Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 15:26:26 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 15:26:26 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 15:26:26 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 15:26:26 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 15:26:26 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 167
|
ASCII text, with very long lines (65465)
|
dropped
|
||
|
Chrome Cache Entry: 168
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 169
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 170
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 171
|
HTML document, ASCII text, with very long lines (988), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 172
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 173
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 174
|
ASCII text, with very long lines (724)
|
dropped
|
||
|
Chrome Cache Entry: 175
|
ASCII text, with very long lines (1592), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 176
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 177
|
Web Open Font Format (Version 2), CFF, length 38432, version 2.327
|
downloaded
|
||
|
Chrome Cache Entry: 178
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 179
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 180
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 181
|
ASCII text, with very long lines (35125)
|
downloaded
|
||
|
Chrome Cache Entry: 182
|
ASCII text, with very long lines (402)
|
downloaded
|
||
|
Chrome Cache Entry: 183
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 184
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 185
|
ASCII text, with very long lines (402)
|
dropped
|
||
|
Chrome Cache Entry: 186
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 187
|
Web Open Font Format (Version 2), TrueType, length 20248, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 188
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 189
|
PNG image data, 614 x 1024, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 190
|
HTML document, Unicode text, UTF-8 text, with very long lines (64515), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 191
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 192
|
ASCII text, with very long lines (65465)
|
downloaded
|
||
|
Chrome Cache Entry: 193
|
PNG image data, 612 x 1024, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 194
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 195
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 196
|
Web Open Font Format (Version 2), TrueType, length 20024, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 197
|
Web Open Font Format (Version 2), TrueType, length 19032, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 198
|
ASCII text, with very long lines (35125)
|
dropped
|
||
|
Chrome Cache Entry: 199
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 200
|
ASCII text, with very long lines (724)
|
downloaded
|
||
|
Chrome Cache Entry: 202
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 203
|
ASCII text, with very long lines (1592), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 204
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 205
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 206
|
Web Open Font Format (Version 2), CFF, length 40000, version 2.327
|
downloaded
|
||
|
Chrome Cache Entry: 207
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 208
|
PNG image data, 616 x 1024, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 209
|
ASCII text, with very long lines (717)
|
downloaded
|
||
|
Chrome Cache Entry: 210
|
PNG image data, 614 x 1024, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 211
|
PNG image data, 612 x 1024, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 212
|
ASCII text, with very long lines (717)
|
dropped
|
||
|
Chrome Cache Entry: 213
|
PNG image data, 616 x 1024, 8-bit colormap, non-interlaced
|
dropped
|
There are 43 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=2084,i,16560348228593317482,7181066931834296216,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://centered-circle-543619.framer.app/&c=E,1,kW_Efw8oqXBba0mg00J-xSQ9zPPpYD2YLIVLjEHpGyiw5F-SQd30Pct4TxGjEuy5Ib7-_UYZQ0jSQEBMqOR5JMpNOTFXfkyjMYDO2Os35edxMsMWXrTn6Z_JtLk,&typo=1"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://centered-circle-543619.framer.app/&c=E,1,kW_Efw8oqXBba0mg00J-xSQ9zPPpYD2YLIVLjEHpGyiw5F-SQd30Pct4TxGjEuy5Ib7-_UYZQ0jSQEBMqOR5JMpNOTFXfkyjMYDO2Os35edxMsMWXrTn6Z_JtLk,&typo=1
|
|||
|
https://www.google.com/js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js
|
142.250.184.196
|
||
|
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY
|
142.250.184.196
|
||
|
https://framerusercontent.com/images/EALLXJbKpElTZbEI0q7qtJzUt78.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://www.framer.com/fonts/GT-Walsheim/GT-Walsheim-Regular-subset.woff)
|
unknown
|
||
|
https://www.google.com/recaptcha/enterprise/
|
unknown
|
||
|
https://developers.google.com/recaptcha/docs/faq#localhost_support
|
unknown
|
||
|
https://framerusercontent.com/images/p7yQMXbmMstaaUPMlE4AEBriXw.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://framerusercontent.com/images/SNckdleHSmS2bz6TKJVTHQ2SJok.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://framerusercontent.com/sites/nOuIbWFMjWDWBgyVncyHY/chunk-R7TFBMFV.mjs
|
108.138.7.78
|
||
|
https://framerusercontent.com/images/FqdpPA7o2MniyDP4yqXhb7ijXSA.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://framerusercontent.com/images/lQu9AIemHvHaL6Soot5S8Fzb3qM.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://support.google.com/recaptcha#6262736
|
unknown
|
||
|
https://framerusercontent.com/sites/nOuIbWFMjWDWBgyVncyHY/chunk-ELYU6EKT.mjs
|
108.138.7.78
|
||
|
https://www.framer.com/fonts/GT-Walsheim/GT-Walsheim-Bold-subset.woff2
|
13.32.27.66
|
||
|
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcRWAYqAAAAAO5gUOuCftzMzi6K1qwQJq5g3lxj&co=aHR0cHM6Ly9sb2dpbi5mcmFtZXIuY29tOjQ0Mw..&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&badge=inline&cb=owet8mp4mgbn
|
142.250.184.196
|
||
|
https://support.google.com/recaptcha/?hl=en#6223828
|
unknown
|
||
|
https://www.framer.com/fonts/GT-Walsheim/GT-Walsheim-Regular-subset.woff2
|
13.32.27.66
|
||
|
https://cloud.google.com/contact
|
unknown
|
||
|
https://framerusercontent.com/images/b97XMhB8TUN8Xs4kt4d7tuinqw.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://signup2.framer.website/
|
35.71.142.77
|
||
|
https://framerusercontent.com/images/Wt9C69zC4PM1lWqTEosfVNj6do8.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://framerusercontent.com/sites/nOuIbWFMjWDWBgyVncyHY/chunk-HLBBAAQD.mjs
|
108.138.7.78
|
||
|
https://support.google.com/recaptcha/#6175971
|
unknown
|
||
|
https://events.framer.com/script
|
3.160.150.29
|
||
|
https://www.framer.com/fonts/GT-Walsheim/GT-Walsheim-Regular-subset.woff2)
|
unknown
|
||
|
https://framerusercontent.com/images/PvLzm4rTHhoYifPPFlGFVSOo.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://framerusercontent.com/sites/nOuIbWFMjWDWBgyVncyHY/chunk-42U43NKG.mjs
|
108.138.7.78
|
||
|
https://www.framer.com/fonts/GT-Walsheim/GT-Walsheim-Bold-subset.woff)
|
unknown
|
||
|
https://www.google.com/recaptcha/api2/
|
unknown
|
||
|
https://www.framer.com/fonts/GT-Walsheim/GT-Walsheim-Bold-subset.woff2)
|
unknown
|
||
|
https://framerusercontent.com/images/VYwFny1dOY4auaqcz0u21q0VqBA.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://support.google.com/recaptcha
|
unknown
|
||
|
https://framerusercontent.com/images/zBq5JgsJ7P7Lx0VTh4nlbFOhkk.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://www.gstatic.c..?/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__.
|
unknown
|
||
|
https://framerusercontent.com/images/M0yGxTP4PC2N7Kz1XvxzhYUUJs.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://framerusercontent.com/sites/nOuIbWFMjWDWBgyVncyHY/default_script0.BFQQGJDT.mjs
|
108.138.7.78
|
||
|
https://login.framer.com/fonts/GT-Walsheim-Medium.woff2
|
35.156.224.161
|
||
|
https://sentry.io/api/1365185/envelope/?sentry_key=6334759d5f8d49868b7d831eef45097b&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.48.0
|
35.186.247.156
|
||
|
https://login.framer.com/sign-up/?ref=site-404&redirect=https%3A%2F%2Fframer.com%2F
|
|||
|
https://framerusercontent.com/images/ltWXYcIKMr48JlioIC2HGF9f8.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://www.framer.com/fonts/GT-Walsheim/GT-Walsheim-Medium-subset.woff)
|
unknown
|
||
|
https://login.framer.com/fonts/GT-Walsheim-Regular.woff2
|
35.156.224.161
|
||
|
https://framerusercontent.com/images/k7Rghu4Ah5kWM0OWuC8aR6TEr0.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://cloud.google.com/recaptcha-enterprise/billing-information
|
unknown
|
||
|
https://login.framer.com/static/js/main.217d9c62.js
|
35.156.224.161
|
||
|
https://recaptcha.net
|
unknown
|
||
|
https://www.framer.com/fonts/GT-Walsheim/GT-Walsheim-Medium-subset.woff2
|
13.32.27.66
|
||
|
https://framerusercontent.com/sites/icons/default-favicon.v3.png
|
unknown
|
||
|
https://framerusercontent.com/sites/nOuIbWFMjWDWBgyVncyHY/K6yoKpOcQHk9wlJLNjpajzWpZRBJaealJ-mEGGGiT7U.YAWFBSHO.mjs
|
108.138.7.78
|
||
|
https://framerusercontent.com/images/AHdfE36GANzvJkdEsFFF79tW1Q.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://login.framer.com/env.js
|
35.156.224.161
|
||
|
https://framerusercontent.com/images/uJsl9iIiM5WlSqK2Efj2lPfvSvg.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://framerusercontent.com/images/FlFPIkkteM5UWSrXxRa6RegmRyY.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
|
unknown
|
||
|
https://www.framer.com/fonts/GT-Walsheim/GT-Walsheim-Medium-subset.woff2)
|
unknown
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
|
unknown
|
||
|
https://framerusercontent.com/images/yIJHdnW9CwwrJFDFNvJJFxDKXt0.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://events.framer.com/track
|
3.160.150.112
|
||
|
https://api.framer.com/auth/web/access-token
|
18.245.60.100
|
||
|
https://centered-circle-543619.framer.app/favicon.ico
|
35.71.142.77
|
||
|
https://framerusercontent.com/images/0U4RO3dTOlRWUyGKyYqFYaeA.png?scale-down-to=1024
|
108.138.7.78
|
||
|
https://framerusercontent.com/sites/nOuIbWFMjWDWBgyVncyHY/searchIndex-9jVCSP4SQrfI.json
|
unknown
|
||
|
https://www.framer.com/
|
unknown
|
||
|
https://centered-circle-543619.framer.app/&c=E,1,kW_Efw8oqXBba0mg00J-xSQ9zPPpYD2YLIVLjEHpGyiw5F-SQd30Pct4TxGjEuy5Ib7-_UYZQ0jSQEBMqOR5JMpNOTFXfkyjMYDO2Os35edxMsMWXrTn6Z_JtLk,&typo=1
|
There are 55 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
framerusercontent.com
|
108.138.7.78
|
||
|
api.framer.com
|
18.245.60.100
|
||
|
signup2.framer.website
|
35.71.142.77
|
||
|
events.framer.com
|
3.160.150.112
|
||
|
centered-circle-543619.framer.app
|
35.71.142.77
|
||
|
framer-web-login.netlify.app
|
35.156.224.161
|
||
|
www.framer.com
|
13.32.27.66
|
||
|
sentry.io
|
35.186.247.156
|
||
|
www.google.com
|
216.58.206.36
|
||
|
login.framer.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
108.138.7.13
|
unknown
|
United States
|
||
|
108.138.7.78
|
framerusercontent.com
|
United States
|
||
|
192.168.2.17
|
unknown
|
unknown
|
||
|
35.186.247.156
|
sentry.io
|
United States
|
||
|
216.58.206.36
|
www.google.com
|
United States
|
||
|
3.160.150.29
|
unknown
|
United States
|
||
|
3.70.101.28
|
unknown
|
United States
|
||
|
142.250.186.132
|
unknown
|
United States
|
||
|
18.245.60.100
|
api.framer.com
|
United States
|
||
|
35.156.224.161
|
framer-web-login.netlify.app
|
United States
|
||
|
142.250.184.196
|
unknown
|
United States
|
||
|
3.160.150.112
|
events.framer.com
|
United States
|
||
|
13.32.27.66
|
www.framer.com
|
United States
|
||
|
35.71.142.77
|
signup2.framer.website
|
United States
|
||
|
142.250.185.132
|
unknown
|
United States
|
||
|
3.160.150.33
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
There are 7 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://centered-circle-543619.framer.app/&c=E,1,kW_Efw8oqXBba0mg00J-xSQ9zPPpYD2YLIVLjEHpGyiw5F-SQd30Pct4TxGjEuy5Ib7-_UYZQ0jSQEBMqOR5JMpNOTFXfkyjMYDO2Os35edxMsMWXrTn6Z_JtLk,&typo=1
|
||
|
https://login.framer.com/sign-up/?ref=site-404&redirect=https%3A%2F%2Fframer.com%2F
|
||
|
https://login.framer.com/sign-up/?ref=site-404&redirect=https%3A%2F%2Fframer.com%2F
|
||
|
https://login.framer.com/sign-up/?ref=site-404&redirect=https%3A%2F%2Fframer.com%2F
|