Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\Downloads\OneDrive_2024-09-27.zip (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 19:50:28 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 19:50:28 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 19:50:28 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 19:50:28 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 19:50:28 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\Downloads\OneDrive_2024-09-27.zip.crdownload
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1100257236\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1100257236\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1100257236\manifest.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1472568143\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1472568143\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1472568143\manifest.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1472568143\ssl_error_assistant.pb
|
data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1522017139\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1522017139\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1522017139\manifest.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1522017139\module_list_proto
|
data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1774995298\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1774995298\download_file_types.pb
|
data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1774995298\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1774995298\manifest.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1908859899\Filtering Rules
|
data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1908859899\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1908859899\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1908859899\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1908859899\manifest.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1977249299\Google.Widevine.CDM.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1977249299\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1977249299\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1977249299\manifest.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_471865923\LICENSE
|
ASCII text
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_471865923\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_471865923\crl-set
|
data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_471865923\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_471865923\manifest.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_68224929\LICENSE
|
ASCII text
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_68224929\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_68224929\keys.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_68224929\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_68224929\manifest.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_851539468\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_851539468\cr_en-us_500000_index.bin
|
data
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_851539468\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_851539468\manifest.json
|
JSON data
|
dropped
|
There are 37 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=2064,i,464575565560587866,3599947204452544579,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://newmexicogov-my.sharepoint.com/:f:/g/personal/christine_fuller_newmexicogov_onmicrosoft_com/EoaWDUrKgw5NpxyRqgYpeMMB9xM6HiHeCt0mCjuvQCuY2A?e=Aa5N0v"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://newmexicogov-my.sharepoint.com/:f:/g/personal/christine_fuller_newmexicogov_onmicrosoft_com/EoaWDUrKgw5NpxyRqgYpeMMB9xM6HiHeCt0mCjuvQCuY2A?e=Aa5N0v
|
|||
https://newmexicogov-my.sharepoint.com/:f:/g/personal/christine_fuller_newmexicogov_onmicrosoft_com/EoaWDUrKgw5NpxyRqgYpeMMB9xM6HiHeCt0mCjuvQCuY2A?e=Aa5N0v
|
13.107.136.10
|
||
https://newmexicogov-my.sharepoint.com/_layouts/15/1033/styles/error.css?rev=tF7fyfzbaQzNoASoSDlV4A%3D%3DTAG138
|
13.107.136.10
|
||
https://tr-ofc-afdwac.office.com/apc/trans.gif?395b9bbeed0dcd43a54ceaa2b226756f
|
52.108.9.12
|
||
https://newmexicogov-my.sharepoint.com/ScriptResource.axd?d=wCBesixOviGSfHchxwx1jOTfVwwX4WenbNI2pYkPs-RLwvnho37NJpuVh_0lUKuqTCIcvbvJ2P_NQIcGgPwcNPp1BvklriR1vJsFuZRwk0jZ3wCEXnlklu4r0N42-zaZ7c09l5DZpONkUWT65GaK6TCBTTkXVRKA0MYAPd-4A26Li9gKrK0Qjeoi0qYNAyqI0&t=7a0cc936
|
13.107.136.10
|
||
https://newmexicogov-my.sharepoint.com/_layouts/15/userphoto.aspx?size=S
|
13.107.136.10
|
||
https://newmexicogov-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true
|
13.107.136.10
|
||
https://newmexicogov-my.sharepoint.com/_layouts/15/1033/styles/corev15.css?rev=m%2Fe%2BPmKMYmkX%2Fs1lVR9Uww%3D%3DTAG138
|
13.107.136.10
|
||
https://newmexicogov-my.sharepoint.com/_layouts/15/spwebworkerproxy.ashx
|
13.107.136.10
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%2FNew%20Mexico%20Division%20of%20Vocational%20Rehabilitation&ga=1
|
|||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com
|
13.107.136.10
|
||
https://easylist.to/)
|
unknown
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/undefined/_layouts/15/onedrive.aspx?view=1
|
|||
https://bc7ec791b2fd62f491994f38b1b5c558.fp.measure.office.com/apc/trans.gif?55be8d850fc3ce40c8f75fa7374678b5
|
150.171.0.2
|
||
https://creativecommons.org/compatiblelicenses
|
unknown
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/CSPReporting.aspx
|
13.107.136.10
|
||
https://tr-ooc-acdc.office.com/apc/trans.gif?9b7a89c6a2d1768633275ad295a2e618
|
52.98.253.50
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/AccessDenied.aspx?Source=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom&correlation=d47654a1%2D8094%2D6000%2D8705%2Db67ee5d186bb
|
|||
https://github.com/easylist)
|
unknown
|
||
https://newmexicogov-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
|
13.107.136.10
|
||
https://creativecommons.org/.
|
unknown
|
||
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js
|
152.199.21.175
|
||
https://newmexicogov-my.sharepoint.com/_layouts/15/SPComponentRegistry.ashx?projects=[%22spfx%22]&languages=%5B%5D
|
13.107.136.10
|
||
https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0&sso_reload=true
|
|||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/AccessDenied.aspx?correlation=dc7654a1%2D70e8%2D6000%2D933a%2D4a8901c49193
|
13.107.136.10
|
||
https://dvr-newmexicogov.access1drive.com
|
unknown
|
||
https://tr-ooc-acdc.office.com/apc/trans.gif?7d9243ed6a6540f15e5aaab13455ed30
|
52.98.253.50
|
||
https://newmexicogov-my.sharepoint.com/_layouts/15/images/BlueArrow.gif
|
13.107.136.10
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_api/v2.1/graphql
|
13.107.136.10
|
||
https://newmexicogov-my.sharepoint.com/_layouts/15/userphoto.aspx?size=L
|
13.107.136.10
|
||
https://newmexicogov-my.sharepoint.com/_layouts/15/userphoto.aspx?size=M
|
13.107.136.10
|
||
https://newmexicogov-my.sharepoint.com/_layouts/15/images/odbfavicon.ico?rev=47
|
13.107.136.10
|
||
https://newmexicogov-my.sharepoint.com/_forms/default.aspx?ReturnUrl=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom&Source=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom
|
13.107.136.10
|
||
https://bc7ec791b2fd62f491994f38b1b5c558.fp.measure.office.com/apc/trans.gif?6c6c1de76f060b8c160e9593b2ba7429
|
150.171.0.2
|
||
https://newmexicogov-my.sharepoint.com/_layouts/15/SPComponentRegistry.ashx?projects=[%22STS%22]&languages=%5B%5D
|
13.107.136.10
|
||
https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0
|
|||
https://newmexicogov-my.sharepoint.com/_layouts/15/1033/styles/errordisplay.css?rev=0exfFR1nIzLRO1bRiOlTVA%3D%3DTAG138
|
13.107.136.10
|
||
https://newmexicogov-my.sharepoint.com/_layouts/15/spwebworkerproxy.ashx?odsp-web-prod_2024-09-06.004
|
13.107.136.10
|
||
https://newmexicogov-my.sharepoint.com/WebResource.axd?d=_fraZ9t1i_mvPDGy-YhzmmVETL6GGPe_z4YReCbhtAqTfWf2G664NYIKJJGAw8QGJyB5O0ta_jM0TCeE18oAE-nx2E21WpzO67iCHDTQZrw1&t=638588829843638381
|
13.107.136.10
|
||
https://centralus1-mediap.svc.ms/transform/zip?cs=fFNQTw
|
13.107.136.10
|
||
https://tr-ofc-afdwac.office.com/apc/trans.gif?6e981851bd71f170c044d14a5c2789f7
|
52.108.9.12
|
There are 30 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
wac-0003.wac-msedge.net
|
52.108.9.12
|
||
dual-spo-0005.spo-msedge.net
|
13.107.136.10
|
||
dns.office.com
|
150.171.0.2
|
||
sni1gl.wpc.omegacdn.net
|
152.199.21.175
|
||
www.google.com
|
142.250.186.164
|
||
FRA-efz.ms-acdc.office.com
|
52.98.253.50
|
||
s-part-0032.t-0009.t-msedge.net
|
13.107.246.60
|
||
sni1gl.wpc.sigmacdn.net
|
152.199.21.175
|
||
bc7ec791b2fd62f491994f38b1b5c558.fp.measure.office.com
|
unknown
|
||
r4.res.office365.com
|
unknown
|
||
tr-ofc-afdwac.office.com
|
unknown
|
||
aadcdn.msftauth.net
|
unknown
|
||
newmexicogov-my.sharepoint.com
|
unknown
|
||
newmexicogov.sharepoint.com
|
unknown
|
||
m365cdn.nel.measure.office.net
|
unknown
|
||
spo.nel.measure.office.net
|
unknown
|
||
centralus1-mediap.svc.ms
|
unknown
|
||
identity.nel.measure.office.net
|
unknown
|
||
upload.fp.measure.office.com
|
unknown
|
||
config.fp.measure.office.com
|
unknown
|
||
login.microsoftonline.com
|
unknown
|
||
tr-ooc-acdc.office.com
|
unknown
|
There are 12 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
52.98.253.50
|
FRA-efz.ms-acdc.office.com
|
United States
|
||
13.107.136.10
|
dual-spo-0005.spo-msedge.net
|
United States
|
||
13.107.246.60
|
s-part-0032.t-0009.t-msedge.net
|
United States
|
||
192.168.2.5
|
unknown
|
unknown
|
||
52.108.9.12
|
wac-0003.wac-msedge.net
|
United States
|
||
150.171.0.2
|
dns.office.com
|
United States
|
||
52.98.252.130
|
unknown
|
United States
|
||
172.217.18.4
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
142.250.186.164
|
www.google.com
|
United States
|
||
152.199.21.175
|
sni1gl.wpc.omegacdn.net
|
United States
|
There are 1 hidden IPs, click here to show them.
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%2FNew%20Mexico%20Division%20of%20Vocational%20Rehabilitation&ga=1
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%2FNew%20Mexico%20Division%20of%20Vocational%20Rehabilitation&ga=1
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%2FNew%20Mexico%20Division%20of%20Vocational%20Rehabilitation&ga=1
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%2FNew%20Mexico%20Division%20of%20Vocational%20Rehabilitation&ga=1
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%2FNew%20Mexico%20Division%20of%20Vocational%20Rehabilitation&ga=1
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%2FNew%20Mexico%20Division%20of%20Vocational%20Rehabilitation&ga=1
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%2FNew%20Mexico%20Division%20of%20Vocational%20Rehabilitation&ga=1
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/undefined/_layouts/15/onedrive.aspx?view=1
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/undefined/_layouts/15/onedrive.aspx?view=1
|
||
https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/AccessDenied.aspx?Source=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom&correlation=d47654a1%2D8094%2D6000%2D8705%2Db67ee5d186bb
|
||
https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0
|
||
https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0&sso_reload=true
|
||
https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0&sso_reload=true
|
||
https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0&sso_reload=true
|
There are 4 hidden doms, click here to show them.