Files
|
File Path
|
Type
|
Category
|
Malicious
|
Download
|
|
|---|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, 61157 bytes, 1 file
|
dropped
|
|
|
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\078eb0d1-28d7-4401-b617-7987a0e5d2ff.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\13f913b5-ad53-4bfc-b78a-1c58d4959377.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\3f3a95f5-35e5-4116-b117-d05fb597bd50.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\41943cda-e05e-4675-b4ec-b059ffd49dde.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\793d98cd-ea25-4c14-a5b1-958c4e964fe9.tmp
|
data
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\310bca17-7dad-4c76-b208-b304437fc350.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\36275263-294d-4d86-8eda-8f9887483210.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4dd5e6f4-5f90-4c7d-b404-6afc79812445.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5b8ede38-2656-42d1-99ae-54ae5779fe3b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5ca25340-6b3d-4b7f-a1c5-553374fbf934.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5d5cc1d4-4c3e-4bb3-947e-c3f95fdc50aa.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5e374d50-180e-467b-a710-8a514e52bb30.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5f7d9ff3-65f5-4d16-8fa5-ce8a4b4b8c11.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7d7b1146-12dc-4d5f-9ef1-8395474e9f86.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old.. (copy)
|
ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000001.dbtmp
|
ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000003.log
|
data
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT*g (copy)
|
ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000001
|
PGP\011Secret Key -
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\969ba7e1-c73d-4d42-ba53-cffcf57537fd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\33ab818e-bbc6-457c-bb90-a658de8dd304.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a29a592e-20ad-410e-9ce3-0153d8779573.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c65f14dd-3317-448d-8b10-4e03f94dad49.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e4543aad-d5ff-428c-8f9a-17d955bf41c5.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateVa (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Stateap (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Statekn (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b1c3807d-f589-49be-a949-d6bc6f1354eb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ff6dd668-9165-48ce-8361-558d81c4a3d2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\2840_810689066\manifest.json
|
ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\64aa36cd-4a7a-4c55-8f1b-4a138748c536.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\8c5707f4-93eb-4c19-b037-cdeec338ac7b.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\8c5707f4-93eb-4c19-b037-cdeec338ac7b.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
modified
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_1028567155\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
 |
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
 |
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
 |
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
 |
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
 |
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
 |
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2840_699588482\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
There are 182 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://outlookapp22662.wixsite.com/my-site'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1604,26893243657383639,1724490563053595243,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1932 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://outlookapp22662.wixsite.com/my-site
|
 |
||
|
https://4382365.fls.doubleclick.net/activityi;dc_pre=COuOvYX15_MCFRXN1QodRsgMaQ;src=4382365;type=count;cat=websi0;ord=1;num=7501960122307;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fusers.wix.com%2Fsignin%3Fview%3Dlogin%26sendEmail%3Dtrue%26postSignUp%3Dhttp%3A%252F%252Fwww.wix.com%252Fnew%252Faccount%26loginCompName%3Dcta%2520fold1%26referralInfo%3Dcta%2520fold1%26postLogin%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26forceRender%3Dtrue?
|
|
||
|
https://www.pinterest.ch/ct.html
|
|
||
|
https://apis.google.com/js/client.js
|
unknown
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://outlookapp22662.wixsite.com/my-site2
|
unknown
|
|
|
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://4382365.fls.doubleclick.net/activityi;dc_pre=CNXK3pP15_MCFaYOBgAd0bUDFQ;src=4382365;type=count;cat=websi0;ord=1;num=7383986019300;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fusers.wix.com%2Fsignin%3Fview%3Dlogin%26sendEmail%3Dtrue%26postSignUp%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26loginCompName%3Dcta%2520fold%25204%26referralInfo%3Dcta%2520fold%25204%26postLogin%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26forceRender%3Dtrue?
|
|
||
|
https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fusers.wix.com&rpcToken=1631127867.7206066
|
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fusers.wix.com&rpcToken=395882134.5875125&clearCache=1
|
|
||
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://outlookapp22662.wixsite.com/my-site
|
185.230.60.169
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://outlookapp22662.wixsite.com/my-site
|
|
||
|
https://outlookapp22662.wixsite.com/my-site/_api/v2/dynamicmodel
|
185.230.60.169
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://meet.google.com
|
unknown
|
|
|
|
https://adservice.google.com/ddm/fls/i/dc_pre=CKvAt_v05_MCFRscBgAdeIwByA;src=4382365;type=count;cat=websi0;ord=1;num=7055028197114;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fwww.wix.com%2Flpviral%2Fenviral%3Futm_campaign%3Dvir_wixad_live%26adsVersion%3Dwhite%26orig_msid%3D7e86d009-c017-4707-91e6-fec06ba500ff
|
|
||
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
https://4382365.fls.doubleclick.net/activityi;dc_pre=CNatjYv15_MCFYjR1QodESYPdg;src=4382365;type=count;cat=websi0;ord=1;num=7510171416659;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fusers.wix.com%2Fsignin%3Fview%3Dlogin%26sendEmail%3Dtrue%26postSignUp%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26loginCompName%3Dcta%2520fold2%26referralInfo%3Dcta%2520fold2%26postLogin%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26forceRender%3Dtrue?
|
|
||
|
https://static.parastorage.com/services/wix-thunderbolt/dist/bootstrap-features.4bf37853.bundle.min.js
|
34.96.106.200
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfAOdsZAAAAAClPC2qOj9EtL_RxIjkwwJESOS_Z&co=aHR0cHM6Ly91c2Vycy53aXguY29tOjQ0Mw..&hl=en&v=YhkYx1k-yvvb8OonJPmOpoJY&size=invisible&cb=j3yg29nnumca
|
|
||
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://static.parastorage.com/services/wix-thunderbolt/dist/main.48ab1a70.bundle.min.js
|
34.96.106.200
|
|
|
|
https://users.wix.com/signin?view=login&sendEmail=true&postSignUp=https:%2F%2Fwww.wix.com%2Fmy-account&loginCompName=cta%20fold%204&referralInfo=cta%20fold%204&postLogin=https:%2F%2Fwww.wix.com%2Fmy-account&forceRender=true
|
|
||
|
https://clients2.google.com
|
unknown
|
|
|
|
https://www.google.com/tools/feedback
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fusers.wix.com&rpcToken=909223592.8623368
|
|
||
|
https://users.wix.com/signin?view=login&sendEmail=true&postSignUp=https:%2F%2Fwww.wix.com%2Fmy-account&loginCompName=cta%20fold2&referralInfo=cta%20fold2&postLogin=https:%2F%2Fwww.wix.com%2Fmy-account&forceRender=true
|
|
||
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.185.142
|
|
|
|
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfAOdsZAAAAAClPC2qOj9EtL_RxIjkwwJESOS_Z&co=aHR0cHM6Ly91c2Vycy53aXguY29tOjQ0Mw..&hl=en&v=YhkYx1k-yvvb8OonJPmOpoJY&size=invisible&cb=qfqjx7tz1v5m
|
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.13
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://4382365.fls.doubleclick.net/activityi;dc_pre=CK_guIL15_MCFYkeBgAdfG8OxA;src=4382365;type=count;cat=websi0;ord=1;num=7302809676792;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fwww.wix.com%2F?
|
|
||
|
https://www.google.com;
|
unknown
|
|
|
|
https://www.wix.com/lpviral/enviral?utm_campaign=vir_wixad_live&adsVersion=white&orig_msid=7e86d009-c017-4707-91e6-fec06ba500ff
|
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://users.wix.com/signin?view=login&sendEmail=true&postSignUp=https:%2F%2Fwww.wix.com%2Fmy-account&loginCompName=cta%20fold%203&referralInfo=cta%20fold%203&postLogin=https:%2F%2Fwww.wix.com%2Fmy-account&forceRender=true
|
|
||
|
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfAOdsZAAAAAClPC2qOj9EtL_RxIjkwwJESOS_Z&co=aHR0cHM6Ly91c2Vycy53aXguY29tOjQ0Mw..&hl=en&v=YhkYx1k-yvvb8OonJPmOpoJY&size=invisible&cb=3fvdbuvyweyo
|
|
||
|
https://4382365.fls.doubleclick.net/activityi;dc_pre=CN_DxI_15_MCFeLn5godcAAObQ;src=4382365;type=count;cat=websi0;ord=1;num=1423298878156;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fusers.wix.com%2Fsignin%3Fview%3Dlogin%26sendEmail%3Dtrue%26postSignUp%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26loginCompName%3Dcta%2520fold%25203%26referralInfo%3Dcta%2520fold%25203%26postLogin%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26forceRender%3Dtrue?
|
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fusers.wix.com&rpcToken=745963942.0458897
|
|
||
|
http://llvm.org/):
|
unknown
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://www.wix.com/
|
|
||
|
https://users.wix.com/signin?view=login&sendEmail=true&postSignUp=http:%2F%2Fwww.wix.com%2Fnew%2Faccount&loginCompName=cta%20fold1&referralInfo=cta%20fold1&postLogin=https:%2F%2Fwww.wix.com%2Fmy-account&forceRender=true
|
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://4382365.fls.doubleclick.net/activityi;dc_pre=CKvAt_v05_MCFRscBgAdeIwByA;src=4382365;type=count;cat=websi0;ord=1;num=7055028197114;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fwww.wix.com%2Flpviral%2Fenviral%3Futm_campaign%3Dvir_wixad_live%26adsVersion%3Dwhite%26orig_msid%3D7e86d009-c017-4707-91e6-fec06ba500ff?
|
|
||
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://docs.google.com
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
There are 69 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
172.217.168.35
|
|
|
|
dart.l.doubleclick.net
|
142.250.203.102
|
|
|
|
98.www.sv5.wix.com
|
185.230.61.98
|
|
|
|
179.www.sv5.wix.com
|
185.230.61.179
|
|
|
|
105.manage.sv5.wix.com
|
185.230.61.105
|
|
|
|
adservice.google.com
|
216.58.215.226
|
|
|
|
scontent.xx.fbcdn.net
|
157.240.17.15
|
|
|
|
p.adsymptotic.com
|
104.18.101.194
|
|
|
|
www.google.fr
|
142.250.203.99
|
|
|
|
www.google.com
|
172.217.168.4
|
|
|
|
bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com
|
3.224.180.226
|
|
|
|
162.users.sv5.wix.com
|
185.230.61.162
|
|
|
|
star-mini.c10r.facebook.com
|
157.240.17.35
|
|
|
|
pagead46.l.doubleclick.net
|
172.217.168.66
|
|
|
|
accounts.google.com
|
172.217.168.13
|
|
|
|
www-google-analytics.l.google.com
|
172.217.168.46
|
|
|
|
stats.l.doubleclick.net
|
142.250.145.154
|
|
|
|
plus.l.google.com
|
142.250.203.110
|
|
|
|
pop-esv5.mix.linkedin.com
|
108.174.11.37
|
|
|
|
td-username-dc11-60-169.wix.com
|
185.230.60.169
|
|
|
|
www-googletagmanager.l.google.com
|
172.217.168.72
|
|
|
|
gcp.media-router.wixstatic.com
|
34.102.176.152
|
|
|
|
td-static-34-96-106-200.parastorage.com
|
34.96.106.200
|
|
|
|
100.users.sv5.wix.com
|
185.230.61.100
|
|
|
|
www3.l.google.com
|
172.217.23.110
|
|
|
|
googleads.g.doubleclick.net
|
172.217.168.2
|
|
|
|
dualstack.pinterest.map.fastly.net
|
199.232.80.84
|
|
|
|
collector-px35v5ygcp.px-cloud.net
|
35.186.220.184
|
|
|
|
www.google.co.uk
|
142.250.203.99
|
|
|
|
atlas.c10r.facebook.com
|
157.240.17.14
|
|
|
|
clients.l.google.com
|
142.250.185.142
|
|
|
|
googlehosted.l.googleusercontent.com
|
142.250.203.97
|
|
|
|
4382365.fls.doubleclick.net
|
unknown
|
|
|
|
v.pinimg.com
|
unknown
|
|
|
|
manage.wix.com
|
unknown
|
|
|
|
ct.pinterest.com
|
unknown
|
|
|
|
adservice.google.co.uk
|
unknown
|
|
|
|
stats.g.doubleclick.net
|
unknown
|
|
|
|
users.editorx.com
|
unknown
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
static.parastorage.com
|
unknown
|
|
|
|
i.pinimg.com
|
unknown
|
|
|
|
www.facebook.com
|
unknown
|
|
|
|
siteassets.parastorage.com
|
unknown
|
|
|
|
static.wixstatic.com
|
unknown
|
|
|
|
cx.atdmt.com
|
unknown
|
|
|
|
users.wix.com
|
unknown
|
|
|
|
www.linkedin.com
|
unknown
|
|
|
|
px.ads.linkedin.com
|
unknown
|
|
|
|
connect.facebook.net
|
unknown
|
|
|
|
frog.wix.com
|
unknown
|
|
|
|
snap.licdn.com
|
unknown
|
|
|
|
s.pinimg.com
|
unknown
|
|
|
|
www.pinterest.ch
|
unknown
|
|
|
|
analytics.tiktok.com
|
unknown
|
|
|
|
analytics.google.com
|
unknown
|
|
|
|
www.pinterest.com
|
unknown
|
|
|
|
apis.google.com
|
unknown
|
|
|
|
outlookapp22662.wixsite.com
|
unknown
|
|
|
|
www.wix.com
|
unknown
|
|
There are 51 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
185.230.61.100
|
100.users.sv5.wix.com
|
Israel
|
|
|
|
34.96.106.200
|
td-static-34-96-106-200.parastorage.com
|
United States
|
|
|
|
157.240.17.35
|
star-mini.c10r.facebook.com
|
United States
|
|
|
|
172.217.168.46
|
www-google-analytics.l.google.com
|
United States
|
|
|
|
142.250.203.97
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
104.18.101.194
|
p.adsymptotic.com
|
United States
|
|
|
|
142.250.185.142
|
clients.l.google.com
|
United States
|
|
|
|
142.250.203.99
|
www.google.fr
|
United States
|
|
|
|
35.186.220.184
|
collector-px35v5ygcp.px-cloud.net
|
United States
|
|
|
|
216.58.215.226
|
adservice.google.com
|
United States
|
|
|
|
172.217.168.13
|
accounts.google.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
108.174.11.37
|
pop-esv5.mix.linkedin.com
|
United States
|
|
|
|
185.230.61.162
|
162.users.sv5.wix.com
|
Israel
|
|
|
|
142.250.203.110
|
plus.l.google.com
|
United States
|
|
|
|
172.217.23.110
|
www3.l.google.com
|
United States
|
|
|
|
157.240.17.15
|
scontent.xx.fbcdn.net
|
United States
|
|
|
|
157.240.17.14
|
atlas.c10r.facebook.com
|
United States
|
|
|
|
185.230.60.169
|
td-username-dc11-60-169.wix.com
|
Israel
|
|
|
|
172.217.168.4
|
www.google.com
|
United States
|
|
|
|
172.217.168.66
|
pagead46.l.doubleclick.net
|
United States
|
|
|
|
199.232.80.84
|
dualstack.pinterest.map.fastly.net
|
United States
|
|
|
|
142.250.203.102
|
dart.l.doubleclick.net
|
United States
|
|
|
|
172.217.168.72
|
www-googletagmanager.l.google.com
|
United States
|
|
|
|
54.152.82.197
|
unknown
|
United States
|
|
|
|
172.217.168.35
|
gstaticadssl.l.google.com
|
United States
|
|
|
|
142.250.145.154
|
stats.l.doubleclick.net
|
United States
|
|
|
|
34.102.176.152
|
gcp.media-router.wixstatic.com
|
United States
|
|
|
|
185.230.61.105
|
105.manage.sv5.wix.com
|
Israel
|
|
|
|
3.224.180.226
|
bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com
|
United States
|
|
|
|
185.230.61.98
|
98.www.sv5.wix.com
|
Israel
|
|
|
|
192.168.2.255
|
unknown
|
unknown
|
|
There are 24 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Speech\Voices
|
DefaultTokenId
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349
|
Blob
|
|
There are 37 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
Download
|
|
|---|---|---|---|---|---|
|
7DF557670000
|
unkown image
|
page readonly
|
|
|
|
|
1E4DD6F9000
|
unkown
|
page read and write
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
7DF58C792000
|
unkown image
|
page readonly
|
|
|
|
|
16E42113000
|
unkown
|
page read and write
|
|
|
|
|
4EB377E000
|
stack
|
page read and write
|
|
|
|
|
1E4D8759000
|
unkown
|
page read and write
|
|
|
|
|
7DF5D1920000
|
unkown image
|
page readonly
|
|
|
|
|
1D81663A000
|
unkown
|
page read and write
|
|
|
|
|
1D81667B000
|
unkown
|
page read and write
|
|
|
|
|
4EB3AF7000
|
stack
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7DF548850000
|
unkown image
|
page readonly
|
|
|
|
|
1D816684000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E82C000
|
unkown image
|
page readonly
|
|
|
|
|
48915FE000
|
stack
|
page read and write
|
|
|
|
|
1D8165E0000
|
unkown image
|
page readonly
|
|
|
|
|
16E41E80000
|
unkown image
|
page readonly
|
|
|
|
|
7FF5E61C6000
|
unkown image
|
page readonly
|
|
|
|
|
16E4203C000
|
unkown
|
page read and write
|
|
|
|
|
1C714DC0000
|
unkown
|
page read and write
|
|
|
|
|
7DF546830000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E9A6000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
7DF5926D2000
|
unkown image
|
page readonly
|
|
|
|
|
1D816800000
|
unkown image
|
page readonly
|
|
|
|
|
7DF54FE02000
|
unkown image
|
page readonly
|
|
|
|
|
7FF54E712000
|
unkown image
|
page readonly
|
|
|
|
|
1E4DD450000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E77D000
|
unkown image
|
page readonly
|
|
|
|
|
1D81663B000
|
unkown
|
page read and write
|
|
|
|
|
7FF58B333000
|
unkown image
|
page readonly
|
|
|
|
|
4EB367B000
|
unkown
|
page read and write
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
16E41EA0000
|
unkown image
|
page readonly
|
|
|
|
|
16E42057000
|
unkown
|
page read and write
|
|
|
|
|
21D4D248000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E7EA000
|
unkown image
|
page readonly
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
7DF546822000
|
unkown image
|
page readonly
|
|
|
|
|
16E42054000
|
unkown
|
page read and write
|
|
|
|
|
1D81663D000
|
unkown
|
page read and write
|
|
|
|
|
7DF5926C0000
|
unkown image
|
page readonly
|
|
|
|
|
1D81665C000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD334000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E8E9000
|
unkown image
|
page readonly
|
|
|
|
|
7DF54FE10000
|
unkown image
|
page readonly
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
16E42400000
|
unkown image
|
page readonly
|
|
|
|
|
7DF5E7640000
|
unkown image
|
page readonly
|
|
|
|
|
7FF5E614C000
|
unkown image
|
page readonly
|
|
|
|
|
21D4D090000
|
unkown image
|
page readonly
|
|
|
|
|
7DF5D1900000
|
unkown image
|
page readonly
|
|
|
|
|
7DF5926D0000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7DF521F30000
|
unkown image
|
page readonly
|
|
|
|
|
7FF54E936000
|
unkown image
|
page readonly
|
|
|
|
|
21D577BB000
|
unkown
|
page read and write
|
|
|
|
|
16E42580000
|
unkown image
|
page readonly
|
|
|
|
|
1D81667E000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7FF5E5E68000
|
unkown image
|
page readonly
|
|
|
|
|
1D816660000
|
unkown
|
page read and write
|
|
|
|
|
7DF557662000
|
unkown image
|
page readonly
|
|
|
|
|
21D4D247000
|
unkown
|
page read and write
|
|
|
|
|
7DF5E7630000
|
unkown image
|
page readonly
|
|
|
|
|
1D816631000
|
unkown
|
page read and write
|
|
|
|
|
1D8164D0000
|
unkown image
|
page readonly
|
|
|
|
|
7FF5E61E3000
|
unkown image
|
page readonly
|
|
|
|
|
48911BE000
|
stack
|
page read and write
|
|
|
|
|
1D81666B000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E57A000
|
unkown image
|
page readonly
|
|
|
|
|
16E42000000
|
unkown
|
page read and write
|
|
|
|
|
1CE97890000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
1E4D8718000
|
unkown
|
page read and write
|
|
|
|
|
1D816632000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
21D5779E000
|
unkown
|
page read and write
|
|
|
|
|
16E4204B000
|
unkown
|
page read and write
|
|
|
|
|
21D576D8000
|
unkown
|
page read and write
|
|
|
|
|
7FF5E61D6000
|
unkown image
|
page readonly
|
|
|
|
|
7FF5E60F5000
|
unkown image
|
page readonly
|
|
|
|
|
16E41EB0000
|
unkown image
|
page readonly
|
|
|
|
|
1D816640000
|
unkown
|
page read and write
|
|
|
|
|
7DF546840000
|
unkown image
|
page readonly
|
|
|
|
|
7DF54FE10000
|
unkown image
|
page readonly
|
|
|
|
|
1D8164B0000
|
unkown image
|
page readonly
|
|
|
|
|
1D816648000
|
unkown
|
page read and write
|
|
|
|
|
7FF520AC3000
|
unkown image
|
page readonly
|
|
|
|
|
16E4204F000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD314000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E996000
|
unkown image
|
page readonly
|
|
|
|
|
1D816702000
|
unkown
|
page read and write
|
|
|
|
|
7FF547403000
|
unkown image
|
page readonly
|
|
|
|
|
7DF54FE00000
|
unkown image
|
page readonly
|
|
|
|
|
7DF5926C2000
|
unkown image
|
page readonly
|
|
|
|
|
1E4DD706000
|
unkown
|
page read and write
|
|
|
|
|
7DF521F10000
|
unkown image
|
page readonly
|
|
|
|
|
1D81664B000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E8F1000
|
unkown image
|
page readonly
|
|
|
|
|
16E42070000
|
unkown
|
page read and write
|
|
|
|
|
16E41E80000
|
unkown image
|
page readonly
|
|
|
|
|
1D816661000
|
unkown
|
page read and write
|
|
|
|
|
7DF4E5500000
|
unkown image
|
page readonly
|
|
|
|
|
21D57798000
|
unkown
|
page read and write
|
|
|
|
|
21D4D258000
|
unkown
|
page read and write
|
|
|
|
|
1C714DC0000
|
unkown
|
page read and write
|
|
|
|
|
1E4D7C40000
|
unkown image
|
page readonly
|
|
|
|
|
21D4EDA2000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E8BF000
|
unkown image
|
page readonly
|
|
|
|
|
7FF54E8D0000
|
unkown image
|
page readonly
|
|
|
|
|
21D4D248000
|
unkown
|
page read and write
|
|
|
|
|
16E41E60000
|
unkown image
|
page read and write
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
1D816669000
|
unkown
|
page read and write
|
|
|
|
|
1FC7B670000
|
unkown image
|
page readonly
|
|
|
|
|
7FF54E8D4000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
1D8164E0000
|
unkown image
|
page readonly
|
|
|
|
|
7FF556203000
|
unkown image
|
page readonly
|
|
|
|
|
21D4ED95000
|
unkown
|
page read and write
|
|
|
|
|
21D578C0000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD6F5000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD450000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD440000
|
unkown
|
page read and write
|
|
|
|
|
16E42026000
|
unkown
|
page read and write
|
|
|
|
|
16E4208B000
|
unkown
|
page read and write
|
|
|
|
|
48910BC000
|
unkown
|
page read and write
|
|
|
|
|
1D816666000
|
unkown
|
page read and write
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E5C1000
|
unkown image
|
page readonly
|
|
|
|
|
1E4DD2F1000
|
unkown
|
page read and write
|
|
|
|
|
7FF5453D3000
|
unkown image
|
page readonly
|
|
|
|
|
16E42200000
|
unkown image
|
page readonly
|
|
|
|
|
16E41FB0000
|
unkown image
|
page readonly
|
|
|
|
|
7FF5E6152000
|
unkown image
|
page readonly
|
|
|
|
|
21D4EBD0000
|
unkown
|
page read and write
|
|
|
|
|
4EB3CFE000
|
stack
|
page read and write
|
|
|
|
|
21D4D257000
|
unkown
|
page read and write
|
|
|
|
|
7DF5E7650000
|
unkown image
|
page readonly
|
|
|
|
|
1E4DD450000
|
unkown
|
page read and write
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD2F0000
|
unkown
|
page read and write
|
|
|
|
|
7DF54FE02000
|
unkown image
|
page readonly
|
|
|
|
|
1D816632000
|
unkown
|
page read and write
|
|
|
|
|
4EB387C000
|
stack
|
page read and write
|
|
|
|
|
1D816641000
|
unkown
|
page read and write
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
1D816490000
|
unkown image
|
page read and write
|
|
|
|
|
16E42058000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E4B6000
|
unkown image
|
page readonly
|
|
|
|
|
1D816500000
|
heap default
|
page read and write
|
|
|
|
|
4EB3BFF000
|
stack
|
page read and write
|
|
|
|
|
7FF5E61E3000
|
unkown image
|
page readonly
|
|
|
|
|
1C714DC0000
|
unkown
|
page read and write
|
|
|
|
|
21D4EBD0000
|
unkown
|
page read and write
|
|
|
|
|
7DF548860000
|
unkown image
|
page readonly
|
|
|
|
|
16E4204C000
|
unkown
|
page read and write
|
|
|
|
|
21D577A2000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD2FE000
|
unkown
|
page read and write
|
|
|
|
|
1D8164A0000
|
heap private
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
16E4204A000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E8E1000
|
unkown image
|
page readonly
|
|
|
|
|
1E4DD709000
|
unkown
|
page read and write
|
|
|
|
|
7DF548862000
|
unkown image
|
page readonly
|
|
|
|
|
7FF54E785000
|
unkown image
|
page readonly
|
|
|
|
|
21D577AD000
|
unkown
|
page read and write
|
|
|
|
|
1D816645000
|
unkown
|
page read and write
|
|
|
|
|
7FF5E6135000
|
unkown image
|
page readonly
|
|
|
|
|
16E41E70000
|
heap private
|
page read and write
|
|
|
|
|
7FF54E8BB000
|
unkown image
|
page readonly
|
|
|
|
|
7FF54E638000
|
unkown image
|
page readonly
|
|
|
|
|
7DF521F12000
|
unkown image
|
page readonly
|
|
|
|
|
16E42013000
|
unkown
|
page read and write
|
|
|
|
|
7FF5E568E000
|
unkown image
|
page readonly
|
|
|
|
|
21D57795000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7DF54FE12000
|
unkown image
|
page readonly
|
|
|
|
|
7FF5E6159000
|
unkown image
|
page readonly
|
|
|
|
|
7DF58C780000
|
unkown image
|
page readonly
|
|
|
|
|
1D81665E000
|
unkown
|
page read and write
|
|
|
|
|
1D81662D000
|
unkown
|
page read and write
|
|
|
|
|
1D816613000
|
unkown
|
page read and write
|
|
|
|
|
4EB397B000
|
stack
|
page read and write
|
|
|
|
|
1D816649000
|
unkown
|
page read and write
|
|
|
|
|
16E42059000
|
unkown
|
page read and write
|
|
|
|
|
7FF5E6166000
|
unkown image
|
page readonly
|
|
|
|
|
1DB742A0000
|
unkown image
|
page readonly
|
|
|
|
|
489113E000
|
stack
|
page read and write
|
|
|
|
|
7DF557650000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
21D577B7000
|
unkown
|
page read and write
|
|
|
|
|
7DF5E7650000
|
unkown image
|
page readonly
|
|
|
|
|
7FF54E922000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7DF54FE20000
|
unkown image
|
page readonly
|
|
|
|
|
7DF44DCD0000
|
unkown image
|
page readonly
|
|
|
|
|
7FF54E905000
|
unkown image
|
page readonly
|
|
|
|
|
7FF5E60EF000
|
unkown image
|
page readonly
|
|
|
|
|
7FF5E6169000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD320000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD450000
|
unkown
|
page read and write
|
|
|
|
|
16E42050000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7DF5E7632000
|
unkown image
|
page readonly
|
|
|
|
|
1D8164B0000
|
unkown image
|
page readonly
|
|
|
|
|
7DF5D1902000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
1D816647000
|
unkown
|
page read and write
|
|
|
|
|
1E4D8718000
|
unkown
|
page read and write
|
|
|
|
|
7DF546820000
|
unkown image
|
page readonly
|
|
|
|
|
1D816646000
|
unkown
|
page read and write
|
|
|
|
|
21D4ED9C000
|
unkown
|
page read and write
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
1E4D8759000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7DF5E7642000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7FF5E60F8000
|
unkown image
|
page readonly
|
|
|
|
|
21D576D0000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7DF557660000
|
unkown image
|
page readonly
|
|
|
|
|
7DF548870000
|
unkown image
|
page readonly
|
|
|
|
|
16E42029000
|
unkown
|
page read and write
|
|
|
|
|
1E4D8718000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD2F8000
|
unkown
|
page read and write
|
|
|
|
|
7FF5D04B3000
|
unkown image
|
page readonly
|
|
|
|
|
21D577B3000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD3C0000
|
unkown
|
page read and write
|
|
|
|
|
7DF54FE00000
|
unkown image
|
page readonly
|
|
|
|
|
7DF5E7632000
|
unkown image
|
page readonly
|
|
|
|
|
7DF5D1912000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
1D816B80000
|
unkown image
|
page readonly
|
|
|
|
|
7FF5E6111000
|
unkown image
|
page readonly
|
|
|
|
|
16E42102000
|
unkown
|
page read and write
|
|
|
|
|
48916FE000
|
stack
|
page read and write
|
|
|
|
|
16E42100000
|
unkown
|
page read and write
|
|
|
|
|
7FF5E615C000
|
unkown image
|
page readonly
|
|
|
|
|
4EB36FE000
|
stack
|
page read and write
|
|
|
|
|
7FF54E7F0000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
1D81666D000
|
unkown
|
page read and write
|
|
|
|
|
7DF5E7642000
|
unkown image
|
page readonly
|
|
|
|
|
1D816A00000
|
unkown image
|
page readonly
|
|
|
|
|
7DF58C7A0000
|
unkown image
|
page readonly
|
|
|
|
|
7DF546832000
|
unkown image
|
page readonly
|
|
|
|
|
16E42108000
|
unkown
|
page read and write
|
|
|
|
|
21D4EBD0000
|
unkown
|
page read and write
|
|
|
|
|
16E42052000
|
unkown
|
page read and write
|
|
|
|
|
7DF54FE20000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
1D816677000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
21D576D0000
|
unkown
|
page read and write
|
|
|
|
|
1D81667A000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E8C5000
|
unkown image
|
page readonly
|
|
|
|
|
21D57793000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7DF548852000
|
unkown image
|
page readonly
|
|
|
|
|
7FF54E944000
|
unkown image
|
page readonly
|
|
|
|
|
7DF521F20000
|
unkown image
|
page readonly
|
|
|
|
|
1D816C60000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E91C000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
7DF5E7640000
|
unkown image
|
page readonly
|
|
|
|
|
21D5779B000
|
unkown
|
page read and write
|
|
|
|
|
7FF5E6174000
|
unkown image
|
page readonly
|
|
|
|
|
1E4DD2F0000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
21D4D258000
|
unkown
|
page read and write
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E9B3000
|
unkown image
|
page readonly
|
|
|
|
|
16E42080000
|
unkown
|
page read and write
|
|
|
|
|
7DF521F22000
|
unkown image
|
page readonly
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E77F000
|
unkown image
|
page readonly
|
|
|
|
|
1D81662E000
|
unkown
|
page read and write
|
|
|
|
|
7DF58C790000
|
unkown image
|
page readonly
|
|
|
|
|
7FF54E92C000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7DF557652000
|
unkown image
|
page readonly
|
|
|
|
|
7FF5E6119000
|
unkown image
|
page readonly
|
|
|
|
|
16E42802000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD6F5000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD311000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7FF5E6104000
|
unkown image
|
page readonly
|
|
|
|
|
7FF5E6100000
|
unkown image
|
page readonly
|
|
|
|
|
1D816644000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E759000
|
unkown image
|
page readonly
|
|
|
|
|
21D577B0000
|
unkown
|
page read and write
|
|
|
|
|
7DF5926E0000
|
unkown image
|
page readonly
|
|
|
|
|
1D816600000
|
unkown
|
page read and write
|
|
|
|
|
21D577A7000
|
unkown
|
page read and write
|
|
|
|
|
1D816629000
|
unkown
|
page read and write
|
|
|
|
|
1D816E02000
|
unkown
|
page read and write
|
|
|
|
|
4EB39FE000
|
stack
|
page read and write
|
|
|
|
|
21D57780000
|
unkown
|
page read and write
|
|
|
|
|
7DF5E7630000
|
unkown image
|
page readonly
|
|
|
|
|
21D57790000
|
unkown
|
page read and write
|
|
|
|
|
7FF591273000
|
unkown image
|
page readonly
|
|
|
|
|
1C714C40000
|
unkown image
|
page readonly
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
1E4DD330000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
16E42049000
|
unkown
|
page read and write
|
|
|
|
|
7DF58C782000
|
unkown image
|
page readonly
|
|
|
|
|
7FF54E929000
|
unkown image
|
page readonly
|
|
|
|
|
7FF54E9B3000
|
unkown image
|
page readonly
|
|
|
|
|
7FF54E8AC000
|
unkown image
|
page readonly
|
|
|
|
|
1D81665F000
|
unkown
|
page read and write
|
|
|
|
|
7FF5E5F42000
|
unkown image
|
page readonly
|
|
|
|
|
7FF5E6121000
|
unkown image
|
page readonly
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
7DF5D1910000
|
unkown image
|
page readonly
|
|
|
|
|
21D578E0000
|
unkown
|
page read and write
|
|
|
|
|
21D577AA000
|
unkown
|
page read and write
|
|
|
|
|
21D57A40000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
16E4204E000
|
unkown
|
page read and write
|
|
|
|
|
16E41FD0000
|
unkown
|
page read and write
|
|
|
|
|
25268260000
|
unkown image
|
page readonly
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
1D816642000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E4BC000
|
unkown image
|
page readonly
|
|
|
|
|
16E41ED0000
|
heap default
|
page read and write
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E7A1000
|
unkown image
|
page readonly
|
|
|
|
|
7DF54FE12000
|
unkown image
|
page readonly
|
|
|
|
|
21D57900000
|
unkown
|
page read and write
|
|
|
|
|
21D57A30000
|
unkown
|
page read and write
|
|
|
|
|
7FF54E8C8000
|
unkown image
|
page readonly
|
|
|
|
|
48917FE000
|
stack
|
page read and write
|
|
|
There are 344 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://outlookapp22662.wixsite.com/my-site
|
|
|
|
https://www.wix.com/lpviral/enviral?utm_campaign=vir_wixad_live&adsVersion=white&orig_msid=7e86d009-c017-4707-91e6-fec06ba500ff
|
|
|
|
https://www.pinterest.ch/ct.html
|
|
|
|
https://adservice.google.com/ddm/fls/i/dc_pre=CKvAt_v05_MCFRscBgAdeIwByA;src=4382365;type=count;cat=websi0;ord=1;num=7055028197114;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fwww.wix.com%2Flpviral%2Fenviral%3Futm_campaign%3Dvir_wixad_live%26adsVersion%3Dwhite%26orig_msid%3D7e86d009-c017-4707-91e6-fec06ba500ff
|
|
|
|
https://4382365.fls.doubleclick.net/activityi;dc_pre=CKvAt_v05_MCFRscBgAdeIwByA;src=4382365;type=count;cat=websi0;ord=1;num=7055028197114;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fwww.wix.com%2Flpviral%2Fenviral%3Futm_campaign%3Dvir_wixad_live%26adsVersion%3Dwhite%26orig_msid%3D7e86d009-c017-4707-91e6-fec06ba500ff?
|
|
|
|
https://www.wix.com/
|
|
|
|
https://4382365.fls.doubleclick.net/activityi;dc_pre=CK_guIL15_MCFYkeBgAdfG8OxA;src=4382365;type=count;cat=websi0;ord=1;num=7302809676792;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fwww.wix.com%2F?
|
|
|
|
https://www.wix.com/
|
|
|
|
https://4382365.fls.doubleclick.net/activityi;dc_pre=COuOvYX15_MCFRXN1QodRsgMaQ;src=4382365;type=count;cat=websi0;ord=1;num=7501960122307;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fusers.wix.com%2Fsignin%3Fview%3Dlogin%26sendEmail%3Dtrue%26postSignUp%3Dhttp%3A%252F%252Fwww.wix.com%252Fnew%252Faccount%26loginCompName%3Dcta%2520fold1%26referralInfo%3Dcta%2520fold1%26postLogin%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26forceRender%3Dtrue?
|
|
|
|
https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fusers.wix.com&rpcToken=395882134.5875125&clearCache=1
|
|
|
|
https://users.wix.com/signin?view=login&sendEmail=true&postSignUp=http:%2F%2Fwww.wix.com%2Fnew%2Faccount&loginCompName=cta%20fold1&referralInfo=cta%20fold1&postLogin=https:%2F%2Fwww.wix.com%2Fmy-account&forceRender=true
|
|
|
|
https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fusers.wix.com&rpcToken=745963942.0458897
|
|
|
|
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfAOdsZAAAAAClPC2qOj9EtL_RxIjkwwJESOS_Z&co=aHR0cHM6Ly91c2Vycy53aXguY29tOjQ0Mw..&hl=en&v=YhkYx1k-yvvb8OonJPmOpoJY&size=invisible&cb=qfqjx7tz1v5m
|
|
|
|
https://4382365.fls.doubleclick.net/activityi;dc_pre=CNatjYv15_MCFYjR1QodESYPdg;src=4382365;type=count;cat=websi0;ord=1;num=7510171416659;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fusers.wix.com%2Fsignin%3Fview%3Dlogin%26sendEmail%3Dtrue%26postSignUp%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26loginCompName%3Dcta%2520fold2%26referralInfo%3Dcta%2520fold2%26postLogin%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26forceRender%3Dtrue?
|
|
|
|
https://users.wix.com/signin?view=login&sendEmail=true&postSignUp=https:%2F%2Fwww.wix.com%2Fmy-account&loginCompName=cta%20fold2&referralInfo=cta%20fold2&postLogin=https:%2F%2Fwww.wix.com%2Fmy-account&forceRender=true
|
|
|
|
https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fusers.wix.com&rpcToken=909223592.8623368
|
|
|
|
https://4382365.fls.doubleclick.net/activityi;dc_pre=CN_DxI_15_MCFeLn5godcAAObQ;src=4382365;type=count;cat=websi0;ord=1;num=1423298878156;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fusers.wix.com%2Fsignin%3Fview%3Dlogin%26sendEmail%3Dtrue%26postSignUp%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26loginCompName%3Dcta%2520fold%25203%26referralInfo%3Dcta%2520fold%25203%26postLogin%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26forceRender%3Dtrue?
|
|
|
|
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfAOdsZAAAAAClPC2qOj9EtL_RxIjkwwJESOS_Z&co=aHR0cHM6Ly91c2Vycy53aXguY29tOjQ0Mw..&hl=en&v=YhkYx1k-yvvb8OonJPmOpoJY&size=invisible&cb=j3yg29nnumca
|
|
|
|
https://users.wix.com/signin?view=login&sendEmail=true&postSignUp=https:%2F%2Fwww.wix.com%2Fmy-account&loginCompName=cta%20fold%203&referralInfo=cta%20fold%203&postLogin=https:%2F%2Fwww.wix.com%2Fmy-account&forceRender=true
|
|
|
|
https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fusers.wix.com&rpcToken=1631127867.7206066
|
|
|
|
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfAOdsZAAAAAClPC2qOj9EtL_RxIjkwwJESOS_Z&co=aHR0cHM6Ly91c2Vycy53aXguY29tOjQ0Mw..&hl=en&v=YhkYx1k-yvvb8OonJPmOpoJY&size=invisible&cb=3fvdbuvyweyo
|
|
|
|
https://4382365.fls.doubleclick.net/activityi;dc_pre=CNXK3pP15_MCFaYOBgAd0bUDFQ;src=4382365;type=count;cat=websi0;ord=1;num=7383986019300;gtm=2wgak0;auiddc=162674012.1635278105;u1=e82bba38-574e-4c2d-af8f-2a0eeeeea6a9;~oref=https%3A%2F%2Fusers.wix.com%2Fsignin%3Fview%3Dlogin%26sendEmail%3Dtrue%26postSignUp%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26loginCompName%3Dcta%2520fold%25204%26referralInfo%3Dcta%2520fold%25204%26postLogin%3Dhttps%3A%252F%252Fwww.wix.com%252Fmy-account%26forceRender%3Dtrue?
|
|
|
|
https://users.wix.com/signin?view=login&sendEmail=true&postSignUp=https:%2F%2Fwww.wix.com%2Fmy-account&loginCompName=cta%20fold%204&referralInfo=cta%20fold%204&postLogin=https:%2F%2Fwww.wix.com%2Fmy-account&forceRender=true
|
|
There are 13 hidden doms, click here to show them.