IOC Report
Exciting CASIO New Arrivals and New models on our Clearance Sale.msg

loading gif

Files

File Path
Type
Category
Malicious
Exciting CASIO New Arrivals and New models on our Clearance Sale.msg
CDFV2 Microsoft Outlook Message
initial sample
C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
data
dropped
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CatalogCacheMetaData.xml
XML 1.0 document, ASCII text, with very long lines (2147), with no line terminators
modified
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Nunito\22102149970.ttf
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 13 names, Microsoft, language 0x409, Copyright 2014 The Nunito Project Authors (https://github.com/googlefonts/nunito)NunitoBold3.601
dropped
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Nunito\24226543661.ttf
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 13 names, Microsoft, language 0x409, Copyright 2014 The Nunito Project Authors (https://github.com/googlefonts/nunito)NunitoRegular3.
dropped
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\B622B65F-4041-4CA7-A777-8A6AB3C67B63
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-shm
data
dropped
C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-wal
SQLite Write-Ahead Log, version 3007000
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{817348FB-EDB6-4194-A861-D72D1F0298A8}.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1729765902575431300_BD1B5B8A-966F-45DD-945B-85BEDC613D03.log
ASCII text, with very long lines (28773), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1729765902576706300_BD1B5B8A-966F-45DD-945B-85BEDC613D03.log
data
dropped
C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20241024T0631420037-6892.etl
data
dropped
C:\Users\user\AppData\Local\Temp\~DF36161601743035EE.TMP
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Office\MSO3072.acl
data
dropped
C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst
Microsoft Outlook email folder (>=2003)
dropped
C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp
data
dropped
Chrome Cache Entry: 102
ASCII text, with very long lines (23979)
downloaded
Chrome Cache Entry: 103
ASCII text, with very long lines (49314)
downloaded
Chrome Cache Entry: 104
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 105
C source, ASCII text, with very long lines (8687)
downloaded
Chrome Cache Entry: 106
ISO Media, AVIF Image
downloaded
Chrome Cache Entry: 107
ASCII text, with very long lines (2290)
downloaded
Chrome Cache Entry: 108
ASCII text, with very long lines (18244)
downloaded
Chrome Cache Entry: 109
ASCII text, with very long lines (38629)
downloaded
Chrome Cache Entry: 110
ISO Media, AVIF Image
downloaded
Chrome Cache Entry: 111
ASCII text, with very long lines (13029), with no line terminators
dropped
Chrome Cache Entry: 112
ASCII text, with very long lines (16337), with no line terminators
dropped
Chrome Cache Entry: 114
HTML document, Unicode text, UTF-8 text, with very long lines (61318)
downloaded
Chrome Cache Entry: 115
JSON data
downloaded
Chrome Cache Entry: 116
Web Open Font Format (Version 2), TrueType, length 21984, version 1.13107
downloaded
Chrome Cache Entry: 117
Unicode text, UTF-8 text, with very long lines (25052)
dropped
Chrome Cache Entry: 118
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
downloaded
Chrome Cache Entry: 119
ASCII text, with very long lines (9609), with no line terminators
dropped
Chrome Cache Entry: 120
ASCII text, with very long lines (2464)
dropped
Chrome Cache Entry: 121
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 360x360, components 3
dropped
Chrome Cache Entry: 122
ASCII text, with very long lines (22024), with no line terminators
downloaded
Chrome Cache Entry: 123
ASCII text, with very long lines (65461)
dropped
Chrome Cache Entry: 124
Unicode text, UTF-8 text, with very long lines (49922), with no line terminators
downloaded
Chrome Cache Entry: 125
ASCII text, with very long lines (7866)
downloaded
Chrome Cache Entry: 126
Unicode text, UTF-8 text, with very long lines (25052)
downloaded
Chrome Cache Entry: 127
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 128
ASCII text, with very long lines (34240), with no line terminators
dropped
Chrome Cache Entry: 129
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 130
ASCII text, with very long lines (7901), with no line terminators
downloaded
Chrome Cache Entry: 131
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 132
ASCII text, with very long lines (495), with no line terminators
downloaded
Chrome Cache Entry: 133
ASCII text, with very long lines (7901), with no line terminators
dropped
Chrome Cache Entry: 134
ASCII text, with very long lines (34240), with no line terminators
downloaded
Chrome Cache Entry: 135
Unicode text, UTF-8 text, with very long lines (13164)
dropped
Chrome Cache Entry: 136
ASCII text, with very long lines (2398)
dropped
Chrome Cache Entry: 137
ASCII text, with very long lines (32803)
downloaded
Chrome Cache Entry: 138
ASCII text, with very long lines (11921), with no line terminators
downloaded
Chrome Cache Entry: 139
HTML document, Unicode text, UTF-8 text, with very long lines (29752)
downloaded
Chrome Cache Entry: 140
HTML document, Unicode text, UTF-8 text, with very long lines (11047)
dropped
Chrome Cache Entry: 141
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 142
ASCII text
dropped
Chrome Cache Entry: 143
Web Open Font Format (Version 2), TrueType, length 22056, version 1.13107
downloaded
Chrome Cache Entry: 144
ASCII text, with very long lines (38629)
dropped
Chrome Cache Entry: 145
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 146
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 500x500, components 3
downloaded
Chrome Cache Entry: 147
Web Open Font Format (Version 2), TrueType, length 17260, version 1.0
downloaded
Chrome Cache Entry: 148
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 149
ASCII text, with very long lines (20233), with no line terminators
downloaded
Chrome Cache Entry: 150
C source, Unicode text, UTF-8 text, with very long lines (17668), with no line terminators
downloaded
Chrome Cache Entry: 151
ASCII text, with very long lines (64980)
downloaded
Chrome Cache Entry: 152
Web Open Font Format (Version 2), TrueType, length 17040, version 1.0
downloaded
Chrome Cache Entry: 153
Unicode text, UTF-8 text, with very long lines (61316)
downloaded
Chrome Cache Entry: 154
Unicode text, UTF-8 text, with very long lines (61316)
downloaded
Chrome Cache Entry: 155
ASCII text, with very long lines (13029), with no line terminators
downloaded
Chrome Cache Entry: 156
ASCII text, with very long lines (13109)
downloaded
Chrome Cache Entry: 157
Unicode text, UTF-8 text, with very long lines (49922), with no line terminators
dropped
Chrome Cache Entry: 158
ASCII text, with very long lines (45842)
downloaded
Chrome Cache Entry: 159
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 160
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 50x50, components 3
dropped
Chrome Cache Entry: 161
ASCII text, with very long lines (65461)
downloaded
Chrome Cache Entry: 163
Web Open Font Format (Version 2), TrueType, length 17388, version 1.0
downloaded
Chrome Cache Entry: 164
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 165
ASCII text, with very long lines (32803)
dropped
Chrome Cache Entry: 166
ASCII text, with very long lines (3826)
downloaded
Chrome Cache Entry: 167
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 50x50, components 3
dropped
Chrome Cache Entry: 168
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 50x50, components 3
dropped
Chrome Cache Entry: 169
PNG image data, 600 x 34, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 170
ASCII text, with very long lines (64980)
dropped
Chrome Cache Entry: 171
ASCII text, with very long lines (7510)
dropped
Chrome Cache Entry: 172
ASCII text, with very long lines (7510)
downloaded
Chrome Cache Entry: 173
ASCII text, with very long lines (11921), with no line terminators
dropped
Chrome Cache Entry: 174
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 175
ASCII text, with very long lines (20101)
dropped
Chrome Cache Entry: 176
JSON data
dropped
Chrome Cache Entry: 177
ASCII text, with very long lines (7866)
dropped
Chrome Cache Entry: 178
ASCII text
downloaded
Chrome Cache Entry: 179
PNG image data, 500 x 120, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 180
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 181
Unicode text, UTF-8 text, with very long lines (18850)
dropped
Chrome Cache Entry: 182
ASCII text, with very long lines (9864), with no line terminators
dropped
Chrome Cache Entry: 183
ASCII text, with very long lines (14295)
downloaded
Chrome Cache Entry: 184
ASCII text, with very long lines (20233), with no line terminators
dropped
Chrome Cache Entry: 185
ASCII text, with very long lines (4101), with no line terminators
downloaded
Chrome Cache Entry: 186
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 50x50, components 3
dropped
Chrome Cache Entry: 187
Unicode text, UTF-8 text, with very long lines (13164)
downloaded
Chrome Cache Entry: 188
ASCII text, with very long lines (8078)
downloaded
Chrome Cache Entry: 189
Web Open Font Format (Version 2), TrueType, length 21928, version 1.13107
downloaded
Chrome Cache Entry: 190
JSON data
downloaded
Chrome Cache Entry: 191
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 193
ASCII text, with very long lines (336)
downloaded
Chrome Cache Entry: 194
Web Open Font Format (Version 2), TrueType, length 17332, version 1.0
downloaded
Chrome Cache Entry: 195
Web Open Font Format (Version 2), TrueType, length 17388, version 1.0
downloaded
Chrome Cache Entry: 196
ASCII text, with very long lines (2464)
downloaded
Chrome Cache Entry: 197
ASCII text, with very long lines (8298), with no line terminators
dropped
Chrome Cache Entry: 198
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 50x50, components 3
dropped
Chrome Cache Entry: 199
ASCII text, with very long lines (9609), with no line terminators
downloaded
Chrome Cache Entry: 200
ASCII text, with very long lines (2398)
downloaded
Chrome Cache Entry: 201
ASCII text, with very long lines (13109)
dropped
Chrome Cache Entry: 202
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 203
ASCII text, with very long lines (20101)
downloaded
Chrome Cache Entry: 204
ASCII text, with very long lines (23979)
dropped
Chrome Cache Entry: 205
ASCII text, with very long lines (8078)
dropped
Chrome Cache Entry: 206
ASCII text, with very long lines (9864), with no line terminators
downloaded
Chrome Cache Entry: 207
Unicode text, UTF-8 text, with very long lines (32798), with no line terminators
dropped
Chrome Cache Entry: 208
Unicode text, UTF-8 text, with very long lines (32798), with no line terminators
downloaded
Chrome Cache Entry: 209
ASCII text, with very long lines (8298), with no line terminators
downloaded
Chrome Cache Entry: 210
Unicode text, UTF-8 text, with very long lines (18850)
downloaded
Chrome Cache Entry: 211
ASCII text, with very long lines (16337), with no line terminators
downloaded
Chrome Cache Entry: 212
ASCII text, with very long lines (495), with no line terminators
dropped
Chrome Cache Entry: 213
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 215
ASCII text, with very long lines (18545)
downloaded
There are 116 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
"C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /f "C:\Users\user\Desktop\Exciting CASIO New Arrivals and New models on our Clearance Sale.msg"
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe
"C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "26CB1BA1-3B07-4DDA-9DBB-79104245B11E" "6CF0DA68-E2F4-4A4F-87A1-84F7255BB448" "6892" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://email.thecasioshop.co.za/c/eJxkzcFq7SAQgOGn0d0J42g0LlzcTV7jMk7mRMEe5Rga6NMXSndd_z98TB-D6vn6X48UGQKtARE25EBeH2ljD6IlmYAxeAvrqksSDiD2AJtNfobst41XzhGOCEwERteEgM4AOojOGbsAZ4c-ipWn8Z5X5eAqwjRrn6WPhfvyRbqlcl1jKvtP4a5wv-97-bsp3AedMhXuP-Vx08XlwU3oTS8W_U6j1FaHcnC2nuvs7Rf4TPgdAAD__ylVSqk
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 --field-trial-handle=1904,i,18197283354278297330,10125697441653791523,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8

URLs

Name
IP
Malicious
http://email.thecasioshop.co.za/c/eJxkzbFqBCEQANCv0e6WcdTxLCzS7G8Eb3ZyCuaUVbKQrw-EdOkfPM6fI9fn670eKT
unknown
https://embed.tawk.to/_s/v4/app/67183cd0c15/js/twk-entries-polyfill.js
unknown
https://ipinfo.io/missingauth
unknown
https://useraudit.o365auditrealtimeingestion.manage.office.com
unknown
https://www.thecasioshop.co.za/cdn/shop/t/4/assets/masonry.js?v=69065873019512094641692795526
23.227.38.74
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr
unknown
https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/
unknown
https://www.thecasioshop.co.za/cdn/shop/files/standard-collection-clearance_360x.jpg?v=1693577088
23.227.38.74
https://rpsticket.partnerservices.getmicrosoftkey.com
unknown
https://lookup.onenote.com/lookup/geolocation/v1
unknown
https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
unknown
https://swiperjs.com
unknown
http://www.opensource.org/licenses/mit-license.php
unknown
https://static.klaviyo.com/onsite/hosted-fonts/Poppins/latin/poppins_latin_italic_400.woff2
unknown
https://www.thecasioshop.co.za/cdn/shop/t/4/assets/wow.min.js?v=83526093515021304571692795527
23.227.38.74
https://www.yammer.com
unknown
http://email.thecasioshop.co.za/c/eJxkzcFq7SAQgOGn0d0J42g0LlzcTV7jMk7mRMEe5Rga6NMXSndd_z98TB-D6vn6X4
unknown
https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies
unknown
https://cdn.judge.me/widget_v3/base.css
185.172.148.132
https://messagebroker.mobile.m365.svc.cloud.microsoft
unknown
https://www.thecasioshop.co.za/wpm@5c685d9aw2bdb5d34p28e77c54m9d0a6cb8/web-pixel-shopify-app-pixel@0220/sandbox/worker.modern.js
23.227.38.74
https://website-cdn.ipinfo.io/_next/static/media/splunk.a71e22c9.svg
unknown
https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.53d3566884aa6645184a.js?cb=1&v2-route=1
151.101.130.133
https://edge.skype.com/registrar/prod
unknown
https://res.getmicrosoftkey.com/api/redemptionevents
unknown
https://tasks.office.com
unknown
https://static.klaviyo.com/onsite/js/Render.e240ff3625b4fb590c5f.js
151.101.130.133
https://www.thecasioshop.co.za/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js
23.227.38.74
https://monorail-edge.shopifysvc.com/v1/produce
unknown
http://email.thecasioshop.co.za/c/eJwsyz1OBSEQAODTQPkyDMPPFhQ2ew0zzM4-SFCIuzHq6S20_vIJvy3uz_fXfpRNIH
unknown
https://my.microsoftpersonalcontent.com
unknown
https://website-cdn.ipinfo.io/_next/static/media/database-download-small.053da0c0.svg
unknown
https://store.office.cn/addinstemplate
unknown
https://www.thecasioshop.co.za/cdn/fonts/neue_haas_unica/neuehaasunica_n6.811a1650e21f1bac45d3959cf135802431a07f0f.woff2?h1=ZTIzNTM3LTMuYWNjb3VudC5teXNob3BpZnkuY29t&h2=dGhlY2FzaW9zaG9wLmNvLnph&h3=dGNzc2EubXlzaG9waWZ5LmNvbQ&h4=dGNzc2EuY28uemE&hmac=474e63258461a94c00f3b11b7388154b8ce8a692f8ffaf7bf4e02ece2e8cf1a0
23.227.38.74
https://website-cdn.ipinfo.io/_next/static/media/photo-npm-laurie.30cd3e0e.jpeg
unknown
https://cdn.judge.me/widget_v3/theme/leex.css
185.172.148.132
https://edge.skype.com/rps
unknown
https://static-forms.klaviyo.com/forms/api/v7/TaVvmN/full-forms
151.101.2.133
http://email.thecasioshop.co.za/c/eJwszsGOoyAYAOCnwaOBHwQ8cDCx3fQAzSZNdu1lQhGFRgupzhh9-skkc_1On7Nztn
unknown
https://www.thecasioshop.co.za/cdn/shop/files/baby-g-clearance-watches_50x.jpg?v=1693576906
23.227.38.74
https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
unknown
https://www.odwebp.svc.ms
unknown
https://api.addins.store.officeppe.com/addinstemplate
unknown
https://graph.windows.net
unknown
https://d3k81ch9hvuctc.cloudfront.net/company/TaVvmN/images/2eef9f31-3cf6-42c1-a989-60eef8565423.png
18.66.122.61
https://www.facebook.com/tr/?id=838769091208863&ev=PageView&dl=https%3A%2F%2Fwww.thecasioshop.co.za%2Fpages%2Fcasio-watch-clearance&rl=&if=false&ts=1729766037206&sw=1280&sh=1024&v=2.9.173&r=stable&a=shopify_web_pixel&ec=0&o=4126&fbp=fb.2.1729766037205.358409936746219110&ler=empty&cdl=API_unavailable&it=1729766035510&coo=false&dpo=&eid=sh-be1725c3-8BF7-41A0-7ECC-BA85BBB1E31F&rqm=GET
157.240.251.35
https://consent.config.office.com/consentcheckin/v1.0/consents
unknown
https://ipinfo.io/
34.117.59.81
https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json
unknown
https://website-cdn.ipinfo.io/_next/static/media/blue_check.d118dbca.svg
unknown
https://www.thecasioshop.co.za/cdn/shopifycloud/shopify/assets/themes_support/option_selection-86cdd286ddf3be7e25d68b9fc5965d7798a3ff6228ff79af67b3f4e41d6a34be.js
23.227.38.74
https://d.docs.live.net
unknown
https://ncus.contentsync.
unknown
https://static.klaviyo.com/onsite/js/signup_forms.27c4bbb63fd116d6d362.js?cb=1&v2-route=1
151.101.130.133
https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/
unknown
http://email.thecasioshop.co.za/c/eJxkzDFuxSAMANDTwBgZYyAMDF1yjQqMf0BKCypRI_X0Xbp1f3qcP2bu5-d7rykyhO
unknown
http://email.thecasioshop.co.za/c/eJxkzDtuxCAQANDTQLfWMPxMQZHG14iG8cQgkcUKVqzk9GnSbf_0mD5Pasfzve05MU
unknown
http://weather.service.msn.com/data.aspx
unknown
https://www.thecasioshop.co.za/wpm@5c685d9aw2bdb5d34p28e77c54m9d0a6cb8/custom/web-pixel-shopify-custom-pixel@0220/sandbox/modern/pages/casio-watch-clearance
23.227.38.74
https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios
unknown
https://gifts.good-apps.co/api/front/offers?domain=e23537-3.myshopify.com&logged_user=0&exclude_offers=
104.21.53.58
https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
unknown
https://pushchannel.1drv.ms
unknown
https://cdn.judge.me/widget_v3/media.css
185.172.148.132
https://wus2.contentsync.
unknown
http://email.thecasioshop.co.za/c/eJxkzcFq7SAQgOGn0d0J42g0LlzcTV7jMk7mRMEe5Rga6NMXSndd_z98TB-D6vn6X48UGQKtARE25EBeH2ljD6IlmYAxeAvrqksSDiD2AJtNfobst41XzhGOCEwERteEgM4AOojOGbsAZ4c-ipWn8Z5X5eAqwjRrn6WPhfvyRbqlcl1jKvtP4a5wv-97-bsp3AedMhXuP-Vx08XlwU3oTS8W_U6j1FaHcnC2nuvs7Rf4TPgdAAD__ylVSqk
34.102.239.211
https://outlook.office365.com/api/v1.0/me/Activities
unknown
https://clients.config.office.net/user/v1.0/android/policies
unknown
https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json
unknown
https://www.thecasioshop.co.za/cdn/shop/t/4/assets/pages.css?v=135357189348538180101692899089
23.227.38.74
https://a.nel.cloudflare.com/report/v4?s=4KxWY7WutPgjDjU3v%2BHQbXQ0cIHVaqaMGbjIM0URtyoJ3HHUnk1o1Xe4Er7ixRGbXSFbt7A6gqYN%2F9xcdMYky03GaJnuQ3THTLHaxZbMyqyktJYOS%2BR4N5jzy0weMwlHXQ0mlstb0nk%3D
35.190.80.1
https://shoparty.metrilo.com/frontend_calls
unknown
https://login.microsoftonline.com
unknown
https://substrate.office.com/search/api/v1/SearchHistory
unknown
https://www.thecasioshop.co.za/cdn/shop/t/4/assets/vendor.js?v=52040994620695546711692795527
23.227.38.74
https://www.thecasioshop.co.za/cdn/fonts/neue_haas_unica/neuehaasunica_n4.520eb21cee3158fb9a058bc588d9a342a8ebfda3.woff2?h1=ZTIzNTM3LTMuYWNjb3VudC5teXNob3BpZnkuY29t&h2=dGhlY2FzaW9zaG9wLmNvLnph&h3=dGNzc2EubXlzaG9waWZ5LmNvbQ&h4=dGNzc2EuY28uemE&hmac=05145bfe518a74d1f63d4827eac7e30288e009669f08c4af1757c436906baac3
23.227.38.74
https://embed.tawk.to/_s/v4/app/67183cd0c15/js/twk-iterator-polyfill.js
unknown
https://website-cdn.ipinfo.io/_next/static/media/google-cloud.17488aed.svg
unknown
https://judge.me/terms
unknown
https://www.thecasioshop.co.za/cdn/shop/t/4/assets/jquery.currencies.min.js?v=86651996453766541221692795526
23.227.38.74
https://service.powerapps.com
unknown
https://www.thecasioshop.co.za/cdn/fonts/dm_sans/dmsans_n5.9bce41f6331cb63f34699f22d94da6bf1cfe3e8d.woff2?h1=ZTIzNTM3LTMuYWNjb3VudC5teXNob3BpZnkuY29t&h2=dGhlY2FzaW9zaG9wLmNvLnph&h3=dGNzc2EubXlzaG9waWZ5LmNvbQ&h4=dGNzc2EuY28uemE&hmac=84fa8e626f1df58879ba2fe6ab166166775bf22a1507ade1f9fd351dcc1d4314
23.227.38.74
https://devnull.onenote.com
unknown
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing
unknown
https://skyapi.live.net/Activity/
unknown
https://static.klaviyo.com/onsite/js/ClientStore.99a5addbc5ab41026ccf.js
151.101.130.133
https://embed.tawk.to/_s/v4/app/67183cd0c15/js/twk-arr-find-polyfill.js
unknown
https://api.cortana.ai
unknown
https://static.klaviyo.com/onsite/js/runtime.c77f4099fb95ab55a3a1.js?cb=1&v2-route=1
151.101.130.133
https://visio.uservoice.com/forums/368202-visio-on-devices
unknown
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=838769091208863&ev=PageView&dl=https%3A%2F%2Fwww.thecasioshop.co.za%2Fpages%2Fcasio-watch-clearance&rl=&if=false&ts=1729766037206&sw=1280&sh=1024&v=2.9.173&r=stable&a=shopify_web_pixel&ec=0&o=4126&fbp=fb.2.1729766037205.358409936746219110&ler=empty&cdl=API_unavailable&it=1729766035510&coo=false&dpo=&eid=sh-be1725c3-8BF7-41A0-7ECC-BA85BBB1E31F&rqm=FGET
157.240.251.35
https://onedrive.live.com/embed?
unknown
https://augloop.office.com
unknown
https://cdn.judge.me/widget/media.js
185.172.148.132
https://fonts.shopifycdn.com
unknown
https://static.klaviyo.com/onsite/js/styles.c55c43061a96111d7f0b.js
151.101.130.133
https://d15k2d11r6t6rl.cloudfront.net/pub/tyov/31t0ebv4/v75/8tz/jas/TCS%20Design%20Elements_39.jpg
unknown
https://api.diagnosticssdf.office.com/v2/file
unknown
https://www.thecasioshop.co.za/cdn/shop/t/4/assets/cart.min.js?v=907552511673046481692795526
23.227.38.74
https://officepyservice.office.net/
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
star-mini.c10r.facebook.com
157.240.251.35
p-defr00.kxcdn.com
185.172.148.132
a.nel.cloudflare.com
35.190.80.1
klaviyo-app.map.fastly.net
151.101.194.133
d1639lhkj5l89m.cloudfront.net
3.160.156.47
fonts.shopifycdn.com
185.146.173.20
cdn.shopify.com
23.227.60.200
shops.myshopify.com
23.227.38.74
mailgun.org
34.102.239.211
tracking.aws.judge.me
50.17.93.176
embed.tawk.to
172.67.15.14
scontent.xx.fbcdn.net
157.240.253.1
trk.mtrl.me
188.114.97.3
d3k81ch9hvuctc.cloudfront.net
18.66.122.61
gw-monorail-production-gateway-apps-a-us-ce1-xi5.shopifycloud.com
34.54.30.0
ipinfo.io
34.117.59.81
gifts.good-apps.co
104.21.53.58
shoparty.metrilo.com
104.26.9.182
www.google.com
142.250.186.36
dualstack.com.imgix.map.fastly.net
151.101.2.208
klaviyo-onsite.map.fastly.net
151.101.130.133
monorail-edge.shopifysvc.com
unknown
www.thecasioshop.co.za
unknown
judgeme-public-images.imgix.net
unknown
static-forms.klaviyo.com
unknown
static-tracking.klaviyo.com
unknown
a.klaviyo.com
unknown
static.klaviyo.com
unknown
fast.a.klaviyo.com
unknown
www.facebook.com
unknown
cdn.judge.me
unknown
connect.facebook.net
unknown
email.thecasioshop.co.za
unknown
e23537-3.myshopify.com
unknown
cdn1.judge.me
unknown
There are 25 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
151.101.130.133
klaviyo-onsite.map.fastly.net
United States
172.67.209.95
unknown
United States
23.227.38.74
shops.myshopify.com
Canada
192.168.2.7
unknown
unknown
23.227.60.200
cdn.shopify.com
Canada
104.22.44.142
unknown
United States
35.190.80.1
a.nel.cloudflare.com
United States
151.101.66.133
unknown
United States
185.172.148.132
p-defr00.kxcdn.com
Germany
151.101.194.133
klaviyo-app.map.fastly.net
United States
142.250.186.36
www.google.com
United States
172.67.15.14
embed.tawk.to
United States
34.117.59.81
ipinfo.io
United States
104.26.8.182
unknown
United States
3.160.156.47
d1639lhkj5l89m.cloudfront.net
United States
239.255.255.250
unknown
Reserved
151.101.2.133
unknown
United States
188.114.97.3
trk.mtrl.me
European Union
157.240.253.1
scontent.xx.fbcdn.net
United States
104.26.9.182
shoparty.metrilo.com
United States
34.102.239.211
mailgun.org
United States
104.21.53.58
gifts.good-apps.co
United States
3.160.156.224
unknown
United States
There are 13 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsDataPreviousSession
CantBootResolution
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsDataPreviousSession
ProfileBeingOpened
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsDataPreviousSession
SessionId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsDataPreviousSession
BootDiagnosticsLogFile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics
OutlookBootFlag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
j|>
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData
SessionId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData
ProfileBeingOpened
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings
Accounts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Licensing
EligibleForExtendedGrace
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Wizards
PageSize
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\MailSettings
Template
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
WMACUpdated
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Options
DefaultKerningLigatures
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
@%SystemRoot%\system32\mlang.dll,-4608
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
HyphenationFiles_1033
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\0a0d020000000000c000000000000046
000b046b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData
BootDiagnosticsLogFile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData
CantBootResolution
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings\Data
global_AccountSignaturesDialogOpen
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
tj>
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\ColleagueImport.ColleagueImportAddin
1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\Microsoft.VbaAddinForOutlook.1
1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
<l>
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\OneNote.OutlookAddin
1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
kl>
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\OscAddin.Connect
1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
{l>
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\UCAddin.LyncAddin.1
1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
{l>
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
kl>
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
kl>
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
kl>
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
zl>
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings\Data
global_AccountsNeedResyncingWithOwnershipV5
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings\Data
global_AccountsNeedResyncingWithOwnershipV4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings\Data
global_AccountsNeedResyncingWithOwnershipV3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings\Data
global_AccountsNeedResyncingWithOwnership
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Options\Calendar
WorkDay
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
0018401030E50DBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\ClientTelemetry\Volatile
MsaDevice
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
SpellingAndGrammarFiles_1033
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100C0400000000000F01FEC\Usage
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100C0400000000000F01FEC\Usage
SpellingAndGrammarFiles_1036
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100A0C00000000000F01FEC\Usage
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100A0C00000000000F01FEC\Usage
SpellingAndGrammarFiles_3082
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9207f3e0a3b11019908b08002b2a56c2
11023d05
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Security\Trusted Documents
LastPurgeTime
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet
UseRWHlinkNavigation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet
UseRWOSHlinkNavigation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\ClientTelemetry\Sampling
6
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Logging
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F00000000000000000F01FEC\Usage
OutlookMAPI2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
en-CH
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
en-GB
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
en-CH
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
en-GB
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common
SessionId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Experiment\outlook
EcsRequestPending
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109A10090400000000000F01FEC\Usage
OutlookMAPI2Intl_1033
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\0a0d020000000000c000000000000046
00030429
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
{ED475418-B0D6-11D2-8C3B-00104B2A6676}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
LastChangeVer
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Exchange\Forms Registry
CacheSyncCount
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
{ED475418-B0D6-11D2-8C3B-00104B2A6676}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
LastChangeVer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
HyphenationFiles_1033
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
HyphenationFiles_1033
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
HyphenationFiles_1033
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\AddinsData\ColleagueImport.ColleagueImportAddin
LoadCount
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Display Types\Balloons
HWND64ForOrphanedNotIcon
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AddInLoadTimes
ColleagueImport.ColleagueImportAddin
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\AddinsData\OneNote.OutlookAddin
LoadCount
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
en-CH
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
en-GB
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
en-CH
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
en-GB
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AddInLoadTimes
OneNote.OutlookAddin
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AddInLoadTimes
OscAddin.Connect
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\AddinsData\UCAddin.LyncAddin.1
LoadCount
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AddInLoadTimes
UCAddin.LyncAddin.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\AddinsData\UmOutlookAddin.FormRegionAddin
LoadCount
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AddInLoadTimes
UmOutlookAddin.FormRegionAddin
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=8192&uilcid=1033&build=16.0.16827&crev=3\0
FilePath
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=8192&uilcid=1033&build=16.0.16827&crev=3\0
StartDate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=8192&uilcid=1033&build=16.0.16827&crev=3\0
EndDate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
{ED475418-B0D6-11D2-8C3B-00104B2A6676}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
LastChangeVer
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook
Expires
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook
ETag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\6892
0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
LastChangeVer
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935}
DeviceTicket
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935}
DeviceId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
SpellingAndGrammarFiles_1033
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
SpellingAndGrammarFiles_1033
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100C0400000000000F01FEC\Usage
SpellingAndGrammarFiles_1036
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100C0400000000000F01FEC\Usage
SpellingAndGrammarFiles_1036
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100A0C00000000000F01FEC\Usage
SpellingAndGrammarFiles_3082
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100A0C00000000000F01FEC\Usage
SpellingAndGrammarFiles_3082
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Search\Catalog
C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings
Accounts
There are 116 hidden registries, click here to show them.

DOM / HTML

URL
Malicious
https://www.thecasioshop.co.za/pages/casio-watch-clearance
https://www.thecasioshop.co.za/pages/casio-watch-clearance
https://www.thecasioshop.co.za/pages/casio-watch-clearance
https://www.thecasioshop.co.za/pages/casio-watch-clearance
https://www.thecasioshop.co.za/pages/casio-watch-clearance