Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 18:18:43 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 18:18:43 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 18:18:43 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 18:18:43 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 18:18:43 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 127
|
ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 128
|
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 129
|
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
Chrome Cache Entry: 130
|
ASCII text, with very long lines (32030)
|
downloaded
|
||
Chrome Cache Entry: 131
|
PNG image data, 960 x 1080, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 132
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 133
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 134
|
Web Open Font Format, CFF, length 1380, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 135
|
ASCII text, with very long lines (65307)
|
downloaded
|
||
Chrome Cache Entry: 136
|
Unicode text, UTF-8 text
|
downloaded
|
||
Chrome Cache Entry: 137
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 138
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 139
|
ASCII text, with very long lines (1900)
|
downloaded
|
||
Chrome Cache Entry: 140
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 141
|
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 142
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
Chrome Cache Entry: 143
|
HTML document, ASCII text, with very long lines (841)
|
downloaded
|
||
Chrome Cache Entry: 144
|
ASCII text, with very long lines (2343)
|
downloaded
|
||
Chrome Cache Entry: 145
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 146
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 147
|
assembler source, ASCII text, with very long lines (47558)
|
downloaded
|
||
Chrome Cache Entry: 148
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 149
|
Web Open Font Format (Version 2), TrueType, length 140996, version 331.-31392
|
downloaded
|
||
Chrome Cache Entry: 150
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 151
|
PNG image data, 275 x 74, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 152
|
Web Open Font Format (Version 2), TrueType, length 8668, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 153
|
PNG image data, 960 x 1080, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 154
|
ASCII text, with very long lines (7711)
|
downloaded
|
||
Chrome Cache Entry: 155
|
ASCII text, with very long lines (460)
|
downloaded
|
||
Chrome Cache Entry: 156
|
ASCII text, with very long lines (1572)
|
downloaded
|
||
Chrome Cache Entry: 157
|
GIF image data, version 89a, 32 x 32
|
downloaded
|
||
Chrome Cache Entry: 158
|
ASCII text, with very long lines (42862), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 159
|
Unicode text, UTF-8 text, with very long lines (25709), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 160
|
PNG image data, 275 x 74, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 161
|
ASCII text, with very long lines (32033)
|
downloaded
|
||
Chrome Cache Entry: 162
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 163
|
ASCII text, with very long lines (309), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 164
|
PNG image data, 960 x 1080, 8-bit colormap, non-interlaced
|
downloaded
|
||
Chrome Cache Entry: 165
|
ASCII text, with very long lines (6844)
|
downloaded
|
||
Chrome Cache Entry: 166
|
ASCII text, with very long lines (65393)
|
downloaded
|
||
Chrome Cache Entry: 167
|
ASCII text, with very long lines (10187), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 168
|
PNG image data, 960 x 1080, 8-bit colormap, non-interlaced
|
dropped
|
||
Chrome Cache Entry: 169
|
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
There are 40 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://af.uppromote.com/
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1956,i,5459667013927682966,7205913079346083900,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://af.uppromote.com
|
|||
https://d1639lhkj5l89m.cloudfront.net/css/patterns/3.png
|
unknown
|
||
https://af.uppromote.com/css/bootstrap.min.css
|
206.189.254.86
|
||
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/fonts/slick.woff
|
151.101.193.229
|
||
https://d1639lhkj5l89m.cloudfront.net/js/merchant/auth/login_register.min.js
|
108.139.16.113
|
||
https://stats.g.doubleclick.net/g/collect
|
unknown
|
||
https://ekr.zdassets.com/compose/web_widget/secomapp.zendesk.com
|
104.18.72.113
|
||
https://af.uppromote.com/css/animate.css
|
206.189.254.86
|
||
https://d1639lhkj5l89m.cloudfront.net/css/merchant/auth/auth.min.css
|
108.139.16.113
|
||
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-53113273-27&cid=130039912.1713467925&jid=1329057363&_u=YEBAAUAAAAAAACAAI~&z=152713507
|
64.233.176.103
|
||
https://secomapp.zendesk.com/embeddable/config
|
104.16.51.111
|
||
https://d1639lhkj5l89m.cloudfront.net/img/merchant/auth/right_side_bg.png
|
108.139.16.113
|
||
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
|
104.18.70.113
|
||
https://www.google.com/sorry/index?continue=https://www.google.com/complete/search%3Fclient%3Dchrome-omni%26gs_ri%3Dchrome-ext-ansg%26xssi%3Dt%26q%3D%26oit%3D0%26gs_rn%3D42%26sugkey%3DAIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw&q=EgRRtTk0GKPkhbEGIjDXNNgTxoHfWVKTTBihP5c2kHUHsukbzZky06WzqUC1whYr2AOgh-8SrTqeGy3xSDYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
108.177.122.106
|
||
https://d1639lhkj5l89m.cloudfront.net/css/patterns/4.png
|
unknown
|
||
https://d1639lhkj5l89m.cloudfront.net/img/merchant/auth/logo_with_text.png
|
108.139.16.113
|
||
https://ampcid.google.com/v1/publisher:getClientId
|
unknown
|
||
about:blank
|
|||
https://analytics.google.com/g/collect?v=2&tid=G-VWZPYDCSKQ>m=45je44f0v894741970za200&_p=1713467923933&gcd=13l3l3l3l1&npa=0&dma=0&cid=130039912.1713467925&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=AEAI&_s=2&sid=1713467924&sct=1&seg=0&dl=https%3A%2F%2Faf.uppromote.com%2F&dt=AFFILIATE%20%7C%20Login&en=scroll&epn.percent_scrolled=90&_et=12&tfd=8717
|
216.239.36.181
|
||
https://af.uppromote.com/favicon.ico
|
206.189.254.86
|
||
https://fontawesome.com
|
unknown
|
||
https://www.google.com
|
unknown
|
||
https://www.youtube.com/iframe_api
|
unknown
|
||
http://daneden.me/animate
|
unknown
|
||
https://fontawesome.com/license
|
unknown
|
||
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-53113273-27&cid=130039912.1713467925&jid=1329057363&gjid=2076597767&_gid=1443929882.1713467925&_u=YEBAAUAAAAAAACAAI~&z=1669976494
|
172.253.124.154
|
||
https://cdn.jsdelivr.net/npm/slick-carousel
|
unknown
|
||
http://getbootstrap.com)
|
unknown
|
||
https://d1639lhkj5l89m.cloudfront.net/js/bootstrap.min.js
|
108.139.16.113
|
||
https://stats.g.doubleclick.net/j/collect
|
unknown
|
||
https://pro.fontawesome.com/releases/v5.15.1/css/all.css
|
unknown
|
||
https://af.uppromote.com/
|
|||
https://github.com/nickpettit/glide
|
unknown
|
||
https://d1639lhkj5l89m.cloudfront.net/css/patterns/header-profile-skin-1.png
|
unknown
|
||
https://static.zdassets.com/ekr/asset_composer.js
|
104.18.70.113
|
||
https://d1639lhkj5l89m.cloudfront.net/affbootstrap/css/aff-style.css
|
108.139.16.113
|
||
http://af.secomapp.com/
|
unknown
|
||
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
|
151.101.193.229
|
||
https://tagassistant.google.com/
|
unknown
|
||
https://github.com/onokumus/metisMenu
|
unknown
|
||
https://ekr.zendesk.com/compose_product/web_widget/7bc1c0f290501106fa41dc515076261e2325fb83?features
|
unknown
|
||
https://adservice.google.com/pagead/regclk
|
unknown
|
||
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js
|
104.18.70.113
|
||
https://af.uppromote.com/login
|
unknown
|
||
https://d1639lhkj5l89m.cloudfront.net/css/patterns/header-profile-skin-3.png
|
unknown
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
108.177.122.106
|
||
https://d1639lhkj5l89m.cloudfront.net/js/jquery-3.1.1.min.js
|
108.139.16.113
|
||
https://cct.google/taggy/agent.js
|
unknown
|
||
https://developer.zendesk.com/documentation/classic-web-widget-sdks/web-widget/getting-started/legal
|
unknown
|
||
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VWZPYDCSKQ&cid=130039912.1713467925>m=45je44f0v894741970za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
|
172.253.124.154
|
||
https://af.uppromote.com/css/style.css
|
206.189.254.86
|
||
https://www.google.com/ads/ga-audiences
|
unknown
|
||
https://www.google.%/ads/ga-audiences
|
unknown
|
||
https://d1639lhkj5l89m.cloudfront.net/js/plugins/slick/1.8.1/slick.min.js
|
108.139.16.113
|
||
https://td.doubleclick.net
|
unknown
|
||
https://d1639lhkj5l89m.cloudfront.net/img/merchant/auth/login_left_side.png
|
108.139.16.113
|
||
http://af.uppromote.com/
|
206.189.254.86
|
||
https://www.merchant-center-analytics.goog
|
unknown
|
||
https://d1639lhkj5l89m.cloudfront.net/css/patterns/header-profile.png
|
unknown
|
||
https://td.doubleclick.net/td/ga/rul?tid=G-VWZPYDCSKQ&gacid=130039912.1713467925>m=45je44f0v894741970za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&z=364272637
|
|||
https://stats.g.doubleclick.net/g/collect?v=2&
|
unknown
|
||
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ajax-loader.gif
|
151.101.193.229
|
||
https://analytics.google.com/g/collect?v=2&tid=G-VWZPYDCSKQ>m=45je44f0v894741970za200&_p=1713467923933&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=130039912.1713467925&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=AAAI&_s=1&sid=1713467924&sct=1&seg=0&dl=https%3A%2F%2Faf.uppromote.com%2F&dt=AFFILIATE%20%7C%20Login&en=page_view&_fv=1&_ss=1&tfd=3693
|
216.239.36.181
|
||
https://assets.zendesk.com/embeddable_framework/main.js
|
104.18.70.113
|
||
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
|
151.101.193.229
|
There are 54 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
jsdelivr.map.fastly.net
|
151.101.193.229
|
||
static.zdassets.com
|
104.18.70.113
|
||
analytics-alv.google.com
|
216.239.36.181
|
||
d1639lhkj5l89m.cloudfront.net
|
108.139.16.113
|
||
cf.zdassets.com
|
104.18.70.113
|
||
secomapp.zendesk.com
|
104.16.51.111
|
||
ekr.zdassets.com
|
104.18.72.113
|
||
td.doubleclick.net
|
142.250.105.157
|
||
www.google.com
|
64.233.176.103
|
||
af.uppromote.com
|
206.189.254.86
|
||
stats.g.doubleclick.net
|
172.253.124.154
|
||
assets.zendesk.com
|
unknown
|
||
cdn.jsdelivr.net
|
unknown
|
||
analytics.google.com
|
unknown
|
||
pro.fontawesome.com
|
unknown
|
There are 5 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
108.139.16.113
|
d1639lhkj5l89m.cloudfront.net
|
United States
|
||
151.101.193.229
|
jsdelivr.map.fastly.net
|
United States
|
||
142.250.105.157
|
td.doubleclick.net
|
United States
|
||
192.168.2.16
|
unknown
|
unknown
|
||
104.16.51.111
|
secomapp.zendesk.com
|
United States
|
||
104.18.72.113
|
ekr.zdassets.com
|
United States
|
||
74.125.138.105
|
unknown
|
United States
|
||
172.253.124.154
|
stats.g.doubleclick.net
|
United States
|
||
216.239.36.181
|
analytics-alv.google.com
|
United States
|
||
104.16.53.111
|
unknown
|
United States
|
||
108.138.82.25
|
unknown
|
United States
|
||
142.251.15.156
|
unknown
|
United States
|
||
108.177.122.106
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
104.18.70.113
|
static.zdassets.com
|
United States
|
||
64.233.176.103
|
www.google.com
|
United States
|
||
206.189.254.86
|
af.uppromote.com
|
United States
|
There are 7 hidden IPs, click here to show them.
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://af.uppromote.com/
|
||
https://af.uppromote.com/
|
||
https://af.uppromote.com/
|
||
https://af.uppromote.com/
|
||
https://af.uppromote.com/
|
||
https://td.doubleclick.net/td/ga/rul?tid=G-VWZPYDCSKQ&gacid=130039912.1713467925>m=45je44f0v894741970za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&z=364272637
|
||
about:blank
|
||
about:blank
|
||
about:blank
|