IOCReport

loading gif

Files

File Path
Type
Category
Malicious
http://www.tonhc.org/coronavirus/
URL
initial url
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F3ABF0DC-C56B-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F3ABF0DE-C56B-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FBEA4EDE-C56B-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\0UbOGz5uZCI[1].css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\10462463_733049010098381_7592984258504974586_n[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 40x40, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\1487645_6012475414660_1439393861_n[1].png
PNG image data, 10 x 10, 8-bit/color RGB, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\16486968_419413705060919_4560230974885411816_o[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\16486968_419413705060919_4560230974885411816_o[2].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\175403742_1478406012495011_3389624806742482905_n[1].png
PNG image data, 331 x 414, 8-bit/color RGB, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\188888692_1505957103073235_1769118996642174241_n[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 331x414, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\191433657_1504648103204135_8784403890329073815_n[1].png
PNG image data, 261 x 326, 8-bit/color RGB, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\3PPD5qbge6n[1].css
assembler source, ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Favicon-3-300x300[1].png
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\LRo67jlaRgY[1].js
C source, ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\NifK3RmDZV7[1].js
C source, ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\PHR[1].png
PNG image data, 413 x 150, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\San-Simon-Map[1].png
PNG image data, 2000 x 659, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\San-Xavier-Map[1].png
PNG image data, 2000 x 659, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Sells-Hospital-Map[1].png
PNG image data, 2000 x 659, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\TONHC-Website-Logo-2-300x106[1].png
PNG image data, 300 x 106, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\a11y.min[1].js
UTF-8 Unicode text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\core.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\coronavirus[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\css[1].css
ASCII text
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\css[2].css
ASCII text
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\dnserror[1]
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\down[1]
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\e-202122[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\effect-scale.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\effect-transfer.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\entypo-fontello[1].eot
Embedded OpenType (EOT), entypo-fontello family
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\event-mod[1].css
ASCII text
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\ewd-ufaq-js[1].js
ASCII text, with very long lines, with CRLF line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\for-patients[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\g[1].gif
GIF image data, version 89a, 6 x 5
modified
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\izD6r8nnhFQ[1].css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jetpack-carousel.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\mediaelement-and-player.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\mission[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\page[1].htm
HTML document, ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\page[2].htm
HTML document, ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\san-simon[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\spin.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\tonhc-mission[1].jpg
[TIFF image data, little-endian, direntries=0], progressive, precision 8, 1500x852, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\tonhc-sanxavier-location[1].jpg
[TIFF image data, little-endian, direntries=0], progressive, precision 8, 1500x710, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\tonhc-sells-location[1].jpg
[TIFF image data, little-endian, direntries=0], progressive, precision 8, 1500x826, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\wp-mediaelement.min[1].js
HTML document, ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\wp-polyfill-dom-rect.min[1].js
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\2020-10-06_15-43-59[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x411, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\6xK3dSBYKcSV-LCoeQqfX1RYOo3aPA[1].woff
Web Open Font Format, TrueType, length 81008, version 1.1
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\6xKydSBYKcSV-LCoeQqfX1RYOo3i54rAkw[1].woff
Web Open Font Format, TrueType, length 80556, version 1.1
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\8zxpfB5cm1Q[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Disclosure-1[1].png
PNG image data, 235 x 300, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Facilities-Map-1[1].png
PNG image data, 2000 x 784, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\IEOQM8FL8ot[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\LDIDWlUlAG9[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\LU-65[1].jpg
"LEADTOOLS v20.0", progressive, precision 8, 673x870, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Mission[1].png
PNG image data, 180 x 180, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\QAtzoDVsrCZ[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\TODHHS-Logo[1].png
PNG image data, 180 x 180, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Tohono-Nation-Logo[1].png
PNG image data, 180 x 180, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Uf-73aw922e[1].js
C source, ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Vision[1].png
PNG image data, 180 x 180, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\_0FMPEc0nGG[1].png
PNG image data, 64 x 204, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\about[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\dom-ready.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\errorPageStrings[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\ewd-toggle-icon[1].woff
Web Open Font Format, CFF, length 2400, version 1.0
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\ewd-ufaq-styles[1].css
ASCII text, with CRLF line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\g[1].gif
GIF image data, version 89a, 6 x 5
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\g[2].gif
GIF image data, version 89a, 6 x 5
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\g[3].gif
GIF image data, version 89a, 6 x 5
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\g[4].gif
GIF image data, version 89a, 6 x 5
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\grid[1].css
ASCII text
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\jetpack[1].css
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\jquery.spin.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\jquery[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\n-uOOobFC9i[1].png
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\onuUJj0tCqE[1].png
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\photon.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\position.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\san-simon[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\san-xavier[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\sant-rosa[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\sdk[1].js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\sells-hospital[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\style.min[1].css
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\tonhc-patient-photo[1].jpg
[TIFF image data, little-endian, direntries=0], progressive, precision 8, 1500x817, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\tonhc-sanxavier-location[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x630, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\tonhc-staff-photo[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x630, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\w-logo-blue-white-bg[1].png
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\widget.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\wp-polyfill-formdata.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\0Z7xVUWszo1[1].js
C source, ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7j[1].woff
Web Open Font Format, TrueType, length 20180, version 1.1
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vAkw[1].woff
Web Open Font Format, TrueType, length 80084, version 1.1
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\About-Map[1].jpg
[TIFF image data, big-endian, direntries=1], progressive, precision 8, 583x570, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\Bottom-CTA[1].jpg
[TIFF image data, big-endian, direntries=1], progressive, precision 8, 1600x494, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\Committment[1].png
PNG image data, 180 x 180, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\K5bccTxKt9H[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\Patient-Map-1[1].png
PNG image data, 2000 x 769, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\Santa-Rosa-Map[1].png
PNG image data, 2000 x 659, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\SohvyHf9bqU[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\TONHC_VChart-2[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 326x651, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\aVoL5z69Opq[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\avia-compat[1].js
ASCII text
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\avia[1].js
UTF-8 Unicode text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\effect-size.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\effect.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\facilities[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\g[1].gif
GIF image data, version 89a, 6 x 5
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\g[2].gif
GIF image data, version 89a, 6 x 5
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\g[3].gif
GIF image data, version 89a, 6 x 5
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\g[4].gif
GIF image data, version 89a, 6 x 5
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\g[5].gif
GIF image data, version 89a, 6 x 5
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\httpErrorPagesScripts[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\iArlHGPYN4y[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\jquery.magnific-popup.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\mAk7O30HXYa[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\rrssb-min[1].css
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\sdk[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\sdk[2].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\shortcodes[1].js
UTF-8 Unicode text
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\tonhc-sansimon[1].jpg
[TIFF image data, little-endian, direntries=0], progressive, precision 8, 1500x704, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\tonhc-santarosa[1].jpg
[TIFF image data, little-endian, direntries=0], progressive, precision 8, 1500x735, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\tooltip.min[1].css
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\vVNHHjOWB6t[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\wp-embed.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\wp-emoji-release.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\wp-polyfill-node-contains.min[1].js
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\wp-polyfill.min[1].js
UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\y4WUvAA0Uto[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\ykbSkxJ8VJE[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\186027454_1496138820721730_6922694887599130221_n[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 261x520, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\189144475_1504647939870818_7958538689783098516_n[1].png
PNG image data, 261 x 326, 8-bit/color RGB, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Amendment-1[1].png
PNG image data, 235 x 300, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\ApcBOUT5FoS[1].png
PNG image data, 13 x 39, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Cafe-Closed[1].png
PNG image data, 526 x 173, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Ek10ELLuAdl[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\JNHW1aQLTTB[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\JopZtdti8dq[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\NewErrorPageTemplate[1]
UTF-8 Unicode (with BOM) text, with CRLF line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Our-Facilities[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x630, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Privacy-Practice-1[1].png
PNG image data, 235 x 300, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\San-Simon-Cropped[1].jpg
[TIFF image data, big-endian, direntries=1], progressive, precision 8, 2000x617, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Santa-Rosa-Cropped[1].jpg
[TIFF image data, big-endian, direntries=1], progressive, precision 8, 2000x617, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Sells_Hospital-History[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x430, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\TNluRrQpOUF[1].css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Zi02u5iY-LN[1].css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\autocomplete.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\base[1].css
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\comment-reply.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\common-skeleton.min[1].css
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\contact[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\custom[1].css
ASCII text
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\d__2zwz9HAa[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\enfold[1].css
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\facebook-embed.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\g[1].gif
GIF image data, version 89a, 6 x 5
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\i18n.min[1].js
data
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\layout[1].css
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\magnific-popup[1].css
ASCII text
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\mediaelement-migrate.min[1].js
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\mediaelementplayer[1].css
ASCII text
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\menu.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\print[1].css
ASCII text
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\shortcodes[1].css
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\tohono-oodham-healthcare-about-staff[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x630, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\tonhc-sells-location[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x630, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\w80LSDrgYYm[1].css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\wp-polyfill-fetch.min[1].js
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\wp-polyfill-url.min[1].js
UTF-8 Unicode text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Temp\~DF30E8CCFB5BD637DA.TMP
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DF71009F50E7C650E6.TMP
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DF91B0334891952890.TMP
data
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\VBIZLEM8HFPQKVH5LIH2.temp
data
dropped
 clean
There are 177 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\internet explorer\iexplore.exe
'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6628 CREDAT:17410 /prefetch:2
 clean

URLs

Name
IP
Malicious
https://phr.ihs.gov/ph
unknown
 clean
https://wp.me/P9uvL4-4a
unknown
 clean
https://wp.me/P9uvL4-5A
unknown
 clean
http://www.tonhc.org/coronavirus/#webpage
unknown
 clean
https://wp.me/P9uvL4-3z
unknown
 clean
https://phr.ihs.gov/phr/PHRLogin
unknown
 clean
http://pixel.wp.com/g.gif?v=ext&j=1%3A8.6.2&blog=140258946&post=130&tz=-7&srv=www.tonhc.org&host=www.tonhc.org&ref=&fcp=0&rand=0.7339871367483555
192.0.76.3
 clean
http://www.tonhc.org/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton
unknown
 clean
https://i0.wp.com/www.tonhc.org/wp-content/uploads/2021/05/LU-65.jpg?w=673
unknown
 clean
http://www.tonhc.org/coronavirus-guidance/
unknown
 clean
http://www.tonhc.org/coronavirus/
64.25.66.82
 clean
http://www.tonhc.org/coronavirus/Root
unknown
 clean
http://stackoverflow.com/questions/11979156/mobile-safari-back-button
unknown
 clean
http://www.tonhc.org/wp-content/themes/enfold/js/aviapopup/magnific-popup.css?ver=1
64.25.66.82
 clean
https://theeventscalendar.com/
unknown
 clean
http://www.tonhc.org/wp-json/oembed/1.0/embed?url=http%3A%2F%2Fwww.tonhc.org%2Ffacilities%2Fsan-xavi
unknown
 clean
http://www.tonhc.org/wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.11.4
64.25.66.82
 clean
http://www.tonhc.org/xmlrpc.php
unknown
 clean
http://www.tonhc.org/wp-admin/admin-ajax.php
unknown
 clean
https://github.com/jquery/jquery-color
unknown
 clean
http://api.jqueryui.com/jQuery.widget/
unknown
 clean
http://www.tonhc.org/wp-json/wp/v2/pages/116
unknown
 clean
http://www.tonhc.org/wp-content/uploads/2021/02/Cafe-Closed.png
64.25.66.82
 clean
https://www.internalfb.com/intern/invariant/
unknown
 clean
http://pixel.wp.com/g.gif?v=ext&j=1%3A8.6.2&blog=140258946&post=89&tz=-7&srv=www.tonhc.org&host=www.tonhc.org&ref=&fcp=0&rand=0.7034506522366686
192.0.76.3
 clean
http://pixel.wp.com/g.gif?v=ext&j=1%3A8.6.2&blog=140258946&post=159&tz=-7&srv=www.tonhc.org&host=www.tonhc.org&ref=&fcp=0&rand=0.08588111661636594
192.0.76.3
 clean
http://www.tonhc.org/wp-json/wp/v2/pages/130
unknown
 clean
https://i0.wp.com/www.tonhc.org/wp-content/uploads/2021/05/LU-65.jpg?resize=232%2C300
unknown
 clean
https://schema.org/WPSideBar
unknown
 clean
http://www.tonhc.org/w
unknown
 clean
http://www.tonhc.org/wp-json/oembed/1.0/embed?url=http%3A%2F%2Fwww.tonhc.org%2Ffor-patients%2F
unknown
 clean
https://wp.me/P9uvL4-2z
unknown
 clean
https://github.com/gabceb/jquery-browser-plugin
unknown
 clean
http://pixel.wp.com/g.gif?v=ext&j=1%3A8.6.2&blog=140258946&post=221&tz=-7&srv=www.tonhc.org&host=www.tonhc.org&ref=&fcp=0&rand=0.7699525934342165
192.0.76.3
 clean
http://connect.facebook.net/en_US/sdk.js
31.13.92.14
 clean
http://www.tonhc.org/facilities/sant-rosa/
64.25.66.82
 clean
https://wp.me/P9uvL4-3h
unknown
 clean
http://www.tonhc.org/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.5.5
64.25.66.82
 clean
https://i1.wp.com/www.tonhc.org/wp-content/uploads/2017/09/Privacy-Practice-1.png?fit=235%2C300
unknown
 clean
https://i2.wp.com/www.tonhc.org/wp-content/uploads/2017/09/Sells_Hospital-History.jpg?resize=1000%2C
unknown
 clean
http://pixel.wp.com/g.gif?v=ext&j=1%3A8.6.2&blog=140258946&post=203&tz=-7&srv=www.tonhc.org&host=www.tonhc.org&ref=&fcp=0&rand=0.7936902269709519
192.0.76.3
 clean
https://i2.wp.com/www.tonhc.org/wp-content/uploads/2017/09/tonhc-sansimon.jpg?fit=1500%2C704);
unknown
 clean
https://secure.gravatar.com/images/grav-share-sprite.png);background-repeat:no-repeat;width:16px;hei
unknown
 clean
http://www.tonhc.org/wp-content/themes/enfold/js/mediaelement/skin-1/mediaelementplayer.css?ver=1
64.25.66.82
 clean
http://www.tonhc.
unknown
 clean
https://i1.wp.com/www.tonhc.org/wp-content/uploads/2017/09/tonhc-santarosa.jpg?fit=1500%2C735);
unknown
 clean
http://artsy.github.io/blog/2012/10/18/so-you-want-to-do-a-css3-3d-transform/
unknown
 clean
http://www.tonhc.org/wp-content/plugins/ultimate-faqs/css/ewd-ufaq-styles.css?ver=5.5.5
64.25.66.82
 clean
http://www.tonhc.org/facilities/sells-hospital/.Sells
unknown
 clean
http://www.reddit.com/
unknown
 clean
http://www.tonhc.org/wp-content/uploads/2017/09/Favicon-3-300x300.png
64.25.66.82
 clean
http://api.jqueryui.com/size-effect/
unknown
 clean
http://www.mediaelementjs.com/
unknown
 clean
https://i2.wp.com/www.tonhc.org/wp-content/uploads/2017/09/Facilities-Map-1.png?fit=2000%2C784
unknown
 clean
http://www.tonhc.Root
unknown
 clean
https://i2.wp.com/www.tonhc.org/wp-content/uploads/2021/05/TONHC_VChart-2.jpg?w=436
unknown
 clean
https://i1.wp.com/www.tonhc.org/wp-content/uploads/2017/09/tonhc-staff-photo.jpg?resize=1500%2C630);
unknown
 clean
http://www.tonhc.org/coronavirus-patient-information/
unknown
 clean
http://www.tonhc.org/wp-content/themes/enfold/css/base.css?ver=2
64.25.66.82
 clean
http://www.tonhc.org/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fo
unknown
 clean
https://i2.wp.com/www.tonhc.org/wp-content/uploads/2017/09/Sells-Hospital-Map.png?fit=2000%2C659);
unknown
 clean
http://www.kriesi.at/support/topic/next-previous-blog-post-bug/
unknown
 clean
https://i1.wp.com/www.tonhc.org/wp-content/uploads/2017/09/TODHHS-Logo.png?resize=36%2C36
unknown
 clean
http://www.tonhc.org/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.13-9993131
64.25.66.82
 clean
http://www.tonhc.org/wp-json/oembed/1.0/embed?url=http%3A%2F%2Fwww.tonhc.org%2Ffacilities%2Fsells-ho
unknown
 clean
http://api.jqueryui.com/category/ui-core/
unknown
 clean
https://github.com/imakewebthings/waypoints/blog/master/licenses.txt
unknown
 clean
https://schema.org
unknown
 clean
http://www.tonhc.org/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.5.5
64.25.66.82
 clean
https://i0.wp.com/www.tonhc.org/wp-content/uploads/2020/10/2020-10-06_15-43-59.jpg?resize=1030%2C411
unknown
 clean
http://gmpg.org/xfn/11
unknown
 clean
http://www.tonhc.org/coronavirus/#primaryimage
unknown
 clean
https://i1.wp.com/www.tonhc.org/wp-content/uploads/2017/09/Tohono-Nation-Logo.png?resize=120%2C120
unknown
 clean
https://i2.wp.com/www.tonhc.org/wp-content/uploads/2017/09/tonhc-patient-photo.jpg?fit=1500%2C817);
unknown
 clean
http://www.tonhc.org/wp-content/themes/enfold/js/avia-compat.js?ver=2
64.25.66.82
 clean
https://i0.wp.com/www.tonhc.org/wp-content/uploads/2020/10/2020-10-06_15-43-59.jpg?fit=1585%2C632
unknown
 clean
http://www.tonhc.org/coronavirus/(Coronavirus
unknown
 clean
https://i0.wp.com/www.tonhc.org/wp-content/uploads/2020/10/2020-10-06_15-43-59.jpg?resize=705%2C281
unknown
 clean
https://schema.org/WPHeader
unknown
 clean
https://wp.me/P9uvL4-h1
unknown
 clean
http://www.tonhc.org/wp-includes/js/dist/vendor/wp-polyfill-dom-rect.min.js?ver=3.42.0
64.25.66.82
 clean
https://phr.ihs.gov/phr/PHRLogin
clean
http://www.tonhc.org/facilities/
clean
http://www.tonhc.org/coronavirus/
clean
http://www.tonhc.org/wp-content/themes/enfold/js/aviapopup/jquery.magnific-popup.min.js?ver=2
64.25.66.82
 clean
http://www.tonhc.org/wp-content/uploads/2017/09/TONHC-Website-Logo-2-300x106.png
64.25.66.82
 clean
https://i1.wp.com/www.tonhc.org/wp-content/uploads/2017/09/PHR.png?resize=300%2C109
unknown
 clean
https://i1.wp.com/www.tonhc.org/wp-content/uploads/2017/09/Our-Facilities.jpg?resize=1500%2C630);
unknown
 clean
http://www.tonhc.org/coronavirus-media/
unknown
 clean
http://api.jqueryui.com/transfer-effect/
unknown
 clean
https://i2.wp.com/www.tonhc.org/wp-content/uploads/2021/05/TONHC_VChart-2.jpg?resize=326%2C651
unknown
 clean
http://www.tonhc.org/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
64.25.66.82
 clean
http://www.tonhc.org/wp-json/wp/v2/pages/103
unknown
 clean
http://www.tonhc.org/wp-json/wp/v2/pages/346
unknown
 clean
http://www.tonhc.org/events/?ical=1
unknown
 clean
https://i1.wp.com/www.tonhc.org/wp-content/uploads/2017/09/PHR.png?resize=413%2C150
unknown
 clean
http://www.tonhc.org/wp-json/wp/v2/pages/221
unknown
 clean
http://www.tonhc.org/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
64.25.66.82
 clean
http://www.tonhc.org/#website
unknown
 clean
https://i1.wp.com/www.tonhc.org/wp-content/uploads/2017/09/Tohono-Nation-Logo.png?resize=36%2C36
unknown
 clean
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
stats.wp.com
192.0.76.3
 clean
star-mini.c10r.facebook.com
157.240.9.35
 clean
scontent.fhel6-1.fna.fbcdn.net
212.188.75.209
 clean
scontent-frx5-1.xx.fbcdn.net
185.60.216.19
 clean
scontent.xx.fbcdn.net
31.13.92.14
 clean
pixel.wp.com
192.0.76.3
 clean
scontent-frt3-2.xx.fbcdn.net
157.240.20.19
 clean
tonhc.org
64.25.66.82
 clean
i1.wp.com
192.0.77.2
 clean
i0.wp.com
192.0.77.2
 clean
scontent-frt3-1.xx.fbcdn.net
31.13.92.14
 clean
i2.wp.com
192.0.77.2
 clean
www.facebook.com
unknown
 clean
connect.facebook.net
unknown
 clean
www.tonhc.org
unknown
 clean
There are 5 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
212.188.75.209
scontent.fhel6-1.fna.fbcdn.net
Russian Federation
clean
157.240.20.19
scontent-frt3-2.xx.fbcdn.net
United States
clean
185.60.216.19
scontent-frx5-1.xx.fbcdn.net
Ireland
clean
157.240.9.35
star-mini.c10r.facebook.com
United States
clean
64.25.66.82
tonhc.org
United States
clean
31.13.92.14
scontent.xx.fbcdn.net
Ireland
clean
192.0.77.2
i1.wp.com
United States
clean
192.0.76.3
stats.wp.com
United States
clean

Registry

Path
Value
Malicious
C:\Program Files\internet explorer\iexplore.exe
{F3ABF0DC-C56B-11EB-90EB-ECF4BBEA1588}
 clean
C:\Program Files\internet explorer\iexplore.exe
MFV
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
Blocked
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
Blocked
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
CVListPingLastYMD
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
NextUpdateDate
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
MFV
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
@C:\Windows\System32\ieframe.dll,-912
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
@C:\Windows\System32\ieframe.dll,-903
 clean
There are 43 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
3C6847E000
unkown
page read and write
 clean
14C18F28000
unkown
page read and write
 clean
1446E63C000
unkown
page read and write
 clean
7FF51A7A5000
unkown
page readonly
 clean
27C91F5000
unkown
page read and write
 clean
7FF503CAA000
unkown
page readonly
 clean
14C17078000
unkown
page read and write
 clean
7FF5769D4000
unkown
page readonly
 clean
7FF5E7561000
unkown
page readonly
 clean
14C18F8F000
unkown
page read and write
 clean
14C18FAE000
unkown
page read and write
 clean
20978802000
unkown
page read and write
 clean
14C18FBE000
unkown
page read and write
 clean
7FF5B215B000
unkown
page readonly
 clean
14C18FCF000
unkown
page read and write
 clean
7FF52D446000
unkown
page readonly
 clean
7FF5E72A4000
unkown
page readonly
 clean
14C17168000
unkown
page read and write
 clean
39F91FC000
unkown
page read and write
 clean
14C1A110000
unkown
page read and write
 clean
14C1904F000
unkown
page read and write
 clean
14C19102000
unkown
page read and write
 clean
7FF51A7EA000
unkown
page readonly
 clean
7FF52CEE1000
unkown
page readonly
 clean
14C17200000
unkown
page readonly
 clean
14C18F0F000
unkown
page read and write
 clean
27C49C6A000
unkown
page read and write
 clean
14C1A310000
unkown
page read and write
 clean
7FF503A11000
unkown
page readonly
 clean
7FF52D4A1000
unkown
page readonly
 clean
7FF5E724F000
unkown
page readonly
 clean
7FF52D6D4000
unkown
page readonly
 clean
21C02940000
heap default
page read and write
 clean
DE639F9000
unkown
page read and write
 clean
7FF52D583000
unkown
page readonly
 clean
14C18F41000
unkown
page read and write
 clean
39F8E7B000
unkown
page read and write
 clean
39F937C000
unkown
page read and write
 clean
7FF5E74B4000
unkown
page readonly
 clean
14C19482000
unkown
page read and write
 clean
7FF5E6D71000
unkown
page readonly
 clean
14C18F68000
unkown
page read and write
 clean
14C170BE000
unkown
page read and write
 clean
1446E510000
heap default
page read and write
 clean
7FF51A79A000
unkown
page readonly
 clean
2097A310000
unkown
page readonly
 clean
1A83AF40000
unkown
page readonly
 clean
14C18F11000
unkown
page read and write
 clean
1A83AA02000
unkown
page read and write
 clean
14C16F40000
unkown
page readonly
 clean
7FF503AA1000
unkown
page readonly
 clean
7FF503786000
unkown
page readonly
 clean
7FF5E7412000
unkown
page readonly
 clean
14C18F52000
unkown
page read and write
 clean
2097882B000
unkown
page read and write
 clean
7FF503C39000
unkown
page readonly
 clean
14C17060000
unkown
page read and write
 clean
7FF5E749F000
unkown
page readonly
 clean
7FF52D6FD000
unkown
page readonly
 clean
14C18DF0000
unkown
page read and write
 clean
3C68579000
unkown
page read and write
 clean
14C17065000
unkown
page read and write
 clean
7FF503C3D000
unkown
page readonly
 clean
7FF5B214A000
unkown
page readonly
 clean
7FF5E743F000
unkown
page readonly
 clean
7FF503C04000
unkown
page readonly
 clean
14C190E4000
unkown
page read and write
 clean
14C16E20000
unkown
page readonly
 clean
14C18FF7000
unkown
page read and write
 clean
14C19500000
unkown
page read and write
 clean
7FF5E7291000
unkown
page readonly
 clean
7FF52D68B000
unkown
page readonly
 clean
14C170B8000
unkown
page read and write
 clean
7FF5E7236000
unkown
page readonly
 clean
7FF5E745C000
unkown
page readonly
 clean
7FF5E713A000
unkown
page readonly
 clean
14C18F2D000
unkown
page read and write
 clean
39F818B000
unkown
page read and write
 clean
1A83A28A000
unkown
page read and write
 clean
7FF52D57B000
unkown
page readonly
 clean
21C02A6F000
unkown
page read and write
 clean
1446E713000
unkown
page read and write
 clean
14C170B7000
unkown
page read and write
 clean
7FF576555000
unkown
page readonly
 clean
7FF51A808000
unkown
page readonly
 clean
7FF5E745A000
unkown
page readonly
 clean
39F92FC000
unkown
page read and write
 clean
39F86FA000
unkown
page read and write
 clean
7FF503780000
unkown
page readonly
 clean
20978C50000
unkown
page readonly
 clean
7FF576980000
unkown
page readonly
 clean
2097A670000
unkown
page read and write
 clean
7FF5B1F71000
unkown
page readonly
 clean
14C17102000
unkown
page read and write
 clean
27C49C6A000
unkown
page read and write
 clean
39F8EFD000
unkown
page read and write
 clean
E9358F9000
unkown
page read and write
 clean
14C19058000
unkown
page read and write
 clean
29737C000
unkown
page read and write
 clean
39F85FA000
unkown
page read and write
 clean
7FF51A763000
unkown
page readonly
 clean
14C18FE8000
unkown
page read and write
 clean
1446E5F0000
unkown
page readonly
 clean
7FF5E713F000
unkown
page readonly
 clean
27C49C68000
unkown
page read and write
 clean
20978720000
heap default
page read and write
 clean
1446E702000
unkown
page read and write
 clean
7FF5768E4000
unkown
page readonly
 clean
7FF51A7F4000
unkown
page readonly
 clean
7FF5B2234000
unkown
page readonly
 clean
7FF5B2053000
unkown
page readonly
 clean
21C029A0000
unkown
page readonly
 clean
14C18F52000
unkown
page read and write
 clean
14C1705F000
unkown
page read and write
 clean
7FF52D67E000
unkown
page readonly
 clean
1446E64D000
unkown
page read and write
 clean
14C170BD000
unkown
page read and write
 clean
14C170BB000
unkown
page read and write
 clean
14C18F59000
unkown
page read and write
 clean
14C170BA000
unkown
page read and write
 clean
7FF5E7147000
unkown
page readonly
 clean
7FF503B0D000
unkown
page readonly
 clean
27C49C6A000
unkown
page read and write
 clean
20978902000
unkown
page read and write
 clean
7FF5E740C000
unkown
page readonly
 clean
1446E629000
unkown
page read and write
 clean
27C49C67000
unkown
page read and write
 clean
7FF5B1E1F000
unkown
page readonly
 clean
7FF52D6EE000
unkown
page readonly
 clean
7FF51A46A000
unkown
page readonly
 clean
7FF51A55B000
unkown
page readonly
 clean
14C18F91000
unkown
page read and write
 clean
14C18F51000
unkown
page read and write
 clean
14C18F22000
unkown
page read and write
 clean
14C18FBE000
unkown
page read and write
 clean
1A83A202000
unkown
page read and write
 clean
39F907B000
unkown
page read and write
 clean
7FF5E7402000
unkown
page readonly
 clean
7FF51A001000
unkown
page readonly
 clean
7FF5E73B6000
unkown
page readonly
 clean
3C6867E000
unkown
page read and write
 clean
7FF5B19B1000
unkown
page readonly
 clean
7FF57697A000
unkown
page readonly
 clean
7FF51A566000
unkown
page readonly
 clean
7FF5E6FD2000
unkown
page readonly
 clean
1A83A308000
unkown
page read and write
 clean
14C19100000
unkown
page read and write
 clean
14C16DB0000
heap private
page read and write
 clean
14C1904F000
unkown
page read and write
 clean
14C170C0000
unkown
page read and write
 clean
1A83A28F000
unkown
page read and write
 clean
DE6357F000
unkown
page read and write
 clean
39F867E000
unkown
page read and write
 clean
1446E654000
unkown
page read and write
 clean
7FF5769FD000
unkown
page readonly
 clean
29707E000
unkown
page read and write
 clean
7FF51A81D000
unkown
page readonly
 clean
14C18F9E000
unkown
page read and write
 clean
27C49C6A000
unkown
page read and write
 clean
14C1708A000
unkown
page read and write
 clean
7FF5769AC000
unkown
page readonly
 clean
1446E4B0000
heap private
page read and write
 clean
7FF5B1E0C000
unkown
page readonly
 clean
14C1709F000
unkown
page read and write
 clean
14C17062000
unkown
page read and write
 clean
7FF5B21C1000
unkown
page readonly
 clean
1A83A25E000
unkown
page read and write
 clean
14C170B7000
unkown
page read and write
 clean
14C16F90000
unkown
page readonly
 clean
7FF5E74D8000
unkown
page readonly
 clean
27C49C40000
unkown
page read and write
 clean
7FF51A79E000
unkown
page readonly
 clean
14C19000000
unkown
page read and write
 clean
7FF5B204B000
unkown
page readonly
 clean
14C18F52000
unkown
page read and write
 clean
7FF503CB1000
unkown
page readonly
 clean
7FF503BBE000
unkown
page readonly
 clean
14C1902A000
unkown
page read and write
 clean
14C1A210000
unkown
page read and write
 clean
14C19078000
unkown
page read and write
 clean
7FF5B21A4000
unkown
page readonly
 clean
39F8B7C000
unkown
page read and write
 clean
14C170BC000
unkown
page read and write
 clean
7FF57697E000
unkown
page readonly
 clean
7FF5769B7000
unkown
page readonly
 clean
1446E68F000
unkown
page read and write
 clean
1446E708000
unkown
page read and write
 clean
14C18F67000
unkown
page read and write
 clean
21C02C00000
unkown
page readonly
 clean
7FF51A477000
unkown
page readonly
 clean
7FF5B1E1A000
unkown
page readonly
 clean
14C19200000
unkown
page read and write
 clean
27C49C13000
unkown
page read and write
 clean
14C190DE000
unkown
page read and write
 clean
14C18F92000
unkown
page read and write
 clean
7FF5E744F000
unkown
page readonly
 clean
7FF576A64000
unkown
page readonly
 clean
7FF5E746A000
unkown
page readonly
 clean
14C1A210000
unkown
page read and write
 clean
7FF52D685000
unkown
page readonly
 clean
7FF52D643000
unkown
page readonly
 clean
14C18F11000
unkown
page read and write
 clean
14C17055000
unkown
page read and write
 clean
1A83AC00000
unkown
page readonly
 clean
7FF52D620000
unkown
page readonly
 clean
7FF503C36000
unkown
page readonly
 clean
7FF5E72A6000
unkown
page readonly
 clean
7FF5769F6000
unkown
page readonly
 clean
7FF5B214E000
unkown
page readonly
 clean
7FF5E7444000
unkown
page readonly
 clean
14C18F00000
unkown
page read and write
 clean
14C19182000
unkown
page read and write
 clean
14C19250000
unkown
page readonly
 clean
296A9B000
unkown
page read and write
 clean
14C18F13000
unkown
page read and write
 clean
39F8AFB000
unkown
page read and write
 clean
7FF52D6B8000
unkown
page readonly
 clean
1A83A160000
unkown
page readonly
 clean
7FF51A892000
unkown
page readonly
 clean
7FF51A5F9000
unkown
page readonly
 clean
1A83A300000
unkown
page read and write
 clean
14C170C0000
unkown
page read and write
 clean
14C190DA000
unkown
page read and write
 clean
E935A7F000
unkown
page read and write
 clean
21C02A6F000
unkown
page read and write
 clean
7FF5B1F75000
unkown
page readonly
 clean
7FF576985000
unkown
page readonly
 clean
27C49C6C000
unkown
page read and write
 clean
14C18F9D000
unkown
page read and write
 clean
20978A00000
unkown
page write copy
 clean
27C92FB000
unkown
page read and write
 clean
14C18F88000
unkown
page read and write
 clean
7FF52D764000
unkown
page readonly
 clean
7FF52D34A000
unkown
page readonly
 clean
39F8C7B000
unkown
page read and write
 clean
14C18F94000
unkown
page read and write
 clean
7FF51A7E4000
unkown
page readonly
 clean
7FF51A45C000
unkown
page readonly
 clean
1446EE02000
unkown
page read and write
 clean
14C18F94000
unkown
page read and write
 clean
14C18F52000
unkown
page read and write
 clean
7FF5B21AE000
unkown
page readonly
 clean
7FF57696C000
unkown
page readonly
 clean
27C49A40000
heap private
page read and write
 clean
296B9E000
unkown
page read and write
 clean
14C170F4000
unkown
page read and write
 clean
7FF5769E8000
unkown
page readonly
 clean
21C02A6F000
unkown
page read and write
 clean
14C16FF0000
unkown
page readonly
 clean
14C1708E000
unkown
page read and write
 clean
21C04470000
unkown
page read and write
 clean
7FF5768CD000
unkown
page readonly
 clean
14C170BC000
unkown
page read and write
 clean
7FF5E74E6000
unkown
page readonly
 clean
14C16FA0000
heap private
page read and write
 clean
7FF57687E000
unkown
page readonly
 clean
1446E64B000
unkown
page read and write
 clean
39F84FB000
unkown
page read and write
 clean
14C17086000
unkown
page read and write
 clean
7FF5769AF000
unkown
page readonly
 clean
14C18F52000
unkown
page read and write
 clean
1446E613000
unkown
page read and write
 clean
21C02A6F000
unkown
page read and write
 clean
7FF52D6F6000
unkown
page readonly
 clean
7FF5E7562000
unkown
page readonly
 clean
7FF52D4D9000
unkown
page readonly
 clean
20978800000
unkown
page read and write
 clean
14C18F52000
unkown
page read and write
 clean
7FF50340E000
unkown
page readonly
 clean
14C18F52000
unkown
page read and write
 clean
14C1904B000
unkown
page read and write
 clean
7FF576823000
unkown
page readonly
 clean
1A83A400000
unkown
page readonly
 clean
14C17092000
unkown
page read and write
 clean
14C170B7000
unkown
page read and write
 clean
E93597A000
unkown
page read and write
 clean
14C1708E000
unkown
page read and write
 clean
20978851000
unkown
page read and write
 clean
7FF51A7CF000
unkown
page readonly
 clean
7FF52D67A000
unkown
page readonly
 clean
21C02A6F000
unkown
page read and write
 clean
7FF5E749C000
unkown
page readonly
 clean
14C1A000000
unkown
page read and write
 clean
39F877B000
unkown
page read and write
 clean
39F90FB000
unkown
page read and write
 clean
27C49D02000
unkown
page read and write
 clean
14C18FAE000
unkown
page read and write
 clean
21C02B13000
unkown
page read and write
 clean
14C17124000
unkown
page read and write
 clean
1446EC60000
unkown
page readonly
 clean
7FF5E6CCD000
unkown
page readonly
 clean
1446E64C000
unkown
page read and write
 clean
14C17087000
unkown
page read and write
 clean
1446E520000
unkown
page readonly
 clean
7FF51A69B000
unkown
page readonly
 clean
7FF51A80E000
unkown
page readonly
 clean
7FF5B20F2000
unkown
page readonly
 clean
27C49C02000
unkown
page read and write
 clean
14C170B7000
unkown
page read and write
 clean
14C190DD000
unkown
page read and write
 clean
14C19400000
unkown
page read and write
 clean
14C19502000
unkown
page read and write
 clean
27C4B5A0000
unkown
page read and write
 clean
1446ECC0000
unkown
page readonly
 clean
7FF503937000
unkown
page readonly
 clean
14C18F52000
unkown
page read and write
 clean
27C49E00000
unkown
page readonly
 clean
14C19442000
unkown
page read and write
 clean
209786C0000
heap private
page read and write
 clean
3C6814B000
unkown
page read and write
 clean
7FF5B217F000
unkown
page readonly
 clean
14C19542000
unkown
page read and write
 clean
27C94FE000
unkown
page read and write
 clean
7FF5767D1000
unkown
page readonly
 clean
7FF5E7554000
unkown
page readonly
 clean
7FF5768EC000
unkown
page readonly
 clean
7FF576861000
unkown
page readonly
 clean
7FF5E72C1000
unkown
page readonly
 clean
27C90FF000
unkown
page read and write
 clean
39F8A7A000
unkown
page read and write
 clean
14C17094000
unkown
page read and write
 clean
7FF52D771000
unkown
page readonly
 clean
1446E800000
unkown
page readonly
 clean
7FF503BEC000
unkown
page readonly
 clean
7FF5769C4000
unkown
page readonly
 clean
E93558F000
unkown
page read and write
 clean
7FF5E6CD1000
unkown
page readonly
 clean
14C18FF6000
unkown
page read and write
 clean
14C170EE000
unkown
page read and write
 clean
7FF5768D3000
unkown
page readonly
 clean
7FF51A7CC000
unkown
page readonly
 clean
7FF503BEF000
unkown
page readonly
 clean
3C685FF000
unkown
page read and write
 clean
14C18F46000
unkown
page read and write
 clean
1A83A170000
unkown
page read and write
 clean
14C18FDB000
unkown
page read and write
 clean
14C17147000
unkown
page read and write
 clean
7FF52D697000
unkown
page readonly
 clean
39F93FF000
unkown
page read and write
 clean
39F887B000
unkown
page read and write
 clean
7FF576540000
unkown
page readonly
 clean
DE63879000
unkown
page read and write
 clean
7FF5E7378000
unkown
page readonly
 clean
7FF5B21B8000
unkown
page readonly
 clean
1A83A22A000
unkown
page read and write
 clean
14C18F42000
unkown
page read and write
 clean
14C19013000
unkown
page read and write
 clean
7FF52D4A5000
unkown
page readonly
 clean
20978900000
unkown
page read and write
 clean
14C1A010000
unkown
page read and write
 clean
7FF5B20F0000
unkown
page readonly
 clean
29727E000
unkown
page read and write
 clean
7FF503CA4000
unkown
page readonly
 clean
14C17029000
unkown
page read and write
 clean
7FF5B19AD000
unkown
page readonly
 clean
1A83A313000
unkown
page read and write
 clean
7FF5E74E1000
unkown
page readonly
 clean
27C49C6A000
unkown
page read and write
 clean
14C16EF0000
unkown
page write copy
 clean
21C02A40000
unkown
page read and write
 clean
14C18F9A000
unkown
page read and write
 clean
7FF5E73BD000
unkown
page readonly
 clean
7FF576A6A000
unkown
page readonly
 clean
7FF51A884000
unkown
page readonly
 clean
27C49C6A000
unkown
page read and write
 clean
7FF52D561000
unkown
page readonly
 clean
27C49BD0000
unkown
page readonly
 clean
7FF5E743B000
unkown
page readonly
 clean
296B1E000
unkown
page read and write
 clean
7FF5769EE000
unkown
page readonly
 clean
7FF5B1FA9000
unkown
page readonly
 clean
27C49C29000
unkown
page read and write
 clean
7FF5769F9000
unkown
page readonly
 clean
7FF5B1F16000
unkown
page readonly
 clean
14C1A110000
unkown
page read and write
 clean
27C907F000
unkown
page read and write
 clean
7FF5E7049000
unkown
page readonly
 clean
14C1A010000
unkown
page read and write
 clean
7FF576700000
unkown
page readonly
 clean
21C02A6F000
unkown
page read and write
 clean
1446E688000
unkown
page read and write
 clean
7FF5B2188000
unkown
page readonly
 clean
7FF51A7A0000
unkown
page readonly
 clean
7FF5B2113000
unkown
page readonly
 clean
20978813000
unkown
page read and write
 clean
7FF5E72B1000
unkown
page readonly
 clean
7FF503940000
unkown
page readonly
 clean
14C17082000
unkown
page read and write
 clean
14C1706B000
unkown
page read and write
 clean
7FF5B1E27000
unkown
page readonly
 clean
7FF52D33C000
unkown
page readonly
 clean
14C190A9000
unkown
page read and write
 clean
14C170D0000
unkown
page read and write
 clean
7FF5E74BA000
unkown
page readonly
 clean
7FF576A71000
unkown
page readonly
 clean
14C1A310000
unkown
page read and write
 clean
7FF5E7248000
unkown
page readonly
 clean
7FF51A816000
unkown
page readonly
 clean
7FF51A681000
unkown
page readonly
 clean
1446E647000
unkown
page read and write
 clean
DE635FF000
unkown
page read and write
 clean
14C170B7000
unkown
page read and write
 clean
21C02A6F000
unkown
page read and write
 clean
7FF51A742000
unkown
page readonly
 clean
7FF51A7FE000
unkown
page readonly
 clean
14C170BB000
unkown
page read and write
 clean
14C18F30000
unkown
page read and write
 clean
14C18F52000
unkown
page read and write
 clean
14C18F11000
unkown
page read and write
 clean
7FF503CB2000
unkown
page readonly
 clean
27C49D00000
unkown
page read and write
 clean
E9359FE000
unkown
page read and write
 clean
29747E000
unkown
page read and write
 clean
14C1703F000
unkown
page read and write
 clean
14C19182000
unkown
page read and write
 clean
39F8CFB000
unkown
page read and write
 clean
14C1A013000
unkown
page read and write
 clean
14C170BE000
unkown
page read and write
 clean
1446E627000
unkown
page read and write
 clean
14C1708A000
unkown
page read and write
 clean
14C18DE0000
unkown
page read and write
 clean
7FF5B2155000
unkown
page readonly
 clean
2097883F000
unkown
page read and write
 clean
7FF503BD7000
unkown
page readonly
 clean
14C1904B000
unkown
page read and write
 clean
21C02A6F000
unkown
page read and write
 clean
14C17086000
unkown
page read and write
 clean
27C49C6A000
unkown
page read and write
 clean
7FF5E7295000
unkown
page readonly
 clean
7FF51A7D8000
unkown
page readonly
 clean
7FF5E74CE000
unkown
page readonly
 clean
296FFB000
unkown
page read and write
 clean
7FF576546000
unkown
page readonly
 clean
7FF5B21CD000
unkown
page readonly
 clean
297177000
unkown
page read and write
 clean
14C19220000
unkown
page readonly
 clean
7FF52D772000
unkown
page readonly
 clean
7FF503BF7000
unkown
page readonly
 clean
14C18F52000
unkown
page read and write
 clean
14C16F80000
unkown
page read and write
 clean
1A83A213000
unkown
page read and write
 clean
27C49AA0000
heap default
page read and write
 clean
7FF5B2241000
unkown
page readonly
 clean
7FF57687B000
unkown
page readonly
 clean
39F857E000
unkown
page read and write
 clean
14C17013000
unkown
page read and write
 clean
14C18F10000
unkown
page read and write
 clean
DE638FB000
unkown
page read and write
 clean
1446E700000
unkown
page read and write
 clean
27C95FD000
unkown
page read and write
 clean
14C170BB000
unkown
page read and write
 clean
1446E670000
unkown
page read and write
 clean
1A83A254000
unkown
page read and write
 clean
14C170BB000
unkown
page read and write
 clean
14C170BA000
unkown
page read and write
 clean
1A83A24E000
unkown
page read and write
 clean
14C170BD000
unkown
page read and write
 clean
14C19482000
unkown
page read and write
 clean
7FF5E7351000
unkown
page readonly
 clean
14C18F52000
unkown
page read and write
 clean
14C18F51000
unkown
page read and write
 clean
14C18F6C000
unkown
page read and write
 clean
39F927A000
unkown
page read and write
 clean
7FF51A88A000
unkown
page readonly
 clean
7FF503C2E000
unkown
page readonly
 clean
1A83A23C000
unkown
page read and write
 clean
21C02A02000
unkown
page read and write
 clean
27C4B6A0000
unkown
page readonly
 clean
7FF5B2031000
unkown
page readonly
 clean
14C189A0000
unkown
page read and write
 clean
7FF57698B000
unkown
page readonly
 clean
14C18F26000
unkown
page read and write
 clean
7FF51A6A3000
unkown
page readonly
 clean
14C170BE000
unkown
page read and write
 clean
7FF52D43B000
unkown
page readonly
 clean
7FF576997000
unkown
page readonly
 clean
21C02A00000
unkown
page read and write
 clean
E93587E000
unkown
page read and write
 clean
14C19142000
unkown
page read and write
 clean
1A83A4D0000
unkown
page readonly
 clean
14C170BE000
unkown
page read and write
 clean
14C18AA0000
unkown
page readonly
 clean
7FF5E74DE000
unkown
page readonly
 clean
7FF503BC5000
unkown
page readonly
 clean
7FF5E722B000
unkown
page readonly
 clean
14C18F52000
unkown
page read and write
 clean
14C170BB000
unkown
page read and write
 clean
7FF5E7433000
unkown
page readonly
 clean
14C1717A000
unkown
page read and write
 clean
14C18F52000
unkown
page read and write
 clean
14C19402000
unkown
page read and write
 clean
7FF52D622000
unkown
page readonly
 clean
14C170BC000
unkown
page read and write
 clean
7FF5E755A000
unkown
page readonly
 clean
39F897A000
unkown
page read and write
 clean
14C170C1000
unkown
page read and write
 clean
14C18FFD000
unkown
page read and write
 clean
14C170B7000
unkown
page read and write
 clean
7FF503BAC000
unkown
page readonly
 clean
14C170BC000
unkown
page read and write
 clean
1446E646000
unkown
page read and write
 clean
7FF5B217C000
unkown
page readonly
 clean
7FF503C1F000
unkown
page readonly
 clean
7FF52D6CA000
unkown
page readonly
 clean
27C49C54000
unkown
page read and write
 clean
14C17126000
unkown
page read and write
 clean
14C18F2E000
unkown
page read and write
 clean
14C1904F000
unkown
page read and write
 clean
27C49D13000
unkown
page read and write
 clean
7FF5B219A000
unkown
page readonly
 clean
14C19142000
unkown
page read and write
 clean
7FF5B1F0B000
unkown
page readonly
 clean
14C18F44000
unkown
page read and write
 clean
1446E657000
unkown
page read and write
 clean
14C18DE0000
unkown
page read and write
 clean
21C02A29000
unkown
page read and write
 clean
7FF51A46F000
unkown
page readonly
 clean
7FF5E74A7000
unkown
page readonly
 clean
7FF51A740000
unkown
page readonly
 clean
21C028E0000
heap private
page read and write
 clean
E93550B000
unkown
page read and write
 clean
39F88FB000
unkown
page read and write
 clean
7FF5B2167000
unkown
page readonly
 clean
21C02B00000
unkown
page read and write
 clean
7FF52D6C4000
unkown
page readonly
 clean
7FF52D34F000
unkown
page readonly
 clean
7FF57696A000
unkown
page readonly
 clean
14C19182000
unkown
page read and write
 clean
DE634FB000
unkown
page read and write
 clean
7FF5B2150000
unkown
page readonly
 clean
39F8D7B000
unkown
page read and write
 clean
7FF52D6AC000
unkown
page readonly
 clean
21C02A75000
unkown
page read and write
 clean
14C17094000
unkown
page read and write
 clean
14C190E4000
unkown
page read and write
 clean
7FF51A5C1000
unkown
page readonly
 clean
14C17127000
unkown
page read and write
 clean
7FF52D6DE000
unkown
page readonly
 clean
7FF51A819000
unkown
page readonly
 clean
14C18F2E000
unkown
page read and write
 clean
7FF5E7373000
unkown
page readonly
 clean
14C17000000
unkown
page read and write
 clean
14C19056000
unkown
page read and write
 clean
21C02A56000
unkown
page read and write
 clean
1A83A302000
unkown
page read and write
 clean
7FF5E747B000
unkown
page readonly
 clean
14C19210000
unkown
page read and write
 clean
1A83A200000
unkown
page read and write
 clean
21C04570000
unkown
page readonly
 clean
39F8BFA000
unkown
page read and write
 clean
7FF52D76A000
unkown
page readonly
 clean
7FF52D680000
unkown
page readonly
 clean
7FF5B21BE000
unkown
page readonly
 clean
14C18F2E000
unkown
page read and write
 clean
7FF5E736B000
unkown
page readonly
 clean
7FF5766F7000
unkown
page readonly
 clean
7FF5769CA000
unkown
page readonly
 clean
14C17067000
unkown
page read and write
 clean
27C49C00000
unkown
page read and write
 clean
14C18F52000
unkown
page read and write
 clean
14C18F52000
unkown
page read and write
 clean
1A83A150000
unkown
page readonly
 clean
7FF52D6F1000
unkown
page readonly
 clean
7FF503B24000
unkown
page readonly
 clean
14C1904B000
unkown
page read and write
 clean
7FF5B223A000
unkown
page readonly
 clean
27C49AB0000
unkown
page readonly
 clean
7FF503B13000
unkown
page readonly
 clean
21C02CD0000
unkown
page readonly
 clean
1446E64F000
unkown
page read and write
 clean
7FF51A811000
unkown
page readonly
 clean
7FF51A7B7000
unkown
page readonly
 clean
14C17113000
unkown
page read and write
 clean
7FF5E72C9000
unkown
page readonly
 clean
14C17074000
unkown
page read and write
 clean
39F8FFB000
unkown
page read and write
 clean
14C18F52000
unkown
page read and write
 clean
21C02B02000
unkown
page read and write
 clean
7FF52D588000
unkown
page readonly
 clean
39F87FA000
unkown
page read and write
 clean
7FF52D6F9000
unkown
page readonly
 clean
14C18FFD000
unkown
page read and write
 clean
14C18F26000
unkown
page read and write
 clean
20978A50000
unkown
page readonly
 clean
1A83A0E0000
heap private
page read and write
 clean
27C8D9B000
unkown
page read and write
 clean
7FF51A6A8000
unkown
page readonly
 clean
7FF51A891000
unkown
page readonly
 clean
7FF5B2242000
unkown
page readonly
 clean
DE6397F000
unkown
page read and write
 clean
14C18F52000
unkown
page read and write
 clean
14C1A310000
unkown
page read and write
 clean
14C1713A000
unkown
page read and write
 clean
14C170B8000
unkown
page read and write
 clean
39F917B000
unkown
page read and write
 clean
27C49C35000
unkown
page read and write
 clean
27C49B80000
unkown
page write copy
 clean
14C17147000
unkown
page read and write
 clean
20978730000
unkown
page readonly
 clean
1446E600000
unkown
page read and write
 clean
39F847E000
unkown
page read and write
 clean
7FF503BC0000
unkown
page readonly
 clean
2097A210000
unkown
page read and write
 clean
7FF51A7AB000
unkown
page readonly
 clean
1446EC70000
unkown
page read and write
 clean
7FF576A72000
unkown
page readonly
 clean
1446E679000
unkown
page read and write
 clean
7FF5B21C9000
unkown
page readonly
 clean
7FF503795000
unkown
page readonly
 clean
7FF503C14000
unkown
page readonly
 clean
14C18F95000
unkown
page read and write
 clean
1A83A140000
heap default
page read and write
 clean
7FF5E7487000
unkown
page readonly
 clean
7FF5E7475000
unkown
page readonly
 clean
21C02A13000
unkown
page read and write
 clean
7FF5E712C000
unkown
page readonly
 clean
14C1706F000
unkown
page read and write
 clean
27C93F7000
unkown
page read and write
 clean
14C18FDF000
unkown
page read and write
 clean
7FF503ABB000
unkown
page readonly
 clean
7FF503ABE000
unkown
page readonly
 clean
7FF52D6E8000
unkown
page readonly
 clean
14C19240000
unkown
page readonly
 clean
7FF503C0A000
unkown
page readonly
 clean
14C170BA000
unkown
page read and write
 clean
14C1706E000
unkown
page read and write
 clean
7FF5769DF000
unkown
page readonly
 clean
7FF503BAA000
unkown
page readonly
 clean
7FF52D357000
unkown
page readonly
 clean
7FF503C28000
unkown
page readonly
 clean
7FF5E7470000
unkown
page readonly
 clean
7FF52CEDD000
unkown
page readonly
 clean
3C684FA000
unkown
page read and write
 clean
7FF503408000
unkown
page readonly
 clean
7FF5E7410000
unkown
page readonly
 clean
14C170B7000
unkown
page read and write
 clean
14C170B7000
unkown
page read and write
 clean
14C170B8000
unkown
page read and write
 clean
14C1708B000
unkown
page read and write
 clean
39F89F9000
unkown
page read and write
 clean
20978913000
unkown
page read and write
 clean
7FF5E746E000
unkown
page readonly
 clean
1446F000000
unkown
page readonly
 clean
3C681CE000
unkown
page read and write
 clean
21C02950000
unkown
page write copy
 clean
27C96FA000
unkown
page read and write
 clean
7FF5E74C4000
unkown
page readonly
 clean
14C19542000
unkown
page read and write
 clean
1A83A25E000
unkown
page read and write
 clean
7FF519FFD000
unkown
page readonly
 clean
14C18DE0000
unkown
page read and write
 clean
14C16E10000
heap default
page read and write
 clean
14C18F52000
unkown
page read and write
 clean
7FF503B2C000
unkown
page readonly
 clean
39F8F7A000
unkown
page read and write
 clean
14C18DE0000
unkown
page read and write
 clean
14C18F7C000
unkown
page read and write
 clean
7FF5B2058000
unkown
page readonly
 clean
7FF5B21C6000
unkown
page readonly
 clean
1A83A270000
unkown
page read and write
 clean
7FF503A63000
unkown
page readonly
 clean
39F8DFC000
unkown
page read and write
 clean
7FF51A5C5000
unkown
page readonly
 clean
14C17092000
unkown
page read and write
 clean
7FF5E74E9000
unkown
page readonly
 clean
14C18F2C000
unkown
page read and write
 clean
7FF52D6AF000
unkown
page readonly
 clean
7FF5B2194000
unkown
page readonly
 clean
14C18E02000
unkown
page read and write
 clean
7FF503BBA000
unkown
page readonly
 clean
7FF503BCB000
unkown
page readonly
 clean
14C170BB000
unkown
page read and write
 clean
14C170B8000
unkown
page read and write
 clean
There are 663 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
http://www.tonhc.org/wp-content/uploads/2021/02/Cafe-Closed.png
 clean
http://www.tonhc.org/for-patients/
 clean
http://www.tonhc.org/about/
 clean
https://phr.ihs.gov/phr/PHRLogin
 clean
http://www.tonhc.org/coronavirus/
 clean
http://www.tonhc.org/facilities/san-xavier/
 clean
http://www.tonhc.org/facilities/sant-rosa/
 clean
http://www.tonhc.org/mission/
 clean
http://www.tonhc.org/facilities/
 clean
http://www.tonhc.org/facilities/san-simon/
 clean
http://www.tonhc.org/facilities/sells-hospital/
 clean
http://www.tonhc.org/contact/
 clean
There are 2 hidden doms, click here to show them.