleclick.net
|
unknown
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8e64e4c9d826c445&lang=auto
|
104.18.94.41
|
||
|
http://cofnbpbnp.edwardrochford.com/main.js
|
162.241.114.35
|
||
|
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1
|
104.18.94.41
|
||
|
https://ot.www.cloudflare.com/public/vendor/onetrust/consent/b1e05d49-f072-4bae-9116-bdb78af15448/018debfb-4917-76f1-8862-8a2f83812baa/en.json
|
104.16.123.96
|
||
|
http://cofnbpbnp.edwardrochford.com/favicon.ico
|
162.241.114.35
|
||
|
http://cofnbpbnp.edwardrochford.com/
|
|||
|
https://www.cloudflare.com/page-data/app-data.json
|
104.16.123.96
|
||
|
https://github.com/js-cookie/js-cookie
|
unknown
|
||
|
https://cf-assets.www.cloudflare.com/slt3lc6tev37/mJZqOomHta2MLLB73P8Hs/9378861761815b3adf7bcb7734d6
|
unknown
|
||
|
https://www.cloudflare.com/favicon.ico
|
104.16.123.96
|
||
|
https://www.dataprivacyframework.gov/
|
unknown
|
||
|
https://cf-assets.www.cloudflare.com/slt3lc6tev37/53qCYhQbir5WtIU0VDWESo/954a48bfb17f429acf469e5f143
|
unknown
|
||
|
https://api.www.cloudflare.com/api/v1
|
unknown
|
||
|
https://google.com
|
unknown
|
||
|
https://www.cloudflare.com/framework-957a522640f43541ca6a.js
|
104.16.123.96
|
||
|
https://adservice.google.com/pagead/regclk?
|
unknown
|
||
|
https://staging.mrk.cfdata.org/mrk/redwood-blade-repository/
|
unknown
|
||
|
https://r.logr-ingest.com/i?a=ykolez%2Fcloudflarecom&r=5-01389742-dc8c-47ff-8bbf-1f0bc9e07fe9&t=9896c9f4-9e4c-4e0e-be06-52267c65b10a&s=0&rs=0%2Cu&u=299bcd5b-b107-4d0f-b598-e43dbfadaef8&is=1
|
104.198.23.205
|
There are 76 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cofnbpbnp.edwardrochford.com
|
162.241.114.35
|
|
|
|
prod-default.lb.logrocket.network
|
104.198.23.205
|
||
|
static.cloudflareinsights.com
|
104.16.80.73
|
||
|
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
|
84.201.208.70
|
||
|
ax-0001.ax-msedge.net
|
150.171.28.10
|
||
|
ot.www.cloudflare.com
|
104.16.123.96
|
||
|
di.rlcdn.com
|
34.49.212.111
|
||
|
www.cloudflare.com
|
104.16.123.96
|
||
|
cdn.logr-ingest.com
|
172.67.209.99
|
||
|
reddit.map.fastly.net
|
151.101.193.140
|
||
|
performance.radar.cloudflare.com
|
104.18.30.78
|
||
|
challenges.cloudflare.com
|
104.18.95.41
|
||
|
www.google.com
|
172.217.21.36
|
||
|
demdex.net.ssl.sc.omtrdc.net
|
63.140.62.27
|
||
|
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com
|
46.137.25.195
|
||
|
alb.reddit.com
|
unknown
|
||
|
x1.i.lencr.org
|
unknown
|
||
|
assets.adobedtm.com
|
unknown
|
||
|
w3-reporting-nel.reddit.com
|
unknown
|
||
|
px.ads.linkedin.com
|
unknown
|
||
|
cloudflareinc.demdex.net
|
unknown
|
||
|
r.logr-ingest.com
|
unknown
|
||
|
adobedc.demdex.net
|
unknown
|
||
|
dpm.demdex.net
|
unknown
|
There are 14 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
162.241.114.35
|
cofnbpbnp.edwardrochford.com
|
United States
|
|
|
|
172.67.209.99
|
cdn.logr-ingest.com
|
United States
|
||
|
104.18.94.41
|
unknown
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
104.16.80.73
|
static.cloudflareinsights.com
|
United States
|
||
|
151.101.193.140
|
reddit.map.fastly.net
|
United States
|
||
|
104.198.23.205
|
prod-default.lb.logrocket.network
|
United States
|
||
|
192.168.2.23
|
unknown
|
unknown
|
||
|
104.18.30.78
|
performance.radar.cloudflare.com
|
United States
|
||
|
172.217.21.36
|
www.google.com
|
United States
|
||
|
104.16.79.73
|
unknown
|
United States
|
||
|
104.16.124.96
|
unknown
|
United States
|
||
|
23.206.252.175
|
unknown
|
United States
|
||
|
104.18.95.41
|
challenges.cloudflare.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
192.168.2.13
|
unknown
|
unknown
|
||
|
46.137.25.195
|
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com
|
Ireland
|
||
|
104.16.123.96
|
ot.www.cloudflare.com
|
United States
|
There are 8 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
aFS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tDIText
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tFileName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tFileSource
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sFileAncestors
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
uFileSize
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
uPageCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sAssetId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
bisSharedFile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
aFS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
tDIText
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
tFileName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
sDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
sDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
uFileSize
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
uPageCount
|
There are 8 hidden registries, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
http://cofnbpbnp.edwardrochford.com/
|
||
|
http://cofnbpbnp.edwardrochford.com/
|
||
|
http://cofnbpbnp.edwardrochford.com/
|
||
|
https://www.cloudflare.com/privacypolicy/
|
||
|
https://www.cloudflare.com/privacypolicy/
|
||
|
https://www.cloudflare.com/privacypolicy/
|
||
|
https://www.cloudflare.com/privacypolicy/
|
||
|
https://www.cloudflare.com/privacypolicy/
|