Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:59:59 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:59:59 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:59:59 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:59:59 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:59:59 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\Downloads\Ark-La-Tex Proposal.pdf (copy)
|
PDF document, version 1.7, 1 pages
|
dropped
|
||
|
C:\Users\user\Downloads\Ark-La-Tex Proposal.pdf.crdownload
|
PDF document, version 1.7, 1 pages
|
dropped
|
||
|
C:\Users\user\Downloads\ba2e6d72-f584-414b-b66a-c2f300595cb8.tmp
|
PDF document, version 1.7, 1 pages
|
dropped
|
||
|
C:\Users\user\Downloads\c24daccc-2334-4241-8c74-9ee6edc0bf41.tmp
|
PDF document, version 1.7, 1 pages
|
dropped
|
||
|
Chrome Cache Entry: 100
|
ASCII text, with very long lines (7856), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 101
|
GIF image data, version 89a, 352 x 3
|
dropped
|
||
|
Chrome Cache Entry: 102
|
ASCII text, with very long lines (61177)
|
downloaded
|
||
|
Chrome Cache Entry: 103
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
ASCII text, with very long lines (65436)
|
downloaded
|
||
|
Chrome Cache Entry: 105
|
ASCII text, with very long lines (60798)
|
downloaded
|
||
|
Chrome Cache Entry: 106
|
PDF document, version 1.7, 1 pages
|
downloaded
|
||
|
Chrome Cache Entry: 107
|
ASCII text, with very long lines (45513)
|
downloaded
|
||
|
Chrome Cache Entry: 108
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 109
|
Web Open Font Format (Version 2), TrueType, length 59820, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 110
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
downloaded
|
||
|
Chrome Cache Entry: 111
|
GIF image data, version 89a, 352 x 3
|
dropped
|
||
|
Chrome Cache Entry: 112
|
GIF image data, version 89a, 352 x 3
|
downloaded
|
||
|
Chrome Cache Entry: 113
|
ASCII text, with very long lines (14735)
|
downloaded
|
||
|
Chrome Cache Entry: 114
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
|
downloaded
|
||
|
Chrome Cache Entry: 115
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
dropped
|
||
|
Chrome Cache Entry: 116
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 90613
|
downloaded
|
||
|
Chrome Cache Entry: 117
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 118
|
Web Open Font Format (Version 2), TrueType, length 66348, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 119
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 120
|
Unicode text, UTF-8 text, with very long lines (32153)
|
downloaded
|
||
|
Chrome Cache Entry: 121
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 122
|
ASCII text, with very long lines (4336)
|
downloaded
|
||
|
Chrome Cache Entry: 123
|
Web Open Font Format (Version 2), TrueType, length 59708, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 124
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 125
|
ASCII text, with very long lines (64616)
|
downloaded
|
||
|
Chrome Cache Entry: 126
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
downloaded
|
||
|
Chrome Cache Entry: 127
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 128
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 609680
|
downloaded
|
||
|
Chrome Cache Entry: 129
|
Unicode text, UTF-8 text, with very long lines (57316)
|
downloaded
|
||
|
Chrome Cache Entry: 130
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
|
dropped
|
||
|
Chrome Cache Entry: 131
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
downloaded
|
||
|
Chrome Cache Entry: 132
|
ASCII text, with very long lines (64612)
|
downloaded
|
||
|
Chrome Cache Entry: 133
|
HTML document, ASCII text, with very long lines (4207)
|
downloaded
|
||
|
Chrome Cache Entry: 134
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 135
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 136
|
ASCII text, with very long lines (64708)
|
downloaded
|
||
|
Chrome Cache Entry: 137
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 138
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 139
|
ASCII text, with very long lines (5522), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 142
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 143
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
dropped
|
||
|
Chrome Cache Entry: 144
|
ASCII text, with very long lines (43896)
|
downloaded
|
||
|
Chrome Cache Entry: 145
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 146
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 147
|
ASCII text, with very long lines (65470)
|
downloaded
|
||
|
Chrome Cache Entry: 148
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 149
|
GIF image data, version 89a, 352 x 3
|
downloaded
|
||
|
Chrome Cache Entry: 150
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 151
|
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
|
dropped
|
||
|
Chrome Cache Entry: 98
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
|
dropped
|
||
|
Chrome Cache Entry: 99
|
ASCII text, with no line terminators
|
downloaded
|
There are 55 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://app.frame.io/presentations/e5a98721-636e-41a7-b4b9-23c7d6f1f6c3?component_clicked=digest_call_to_action&email_id=0f3254fb-289d-471c-aa05-4a363e218d3a&email_type=pending-reviewer-invite
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=1912 --field-trial-handle=1828,i,7501742949426219933,12902800532936852538,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://app.frame.io/presentations/e5a98721-636e-41a7-b4b9-23c7d6f1f6c3?component_clicked=digest_call_to_action&email_id=0f3254fb-289d-471c-aa05-4a363e218d3a&email_type=pending-reviewer-invite
|
 |
||
|
https://outlook.microsoftdrive.net/Me.htm?v=3
|
172.67.208.76
|
|
|
|
https://outlook.microsoftdrive.net/ppsecure/post.srf?username=fake%40fake.com&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&contextid=CF56398155830DEE&opid=FFBF27048DB0CE85&bk=1711656076&uaid=00e9a5826b7242fcab290dcb0f997eea&pid=15216
|
|
||
|
https://www.microsoftdrive.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638472528560914311.YjAyZTcxNTctOGFkNy00ODE0LTlhMmItNTRlYjczMzZiOWQ2MWNjZjhmOTgtNmI5My00ZDA1LTgwYWItMWI4ZDM1YmFmMjE5&ui_locales=en-US&mkt=en-US&client-request-id=00e9a582-6b72-42fc-ab29-0dcb0f997eea&state=i_z2dSfn2O_DY_WHuuOIP0hyPJy-yexTRztPbbMu2UHf8_7rW1gwjcFHsu4VIPsIvj7-u4Xh3NQh6jxspXem4FAPoLNAMsbBgw9m6ByGMaZ9FgZbTMe2bfZMKVyXsT--BkjgYDyNv_weUZ61chxDC9J796La5e_JSvHfRMAVGB6_ZW11d7LPJmSL8n0FBfR8Y3k9NNLs8HoR4HL1b1kMUPmsk4d0WxJHtl_XKvnkVbp7r5pZKJ66ETJ9ZgnPFFd5tByCX19NSIOkljbMaq7DTg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true
|
|
||
|
https://outlook.microsoftdrive.net/oauth20_authorize.srf?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&scope=openid+profile+https%3a%2f%2foffice.microsoftdrive.net%2fv2%2fOfficeHome.All&redirect_uri=https%3a%2f%2foffice.microsoftdrive.net%2flandingv2&response_type=code+id_token&state=i_z2dSfn2O_DY_WHuuOIP0hyPJy-yexTRztPbbMu2UHf8_7rW1gwjcFHsu4VIPsIvj7-u4Xh3NQh6jxspXem4FAPoLNAMsbBgw9m6ByGMaZ9FgZbTMe2bfZMKVyXsT--BkjgYDyNv_weUZ61chxDC9J796La5e_JSvHfRMAVGB6_ZW11d7LPJmSL8n0FBfR8Y3k9NNLs8HoR4HL1b1kMUPmsk4d0WxJHtl_XKvnkVbp7r5pZKJ66ETJ9ZgnPFFd5tByCX19NSIOkljbMaq7DTg&response_mode=form_post&nonce=638472528560914311.YjAyZTcxNTctOGFkNy00ODE0LTlhMmItNTRlYjczMzZiOWQ2MWNjZjhmOTgtNmI5My00ZDA1LTgwYWItMWI4ZDM1YmFmMjE5&x-client-SKU=ID_NET6_0&x-client-Ver=7.3.1.0&uaid=00e9a5826b7242fcab290dcb0f997eea&msproxy=1&issuer=mso&tenant=common&ui_locales=en-US&epct=PAQABDgEAAADnfolhJpSnRYB1SVj-Hgd8vfRMTk6EIlxlLZO2w75-LQ7DPJdqB_O-fTENNV3gC5lYblhwfJ9HHhXc7U68wdfQT5BRSNmKOcM5dy51LVN4GDMyyuEadSWFRBygdxTUasuCFvX98RACj0bq91S57gQ7xOKFzCFAZ_TqNTMSbXJEOn5iNnOqgXV1TYSO5j8PNDgdohBJHeMTLabmGUmKI3RVNBgf_-qHzIz-0nKEikrzUCAA&jshs=0&username=fake%40fake.com&login_hint=fake%40fake.com
|
|||
|
https://app.frame.io/static/vendor-2cac3bce.js
|
13.249.39.5
|
||
|
https://a.nel.cloudflare.com/report/v4?s=r%2BAnQMI3pR5Rm4Z2%2BRBv3%2BcJkww9J2ClhMoSCGhKtpXgBD9doZPF2HNETJbXmuyP6YfVnduyajVDc0IJVqxrgo8Kr20%2BxwHx%2BIJpFt6me6RjDQPL5wI3xTctH95V3OML4OWhTmucRvJ%2F
|
35.190.80.1
|
||
|
http://kiro.me)
|
unknown
|
||
|
https://office.microsoftdrive.net/login
|
172.67.208.76
|
||
|
https://www.microsoftdrive.net/s/7b478a3dbed8a6a8bede5addeb1e9b5ca4b3d9007b15aa5fc6416adc8494cfd7.js
|
104.21.23.18
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js
|
152.199.4.44
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
|
152.199.4.44
|
||
|
https://www.microsoftdrive.net/doc
|
104.21.23.18
|
||
|
https://www.microsoftdrive.net/
|
104.21.23.18
|
||
|
https://www.microsoftdrive.net/cdn-cgi/challenge-platform/h/g/jsd/r/86ba35912d0887a1
|
104.21.23.18
|
||
|
about:blank
|
|||
|
https://www.google.com/analytics/tag-manager/
|
unknown
|
||
|
http://google.com/analytics
|
unknown
|
||
|
https://app.frame.io/presentations/e5a98721-636e-41a7-b4b9-23c7d6f1f6c3?component_clicked=digest_call_to_action&email_id=0f3254fb-289d-471c-aa05-4a363e218d3a&email_type=pending-reviewer-invite
|
|||
|
https://www.microsoftdrive.net/cdn-cgi/challenge-platform/h/g/jsd/r/86ba35a169b70684
|
104.21.23.18
|
||
|
https://app.frame.io/static/AvenirNext-Medium-9ab29c0a.woff2
|
13.249.39.5
|
||
|
http://www.tunnckocore.tk)
|
unknown
|
||
|
https://app.frame.io/static/AvenirNext-Regular-da92ca69.woff2
|
13.249.39.5
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
|
152.199.4.44
|
||
|
https://app.frame.io/static/application-e0cd5815.js
|
13.249.39.5
|
||
|
https://www.microsoftdrive.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638472528560914311.YjAyZTcxNTctOGFkNy00ODE0LTlhMmItNTRlYjczMzZiOWQ2MWNjZjhmOTgtNmI5My00ZDA1LTgwYWItMWI4ZDM1YmFmMjE5&ui_locales=en-US&mkt=en-US&client-request-id=00e9a582-6b72-42fc-ab29-0dcb0f997eea&state=i_z2dSfn2O_DY_WHuuOIP0hyPJy-yexTRztPbbMu2UHf8_7rW1gwjcFHsu4VIPsIvj7-u4Xh3NQh6jxspXem4FAPoLNAMsbBgw9m6ByGMaZ9FgZbTMe2bfZMKVyXsT--BkjgYDyNv_weUZ61chxDC9J796La5e_JSvHfRMAVGB6_ZW11d7LPJmSL8n0FBfR8Y3k9NNLs8HoR4HL1b1kMUPmsk4d0WxJHtl_XKvnkVbp7r5pZKJ66ETJ9ZgnPFFd5tByCX19NSIOkljbMaq7DTg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0
|
|||
|
https://www.dropbox.com/static/api/2/dropins.js
|
162.125.6.18
|
||
|
https://api.frame.io/v2/projects/f1aeae4d-68e8-409c-8a0f-bc61ad2a71d2/membership
|
54.82.140.46
|
||
|
https://logincdn.msftauth.net/shared/5/images/2_bc3d32a696895f78c19d.svg
|
192.229.211.199
|
||
|
http://jedwatson.github.io/classnames
|
unknown
|
||
|
https://logincdn.msftauth.net/shared/5/js/login_en_3iBNycsj9mUHQS54sNhj6Q2.js
|
192.229.211.199
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js
|
152.199.4.44
|
||
|
https://app.frame.io/static/modernizr-176bd4500116dd44f04a.js
|
13.249.39.5
|
||
|
https://logincdn.msftauth.net/16.000.30157.4/images/favicon.ico
|
192.229.211.199
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_HC7t4HZ_o96i0-T341lIwg2.js
|
152.199.4.44
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4d4b76a02ae121e3b20c.js
|
152.199.4.44
|
||
|
https://github.com/tunnckoCore/is-hexcolor
|
unknown
|
||
|
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
|
152.199.4.44
|
||
|
https://www.microsoftdrive.net/common/GetCredentialType?mkt=en-US
|
104.21.23.18
|
||
|
https://reporting-api-collector.sandbox.frame.io/v1/events
|
108.138.64.92
|
||
|
http://knockoutjs.com/
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
|
152.199.4.44
|
||
|
https://logincdn.msftauth.net/shared/5/chunks/oneds-analytics-js_c53074e74ebeb8e140d6_en.js
|
192.229.211.199
|
||
|
https://account.microsoftdrive.net/s/7b478a3dbed8a6a8bede5addeb1e9b5ca4b3d9007b15aa5fc6416adc8494cfd7.js
|
104.21.23.18
|
||
|
https://github.com/douglascrockford/JSON-js
|
unknown
|
||
|
https://app.frame.io/static/presentation-v2-c215ee2a.js
|
13.249.39.5
|
||
|
https://api.frame.io/v2/presentations/e5a98721-636e-41a7-b4b9-23c7d6f1f6c3/vanity
|
54.82.140.46
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
|
152.199.4.44
|
||
|
https://jquery.org/license
|
unknown
|
||
|
http://www.opensource.org/licenses/mit-license.php)
|
unknown
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
|
152.199.4.44
|
||
|
https://jquery.com/
|
unknown
|
||
|
https://g418758d79256186a78df9ce0a15fxc.pages.dev/)
|
unknown
|
||
|
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_pevuvrbnnz-5coi_b4jtbw2.js
|
152.199.4.44
|
||
|
https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg
|
192.229.211.199
|
||
|
https://www.microsoftdrive.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
|
104.21.23.18
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Hl2bk1L3qQZ3wvMD_PMo5Q2.js
|
152.199.4.44
|
||
|
https://static-assets.frame.io/onboarding/collab-cta-bg%402x.jpg
|
unknown
|
||
|
https://g418758d79256186a78df9ce0a15fxc.pages.dev/
|
172.66.44.210
|
||
|
https://www.microsoftdrive.net/favicon.ico
|
104.21.23.18
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
|
152.199.4.44
|
||
|
https://outlook.microsoftdrive.net/s/7b478a3dbed8a6a8bede5addeb1e9b5ca4b3d9007b15aa5fc6416adc8494cfd7.js
|
172.67.208.76
|
||
|
https://account.microsoftdrive.net/ResetPassword.aspx?wreply=https://outlook.microsoftdrive.net/oauth20_authorize.srf%3fusername%3dfake%2540fake.com%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26username%3dfake%2540fake.com%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26uaid%3d00e9a5826b7242fcab290dcb0f997eea%26contextid%3dCF56398155830DEE%26opid%3dFFBF27048DB0CE85%26bk%3d1711656100&id=38936&uiflavor=web&client_id=1E00004040979A&uaid=00e9a5826b7242fcab290dcb0f997eea&mkt=EN-US&lc=1033&bk=1711656100
|
|||
|
file:///C:/Users/user/Downloads/Ark-La-Tex%20Proposal.pdf
|
|||
|
https://app.frame.io/static/AvenirNext-DemiBold-6075178f.woff2
|
13.249.39.5
|
||
|
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
|
152.199.4.44
|
||
|
https://github.com/js-cookie/js-cookie
|
unknown
|
||
|
http://feross.org
|
unknown
|
||
|
http://fusejs.io)
|
unknown
|
||
|
https://sizzlejs.com/
|
unknown
|
||
|
https://www.microsoftdrive.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
|
104.21.23.18
|
||
|
https://js.foundation/
|
unknown
|
||
|
https://app.frame.io/static/application-e0cd5815.css
|
13.249.39.5
|
There are 63 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
outlook.microsoftdrive.net
|
172.67.208.76
|
||
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
cs1100.wpc.omegacdn.net
|
152.199.4.44
|
||
|
assets.frame.io
|
18.67.65.126
|
||
|
sni1gl.wpc.alphacdn.net
|
152.195.19.97
|
||
|
api.frame.io
|
54.82.140.46
|
||
|
app.frame.io
|
13.249.39.5
|
||
|
www.microsoftdrive.net
|
104.21.23.18
|
||
|
office.microsoftdrive.net
|
172.67.208.76
|
||
|
part-0036.t-0009.t-msedge.net
|
13.107.246.64
|
||
|
part-0039.t-0009.t-msedge.net
|
13.107.213.67
|
||
|
reporting-api-collector.sandbox.frame.io
|
108.138.64.92
|
||
|
g418758d79256186a78df9ce0a15fxc.pages.dev
|
172.66.44.210
|
||
|
account.microsoftdrive.net
|
104.21.23.18
|
||
|
www-env.dropbox-dns.com
|
162.125.6.18
|
||
|
www.google.com
|
172.253.62.103
|
||
|
cs1227.wpc.alphacdn.net
|
192.229.211.199
|
||
|
part-0023.t-0009.t-msedge.net
|
13.107.213.51
|
||
|
part-0012.t-0009.t-msedge.net
|
13.107.213.40
|
||
|
aadcdn.msftauth.net
|
unknown
|
||
|
logincdn.msftauth.net
|
unknown
|
||
|
identity.nel.measure.office.net
|
unknown
|
||
|
www.dropbox.com
|
unknown
|
||
|
acctcdn.msftauth.net
|
unknown
|
There are 14 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
13.107.246.64
|
part-0036.t-0009.t-msedge.net
|
United States
|
||
|
18.67.65.126
|
assets.frame.io
|
United States
|
||
|
108.138.64.92
|
reporting-api-collector.sandbox.frame.io
|
United States
|
||
|
13.107.246.40
|
unknown
|
United States
|
||
|
13.249.39.5
|
app.frame.io
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
108.138.64.6
|
unknown
|
United States
|
||
|
13.107.213.40
|
part-0012.t-0009.t-msedge.net
|
United States
|
||
|
54.82.140.46
|
api.frame.io
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
172.253.62.103
|
www.google.com
|
United States
|
||
|
108.138.64.86
|
unknown
|
United States
|
||
|
104.21.23.18
|
www.microsoftdrive.net
|
United States
|
||
|
18.67.65.25
|
unknown
|
United States
|
||
|
172.67.208.76
|
outlook.microsoftdrive.net
|
United States
|
||
|
152.199.4.44
|
cs1100.wpc.omegacdn.net
|
United States
|
||
|
192.229.211.199
|
cs1227.wpc.alphacdn.net
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
13.107.213.51
|
part-0023.t-0009.t-msedge.net
|
United States
|
||
|
172.66.44.210
|
g418758d79256186a78df9ce0a15fxc.pages.dev
|
United States
|
||
|
162.125.6.18
|
www-env.dropbox-dns.com
|
United States
|
There are 11 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://www.microsoftdrive.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638472528560914311.YjAyZTcxNTctOGFkNy00ODE0LTlhMmItNTRlYjczMzZiOWQ2MWNjZjhmOTgtNmI5My00ZDA1LTgwYWItMWI4ZDM1YmFmMjE5&ui_locales=en-US&mkt=en-US&client-request-id=00e9a582-6b72-42fc-ab29-0dcb0f997eea&state=i_z2dSfn2O_DY_WHuuOIP0hyPJy-yexTRztPbbMu2UHf8_7rW1gwjcFHsu4VIPsIvj7-u4Xh3NQh6jxspXem4FAPoLNAMsbBgw9m6ByGMaZ9FgZbTMe2bfZMKVyXsT--BkjgYDyNv_weUZ61chxDC9J796La5e_JSvHfRMAVGB6_ZW11d7LPJmSL8n0FBfR8Y3k9NNLs8HoR4HL1b1kMUPmsk4d0WxJHtl_XKvnkVbp7r5pZKJ66ETJ9ZgnPFFd5tByCX19NSIOkljbMaq7DTg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0
|
|
|
|
https://www.microsoftdrive.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638472528560914311.YjAyZTcxNTctOGFkNy00ODE0LTlhMmItNTRlYjczMzZiOWQ2MWNjZjhmOTgtNmI5My00ZDA1LTgwYWItMWI4ZDM1YmFmMjE5&ui_locales=en-US&mkt=en-US&client-request-id=00e9a582-6b72-42fc-ab29-0dcb0f997eea&state=i_z2dSfn2O_DY_WHuuOIP0hyPJy-yexTRztPbbMu2UHf8_7rW1gwjcFHsu4VIPsIvj7-u4Xh3NQh6jxspXem4FAPoLNAMsbBgw9m6ByGMaZ9FgZbTMe2bfZMKVyXsT--BkjgYDyNv_weUZ61chxDC9J796La5e_JSvHfRMAVGB6_ZW11d7LPJmSL8n0FBfR8Y3k9NNLs8HoR4HL1b1kMUPmsk4d0WxJHtl_XKvnkVbp7r5pZKJ66ETJ9ZgnPFFd5tByCX19NSIOkljbMaq7DTg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true
|
|
|
|
https://www.microsoftdrive.net/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638472528560914311.YjAyZTcxNTctOGFkNy00ODE0LTlhMmItNTRlYjczMzZiOWQ2MWNjZjhmOTgtNmI5My00ZDA1LTgwYWItMWI4ZDM1YmFmMjE5&ui_locales=en-US&mkt=en-US&client-request-id=00e9a582-6b72-42fc-ab29-0dcb0f997eea&state=i_z2dSfn2O_DY_WHuuOIP0hyPJy-yexTRztPbbMu2UHf8_7rW1gwjcFHsu4VIPsIvj7-u4Xh3NQh6jxspXem4FAPoLNAMsbBgw9m6ByGMaZ9FgZbTMe2bfZMKVyXsT--BkjgYDyNv_weUZ61chxDC9J796La5e_JSvHfRMAVGB6_ZW11d7LPJmSL8n0FBfR8Y3k9NNLs8HoR4HL1b1kMUPmsk4d0WxJHtl_XKvnkVbp7r5pZKJ66ETJ9ZgnPFFd5tByCX19NSIOkljbMaq7DTg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true
|
|
|
|
https://app.frame.io/presentations/e5a98721-636e-41a7-b4b9-23c7d6f1f6c3?component_clicked=digest_call_to_action&email_id=0f3254fb-289d-471c-aa05-4a363e218d3a&email_type=pending-reviewer-invite
|
||
|
file:///C:/Users/user/Downloads/Ark-La-Tex%20Proposal.pdf
|
||
|
file:///C:/Users/user/Downloads/Ark-La-Tex%20Proposal.pdf
|
||
|
about:blank
|
||
|
about:blank
|
||
|
https://outlook.microsoftdrive.net/oauth20_authorize.srf?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&scope=openid+profile+https%3a%2f%2foffice.microsoftdrive.net%2fv2%2fOfficeHome.All&redirect_uri=https%3a%2f%2foffice.microsoftdrive.net%2flandingv2&response_type=code+id_token&state=i_z2dSfn2O_DY_WHuuOIP0hyPJy-yexTRztPbbMu2UHf8_7rW1gwjcFHsu4VIPsIvj7-u4Xh3NQh6jxspXem4FAPoLNAMsbBgw9m6ByGMaZ9FgZbTMe2bfZMKVyXsT--BkjgYDyNv_weUZ61chxDC9J796La5e_JSvHfRMAVGB6_ZW11d7LPJmSL8n0FBfR8Y3k9NNLs8HoR4HL1b1kMUPmsk4d0WxJHtl_XKvnkVbp7r5pZKJ66ETJ9ZgnPFFd5tByCX19NSIOkljbMaq7DTg&response_mode=form_post&nonce=638472528560914311.YjAyZTcxNTctOGFkNy00ODE0LTlhMmItNTRlYjczMzZiOWQ2MWNjZjhmOTgtNmI5My00ZDA1LTgwYWItMWI4ZDM1YmFmMjE5&x-client-SKU=ID_NET6_0&x-client-Ver=7.3.1.0&uaid=00e9a5826b7242fcab290dcb0f997eea&msproxy=1&issuer=mso&tenant=common&ui_locales=en-US&epct=PAQABDgEAAADnfolhJpSnRYB1SVj-Hgd8vfRMTk6EIlxlLZO2w75-LQ7DPJdqB_O-fTENNV3gC5lYblhwfJ9HHhXc7U68wdfQT5BRSNmKOcM5dy51LVN4GDMyyuEadSWFRBygdxTUasuCFvX98RACj0bq91S57gQ7xOKFzCFAZ_TqN
|
||
|
https://outlook.microsoftdrive.net/ppsecure/post.srf?username=fake%40fake.com&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&contextid=CF56398155830DEE&opid=FFBF27048DB0CE85&bk=1711656076&uaid=00e9a5826b7242fcab290dcb0f997eea&pid=15216
|
||
|
https://outlook.microsoftdrive.net/ppsecure/post.srf?username=fake%40fake.com&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&contextid=CF56398155830DEE&opid=FFBF27048DB0CE85&bk=1711656076&uaid=00e9a5826b7242fcab290dcb0f997eea&pid=15216
|
||
|
https://outlook.microsoftdrive.net/ppsecure/post.srf?username=fake%40fake.com&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&contextid=CF56398155830DEE&opid=FFBF27048DB0CE85&bk=1711656076&uaid=00e9a5826b7242fcab290dcb0f997eea&pid=15216
|
||
|
https://outlook.microsoftdrive.net/ppsecure/post.srf?username=fake%40fake.com&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&contextid=CF56398155830DEE&opid=FFBF27048DB0CE85&bk=1711656076&uaid=00e9a5826b7242fcab290dcb0f997eea&pid=15216
|
||
|
https://account.microsoftdrive.net/ResetPassword.aspx?wreply=https://outlook.microsoftdrive.net/oauth20_authorize.srf%3fusername%3dfake%2540fake.com%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26username%3dfake%2540fake.com%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26uaid%3d00e9a5826b7242fcab290dcb0f997eea%26contextid%3dCF56398155830DEE%26opid%3dFFBF27048DB0CE85%26bk%3d1711656100&id=38936&uiflavor=web&client_id=1E00004040979A&uaid=00e9a5826b7242fcab290dcb0f997eea&mkt=EN-US&lc=1033&bk=1711656100
|
There are 4 hidden doms, click here to show them.