Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
/home/james/.cache/dconf/user
|
very short file (no magic)
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/1DBCF2C5F4A9AAB308F13D41AB219EA85A810612
|
PNG image data, 1500 x 600, 8-bit colormap, non-interlaced
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/461FF00D331429AAA371A2C4601DAFB18A84C363
|
gzip compressed data, max speed, from Unix, original size modulo 2^32 335544320
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/64DB6886C6BE539A67BFC0AB0D0B8C0668B73B0B
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/7D8BBF6E94639C1C939058A12AE541F5BD654619
|
ASCII text, with very long lines (596)
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/839982DA66E6AEDA16AF11C596104840CF7B7BD8
|
Web Open Font Format (Version 2), TrueType, length 11460, version 1.0
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/889097B98882CF54D9ADA009D12B5E046C8DE7C1
|
JSON data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/94906F1366ECE8E653DCF09415624072CF1772FB
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/B13A714441C11853FE6BA40EFF6C7097378009F7
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/C07DF163499366D56FA5104974A4679545DF6E5C
|
gzip compressed data, max speed, from Unix, original size modulo 2^32 3877044224
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/C389DE279BF5275924497D5B33D1F1900116E591
|
JSON data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/D2A64B5E2F392B99B4EBC1553A17EA010F0E8891
|
gzip compressed data, max compression, original size modulo 2^32 231604224
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/allow-flashallow-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/allow-flashallow-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/base-track-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/base-track-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flash-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flash-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flashsubdoc-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flashsubdoc-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flash-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flash-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashallow-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashallow-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashsubdoc-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashsubdoc-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozplugin-block-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozplugin-block-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozstd-trackwhite-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozstd-trackwhite-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-block-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-block-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-block-simple.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-harmful-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-harmful-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-harmful-simple.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-malware-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-malware-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-malware-simple.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-phish-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-phish-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-phish-simple.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-track-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-track-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-track-simple.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-trackwhite-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-trackwhite-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-trackwhite-simple.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-unwanted-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-unwanted-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-unwanted-simple.sbstore
|
data
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/addonStartup.json.lz4.tmp
|
Mozilla lz4 compressed data, originally 1426 bytes
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/cert9.db
|
SQLite 3.x database, last written using SQLite version 3026000, page size 32768, file counter 4, database pages 7, cookie
0x5, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/cert9.db-journal
|
data
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/cookies.sqlite-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/key4.db
|
SQLite 3.x database, last written using SQLite version 3026000, page size 32768, file counter 3, database pages 9, cookie
0x6, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/key4.db-journal
|
data
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/permissions.sqlite
|
SQLite 3.x database, user version 9, last written using SQLite version 3026000, page size 32768, file counter 5, database
pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 5
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/permissions.sqlite-journal
|
data
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/places.sqlite-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/prefs-1.js
|
ASCII text, with very long lines (663)
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/sessionCheckpoints.json.tmp
|
JSON data
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/sessionstore-backups/recovery.jsonlz4.tmp
|
Mozilla lz4 compressed data, originally 26963 bytes
|
dropped
|
||
/proc/4924/gid_map
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/4924/setgroups
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/4924/uid_map
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/4976/gid_map
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/4976/setgroups
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/4976/uid_map
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/5020/gid_map
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/5020/setgroups
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/5020/uid_map
|
ASCII text, with no line terminators
|
dropped
|
There are 63 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/usr/bin/exo-open
|
exo-open http://generalivitalityerleben.de
|
||
/usr/bin/exo-open
|
-
|
||
/usr/bin/exo-open
|
-
|
||
/usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1
|
/usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 --launch WebBrowser http://generalivitalityerleben.de
|
||
/usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1
|
-
|
||
/usr/bin/sensible-browser
|
/bin/sh /usr/bin/sensible-browser http://generalivitalityerleben.de
|
||
/usr/bin/x-www-browser
|
/bin/sh /usr/bin/x-www-browser http://generalivitalityerleben.de
|
||
/usr/bin/x-www-browser
|
-
|
||
/usr/bin/which
|
/bin/sh /usr/bin/which /usr/bin/x-www-browser
|
||
/usr/lib/firefox/firefox
|
/usr/lib/firefox/firefox http://generalivitalityerleben.de
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/bin/lsb_release
|
/usr/bin/python3 -Es /usr/bin/lsb_release -idrc
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/bin/dbus-launch
|
dbus-launch --autolaunch=11ced2f07072c6ae389b731c5cc84014 --binary-syntax --close-stderr
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 1 -prefMapSize 172334 -parentBuildID 20190410113011
-greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appdir /usr/lib/firefox/browser 4791 true tab
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 6061 -prefMapSize 172334 -parentBuildID 20190410113011
-greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appdir /usr/lib/firefox/browser 4791 true tab
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 6934 -prefMapSize 172334 -parentBuildID 20190410113011
-greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appdir /usr/lib/firefox/browser 4791 true tab
|
There are 15 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://generalivitalityerleben.de
|
|||
http://www.google.com/adsense/domains/caf.js?abp=1
|
142.251.167.103
|
||
http://d38psrni17bvxu.cloudfront.net/fonts/Port_Lligat_Slab/latin.woff2
|
18.160.64.11
|
||
http://generalivitalityerleben.de
|
unknown
|
||
https://developers.google.com/recaptcha/docs/faq#localhost_support
|
unknown
|
||
http://generalivitalityerleben.de/track.php?domain=generalivitalityerleben.de&toggle=browserjs&uid=MTcxMTcwODY1MC44MjU2OjhjYzE0NzdhZmZhOTBmNGYzM2ViMGFkZjc2NTk4ZDA3OGJkMTY2MjM5MTM3NDg1YWI3NTgyODcyYTkwMTI1YmU6NjYwNjk5ZWFjOTkwMw%3D%3D
|
104.247.81.50
|
||
http://generalivitalityerleben.ded
|
unknown
|
||
http://www.debian.org/gro.naibed.www.
|
unknown
|
||
https://support.google.com/recaptcha#6262736
|
unknown
|
||
http://www.ubuntu.com
|
unknown
|
||
https://www.gstatic.c..?/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__.
|
unknown
|
||
https://csp.withgoogle.com/csp/ads-afs-ui
|
unknown
|
||
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
|
18.160.64.11
|
||
https://support.google.com/recaptcha/?hl=en#6223828
|
unknown
|
||
https://cloud.google.com/contact
|
unknown
|
||
http://generalivitalityerleben.de/favicon.ico
|
104.247.81.50
|
||
http://www.ubuntu.com/moc.utnubu.www.
|
unknown
|
||
https://support.mozilla.org/en-US/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=fire
|
unknown
|
||
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=moV1mTgQ6S91nuTnmll4Y9yf
|
142.251.167.103
|
||
https://csp.withgoogle.com/csp/report-to/ads-afs-ui
|
unknown
|
||
https://www.google.com/recaptcha/api.js
|
142.251.167.103
|
||
https://www.google.com/recaptcha/api2/
|
unknown
|
||
http://www.google.com/adsense/domains/caf.js?abp=1necko:classified1strongly-framed1request-methodGET
|
unknown
|
||
https://support.google.com/recaptcha
|
unknown
|
||
http://www.debian.org
|
unknown
|
||
http://d38psrni17bvxu.cloudfront.net/fonts/Port_Lligat_Slab/latin.woff2strongly-framed1request-metho
|
unknown
|
||
https://www.google.com/recaptcha/api2/bframe?hl=en&v=moV1mTgQ6S91nuTnmll4Y9yf&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
|
142.251.167.103
|
||
https://support.mozilla.org/en-US/products/firefoxgro.allizom.troppus.
|
unknown
|
||
http://generalivitalityerleben.de/ls.php?t=660699ea&token=8ba3f9a5190d4574b8fdb4ac4e306b5a3865e44a
|
104.247.81.50
|
||
https://cloud.google.com/recaptcha-enterprise/billing-information
|
unknown
|
||
https://www.adsensecustomsearchads.com
|
unknown
|
||
http://generalivitalityerleben.de/ls.php?t=660699ea&token=8ba3f9a5190d4574b8fdb4ac4e306b5a3865e44ane
|
unknown
|
||
https://recaptcha.net
|
unknown
|
||
https://www.google.com/js/bg/OMzbJ87gkB5MAUky6mmDB4mflkEza4rQHUJNCD4hS_4.js
|
142.251.167.103
|
||
http://generalivitalityerleben.de/generalivitalityerleben.deed.nebelreytilativilareneg.d
|
unknown
|
||
http://wiki.ubuntu.com/moc.utnubu.ikiw.
|
unknown
|
||
https://pki.goog/repository/0
|
unknown
|
||
https://answers.launchpad.net/ubuntu/
|
unknown
|
||
http://generalivitalityerleben.de/
|
104.247.81.50
|
||
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
|
unknown
|
||
http://generalivitalityerleben.de/necko:classified1strongly-framed1request-methodGETrequest-Accept-E
|
unknown
|
||
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
https://answers.launchpad.net
|
unknown
|
||
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
|
unknown
|
||
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.pngnecko:classi
|
unknown
|
||
http://generalivitalityerleben.de/favicon.icostrongly-framed1request-methodGETresponse-headHTTP/1.1
|
unknown
|
||
http://wiki.ubuntu.com
|
unknown
|
||
http://generalivitalityerleben.de/ed.nebelreytilativilareneg.d
|
unknown
|
||
https://support.mozilla.org
|
unknown
|
||
http://crl.pki.goog/gsr2/gsr2.crl0?
|
unknown
|
||
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=moV1mTgQ6S91nuTnmll4Y9yf&size=normal&s=txwxami4Pu0Mc2du6o5eFzRwXsZPWKOWu248W-z55Oda3eDa2FplFQhZ9eJnqvqsAf1-bPAtNxN4kEEuXmVA1-OrIWJzPAebzlOtKgNMW1I10za_HCe9aLiAyQAeWcF2ckWUwcEy1-gOOoLhABTkVvzyQ1Iq5LsKlYQTdySjU-UBFGLIXQ3HGRxKCMr_7D-NKAEQqgbrRwUS1FYjRfuQLnZ5Hi3eYBcoUcqyLcqaT3WnYLVjuY2YKyM4ia4rHGsfxbnl9fZMJY_joAyrsjTOykF8Roi8O_8&cb=dfd6i1wqqfr1
|
142.251.167.103
|
||
http://generalivitalityerleben.de/track.php?domain=generalivitalityerleben.de&toggle=browserjs&uid=M
|
unknown
|
There are 41 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
prod.balrog.prod.cloudops.mozgcp.net
|
35.244.181.201
|
||
www3.l.google.com
|
142.251.163.113
|
||
www.google.com
|
142.251.167.103
|
||
www.mydomaincontact.com
|
63.35.168.109
|
||
generalivitalityerleben.de
|
104.247.81.50
|
||
d228z91au11ukj.cloudfront.net
|
3.163.115.82
|
||
d38psrni17bvxu.cloudfront.net
|
18.160.64.11
|
||
push.services.mozilla.com
|
unknown
|
||
www.adsensecustomsearchads.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
35.244.181.201
|
prod.balrog.prod.cloudops.mozgcp.net
|
United States
|
||
3.163.115.82
|
d228z91au11ukj.cloudfront.net
|
United States
|
||
104.247.81.50
|
generalivitalityerleben.de
|
Canada
|
||
18.160.64.11
|
d38psrni17bvxu.cloudfront.net
|
United States
|
||
142.251.167.103
|
www.google.com
|
United States
|
||
142.251.163.113
|
www3.l.google.com
|
United States
|