Analysis Report https://tinyurl.com/Uptime-Covid19

Overview

General Information

Sample URL: https://tinyurl.com/Uptime-Covid19
Analysis ID: 344203

Most interesting Screenshot:

Detection

Score: 0
Range: 0 - 100
Whitelisted: false
Confidence: 80%

Signatures

No high impact signatures.

Classification

There are no high impact signatures.

Compliance:

barindex
Uses new MSVCR Dlls
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll Jump to behavior
Uses secure TLS version for HTTPS connections
Source: unknown HTTPS traffic detected: 104.20.139.65:443 -> 192.168.2.3:49706 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.20.139.65:443 -> 192.168.2.3:49707 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.20.141.124:443 -> 192.168.2.3:49709 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.20.141.124:443 -> 192.168.2.3:49710 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.94.49:443 -> 192.168.2.3:49716 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.94.49:443 -> 192.168.2.3:49717 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.147.21.139:443 -> 192.168.2.3:49712 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.147.21.139:443 -> 192.168.2.3:49713 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.216.137.118:443 -> 192.168.2.3:49719 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.216.137.118:443 -> 192.168.2.3:49718 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.216.26.196:443 -> 192.168.2.3:49722 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.216.26.196:443 -> 192.168.2.3:49723 version: TLS 1.2
Source: unknown HTTPS traffic detected: 108.177.15.154:443 -> 192.168.2.3:49724 version: TLS 1.2
Source: unknown HTTPS traffic detected: 108.177.15.154:443 -> 192.168.2.3:49725 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.217.22.227:443 -> 192.168.2.3:49728 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.217.22.227:443 -> 192.168.2.3:49729 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.19.94:443 -> 192.168.2.3:49731 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.19.94:443 -> 192.168.2.3:49730 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.3:49739 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.3:49738 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.147.21.139:443 -> 192.168.2.3:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.147.21.139:443 -> 192.168.2.3:49740 version: TLS 1.2
Source: unknown HTTPS traffic detected: 50.16.7.188:443 -> 192.168.2.3:49743 version: TLS 1.2
Source: unknown HTTPS traffic detected: 50.16.7.188:443 -> 192.168.2.3:49742 version: TLS 1.2
Source: unknown HTTPS traffic detected: 18.205.49.143:443 -> 192.168.2.3:49747 version: TLS 1.2
Source: unknown HTTPS traffic detected: 18.205.49.143:443 -> 192.168.2.3:49746 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.84.154.238:443 -> 192.168.2.3:49748 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.84.154.238:443 -> 192.168.2.3:49749 version: TLS 1.2
Source: unknown HTTPS traffic detected: 100.24.186.63:443 -> 192.168.2.3:49750 version: TLS 1.2
Source: unknown HTTPS traffic detected: 100.24.186.63:443 -> 192.168.2.3:49751 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.85.240.191:443 -> 192.168.2.3:49752 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.85.240.191:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.147.21.139:443 -> 192.168.2.3:49758 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.14.208:443 -> 192.168.2.3:49759 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.14.208:443 -> 192.168.2.3:49760 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.147.21.139:443 -> 192.168.2.3:49757 version: TLS 1.2
Source: unknown HTTPS traffic detected: 50.16.7.188:443 -> 192.168.2.3:49761 version: TLS 1.2
Source: unknown HTTPS traffic detected: 50.16.7.188:443 -> 192.168.2.3:49762 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.253.242.117:443 -> 192.168.2.3:49771 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.253.242.117:443 -> 192.168.2.3:49772 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.60.216.19:443 -> 192.168.2.3:49780 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.60.216.19:443 -> 192.168.2.3:49781 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.94.89:443 -> 192.168.2.3:49782 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.94.89:443 -> 192.168.2.3:49783 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.200.97.200:443 -> 192.168.2.3:49787 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.200.97.200:443 -> 192.168.2.3:49786 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.63.145.5:443 -> 192.168.2.3:49789 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.63.145.5:443 -> 192.168.2.3:49790 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.226.159.87:443 -> 192.168.2.3:49799 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.226.159.87:443 -> 192.168.2.3:49800 version: TLS 1.2
Source: unknown HTTPS traffic detected: 192.28.147.68:443 -> 192.168.2.3:49798 version: TLS 1.2
Source: unknown HTTPS traffic detected: 192.28.147.68:443 -> 192.168.2.3:49797 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.216.26.196:443 -> 192.168.2.3:49807 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.216.26.196:443 -> 192.168.2.3:49808 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.0.1.164:443 -> 192.168.2.3:49810 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.173.77.57:443 -> 192.168.2.3:49812 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.198.102.54:443 -> 192.168.2.3:49822 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.198.102.54:443 -> 192.168.2.3:49823 version: TLS 1.2
Source: DK8VEZ04.htm.2.dr String found in binary or memory: <section id="sp-top-bar"><div class="row"><div id="sp-top1" class="col-xs-12 col-sm-4 col-md-4 hidden-xs"><div class="sp-column "><ul class="social-icons"><li><a target="_blank" href="https://www.facebook.com/uptimeinstitute"><i class="fa fa-facebook"></i></a></li><li><a target="_blank" href="https://twitter.com/uptimeinstitute"><i class="fa fa-twitter"></i></a></li><li><a target="_blank" href="https://www.linkedin.com/company/uptime-institute/"><i class="fa fa-linkedin"></i></a></li><li><a target="_blank" href="https://www.flickr.com/photos/uptimeinstitute/"><i class="fa fa-flickr"></i></a></li></ul></div></div><div id="sp-top2" class="col-xs-12 col-sm-8 col-md-8"><div class="sp-column pull-right navbar-nav ui-top-menu"><div class="sp-module "><div class="sp-module-content"><ul class="nav navbar-nav navbar-right ui-nav-languages"> equals www.facebook.com (Facebook)
Source: DK8VEZ04.htm.2.dr String found in binary or memory: <section id="sp-top-bar"><div class="row"><div id="sp-top1" class="col-xs-12 col-sm-4 col-md-4 hidden-xs"><div class="sp-column "><ul class="social-icons"><li><a target="_blank" href="https://www.facebook.com/uptimeinstitute"><i class="fa fa-facebook"></i></a></li><li><a target="_blank" href="https://twitter.com/uptimeinstitute"><i class="fa fa-twitter"></i></a></li><li><a target="_blank" href="https://www.linkedin.com/company/uptime-institute/"><i class="fa fa-linkedin"></i></a></li><li><a target="_blank" href="https://www.flickr.com/photos/uptimeinstitute/"><i class="fa fa-flickr"></i></a></li></ul></div></div><div id="sp-top2" class="col-xs-12 col-sm-8 col-md-8"><div class="sp-column pull-right navbar-nav ui-top-menu"><div class="sp-module "><div class="sp-module-content"><ul class="nav navbar-nav navbar-right ui-nav-languages"> equals www.linkedin.com (Linkedin)
Source: DK8VEZ04.htm.2.dr String found in binary or memory: <section id="sp-top-bar"><div class="row"><div id="sp-top1" class="col-xs-12 col-sm-4 col-md-4 hidden-xs"><div class="sp-column "><ul class="social-icons"><li><a target="_blank" href="https://www.facebook.com/uptimeinstitute"><i class="fa fa-facebook"></i></a></li><li><a target="_blank" href="https://twitter.com/uptimeinstitute"><i class="fa fa-twitter"></i></a></li><li><a target="_blank" href="https://www.linkedin.com/company/uptime-institute/"><i class="fa fa-linkedin"></i></a></li><li><a target="_blank" href="https://www.flickr.com/photos/uptimeinstitute/"><i class="fa fa-flickr"></i></a></li></ul></div></div><div id="sp-top2" class="col-xs-12 col-sm-8 col-md-8"><div class="sp-column pull-right navbar-nav ui-top-menu"><div class="sp-module "><div class="sp-module-content"><ul class="nav navbar-nav navbar-right ui-nav-languages"> equals www.twitter.com (Twitter)
Source: fbevents[1].js.2.dr String found in binary or memory: (function(a,b,c,d){var e={exports:{}};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage||function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correctly on this page"},"*");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules||(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]||(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModuleRegistered=function(b,a){f.fbIsModuleLoaded(b)||(f.__fbeventsModules[b]=a)});f.ensureModuleRegistered("signalsFBEventsGetIwlUrl",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=f.getFbeventsModules("signalsFBEventsGetTier");e.exports=function(b,c){c=a(c);c=c==null?"www.facebook.com":"www."+c+".facebook.com";return"https://"+c+"/signals/iwl.js?pixel_id="+b}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("signalsFBEventsGetTier",function(){return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEvents.plugins.iwlbootstrapper",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var c=f.getFbeventsModules("SignalsFBEventsIWLBootStrapEvent"),d=f.getFbeventsModules("SignalsFBEventsLogging"),g=f.getFbeventsModules("SignalsFBEventsNetworkConfig"),h=f.getFbeventsModules("SignalsFBEventsPlugin"),i=f.getFbeventsModules("signalsFBEventsGetIwlUrl"),j=f.getFbeventsModules("signalsFBEventsGetTier"),k=d.logUserError,l=/^https:\/\/.*\.facebook\.com$/i,m="FACEBOOK_IWL_CONFIG_STORAGE_KEY",n=a.sessionStorage?a.sessionStorage:{getItem:function(a){return null},removeItem:function(a){},setItem:function(a,b){}};e.exports=new h(function(d,e){function h(c,d){var e=b.createElement("script");e.async=!0;e.onload=function(){if(!a.FacebookIWL||!a.FacebookIWL.init)return;var b=j(g.ENDPOINT);b!=null&&a.FacebookIWL.set&&a.FacebookIWL.set("tier",b);d()};a.FacebookIWLSessionEnd=function(){n.removeItem(m),a.close()};e.src=i(c,g.ENDPOINT);b.body&&b.body.appendChild(e)}var o=!1,p=function(a){return!!(e&&e.pixelsByID&&Object.prototype.hasOwnProperty.call(e.pixelsByID,a))};function q(){if(o)return;var b=n.getItem(m);if(!b)return;b=JSON.parse(b);var c=b.pixelID,d=b.graphToken,e=b.sessionStartTime;o=!0;h(c,function(){var b=p(c)?c:null;a.FacebookIWL.init(b,d,e)})}function r(b){if(o)return;h(b,func
Source: COVID-19_v4[1].pdf.2.dr String found in binary or memory: <</IsMap false/S/URI/URI(https://www.linkedin.com/company/uptime-institute/)>> equals www.linkedin.com (Linkedin)
Source: DK8VEZ04.htm.2.dr String found in binary or memory: <li class="sn-image"><a href="https://www.facebook.com/uptimeinstitute" target="new"><span id="sn_facebook"></span></a></li> equals www.facebook.com (Facebook)
Source: DK8VEZ04.htm.2.dr String found in binary or memory: <li class="sn-image"><a href="https://www.linkedin.com/company/uptime-institute/" target="new"><span id="sn_linkedin"></span></a></li> equals www.linkedin.com (Linkedin)
Source: DK8VEZ04.htm.2.dr String found in binary or memory: <p><a href="https://www.missioncriticalmagazine.com/articles/93429-gdh-expands-data-center-operations-in-line-with-dubais-smart-city-initiatives" target="_blank" rel="noopener noreferrer">Read article</a></p></div></div></div></div></div></div></div></div></div></div></div></div><div class="sppb-col-md-2 sppb-col-sm-4 sppb-col-xs-6"><div id="column-id-1505931343205" class="sppb-column " ><div class="sppb-column-addons"><div id="section-id-1588207244388" class="sppb-section " ><div class="sppb-container-inner"><div class="sppb-row"><div class="sppb-col-md-12"><div id="column-id-1588207244389" class="sppb-column" ><div class="sppb-column-addons"><div id="sppb-addon-1588263885619" class="clearfix" ><div class="sppb-addon sppb-addon-single-image sppb-text-left "><div class="sppb-addon-content"><div class="sppb-addon-single-image-container"><a target="_blank" href="https://www.computerweekly.com/news/252493590/Google-services-outage-Gmail-YouTube-and-Docs-down"><img class="sppb-img-responsive " src="/images/NewsPress/computerWeekly_330x330.jpg" alt="ComputerWeekly.com" /></a></div></div></div></div><div id="sppb-addon-1588208138601" class="clearfix" ><div class="sppb-addon sppb-addon-text-block sppb-text-left "><div class="sppb-addon-content"><h3><a href="https://www.computerweekly.com/news/252493590/Google-services-outage-Gmail-YouTube-and-Docs-down" target="_blank" rel="noopener noreferrer">Google services outage: Gmail, YouTube and Docs temporarily down</a></h3> equals www.youtube.com (Youtube)
Source: DK8VEZ04.htm.2.dr String found in binary or memory: src="https://www.facebook.com/tr?id=1963730480539399&ev=PageView&noscript=1" equals www.facebook.com (Facebook)
Source: unknown DNS traffic detected: queries for: tinyurl.com
Source: m4f3yi9k9dbi[1].js.2.dr String found in binary or memory: http://allyoucanleet.com/
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://api.jquery.com/jQuery.cssHooks/)
Source: sppagebuilder[1].js.2.dr String found in binary or memory: http://blog.alexmaccaw.com/css-transitions
Source: matchheight[1].js.2.dr String found in binary or memory: http://brm.io/jquery-match-height/
Source: bootstrap-hover-dropdown[1].js.2.dr String found in binary or memory: http://cameronspear.com/blog/bootstrap-dropdown-on-hover-plugin/
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://code.google.com/p/jquery-ui-for-ipad-and-iphone/
Source: popover[1].js.2.dr String found in binary or memory: http://code.jquery.com/jquery-1.6.4.js
Source: animate.min[1].css.2.dr String found in binary or memory: http://daneden.me/animate
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://davidwalsh.name/detecting-google-chrome-javascript
Source: jquery.magnific-popup.min[1].js.2.dr String found in binary or memory: http://dimsemenov.com/plugins/magnific-popup/
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://ejohn.org/
Source: fontawesome-webfont[1].eot.2.dr, font-awesome.min[1].css.2.dr String found in binary or memory: http://fontawesome.io
Source: font-awesome.min[1].css.2.dr String found in binary or memory: http://fontawesome.io/license
Source: fontawesome-webfont[1].eot.2.dr String found in binary or memory: http://fontawesome.io/license/
Source: fontawesome-webfont[1].eot.2.dr String found in binary or memory: http://fontawesome.iohttp://fontawesome.iohttp://fontawesome.io/license/http://fontawesome.io/licens
Source: bootstrap.min[1].js.2.dr String found in binary or memory: http://getbootstrap.com)
Source: sppagebuilder[1].js.2.dr String found in binary or memory: http://getbootstrap.com/javascript/#carousel
Source: sppagebuilder[1].js.2.dr String found in binary or memory: http://getbootstrap.com/javascript/#collapse
Source: sppagebuilder[1].js.2.dr String found in binary or memory: http://getbootstrap.com/javascript/#popovers
Source: sppagebuilder[1].js.2.dr String found in binary or memory: http://getbootstrap.com/javascript/#tabs
Source: sppagebuilder[1].js.2.dr String found in binary or memory: http://getbootstrap.com/javascript/#tooltip
Source: sppagebuilder[1].js.2.dr String found in binary or memory: http://getbootstrap.com/javascript/#transitions
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://github.com/rstacruz/jquery.transit
Source: sppagebuilder[1].js.2.dr String found in binary or memory: http://github.com/zuk/jquery.inview/
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://goo.gl/nK90K
Source: jquery.easing.min[1].js.2.dr, d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://gsgd.co.uk/sandbox/jquery/easing/
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://jamieonsoftware.com
Source: vendors-widget-8f96283c571fdb07659e[1].js.2.dr String found in binary or memory: http://jedwatson.github.io/classnames
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://jquery.com/)
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://jquery.com/).
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://labs.skinkers.com/touchSwipe/
Source: modernizr[1].js.2.dr String found in binary or memory: http://modernizr.com/download/#-fontface-backgroundsize-borderimage-borderradius-boxshadow-flexbox-h
Source: animate.min[1].css.2.dr String found in binary or memory: http://opensource.org/licenses/MIT
Source: parallax.min[1].js.2.dr String found in binary or memory: http://pixelcog.github.io/parallax.js/)
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://plugins.jquery.com/project/touchSwipe
Source: sppagebuilder[1].js.2.dr String found in binary or memory: http://remysharp.com/2009/01/26/element-in-view-event-plugin/
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://ricostacruz.com/jquery.transit
Source: COVID-19_v4[1].pdf.2.dr String found in binary or memory: http://uptimeinstitute.com/ui-intelligence)
Source: sppagebuilder[1].js.2.dr String found in binary or memory: http://vodkabears.github.io/vide/
Source: main[1].js.2.dr String found in binary or memory: http://www.aplikko.com
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://www.github.com/mattbryson
Source: sppagebuilder[1].js.2.dr, pagebuilder[1].css.2.dr, jcemediabox[1].js.2.dr String found in binary or memory: http://www.gnu.org/licenses/gpl-2.0.html
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://www.joelambert.co.uk/flux
Source: sppagebuilder[1].js.2.dr, pagebuilder[1].css.2.dr String found in binary or memory: http://www.joomshaper.com
Source: proxima-nova-semibold[1].otf.2.dr String found in binary or memory: http://www.marksimonson.com
Source: proxima-nova-semibold[1].otf.2.dr String found in binary or memory: http://www.marksimonson.comCopyright
Source: proxima-nova-semibold[1].otf.2.dr String found in binary or memory: http://www.marksimonson.comProxima
Source: sppagebuilder[1].js.2.dr String found in binary or memory: http://www.modernizr.com/)
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://www.opensource.org/licenses/MIT)
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: 4e036e6e141330cf88cc4402a61e3db52123c795[1].dat.2.dr String found in binary or memory: http://www.videolan.org/x264.html
Source: spotlight[1].js.2.dr String found in binary or memory: http://www.yootheme.com/license)
Source: js[1].js.2.dr String found in binary or memory: https://ade.googlesyndication.com/ddm/activity
Source: gtm[1].js.2.dr String found in binary or memory: https://adservice.google.com/ddm/regclk
Source: gtm[1].js.2.dr String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: analytics[1].js.2.dr String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: m4f3yi9k9dbi[1].js.2.dr String found in binary or memory: https://bnjmnt4n.now.sh/
Source: popover[1].js.2.dr String found in binary or memory: https://caniuse.com/#search=webp
Source: gtm[1].js.2.dr String found in binary or memory: https://cct.google/taggy/agent.js
Source: index[1].htm.2.dr String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/normalize/3.0.3/normalize.min.css
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: COVID-19_v4[1].pdf.2.dr String found in binary or memory: https://coronavirus.jhu.edu/)
Source: COVID-19_v4[1].pdf.2.dr String found in binary or memory: https://coronavirustechhandbook.com/%E2%80%AC)
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://datacenter.uptimeinstitute.com/2021-staffing-report.html
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://dc.ads.linkedin.com/collect/?pid=45455&fmt=gif
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: https://developer.mozilla.org/en/CSS/CSS_transitions#Properties_that_can_be_animated
Source: munchkin[1].js0.2.dr String found in binary or memory: https://developers.marketo.com/?p=7696
Source: munchkin[1].js.2.dr String found in binary or memory: https://developers.marketo.com/MunchkinLicense.pdf
Source: nkiia6prcu[1].js.2.dr String found in binary or memory: https://distillery.wistia.com/x
Source: ~DFF84D0E94BA24769C.TMP.1.dr String found in binary or memory: https://drift-lp-66680075.drift.click/0285b4ef-1d4a-4fec-9a65-b850469900bc
Source: COVID-19_v4[1].pdf.2.dr String found in binary or memory: https://drift-lp-66680075.drift.click/0285b4ef-1d4a-4fec-9a65-b850469900bc)
Source: {22E7D53B-5FF9-11EB-90E4-ECF4BB862DED}.dat.1.dr String found in binary or memory: https://drift-lp-66680075.drift.click/0285b4ef-1d4a-4fec-9a65-b850469900bcRoot
Source: {22E7D53B-5FF9-11EB-90E4-ECF4BB862DED}.dat.1.dr String found in binary or memory: https://drift-lp-e.com/t.click/0285b4ef-1d4a-4fec-9a65-b850469900bcRoot
Source: nkiia6prcu[1].js.2.dr String found in binary or memory: https://embed-ssl.wistia.com/deliveries/047d5c34ecef8e7e3578f3c6777d21ce81277c14.bin
Source: nkiia6prcu[1].js.2.dr String found in binary or memory: https://embed-ssl.wistia.com/deliveries/44abfc80e3f2688c2dbae317df9605466f8b7fe1.bin
Source: nkiia6prcu[1].js.2.dr String found in binary or memory: https://embed-ssl.wistia.com/deliveries/4e036e6e141330cf88cc4402a61e3db52123c795.bin
Source: nkiia6prcu[1].js.2.dr String found in binary or memory: https://embed-ssl.wistia.com/deliveries/7e670018db8b8d50a0c3b7affd9501723a3aa25c.bin
Source: nkiia6prcu[1].js.2.dr String found in binary or memory: https://embed-ssl.wistia.com/deliveries/94d525945bbbd6888a743e57e61ae9569a40a789.bin
Source: nkiia6prcu[1].js.2.dr String found in binary or memory: https://embed-ssl.wistia.com/deliveries/97976ebd7d9da4aeda87dd23de414403ae22021c.bin
Source: nkiia6prcu[1].js.2.dr String found in binary or memory: https://embed-ssl.wistia.com/deliveries/c7702482e79cb95b283fc1efb7f1a99c7c9169b4.bin
Source: nkiia6prcu[1].js.2.dr String found in binary or memory: https://embed-ssl.wistia.com/deliveries/df52710d015b2d5dd19fde48151d963f66a7d206.bin
Source: nkiia6prcu[1].js.2.dr String found in binary or memory: https://embed-ssl.wistia.com/flash/embed_player_v2.0.swf?2017-04-20
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://es.uptimeinstitute.com/
Source: 0285b4ef-1d4a-4fec-9a65-b850469900bc[1].htm.2.dr String found in binary or memory: https://file2.api.drift.com/download/drift-prod-file-uploads/2dd4%2F2dd4a6b5a75b5a801fa24c140180767f
Source: 0285b4ef-1d4a-4fec-9a65-b850469900bc[1].htm.2.dr String found in binary or memory: https://file2.api.drift.com/download/drift-prod-file-uploads/5196%2F5196981c98172667922610617587ce7e
Source: 0285b4ef-1d4a-4fec-9a65-b850469900bc[1].htm.2.dr String found in binary or memory: https://file2.api.drift.com/drift-prod-file-uploads/889c%2F889c981fd965d1400b1535b0557c725e/COVID19%
Source: widget-61635a1beb663755fac0[1].css.2.dr String found in binary or memory: https://fonts.googleapis.com/css?family=Lato);
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://fonts.googleapis.com/css?family=Montserrat:400
Source: widget-61635a1beb663755fac0[1].css.2.dr String found in binary or memory: https://fonts.googleapis.com/css?family=Open
Source: widget-61635a1beb663755fac0[1].css.2.dr String found in binary or memory: https://fonts.googleapis.com/css?family=Overpass);
Source: widget-61635a1beb663755fac0[1].css.2.dr String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto
Source: widget-61635a1beb663755fac0[1].css.2.dr String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto);
Source: css[3].css0.2.dr String found in binary or memory: https://fonts.gstatic.com/s/average/v9/fC1hPYBHe23MxA7rEeV6Ug.woff)
Source: css[1].css2.2.dr String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u-w4BMUTPHjxsIPx-oPCQ.woff)
Source: css[1].css2.2.dr String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHh30AXC-s.woff)
Source: css[1].css2.2.dr String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHjxsAXC-s.woff)
Source: css[1].css2.2.dr String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPHw.woff)
Source: css[1].css2.2.dr String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPHw.woff)
Source: css[1].css2.2.dr String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPHw.woff)
Source: css[1].css2.2.dr String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u_w4BMUTPHjxsI3wi_Gwfr.woff)
Source: css[1].css2.2.dr String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u_w4BMUTPHjxsI5wq_Gwfr.woff)
Source: css[1].css2.2.dr String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u_w4BMUTPHjxsI9w2_Gwfr.woff)
Source: css[1].css2.2.dr String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wWA.woff)
Source: css[3].css0.2.dr String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhzQ.woff)
Source: css[1].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOXOhv.woff)
Source: css[1].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOXOhv.woff)
Source: css[1].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OXOhv.woff)
Source: css[1].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOXOhv.woff)
Source: css[1].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Xdcs.woff)
Source: css[3].css.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0d.woff)
Source: css[1].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50d.woff)
Source: css[1].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKW-U9hlIqU.woff)
Source: css[1].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKWiUNhlIqU.woff)
Source: css[1].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKWyV9hlIqU.woff)
Source: css[1].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKXGUdhlIqU.woff)
Source: css[2].css0.2.dr String found in binary or memory: https://fonts.gstatic.com/s/overpass/v5/qFdH35WCmI96Ajtm81GlU90.woff)
Source: css[3].css0.2.dr String found in binary or memory: https://fonts.gstatic.com/s/pacifico/v17/FwZY7-Qmy14u9lezJ-6H6M8.woff)
Source: css[3].css0.2.dr String found in binary or memory: https://fonts.gstatic.com/s/raleway/v18/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrc.woff)
Source: css[2].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOiCnqEu92Fr1Mu51QrEzAdKQ.woff)
Source: css[2].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51S7ACc6CsI.woff)
Source: css[2].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TLBCc6CsI.woff)
Source: css[2].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TjASc6CsI.woff)
Source: css[2].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TzBic6CsI.woff)
Source: css[2].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1MmgVxIIzQ.woff)
Source: css[2].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzQ.woff)
Source: css[2].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc-.woff)
Source: css[2].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc-.woff)
Source: css[2].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc-.woff)
Source: css[2].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc-.woff)
Source: css[2].css1.2.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxM.woff)
Source: css[1].css0.2.dr String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v12/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rl.woff)
Source: bootstrap-hover-dropdown[1].js.2.dr String found in binary or memory: https://github.com/CWSpear/bootstrap-hover-dropdown/issues/55
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: https://github.com/alexanderdickson/waitForImages
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: https://github.com/joelhy)
Source: gtm[1].js.2.dr String found in binary or memory: https://github.com/krux/postscribe/blob/master/LICENSE.
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: https://github.com/mattbryson/TouchSwipe-Jquery-Plugin
Source: animate.min[1].css.2.dr String found in binary or memory: https://github.com/nickpettit/glide
Source: parallax.min[1].js.2.dr String found in binary or memory: https://github.com/pixelcog/parallax.js/blob/master/LICENSE)
Source: main[1].js.2.dr String found in binary or memory: https://github.com/rafaelp/css_browser_selector)
Source: sppagebuilder[1].js.2.dr String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://insidetrack.uptimeinstitute.com
Source: COVID-19_v4[1].pdf.2.dr String found in binary or memory: https://insidetrack.uptimeinstitute.com/member/collection/show/27960)
Source: COVID-19_v4[1].pdf.2.dr String found in binary or memory: https://insidetrack.uptimeinstitute.com/member/dashboard/member)
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://journal.uptimeinstitute.com
Source: ~DFF84D0E94BA24769C.TMP.1.dr String found in binary or memory: https://js.driftt.com/deploy/assets/index.html
Source: 0285b4ef-1d4a-4fec-9a65-b850469900bc[1].htm.2.dr String found in binary or memory: https://js.driftt.com/v1-include/
Source: m4f3yi9k9dbi[1].js.2.dr String found in binary or memory: https://mths.be/mit
Source: m4f3yi9k9dbi[1].js.2.dr String found in binary or memory: https://mths.be/platform
Source: main[1].js.2.dr String found in binary or memory: https://osvaldas.info/drop-down-navigation-responsive-and-touch-friendly
Source: gtm[1].js.2.dr String found in binary or memory: https://pagead2.googlesyndication.com
Source: js[1].js.2.dr String found in binary or memory: https://pagead2.googlesyndication.com/
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://pt.uptimeinstitute.com/
Source: insight.min[1].js.2.dr String found in binary or memory: https://px.ads.linkedin.com/collect?
Source: insight.min[1].js.2.dr String found in binary or memory: https://px.ads.linkedin.com/insight_tag_errors.gif?
Source: d5329677e6dd65ffc03192ef1cf31c48[1].js.2.dr String found in binary or memory: https://raw.github.com/danro/jquery-easing/master/LICENSE
Source: vendors-widget-8f96283c571fdb07659e[1].js.2.dr String found in binary or memory: https://raw.githubusercontent.com/stefanpenner/es6-promise/master/LICENSE
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://ru.uptimeinstitute.com/
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: analytics[1].js.2.dr String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://twitter.com/uptimeinstitute
Source: {22E7D53B-5FF9-11EB-90E4-ECF4BB862DED}.dat.1.dr String found in binary or memory: https://uptimeinstitut075.drift.click/0285b4ef-1d4a-4fec-9a65-b850469900bc
Source: {22E7D53B-5FF9-11EB-90E4-ECF4BB862DED}.dat.1.dr String found in binary or memory: https://uptimeinstitute.cRoot
Source: 0285b4ef-1d4a-4fec-9a65-b850469900bc[1].htm.2.dr String found in binary or memory: https://uptimeinstitute.com
Source: ~DFF84D0E94BA24769C.TMP.1.dr String found in binary or memory: https://uptimeinstitute.com/
Source: COVID-19_v4[1].pdf.2.dr String found in binary or memory: https://uptimeinstitute.com/)
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://uptimeinstitute.com/component/search/?id=1519&amp;Itemid=101&amp;format=opensearch
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://uptimeinstitute.com/education/course-details/advanced-seminars
Source: imagestore.dat.2.dr String found in binary or memory: https://uptimeinstitute.com/images/favicon.ico~
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://uptimeinstitute.com/media/nextend/cache/css/static/d5d5ce16bd4e12829f3c3e745a232960.css
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://uptimeinstitute.com/media/nextend/cache/image/static/20185e27cadb174851aa999c1a7b0b2f.jpg
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://uptimeinstitute.com/media/nextend/cache/image/static/31fec21c015e6d0741e74f642b62d0b2.jpg
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://uptimeinstitute.com/media/nextend/cache/image/static/48afb8ca794f3b445e3dff4a8890c3a3.jpg
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://uptimeinstitute.com/media/nextend/cache/image/static/61003e9486bb0d2b1413e1ebe710a638.jpg
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://uptimeinstitute.com/media/nextend/cache/image/static/77daa3621ab63c2664627229d1a726b9.jpg
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://uptimeinstitute.com/media/nextend/cache/js/static/d5329677e6dd65ffc03192ef1cf31c48.js
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://uptimeinstitute.com/privacy-policy
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://uptimeinstitute.com/resources/assets?filter%5Blanguage_id%5D=0&amp;filter%5Bcategory_id%5D=3
Source: ~DFF84D0E94BA24769C.TMP.1.dr String found in binary or memory: https://uptimeinstitute.com/t.click/0285b4ef-1d4a-4fec-9a65-b850469900bc
Source: ~DFF84D0E94BA24769C.TMP.1.dr String found in binary or memory: https://uptimeinstitute.com/t.click/0285b4ef-1d4a-4fec-9a65-b850469900bc469900bc
Source: ~DFF84D0E94BA24769C.TMP.1.dr String found in binary or memory: https://uptimeinstitute.com/t.click/0285b4ef-1d4a-4fec-9a65-b850469900bcZ
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://uptimeinstitute.com/tga
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://www.brighttalk.com/webcast/14219/465310?utm_source=Uptime
Source: COVID-19_v4[1].pdf.2.dr String found in binary or memory: https://www.cdc.gov/coronavirus/2019-nCoV/index.html)
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://www.computerweekly.com/news/252493590/Google-services-outage-Gmail-YouTube-and-Docs-down
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://www.datacenterdynamics.com/en/opinions/climate-change-skepticism-data-center/
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://www.datacenterdynamics.com/en/opinions/thunder-lightning-or-rain/
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://www.digitalcreed.in/mumbai-power-failure-datacenters/
Source: js[1].js.2.dr String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: analytics[1].js.2.dr String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.2.dr String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: gtm[1].js.2.dr, js[1].js.2.dr String found in binary or memory: https://www.google.com
Source: 0285b4ef-1d4a-4fec-9a65-b850469900bc[1].htm.2.dr String found in binary or memory: https://www.google.com/s2/favicons?domain=https://uptimeinstitute.com
Source: imagestore.dat.2.dr String found in binary or memory: https://www.google.com/s2/favicons?domain=https://uptimeinstitute.com6
Source: js[1].js.2.dr String found in binary or memory: https://www.google.com/travel/flights/click/conversion/
Source: gtm[1].js.2.dr String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.2.dr String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: 0285b4ef-1d4a-4fec-9a65-b850469900bc[1].htm.2.dr String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=UA-24440320-1
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-WPMZ556
Source: js[1].js.2.dr String found in binary or memory: https://www.googletraveladservices.com/travel/clk/pagead/conversion/
Source: jcemediabox[1].js.2.dr String found in binary or memory: https://www.joomlacontenteditor.net
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://www.linkedin.com/company/uptime-institute/
Source: COVID-19_v4[1].pdf.2.dr String found in binary or memory: https://www.linkedin.com/company/uptime-institute/)
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://www.missioncriticalmagazine.com/articles/93429-gdh-expands-data-center-operations-in-line-wi
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://www.missioncriticalmagazine.com/articles/93441-predictions
Source: COVID-19_v4[1].pdf.2.dr String found in binary or memory: https://www.osha.gov/SLTC/covid-19/controlprevention.html#health)
Source: COVID-19_v4[1].pdf.2.dr String found in binary or memory: https://www.who.int/emergencies/diseases/novel-coronavirus-2019)
Source: DK8VEZ04.htm.2.dr String found in binary or memory: https://zh.uptimeinstitute.com/
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown HTTPS traffic detected: 104.20.139.65:443 -> 192.168.2.3:49706 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.20.139.65:443 -> 192.168.2.3:49707 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.20.141.124:443 -> 192.168.2.3:49709 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.20.141.124:443 -> 192.168.2.3:49710 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.94.49:443 -> 192.168.2.3:49716 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.94.49:443 -> 192.168.2.3:49717 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.147.21.139:443 -> 192.168.2.3:49712 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.147.21.139:443 -> 192.168.2.3:49713 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.216.137.118:443 -> 192.168.2.3:49719 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.216.137.118:443 -> 192.168.2.3:49718 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.216.26.196:443 -> 192.168.2.3:49722 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.216.26.196:443 -> 192.168.2.3:49723 version: TLS 1.2
Source: unknown HTTPS traffic detected: 108.177.15.154:443 -> 192.168.2.3:49724 version: TLS 1.2
Source: unknown HTTPS traffic detected: 108.177.15.154:443 -> 192.168.2.3:49725 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.217.22.227:443 -> 192.168.2.3:49728 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.217.22.227:443 -> 192.168.2.3:49729 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.19.94:443 -> 192.168.2.3:49731 version: TLS 1.2
Source: unknown HTTPS traffic detected: 104.16.19.94:443 -> 192.168.2.3:49730 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.3:49739 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.94.26:443 -> 192.168.2.3:49738 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.147.21.139:443 -> 192.168.2.3:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.147.21.139:443 -> 192.168.2.3:49740 version: TLS 1.2
Source: unknown HTTPS traffic detected: 50.16.7.188:443 -> 192.168.2.3:49743 version: TLS 1.2
Source: unknown HTTPS traffic detected: 50.16.7.188:443 -> 192.168.2.3:49742 version: TLS 1.2
Source: unknown HTTPS traffic detected: 18.205.49.143:443 -> 192.168.2.3:49747 version: TLS 1.2
Source: unknown HTTPS traffic detected: 18.205.49.143:443 -> 192.168.2.3:49746 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.84.154.238:443 -> 192.168.2.3:49748 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.84.154.238:443 -> 192.168.2.3:49749 version: TLS 1.2
Source: unknown HTTPS traffic detected: 100.24.186.63:443 -> 192.168.2.3:49750 version: TLS 1.2
Source: unknown HTTPS traffic detected: 100.24.186.63:443 -> 192.168.2.3:49751 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.85.240.191:443 -> 192.168.2.3:49752 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.85.240.191:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.147.21.139:443 -> 192.168.2.3:49758 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.14.208:443 -> 192.168.2.3:49759 version: TLS 1.2
Source: unknown HTTPS traffic detected: 151.101.14.208:443 -> 192.168.2.3:49760 version: TLS 1.2
Source: unknown HTTPS traffic detected: 54.147.21.139:443 -> 192.168.2.3:49757 version: TLS 1.2
Source: unknown HTTPS traffic detected: 50.16.7.188:443 -> 192.168.2.3:49761 version: TLS 1.2
Source: unknown HTTPS traffic detected: 50.16.7.188:443 -> 192.168.2.3:49762 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.253.242.117:443 -> 192.168.2.3:49771 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.253.242.117:443 -> 192.168.2.3:49772 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.60.216.19:443 -> 192.168.2.3:49780 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.60.216.19:443 -> 192.168.2.3:49781 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.94.89:443 -> 192.168.2.3:49782 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.224.94.89:443 -> 192.168.2.3:49783 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.200.97.200:443 -> 192.168.2.3:49787 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.200.97.200:443 -> 192.168.2.3:49786 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.63.145.5:443 -> 192.168.2.3:49789 version: TLS 1.2
Source: unknown HTTPS traffic detected: 185.63.145.5:443 -> 192.168.2.3:49790 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.226.159.87:443 -> 192.168.2.3:49799 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.226.159.87:443 -> 192.168.2.3:49800 version: TLS 1.2
Source: unknown HTTPS traffic detected: 192.28.147.68:443 -> 192.168.2.3:49798 version: TLS 1.2
Source: unknown HTTPS traffic detected: 192.28.147.68:443 -> 192.168.2.3:49797 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.216.26.196:443 -> 192.168.2.3:49807 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.216.26.196:443 -> 192.168.2.3:49808 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.0.1.164:443 -> 192.168.2.3:49810 version: TLS 1.2
Source: unknown HTTPS traffic detected: 35.173.77.57:443 -> 192.168.2.3:49812 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.198.102.54:443 -> 192.168.2.3:49822 version: TLS 1.2
Source: unknown HTTPS traffic detected: 34.198.102.54:443 -> 192.168.2.3:49823 version: TLS 1.2
Source: classification engine Classification label: clean0.win@17/265@34/28
Source: C:\Program Files\internet explorer\iexplore.exe File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High Jump to behavior
Source: C:\Program Files\internet explorer\iexplore.exe File created: C:\Users\user\AppData\Local\Temp\~DF499E025DDBBE2095.TMP Jump to behavior
Source: C:\Program Files\internet explorer\iexplore.exe File read: C:\Users\desktop.ini Jump to behavior
Source: unknown Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: unknown Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4952 CREDAT:17410 /prefetch:2
Source: unknown Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\COVID-19_v4.pdf'
Source: unknown Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\COVID-19_v4.pdf'
Source: unknown Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043
Source: unknown Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1704,5597326268629714092,5294744840436624648,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=11483793060652442055 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11483793060652442055 --renderer-client-id=2 --mojo-platform-channel-handle=1716 --allow-no-sandbox-job /prefetch:1
Source: unknown Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1704,5597326268629714092,5294744840436624648,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=18152290393966851700 --mojo-platform-channel-handle=1736 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2
Source: unknown Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1704,5597326268629714092,5294744840436624648,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=16145082219574015218 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16145082219574015218 --renderer-client-id=4 --mojo-platform-channel-handle=1848 --allow-no-sandbox-job /prefetch:1
Source: unknown Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1704,5597326268629714092,5294744840436624648,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=6472226303739352892 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6472226303739352892 --renderer-client-id=5 --mojo-platform-channel-handle=2180 --allow-no-sandbox-job /prefetch:1
Source: C:\Program Files\internet explorer\iexplore.exe Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4952 CREDAT:17410 /prefetch:2 Jump to behavior
Source: C:\Program Files\internet explorer\iexplore.exe Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\COVID-19_v4.pdf' Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\COVID-19_v4.pdf' Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043 Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1704,5597326268629714092,5294744840436624648,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=11483793060652442055 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11483793060652442055 --renderer-client-id=2 --mojo-platform-channel-handle=1716 --allow-no-sandbox-job /prefetch:1
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1704,5597326268629714092,5294744840436624648,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=18152290393966851700 --mojo-platform-channel-handle=1736 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1704,5597326268629714092,5294744840436624648,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=16145082219574015218 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16145082219574015218 --renderer-client-id=4 --mojo-platform-channel-handle=1848 --allow-no-sandbox-job /prefetch:1
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1704,5597326268629714092,5294744840436624648,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=6472226303739352892 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6472226303739352892 --renderer-client-id=5 --mojo-platform-channel-handle=2180 --allow-no-sandbox-job /prefetch:1
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe File opened: C:\Windows\SysWOW64\Macromed\Flash\ss.cfg Jump to behavior
Source: C:\Program Files\internet explorer\iexplore.exe Automated click: agree
Source: C:\Program Files\internet explorer\iexplore.exe Automated click: agree
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe File opened: C:\Windows\SysWOW64\Msftedit.dll Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe Process information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 344203 URL: https://tinyurl.com/Uptime-... Startdate: 26/01/2021 Architecture: WINDOWS Score: 0 7 iexplore.exe 10 67 2->7         started        process3 9 AcroRd32.exe 37 7->9         started        11 iexplore.exe 9 264 7->11         started        dnsIp4 14 RdrCEF.exe 59 9->14         started        17 AcroRd32.exe 8 6 9->17         started        30 uptimeinstitute.com 23.253.242.117, 443, 49771, 49772 RMH-14US United States 11->30 32 711-ria-145.mktoresp.com 192.28.147.68, 443, 49797, 49798 MARKETOUS United States 11->32 34 50 other IPs or domains 11->34 process5 dnsIp6 36 192.168.2.1 unknown unknown 14->36 19 RdrCEF.exe 14->19         started        22 RdrCEF.exe 14->22         started        24 RdrCEF.exe 14->24         started        26 RdrCEF.exe 14->26         started        process7 dnsIp8 28 80.0.0.0 NTLGB United Kingdom 19->28
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
108.177.15.154
 unknown United States
15169 GOOGLEUS false
54.84.154.238
 unknown United States
14618 AMAZON-AESUS false
34.198.102.54
 unknown United States
14618 AMAZON-AESUS false
50.16.7.188
 unknown United States
14618 AMAZON-AESUS false
54.147.21.139
 unknown United States
14618 AMAZON-AESUS false
192.28.147.68
 unknown United States
53580 MARKETOUS false
52.216.137.118
 unknown United States
16509 AMAZON-02US false
23.253.242.117
 unknown United States
33070 RMH-14US false
52.20.141.124
 unknown United States
14618 AMAZON-AESUS false
52.216.26.196
 unknown United States
16509 AMAZON-02US false
52.0.1.164
 unknown United States
14618 AMAZON-AESUS false
80.0.0.0
 unknown United Kingdom
5089 NTLGB false
18.205.49.143
 unknown United States
14618 AMAZON-AESUS false
35.173.77.57
 unknown United States
14618 AMAZON-AESUS false
34.200.97.200
 unknown United States
14618 AMAZON-AESUS false
185.63.145.5
 unknown United States
14413 LINKEDINUS false
104.20.139.65
 unknown United States
13335 CLOUDFLARENETUS false
13.224.94.26
 unknown United States
16509 AMAZON-02US false
54.85.240.191
 unknown United States
14618 AMAZON-AESUS false
13.224.94.49
 unknown United States
16509 AMAZON-02US false
185.60.216.19
 unknown Ireland
32934 FACEBOOKUS false
151.101.14.208
 unknown United States
54113 FASTLYUS false
100.24.186.63
 unknown United States
14618 AMAZON-AESUS false
13.224.94.89
 unknown United States
16509 AMAZON-02US false
13.226.159.87
 unknown United States
16509 AMAZON-02US false
172.217.22.227
 unknown United States
15169 GOOGLEUS false
104.16.19.94
 unknown United States
13335 CLOUDFLARENETUS false

Private
IP
192.168.2.1

Contacted Domains

Name IP Active
alb-event-1454785217.us-east-1.elb.amazonaws.com 18.205.49.143 true
afe79c04fd8464db69f453355c110684-6aa967fe209738b1.elb.us-east-1.amazonaws.com 54.147.21.139 true
ee15ba61-wschat-wschatalb-6fcf-2062696737.us-east-1.elb.amazonaws.com 54.84.154.238 true
d2201ucog3v8ee.cloudfront.net 13.226.159.87 true
dl7g9llrghqi1.cloudfront.net 13.224.94.49 true
a2f905133e04e4d35ade9cd4751dd35b-4fd69d4b6621dbbd.elb.us-east-1.amazonaws.com 54.85.240.191 true
scontent.xx.fbcdn.net 185.60.216.19 true
okt.to 34.200.97.200 true
s3.amazonaws.com 52.216.137.118 true
s3-1-w.amazonaws.com 52.216.26.196 true
prod-east-stats-tap-alb-627711272.us-east-1.elb.amazonaws.com 52.0.1.164 true
cdnjs.cloudflare.com 104.16.19.94 true
dualstack.com.imgix.map.fastly.net 151.101.14.208 true
d21prwqavi0i2.cloudfront.net 13.224.94.89 true
prod-east-pipedream-alb-988701200.us-east-1.elb.amazonaws.com 35.173.77.57 true
tinyurl.com 104.20.139.65 true
drift-lp-66680075.drift.click 52.20.141.124 true
stats.l.doubleclick.net 108.177.15.154 true
a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.com 34.198.102.54 true
targeting.api.drift.com 100.24.186.63 true
uptimeinstitute.com 23.253.242.117 true
embeds.driftcdn.com 13.224.94.26 true
711-ria-145.mktoresp.com 192.28.147.68 true
www.google.co.uk 172.217.22.227 true
pop-efr5.mix.linkedin.com 185.63.145.5 true
fast.wistia.com unknown unknown
presence.api.drift.com unknown unknown
metrics.api.drift.com unknown unknown
embedwistia-a.akamaihd.net unknown unknown
file2.api.drift.com unknown unknown
static.oktopost.com unknown unknown
stats.g.doubleclick.net unknown unknown
js.driftt.com unknown unknown
customer.api.drift.com unknown unknown
event.api.drift.com unknown unknown
107326-26.chat.api.drift.com unknown unknown
fg8vvsvnieiv3ej16jby.litix.io unknown unknown
distillery.wistia.com unknown unknown
conversation.api.drift.com unknown unknown
messaging.api.drift.com unknown unknown
www.linkedin.com unknown unknown
cdn.leadmanagerfx.com unknown unknown
connect.facebook.net unknown unknown
px.ads.linkedin.com unknown unknown
munchkin.marketo.net unknown unknown
drift-prod-file-uploads.s3.amazonaws.com unknown unknown
snap.licdn.com unknown unknown
pipedream.wistia.com unknown unknown
driftt.imgix.net unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://drift-lp-66680075.drift.click/0285b4ef-1d4a-4fec-9a65-b850469900bc false
    		unknown