IOC Report

loading gif

Files

File Path
Type
Category
Malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\1837ecff-5e5a-4033-9e18-7ef94b7eef92.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\5b231744-d8fa-4c65-917b-7cae7c268afa.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\8db27bc6-d5d5-4c6c-b3ea-51443f8e84ac.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\111e5dd8-eb32-400a-ae1a-22368835e8db.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2351f73b-86e3-447d-b395-1642a49709d8.tmp
ASCII text, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\235f80c1-db1e-45dd-99f4-d11d71e361c4.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\41d144ae-4008-4e10-b28e-dfd54233fae4.tmp
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\543397b8-239f-4f46-81c2-0f9ef2e9226a.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5873d695-5917-4f33-9b23-ebe665f6d49e.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5a3c55da-f4c5-4469-916f-154d0f404b07.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5d74a5e0-67b8-4b10-901d-91a3f25e503f.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5fc6cbaa-7ba7-46a3-9918-2c987a9bc4fc.tmp
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6acd9fc2-3116-4d37-a0f8-081b9c9946ae.tmp
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\72788ab7-25dd-469d-988e-9fece568141e.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\72f3604a-5bba-4a18-9654-b60d947b9937.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8753a900-33bc-4155-86e1-5fb737748c1a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\91730bab-7947-4e87-88ff-27de6d634ff2.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent Stateg. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesN (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\ (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesgS (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\46843118-9f5e-4e5f-9954-5040b9482d39.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State.. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\5d5e7a01-bb7b-4d8e-9fcb-a852124f4262.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity.\ (copy)
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a4c0fa6b-9e97-45f4-8dd0-196cc5adbdfa.tmp
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bfa54e18-47a5-4026-816e-e4059261d05b.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c152d666-b2f3-4c0f-b7ae-4561eda32770.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENTMP (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State/ (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Stateg (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachetk (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\cb8f8bea-41a7-4eb9-8060-9f6be239da32.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\d1f50860-9f90-4626-ae64-3363e7b0b9af.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\d2832dab-5981-4eaf-814f-1cf9fefbfc35.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\f33c40c3-bb5e-4a9a-8970-ff71590701bc.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\f45c86f6-904f-4d1a-b7fc-1d86cb58a7b7.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\f9001ab0-ea0e-4030-a45a-4743263eb42a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\309a40af-5428-45dd-bfc9-830a342fc9ed.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\3e7649c3-da29-4f8f-9d72-bf00e259f0ef.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\_platform_specific\x86_64\pnacl_public_pnacl_json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\4596_1282596244\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\d1b0d705-a5dd-4132-a556-412e16996de5.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\e73bced8-7455-4925-8ef0-1614a3762a00.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\309a40af-5428-45dd-bfc9-830a342fc9ed.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
modified
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_2062520457\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\fil\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\fr\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\gu\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\hi\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\hr\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\hu\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\id\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\it\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\iw\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\ja\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\kn\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\ko\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\lt\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\lv\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\ml\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\mr\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\ms\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\nb\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\nl\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\pl\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\pt\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\ro\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\ru\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\sk\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\sl\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\sr\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\sv\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\sw\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\ta\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\te\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\th\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\tr\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\uk\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\vi\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\zh\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_locales\zh_TW\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\angular.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\background_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\cast_sender.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\feedback.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\feedback.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\feedback_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\material_css_min.css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\mirroring_cast_streaming.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\mirroring_common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\mirroring_hangouts.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\CRX_INSTALL\mirroring_webrtc.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4596_259286544\d1b0d705-a5dd-4132-a556-412e16996de5.tmp
Google Chrome extension, version 3
dropped
 clean
There are 188 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://microshared543636.typeform.com/to/txSKYy
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1568,12106272848651701045,6702610312359902552,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1956 /prefetch:8
clean

URLs

Name
IP
Malicious
https://microshared543636.typeform.com/to/txSKYy
malicious
https://www.typeform.com/_next/static/chunks/882-8ea2366f497642b25852.js
18.65.64.24
 clean
https://apis.google.com/js/client.js
unknown
 clean
https://www.typeform.com/_next/static/chunks/194-327ac16dab54d8b60946.js
18.65.64.24
 clean
https://crash.corp.google.com/samples?reportid=&q=
unknown
 clean
https://www.typeform.com/_next/static/chunks/main-48b95177a61b4552e01a.js
18.65.64.24
 clean
https://public-assets.typeform.com/public/favicon/site.webmanifest
18.65.64.30
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
unknown
 clean
https://preprod-hangouts-googleapis.sandbox.google.com
unknown
 clean
https://www.google.com
unknown
 clean
https://images.typeform.com/images/jYBpD7L85aiM/image/default-firstframe.png
18.65.82.32
 clean
https://www.typeform.com/_next/static/chunks/813-b77099f2cfc442e6929c.js
18.65.64.24
 clean
https://hangouts.google.com/hangouts/_/logpref
unknown
 clean
https://renderer-assets.typeform.com/modern-form.0cc1e3dfded30cf9cd58.js
18.65.82.25
 clean
https://images.ctfassets.net/co0pvta7hzrh/3m5IQVUmcoVW29tuBv1DSX/625651cc2b774c4e09629615d90980d3/customize.png
18.65.82.47
 clean
https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
18.65.68.126
 clean
https://public-assets.typeform.com/public/integrations/slack.svg
18.65.64.30
 clean
https://public-assets.typeform.com/public/integrations/integration-hubspot.png
18.65.64.30
 clean
https://creativecommons.org/publicdomain/zero/1.0/.
unknown
 clean
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
 clean
https://github.com/madler/zlib/blob/master/zlib.h
unknown
 clean
https://www.typeform.com/_next/static/chunks/973-3c0ea965c9c3dff5b14d.js
18.65.64.24
 clean
https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js
104.16.149.64
 clean
https://www.typeform.com/pricing/
clean
https://www.google.com/tools/feedback
unknown
 clean
https://dns.google
unknown
 clean
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
 clean
https://www.typeform.com/
clean
https://www.datadoghq-browser-agent.com/datadog-rum-slim-v3.js
18.65.62.64
 clean
https://support.google.com/chromecast/troubleshooter/2995236
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
unknown
 clean
https://admin.typeform.com/login
clean
https://font.typeform.com/dist/font.css
13.225.93.3
 clean
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
216.58.212.174
 clean
https://payments.google.com/payments/v4/js/integrator.js
unknown
 clean
https://www.google.com;
unknown
 clean
https://www.typeform.com/_next/static/chunks/pages/_app-9f183d4f9f4e4eb3ae9b.js
18.65.64.24
 clean
https://font.typeform.com/dist/fonts/apercu/ApercuPro-Bold.woff2
13.225.93.3
 clean
https://www.google.com/images/x2.gif
unknown
 clean
https://images.ctfassets.net/co0pvta7hzrh/1sFeX1PXOBZwVZ5TVQtjDL/990050965b52398d260716c13310c71d/Alivia.png
18.65.82.47
 clean
https://images.ctfassets.net/co0pvta7hzrh/2TlQFV0M5WSLPn6wWhtJBg/25381172ad62ca14a8a7c72e776f37ae/templates.png
18.65.82.47
 clean
https://www.typeform.com/_next/static/chunks/103-9ede3b647a66a478c7a0.js
18.65.64.24
 clean
https://www.typeform.com/_next/static/chunks/pages/%5B...slugs%5D-d28c3b1a5ded19bcf7e0.js
18.65.64.24
 clean
https://www.google.com/images/dot2.gif
unknown
 clean
https://www.typeform.com/_next/static/chunks/885-76ff89e216d2c4416f2d.js
18.65.64.24
 clean
https://play.google.com/log?format=json&hasfast=true
unknown
 clean
https://cdn.rollbar.com/rollbarjs/refs/tags/v2.23.0/rollbar.min.js
18.65.61.51
 clean
http://tools.ietf.org/html/rfc1950
unknown
 clean
https://images.ctfassets.net/co0pvta7hzrh/6OTS02vENuqUrrsrWRRrbL/c4eec34a438f02bcf1f33bb80a511f40/Beardbrand.png
18.65.82.47
 clean
https://docs.google.com
unknown
 clean
https://cdn.cookielaw.org/consent/dc37179a-4de5-4648-bd8f-2f087ec53cbd/dc37179a-4de5-4648-bd8f-2f087ec53cbd.json
104.16.149.64
 clean
https://www.google.com/
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://font.typeform.com/dist/fonts/apercu/ApercuPro-Light.woff2
13.225.93.3
 clean
https://font.typeform.com/dist/fonts/apercu/ApercuPro-Medium.woff2
13.225.93.3
 clean
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.149.64
 clean
https://clients6.google.com
unknown
 clean
https://www.typeform.com/_next/static/A1HM_cww4OEuriWmnGGVb/_ssgManifest.js
18.65.64.24
 clean
https://public-assets.typeform.com/public/integrations/zapier.svg
18.65.64.30
 clean
https://d3m6p8tvnbsibq.cloudfront.net/shared-modules/images/sprites-social-negative.svg
18.65.82.127
 clean
https://public-assets.typeform.com/public/integrations/integration-google-sheets.png
18.65.64.30
 clean
https://renderer-assets.typeform.com/modern-vendors~form.2bb59cae86ae10d2c557.js
18.65.82.25
 clean
https://www.google.com/images/cleardot.gif
unknown
 clean
https://api.segment.io/v1/i
52.89.176.216
 clean
https://www.google.com/log?format=json&hasfast=true
unknown
 clean
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.20.185.68
 clean
https://images.typeform.com/images/jYBpD7L85aiM/image/default
18.65.82.32
 clean
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
 clean
https://api.segment.io/v1/t
52.89.176.216
 clean
https://accounts.google.com/MergeSession
unknown
 clean
https://www.typeform.com/_next/static/chunks/webpack-3994f9042d632b70924a.js
18.65.64.24
 clean
https://www.typeform.com/_next/static/A1HM_cww4OEuriWmnGGVb/_buildManifest.js
18.65.64.24
 clean
https://hangouts.clients6.google.com
unknown
 clean
https://meet.google.com
unknown
 clean
https://accounts.google.com
unknown
 clean
https://clients2.google.com/cr/report
unknown
 clean
http://angularjs.org
unknown
 clean
https://images.ctfassets.net/co0pvta7hzrh/3hb6dm0xSsNiICv9S0T00D/60e5b81404aa615f526f10c5ff0d33a3/Curlmix.png
18.65.82.47
 clean
https://github.com/angular/material
unknown
 clean
https://apis.google.com
unknown
 clean
https://renderer-assets.typeform.com/modern-renderer.67585db8ded9b95d19cc.js
18.65.82.25
 clean
https://www-googleapis-staging.sandbox.google.com
unknown
 clean
https://clients2.google.com
unknown
 clean
https://www.typeform.com/enterprise/
clean
https://public-assets.typeform.com/public/integrations/salesforce.svg
18.65.64.30
 clean
http://www.apache.org/licenses/LICENSE-2.0
unknown
 clean
https://www.google.com/intl/en-US/chrome/blank.html
unknown
 clean
https://ogs.google.com
unknown
 clean
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=default%2CObject.assign%2CObject.entries%2CObject.values%2CWeakSet%2CArray.prototype.includes%2CArray.prototype.find%2CIntersectionObserver
151.101.193.26
 clean
https://microshared543636.typeform.com/to/txSKYy2
unknown
 clean
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
142.250.184.237
 clean
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
unknown
 clean
https://hangouts.google.com/
unknown
 clean
https://images.ctfassets.net/co0pvta7hzrh/4rzpdRgOXAOfwCsMVmCmpk/fadb1291a846679eaf494e991ddb31a2/logic-jumps.png
18.65.82.47
 clean
https://public-assets.typeform.com/public/favicon/favicon.ico
18.65.64.30
 clean
https://config.trackingplan.com/config-TP338620.json
18.65.64.26
 clean
http://llvm.org/):
unknown
 clean
https://meetings.clients6.google.com
unknown
 clean
https://code.google.com/p/nativeclient/issues/entry%s:
unknown
 clean
https://www.typeform.com/_next/static/chunks/825-4d40edd03c4149499a19.js
18.65.64.24
 clean
https://code.google.com/p/nativeclient/issues/entry
unknown
 clean
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
d3orhvfyxudxxq.cloudfront.net
18.65.82.47
 clean
d2citsn5wf4j9j.cloudfront.net
18.65.82.25
 clean
d296je7bbdd650.cloudfront.net
18.65.68.126
 clean
d2cjrwb117kaxb.cloudfront.net
18.65.64.8
 clean
cdnjs.cloudflare.com
104.16.18.94
 clean
api.segment.io
52.89.176.216
 clean
polyfill.io
151.101.193.26
 clean
ok11-crtr-custom-domains-cd76c2bd4d92725a.elb.us-east-2.amazonaws.com
3.15.36.195
 clean
d37gvrvc0wt4s1.cloudfront.net
18.65.61.51
 clean
accounts.google.com
142.250.184.237
 clean
www-google-analytics.l.google.com
172.217.18.110
 clean
www-googletagmanager.l.google.com
142.250.186.168
 clean
d19fvy74nkvmoz.cloudfront.net
18.65.64.26
 clean
dna8twue3dlxq.cloudfront.net
18.65.64.88
 clean
d2p6vz8nayi9a3.cloudfront.net
18.65.64.30
 clean
d2q0tm6nh3syda.cloudfront.net
18.65.64.24
 clean
pixel.streetmetrics.io
172.67.166.95
 clean
d3m6p8tvnbsibq.cloudfront.net
13.225.93.3
 clean
www.datadoghq-browser-agent.com
18.65.62.64
 clean
us2-events-2-1917544754.us-west-2.elb.amazonaws.com
52.26.89.215
 clean
clients.l.google.com
216.58.212.174
 clean
d2nvsmtq2poimt.cloudfront.net
18.65.82.32
 clean
cdn.cookielaw.org
104.16.149.64
 clean
geolocation.onetrust.com
104.20.185.68
 clean
googlehosted.l.googleusercontent.com
216.58.212.161
 clean
cdn.rollbar.com
unknown
 clean
clients2.googleusercontent.com
unknown
 clean
cdn.segment.com
unknown
 clean
clients2.google.com
unknown
 clean
microshared543636.typeform.com
unknown
 clean
renderer-assets.typeform.com
unknown
 clean
www.typeform.com
unknown
 clean
endpoint2.collection.us2.sumologic.com
unknown
 clean
admin.typeform.com
unknown
 clean
images.ctfassets.net
unknown
 clean
images.typeform.com
unknown
 clean
public.profitwell.com
unknown
 clean
auth.typeform.com
unknown
 clean
config.trackingplan.com
unknown
 clean
font.typeform.com
unknown
 clean
public-assets.typeform.com
unknown
 clean
fast.wistia.net
unknown
 clean
There are 32 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
18.65.82.127
unknown
United States
clean
192.168.2.7
unknown
unknown
clean
18.65.64.8
d2cjrwb117kaxb.cloudfront.net
United States
clean
52.89.176.216
api.segment.io
United States
clean
18.65.82.25
d2citsn5wf4j9j.cloudfront.net
United States
clean
18.65.82.47
d3orhvfyxudxxq.cloudfront.net
United States
clean
18.65.64.30
d2p6vz8nayi9a3.cloudfront.net
United States
clean
216.58.212.174
clients.l.google.com
United States
clean
172.217.18.110
www-google-analytics.l.google.com
United States
clean
104.16.18.94
cdnjs.cloudflare.com
United States
clean
172.67.166.95
pixel.streetmetrics.io
United States
clean
151.101.193.26
polyfill.io
United States
clean
18.65.68.126
d296je7bbdd650.cloudfront.net
United States
clean
52.26.89.215
us2-events-2-1917544754.us-west-2.elb.amazonaws.com
United States
clean
104.16.149.64
cdn.cookielaw.org
United States
clean
18.65.64.26
d19fvy74nkvmoz.cloudfront.net
United States
clean
18.65.82.32
d2nvsmtq2poimt.cloudfront.net
United States
clean
18.65.62.64
www.datadoghq-browser-agent.com
United States
clean
104.20.185.68
geolocation.onetrust.com
United States
clean
239.255.255.250
unknown
Reserved
clean
18.65.64.88
dna8twue3dlxq.cloudfront.net
United States
clean
18.65.64.24
d2q0tm6nh3syda.cloudfront.net
United States
clean
142.250.184.237
accounts.google.com
United States
clean
216.58.212.161
googlehosted.l.googleusercontent.com
United States
clean
18.65.61.51
d37gvrvc0wt4s1.cloudfront.net
United States
clean
142.250.186.168
www-googletagmanager.l.google.com
United States
clean
3.15.36.195
ok11-crtr-custom-domains-cd76c2bd4d92725a.elb.us-east-2.amazonaws.com
United States
clean
13.225.93.3
d3m6p8tvnbsibq.cloudfront.net
United States
clean
127.0.0.1
unknown
unknown
clean
There are 20 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Microsoft\Speech\Voices
DefaultTokenId
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
 clean
There are 32 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF564F13000
unkown image
page readonly
 clean
7DF56ADD0000
unkown image
page readonly
 clean
7DF5A6430000
unkown image
page readonly
 clean
7FF590AEF000
unkown image
page readonly
 clean
275D4600000
unkown image
page readonly
 clean
7DF57A930000
unkown image
page readonly
 clean
7DF528952000
unkown image
page readonly
 clean
29F807C000
unkown
page read and write
 clean
7FF564F63000
unkown image
page readonly
 clean
7FF564AF8000
unkown image
page readonly
 clean
29F80FE000
stack
page read and write
 clean
19E4AFA0000
unkown
page read and write
 clean
275D4090000
unkown image
page readonly
 clean
275D4275000
unkown
page read and write
 clean
275D4246000
unkown
page read and write
 clean
7FF590A7A000
unkown image
page readonly
 clean
19E4AEE0000
unkown
page read and write
 clean
12D9F560000
heap default
page read and write
 clean
19E4AE50000
unkown
page read and write
 clean
19E4B102000
unkown
page read and write
 clean
7FF564FD8000
unkown image
page readonly
 clean
7FF590A69000
unkown image
page readonly
 clean
12D9F649000
unkown
page read and write
 clean
275D4264000
unkown
page read and write
 clean
7FF4EAE3F000
unkown image
page readonly
 clean
12D9F600000
unkown
page read and write
 clean
12D9FC50000
unkown image
page readonly
 clean
7FF56501F000
unkown image
page readonly
 clean
275D4231000
unkown
page read and write
 clean
7DF5A6422000
unkown image
page readonly
 clean
7FF564E75000
unkown image
page readonly
 clean
19E4AE10000
unkown
page read and write
 clean
275D4265000
unkown
page read and write
 clean
7FF564AE3000
unkown image
page readonly
 clean
19E4AE11000
unkown
page read and write
 clean
12D9F510000
unkown image
page readonly
 clean
275D423D000
unkown
page read and write
 clean
7DF5C9450000
unkown image
page readonly
 clean
275D4276000
unkown
page read and write
 clean
1B0AB440000
unkown image
page readonly
 clean
19E4AE40000
unkown
page read and write
 clean
7FF590A3C000
unkown image
page readonly
 clean
12D9F64A000
unkown
page read and write
 clean
275D4400000
unkown image
page readonly
 clean
19E4AF70000
unkown
page read and write
 clean
7FF590A73000
unkown image
page readonly
 clean
7FF564486000
unkown image
page readonly
 clean
275D4262000
unkown
page read and write
 clean
275D4259000
unkown
page read and write
 clean
7FF564E94000
unkown image
page readonly
 clean
12D9F540000
unkown image
page readonly
 clean
7FF56446F000
unkown image
page readonly
 clean
7DF57A920000
unkown image
page readonly
 clean
275D4302000
unkown
page read and write
 clean
29F867D000
stack
page read and write
 clean
20836A20000
unkown image
page readonly
 clean
12D9F570000
unkown image
page readonly
 clean
19E4AFA0000
unkown
page read and write
 clean
19E4B0FC000
unkown
page read and write
 clean
7FF564E0E000
unkown image
page readonly
 clean
C99B1DB000
unkown
page read and write
 clean
7FF56500E000
unkown image
page readonly
 clean
C99B97F000
stack
page read and write
 clean
7FF5907E3000
unkown image
page readonly
 clean
7FF564FFD000
unkown image
page readonly
 clean
7FF564F55000
unkown image
page readonly
 clean
275D427A000
unkown
page read and write
 clean
7DF500740000
unkown image
page readonly
 clean
275D4080000
unkown image
page readonly
 clean
19E46118000
unkown
page read and write
 clean
19E4B11F000
unkown
page read and write
 clean
7DF5A6440000
unkown image
page readonly
 clean
C99B67E000
stack
page read and write
 clean
275D4213000
unkown
page read and write
 clean
7DF57A920000
unkown image
page readonly
 clean
7FF590B2F000
unkown image
page readonly
 clean
C99B4FE000
stack
page read and write
 clean
12D9F64E000
unkown
page read and write
 clean
7FF565004000
unkown image
page readonly
 clean
19E4AE31000
unkown
page read and write
 clean
19E4AFA0000
unkown
page read and write
 clean
19E46159000
unkown
page read and write
 clean
275D426E000
unkown
page read and write
 clean
12D9F510000
unkown image
page readonly
 clean
7FF590B1E000
unkown image
page readonly
 clean
19E4AE54000
unkown
page read and write
 clean
7FF5554CF000
unkown image
page readonly
 clean
7FF564F2C000
unkown image
page readonly
 clean
275D4240000
unkown
page read and write
 clean
12D9F688000
unkown
page read and write
 clean
275D426C000
unkown
page read and write
 clean
7FF564FEB000
unkown image
page readonly
 clean
7FF590B2F000
unkown image
page readonly
 clean
7FF590A48000
unkown image
page readonly
 clean
275D424E000
unkown
page read and write
 clean
7DF5A6422000
unkown image
page readonly
 clean
C99B77F000
stack
page read and write
 clean
7DF57A922000
unkown image
page readonly
 clean
19E45760000
unkown image
page readonly
 clean
12D9F8D0000
unkown image
page readonly
 clean
20836BA0000
unkown
page read and write
 clean
C99B47E000
stack
page read and write
 clean
12D9F663000
unkown
page read and write
 clean
19E4B121000
unkown
page read and write
 clean
1B0AB661000
unkown
page read and write
 clean
7DF57A912000
unkown image
page readonly
 clean
12D9F530000
unkown image
page readonly
 clean
7DF56ADE0000
unkown image
page readonly
 clean
7FF564DEE000
unkown image
page readonly
 clean
7FF564F85000
unkown image
page readonly
 clean
12D9FE02000
unkown
page read and write
 clean
29F837B000
stack
page read and write
 clean
7FF564F17000
unkown image
page readonly
 clean
7FF564FDF000
unkown image
page readonly
 clean
7DF5A6440000
unkown image
page readonly
 clean
275D4245000
unkown
page read and write
 clean
7FF5908CD000
unkown image
page readonly
 clean
19E46118000
unkown
page read and write
 clean
275D423A000
unkown
page read and write
 clean
7DF500750000
unkown image
page readonly
 clean
275D427F000
unkown
page read and write
 clean
7DF5A6420000
unkown image
page readonly
 clean
275D4261000
unkown
page read and write
 clean
19E4AE1E000
unkown
page read and write
 clean
7DF57A910000
unkown image
page readonly
 clean
C99B87E000
stack
page read and write
 clean
275D427E000
unkown
page read and write
 clean
12D9F63C000
unkown
page read and write
 clean
7FF56501B000
unkown image
page readonly
 clean
19E4B0FB000
unkown
page read and write
 clean
7FF590A27000
unkown image
page readonly
 clean
19E4B102000
unkown
page read and write
 clean
12D9F64C000
unkown
page read and write
 clean
7DF5C9460000
unkown image
page readonly
 clean
7DF5A6430000
unkown image
page readonly
 clean
275D4263000
unkown
page read and write
 clean
7FF56500B000
unkown image
page readonly
 clean
7FF5902C0000
unkown image
page readonly
 clean
7FF590A65000
unkown image
page readonly
 clean
12D9F67A000
unkown
page read and write
 clean
29F817E000
stack
page read and write
 clean
7FF51304F000
unkown image
page readonly
 clean
7DF528942000
unkown image
page readonly
 clean
7DF5A6432000
unkown image
page readonly
 clean
12D9F613000
unkown
page read and write
 clean
275D4257000
unkown
page read and write
 clean
12D9FAD0000
unkown image
page readonly
 clean
7FF564469000
unkown image
page readonly
 clean
19E4B119000
unkown
page read and write
 clean
12D9F708000
unkown
page read and write
 clean
275D425A000
unkown
page read and write
 clean
7FF564CD3000
unkown image
page readonly
 clean
19E4B115000
unkown
page read and write
 clean
7DF528940000
unkown image
page readonly
 clean
275D4242000
unkown
page read and write
 clean
29F857F000
stack
page read and write
 clean
275D4241000
unkown
page read and write
 clean
275D4232000
unkown
page read and write
 clean
7DF528950000
unkown image
page readonly
 clean
275D41B0000
unkown
page read and write
 clean
19E4B104000
unkown
page read and write
 clean
7DF57A912000
unkown image
page readonly
 clean
19E4AE34000
unkown
page read and write
 clean
12D9F64B000
unkown
page read and write
 clean
7DF57A922000
unkown image
page readonly
 clean
7FF590AFB000
unkown image
page readonly
 clean
7DF57A930000
unkown image
page readonly
 clean
19E4B104000
unkown
page read and write
 clean
7FF58FF95000
unkown image
page readonly
 clean
19E46159000
unkown
page read and write
 clean
7DF4787E0000
unkown image
page readonly
 clean
7FF590B1B000
unkown image
page readonly
 clean
7DF5C9452000
unkown image
page readonly
 clean
7FF564FE6000
unkown image
page readonly
 clean
12D9F652000
unkown
page read and write
 clean
275D4200000
unkown
page read and write
 clean
19E4AF60000
unkown
page read and write
 clean
275D427B000
unkown
page read and write
 clean
275D4270000
unkown
page read and write
 clean
275D425C000
unkown
page read and write
 clean
7FF5B3B4F000
unkown image
page readonly
 clean
12D9F702000
unkown
page read and write
 clean
7FF590AF6000
unkown image
page readonly
 clean
7FF590A5D000
unkown image
page readonly
 clean
275D4285000
unkown
page read and write
 clean
20836BA0000
unkown
page read and write
 clean
7FF564F4D000
unkown image
page readonly
 clean
7FF564F38000
unkown image
page readonly
 clean
275D4A02000
unkown
page read and write
 clean
12D9F650000
unkown
page read and write
 clean
275D4268000
unkown
page read and write
 clean
7FF590B14000
unkown image
page readonly
 clean
19E4AE10000
unkown
page read and write
 clean
19E4B102000
unkown
page read and write
 clean
12D9F590000
unkown
page read and write
 clean
12D9F700000
unkown
page read and write
 clean
275D4040000
unkown image
page read and write
 clean
19E46118000
unkown
page read and write
 clean
7FF564E33000
unkown image
page readonly
 clean
7DF5A6420000
unkown image
page readonly
 clean
275D4260000
unkown
page read and write
 clean
19E4B102000
unkown
page read and write
 clean
275D4060000
unkown image
page readonly
 clean
275D4258000
unkown
page read and write
 clean
7FF590B2B000
unkown image
page readonly
 clean
275D423B000
unkown
page read and write
 clean
275D4780000
unkown image
page readonly
 clean
275D4247000
unkown
page read and write
 clean
7FF56501F000
unkown image
page readonly
 clean
7FF564DE3000
unkown image
page readonly
 clean
275D40B0000
heap default
page read and write
 clean
12D9F629000
unkown
page read and write
 clean
7FF564F59000
unkown image
page readonly
 clean
12D9F713000
unkown
page read and write
 clean
7FF564F6A000
unkown image
page readonly
 clean
12D9F627000
unkown
page read and write
 clean
19E4AE18000
unkown
page read and write
 clean
7DF56ADC2000
unkown image
page readonly
 clean
7FF590A95000
unkown image
page readonly
 clean
275D427C000
unkown
page read and write
 clean
7DF5A6432000
unkown image
page readonly
 clean
7FF564AE9000
unkown image
page readonly
 clean
29F827B000
stack
page read and write
 clean
275D426A000
unkown
page read and write
 clean
19E4B0F9000
unkown
page read and write
 clean
7DF500732000
unkown image
page readonly
 clean
7DF528960000
unkown image
page readonly
 clean
275D425F000
unkown
page read and write
 clean
20836BA0000
unkown
page read and write
 clean
12D9F500000
heap private
page read and write
 clean
7DF500742000
unkown image
page readonly
 clean
7DF5C9442000
unkown image
page readonly
 clean
29F8477000
stack
page read and write
 clean
7DF57A910000
unkown image
page readonly
 clean
19E4B0F9000
unkown
page read and write
 clean
7FF590AE8000
unkown image
page readonly
 clean
7FF564DBD000
unkown image
page readonly
 clean
7FF590B00000
unkown image
page readonly
 clean
1EAB0040000
unkown image
page readonly
 clean
7FF564F27000
unkown image
page readonly
 clean
7DF4A42F0000
unkown image
page readonly
 clean
275D4244000
unkown
page read and write
 clean
275D4060000
unkown image
page readonly
 clean
19E4B0FE000
unkown
page read and write
 clean
275D4229000
unkown
page read and write
 clean
7FF564FF0000
unkown image
page readonly
 clean
275D4050000
heap private
page read and write
 clean
12D9F64F000
unkown
page read and write
 clean
275D4190000
unkown image
page readonly
 clean
7DF56ADD2000
unkown image
page readonly
 clean
7DF56ADC0000
unkown image
page readonly
 clean
7DF500730000
unkown image
page readonly
 clean
7FF564E6F000
unkown image
page readonly
 clean
7DF5C9440000
unkown image
page readonly
 clean
12D9F4F0000
unkown image
page read and write
 clean
There are 245 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://microshared543636.typeform.com/to/txSKYy
 malicious
https://www.typeform.com/explore/?utm_campaign=txSKYy&utm_source=typeform.com-15446240-free&utm_medium=typeform&utm_content=typeform-footer&utm_term=EN
 clean
https://www.typeform.com/
 clean
https://www.typeform.com/pricing/
 clean
https://www.typeform.com/enterprise/
 clean
https://admin.typeform.com/login
 clean