Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Chrome Cache Entry: 100
|
PNG image data, 22 x 7296, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 101
|
MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel
|
dropped
|
||
Chrome Cache Entry: 102
|
PNG image data, 121 x 133, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 103
|
ASCII text, with very long lines (23093), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 104
|
ASCII text, with very long lines (6410), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 105
|
ASCII text, with very long lines (3737)
|
downloaded
|
||
Chrome Cache Entry: 106
|
PNG image data, 224 x 200, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 72
|
PNG image data, 22 x 7296, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 73
|
SVG Scalable Vector Graphics image
|
dropped
|
||
Chrome Cache Entry: 74
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 75
|
Unicode text, UTF-8 text, with very long lines (65406)
|
downloaded
|
||
Chrome Cache Entry: 76
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 77
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 78
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
Chrome Cache Entry: 79
|
ASCII text, with very long lines (5534), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 80
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 81
|
ASCII text, with very long lines (1494)
|
downloaded
|
||
Chrome Cache Entry: 82
|
HTML document, ASCII text
|
downloaded
|
||
Chrome Cache Entry: 83
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
Chrome Cache Entry: 84
|
PNG image data, 121 x 133, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 85
|
Web Open Font Format (Version 2), TrueType, length 18508, version 1.6553
|
downloaded
|
||
Chrome Cache Entry: 86
|
ASCII text, with very long lines (1571)
|
downloaded
|
||
Chrome Cache Entry: 87
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 88
|
ASCII text, with very long lines (2696), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 89
|
HTML document, ASCII text, with very long lines (3807), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 90
|
HTML document, Unicode text, UTF-8 text, with very long lines (30024), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 91
|
Web Open Font Format (Version 2), CFF, length 25368, version 1.6553
|
downloaded
|
||
Chrome Cache Entry: 92
|
ASCII text, with very long lines (2375), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 93
|
MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel
|
downloaded
|
||
Chrome Cache Entry: 94
|
PNG image data, 224 x 200, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 95
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 96
|
ASCII text, with very long lines (2037)
|
downloaded
|
||
Chrome Cache Entry: 97
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 98
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 99
|
ASCII text, with very long lines (65507)
|
downloaded
|
There are 26 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1880,i,15098733969401843517,18325263310315224486,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://15ab0ot.pages.dev/"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://15ab0ot.pages.dev/
|
|||
https://15ab0ot.pages.dev/
|
|||
https://www.googletraveladservices.com/travel/vacations/clk/pagead/conversion/
|
unknown
|
||
https://engineering.paypalcorp.com/i18napp/#phone
|
unknown
|
||
https://www.paypalobjects.com/images/shared/icon-PN-check.png
|
151.101.130.133
|
||
https://www.google.com/travel/flights/click/conversion/
|
unknown
|
||
https://192.55.233.1/
|
unknown
|
||
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&
|
unknown
|
||
https://www.google.com/pagead/1p-user-list/992191228/?random
|
unknown
|
||
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2
|
151.101.130.133
|
||
https://www.paypalobjects.com/pa/3pjs/tl/6.2.0/patleaf.js
|
151.101.130.133
|
||
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992191228/?random=1695978158079&cv=9&fst=1695978158079&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=900&u_w=1600&u_ah=821&u_aw=1600&u_cd=24&u_his=3&u_tz=390&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fsignin&tiba=Log%20in%20to%20your%20PayPal%20account&hn=www.google.com&async=1&rfmt=3&fmt=4
|
142.251.15.156
|
||
https://ampcid.google.com/v1/publisher:getClientId
|
unknown
|
||
about:blank
|
|||
https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg
|
151.101.130.133
|
||
https://www.paypalobjects.com/pa/mi/3p/gtag/gtag.js
|
151.101.130.133
|
||
https://www.google.com/pagead/1p-conversion/992191228/?random=1695978158083&cv=9&fst=1695978
|
unknown
|
||
https://lvs.stats.paypal.com/v1/counter2.cgi?r=cD1mOWRhZGU2MDE1YWI0OTVmODBiYWY1ZjM1NDUzMTQ4YiZpPTMxLjEzLjE4OS40JnQ9MTY5NTk3ODE1Ny40NzYmYT0yMSZzPVVOSUZJRURfTE9HSU42dqrCAJneY3SWrSmdZkDPIT8EYA
|
35.235.122.5
|
||
https://www.google.com/pagead/1p-user-list/992191228/?random=1695978158079&cv=9&fst=1695978000000&num=1&bg=ffffff&guid=ON&eid=466465926&u_h=900&u_w=1600&u_ah=821&u_aw=1600&u_cd=24&u_his=3&u_tz=390&u_java=false&u_nplug=5&u_nmime=2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fsignin&tiba=Log%20in%20to%20your%20PayPal%20account&async=1&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqeGU_UPKdWDmK7LxqOaYDSX9V_KRjvQ&random=2991585008&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
|
142.251.15.104
|
||
https://api.bigdatacloud.net/data/client-ip
|
13.248.207.97
|
||
https://www.paypalobjects.com/pa/mi/paypal/latmconf.js
|
151.101.130.133
|
||
https://www.paypal.com/signin
|
unknown
|
||
https://www.google.com/pagead/1p-conversion/992191228/?random=1695978158083&cv=9&fst=1695978158083&num=1&label=vTDjCL3nvv4CEPzFjtkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C512247839&u_h=900&u_w=1600&u_ah=821&u_aw=1600&u_cd=24&u_his=3&u_tz=390&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fsignin&tiba=Log%20in%20to%20your%20PayPal%20account&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4
|
142.251.15.104
|
||
https://www.google.com/pagead/1p-conversion/992191228/?random=128266848&cv=9&fst=1695978158083&num=1&label=vTDjCL3nvv4CEPzFjtkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C512247839&u_h=900&u_w=1600&u_ah=821&u_aw=1600&u_cd=24&u_his=3&u_tz=390&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fsignin&tiba=Log%20in%20to%20your%20PayPal%20account&hn=www.google.com&gcp=2&sscte=1&ct_cookie_present=1&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQIiAQFAAUonZXZlbnQtc291cmNlO25hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyYgQKAgID&pscrd=CNOvuKa_qdvnAiITCILb6_HpzIUDFRSUywEdkPMMTDICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhpodHRwczovLzE1YWIwb3QucGFnZXMuZGV2Lw
|
142.251.15.104
|
||
https://www.paypalobjects.com/web/res/0e5/418cc87f0ab9fcb01f588e89a18d7/js/lib/fn-sync-telemetry-min.js
|
151.101.130.133
|
||
https://www.paypalobjects.com/web/res/0e5/418cc87f0ab9fcb01f588e89a18d7/js/lib/modernizr-2.6.1.js
|
151.101.130.133
|
||
https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
|
|||
https://github.com/krux/postscribe/blob/master/LICENSE.
|
unknown
|
||
https://stats.g.doubleclick.net/j/collect
|
unknown
|
||
https://www.paypal.com/us/signin
|
unknown
|
||
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
|
151.101.130.133
|
||
https://www.paypalobjects.com/web/res/0e5/418cc87f0ab9fcb01f588e89a18d7/css/contextualLoginElemental
|
unknown
|
||
https://c.paypal.com/v1/r/d/b/p1
|
151.101.1.21
|
||
https://c.paypal.com/v1/r/d/b/p2
|
151.101.1.21
|
||
https://caniuse.com/#feat=input-event
|
unknown
|
||
https://b.stats.paypal.com/v1/counter.cgi?r=cD1mOWRhZGU2MDE1YWI0OTVmODBiYWY1ZjM1NDUzMTQ4YiZpPTMxLjEzLjE4OS40JnQ9MTY5NTk3ODE1Ny40NzYmYT0yMSZzPVVOSUZJRURfTE9HSU42dqrCAJneY3SWrSmdZkDPIT8EYA
|
35.235.122.5
|
||
https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png)
|
unknown
|
||
https://www.recaptcha.net/recaptcha/enterprise.js?render=
|
unknown
|
||
https://www.paypalobjects.com/pa/mi/3p/gtag/analytics.js
|
151.101.130.133
|
||
https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js
|
151.101.130.133
|
||
https://developer.mozilla.org/en-US/docs/Web/API/NodeList
|
unknown
|
||
https://www.paypalobjects.com/en_US/i/icon/pp_favicon_x.ico
|
151.101.130.133
|
||
https://www.paypal.com/us/cgi-bin/webscr?cmd=_account;icon-uri=https://www.paypalobjects.com/en_US/i
|
unknown
|
||
https://www.googletraveladservices.com/travel/clk/pagead/conversion/
|
unknown
|
||
https://https://www.paypal.com/signin
|
unknown
|
||
https://www.paypalobjects.com/webstatic/i/consumer/onboarding/icon_PP_monogram_2x.png)
|
unknown
|
||
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
|
|||
https://tagassistant.google.com/
|
unknown
|
||
https://www.google.com/pagead/1p-conversion/992191228/?random
|
unknown
|
||
https://www.paypalobjects.com/pa/js/min/pa.js
|
151.101.130.133
|
||
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992191228/?random=1695978158079&
|
unknown
|
||
https://www.paypalobjects.com/web/res/0e5/418cc87f0ab9fcb01f588e89a18d7/css/contextualLoginElementalUIv2.css
|
151.101.130.133
|
||
https://api.web3forms.com/submit
|
unknown
|
||
https://www.paypalobjects.com/pa/3pjs/tl/6.2.0/patlcfg.js
|
151.101.130.133
|
||
https://www.paypalobjects.com/web/res/0e5/418cc87f0ab9fcb01f588e89a18d7/css/ie9.css
|
unknown
|
||
https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
|
151.101.130.133
|
||
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
|
unknown
|
||
https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
|
151.101.130.133
|
||
https://www.google.%/ads/ga-audiences
|
unknown
|
||
https://www.paypalobjects.com/web/res/0e5/418cc87f0ab9fcb01f588e89a18d7/js/signin-split.js
|
151.101.130.133
|
||
https://www.paypalobjects.com/web/res/0e5/418cc87f0ab9fcb01f588e89a18d7/js/ioc.js
|
151.101.130.133
|
||
https://c.paypal.com/da/r/fb.js
|
151.101.193.21
|
||
https://c6.paypal.com/v1/r/d/b/p3?f=f9dade6015ab495f80baf5f35453148b&s=UNIFIED_LOGIN_INPUT_PASSWORD
|
151.101.193.35
|
||
https://www.paypal.com/us/cgi-bin/webscr?cmd=_send-money-transfer&send_method=domestic;icon-uri=
|
unknown
|
||
https://www.paypalobjects.com/webstatic/icon/pp258.png
|
unknown
|
||
https://www.google.com/pagead/landing?
|
unknown
|
||
https://www.paypalobjects.com/webstatic/icon/pp64.png
|
unknown
|
||
https://adservice.google.com/ddm/regclk
|
unknown
|
||
https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png
|
151.101.130.133
|
||
https://www.google.com/pagead/conversion_async.js
|
142.251.15.104
|
There are 59 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
paypal.map.fastly.net
|
151.101.130.133
|
||
google.com
|
142.250.105.101
|
||
dualstack.paypal-dynamic-2.map.fastly.net
|
151.101.193.35
|
||
paypal-dynamic-2.map.fastly.net
|
151.101.129.35
|
||
googleads.g.doubleclick.net
|
142.251.15.156
|
||
paypal-dynamic.map.fastly.net
|
151.101.193.21
|
||
15ab0ot.pages.dev
|
172.66.44.253
|
||
www.google.com
|
142.251.15.104
|
||
stats.glb.paypal.com
|
35.235.122.5
|
||
api.bigdatacloud.net
|
13.248.207.97
|
||
lvs.stats.paypal.com
|
35.235.122.5
|
||
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
||
c.paypal.com
|
unknown
|
||
c6.paypal.com
|
unknown
|
||
b.stats.paypal.com
|
unknown
|
||
t.paypal.com
|
unknown
|
||
www.paypalobjects.com
|
unknown
|
There are 7 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
151.101.193.35
|
dualstack.paypal-dynamic-2.map.fastly.net
|
United States
|
||
151.101.130.133
|
paypal.map.fastly.net
|
United States
|
||
13.248.207.97
|
api.bigdatacloud.net
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
||
151.101.1.21
|
unknown
|
United States
|
||
142.250.105.105
|
unknown
|
United States
|
||
35.235.122.5
|
stats.glb.paypal.com
|
United States
|
||
172.253.124.103
|
unknown
|
United States
|
||
142.251.15.156
|
googleads.g.doubleclick.net
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
151.101.2.133
|
unknown
|
United States
|
||
151.101.129.35
|
paypal-dynamic-2.map.fastly.net
|
United States
|
||
172.66.44.253
|
15ab0ot.pages.dev
|
United States
|
||
192.55.233.1
|
unknown
|
United States
|
||
142.251.15.104
|
www.google.com
|
United States
|
||
151.101.193.21
|
paypal-dynamic.map.fastly.net
|
United States
|
There are 6 hidden IPs, click here to show them.
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://15ab0ot.pages.dev/
|
||
https://15ab0ot.pages.dev/
|
||
https://15ab0ot.pages.dev/
|
||
https://15ab0ot.pages.dev/
|
||
about:blank
|
||
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
|
||
https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
|