Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\06aab188-1cb2-4c06-ae29-fd21b950abb4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\07e99566-98f1-4590-9222-0ba425797855.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\20d58fdf-02db-4fa5-b471-1c124fa9d28b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\2a0c7f0b-5960-432a-b74f-2df219f66613.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\4272dc74-cf44-442c-966e-409e68574aea.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\5e6f0284-56e8-4b13-a198-c95416ed412f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\696815b0-d876-4ac5-8b97-cd940fb82cbd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7d70bdc6-f41d-4961-b072-777901e00478.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\8b601928-1d09-4ea8-984b-02dffaef5edc.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0bfa846f-7f2b-447d-b05b-00b7f02a94e3.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0f6fdc72-0039-45da-9754-65b2db937691.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\39e1b833-af68-41e1-b4d9-0bc310436bda.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\60d1765d-f5ba-436e-a0ad-7aca6a309fc0.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\70ef5a4d-5fda-4df5-9f0b-a5534478002f.tmp
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\731cb0a9-891b-4cbc-a09d-2b3daca1f26d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\74e0311c-bc39-4e29-8439-e10b46d645c7.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7629fe09-8f4f-4857-a76e-7f840ed793fc.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7a4d6bfd-86bb-4151-ada6-fdd982ecb833.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7bb9de8b-9790-47b2-b37e-f712bade65d6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7e2b4015-2a63-438b-ae5d-d9b9a9e0db54.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8647d2f5-e2a3-437d-ba06-f62213f5cbae.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\89b99dc9-af82-4da7-b5ad-fec9e1117db0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9b46ea77-bd9a-458c-ac46-8c6841577861.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldYT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesv (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesw. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.. (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesrc (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\81845bdb-4489-46cb-8745-1eb6b4d95f84.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\91adff0b-dae8-46e3-b259-1408c3267668.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
Statemp (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\6bc793fe-8b45-4e39-8be7-c1b73ab9686d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old..
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurityMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a725d6bb-ac14-4d90-9721-d33e29b2a4f2.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ae0456c6-a287-4813-ae2b-435f44766f70.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b4a9d5dc-169b-46ef-92ed-b1b44b9c8696.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f2ceeec2-35ec-46a5-9257-6fb7597513a9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f52db802-6859-45b7-8928-df25f066b2bd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StatetS (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache\p (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachees (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b30ef004-77c7-4fb1-8cbd-2b46f4c2b917.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b6657594-5af5-4017-bf28-4576982ce1cc.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\faed375a-b496-4a30-aa58-f407f99e71f1.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2436_1361747409\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\31ee74f6-483d-4a16-9061-7c973bbd367e.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\547848f5-3b3a-45d9-aa6e-1fdf87495b09.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\e1f1d19e-22c3-4008-85bf-b10acfd88a2f.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\e2524fb5-dae4-4dc3-89db-84c45e773e98.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_1737230934\e2524fb5-dae4-4dc3-89db-84c45e773e98.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\547848f5-3b3a-45d9-aa6e-1fdf87495b09.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2436_2055924994\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
There are 201 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://secure-chsd.org/s/e?m=ABBOdSX2hand3rhcsO3vIAYp&c=ABBYByWB0o0PvF3l0uo5dmRj&em=EAC%40pointloma%2eEDU
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1536,1080383137737942703,10415530265892783596,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://secure-chsd.org/s/e?m=ABBOdSX2hand3rhcsO3vIAYp&c=ABBYByWB0o0PvF3l0uo5dmRj&em=EAC%40pointloma%2eEDU
|
|
||
|
https://www.rchsd.org/health-safety/health-alerts/
|
|
||
|
https://player.vimeo.com/video/398648333?portrait=0&byline=0&title=0
|
|
||
|
https://player.vimeo.com/video/604357845?portrait=0&byline=0&title=0
|
|
||
|
https://stats.g.doubleclick.net
|
unknown
|
|
|
|
https://apis.google.com/js/client.js
|
unknown
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://cm.g.doubleclick.net
|
unknown
|
|
|
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.rchsd.org/about-us/
|
|
||
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://player.vimeo.com/video/447845914?portrait=0&byline=0&title=0
|
|
||
|
https://zix.com/
|
|
||
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://meet.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1635910884675
|
|
||
|
http://angularjs.org
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://pixel.mathtag.com/sync/iframe?mt_uuid=ec1d6181-9483-4f00-986f-209dd10e1e79&no_iframe=1&mt_adid=248701&source=mathtag
|
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://www.google.com/tools/feedback
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://www.rchsd.org/contact-us/
|
|
||
|
https://www.rchsd.org/
|
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
|
|
|
https://googleads.g.doubleclick.net
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://secure-chsd.org/s/e?m=ABBOdSX2hand3rhcsO3vIAYp&c=ABBYByWB0o0PvF3l0uo5dmRj&em=EAC%40pointloma
|
unknown
|
|
|
|
https://js.driftt.com/core?embedId=65e63pi6mu5c®ion=US&forceShow=false&skipCampaigns=false&sessionId=9a70df5a-b6b4-4e0a-a14c-9a57b6fcaf5a&sessionStarted=1635910895.08&campaignRefreshToken=ef7078d7-33ef-4af8-b357-ba59b7cf0368&hideController=false&pageLoadStartTime=1635910884675&mode=CHAT&driftEnableLog=false
|
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
http://llvm.org/):
|
unknown
|
|
|
|
https://c1.adform.net/imatch/pixels?uid=3680121232683396984&agencyId=6276&advertiserId=2105093&src=tp&rnd=139481
|
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://secure-chsd.org/s/e?m=ABBOdSX2hand3rhcsO3vIAYp&c=ABBYByWB0o0PvF3l0uo5dmRj&em=EAC%40pointloma%2eEDU
|
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://pubads.g.doubleclick.net
|
unknown
|
|
|
|
https://a2.adform.net/serving/container/?pm=2463533&lid=100856282&ctype=0&media=0&PageName=Rady+Childrens+Hospital+Homepage&rnd=1844193108&cpref=&loc=https%3a%2f%2fwww.rchsd.org%2f
|
|
||
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://www.rchsd.org/about-us/2
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://docs.google.com
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://www.google.co.uk
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
There are 61 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
142.250.203.99
|
|
|
|
pug-lhr.pubmatic.com
|
185.64.190.80
|
|
|
|
segments.company-target.com
|
143.204.215.100
|
|
|
|
ee15ba61-wschat-wschatalb-6fcf-2062696737.us-east-1.elb.amazonaws.com
|
35.169.187.184
|
|
|
|
eu-u.openx.net
|
34.98.64.218
|
|
|
|
dxedge-prod-lb-1585771072.us-west-2.elb.amazonaws.com
|
52.89.239.64
|
|
|
|
eu-eb2.3lift.com
|
76.223.111.18
|
|
|
|
b9odqbm.impervadns.net
|
45.223.138.206
|
|
|
|
ih.adscale.de
|
35.157.138.20
|
|
|
|
httplogserver-lb.global.unified-prod.sharethis.net
|
18.198.109.212
|
|
|
|
elb-aws-fr-bruges-621602890.eu-central-1.elb.amazonaws.com
|
3.120.56.129
|
|
|
|
sync.crwdcntrl.net
|
52.30.140.199
|
|
|
|
cdnjs.cloudflare.com
|
104.16.19.94
|
|
|
|
platform-api.sharethis.com
|
13.32.22.126
|
|
|
|
cm.g.doubleclick.net
|
172.217.168.2
|
|
|
|
www.google.com
|
172.217.168.36
|
|
|
|
rtb-csync-itx4.smartadserver.com
|
185.86.139.113
|
|
|
|
tags.adsafety.net
|
139.162.147.24
|
|
|
|
ads.smartstream.tv
|
80.82.217.92
|
|
|
|
id.rlcdn.com
|
35.244.174.68
|
|
|
|
eu2-ice.360yield.com
|
3.66.41.54
|
|
|
|
match.adsrvr.org
|
52.223.40.198
|
|
|
|
match.contentexchange.me
|
46.19.11.36
|
|
|
|
star-mini.c10r.facebook.com
|
157.240.17.35
|
|
|
|
d2znr2yi078d75.cloudfront.net
|
65.9.71.23
|
|
|
|
match.prod.bidr.io
|
52.49.53.128
|
|
|
|
stats.l.doubleclick.net
|
142.250.145.156
|
|
|
|
uip.semasio.net
|
77.243.60.138
|
|
|
|
zix.com
|
199.30.234.249
|
|
|
|
www.zix.com
|
199.30.234.249
|
|
|
|
pixel.onaudience.com
|
146.59.148.16
|
|
|
|
vimeo.com
|
151.101.0.217
|
|
|
|
dsp.adfarm1.adition.com
|
85.114.159.93
|
|
|
|
redirect.frontend.weborama.fr
|
35.190.16.14
|
|
|
|
vimeo.map.fastly.net
|
151.101.0.217
|
|
|
|
googleads.g.doubleclick.net
|
142.250.203.98
|
|
|
|
secure-chsd.org
|
63.71.15.141
|
|
|
|
www.google.co.uk
|
142.250.203.99
|
|
|
|
ads4.admatic.com.tr
|
188.132.147.227
|
|
|
|
clients.l.google.com
|
172.217.168.78
|
|
|
|
istrp.adform.net
|
37.157.2.249
|
|
|
|
unpkg.com
|
104.16.122.175
|
|
|
|
prod-dub-beacon-1484770602.eu-west-1.elb.amazonaws.com
|
52.18.60.235
|
|
|
|
s.w.org
|
192.0.77.48
|
|
|
|
googlehosted.l.googleusercontent.com
|
172.217.168.65
|
|
|
|
aa-agkn-com-https-1893222849.eu-west-2.elb.amazonaws.com
|
35.176.195.187
|
|
|
|
alb-event-1454785217.us-east-1.elb.amazonaws.com
|
34.234.150.139
|
|
|
|
sync.1dmp.io
|
88.99.214.77
|
|
|
|
afe79c04fd8464db69f453355c110684-6aa967fe209738b1.elb.us-east-1.amazonaws.com
|
34.193.113.164
|
|
|
|
dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
|
3.248.38.136
|
|
|
|
cm.smartstream.tv
|
80.85.85.173
|
|
|
|
cm.adsafety.net
|
80.82.217.100
|
|
|
|
dl7g9llrghqi1.cloudfront.net
|
143.204.215.88
|
|
|
|
insight.adsrvr.org
|
52.223.40.198
|
|
|
|
pop-edc2.mix.linkedin.com
|
108.174.11.85
|
|
|
|
ps.eyeota.net
|
3.124.210.90
|
|
|
|
scontent.xx.fbcdn.net
|
157.240.17.15
|
|
|
|
tag.demandbase.com
|
13.32.22.99
|
|
|
|
a2f905133e04e4d35ade9cd4751dd35b-4fd69d4b6621dbbd.elb.us-east-1.amazonaws.com
|
35.174.210.7
|
|
|
|
rtb-csync-tmk.smartadserver.com
|
199.187.193.193
|
|
|
|
idsync.rlcdn.com
|
35.244.174.68
|
|
|
|
fresnel.vimeocdn.com
|
34.120.202.204
|
|
|
|
pixel.tapad.com
|
35.227.248.159
|
|
|
|
s3-eu-west-1.amazonaws.com
|
52.218.96.10
|
|
|
|
accounts.google.com
|
216.58.215.237
|
|
|
|
www-google-analytics.l.google.com
|
142.250.203.110
|
|
|
|
ws.zoominfo.com
|
104.16.168.82
|
|
|
|
prod.ups-eu-central-1.aolp-ds-prd.aws.oath.cloud
|
18.184.201.8
|
|
|
|
a.audrte.com
|
34.206.192.53
|
|
|
|
www-googletagmanager.l.google.com
|
142.250.186.136
|
|
|
|
adstax-match-proxy.adrtx.net
|
52.211.146.69
|
|
|
|
dxedge-prod-lb-404808087.eu-central-1.elb.amazonaws.com
|
18.197.87.177
|
|
|
|
embeds.driftcdn.com
|
143.204.215.111
|
|
|
|
pug22000nf.pubmatic.com
|
185.64.189.110
|
|
|
|
partnerad.l.doubleclick.net
|
142.250.203.98
|
|
|
|
global.ib-ibi.com
|
64.58.232.179
|
|
|
|
s.ad.smaato.net
|
13.32.22.27
|
|
|
|
outspot2-ams.adx.opera.com
|
82.145.213.8
|
|
|
|
api.company-target.com
|
143.204.215.82
|
|
|
|
load-euw1.exelator.com
|
54.78.254.47
|
|
|
|
prod.ups-ats.eu-central-1.aolp-ds-prd.aws.oath.cloud
|
18.156.0.31
|
|
|
|
ib.anycast.adnxs.com
|
37.252.173.215
|
|
|
|
d3i42lyttuj6qr.cloudfront.net
|
65.9.71.36
|
|
|
|
vimeo-video.map.fastly.net
|
151.101.114.109
|
|
|
|
metrics.api.drift.com
|
unknown
|
|
|
|
id5-sync.com
|
unknown
|
|
|
|
i.vimeocdn.com
|
unknown
|
|
|
|
ads.stickyadstv.com
|
unknown
|
|
|
|
stats.g.doubleclick.net
|
unknown
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
js.driftt.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
token.rubiconproject.com
|
unknown
|
|
|
|
loada.exelator.com
|
unknown
|
|
|
|
c1.adform.net
|
unknown
|
|
|
|
dmp.adform.net
|
unknown
|
|
|
|
connect.facebook.net
|
unknown
|
|
|
|
bootstrap.api.drift.com
|
unknown
|
|
|
|
pixel.mathtag.com
|
unknown
|
|
|
|
t.adx.opera.com
|
unknown
|
|
There are 90 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.16.122.175
|
unpkg.com
|
United States
|
|
|
|
216.58.215.237
|
accounts.google.com
|
United States
|
|
|
|
50.16.7.188
|
unknown
|
United States
|
|
|
|
157.240.17.35
|
star-mini.c10r.facebook.com
|
United States
|
|
|
|
185.64.190.80
|
pug-lhr.pubmatic.com
|
United Kingdom
|
|
|
|
3.248.38.136
|
dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com
|
United States
|
|
|
|
64.58.232.179
|
global.ib-ibi.com
|
United States
|
|
|
|
3.124.210.90
|
ps.eyeota.net
|
United States
|
|
|
|
35.227.248.159
|
pixel.tapad.com
|
United States
|
|
|
|
52.218.96.10
|
s3-eu-west-1.amazonaws.com
|
United States
|
|
|
|
65.9.71.36
|
d3i42lyttuj6qr.cloudfront.net
|
United States
|
|
|
|
35.174.210.7
|
a2f905133e04e4d35ade9cd4751dd35b-4fd69d4b6621dbbd.elb.us-east-1.amazonaws.com
|
United States
|
|
|
|
3.66.41.54
|
eu2-ice.360yield.com
|
United States
|
|
|
|
52.30.140.199
|
sync.crwdcntrl.net
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
18.156.0.31
|
prod.ups-ats.eu-central-1.aolp-ds-prd.aws.oath.cloud
|
United States
|
|
|
|
143.204.215.111
|
embeds.driftcdn.com
|
United States
|
|
|
|
35.244.174.68
|
id.rlcdn.com
|
United States
|
|
|
|
80.82.217.100
|
cm.adsafety.net
|
Germany
|
|
|
|
35.190.16.14
|
redirect.frontend.weborama.fr
|
United States
|
|
|
|
52.49.53.128
|
match.prod.bidr.io
|
United States
|
|
|
|
188.132.147.235
|
unknown
|
Turkey
|
|
|
|
63.71.15.141
|
secure-chsd.org
|
United States
|
|
|
|
88.99.214.77
|
sync.1dmp.io
|
Germany
|
|
|
|
54.78.254.47
|
load-euw1.exelator.com
|
United States
|
|
|
|
52.18.60.235
|
prod-dub-beacon-1484770602.eu-west-1.elb.amazonaws.com
|
United States
|
|
|
|
65.9.71.23
|
d2znr2yi078d75.cloudfront.net
|
United States
|
|
|
|
45.223.138.206
|
b9odqbm.impervadns.net
|
United States
|
|
|
|
157.240.17.15
|
scontent.xx.fbcdn.net
|
United States
|
|
|
|
13.32.22.99
|
tag.demandbase.com
|
United States
|
|
|
|
172.217.168.65
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
143.204.215.100
|
segments.company-target.com
|
United States
|
|
|
|
3.120.56.129
|
elb-aws-fr-bruges-621602890.eu-central-1.elb.amazonaws.com
|
United States
|
|
|
|
188.132.147.227
|
ads4.admatic.com.tr
|
Turkey
|
|
|
|
142.250.186.136
|
www-googletagmanager.l.google.com
|
United States
|
|
|
|
34.120.202.204
|
fresnel.vimeocdn.com
|
United States
|
|
|
|
37.157.2.249
|
istrp.adform.net
|
Denmark
|
|
|
|
199.30.234.249
|
zix.com
|
United States
|
|
|
|
13.32.22.27
|
s.ad.smaato.net
|
United States
|
|
|
|
18.198.109.212
|
httplogserver-lb.global.unified-prod.sharethis.net
|
United States
|
|
|
|
172.217.168.78
|
clients.l.google.com
|
United States
|
|
|
|
46.19.11.36
|
match.contentexchange.me
|
Slovenia
|
|
|
|
143.204.215.82
|
api.company-target.com
|
United States
|
|
|
|
143.204.215.88
|
dl7g9llrghqi1.cloudfront.net
|
United States
|
|
|
|
104.16.19.94
|
cdnjs.cloudflare.com
|
United States
|
|
|
|
80.85.85.173
|
cm.smartstream.tv
|
United Kingdom
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
52.89.239.64
|
dxedge-prod-lb-1585771072.us-west-2.elb.amazonaws.com
|
United States
|
|
|
|
54.147.21.139
|
unknown
|
United States
|
|
|
|
151.101.0.217
|
vimeo.com
|
United States
|
|
|
|
80.82.217.92
|
ads.smartstream.tv
|
Germany
|
|
|
|
34.206.192.53
|
a.audrte.com
|
United States
|
|
|
|
77.243.60.138
|
uip.semasio.net
|
Denmark
|
|
|
|
34.234.150.139
|
alb-event-1454785217.us-east-1.elb.amazonaws.com
|
United States
|
|
|
|
108.174.11.85
|
pop-edc2.mix.linkedin.com
|
United States
|
|
|
|
142.250.203.98
|
googleads.g.doubleclick.net
|
United States
|
|
|
|
142.250.203.99
|
gstaticadssl.l.google.com
|
United States
|
|
|
|
52.223.40.198
|
match.adsrvr.org
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
82.145.213.8
|
outspot2-ams.adx.opera.com
|
United Kingdom
|
|
|
|
51.195.5.232
|
unknown
|
France
|
|
|
|
35.169.187.184
|
ee15ba61-wschat-wschatalb-6fcf-2062696737.us-east-1.elb.amazonaws.com
|
United States
|
|
|
|
37.252.173.215
|
ib.anycast.adnxs.com
|
European Union
|
|
|
|
139.162.147.24
|
tags.adsafety.net
|
Netherlands
|
|
|
|
13.32.22.126
|
platform-api.sharethis.com
|
United States
|
|
|
|
52.211.146.69
|
adstax-match-proxy.adrtx.net
|
United States
|
|
|
|
85.114.159.93
|
dsp.adfarm1.adition.com
|
Germany
|
|
|
|
146.59.148.16
|
pixel.onaudience.com
|
Norway
|
|
|
|
18.184.201.8
|
prod.ups-eu-central-1.aolp-ds-prd.aws.oath.cloud
|
United States
|
|
|
|
76.223.111.18
|
eu-eb2.3lift.com
|
United States
|
|
|
|
35.176.195.187
|
aa-agkn-com-https-1893222849.eu-west-2.elb.amazonaws.com
|
United States
|
|
|
|
54.173.95.250
|
unknown
|
United States
|
|
|
|
151.101.114.109
|
vimeo-video.map.fastly.net
|
United States
|
|
|
|
35.157.138.20
|
ih.adscale.de
|
United States
|
|
|
|
142.250.145.156
|
stats.l.doubleclick.net
|
United States
|
|
|
|
172.217.168.36
|
www.google.com
|
United States
|
|
|
|
104.16.168.82
|
ws.zoominfo.com
|
United States
|
|
|
|
34.98.64.218
|
eu-u.openx.net
|
United States
|
|
|
|
199.187.193.193
|
rtb-csync-tmk.smartadserver.com
|
Canada
|
|
There are 69 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 33 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1DA5DF59000
|
unkown
|
page read and write
|
|
|
|
7FF590D33000
|
unkown image
|
page readonly
|
|
|
|
1C34F410000
|
unkown image
|
page readonly
|
|
|
|
7DF4C7BA0000
|
unkown image
|
page readonly
|
|
|
|
1DA62D22000
|
unkown
|
page read and write
|
|
|
|
261D707C000
|
unkown
|
page read and write
|
|
|
|
7FF59E4B9000
|
unkown image
|
page readonly
|
|
|
|
CB60F6E000
|
stack
|
page read and write
|
|
|
|
1DA62D1D000
|
unkown
|
page read and write
|
|
|
|
7DF5F6332000
|
unkown image
|
page readonly
|
|
|
|
1DA62CE4000
|
unkown
|
page read and write
|
|
|
|
1D755540000
|
unkown image
|
page readonly
|
|
|
|
1C34F077000
|
unkown
|
page read and write
|
|
|
|
7FF5C85E2000
|
unkown image
|
page readonly
|
|
|
|
C67D4FF000
|
stack
|
page read and write
|
|
|
|
1DA62CB9000
|
unkown
|
page read and write
|
|
|
|
1DA62B86000
|
unkown
|
page read and write
|
|
|
|
7DF56CA70000
|
unkown image
|
page readonly
|
|
|
|
1DA62CDF000
|
unkown
|
page read and write
|
|
|
|
1DA62B70000
|
unkown
|
page read and write
|
|
|
|
1C34F066000
|
unkown
|
page read and write
|
|
|
|
7DF56CA52000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABEB0000
|
unkown image
|
page readonly
|
|
|
|
1C34F040000
|
unkown
|
page read and write
|
|
|
|
2252C350000
|
unkown image
|
page readonly
|
|
|
|
1DA62D22000
|
unkown
|
page read and write
|
|
|
|
1C34F056000
|
unkown
|
page read and write
|
|
|
|
261D7000000
|
unkown
|
page read and write
|
|
|
|
1DA5DF18000
|
unkown
|
page read and write
|
|
|
|
261D6DC0000
|
unkown image
|
page read and write
|
|
|
|
2252C220000
|
unkown image
|
page readonly
|
|
|
|
22001FC0000
|
unkown
|
page read and write
|
|
|
|
261D7053000
|
unkown
|
page read and write
|
|
|
|
7FF5E0453000
|
unkown image
|
page readonly
|
|
|
|
261D7590000
|
unkown
|
page read and write
|
|
|
|
1DA62CB9000
|
unkown
|
page read and write
|
|
|
|
7FF597473000
|
unkown image
|
page readonly
|
|
|
|
7DF49D860000
|
unkown image
|
page readonly
|
|
|
|
7DF56CA60000
|
unkown image
|
page readonly
|
|
|
|
7DF5C9CE2000
|
unkown image
|
page readonly
|
|
|
|
7DF592180000
|
unkown image
|
page readonly
|
|
|
|
4E947F000
|
stack
|
page read and write
|
|
|
|
7DF5AD400000
|
unkown image
|
page readonly
|
|
|
|
2252C44E000
|
unkown
|
page read and write
|
|
|
|
7FF59737B000
|
unkown image
|
page readonly
|
|
|
|
2252C48D000
|
unkown
|
page read and write
|
|
|
|
1DA62BE0000
|
unkown
|
page read and write
|
|
|
|
7FF59E44B000
|
unkown image
|
page readonly
|
|
|
|
2252C455000
|
unkown
|
page read and write
|
|
|
|
7FF596F7C000
|
unkown image
|
page readonly
|
|
|
|
7FF5DBFF3000
|
unkown image
|
page readonly
|
|
|
|
1C34F03A000
|
unkown
|
page read and write
|
|
|
|
2252C500000
|
unkown
|
page read and write
|
|
|
|
1DA5DF59000
|
unkown
|
page read and write
|
|
|
|
7DF5C9CE0000
|
unkown image
|
page readonly
|
|
|
|
7FF59E4BC000
|
unkown image
|
page readonly
|
|
|
|
2252C800000
|
unkown image
|
page readonly
|
|
|
|
7DF5988D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABF86000
|
unkown image
|
page readonly
|
|
|
|
1DA62CDF000
|
unkown
|
page read and write
|
|
|
|
C67D27B000
|
unkown
|
page read and write
|
|
|
|
7DF5C9CE0000
|
unkown image
|
page readonly
|
|
|
|
1D755560000
|
heap default
|
page read and write
|
|
|
|
1DA62E08000
|
unkown
|
page read and write
|
|
|
|
7FF5ABA96000
|
unkown image
|
page readonly
|
|
|
|
7FF5C878F000
|
unkown image
|
page readonly
|
|
|
|
1DA62CE4000
|
unkown
|
page read and write
|
|
|
|
1C34F058000
|
unkown
|
page read and write
|
|
|
|
7DF5988C0000
|
unkown image
|
page readonly
|
|
|
|
7FF59E2E9000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8795000
|
unkown image
|
page readonly
|
|
|
|
7FF59E543000
|
unkown image
|
page readonly
|
|
|
|
29BE6570000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8883000
|
unkown image
|
page readonly
|
|
|
|
1D75563C000
|
unkown
|
page read and write
|
|
|
|
7FF59E526000
|
unkown image
|
page readonly
|
|
|
|
1C34F05F000
|
unkown
|
page read and write
|
|
|
|
7DF5F6322000
|
unkown image
|
page readonly
|
|
|
|
7FF59E30F000
|
unkown image
|
page readonly
|
|
|
|
1DA5DF18000
|
unkown
|
page read and write
|
|
|
|
7DF5C9CF0000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABD5D000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABDCA000
|
unkown image
|
page readonly
|
|
|
|
CB60FEE000
|
stack
|
page read and write
|
|
|
|
1DA5DF18000
|
unkown
|
page read and write
|
|
|
|
1DA62CB0000
|
unkown
|
page read and write
|
|
|
|
7FF59E315000
|
unkown image
|
page readonly
|
|
|
|
7DF5DD440000
|
unkown image
|
page readonly
|
|
|
|
7FF597466000
|
unkown image
|
page readonly
|
|
|
|
1D75564F000
|
unkown
|
page read and write
|
|
|
|
275A95C0000
|
unkown
|
page read and write
|
|
|
|
7FF59E543000
|
unkown image
|
page readonly
|
|
|
|
261D6E00000
|
unkown image
|
page readonly
|
|
|
|
7FF5C87B1000
|
unkown image
|
page readonly
|
|
|
|
25810665000
|
unkown
|
page read and write
|
|
|
|
7FF5973E2000
|
unkown image
|
page readonly
|
|
|
|
1D755613000
|
unkown
|
page read and write
|
|
|
|
1D755530000
|
unkown image
|
page readonly
|
|
|
|
1C34F200000
|
unkown image
|
page readonly
|
|
|
|
2252C502000
|
unkown
|
page read and write
|
|
|
|
1DA62D04000
|
unkown
|
page read and write
|
|
|
|
CB6167F000
|
stack
|
page read and write
|
|
|
|
7DF5988C2000
|
unkown image
|
page readonly
|
|
|
|
1DA62B84000
|
unkown
|
page read and write
|
|
|
|
7DF59F990000
|
unkown image
|
page readonly
|
|
|
|
3017B9E000
|
stack
|
page read and write
|
|
|
|
7FF5B2C13000
|
unkown image
|
page readonly
|
|
|
|
7FF59E4C6000
|
unkown image
|
page readonly
|
|
|
|
7DF5E18C0000
|
unkown image
|
page readonly
|
|
|
|
7FF59E481000
|
unkown image
|
page readonly
|
|
|
|
7DF5B4062000
|
unkown image
|
page readonly
|
|
|
|
1DA62E21000
|
unkown
|
page read and write
|
|
|
|
1DA62BA0000
|
unkown
|
page read and write
|
|
|
|
1C34EEF0000
|
unkown image
|
page readonly
|
|
|
|
4E907B000
|
stack
|
page read and write
|
|
|
|
7FF5973EC000
|
unkown image
|
page readonly
|
|
|
|
7DF592190000
|
unkown image
|
page readonly
|
|
|
|
7FF597390000
|
unkown image
|
page readonly
|
|
|
|
7FF5973B1000
|
unkown image
|
page readonly
|
|
|
|
7FF5C87F9000
|
unkown image
|
page readonly
|
|
|
|
4E8B0B000
|
unkown
|
page read and write
|
|
|
|
275A95C0000
|
unkown
|
page read and write
|
|
|
|
1DA62CB9000
|
unkown
|
page read and write
|
|
|
|
7FF5973DC000
|
unkown image
|
page readonly
|
|
|
|
7FF5F4ED3000
|
unkown image
|
page readonly
|
|
|
|
C67D6F7000
|
stack
|
page read and write
|
|
|
|
7FF59737F000
|
unkown image
|
page readonly
|
|
|
|
1C34F041000
|
unkown
|
page read and write
|
|
|
|
7DF59F990000
|
unkown image
|
page readonly
|
|
|
|
1C34F061000
|
unkown
|
page read and write
|
|
|
|
7FF59E44F000
|
unkown image
|
page readonly
|
|
|
|
1DA62B80000
|
unkown
|
page read and write
|
|
|
|
7FF59723D000
|
unkown image
|
page readonly
|
|
|
|
7DF5C9CD2000
|
unkown image
|
page readonly
|
|
|
|
7DF5988C0000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABD65000
|
unkown image
|
page readonly
|
|
|
|
7FF56B603000
|
unkown image
|
page readonly
|
|
|
|
4E8E7F000
|
stack
|
page read and write
|
|
|
|
1DA62D06000
|
unkown
|
page read and write
|
|
|
|
7FF59E4B2000
|
unkown image
|
page readonly
|
|
|
|
1DA62D06000
|
unkown
|
page read and write
|
|
|
|
7DF59F9A2000
|
unkown image
|
page readonly
|
|
|
|
261D7070000
|
unkown
|
page read and write
|
|
|
|
7FF5C87EC000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABEA8000
|
unkown image
|
page readonly
|
|
|
|
2252C400000
|
unkown
|
page read and write
|
|
|
|
7FF5973A1000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8798000
|
unkown image
|
page readonly
|
|
|
|
7DF59F992000
|
unkown image
|
page readonly
|
|
|
|
261D705D000
|
unkown
|
page read and write
|
|
|
|
7FF5C87A0000
|
unkown image
|
page readonly
|
|
|
|
7FF596917000
|
unkown image
|
page readonly
|
|
|
|
1C34EF20000
|
heap default
|
page read and write
|
|
|
|
1DA62D1D000
|
unkown
|
page read and write
|
|
|
|
2252C48B000
|
unkown
|
page read and write
|
|
|
|
7FF5ABDD0000
|
unkown image
|
page readonly
|
|
|
|
1DA62D0C000
|
unkown
|
page read and write
|
|
|
|
1DA62BB0000
|
unkown
|
page read and write
|
|
|
|
7DF5DD460000
|
unkown image
|
page readonly
|
|
|
|
7DF5F6340000
|
unkown image
|
page readonly
|
|
|
|
2252C43D000
|
unkown
|
page read and write
|
|
|
|
7FF597404000
|
unkown image
|
page readonly
|
|
|
|
1C34F029000
|
unkown
|
page read and write
|
|
|
|
7FF5ABEA5000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABEE5000
|
unkown image
|
page readonly
|
|
|
|
261D705D000
|
unkown
|
page read and write
|
|
|
|
1C34F05A000
|
unkown
|
page read and write
|
|
|
|
7FF5C87FC000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABA9C000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB437000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABE0C000
|
unkown image
|
page readonly
|
|
|
|
2252C458000
|
unkown
|
page read and write
|
|
|
|
7FF59E380000
|
unkown image
|
page readonly
|
|
|
|
22000048000
|
unkown
|
page read and write
|
|
|
|
7FF59DA18000
|
unkown image
|
page readonly
|
|
|
|
7DF59F9A2000
|
unkown image
|
page readonly
|
|
|
|
275A95C0000
|
unkown
|
page read and write
|
|
|
|
1DA62D1D000
|
unkown
|
page read and write
|
|
|
|
7DF5DD442000
|
unkown image
|
page readonly
|
|
|
|
7FF5C7FCE000
|
unkown image
|
page readonly
|
|
|
|
2252C240000
|
unkown image
|
page readonly
|
|
|
|
7FF59E331000
|
unkown image
|
page readonly
|
|
|
|
7FF5972AA000
|
unkown image
|
page readonly
|
|
|
|
1D755510000
|
unkown image
|
page readonly
|
|
|
|
1DA62CB9000
|
unkown
|
page read and write
|
|
|
|
7DF5E18A0000
|
unkown image
|
page readonly
|
|
|
|
1DA62E00000
|
unkown
|
page read and write
|
|
|
|
7DF5C9CD0000
|
unkown image
|
page readonly
|
|
|
|
1DA62CE4000
|
unkown
|
page read and write
|
|
|
|
1D755708000
|
unkown
|
page read and write
|
|
|
|
7DF5B4070000
|
unkown image
|
page readonly
|
|
|
|
1D755500000
|
heap private
|
page read and write
|
|
|
|
1DA5D4C0000
|
unkown image
|
page readonly
|
|
|
|
7DF5F6330000
|
unkown image
|
page readonly
|
|
|
|
7FF597456000
|
unkown image
|
page readonly
|
|
|
|
7DF59F9B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5973E9000
|
unkown image
|
page readonly
|
|
|
|
22000048000
|
unkown
|
page read and write
|
|
|
|
7DF5988D0000
|
unkown image
|
page readonly
|
|
|
|
1DA5DF59000
|
unkown
|
page read and write
|
|
|
|
1DA62BB4000
|
unkown
|
page read and write
|
|
|
|
1D755590000
|
unkown
|
page read and write
|
|
|
|
4E927E000
|
stack
|
page read and write
|
|
|
|
2252C220000
|
unkown image
|
page readonly
|
|
|
|
1DA62CDF000
|
unkown
|
page read and write
|
|
|
|
7FF59E495000
|
unkown image
|
page readonly
|
|
|
|
2252C370000
|
unkown
|
page read and write
|
|
|
|
1DA62B80000
|
unkown
|
page read and write
|
|
|
|
7DF59F9A0000
|
unkown image
|
page readonly
|
|
|
|
7FF597385000
|
unkown image
|
page readonly
|
|
|
|
2252C508000
|
unkown
|
page read and write
|
|
|
|
2252C450000
|
unkown
|
page read and write
|
|
|
|
2252C513000
|
unkown
|
page read and write
|
|
|
|
7FF59E536000
|
unkown image
|
page readonly
|
|
|
|
7FF59691D000
|
unkown image
|
page readonly
|
|
|
|
7DF56CA50000
|
unkown image
|
page readonly
|
|
|
|
1C34F06D000
|
unkown
|
page read and write
|
|
|
|
1DA62D08000
|
unkown
|
page read and write
|
|
|
|
1DA62D09000
|
unkown
|
page read and write
|
|
|
|
1C34F802000
|
unkown
|
page read and write
|
|
|
|
261D7066000
|
unkown
|
page read and write
|
|
|
|
1C34F07B000
|
unkown
|
page read and write
|
|
|
|
2252C600000
|
unkown image
|
page readonly
|
|
|
|
C67D37E000
|
stack
|
page read and write
|
|
|
|
1DA62B81000
|
unkown
|
page read and write
|
|
|
|
301817F000
|
stack
|
page read and write
|
|
|
|
1D755510000
|
unkown image
|
page readonly
|
|
|
|
7DF5AD400000
|
unkown image
|
page readonly
|
|
|
|
7FF59E464000
|
unkown image
|
page readonly
|
|
|
|
7FF597388000
|
unkown image
|
page readonly
|
|
|
|
1DA62CDF000
|
unkown
|
page read and write
|
|
|
|
3017A9B000
|
unkown
|
page read and write
|
|
|
|
7FF5970F8000
|
unkown image
|
page readonly
|
|
|
|
1D755700000
|
unkown
|
page read and write
|
|
|
|
1C34F06B000
|
unkown
|
page read and write
|
|
|
|
7FF59E479000
|
unkown image
|
page readonly
|
|
|
|
7DF5DD450000
|
unkown image
|
page readonly
|
|
|
|
7FF59E30D000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8809000
|
unkown image
|
page readonly
|
|
|
|
1C34F057000
|
unkown
|
page read and write
|
|
|
|
261D7108000
|
unkown
|
page read and write
|
|
|
|
7FF5ABCF2000
|
unkown image
|
page readonly
|
|
|
|
7FF597261000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8814000
|
unkown image
|
page readonly
|
|
|
|
261D6DD0000
|
heap private
|
page read and write
|
|
|
|
7FF5ABE8C000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABEC9000
|
unkown image
|
page readonly
|
|
|
|
261D7087000
|
unkown
|
page read and write
|
|
|
|
1DA62CDF000
|
unkown
|
page read and write
|
|
|
|
7DF5C9CD0000
|
unkown image
|
page readonly
|
|
|
|
25810410000
|
unkown image
|
page readonly
|
|
|
|
261D7602000
|
unkown
|
page read and write
|
|
|
|
1DA62D32000
|
unkown
|
page read and write
|
|
|
|
301827F000
|
stack
|
page read and write
|
|
|
|
7FF597219000
|
unkown image
|
page readonly
|
|
|
|
7DF592182000
|
unkown image
|
page readonly
|
|
|
|
7DF5E18B0000
|
unkown image
|
page readonly
|
|
|
|
1D755713000
|
unkown
|
page read and write
|
|
|
|
1D75564C000
|
unkown
|
page read and write
|
|
|
|
1DA62CB9000
|
unkown
|
page read and write
|
|
|
|
1DA62D08000
|
unkown
|
page read and write
|
|
|
|
21FFFE80000
|
unkown image
|
page readonly
|
|
|
|
7DF5B4072000
|
unkown image
|
page readonly
|
|
|
|
2252C270000
|
heap default
|
page read and write
|
|
|
|
1DA62D0C000
|
unkown
|
page read and write
|
|
|
|
1C34F059000
|
unkown
|
page read and write
|
|
|
|
22000058000
|
unkown
|
page read and write
|
|
|
|
7DF5E18A2000
|
unkown image
|
page readonly
|
|
|
|
7DF5AD3E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C7FE2000
|
unkown image
|
page readonly
|
|
|
|
261D6DE0000
|
unkown image
|
page readonly
|
|
|
|
3017B1E000
|
stack
|
page read and write
|
|
|
|
CB6177E000
|
stack
|
page read and write
|
|
|
|
7FF59DCA2000
|
unkown image
|
page readonly
|
|
|
|
7DF5988C2000
|
unkown image
|
page readonly
|
|
|
|
1DA62D08000
|
unkown
|
page read and write
|
|
|
|
7FF5ABF93000
|
unkown image
|
page readonly
|
|
|
|
1D755602000
|
unkown
|
page read and write
|
|
|
|
1DA62BE0000
|
unkown
|
page read and write
|
|
|
|
7DF5988E0000
|
unkown image
|
page readonly
|
|
|
|
1C34F05C000
|
unkown
|
page read and write
|
|
|
|
1DA62E24000
|
unkown
|
page read and write
|
|
|
|
1D75567D000
|
unkown
|
page read and write
|
|
|
|
2252C980000
|
unkown image
|
page readonly
|
|
|
|
2252C47C000
|
unkown
|
page read and write
|
|
|
|
7FF5C8883000
|
unkown image
|
page readonly
|
|
|
|
1C34F680000
|
unkown
|
page read and write
|
|
|
|
1DA62BE0000
|
unkown
|
page read and write
|
|
|
|
1C34F060000
|
unkown
|
page read and write
|
|
|
|
7FF59E37A000
|
unkown image
|
page readonly
|
|
|
|
7FF59E460000
|
unkown image
|
page readonly
|
|
|
|
261D7100000
|
unkown
|
page read and write
|
|
|
|
261D704B000
|
unkown
|
page read and write
|
|
|
|
7FF5ABF24000
|
unkown image
|
page readonly
|
|
|
|
7FF5C87C1000
|
unkown image
|
page readonly
|
|
|
|
261D7066000
|
unkown
|
page read and write
|
|
|
|
7FF5C87B9000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABF09000
|
unkown image
|
page readonly
|
|
|
|
301807E000
|
stack
|
page read and write
|
|
|
|
7DF5988D0000
|
unkown image
|
page readonly
|
|
|
|
1C34EEB0000
|
unkown image
|
page read and write
|
|
|
|
7FF5ABF93000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8026000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABF16000
|
unkown image
|
page readonly
|
|
|
|
1C34F05E000
|
unkown
|
page read and write
|
|
|
|
7FF5ABE9B000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABD81000
|
unkown image
|
page readonly
|
|
|
|
7DF5B4060000
|
unkown image
|
page readonly
|
|
|
|
2252C210000
|
heap private
|
page read and write
|
|
|
|
1C34F055000
|
unkown
|
page read and write
|
|
|
|
7FF5973A9000
|
unkown image
|
page readonly
|
|
|
|
1D7558D0000
|
unkown image
|
page readonly
|
|
|
|
261D6F10000
|
unkown image
|
page readonly
|
|
|
|
7FF5973F6000
|
unkown image
|
page readonly
|
|
|
|
7DF5B4080000
|
unkown image
|
page readonly
|
|
|
|
C67D7FE000
|
stack
|
page read and write
|
|
|
|
261D702A000
|
unkown
|
page read and write
|
|
|
|
4E8B8F000
|
stack
|
page read and write
|
|
|
|
7DF496790000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8452000
|
unkown image
|
page readonly
|
|
|
|
1C34F084000
|
unkown
|
page read and write
|
|
|
|
7DF59F9B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5C9CD2000
|
unkown image
|
page readonly
|
|
|
|
1DA62CE4000
|
unkown
|
page read and write
|
|
|
|
1C34F013000
|
unkown
|
page read and write
|
|
|
|
1DA5DF18000
|
unkown
|
page read and write
|
|
|
|
1DA62D06000
|
unkown
|
page read and write
|
|
|
|
261D7013000
|
unkown
|
page read and write
|
|
|
|
7FF5AB736000
|
unkown image
|
page readonly
|
|
|
|
4E937F000
|
stack
|
page read and write
|
|
|
|
1DA62D20000
|
unkown
|
page read and write
|
|
|
|
7FF5ABF0C000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8866000
|
unkown image
|
page readonly
|
|
|
|
1C34F000000
|
unkown
|
page read and write
|
|
|
|
7DF5AD3E2000
|
unkown image
|
page readonly
|
|
|
|
2252CC02000
|
unkown
|
page read and write
|
|
|
|
3017F7F000
|
stack
|
page read and write
|
|
|
|
7FF59E471000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB43D000
|
unkown image
|
page readonly
|
|
|
|
7DF592192000
|
unkown image
|
page readonly
|
|
|
|
7FF597245000
|
unkown image
|
page readonly
|
|
|
|
1D7554F0000
|
unkown image
|
page read and write
|
|
|
|
2252C45B000
|
unkown
|
page read and write
|
|
|
|
1D75568A000
|
unkown
|
page read and write
|
|
|
|
2252C200000
|
unkown image
|
page read and write
|
|
|
|
1D755AD0000
|
unkown image
|
page readonly
|
|
|
|
7FF596CB7000
|
unkown image
|
page readonly
|
|
|
|
1DA63080000
|
unkown
|
page read and write
|
|
|
|
7FF59E4AC000
|
unkown image
|
page readonly
|
|
|
|
1C34F07E000
|
unkown
|
page read and write
|
|
|
|
22001FC0000
|
unkown
|
page read and write
|
|
|
|
7DF5988E0000
|
unkown image
|
page readonly
|
|
|
|
1D755600000
|
unkown
|
page read and write
|
|
|
|
C67D8FF000
|
stack
|
page read and write
|
|
|
|
1C34F069000
|
unkown
|
page read and write
|
|
|
|
7DF5AD3E2000
|
unkown image
|
page readonly
|
|
|
|
261D6E30000
|
heap default
|
page read and write
|
|
|
|
7DF5C9CE2000
|
unkown image
|
page readonly
|
|
|
|
2252C413000
|
unkown
|
page read and write
|
|
|
|
7FF59E3BC000
|
unkown image
|
page readonly
|
|
|
|
7DF5988D2000
|
unkown image
|
page readonly
|
|
|
|
7FF59E458000
|
unkown image
|
page readonly
|
|
|
|
7FF59E1C8000
|
unkown image
|
page readonly
|
|
|
|
22000047000
|
unkown
|
page read and write
|
|
|
|
1D755652000
|
unkown
|
page read and write
|
|
|
|
7FF5C8876000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABED1000
|
unkown image
|
page readonly
|
|
|
|
261D704E000
|
unkown
|
page read and write
|
|
|
|
7DF5AD3F2000
|
unkown image
|
page readonly
|
|
|
|
1C34EEC0000
|
heap private
|
page read and write
|
|
|
|
7DF5C9CF0000
|
unkown image
|
page readonly
|
|
|
|
7DF5AD3E0000
|
unkown image
|
page readonly
|
|
|
|
1C34EED0000
|
unkown image
|
page readonly
|
|
|
|
1D755670000
|
unkown
|
page read and write
|
|
|
|
25810668000
|
unkown
|
page read and write
|
|
|
|
1C34F07A000
|
unkown
|
page read and write
|
|
|
|
7DF56CA62000
|
unkown image
|
page readonly
|
|
|
|
1D755570000
|
unkown image
|
page readonly
|
|
|
|
C67D47B000
|
stack
|
page read and write
|
|
|
|
261D6E10000
|
unkown image
|
page readonly
|
|
|
|
1C34EED0000
|
unkown image
|
page readonly
|
|
|
|
261D7400000
|
unkown image
|
page readonly
|
|
|
|
22000057000
|
unkown
|
page read and write
|
|
|
|
7FF5972B0000
|
unkown image
|
page readonly
|
|
|
|
7FF59736C000
|
unkown image
|
page readonly
|
|
|
|
2252C451000
|
unkown
|
page read and write
|
|
|
|
22001FC0000
|
unkown
|
page read and write
|
|
|
|
4E8F7B000
|
stack
|
page read and write
|
|
|
|
1C34EF00000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABE9F000
|
unkown image
|
page readonly
|
|
|
|
1DA62D32000
|
unkown
|
page read and write
|
|
|
|
7FF59E43C000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABEB4000
|
unkown image
|
page readonly
|
|
|
|
7FF59723F000
|
unkown image
|
page readonly
|
|
|
|
CB612FC000
|
stack
|
page read and write
|
|
|
|
7FF5C87D5000
|
unkown image
|
page readonly
|
|
|
|
1C34F590000
|
unkown image
|
page readonly
|
|
|
|
1DA62CDF000
|
unkown
|
page read and write
|
|
|
|
1C34F03C000
|
unkown
|
page read and write
|
|
|
|
1D755E02000
|
unkown
|
page read and write
|
|
|
|
261D7113000
|
unkown
|
page read and write
|
|
|
|
7FF59E046000
|
unkown image
|
page readonly
|
|
|
|
7DF5AD3F0000
|
unkown image
|
page readonly
|
|
|
|
1D755C50000
|
unkown image
|
page readonly
|
|
|
|
7DF59F992000
|
unkown image
|
page readonly
|
|
|
|
CB6147E000
|
stack
|
page read and write
|
|
|
|
7FF5973C5000
|
unkown image
|
page readonly
|
|
|
|
7DF5DD452000
|
unkown image
|
page readonly
|
|
|
|
1C34F400000
|
unkown image
|
page readonly
|
|
|
|
1D755629000
|
unkown
|
page read and write
|
|
|
|
1C34F042000
|
unkown
|
page read and write
|
|
|
|
1DA5DF59000
|
unkown
|
page read and write
|
|
|
|
7DF4AB2B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5F6320000
|
unkown image
|
page readonly
|
|
|
|
2252C487000
|
unkown
|
page read and write
|
|
|
|
7FF5C87A4000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABEC1000
|
unkown image
|
page readonly
|
|
|
|
7FF59E4D4000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABF76000
|
unkown image
|
page readonly
|
|
|
|
CB61577000
|
stack
|
page read and write
|
|
|
|
1C34F046000
|
unkown
|
page read and write
|
|
|
|
1DA62D33000
|
unkown
|
page read and write
|
|
|
|
C67D2FE000
|
stack
|
page read and write
|
|
|
|
2252C45A000
|
unkown
|
page read and write
|
|
|
|
7FF5972EC000
|
unkown image
|
page readonly
|
|
|
|
275A8DE0000
|
unkown image
|
page readonly
|
|
|
|
2252C454000
|
unkown
|
page read and write
|
|
|
|
7FF5ABC18000
|
unkown image
|
page readonly
|
|
|
|
C67D5FB000
|
stack
|
page read and write
|
|
|
|
1C34F04D000
|
unkown
|
page read and write
|
|
|
|
261D6DE0000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABEFC000
|
unkown image
|
page readonly
|
|
|
|
1D755702000
|
unkown
|
page read and write
|
|
|
|
22000058000
|
unkown
|
page read and write
|
|
|
|
7DF5E18B2000
|
unkown image
|
page readonly
|
|
|
|
1DA62D22000
|
unkown
|
page read and write
|
|
|
|
261D7102000
|
unkown
|
page read and write
|
|
|
|
1DA62BE0000
|
unkown
|
page read and write
|
|
|
|
7FF5C8508000
|
unkown image
|
page readonly
|
|
|
|
7DF5AD3F2000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABD5F000
|
unkown image
|
page readonly
|
|
|
|
261D7200000
|
unkown image
|
page readonly
|
|
|
|
2252C471000
|
unkown
|
page read and write
|
|
|
|
7DF5AD3F0000
|
unkown image
|
page readonly
|
|
|
|
CB613FB000
|
stack
|
page read and write
|
|
|
|
CB60EEB000
|
unkown
|
page read and write
|
|
|
|
7FF59E455000
|
unkown image
|
page readonly
|
|
|
|
7FF59E2A2000
|
unkown image
|
page readonly
|
|
|
|
7FF596F76000
|
unkown image
|
page readonly
|
|
|
|
7FF597394000
|
unkown image
|
page readonly
|
|
|
|
2252C429000
|
unkown
|
page read and write
|
|
|
|
2252C456000
|
unkown
|
page read and write
|
|
|
|
1C34F031000
|
unkown
|
page read and write
|
|
|
|
1DA62E0E000
|
unkown
|
page read and write
|
|
|
|
4E9177000
|
stack
|
page read and write
|
|
|
|
7FF5ABD39000
|
unkown image
|
page readonly
|
|
|
|
7FF59E04C000
|
unkown image
|
page readonly
|
|
|
|
261D7580000
|
unkown image
|
page readonly
|
|
|
|
7DF59F9A0000
|
unkown image
|
page readonly
|
|
|
|
2252C250000
|
unkown image
|
page readonly
|
|
|
|
2252C44C000
|
unkown
|
page read and write
|
|
|
|
2252C453000
|
unkown
|
page read and write
|
|
|
|
7FF5971D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABF02000
|
unkown image
|
page readonly
|
|
|
|
7DF5921A0000
|
unkown image
|
page readonly
|
|
|
|
2252C44D000
|
unkown
|
page read and write
|
|
|
|
7FF5C87F2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8806000
|
unkown image
|
page readonly
|
|
|
|
261D7048000
|
unkown
|
page read and write
|
|
|
|
261D703C000
|
unkown
|
page read and write
|
|
|
|
257D04F0000
|
unkown image
|
page readonly
|
|
|
|
1C34F102000
|
unkown
|
page read and write
|
|
|
|
7FF597473000
|
unkown image
|
page readonly
|
|
There are 463 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://secure-chsd.org/s/e?m=ABBOdSX2hand3rhcsO3vIAYp&c=ABBYByWB0o0PvF3l0uo5dmRj&em=EAC%40pointloma%2eEDU
|
|
|
|
https://www.rchsd.org/about-us/
|
|
|
|
https://www.rchsd.org/contact-us/
|
|
|
|
https://zix.com/
|
|
|
|
https://js.driftt.com/core?embedId=65e63pi6mu5c®ion=US&forceShow=false&skipCampaigns=false&sessionId=9a70df5a-b6b4-4e0a-a14c-9a57b6fcaf5a&sessionStarted=1635910895.08&campaignRefreshToken=ef7078d7-33ef-4af8-b357-ba59b7cf0368&hideController=false&pageLoadStartTime=1635910884675&mode=CHAT&driftEnableLog=false
|
|
|
|
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1635910884675
|
|
|
|
https://www.rchsd.org/health-safety/health-alerts/
|
|
|
|
https://player.vimeo.com/video/398648333?portrait=0&byline=0&title=0
|
|
|
|
https://player.vimeo.com/video/447845914?portrait=0&byline=0&title=0
|
|
|
|
https://www.rchsd.org/
|
|
|
|
https://player.vimeo.com/video/604357845?portrait=0&byline=0&title=0
|
|
|
|
https://c1.adform.net/imatch/pixels?uid=3680121232683396984&agencyId=6276&advertiserId=2105093&src=tp&rnd=139481
|
|
|
|
https://a2.adform.net/serving/container/?pm=2463533&lid=100856282&ctype=0&media=0&PageName=Rady+Childrens+Hospital+Homepage&rnd=1844193108&cpref=&loc=https%3a%2f%2fwww.rchsd.org%2f
|
|
|
|
https://pixel.mathtag.com/sync/iframe?mt_uuid=ec1d6181-9483-4f00-986f-209dd10e1e79&no_iframe=1&mt_adid=248701&source=mathtag
|
|
There are 4 hidden doms, click here to show them.