Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Invoice INV-0003.pdf
|
PDF document, version 1.7, 0 pages (zip deflate encoded)
|
initial sample
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\57976eb8-e795-42a2-ae2a-36f82186c22f.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF5d434e.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\e1a9dfbb-a1c2-45d1-94ed-f4999b77d8cf.tmp
|
JSON data
|
modified
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240426153055Z-179.bmp
|
PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 2, database pages 14, cookie 0x5, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
|
SQLite Rollback Journal
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 19, database pages 3, cookie 0x2, schema 4, UTF-8,
version-valid-for 19
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
|
SQLite Rollback Journal
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\MSIc3633.LOG
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-26 17-30-52-579.log
|
ASCII text, with very long lines (393)
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
|
ASCII text, with very long lines (393), with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrocef_low\1871b987-57d4-4bb9-b03c-a07335940192.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrocef_low\2d4956ea-4709-4813-85ab-3176370fa2d3.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrocef_low\6fbd3c1e-fd65-43d4-a738-af3488a6fefb.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\acrocef_low\736ae9d9-57ba-403d-8589-2dd5deebf712.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 14:31:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 14:31:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 14:31:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 14:31:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 14:31:50 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 241
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
downloaded
|
||
Chrome Cache Entry: 242
|
ASCII text, with very long lines (631)
|
downloaded
|
||
Chrome Cache Entry: 243
|
gzip compressed data, max compression, truncated
|
downloaded
|
||
Chrome Cache Entry: 244
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 245
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
downloaded
|
||
Chrome Cache Entry: 246
|
HTML document, Unicode text, UTF-8 text, with very long lines (42314)
|
downloaded
|
||
Chrome Cache Entry: 247
|
Unicode text, UTF-8 text, with very long lines (64698)
|
downloaded
|
||
Chrome Cache Entry: 248
|
ASCII text, with very long lines (1268)
|
downloaded
|
||
Chrome Cache Entry: 249
|
ASCII text, with very long lines (763)
|
downloaded
|
||
Chrome Cache Entry: 250
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
downloaded
|
||
Chrome Cache Entry: 251
|
ASCII text, with very long lines (7999)
|
downloaded
|
||
Chrome Cache Entry: 252
|
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
Chrome Cache Entry: 253
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 254
|
ASCII text, with very long lines (7287)
|
downloaded
|
||
Chrome Cache Entry: 255
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 256
|
ASCII text, with very long lines (994)
|
downloaded
|
||
Chrome Cache Entry: 257
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 258
|
PNG image data, 184 x 60, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 259
|
Web Open Font Format (Version 2), TrueType, length 15436, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 260
|
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 261
|
ASCII text, with very long lines (12727), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 262
|
ASCII text, with very long lines (1063)
|
downloaded
|
||
Chrome Cache Entry: 263
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components
3
|
downloaded
|
||
Chrome Cache Entry: 264
|
ASCII text, with very long lines (1222), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 265
|
ASCII text, with very long lines (2069)
|
downloaded
|
||
Chrome Cache Entry: 266
|
ASCII text, with very long lines (578)
|
downloaded
|
||
Chrome Cache Entry: 267
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 268
|
Web Open Font Format (Version 2), TrueType, length 24652, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 269
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 270
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 271
|
ASCII text, with very long lines (3409), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 272
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 273
|
ASCII text, with very long lines (595)
|
downloaded
|
||
Chrome Cache Entry: 274
|
ASCII text, with very long lines (547)
|
downloaded
|
||
Chrome Cache Entry: 275
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 276
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
Chrome Cache Entry: 277
|
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 278
|
ASCII text, with very long lines (56412), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 279
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 280
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
Chrome Cache Entry: 281
|
ASCII text, with very long lines (17673)
|
downloaded
|
||
Chrome Cache Entry: 282
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components
3
|
downloaded
|
||
Chrome Cache Entry: 283
|
ASCII text, with very long lines (648)
|
downloaded
|
||
Chrome Cache Entry: 284
|
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 285
|
ASCII text, with very long lines (3358)
|
downloaded
|
||
Chrome Cache Entry: 286
|
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 287
|
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 288
|
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 289
|
ASCII text, with very long lines (567)
|
downloaded
|
||
Chrome Cache Entry: 290
|
ASCII text, with very long lines (880)
|
downloaded
|
||
Chrome Cache Entry: 291
|
ASCII text, with very long lines (537)
|
downloaded
|
||
Chrome Cache Entry: 292
|
ASCII text, with very long lines (1149)
|
downloaded
|
||
Chrome Cache Entry: 293
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 294
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components
3
|
downloaded
|
||
Chrome Cache Entry: 295
|
ASCII text, with very long lines (8478), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 296
|
ASCII text
|
downloaded
|
There are 95 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Invoice INV-0003.pdf"
|
||
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
|
||
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0"
--lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2268
--field-trial-handle=1568,i,12462945902927182256,8710539947262449294,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1924,i,1629623515606547392,5655261091976178097,262144
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_92x30dp.png
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=csi&ei=C8krZr7QHOyTwbkPuNyGwAw&s=jsa&jsi=s,st.9536,tni.0,atni.243,et.click,n.vZr2rb,cn.4,ie.0,vi.1&zx=1714145552365&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=csi&ei=FMkrZpvZMreZwt0PnberCA&s=async&astyp=asyncContextualTask&ima=0&imn=0&mem=ujhs.17,tjhs.21,jhsl.2173,dm.8&nv=ne.2,feid.6b7c86dd-5656-4e17-b8e8-3066ab3bf4fd&hp=&rt=ttfb.1870,st.1870,bs.0,aaft.1870,acrt.1871,art.1871&zx=1714145555853&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=104.94.109.&oit=4&cp=11&pgcl=7&gs_rn=42&psi=uP-5m4QVderHBMsc&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
http://www.broofa.com
|
unknown
|
||
https://developers.google.com/recaptcha/docs/faq#localhost_support
|
unknown
|
||
https://www.google.com/gen_204?atyp=i&ei=C8krZr7QHOyTwbkPuNyGwAw&ved=0ahUKEwj-gc3jmeCFAxXsSTABHTiuAcgQ39UDCAw&bl=jahV&s=web&zx=1714145550199&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/recaptcha/api2/userverify?k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
|
142.251.35.228
|
||
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA4usRjYkJfr9srSp2HD4-ZZAVZywMgBTv-cvcNDNMdzhtedLDEkllNnkQiQBbtl3h4As3V2Iew446Zxj5dcFMe0MMOrTyv4ts3-hjod8380h_vsvEgOVv7dHXvzSlPNaf0Z9uZQr8h58zsC5_C-Yi198SrWQsa7MZ5u3dpR8HcvIT4q5vas_t9yZ6LuKTyDOaezHVWLaYozqtkSHXw9w1wzsX9jSQ&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
|
142.251.35.228
|
||
https://support.google.com/recaptcha#6262736
|
unknown
|
||
https://www.google.com/search?q=104.94.109.142443&oq=104.94.109.142443&gs_lcrp=EgZjaHJvbWUyBggAEEUYOdIBCTExNDQxajBqN6gCALACAA&sourceid=chrome&ie=UTF-8
|
142.251.35.228
|
||
https://www.google.com/async/bgasy?ei=C8krZr7QHOyTwbkPuNyGwAw&opi=89978449&yv=3&cs=0&async=_fmt:jspb
|
142.251.35.228
|
||
https://www.google.com/xjs/_/ss/k=xjs.s.GGin1mxRzvU.L.W.O/am=gB1QCAAABAYNCAAAAAAAAAAAAAAAAAkAgBAAAABAKACAmXAAAsCGAADgg0MAAIAAAAACAACAwgEAABAgIABgAAAgAAAAAAAAHAABAAAgBAACBECAAJIQkIEAAEQwwQCkAgDDjwAAIIAEAAAAoEAAAAEDESA8hAABgACQQAQCIIIAACAHCAEAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgAAAAAAAAAAAAAAAAAAAQ/d=1/ed=1/br=1/rs=ACT90oGSC2kJ5MOZFnDJZQWz14iwbMFYQQ/m=attn,cdos,gwc,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
|
142.251.35.228
|
||
https://support.google.com/recaptcha/?hl=en#6223828
|
unknown
|
||
https://id.google.com/verify/AAtmn1bTSyw2hAKlZ3LnbiQ1Wqu5634m12FM1sn670oINgsM5w6AM4xkxQt_rNluBR52tCI5NrrO_xyQcOfIPkLWLk9JFqI6z1l0UNJetPNOAxmS
|
142.250.66.195
|
||
https://www.google.com
|
unknown
|
||
https://www.google.com/async/asyncContextualTask?vet=12ahUKEwj-gc3jmeCFAxXsSTABHTiuAcgQ4dMLegQIBhAA..i&ei=C8krZr7QHOyTwbkPuNyGwAw&opi=89978449&yv=3&cid=4586455008918215834&cs=0&async=_k:xjs.s.en_US.DNHITQOYOgk.O,_am:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAIYEgAAAACgAAIAAAAAAAAMAQAABCAAjA5oEKAQQhIABgAIAggZ__BAAAAACBAQAgYAIAAAC4AIAQAIIAAEAAAACAAgAAAAAAAAAAAAAcIIB-AAAAAAAAAAAAAACYIPgBgAAAIAQHCAEAIAAAAIA8AM8DhoMUFgAAAAAAAAAAAABAABIEc0D6CwKAAAAAAAAAAAAAAABIpROXxwAACQ,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.s.GGin1mxRzvU.L.W.O%2Fam%3DgB1QCAAABAYNCAAAAAAAAAAAAAAAAAkAgBAAAABAKACAmXAAAsCGAADgg0MAAIAAAAACAACAwgEAABAgIABgAAAgAAAAAAAAHAABAAAgBAACBECAAJIQkIEAAEQwwQCkAgDDjwAAIIAEAAAAoEAAAAEDESA8hAABgACQQAQCIIIAACAHCAEAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgAAAAAAAAAAAAAAAAAAAQ%2Fbr%3D1%2Frs%3DACT90oGSC2kJ5MOZFnDJZQWz14iwbMFYQQ,_fmt:prog,_id:rNi7Zc
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=i&ei=C8krZr7QHOyTwbkPuNyGwAw&vet=12ahUKEwj-gc3jmeCFAxXsSTABHTiuAcgQ4dMLegQICBAA.FMkrZviwC9-LwbkP7beSmAM.s&bl=jahV&s=web&zx=1714145555788&opi=89978449
|
142.251.35.228
|
||
https://www.google.
|
unknown
|
||
https://support.google.com/recaptcha/#6175971
|
unknown
|
||
https://www.gstatic.c..?/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__.
|
unknown
|
||
https://www.google.com/gen_204?atyp=i&ct=rcm&cad=&ei=C8krZr7QHOyTwbkPuNyGwAw&ved=0ahUKEwj-gc3jmeCFAxXsSTABHTiuAcgQ39UDCAw&jsname=gLFyf&zx=1714145552380&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
|
142.251.35.228
|
||
https://www.google.com/gen_204?oq=*****************&gs_lp=Egxnd3Mtd2l6LXNlcnAiESoqKioqKioqKioqKioqKioqSLxxUABYAHAFeACQAQCYAeIIoAHiCKoBAzctMbgBFsgBAJgCAKACAJgDAIgGAZIHAKAHRQ&sclient=gws-wiz-serp&ei=C8krZr7QHOyTwbkPuNyGwAw&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/async/asyncContextualTask?vet=12ahUKEwj-gc3jmeCFAxXsSTABHTiuAcgQ4dMLegQIBRAA..i&ei=C8krZr7QHOyTwbkPuNyGwAw&opi=89978449&yv=3&cid=10943804590251964565&cs=0&async=_k:xjs.s.en_US.DNHITQOYOgk.O,_am:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAIYEgAAAACgAAIAAAAAAAAMAQAABCAAjA5oEKAQQhIABgAIAggZ__BAAAAACBAQAgYAIAAAC4AIAQAIIAAEAAAACAAgAAAAAAAAAAAAAcIIB-AAAAAAAAAAAAAACYIPgBgAAAIAQHCAEAIAAAAIA8AM8DhoMUFgAAAAAAAAAAAABAABIEc0D6CwKAAAAAAAAAAAAAAABIpROXxwAACQ,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.s.GGin1mxRzvU.L.W.O%2Fam%3DgB1QCAAABAYNCAAAAAAAAAAAAAAAAAkAgBAAAABAKACAmXAAAsCGAADgg0MAAIAAAAACAACAwgEAABAgIABgAAAgAAAAAAAAHAABAAAgBAACBECAAJIQkIEAAEQwwQCkAgDDjwAAIIAEAAAAoEAAAAEDESA8hAABgACQQAQCIIIAACAHCAEAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgAAAAAAAAAAAAAAAAAAAQ%2Fbr%3D1%2Frs%3DACT90oGSC2kJ5MOZFnDJZQWz14iwbMFYQQ,_fmt:prog,_id:rNi7Zc
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=i&ei=C8krZr7QHOyTwbkPuNyGwAw&ved=0ahUKEwj-gc3jmeCFAxXsSTABHTiuAcgQ39UDCAw&bl=jahV&s=web&zx=1714145552381&opi=89978449
|
142.251.35.228
|
||
https://104.94.109.142:443/
|
104.94.109.142
|
||
https://www.google.com/gen_204?atyp=csi&ei=C8krZr7QHOyTwbkPuNyGwAw&s=jsa&jsi=s,st.7364,t.249,at.249,et.click,n.vZr2rb,cn.1,ie.0,vi.1&zx=1714145550198&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=C8krZr7QHOyTwbkPuNyGwAw&zx=1714145560773&opi=89978449
|
142.251.35.228
|
||
https://support.google.com/recaptcha
|
unknown
|
||
https://www.google.com/tools/feedback
|
unknown
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=10&oit=4&cp=2&pgcl=7&gs_rn=42&psi=uP-5m4QVderHBMsc&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
https://www.google.com/complete/search?q=104.94.109.142443&cp=0&client=gws-wiz-serp&xssi=t&gs_pcrt=3&hl=en&authuser=0&pq=104.94.109.142443&psi=C8krZr7QHOyTwbkPuNyGwAw.1714145550203&dpr=1&ofp=EAE
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=i&ei=C8krZr7QHOyTwbkPuNyGwAw&ct=slh&v=t1&im=M&pv=0.14650127985811778&me=55:1714145554525,V,0,0,0,0:6249,V,0,0,1034,870:4089,e,B&zx=1714145564863&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/gen_204?s=web&t=cap&atyp=csi&ei=C8krZr7QHOyTwbkPuNyGwAw&rt=wsrt.3948,cbt.197,hst.197&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/xjs/_/js/k=xjs.s.en_US.DNHITQOYOgk.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAIYEgAAAACgAAIAAAAAAAAMAQAABCAAjA5oEKAQQhIABgAIAggZ__BAAAAACBAQAgYAIAAAC4AIAQAIIAAEAAAACAAgAAAAAAAAAAAAAcIIB-AAAAAAAAAAAAAACYIPgBgAAAIAQHCAEAIAAAAIA8AM8DhoMUFgAAAAAAAAAAAABAABIEc0D6CwKAAAAAAAAAAAAAAABIpROXxwAACQ/d=0/dg=0/br=1/rs=ACT90oEbqmiJA6IEvz6PO2Lr2vCdQ-a7SA/m=syfc,syfd,aLUfP?xjs=s3
|
142.251.35.228
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=104.94.109.142&oit=3&cp=14&pgcl=7&gs_rn=42&psi=uP-5m4QVderHBMsc&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
https://www.apache.org/licenses/
|
unknown
|
||
https://www.google.com/xjs/_/js/k=xjs.s.en_US.DNHITQOYOgk.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAIYEgAAAACgAAIAAAAAAAAMAQAABCAAjA5oEKAQQhIABgAIAggZ__BAAAAACBAQAgYAIAAAC4AIAQAIIAAEAAAACAAgAAAAAAAAAAAAAcIIB-AAAAAAAAAAAAAACYIPgBgAAAIAQHCAEAIAAAAIA8AM8DhoMUFgAAAAAAAAAAAABAABIEc0D6CwKAAAAAAAAAAAAAAABIpROXxwAACQ/d=0/dg=0/br=1/rs=ACT90oEbqmiJA6IEvz6PO2Lr2vCdQ-a7SA/m=kMFpHd,sy8s,bm51tf?xjs=s3
|
142.251.35.228
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=104.94.109&oit=4&cp=10&pgcl=7&gs_rn=42&psi=uP-5m4QVderHBMsc&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
https://www.google.com/favicon.ico
|
142.251.35.228
|
||
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
|
unknown
|
||
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
https://www.google.com/sorry/index
|
142.251.35.228
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=104.94.109.142443&oit=4&cp=17&pgcl=7&gs_rn=42&psi=uP-5m4QVderHBMsc&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
https://www.google.com/async/asyncContextualTask?vet=12ahUKEwj-gc3jmeCFAxXsSTABHTiuAcgQ4dMLegQICBAA..i&ei=C8krZr7QHOyTwbkPuNyGwAw&opi=89978449&yv=3&cid=10194214981100978668&cs=0&async=_k:xjs.s.en_US.DNHITQOYOgk.O,_am:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAIYEgAAAACgAAIAAAAAAAAMAQAABCAAjA5oEKAQQhIABgAIAggZ__BAAAAACBAQAgYAIAAAC4AIAQAIIAAEAAAACAAgAAAAAAAAAAAAAcIIB-AAAAAAAAAAAAAACYIPgBgAAAIAQHCAEAIAAAAIA8AM8DhoMUFgAAAAAAAAAAAABAABIEc0D6CwKAAAAAAAAAAAAAAABIpROXxwAACQ,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.s.GGin1mxRzvU.L.W.O%2Fam%3DgB1QCAAABAYNCAAAAAAAAAAAAAAAAAkAgBAAAABAKACAmXAAAsCGAADgg0MAAIAAAAACAACAwgEAABAgIABgAAAgAAAAAAAAHAABAAAgBAACBECAAJIQkIEAAEQwwQCkAgDDjwAAIIAEAAAAoEAAAAEDESA8hAABgACQQAQCIIIAACAHCAEAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgAAAAAAAAAAAAAAAAAAAQ%2Fbr%3D1%2Frs%3DACT90oGSC2kJ5MOZFnDJZQWz14iwbMFYQQ,_fmt:prog,_id:rNi7Zc
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=i&ei=C8krZr7QHOyTwbkPuNyGwAw&dt19=2&zx=1714145555816&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=csi&ei=C8krZr7QHOyTwbkPuNyGwAw&s=jsa&jsi=s,st.9793,tni.0,atni.2,et.click,n.vZr2rb,cn.5,ie.0,vi.1&zx=1714145552381&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/logos/fnbx/zrp/full_yeti_dm.json
|
unknown
|
||
https://www.google.com/gen_204?atyp=i&ei=C8krZr7QHOyTwbkPuNyGwAw&ved=0ahUKEwj-gc3jmeCFAxXsSTABHTiuAcgQ39UDCAw&bl=jahV&s=web&zx=1714145552366&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=csi&ei=FMkrZviwC9-LwbkP7beSmAM&s=async&astyp=asyncContextualTask&ima=0&imn=0&mem=ujhs.17,tjhs.21,jhsl.2173,dm.8&nv=ne.2,feid.6b7c86dd-5656-4e17-b8e8-3066ab3bf4fd&hp=&rt=ttfb.1802,st.1803,bs.0,aaft.1803,acrt.1806,art.1806&zx=1714145555787&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=i&ct=rcm&cad=&ei=C8krZr7QHOyTwbkPuNyGwAw&ved=0ahUKEwj-gc3jmeCFAxXsSTABHTiuAcgQ39UDCAw&jsname=gLFyf&zx=1714145552364&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=i&ei=C8krZr7QHOyTwbkPuNyGwAw&vet=12ahUKEwj-gc3jmeCFAxXsSTABHTiuAcgQ4dMLegQIBhAA.FMkrZpvZMreZwt0PnberCA.s&bl=jahV&s=web&zx=1714145555853&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA6u0-JMSOaecoCXHzdsX-xxrcVrgCsTYc59nt6KMq8BRd5Ex-67_RPGwRPMTEZi8lNpFhlcgy5Y7-wQWe2KnHVK5ZfToZL-Vmn0Gttkh5Yl8o5rao17hCvwzK1zjndSb_zIf76VRoc2NtYot5-zOEOdfcEXA6g2mN7FHkMnr0u6AnUZuYajaPHwihB0Zx4V6YIUYxUYXrwQdWApHkKoki170EAOfQ&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&id=ced8fd5d7352b74
|
142.251.35.228
|
||
https://www.google.com/xjs/_/js/k=xjs.s.en_US.DNHITQOYOgk.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAIYEgAAAACgAAIAAAAAAAAMAQAABCAAjA5oEKAQQhIABgAIAggZ__BAAAAACBAQAgYAIAAAC4AIAQAIIAAEAAAACAAgAAAAAAAAAAAAAcIIB-AAAAAAAAAAAAAACYIPgBgAAAIAQHCAEAIAAAAIA8AM8DhoMUFgAAAAAAAAAAAABAABIEc0D6CwKAAAAAAAAAAAAAAABIpROXxwAACQ/d=0/dg=0/br=1/rs=ACT90oEbqmiJA6IEvz6PO2Lr2vCdQ-a7SA/m=sb_wiz,aa,abd,sy1ee,sy1ek,sy1el,sy1ej,sy1em,sy1yg,async,bgd,sy3z4,sy3z5,foot,sy2jo,sy6iz,kyn,sy1k9,lli,sf,sy1e8,sy1e9,sy3fx,sonic,TxCJfd,sy6y9,sy6ya,qzxzOb,IsdWVc,sy15m,sy170,sy173,sy316,sy6y8,syeq,sy155,sy6yc,spch,tl,MpJwZc,UUJqVe,sy7m,sOXFj,sy7l,s39S4,NTMZac,nAFL3,oGtAuc,sy8f,sy8g,q0xTif,y05UD,sy12g,sy13c,sy13a,sy13b,sy13e,sy13g,sy13h,sy13d,sy13i,sy1k1,sy1k2,sy1ph,sy1pi,sy1qf,sy1qj,sy1p9,sy1qn,sy1pr,sy1pf,sy1po,sy1pp,sy1qq,sy1qr,sy2ge,sy2gf,sy2fh,sy2lf,sy13j,sy13k,sy1pb,sy1pc,sy1pd,sy13x,sy1pg,sy175,sy1pj,syf2,sy142,sy1pk,sy1pl,sy1pm,sy1qy,sy1r0,sy16x,sy3hx,sy3hy,sy6z8,epYOx,synw,synv,rtH1bd,syo2,syxb,syxr,syo0,sy1ef,sy1eg,sy1eh,sy2ot,sy2ou,sy2ov,EkevXb,syzp,syzq,syzr,syzo,syzs,syzn,sy1cd,SMquOb,syzy,sy1ce,sy1cf,sy1cg,sy1ch,sy1ci,d5EhJe,sy1cj,sy1ck,sy1cl,syzt,syzu,sy1au,sy1cn,sy1co,zx30Y,syyf,sy1d9,sy1da,sy1db,sy1dc,sy1dd,sy1df,sy1de,T1HOxc,sy1dh,sy1di,DQfvme,syzl,sy1dj,Wo3n8,synz,L1AAkb,sy1f2,SZXsif,sy1zj,fiAufb,syn5,syos,syor,sy2xd,sy3yf,sy40p,sy40q,sy40o,sy4e7,sYEX8b,sy4u7,GU4Gab,sy3a5,T5VV,sy1zu,aDVF7,sy4u9,rhYw1b,E9M6Uc,Zilivc,syzw,sy11c,sy1cp,sy10i,sy10j,sy10e,sy10f,sy10g,sy10h,sy10d,sy10l,sy10m,sy10k,sy10n,sy10o,sy113,sy114,sy10u,sy10y,sy10z,sy110,sy111,sy10v,sy115,sy112,sy10s,sy10t,sy10r,sy10q,sy12p,sy1ii,sy1ik,sy1ij,sy1im,sy1il,sy1ip,sy1io,sy2mu,sy2mx,sy2n5,sy2n2,sy2n6,sy116,sy118,sy119,sy2mv,sy2n7,sy2n9,Hlw0zd,M6QgBb,sy2ni,sy2nj,EO13pd,RagDlc?xjs=s3
|
142.251.35.228
|
||
https://www.google.com/recaptcha/api2/reload?k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
|
142.251.35.228
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=104.94.&oit=4&cp=7&pgcl=7&gs_rn=42&psi=uP-5m4QVderHBMsc&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
https://www.google.com/client_204?atyp=i&biw=1034&bih=870&ei=C8krZr7QHOyTwbkPuNyGwAw&opi=89978449
|
142.251.35.228
|
||
http://www.aiim.org/pdfa/ns/schema#
|
unknown
|
||
https://www.google.com/gen_204?atyp=i&ei=C8krZr7QHOyTwbkPuNyGwAw&ct=slh&v=t1&m=HV&pv=0.14650127985811778&me=1:1714145547008,V,0,0,1034,870:0,B,1812:0,N,1,C8krZr7QHOyTwbkPuNyGwAw:0,R,1,9,24,36,92,34:0,R,1,CA0QAA,28,88,1065,57:0,R,1,CA0QAQ,28,88,670,45:0,R,1,CBIQAA,28,88,36,45:0,R,1,CBIQAQ,28,102,36,31:0,R,1,CBEQAA,66,90,66,42:0,R,1,CBEQAQ,66,90,66,42:0,R,1,CA8QAA,133,90,79,42:0,R,1,CA8QAQ,133,90,79,42:0,R,1,CBAQAA,215,90,54,42:0,R,1,CBAQAQ,215,90,54,42:0,R,1,CA4QAA,271,90,63,42:0,R,1,CA4QAQ,271,90,63,42:0,R,1,CAEQAA,28,202,652,1496:0,R,1,CAoQAQ,28,348,652,1350:3217,x:14,T:0,R,1,9,24,36,92,34:0,R,1,CA0QAA,28,88,951,57:0,R,1,CA0QAQ,28,88,670,45:0,R,1,CBIQAA,28,88,36,45:0,R,1,CBIQAQ,28,102,36,31:0,R,1,CBEQAA,66,90,66,42:0,R,1,CBEQAQ,66,90,66,42:0,R,1,CA8QAA,133,90,79,42:0,R,1,CA8QAQ,133,90,79,42:0,R,1,CBAQAA,215,90,54,42:0,R,1,CBAQAQ,215,90,54,42:0,R,1,CA4QAA,271,90,63,42:0,R,1,CA4QAQ,271,90,63,42:0,R,1,CAEQAA,28,202,652,1496:0,R,1,CAoQAQ,28,348,652,1350:7,T:0,R,1,9,24,36,92,34:0,R,1,CA0QAA,28,88,951,57:0,R,1,CA0QAQ,28,88,670,45:0,R,1,CBIQAA,28,88,36,45:0,R,1,CBIQAQ,28,102,36,31:0,R,1,CBEQAA,66,90,66,42:0,R,1,CBEQAQ,66,90,66,42:0,R,1,CA8QAA,133,90,79,42:0,R,1,CA8QAQ,133,90,79,42:0,R,1,CBAQAA,215,90,54,42:0,R,1,CBAQAQ,215,90,54,42:0,R,1,CA4QAA,271,90,63,42:0,R,1,CA4QAQ,271,90,63,42:0,R,1,CAEQAA,28,202,652,1496:0,R,1,CAoQAQ,28,348,652,1350:1258,V,0,0,0,0:3019,V,0,0,1034,870:1,e,B&zx=1714145554524&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=1&oit=4&cp=1&pgcl=7&gs_rn=42&psi=uP-5m4QVderHBMsc&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
||
https://lens.google.com
|
unknown
|
||
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRmgZjcGOWRr7EGIjAHwueNDSQI-WXeAdig1ilxcW5kJRzd2zjnuDDx24OkMugOmCswnljnlrWZEzXJrwEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.251.35.228
|
||
https://www.google.com/xjs/_/js/k=xjs.s.en_US.DNHITQOYOgk.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAIYEgAAAACgAAIAAAAAAAAMAQAABCAAjA5oEKAQQhIABgAIAggZ__BAAAAACBAQAgYAIAAAC4AIAQAIIAAEAAAACAAgAAAAAAAAAAAAAcIIB-AAAAAAAAAAAAAACYIPgBgAAAIAQHCAEAIAAAAIA8AM8DhoMUFgAAAAAAAAAAAABAABIEc0D6CwKAAAAAAAAAAAAAAABIpROXxwAACQ/d=0/dg=0/br=1/rs=ACT90oEbqmiJA6IEvz6PO2Lr2vCdQ-a7SA/m=uKlGbf,syyj,sy3ze,DpX64d,sy3zf,EufiNb,sy1fp,P10Owf,syy4,syzv,gSZvdb,sy5ul,vTw9Fc,sym1,syoh,syoi,syoj,syok,syol,DPreE,sy2tx,qcH9Lc,sy3l6,ROaKxe,sy3l8,sy3l9,pj8IAe,sy15a,sy37l,sy3lf,sy3zm,YFicMc?xjs=s3
|
142.251.35.228
|
||
https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3D104.94.109.142443%26oq%3D104.94.109.142443%26gs_lcrp%3DEgZjaHJvbWUyBggAEEUYOdIBCTExNDQxajBqN6gCALACAA%26sourceid%3Dchrome%26ie%3DUTF-8&q=EgRmgZjcGPORr7EGIjAjT-is8k6Uwm1EagwkXv7b_3Y6lH1AXZSE6X-OCgzMA9YBQPBGvSt1H2oAX7BK9VoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.251.35.228
|
||
https://cloud.google.com/contact
|
unknown
|
||
https://lens.google.com/gen204
|
unknown
|
||
https://www.google.com/gen_204?atyp=i&ei=C8krZr7QHOyTwbkPuNyGwAw&ved=0ahUKEwj-gc3jmeCFAxXsSTABHTiuAcgQ39UDCAw&bl=jahV&s=web&zx=1714145552180&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/compressiontest/gzip.html
|
142.251.35.228
|
||
https://support.google.com/
|
unknown
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=104.94.109.142%3A&oit=3&cp=15&pgcl=7&gs_rn=42&psi=uP-5m4QVderHBMsc&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
https://www.google.com/xjs/_/js/k=xjs.s.en_US.DNHITQOYOgk.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAIYEgAAAACgAAIAAAAAAAAMAQAABCAAjA5oEKAQQhIABgAIAggZ__BAAAAACBAQAgYAIAAAC4AIAQAIIAAEAAAACAAgAAAAAAAAAAAAAcIIB-AAAAAAAAAAAAAACYIPgBgAAAIAQHCAEAIAAAAIA8AM8DhoMUFgAAAAAAAAAAAABAABIEc0D6CwKAAAAAAAAAAAAAAABIpROXxwAACQ/d=0/dg=0/br=1/rs=ACT90oEbqmiJA6IEvz6PO2Lr2vCdQ-a7SA/m=sy3zk,sy4e6,w4UyN,sywu,sywv,EbPKJf,sy4tu,sy72c,J9Q59e,sy4tv,a6Sgfb,Tia57b,KpRAue,sy1kd,NyeqM,sy2t9,sy2ta,O9SqHb?xjs=s3
|
142.251.35.228
|
||
https://www.google.com/recaptcha/api.js
|
142.251.35.228
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=104.94&oit=4&cp=6&pgcl=7&gs_rn=42&psi=uP-5m4QVderHBMsc&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRmgZjcGOWRr7EGIjBl3Z8mdV7iuQlXx3vrRkL4AVRIBUGOwGPzUYmxiw-erxFt5zhM4ErcjFfPkRW3OPQyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.251.35.228
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=104&oit=4&cp=3&pgcl=7&gs_rn=42&psi=uP-5m4QVderHBMsc&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=104.94.109.142443&oit=4&cp=15&url=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3D104.94.109.142443%26oq%3D104.94.109.142443%26gs_lcrp%3DEgZjaHJvbWUyBggAEEUYOdIBCTExNDQxajBqN6gCALACAA%26sourceid%3Dchrome%26ie%3DUTF-8&pgcl=9&gs_rn=42&psi=uP-5m4QVderHBMsc&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
http://www.aiim.org/pdfa/ns/extension/
|
unknown
|
||
https://www.google.com/complete/search?q=104.94.109.142443&cp=0&client=gws-wiz-serp&xssi=t&gs_pcrt=undefined&hl=en&authuser=0&pq=104.94.109.142443&psi=C8krZr7QHOyTwbkPuNyGwAw.1714145550203&dpr=1&ofp=EAE
|
142.251.35.228
|
||
https://www.google.com/recaptcha/api2/
|
unknown
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=104.94.1&oit=4&cp=8&pgcl=7&gs_rn=42&psi=uP-5m4QVderHBMsc&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=csi&ei=C8krZr7QHOyTwbkPuNyGwAw&s=web&t=all&imn=8&ima=2&imad=1&imac=0&wh=870&aft=1&aftp=870&adh=tv.-188&cls=0.0010946031434360575&ime=0&imex=0&imeh=0&imeha=0&imehb=0&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.17,tjhs.21,jhsl.2173,dm.8&nv=ne.2,feid.6b7c86dd-5656-4e17-b8e8-3066ab3bf4fd&net=dl.1300,ect.3g,rtt.350&hp=&sys=hc.4&p=bs.false&rt=hst.197,cbt.197,sct.429,prt.558,xjspls.1199,xjsls.1199,afti.1311,afts.474,aft.1311,aftqf.1313,dcl.2394,xjses.3600,xjsee.3640,xjs.3640,lcp.566,fcp.364,wsrt.3948,cst.331,dnst.0,rdxt.3197,rqst.1107,rspt.695,sslt.331,rqstt.3536,unt.3203,cstt.3205,dit.6342&zx=1714145550215&opi=89978449
|
142.251.35.228
|
||
https://chrome.cloudflare-dns.com
|
unknown
|
||
https://www.google.com/gen_204?atyp=i&ei=C8krZr7QHOyTwbkPuNyGwAw&ved=0ahUKEwj-gc3jmeCFAxXsSTABHTiuAcgQ39UDCAw&bl=jahV&s=web&zx=1714145552501&opi=89978449
|
142.251.35.228
|
||
https://support.google.com/websearch/answer/106230
|
unknown
|
||
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA4qo7BvEsw6c5x7L0zWkwDxk41s4QXBFq-UTbLoYi4mYg5pWAHsT9vh8DMhbPPHIyjECIZ4cYU41ywyA8hdRigYZQJnKI4_I3uv32GImq_xmDdqm2nF9i9bAfGu7AlTCwBDt7YWEwIJ3RtEJzTJZfrDDqE8Eyg8H6v_CVaI8sLZw3REAQxg9HgOdQ_aRKGSEE8JfJrWqTp2iL71Gqv5cBxUH_2LMA&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&id=abd561db531187e4
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=i&ct=rcm&cad=&ei=C8krZr7QHOyTwbkPuNyGwAw&ved=0ahUKEwj-gc3jmeCFAxXsSTABHTiuAcgQ39UDCAw&jsname=gLFyf&zx=1714145552500&opi=89978449
|
142.251.35.228
|
||
http://www.aiim.org/pdfa/ns/id/
|
unknown
|
||
https://cloud.google.com/recaptcha-enterprise/billing-information
|
unknown
|
||
https://recaptcha.net
|
unknown
|
||
https://www.google.com/logos/fnbx/zrp/full_yeti.json
|
142.251.35.228
|
||
http://schema.org/SearchResultsPage
|
unknown
|
||
https://www.google.com/async/newtab_promos
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=csi&ei=E8krZtq0O5DvkvQPhcq9oAE&s=async&astyp=asyncContextualTask&ima=0&imn=0&mem=ujhs.17,tjhs.21,jhsl.2173,dm.8&nv=ne.2,feid.6b7c86dd-5656-4e17-b8e8-3066ab3bf4fd&hp=&rt=ttfb.1013,st.1014,bs.0,aaft.1014,acrt.1015,art.1015&zx=1714145554994&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/client_204?cs=1&opi=89978449
|
142.251.35.228
|
||
https://www.google.com/gen_204?atyp=csi&ei=C8krZr7QHOyTwbkPuNyGwAw&s=jsa&jsi=s,st.8916,tni.0,atni.2,et.click,n.vZr2rb,cn.2,ie.0,vi.1&zx=1714145551503&opi=89978449
|
142.251.35.228
|
||
https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
id.google.com
|
142.250.66.195
|
||
www.google.com
|
142.251.35.228
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
192.168.2.16
|
unknown
|
unknown
|
||
104.94.108.142
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
142.251.35.228
|
www.google.com
|
United States
|
||
142.250.66.195
|
id.google.com
|
United States
|
||
104.94.109.142
|
unknown
|
United States
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
aFS
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tDIText
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tFileName
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
tFileSource
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sFileAncestors
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sDI
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sDate
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
uFileSize
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
uPageCount
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
sAssetId
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c1
|
bisSharedFile
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
aFS
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
tDIText
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
tFileName
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
sDI
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
sDate
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
uFileSize
|
||
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\AVGeneral\cRecentFiles\c2
|
uPageCount
|
There are 8 hidden registries, click here to show them.