General Info

URL

http://agilitrix.com/mwg-internal/de5fs23hu73ds/progress?id=1g2-HSamp8nQFZ6Cpof9a-XCY30IX80m89NPM8Nf1aM,&dl

Full analysis
https://app.any.run/tasks/af71af32-ef55-4b42-bb9d-d29dde20a328
Verdict
Malicious activity
Analysis date
7/18/2019, 13:39:25
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (75.0.3770.100)
  • Google Update Helper (1.3.34.7)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.7.2 (4.7.03062)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 67.0.4 (x86 en-US) (67.0.4)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • Update for Microsoft .NET Framework 4.7.2 (KB4087364) (1)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB4019990
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

No suspicious indicators.

Creates files in the user directory
  • opera.exe (PID: 3876)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
33
Monitored processes
1
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start opera.exe
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
3876
CMD
"C:\Program Files\Opera\opera.exe" "http://agilitrix.com/mwg-internal/de5fs23hu73ds/progress?id=1g2-HSamp8nQFZ6Cpof9a-XCY30IX80m89NPM8Nf1aM,&dl"
Path
C:\Program Files\Opera\opera.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Opera Software
Description
Opera Internet Browser
Version
1748
Modules
Image
c:\program files\opera\opera.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\program files\opera\opera.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winmm.dll
c:\windows\system32\version.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\profapi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\devenum.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\avicap32.dll
c:\windows\system32\msvfw32.dll
c:\windows\system32\quartz.dll
c:\program files\adobe\acrobat reader dc\reader\browser\nppdf32.dll
c:\windows\system32\macromed\flash\npswf32_26_0_0_131.dll
c:\program files\java\jre1.8.0_92\bin\dtplugin\npdeployjava1.dll
c:\program files\java\jre1.8.0_92\bin\plugin2\npjp2.dll
c:\progra~1\micros~1\office14\npauthz.dll
c:\progra~1\micros~1\office14\npspwrap.dll
c:\program files\google\update\1.3.34.11\npgoogleupdate3.dll
c:\program files\videolan\vlc\npvlc.dll
c:\program files\adobe\acrobat reader dc\reader\air\nppdf32.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\userenv.dll
c:\windows\system32\shdocvw.dll

Registry activity

Total events
246
Read events
186
Write events
60
Delete events
0

Modification events

PID
Process
Operation
Key
Name
Value
3876
opera.exe
write
HKEY_CURRENT_USER\Software\Opera Software
Last CommandLine v2
C:\Program Files\Opera\opera.exe "http://agilitrix.com/mwg-internal/de5fs23hu73ds/progress?id=1g2-HSamp8nQFZ6Cpof9a-XCY30IX80m89NPM8Nf1aM,&dl"
3876
opera.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\70\52C64B7E
LanguageList
en-US

Files activity

Executable files
0
Suspicious files
72
Text files
29
Unknown types
42

Dropped files

PID
Process
Filename
Type
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00021.tmp
image
MD5: b4491705564909da7f9eaf749dbbfbb1
SHA256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\sesn\opr00015.000
ttf
MD5: f38627dc18edab1ae2dd411a95d6418d
SHA256: f24325b7cac4f6539386f6cc48128bf217f9e2bdb2615170bbd03bd3d91dc0b2
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0000O.tmp
binary
MD5: b25147c0f39f088cedfac464fa2c130c
SHA256: 5af6ffe4588c676e5d203bc4feab0e44921dd641770bd636859c1533afd4ffdc
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00020.tmp
html
MD5: 66938446ef46377e53a2edf56ef7fbd7
SHA256: 8a7642669a5690cc31a35c9ee53a440e64940540d0a809a4db75d9d3571387dc
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr00022.tmp
compressed
MD5: 1a7fe643e2bae11042d0a1151aa1cf6a
SHA256: af30f26f67273f6fcdb73ec3c1d940a3a6fd7d8d866a74fbfa418bf4a089785c
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001V.tmp
html
MD5: 3293487f89677590a36cc642459cb25d
SHA256: a7740affdfaf7135071b9a67bb1b026091c07359ed106629bb1de0b2880bd27a
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001Y.tmp
compressed
MD5: 4a4ea4bee72e96f0b629dbd092503d2f
SHA256: b63182e22f0c164505d4a583c1fe608b24df9befa5eea6341269daef94e804ba
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001W.tmp
compressed
MD5: 03acd1f06951ce8efe99e81337db8ab6
SHA256: dad2ed00de25fddc47473ce69f8ee4b81bfffa27f169e568ceb5b2e4de89f1b7
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001Z.tmp
compressed
MD5: 103b9e5483b583cd03454caf209f7531
SHA256: 3d6ad76eb2ad2f053a958ca4bf9db18e559511dcda12b466fe71ac0e72db24da
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001X.tmp
compressed
MD5: b185b8411abc14b0a486185856c35076
SHA256: 0cd5327376edb449afeda610823ad434f840568b01947dd56141bd96bb8399c5
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001S.tmp
html
MD5: c975557f8c82b3b4d8850e631b2a51d5
SHA256: 6c042bf55ac052524899041326ec1ee7ab2a55844432e73ebfa7d224e017c617
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001T.tmp
html
MD5: eaf0a84b7e736c7deea6e45a53ffae9d
SHA256: 4de7d45def3e3a499a035874763ecf1c1821fecccd469dbaded8a300e70292c0
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001U.tmp
html
MD5: e4c7e038e6cfa0a311d72822e2ce7965
SHA256: b06ff094c7bd01e03871f1e4e4980c14691a05f1368cf625803eb861448aa633
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001R.tmp
html
MD5: 5e71fb3057b96ec7e24357331fef630b
SHA256: 46b5afb2f83f337c61447a47df5bf10023e1fab10167f0019b613239bf90d3c5
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001O.tmp
html
MD5: f14980bc0705a5b6dfa59dcc4a31e238
SHA256: 7c433a6476ca8f84e5423e3c40d738ee6fa05608196033428afcca020df109fe
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001Q.tmp
compressed
MD5: 5521bcbb0d60dc59ba5f04b5c96552eb
SHA256: e70415ce7af64e9f9dab82ce389a3f65d67c9f02c7673f01a8ca065b98bc67f5
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001P.tmp
html
MD5: 7f4ee17dbc8d742df842a27ff9e38f50
SHA256: ddc82213c1f87545fa30cb17b27628a28819270d3856b48f20d92e918f200a2d
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001M.tmp
html
MD5: 549cb56f740ca179d9f121f73a1ff8cf
SHA256: 494bafe6eca46ec65e01ec2b2435a42b53a3bc205bfc869df547bb63b997eef0
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001N.tmp
compressed
MD5: 4ab93b6bc33d1bca794b1c5858040599
SHA256: 81d1ee683d4c2299de99394d10f3e087aae6839e32fd67015b9379a644f4b63b
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001L.tmp
html
MD5: c302490e7e6c5150ee0aaa75b66a046a
SHA256: de356c8571370cc4f5603a0239e40c73098672a6084d0c636870b15dcc6d41d4
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\sessions\autosave.win
text
MD5: 24f35a1d910da47715110915874bcd23
SHA256: c61af40d003fb886ab8a7bc08d717d0410e86cd4f6d17dd6c689e23b9ee54b87
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\sessions\opr2E06.tmp
––
MD5:  ––
SHA256:  ––
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\global_history.dat
text
MD5: 94e46ad0d4c08c17f6d4dd1b805a5aa4
SHA256: b4d679c76f7e65903562466719568c1e17e3242cde7cb2f608f08f9feaafb4bb
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\opcacrt6.dat
binary
MD5: 0d1b11c7f2fecac538422f3dc702b323
SHA256: 7c4f5153a07f0fc369619cc3d07eea1a08acda19cc31512ef9c2d815ccf95a1a
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\opssl6.dat
binary
MD5: b0e79cb16ecead246315300fdce4fb4e
SHA256: 9790d7bfe1f10eff308c4219827e63bd2e4b458000c4f9bff9098d0704d9821b
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0001K.tmp
woff
MD5: e15b8743b41a23082780aee5ee1ee9a9
SHA256: 2770b375eb18d7a74fbbd60a0f9a14214857770f35dac85ce9c5daf9353faf97
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\g_0000\opr0001K.000
ttf
MD5: 29d5337f30d194c22ed31a23ae9cb923
SHA256: b362fe80d4796171b9f223194be65af36395a440662cf7350cf386d7cca8e30b
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\g_0000\opr0001J.000
ttf
MD5: e7a7a61e8e3ce82224fb597ccbe2a591
SHA256: f2df79767c83072849c2d08b4afe6aeec3fb1dec4634208f433fd79f6aef4d54
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0001J.tmp
woff
MD5: dd013a555f6f546f3104499f4df5c17a
SHA256: 6755b813f87825431296d0a8a8f21111921cc8532250844c9bf0d43b2d3b2e28
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\g_0000\opr0001H.000
ttf
MD5: 94817cd947b65799f2261cae23e5eaea
SHA256: 272c1c76f49570ee14d65b32ed965ef180fb1d1cb7dd755bcf356325bbaea28c
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0001I.tmp
woff
MD5: 213e8c892aa1af1d690179b37b53e35a
SHA256: 37d8bced2c9ce5998a53e111927c75b7bffb235ee5769db693ddb9d80eb1b0e2
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\g_0000\opr0001I.000
ttf
MD5: ee60b1ac369ace985f1d1fe182ef2a1b
SHA256: 84f82cf5f2f84128ea07a7fe0d585477e88213df7634a54925e944e7fbb72b1b
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0001H.tmp
woff
MD5: ca7fe2292b445913488520f6c2c52f10
SHA256: ef94505ee60677b6d7943aa3885f4c3cb76d8e6e6ac410d5b9f9014a6dcb1401
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\g_0000\opr0001G.000
ttf
MD5: 8d243f1aa932af077ddba530fc8d4f9e
SHA256: 032cc2b1df22eb6b15e5ce2ed8264cdfcbcf8c2c7f496734633caf3c97ea21ec
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0001G.tmp
woff
MD5: 5d001a17da29c92d711530e2ee617f7e
SHA256: 9aedda6dc1f4b694308bdb972962044ab0c1f2a3929dead40c3f208168d98f5a
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0001F.tmp
woff
MD5: ac4cda64bbce08ab7db496a795159879
SHA256: d7ff205affce1f7c7d56b8318d41dd81ddb3e9f792c99e663521570d60018b27
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\g_0000\opr0001F.000
ttf
MD5: c602c16dd33816aec21579a6213486e6
SHA256: 494132168ee06458eb177b2c3f3e81113730da17c33fead622a2946e856c4811
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0001E.tmp
woff
MD5: 5483db56f5536f8f456cec2ecd1f6088
SHA256: 2dc2b0e54d7c039a8b46d0bf43bd83f01b9b99b5fbb89304523d1329595e02ee
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0001C.tmp
woff
MD5: 391454f0890b0e45ba599308488a341a
SHA256: af93ad89786b91396680006c2d963dd47ffa07362c84f5d34d94638db676e289
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\g_0000\opr0001C.000
ttf
MD5: f80e061ede310a93fb12886c99242443
SHA256: 5cbbba565412ac7789eab5f1c918935fc43ea7418e81e73adb9d4b1d21442e98
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\g_0000\opr0001E.000
ttf
MD5: 3789194d22143768bd0d008084d4bb9e
SHA256: a231eca5a879f39d76e0ae0cdcf7003ce8342082b59f7af57e0c6b06fc74a490
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0001D.tmp
woff
MD5: ebcdf3323435f3b1f10ce16319467a4f
SHA256: 70d5e3ae2f920929ee80c4eb5bc3aca6fbf8da904faf0a1c19da66028dc24542
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\g_0000\opr0001D.000
ttf
MD5: c1601a426e35041f0836059c0ab92771
SHA256: e3f7ebd99970b3444aac0fe59d9f3567310a2c778beaaca1ca5b6df3449e31cb
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\g_0000\opr0001B.000
ttf
MD5: 62d8b6d25219b7303ecd93dd6383511d
SHA256: 33bc54b7f9a90ca2ea495e9aaa2574ebf3d41e932f9f52c7732ea6dd050792e4
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0001B.tmp
woff
MD5: e079a1adc52f1cf4c23d1902f422c573
SHA256: c2201fbaa09adb3dcdf1b31155859952e5c4bf21ce9b88af6c02dba7aa166f1c
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0000N.tmp
binary
MD5: 42ea0ac55b219f3297a170a856fbd115
SHA256: ab7148785e20e28ef1907eb80a6a8b7e1d9ed4f52f1c9d9333ac8ca773b3a9d8
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0000B.tmp
binary
MD5: 2a25af733adb0358ed7203bc3109b20d
SHA256: 13927204d6fc7279f6f85778439e5e0d7e2f730b51fbaa398d444e0a7f3d0ab9
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0001A.tmp
compressed
MD5: 8c2c13680a8a90d2b10534e084753cf5
SHA256: 5a971726c10b831fd12fc3cb3b229510309f0759a76893169dee0f0d61442fe0
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\revocation\g_0000\opr00001.tmp
binary
MD5: 935896630a5c1788576c5deff1593e24
SHA256: eb8709aca836599dbc70eed09808badb0515cd2f3867003482e28db6de1494c7
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\revocation\g_0000\opr00001.tmp
binary
MD5: 47f343649b78ef6b418593130ed0c604
SHA256: 047375b2d77e04d5a84a1df915a94c28ed74b155bfd7036ec587d63561b7ce01
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\sesn\opr00019.000
ttf
MD5: 5367e637ad7cf93289263d8e76e108bb
SHA256: 907cd5cb66c98c3724f10477a07b3959088323f80fc9e0d6f61e9e69f9687376
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00019.tmp
woff
MD5: 449d681cd6006390e1bee3c3a660430b
SHA256: 57c79375b1419ee1d984f443cda77c04b9b38c0be5330b2d41d65103115ffd72
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00017.tmp
woff
MD5: 1f85e92d8ff443980bc0f83ad7b23b60
SHA256: ea20e5db3ba915c503173fae268445fc2745fc9a5dce2f58d47f5a355e1cdb18
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00018.tmp
woff
MD5: 05ebdbe10796850f045fcd484f35788d
SHA256: 35eb714d45479fe35586513c7d372ced0ae3e26eb05883950bea2669c6e802aa
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\sesn\opr00018.000
ttf
MD5: 36ca2bec7642cc0eb29a70a8cb7d8cea
SHA256: 57140ddd2d12b50988c2fed4bb7ae834bc0fa1f1003958ca5602963d8c965c5d
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\sesn\opr00017.000
ttf
MD5: ab947afb884e901ed1b0075fac67c559
SHA256: e3b6f0aff5cc0109ca8af8ad67527d295e0982caea88033fb4dc05c2598a7ebd
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\sesn\opr00016.000
ttf
MD5: 329931024358440d67f5cba1167d4fc4
SHA256: 2ecf269f3d469605fa352101d173ad053befe15664565dc808a20b19e0d1b397
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00015.tmp
woff
MD5: de0869e324680c99efa1250515b4b41c
SHA256: 81f0ec27796225ea29f9f1c7b74f083edcd7bc97a09d5fc4e8d03c0134e62445
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00016.tmp
woff
MD5: 06b4bfda4e139eaf3ab9872a6d66f42f
SHA256: 39ec493a5a688a85b60a1e889a22cfb93f23c900e0fdc0be8ab8543dc9daa783
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\sesn\opr00013.000
ttf
MD5: fd9b197f921094a49f4fcb57392a0038
SHA256: a6750b0ac61fa3d0cabe8799433daf510d7cf477d73e9f975dd11802524df498
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00012.tmp
woff
MD5: 92da6f116d973bd334cf9b3afdb29c4f
SHA256: 49b6274bccb5c6b31e20cebb213d96197b522b1fb9c95b8649a0626edb5bd9d8
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00013.tmp
woff
MD5: 56e5756b696615d6164a625e1bcb1a9e
SHA256: bb87838929c15e1d0a05693c375323b95b6b4690fe207d3639e3a432c44aef35
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\sesn\opr00012.000
ttf
MD5: a01fc62802d8a92f2e40ebf901565faa
SHA256: 6ea680ecee950b61ebda9d4dcf02497f9283aee758440477a94de505f0de2bf2
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00014.tmp
woff
MD5: a7622f60c56ddd5301549a786b54e6e6
SHA256: 6e8a28a0638c920e5b76177e5f03ba94fcdedd3e3ecd347c333d82876b51c9c0
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00024.tmp
html
MD5: 4d5ba6897ad9c96deaaa1819840e376c
SHA256: bb2a9a0693fe52943737ca1cac1168f16ac7701574393647721e31b3edcb7bba
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\sesn\opr00014.000
ttf
MD5: ce12ee4e7b7f0c096778993ab9548ef1
SHA256: 9848cf3163865c024f3858bdb0d9ee586902662eaa5da7182815c76ddf62b509
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\sesn\opr00011.000
ttf
MD5: 6a931ec6ceb7f2d91d90e672cb16c872
SHA256: 0e5aaf4f8107ef56a63d538b072f151fb664615a122ae2c55e2e04e4cfd1bb00
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00011.tmp
woff
MD5: bf72679ca22e53320beaea090e8bb07d
SHA256: 1e742589d91a4b7e3888284a43a73675f312d3d6c4e78b3b76ebc36292646100
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\assoc002\sesn\opr00010.000
ttf
MD5: 29d10dcaa28f0cd50d0ab75c45c0573e
SHA256: 13472152514e936f6f6d20a6e1aade1fb5161dde5f0c7a34b626471c0408046d
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00010.tmp
woff
MD5: 793b1237017aeacd646fb80911425566
SHA256: 5bb07410994c14d60f72ce3f6e19b172fcd7bc515f9baeaf1f74c6cc2216e86a
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\sessions\opr1944.tmp
––
MD5:  ––
SHA256:  ––
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0000Z.tmp
ttf
MD5: e4741b3f21e2a4a0d8b50c487225e8a4
SHA256: ec91979583b005e1b2a5fe7cf71052792398e9dbbba2d6cba3962b2a5e5ded85
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\opssl6.dat
binary
MD5: e06c9c53ecde93544bf4acbf9a02691b
SHA256: 1dccd086a2b1c8d4c3fea00ecd64f45188b7d017c4e4306759eedd4c1c5f4eb6
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\global_history.dat
text
MD5: 6b7440c1619d100db76169460408163f
SHA256: 3019938a7b045005b99d8cb5bff5dd90fefb1d8811e73b533f98e91a17e8db84
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\opcacrt6.dat
binary
MD5: 4c8a484ba36993d0eb4de30fe1e88ebe
SHA256: bfab3975756bf7ff1be4e5f7cf6cdd197ff64b8ed188f7a45e578c49f65f29f6
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\sessions\autosave.win
text
MD5: fbf321b62720e9003f82b6b0b2b128f2
SHA256: 606d1a85ea0d82c744db66ace152a0cc4060ba66cffa3a7c5539d4eaf91a4183
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\sessions\oprD2E.tmp
––
MD5:  ––
SHA256:  ––
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\sessions\autosave.win.bak
text
MD5: 0100e3d2a29941ceef4e37312a7fa332
SHA256: 0c42c7737a5aba75c8e2ea967e2a994542b2c641d0a370edc41bc4d70a7cac70
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0000M.tmp
compressed
MD5: 678a8a51a36a359c5f4b81ac053b222c
SHA256: 3a721068f5e52a63131a679680ef0ddb31446c9f47bc6c18a5566fba556b1acb
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0000S.tmp
html
MD5: 7f077f1fce3d566040b0d69eb1f27d8f
SHA256: 487ad0d2cf075f4328a1adf57ef428759ad4e2c873a8ebd2ad9653990829c9cf
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0000R.tmp
compressed
MD5: 0a2a35dd8ae008bb06202735ea8313c5
SHA256: 3bdf65dc8a35fb4966c6f9efa9e1c474a796f0433c2ee5ca3dc5576047130ac1
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0000P.tmp
compressed
MD5: f9297e392306e68eca5d392864153a30
SHA256: 157cc26770e85eb0dd758b84ea8fa072a60e6a68b7b087a07a4a23cddde7958b
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0000W.tmp
compressed
MD5: 2464059bf0ae528a8e2fbc2b31b236ce
SHA256: 8514bd6f4a711e6e5ba99c323a9459ec0173bc7f66028d4d6fb4be1ae7fe529b
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0000V.tmp
compressed
MD5: 225558173b9e2978dc13d94412ffe96e
SHA256: 846211dba9734599144b6df3872dd51d1dd4ed43097234feabc04b27c8e477b2
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0000L.tmp
compressed
MD5: 2c4f863db6d554b6d077113838ad911d
SHA256: dc2d7a58b97edf8a7f6200177ba26d49106ffe557ce64c57e4ea9aa771590d88
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0000Y.tmp
text
MD5: e6e1643313740711175f51662a65b42f
SHA256: 2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0000Q.tmp
image
MD5: b798f4ce7359fd815df4bdf76503b295
SHA256: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0000T.tmp
compressed
MD5: 2f5289ec6f62921bd45fbe57c074843d
SHA256: 77b51aadae6d3e2cbac096ee0d3bd371f38436e74b4497ca3512e588cd371c6f
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0000D.tmp
compressed
MD5: 85cb47f8e2d9d073a5b4a1aee57199fa
SHA256: a12d3c5cee91aabf1b868fe154fb16d8fbea6af66fe065a19db357fdaf16c54e
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0000G.tmp
compressed
MD5: 7cdd302b05968f2e7af96acbf5303fd8
SHA256: acc61899c5e61a870ca0a08efe3b21a83e0ec117eb12c007a5eb2790bcb5c58f
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr00008.tmp
compressed
MD5: 9534c8b9e433e695ea225ad8f72f8612
SHA256: 741b46bb388015a64eacb3f8b269e104714c4636b235eed8a9b3f3bfe524387e
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00009.tmp
compressed
MD5: 5380615ef38a9259132097b273130e7c
SHA256: 18cd9b602cf1d1dfff3e7bfc18e888461aa89feb3ff7ec97302d8a2c16d28607
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr00002.tmp
binary
MD5: d64298cc60be963ba59cc57f9c340794
SHA256: 725f6ca537d82731960491562bb8f7ba947efa87834a46c8d753216e29b081e5
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0000I.tmp
compressed
MD5: 61afe3cb432d0db9d4f1d290381ec107
SHA256: 4914101951c829b98595942a2fa7fea7c25522264082b26ba73da11ca93eb06d
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0000A.tmp
compressed
MD5: 3377813db17366e0eb52826bafb40197
SHA256: a9074401052ece04db03805a9e24d07df7130a9cd7c9d8395319c324deb3acd1
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0000J.tmp
compressed
MD5: f0e0ae5b9e3ce798e6ebcbb77254dc33
SHA256: 65aa6d157413c373bc4afd3ab1851f89ff1af43d5d8e61729956ead208762ad2
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0000C.tmp
compressed
MD5: bd0cce90473776b7a5b34b0c1e147cd4
SHA256: aca8ff4f21eb4a0b134e3600e3277f6f25a749808c595e2e8ddd1b9273603c82
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0000E.tmp
image
MD5: b798f4ce7359fd815df4bdf76503b295
SHA256: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0000H.tmp
compressed
MD5: f72cdd33d0becdcd67bd8bb81d6b7c3d
SHA256: cd4c1f9e2b51aefd236855b669cf3c80aebbc0333b518387f75a5476fd4d3287
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr0000F.tmp
compressed
MD5: 721ff3c5ff75ad0aa678b3fdbc6a5ffc
SHA256: a1cfddfb30fd56cbc146369a520448e74914b4223af759f9603ed675b408eed1
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr0000K.tmp
compressed
MD5: 08b0dfedc8bad1311d2e5bb4f7d507bc
SHA256: 0c9edd1f761dbf902856192e82662c10efc881a63d3d22c7818befa10e36a041
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr00007.tmp
compressed
MD5: 4362430df00c478f7685dc42b953885f
SHA256: f706a2305d5ff8655ef66c70f5133bb3e13f824ae8ff8793e1033a5359b900e4
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00003.tmp
compressed
MD5: 4522281af0aee5608b60d1066c03172f
SHA256: 5b2c6c69199e6feb80ff4b6de921be0276f9f6bf95efdfb54d318ae74e4f7bf2
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00005.tmp
image
MD5: a484ea6cb73e277b9aa3086f01fcd766
SHA256: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00006.tmp
compressed
MD5: 02736782f3a24c080c78565198dbc789
SHA256: 8a6a86f539a0cd84e0e9a40f8a6c3eeb7ddfb60e3ec14b73a6c9e7ed413fd57d
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\g_0000\opr00004.tmp
compressed
MD5: ad51beefaa847deb4a9982a2b95ae47b
SHA256: d4daa92c73b2f5501dcab3f73b0f4054a112d5beef6ee7f2455fff27d96aff88
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fagilitrix.com%2Fwp-content%2Fuploads%2F2018%2F04%2FAgilitrix-Favicon.png
image
MD5: 112ea885f4ddd18941856afd4850006c
SHA256: bf1ac93441c56f67e92ca36f03bf14cd0e92fd9c522b6c451bdc78f968b843b5
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\icons\agilitrix.com.idx
text
MD5: d301d9bb42d4e88223413e9ce62f16a1
SHA256: c40bf682097d7c12d9e07b9f75659f09f135ae65696d63360b91a46fc311c0a8
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fagilitrix.com%2Fwp-content%2Fuploads%2F2018%2F04%2FAgilitrix-Favicon-150x150.png
––
MD5:  ––
SHA256:  ––
3876
opera.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\16ec093b8f51508f.customDestinations-ms
binary
MD5: 8d2af1b32332cbc3eb43e52363bc928d
SHA256: a8a64be8eab84cf198494b0773676df0fb6cab57e8dc1329ebcfdcd849ebdfe0
3876
opera.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\16ec093b8f51508f.customDestinations-ms~RFe076e.TMP
binary
MD5: 8d2af1b32332cbc3eb43e52363bc928d
SHA256: a8a64be8eab84cf198494b0773676df0fb6cab57e8dc1329ebcfdcd849ebdfe0
3876
opera.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\BT4UBNXJBYYC3TMIAHRP.temp
––
MD5:  ––
SHA256:  ––
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\opssl6.dat
binary
MD5: 043f5d85236dfe1b8ce043aa03ab0ad3
SHA256: 23c90a4c2b6bc816293aabdbc8a0cec5c02fcfea0fe0d2a9117535fee9e5af16
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\opcacrt6.dat
binary
MD5: 7f5dcbf9f067f258078d5071195d5c51
SHA256: fec0be3946fe4780375cee50eb647bea4fb130af228e473fe442b39ff19d0492
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\optrust.dat
binary
MD5: 1aa8644c9261dc10f7247f6a145c1dd2
SHA256: 58a8933f65361633c6ab194000d312dc9d566f717b1a16814a0dbee24a60ebe3
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\sesn\opr00001.tmp
––
MD5:  ––
SHA256:  ––
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\opuntrust.dat
binary
MD5: 1aa8644c9261dc10f7247f6a145c1dd2
SHA256: 58a8933f65361633c6ab194000d312dc9d566f717b1a16814a0dbee24a60ebe3
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\opcacrt6.dat
binary
MD5: 59761e989f564f76a3a4b778db7abcf1
SHA256: af879942d234d85c0ce75921dbdda50e2f6d135bd961f259106131751359052b
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\opicacrt6.dat
binary
MD5: 82f1a2b1176a5ecc457d32301e2ad833
SHA256: a783052804dd4c232be2ed3dc00c430cb67a20370890e235562ed2b27b5a602e
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\opssl6.dat
binary
MD5: a8fc7d69a8a93442f071d1291c434bde
SHA256: 4c892f2e69cf08113db4e2da8b6c885853bab1a4927e44bef39f708ba08b788e
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\opcert6.dat
binary
MD5: 1aa8644c9261dc10f7247f6a145c1dd2
SHA256: 58a8933f65361633c6ab194000d312dc9d566f717b1a16814a0dbee24a60ebe3
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\tasks.xml
xml
MD5: 4010fe33f2fa603a836668bf658b5475
SHA256: 2efbe263a549116f765f25ef824824c4e7e07a628e94bf4358a8438b953a6d62
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\oprFC35.tmp
––
MD5:  ––
SHA256:  ––
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\operaprefs.ini
text
MD5: 5405d4c902fa29fa439a2b902cb42955
SHA256: be4a61fee7fccead9d6e3ef611232fe3af5aac7127c194591fe194c2eaaf02fb
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\oprFBF5.tmp
––
MD5:  ––
SHA256:  ––
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\sessions\autosave.win
text
MD5: 0100e3d2a29941ceef4e37312a7fa332
SHA256: 0c42c7737a5aba75c8e2ea967e2a994542b2c641d0a370edc41bc4d70a7cac70
3876
opera.exe
C:\Users\admin\AppData\Roaming\Opera\Opera\sessions\oprFBE5.tmp
––
MD5:  ––
SHA256:  ––
3876
opera.exe
C:\Users\admin\AppData\Local\Opera\Opera\cache\CACHEDIR.TAG
text
MD5: e717f92fa29ae97dbe4f6f5c04b7a3d9
SHA256: 5bbd5dcbf87fd8cd7544c522badf22a2951cf010ad9f25c40f9726f09ea2b552

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
152
TCP/UDP connections
114
DNS requests
56
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
3876 opera.exe GET 200 93.184.220.29:80 http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl US
der
whitelisted
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/mwg-internal/de5fs23hu73ds/progress?id=1g2-HSamp8nQFZ6Cpof9a-XCY30IX80m89NPM8Nf1aM,&dl US
––
––
unknown
3876 opera.exe GET 400 185.26.182.93:80 http://sitecheck2.opera.com/?host=agilitrix.com&hdn=14xO1swi1o01NHtq3THguw== unknown
html
whitelisted
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/uploads/2018/04/Agilitrix-Logo-Horz-Slogan-Colour.png US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/ap-custom-testimonial-pro/css/example.css?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/css/media-views.min.css?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/ap-custom-testimonial-pro/css/frontend.css?ver=1.2.7 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/css/buttons.min.css?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/imgareaselect/imgareaselect.css?ver=0.9.8 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/css/dashicons.min.css?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/ap-custom-testimonial-pro/css/jquery.bxslider.css?ver=1.2.7 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/download-manager/assets/css/front.css?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/captcha/css/front_end_style.css?ver=4.4.5 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/ap-custom-testimonial-pro/css/prettyPhoto.css?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/captcha/css/desktop_style.css?ver=4.4.5 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/themes/agilitrix/style.css?ver=3.0.98 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/ap-custom-testimonial-pro/css/font-awesome/font-awesome.min.css?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/heateor-social-comments/css/front.css?ver=1.4.16 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/uploads/2017/10/CAL-1-blog-300x201.jpg US
––
––
unknown
3876 opera.exe GET 404 104.197.149.35:80 http://agilitrix.com/wp-content/uploads/2017/10/cta-300x79.png US
html
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/uploads/2018/04/Agilitrix-Favicon-150x150.png US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes_responsive.css?ver=3.0.98 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/ap-custom-testimonial-pro/js/jquery.bxslider.min.js?ver=1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/themes/Divi/includes/builder/styles/magnific_popup.css?ver=3.0.98 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/uploads/2018/04/Agilitrix-Favicon.png US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/ap-custom-testimonial-pro/js/frontend.js?ver=1.2.7 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/cache/et/global/et-divi-customizer-global-156338667084.min.css US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/utils.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/plupload/moxie.min.js?ver=1.3.5 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/jquery/jquery.js?ver=1.12.4 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/download-manager/assets/js/front.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/plupload/plupload.min.js?ver=2.1.9 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET 200 54.244.183.249:80 http://adpxl.co/Cok4hf2U/an.js US
text
unknown
3876 opera.exe GET 200 54.244.183.249:80 http://adpxl.co/9pHDrPPG/an.js US
text
unknown
3876 opera.exe GET 200 2.19.43.118:80 http://platform-api.sharethis.com/js/sharethis.js unknown
text
unknown
3876 opera.exe GET 200 216.58.206.3:80 http://crl.pki.goog/gsr2/gsr2.crl US
der
whitelisted
3876 opera.exe GET 200 216.58.205.227:80 http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEFIYTNt4zV3zY5gRv8%2BD8WI%3D US
der
whitelisted
3876 opera.exe GET 200 216.58.205.227:80 http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEGm1%2BXf3dpqY8sa%2BjvQsCFk%3D US
der
whitelisted
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/themes/Divi/includes/builder/scripts/frontend-builder-global-functions.js?ver=3.0.98 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/ap-custom-testimonial-pro/js/jquery.fitvids.js?ver=1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/ap-custom-testimonial-pro/js/jquery.prettyPhoto.js?ver=1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/underscore.min.js?ver=1.8.3 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/shortcode.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/backbone.min.js?ver=1.2.3 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/wp-util.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-admin/js/media-upload.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/wp-backbone.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/media-views.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/media-models.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/plupload/wp-plupload.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/api-request.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/themes/Divi/includes/builder/scripts/jquery.mobile.custom.min.js?ver=3.0.98 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/thrive-leads/thrive-dashboard/js/dist/frontend.min.js?ver=2.1.9 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/media-editor.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/media-audiovideo.min.js?ver=5.1.1 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 US
––
––
unknown
3876 opera.exe GET 200 104.197.149.35:80 http://agilitrix.com/wp-content/themes/Divi/includes/builder/scripts/jquery.fitvids.js?ver=3.0.98 US
text
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 US
––
––
unknown
3876 opera.exe GET 200 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.4.5 US
text
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/themes/Divi/js/custom.js?ver=3.0.98 US
––
––
unknown
3876 opera.exe GET –– 104.197.149.35:80 http://agilitrix.com/wp-content/themes/Divi/core/admin/js/common.js?ver=3.0.98 US
––
––
unknown
3876 opera.exe GET 200 104.197.149.35:80 http://agilitrix.com/wp-content/themes/Divi/includes/builder/scripts/jquery.magnific-popup.js?ver=3.0.98 US
text
unknown
3876 opera.exe GET 200 104.197.149.35:80 http://agilitrix.com/wp-content/themes/Divi/includes/builder/scripts/frontend-builder-scripts.js?ver=3.0.98 US
text
unknown
–– –– GET 200 216.58.210.10:80 http://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&subset=cyrillic,greek,vietnamese,latin,greek-ext,latin-ext,cyrillic-ext US
text
whitelisted
3876 opera.exe GET 200 104.197.149.35:80 http://agilitrix.com/wp-includes/js/wp-embed.min.js?ver=5.1.1 US
text
unknown
–– –– GET 200 104.17.211.204:80 http://js.hs-scripts.com/5911899.js?integration=wordpress&ver=7.5.5 US
text
whitelisted
3876 opera.exe GET 200 104.197.149.35:80 http://agilitrix.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.1 US
text
unknown
3876 opera.exe GET 200 216.58.205.227:80 http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEAM%2F9QHU8QoxPVNspQVLX1Q%3D US
der
whitelisted
3876 opera.exe GET 200 104.197.149.35:80 http://agilitrix.com/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.4.5 US
text
unknown
3876 opera.exe GET 200 104.197.149.35:80 http://agilitrix.com/wp-content/themes/Divi/style.css US
text
unknown
3876 opera.exe GET 200 104.197.149.35:80 http://agilitrix.com/wp-content/themes/Divi/includes/builder/scripts/jquery.magnific-popup.js?ver=3.0.98 US
text
unknown
3876 opera.exe GET 200 93.184.220.29:80 http://crl3.digicert.com/DigiCertGlobalRootCA.crl US
der
whitelisted
3876 opera.exe GET 200 54.70.219.46:80 http://adpxljs.adpxl.co/timeme.min-2.js US
text
unknown
3876 opera.exe GET 200 54.214.178.82:80 http://fl.adpxl.co/adpxlana-va_spa2.1.js US
text
unknown
3876 opera.exe GET 200 93.184.220.29:80 http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTPJvUY%2Bsl%2Bj4yzQuAcL2oQno5fCgQUUWj%2FkK8CB3U8zNllZGKiErhZcjsCEAMF3ysvdVSxbulrETlry%2BE%3D US
der
whitelisted
3876 opera.exe GET 200 52.222.149.154:80 http://crl.rootca1.amazontrust.com/rootca1.crl US
der
whitelisted
3876 opera.exe GET 200 52.222.149.191:80 http://ocsp.sca1b.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQz9arGHWbnBV0DFzpNHz4YcTiFDQQUWaRmBlKge5WSPKOUByeWdFv5PdACEAhRiR%2BMKsLhDTnTd5v0K30%3D US
der
whitelisted
3876 opera.exe GET 200 52.222.149.159:80 http://s.ss2.us/r.crl US
der
whitelisted
3876 opera.exe GET 200 52.222.149.62:80 http://crl.rootg2.amazontrust.com/rootg2.crl US
der
whitelisted
3876 opera.exe GET 200 104.197.149.35:80 http://agilitrix.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf US
ttf
unknown
3876 opera.exe GET 200 151.101.0.65:80 http://tag.marinsm.com/serve/592c93299c41fe8ba7000009.js US
text
unknown
3876 opera.exe GET 200 216.58.205.227:80 http://ocsp.pki.goog/GTSGIAG3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT27bBjYjKBmjX2jXWgnQJKEapsrQQUd8K4UJpndnaxLcKG0IOgfqZ%2BuksCEElcH9nzCXtybkcrFaERwzo%3D US
der
whitelisted
3876 opera.exe GET 200 188.121.36.239:80 http://ocsp.godaddy.com/MEkwRzBFMEMwQTAJBgUrDgMCGgUABBS2CA1fbGt26xPkOKX4ZguoUjM0TgQUQMK9J47MNIMwojPX%2B2yz8LQsgM4CCHTyFonuxNrE NL
der
whitelisted
3876 opera.exe GET 200 188.121.36.237:80 http://crl.godaddy.com/gdroot-g2.crl NL
der
whitelisted
3876 opera.exe GET 200 188.121.36.237:80 http://crl.godaddy.com/gdroot.crl NL
der
whitelisted
3876 opera.exe GET 302 34.248.218.219:80 http://pixel-geo.prfct.co/tagjs?a_id=73210&source=js_tag IE
––
––
unknown
3876 opera.exe GET 200 93.184.220.29:80 http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQQX6Z6gAidtSefNc6DC0OInqPHDQQUD4BhHIIxYdUvKOeNRji0LOHG2eICEAWYgudgAj%2FXNF6Tf8eUb1o%3D US
der
whitelisted
3876 opera.exe GET 302 34.248.218.219:80 http://pixel-geo.prfct.co/cs/?partnerId=mrin IE
––
––
unknown
3876 opera.exe GET 302 34.248.218.219:80 http://pixel-geo.prfct.co/cs/?partnerId=twtr IE
––
––
unknown
3876 opera.exe GET 302 34.248.218.219:80 http://pixel-geo.prfct.co/cs/?partnerId=yah IE
––
––
unknown
3876 opera.exe GET 302 34.248.218.219:80 http://pixel-geo.prfct.co/cs/?partnerId=opx IE
––
––
unknown
3876 opera.exe GET 302 34.248.218.219:80 http://pixel-geo.prfct.co/cs/?partnerId=rbcn IE
––
––
unknown
3876 opera.exe GET 302 185.33.223.210:80 http://ib.adnxs.com/seg?t=2&add=8746580 unknown
––
––
whitelisted
3876 opera.exe GET 302 34.248.218.219:80 http://pixel-geo.prfct.co/cs/?partnerId=goo IE
––
––
unknown
3876 opera.exe GET 200 34.248.218.219:80 http://pixel-geo.prfct.co/seg/?add=8746580&source=js_tag&a_id=73210 IE
image
unknown
3876 opera.exe GET 200 185.33.223.210:80 http://ib.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D8746580 unknown
image
whitelisted
3876 opera.exe GET 200 93.184.220.29:80 http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTPJvUY%2Bsl%2Bj4yzQuAcL2oQno5fCgQUUWj%2FkK8CB3U8zNllZGKiErhZcjsCEA0mLvrim2miGp5wo7GWTfg%3D US
der
whitelisted
3876 opera.exe GET 200 34.248.218.219:80 http://pixel-geo.prfct.co/tagjs?a_id=73210&source=js_tag IE
text
unknown
3876 opera.exe GET 200 93.184.220.29:80 http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQQX6Z6gAidtSefNc6DC0OInqPHDQQUD4BhHIIxYdUvKOeNRji0LOHG2eICEAMXuD70nNkGmxQ3ymnzWEA%3D US
der
whitelisted
3876 opera.exe GET 200 93.184.220.29:80 http://crl3.digicert.com/sha2-ha-server-g6.crl US
binary
whitelisted
3876 opera.exe GET 200 185.33.223.210:80 http://ib.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D8746580 unknown
image
whitelisted
3876 opera.exe GET 200 93.184.220.29:80 http://status.geotrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR3enuod9bxDxzpICGW%2B2sabjf17QQUkFj%2FsJx1qFFUd7Ht8qNDFjiebMUCEAqGuQR2WDHiQMxiERAfVzY%3D US
der
whitelisted
3876 opera.exe GET 200 89.187.169.79:80 http://load.sumo.com/ CZ
text
whitelisted
3876 opera.exe GET 200 93.184.220.29:80 http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQQX6Z6gAidtSefNc6DC0OInqPHDQQUD4BhHIIxYdUvKOeNRji0LOHG2eICEA1xbws%2FFNZLyWPDcUF8fRA%3D US
der
whitelisted
3876 opera.exe GET –– 188.121.36.239:80 http://ocsp.godaddy.com/MEkwRzBFMEMwQTAJBgUrDgMCGgUABBS2CA1fbGt26xPkOKX4ZguoUjM0TgQUQMK9J47MNIMwojPX%2B2yz8LQsgM4CCAibv0AUZ0%2B1 NL
––
––
whitelisted
3876 opera.exe GET –– 172.217.18.99:80 http://fonts.gstatic.com/s/opensans/v16/memnYaGs126MiZpBA-UFUKWyV-hv.woff US
––
––
whitelisted
3876 opera.exe GET –– 172.217.18.99:80 http://fonts.gstatic.com/s/opensans/v16/mem6YaGs126MiZpBA-UFUJ0d.woff US
––
––
whitelisted
3876 opera.exe GET –– 172.217.18.99:80 http://fonts.gstatic.com/s/opensans/v16/memnYaGs126MiZpBA-UFUKXGUehv.woff US
––
––
whitelisted
3876 opera.exe GET –– 172.217.18.99:80 http://fonts.gstatic.com/s/opensans/v16/memnYaGs126MiZpBA-UFUKWiUOhv.woff US
––
––
whitelisted
3876 opera.exe GET 200 172.217.18.99:80 http://fonts.gstatic.com/s/opensans/v16/memnYaGs126MiZpBA-UFUKW-U-hv.woff US
woff
whitelisted
3876 opera.exe GET 200 172.217.18.99:80 http://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN_r8-Vg.woff US
woff
whitelisted
3876 opera.exe GET –– 172.217.18.99:80 http://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirk-Vg.woff US
––
––
whitelisted
3876 opera.exe GET –– 172.217.18.99:80 http://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN8rs-Vg.woff US
––
––
whitelisted
3876 opera.exe GET –– 172.217.18.99:80 http://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-U1UQ.woff US
––
––
whitelisted
3876 opera.exe GET –– 172.217.18.99:80 http://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rg-Vg.woff US
––
––
whitelisted
3876 opera.exe GET 200 104.17.67.176:80 http://js.hs-analytics.net/analytics/1563449700000/5911899.js US
text
whitelisted
3876 opera.exe GET 200 172.217.18.99:80 http://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-U1UQ.woff US
woff
whitelisted
3876 opera.exe GET 200 151.139.128.14:80 http://ocsp.comodoca4.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQAU7Bfe6xSRj1%2Bo83zCN%2BY2wTgIAQU1LD0%2FU%2BcQqRs3D0u7ltBGMmtA%2FYCEClLomU9xcZqQpU91EqLVUE%3D US
der
whitelisted
3876 opera.exe GET 200 151.139.128.14:80 http://crl.comodoca.com/COMODORSACertificationAuthority.crl US
der
whitelisted
3876 opera.exe GET 200 151.139.128.14:80 http://crl.usertrust.com/AddTrustExternalCARoot.crl US
der
whitelisted
3876 opera.exe GET 200 104.197.149.35:80 http://agilitrix.com/wp-includes/js/thickbox/loadingAnimation.gif US
image
unknown
3876 opera.exe POST 429 104.197.149.35:80 http://agilitrix.com/?ga_action=googleanalytics_get_script US
text
––
––
unknown
3876 opera.exe POST 200 54.200.150.117:80 http://sumo.com/api/load/ US
text
text
whitelisted
3876 opera.exe GET 200 151.139.128.14:80 http://ocsp.comodoca4.com/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBQAU7Bfe6xSRj1%2Bo83zCN%2BY2wTgIAQU1LD0%2FU%2BcQqRs3D0u7ltBGMmtA%2FYCEQCvwDSx%2BLHpBs8I59If5bFj US
der
whitelisted
3876 opera.exe GET 200 93.184.220.29:80 http://crl3.digicert.com/Omniroot2025.crl US
der
whitelisted
3876 opera.exe GET 200 93.184.220.29:80 http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTVzlV2s%2F2JoG8xYdsek7i7sHOKawQUkQWK30wixm2LlEwWRX7ubwL7t8ACEAHD2V4Ym2ccGcSs9NT9oU0%3D US
der
whitelisted
3876 opera.exe OPTIONS 204 54.200.150.117:80 http://sumo.com/services US
––
––
whitelisted
3876 opera.exe OPTIONS 200 54.214.178.82:80 http://fl.adpxl.co/api/pwx/tp US
––
––
unknown
3876 opera.exe POST 200 54.214.178.82:80 http://fl.adpxl.co/api/pwx/tp US
text
––
––
unknown
3876 opera.exe POST 200 54.214.178.82:80 http://fl.adpxl.co/api/pwx/tp US
text
––
––
unknown
3876 opera.exe POST 200 54.214.178.82:80 http://fl.adpxl.co/api/pwx/tp US
text
––
––
unknown
3876 opera.exe POST 200 54.214.178.82:80 http://fl.adpxl.co/api/pwx/tp US
text
––
––
unknown
3876 opera.exe POST 200 54.214.178.82:80 http://fl.adpxl.co/api/pwx/tp US
text
––
––
unknown
3876 opera.exe POST –– 54.214.178.82:80 http://fl.adpxl.co/api/pwx/tp US
text
––
––
unknown

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
3876 opera.exe 185.26.182.94:443 Opera Software AS –– malicious
3876 opera.exe 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
3876 opera.exe 104.197.149.35:80 Google Inc. US unknown
3876 opera.exe 185.26.182.93:80 Opera Software AS –– unknown
–– –– 54.244.183.249:80 Amazon.com, Inc. US unknown
3876 opera.exe 216.58.210.10:443 Google Inc. US whitelisted
–– –– 216.58.206.8:443 Google Inc. US whitelisted
3876 opera.exe 2.19.43.118:80 Akamai International B.V. –– unknown
–– –– 104.16.159.106:443 Cloudflare Inc US unknown
–– –– 216.58.206.3:80 Google Inc. US whitelisted
3876 opera.exe 216.58.205.227:80 Google Inc. US whitelisted
–– –– 216.58.205.227:80 Google Inc. US whitelisted
–– –– 216.58.210.10:80 Google Inc. US whitelisted
–– –– 104.17.211.204:80 Cloudflare Inc US shared
–– –– 104.16.15.194:443 Cloudflare Inc US shared
3876 opera.exe 172.217.16.174:443 Google Inc. US whitelisted
3876 opera.exe 74.125.140.156:443 Google Inc. US whitelisted
3876 opera.exe 2.19.43.118:443 Akamai International B.V. –– unknown
3876 opera.exe 54.70.219.46:80 Amazon.com, Inc. US unknown
3876 opera.exe 54.214.178.82:80 Amazon.com, Inc. US unknown
3876 opera.exe 157.240.20.19:443 Facebook, Inc. US whitelisted
3876 opera.exe 185.60.216.35:443 Facebook, Inc. IE whitelisted
3876 opera.exe 52.222.153.54:80 Amazon.com, Inc. US unknown
3876 opera.exe 34.194.239.240:443 Amazon.com, Inc. US unknown
3876 opera.exe 52.222.149.154:80 Amazon.com, Inc. US whitelisted
3876 opera.exe 52.222.149.191:80 Amazon.com, Inc. US whitelisted
3876 opera.exe 52.222.149.62:80 Amazon.com, Inc. US whitelisted
3876 opera.exe 52.222.149.159:80 Amazon.com, Inc. US whitelisted
3876 opera.exe 172.217.18.99:443 Google Inc. US whitelisted
3876 opera.exe 151.101.0.65:80 Fastly US unknown
3876 opera.exe 2.16.186.146:443 Akamai International B.V. –– whitelisted
–– –– 35.156.150.158:443 Amazon.com, Inc. DE unknown
–– –– 188.121.36.239:80 GoDaddy.com, LLC NL unknown
–– –– 188.121.36.237:80 GoDaddy.com, LLC NL suspicious
3876 opera.exe 34.248.218.219:443 Amazon.com, Inc. IE unknown
3876 opera.exe 34.248.218.219:80 Amazon.com, Inc. IE unknown
–– –– 34.248.218.219:80 Amazon.com, Inc. IE unknown
3876 opera.exe 185.33.223.210:80 AppNexus, Inc –– unknown
3876 opera.exe 2.18.234.132:443 Akamai International B.V. –– whitelisted
3876 opera.exe 52.5.43.50:443 Amazon.com, Inc. US unknown
3876 opera.exe 217.12.15.83:443 Yahoo! UK Services Limited GB shared
3876 opera.exe 104.244.42.195:443 Twitter Inc. US unknown
3876 opera.exe 213.19.162.90:443 The Rubicon Project, Inc. GB unknown
3876 opera.exe 216.58.210.2:443 Google Inc. US whitelisted
3876 opera.exe 173.241.240.143:443 OPENX TECHNOLOGIES, INC. US unknown
3876 opera.exe 104.16.159.106:443 Cloudflare Inc US unknown
–– –– 93.184.220.29:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
3876 opera.exe 89.187.169.79:80 CZ unknown
3876 opera.exe 89.187.169.79:443 CZ unknown
3876 opera.exe 188.121.36.239:80 GoDaddy.com, LLC NL unknown
3876 opera.exe 34.224.253.46:443 Amazon.com, Inc. US unknown
3876 opera.exe 172.217.18.99:80 Google Inc. US whitelisted
3876 opera.exe 104.16.15.194:443 Cloudflare Inc US shared
3876 opera.exe 104.17.67.176:80 Cloudflare Inc US shared
3876 opera.exe 104.17.129.171:443 Cloudflare Inc US shared
3876 opera.exe 151.139.128.14:80 Highwinds Network Group, Inc. US suspicious
3876 opera.exe 104.16.249.5:443 Cloudflare Inc US shared
3876 opera.exe 185.63.144.5:443 LinkedIn Corporation IE unknown
3876 opera.exe 54.200.150.117:80 Amazon.com, Inc. US unknown
3876 opera.exe 104.17.211.204:443 Cloudflare Inc US shared

DNS requests

Domain IP Reputation
agilitrix.com 104.197.149.35
unknown
certs.opera.com 185.26.182.94
185.26.182.93
whitelisted
crl4.digicert.com 93.184.220.29
whitelisted
sitecheck2.opera.com 185.26.182.93
185.26.182.94
185.26.182.111
185.26.182.112
whitelisted
www.googletagmanager.com 216.58.206.8
whitelisted
platform-api.sharethis.com 2.19.43.118
unknown
adpxl.co 54.244.183.249
unknown
cj369.infusionsoft.com 104.16.159.106
104.16.158.106
unknown
fonts.googleapis.com 216.58.210.10
whitelisted
crl.pki.goog 216.58.206.3
whitelisted
ocsp.pki.goog 216.58.205.227
whitelisted
app.clickfunnels.com 104.16.15.194
104.16.12.194
104.16.16.194
104.16.14.194
104.16.13.194
whitelisted
js.hs-scripts.com 104.17.211.204
104.17.214.204
104.17.213.204
104.17.212.204
104.17.210.204
whitelisted
www.google-analytics.com 172.217.16.174
whitelisted
stats.g.doubleclick.net 74.125.140.156
74.125.140.154
74.125.140.155
74.125.140.157
whitelisted
buttons-config.sharethis.com 2.19.43.118
unknown
crl3.digicert.com 93.184.220.29
whitelisted
fl.adpxl.co 54.214.178.82
unknown
adpxljs.adpxl.co 54.70.219.46
unknown
connect.facebook.net 157.240.20.19
whitelisted
ocsp.digicert.com 93.184.220.29
whitelisted
www.facebook.com 185.60.216.35
whitelisted
cdn.heapanalytics.com 52.222.153.54
whitelisted
heapanalytics.com 34.194.239.240
52.0.124.156
34.238.14.111
34.238.68.86
3.210.113.103
52.4.169.218
whitelisted
crl.rootg2.amazontrust.com 52.222.149.62
52.222.149.32
52.222.149.154
52.222.149.146
whitelisted
crl.rootca1.amazontrust.com 52.222.149.154
52.222.149.146
52.222.149.62
52.222.149.32
whitelisted
ocsp.sca1b.amazontrust.com 52.222.149.191
52.222.149.75
52.222.149.136
52.222.149.211
whitelisted
s.ss2.us 52.222.149.159
52.222.149.254
52.222.149.65
52.222.149.34
whitelisted
fonts.gstatic.com 172.217.18.99
whitelisted
tag.marinsm.com 151.101.0.65
151.101.64.65
151.101.128.65
151.101.192.65
unknown
c.sharethis.mgr.consensu.org 2.16.186.146
2.16.186.243
malicious
l.sharethis.com 35.156.150.158
18.185.167.198
whitelisted
ocsp.godaddy.com 188.121.36.239
whitelisted
crl.godaddy.com 188.121.36.237
whitelisted
pixel-geo.prfct.co 34.248.218.219
108.128.89.161
unknown
ib.adnxs.com 185.33.223.210
185.33.223.208
185.33.223.221
185.33.223.83
185.33.223.209
185.33.223.200
185.33.223.100
185.33.223.80
whitelisted
snap.licdn.com 2.18.234.132
whitelisted
cs.marinsm.com 52.5.43.50
35.172.241.28
52.54.144.1
unknown
cm.g.doubleclick.net 216.58.210.2
whitelisted
analytics.twitter.com 104.244.42.195
104.244.42.3
104.244.42.67
104.244.42.131
whitelisted
ads.yahoo.com 217.12.15.83
217.12.15.54
whitelisted
us-u.openx.net 173.241.240.143
whitelisted
pixel.rubiconproject.com 213.19.162.90
213.19.162.80
whitelisted
status.geotrust.com 93.184.220.29
whitelisted
load.sumo.com 89.187.169.79
whitelisted
pixel.prfct.co 34.224.253.46
34.235.196.122
34.224.236.3
unknown
js.hscollectedforms.net 104.17.129.171
104.17.131.171
104.17.128.171
104.17.127.171
104.17.130.171
unknown
js.hs-analytics.net 104.17.67.176
104.17.68.176
104.17.69.176
104.17.70.176
104.17.71.176
whitelisted
crl.comodoca.com 151.139.128.14
whitelisted
crl.usertrust.com 151.139.128.14
whitelisted
ocsp.comodoca4.com 151.139.128.14
whitelisted
forms.hubspot.com 104.16.249.5
104.16.250.5
104.16.251.5
104.16.253.5
104.16.252.5
whitelisted
px.ads.linkedin.com 185.63.144.5
whitelisted
sumo.com 54.200.150.117
54.148.199.253
whitelisted
track.hubspot.com 104.16.249.5
104.16.253.5
104.16.251.5
104.16.252.5
104.16.250.5
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.