Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
securedoc_20240425T124814.html
|
HTML document, Unicode text, UTF-8 text, with very long lines (474), with CRLF, LF line terminators
|
initial sample
|
||
|
Chrome Cache Entry: 146
|
assembler source, ASCII text, with very long lines (532)
|
downloaded
|
||
|
Chrome Cache Entry: 147
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 148
|
GIF image data, version 89a, 1280 x 808
|
dropped
|
||
|
Chrome Cache Entry: 149
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 280x320, Scaling: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 150
|
Unicode text, UTF-8 text, with very long lines (9458), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 151
|
Unicode text, UTF-8 text, with very long lines (24487), with CRLF, LF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 152
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 153
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 280x320, components
3
|
dropped
|
||
|
Chrome Cache Entry: 154
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 280x320, Scaling: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 155
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 156
|
ASCII text, with very long lines (2124), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 157
|
ASCII text, with very long lines (1635)
|
downloaded
|
||
|
Chrome Cache Entry: 158
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 159
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 280x320, Scaling: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 160
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 161
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
|
Chrome Cache Entry: 162
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 280x320, Scaling: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 163
|
ASCII text, with very long lines (1268), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 164
|
ASCII text, with very long lines (1305)
|
downloaded
|
||
|
Chrome Cache Entry: 165
|
Unicode text, UTF-8 (with BOM) text, with very long lines (31363), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
Web Open Font Format (Version 2), TrueType, length 19716, version 0.0
|
downloaded
|
||
|
Chrome Cache Entry: 167
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 168
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 169
|
Web Open Font Format (Version 2), TrueType, length 34440, version 0.0
|
downloaded
|
||
|
Chrome Cache Entry: 170
|
TrueType Font data, 16 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)Inter
LightRegular3.019;
|
downloaded
|
||
|
Chrome Cache Entry: 171
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 172
|
HTML document, ASCII text, with very long lines (427)
|
dropped
|
||
|
Chrome Cache Entry: 173
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 280x320, components
3
|
dropped
|
||
|
Chrome Cache Entry: 174
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 175
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 176
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 177
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=sandra cifo. www.cifography.com.
2016], baseline, precision 8, 1440x960, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 178
|
Unicode text, UTF-8 text, with very long lines (24463)
|
downloaded
|
||
|
Chrome Cache Entry: 179
|
Unicode text, UTF-8 (with BOM) text, with very long lines (8403), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 180
|
HTML document, ASCII text, with very long lines (427)
|
downloaded
|
||
|
Chrome Cache Entry: 181
|
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 182
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 280x320, Scaling: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 183
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 184
|
ASCII text, with very long lines (11620)
|
downloaded
|
||
|
Chrome Cache Entry: 185
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 280x320, components
3
|
dropped
|
||
|
Chrome Cache Entry: 186
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 516x634, Scaling: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 187
|
ASCII text, with very long lines (687), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 188
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 189
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 190
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 280x320, components
3
|
dropped
|
||
|
Chrome Cache Entry: 191
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 192
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 193
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 516x634, components
3
|
dropped
|
||
|
Chrome Cache Entry: 194
|
TrueType Font data, 16 tables, 1st "GDEF", 11 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)InterRegular3.019;RSMS;I
|
downloaded
|
||
|
Chrome Cache Entry: 195
|
HTML document, Unicode text, UTF-8 text, with very long lines (60072), with CRLF, LF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 196
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 197
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 280x320, components
3
|
dropped
|
||
|
Chrome Cache Entry: 198
|
GIF image data, version 89a, 1280 x 808
|
downloaded
|
||
|
Chrome Cache Entry: 199
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 200
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=sandra cifo. www.cifography.com.
2016], baseline, precision 8, 1920x1280, components 3
|
dropped
|
||
|
Chrome Cache Entry: 201
|
Unicode text, UTF-8 text, with very long lines (64131)
|
downloaded
|
||
|
Chrome Cache Entry: 202
|
Non-ISO extended-ASCII text, with very long lines (62660), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 203
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=sandra cifo. www.cifography.com.
2016], baseline, precision 8, 1920x1280, components 3
|
downloaded
|
||
|
Chrome Cache Entry: 204
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 205
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 206
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 280x320, components
3
|
dropped
|
||
|
Chrome Cache Entry: 207
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 280x320, Scaling: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 208
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=sandra cifo. www.cifography.com.
2016], baseline, precision 8, 1440x960, components 3
|
dropped
|
||
|
Chrome Cache Entry: 209
|
ASCII text, with very long lines (629)
|
downloaded
|
||
|
Chrome Cache Entry: 210
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 211
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 212
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 213
|
Unicode text, UTF-8 (with BOM) text, with very long lines (2881), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 214
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 280x320, Scaling: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 215
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 216
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 217
|
ASCII text, with very long lines (3066)
|
downloaded
|
||
|
Chrome Cache Entry: 218
|
Web Open Font Format (Version 2), TrueType, length 19192, version 0.0
|
downloaded
|
||
|
Chrome Cache Entry: 219
|
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 220
|
Web Open Font Format (Version 2), TrueType, length 19316, version 0.0
|
downloaded
|
||
|
Chrome Cache Entry: 221
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 280x320, components
3
|
downloaded
|
||
|
Chrome Cache Entry: 222
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 223
|
Web Open Font Format (Version 2), TrueType, length 19368, version 0.0
|
downloaded
|
||
|
Chrome Cache Entry: 224
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 225
|
Unicode text, UTF-8 text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 226
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 280x320, components
3
|
dropped
|
||
|
Chrome Cache Entry: 227
|
HTML document, ASCII text, with very long lines (3638), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 228
|
ASCII text, with very long lines (14965)
|
downloaded
|
||
|
Chrome Cache Entry: 229
|
ASCII text, with very long lines (2343)
|
downloaded
|
||
|
Chrome Cache Entry: 230
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 231
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 280x320, components
3
|
dropped
|
||
|
Chrome Cache Entry: 232
|
ASCII text, with very long lines (322), with CRLF, LF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 233
|
TrueType Font data, 16 tables, 1st "GDEF", 12 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)InterBold3.019;RSMS;Inte
|
downloaded
|
||
|
Chrome Cache Entry: 234
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 235
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
|
Chrome Cache Entry: 236
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 237
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 238
|
ASCII text, with very long lines (4861), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 239
|
Unicode text, UTF-8 (with BOM) text, with very long lines (8675), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 240
|
TrueType Font data, 16 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)Inter
SemiBoldRegular3.0
|
downloaded
|
||
|
Chrome Cache Entry: 241
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 242
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
|
Chrome Cache Entry: 243
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 244
|
ASCII text, with very long lines (12573)
|
downloaded
|
||
|
Chrome Cache Entry: 245
|
C source, ASCII text, with very long lines (65010)
|
downloaded
|
||
|
Chrome Cache Entry: 246
|
ASCII text, with very long lines (65451)
|
downloaded
|
||
|
Chrome Cache Entry: 247
|
SVG Scalable Vector Graphics image
|
dropped
|
There are 93 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\securedoc_20240425T124814.html"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2556 --field-trial-handle=2376,i,16924140576359534068,14692567970058789830,262144
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070132237&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&S=7581&N=44&P=20&z=1
|
35.193.17.96
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070072101&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&S=6843&N=26&P=8&z=1
|
34.72.187.34
|
||
|
https://www.progressive.com/privacy/privacy-data-request/
|
unknown
|
||
|
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt2b7f8246e7bd5fc2/5f3d431829a49b740ae
|
unknown
|
||
|
https://s2.go-mpulse.net/boomerang/
|
unknown
|
||
|
https://f.monetate.net/trk/4/s/a-513ece62/p/progressive.com/571127234-1?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&cv=(NeustarSegment:N107N)&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%23main%27&fl=!f&hvc=!t&ce=(NeustarSegment:N107N)&eoq=!t
|
54.161.222.185
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070036908&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=1&Y=1&X=0b5793b718a04da84dbd12f3311380ac&z=1
|
34.72.187.34
|
||
|
https://www.progressivecommercial.com/business-insurance/
|
unknown
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F&t=1714070020471&v=1714070032938&H=06a22a6688ef8d2452788234&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=1141&N=2&z=1
|
34.72.187.34
|
||
|
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt1c1520d92bc0a3d6/5f3d43185f7d2953ae8
|
unknown
|
||
|
https://progressive.taleo.net/careersection/2/jobsearch.ftl?lang=en
|
unknown
|
||
|
https://www.progressive.com/rp/login
|
unknown
|
||
|
https://www.progressive.com/rv-trailer/
|
unknown
|
||
|
https://sb.monetate.net
|
unknown
|
||
|
https://www.progressive.com/home-retrieve/
|
unknown
|
||
|
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt0cc11688e34c1a5b/5f3d4361d5b383280ff
|
unknown
|
||
|
https://ampcid.google.com/v1/publisher:getClientId
|
unknown
|
||
|
https://www.progressive.com/commercials-campaigns/
|
unknown
|
||
|
https://github.com/select2/select2/blob/master/LICENSE.md
|
unknown
|
||
|
about:blank
|
|||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070107768&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=1119&N=14&z=1
|
35.193.17.96
|
||
|
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt3dd3824f5a041117/5f3d4361abab4a23d93
|
unknown
|
||
|
https://www.progressive.com/auto/
|
unknown
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23main&t=1714070032129&v=1714070038455&H=12a22a669b4c60bb12f5ca9f&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=907&N=1&z=1
|
34.72.187.34
|
||
|
https://res.cisco.com/envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?button=google&lp=en&try=1
|
184.94.241.74
|
||
|
https://res.cisco.com/websafe/register?uuid=d2c43edd0000018f1688178c0a089e8a74a6046c
|
unknown
|
||
|
https://github.com/rsms/inter)InterRegular3.019;RSMS;Inter-RegularInter
|
unknown
|
||
|
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt8caf026a1ebb383e/5f3d42fa1020421e0b0
|
unknown
|
||
|
https://github.com/scottjehl/picturefill/blob/master/Authors.txt;
|
unknown
|
||
|
https://res.cisco.com/envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?lp=en
|
184.94.241.74
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070057716&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=872&N=4&z=1
|
34.72.187.34
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070062699&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=897&N=5&z=1
|
34.72.187.34
|
||
|
https://progressive.mediaroom.com
|
unknown
|
||
|
https://col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-GWR&msg=M6%20%7C%20setMaxBeaconLength
|
34.223.159.30
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070132851&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=1243&N=19&z=1
|
35.193.17.96
|
||
|
http://farukat.es/
|
unknown
|
||
|
https://res.cisco.com/envelopeopener/pf/ZGJAVG9rZW4yMTQ2NjozNDY1Mw!!/0N6hUsKKauBjMzwVWRL3lACaQ04JhqeB2y5vxmSrA.Tp60gJp9EubxQvpoMtpqQ2vpRTZKsf7-8ccLen9fmwXtpcB7COr5GUIg!!/?button=google&lp=en
|
184.94.241.74
|
||
|
https://res.cisco.com:443
|
unknown
|
||
|
https://res.cisco.com:443/keyserver/keyserver
|
unknown
|
||
|
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=9&utmn=1631985514&utmhn=www.progressive.com&utmt=event&utme=5(progCom*pageload*LoadTime_5-10secs)(6634)8(5!Site%20Server%20Session%20ID*39!encryptionType*41!EPM%20State%20Code*Ad%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af*39!TLSv1.2*41!GA*true)11(5!2*41!2*2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070021000&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~
|
172.217.215.156
|
||
|
https://stats.g.doubleclick.net/j/collect
|
unknown
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070047684&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=822&N=2&z=1
|
34.72.187.34
|
||
|
https://www.progressive.com/condo-insurance/
|
unknown
|
||
|
https://www.progressive.com/js/front-end.bundle
|
unknown
|
||
|
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltc3255c11171df456/5f3d4356752d292b6ca
|
unknown
|
||
|
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=15&utmn=1719981507&utmhn=www.progressive.com&utme=8(5!Site%20Server%20Session%20ID*39!EncryptionType*41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af*39!TLSv1.2*41!GA)11(5!2*41!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070031631&utmac=UA-2108837-10&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=q3AgAABAAAGBAAAAAgAAgAAE~
|
172.217.215.156
|
||
|
https://res.cisco.com:443/keyserver/Logout
|
unknown
|
||
|
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt46e46a805f3e77c0/5ee7d3551c3f04391d8
|
unknown
|
||
|
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/bltaca27936e7b9a689/5f3d42fa5c201f2fe7f
|
unknown
|
||
|
https://static.cres-aws.com/fonts/Inter/Inter-Light.ttf
|
3.163.115.70
|
||
|
https://f.monetate.net/trk/4/i/a-513ece62/p/progressive.com/52627582-4?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%23TabOne%27&e=!(xi)&ii=!(%274,2,101349,,,,1714070036.351542,0,1714070035%27)&eoq=!t
|
54.161.222.185
|
||
|
https://www.progressive.com/privacy/do-not-sell-my-information/
|
unknown
|
||
|
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt36299059f8b05f90/5f3d43565c201f2fe7f
|
unknown
|
||
|
https://www.progressive.com/pwc/
|
unknown
|
||
|
https://www.progressive.com/segway/
|
unknown
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070142255&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&S=7704&N=47&P=22&z=1
|
34.136.205.139
|
||
|
https://www.progressive.com/web-site-accessibility/
|
unknown
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F&t=1714070020471&v=1714070027006&H=06a22a6688ef8d2452788234&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=719&N=1&z=1
|
34.72.187.34
|
||
|
https://schema.org
|
unknown
|
||
|
https://www.progressivecommercial.com/business-insurance/business-owners-policy/
|
unknown
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070092128&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&S=7089&N=32&P=12&z=1
|
35.193.17.96
|
||
|
https://www.progressive.com/help/
|
unknown
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070102824&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=1094&N=13&z=1
|
35.193.17.96
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070137848&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=1268&N=20&z=1
|
35.193.17.96
|
||
|
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt56bc38d4465b173e/5f3d4330cc17142ec0f
|
unknown
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070042055&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&S=3342&N=16&P=2&z=1
|
34.72.187.34
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070087728&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=1022&N=10&z=1
|
35.193.17.96
|
||
|
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt592d9dc8c255e287/5ec4254087617619e2b
|
unknown
|
||
|
https://stats.g.doubleclick.net/j/collect?
|
unknown
|
||
|
https://static.cres-aws.com/fonts/Inter/Inter-SemiBold.ttf
|
3.163.115.70
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23TabOne&t=1714070036281&v=1714070037544&H=16a22a66920909cd071b4e7c&s=9eff55bd140a02fc7e2219f8ffbb3eaf&U=79499c7f732cbc20757850ca5609456c&Q=2&S=0&N=0&z=1
|
34.72.187.34
|
||
|
https://www.youtube.com/user/progressive
|
unknown
|
||
|
https://www.progressive.com/js/cdn/misc/picturefill-3.0.2.min.js
|
unknown
|
||
|
https://rl.progressive.com/progressive/hash-check
|
34.66.3.160
|
||
|
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=22&utmn=1270331961&utmhn=www.progressive.com&utmt=event&utme=5(progCom*TruAudienceClient*)8(5!Site%20Server%20Session%20ID*39!encryptionType*41!EPM%20State%20Code*Ad%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af*39!TLSv1.2*41!GA*true)11(5!2*41!2*2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070032021&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~
|
172.217.215.156
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23main&t=1714070032129&v=1714070032741&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=1&Y=1&X=95829216c2c148a20edac8b3f4f05184&z=1
|
34.72.187.34
|
||
|
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=14&utmn=1674075635&utmhn=www.progressive.com&utmt=event&utme=5(progCom*SysEvent*Perf-CLS)(0)8(5!Site%20Server%20Session%20ID*39!encryptionType*41!EPM%20State%20Code*Ad%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af*39!TLSv1.2*41!GA*true)11(5!2*41!2*2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070030127&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~
|
172.217.215.156
|
||
|
http://stats.g.doubleclick.net
|
unknown
|
||
|
https://f.monetate.net/trk/4/i/a-513ece62/p/progressive.com/571127234-4?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%23main%27&e=!(xi)&ii=!(%274,2,101349,,,,1714070032.40802,0,1714070032%27)&eoq=!t
|
54.161.222.185
|
||
|
http://b.monetate.net
|
unknown
|
||
|
https://www.progressive.com/event-insurance/
|
unknown
|
||
|
https://www.progressive.com/rp/agent/
|
unknown
|
||
|
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1945464958&utmhn=www.progressive.com&utme=8(5!Site%20Server%20Session%20ID*39!EncryptionType*41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af*39!TLSv1.2*41!GA)11(5!2*41!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070019679&utmac=UA-2108837-10&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=546654230&utmredir=3&utmu=q3AgAABAAAGBAAAAAgAAgAAE~
|
172.217.215.156
|
||
|
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=7&utmn=280369877&utmhn=www.progressive.com&utmt=event&utme=5(progCom*TruSegmentClient*N107N)8(5!Site%20Server%20Session%20ID*39!encryptionType*41!EPM%20State%20Code*Ad%20Block)9(5!01350ee8f84f43e6ab5e841826ff87af*39!TLSv1.2*41!GA*true)11(5!2*41!2*2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1814519875&utmr=-&utmp=%2F&utmht=1714070019762&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~
|
172.217.215.156
|
||
|
https://sizzlejs.com/
|
unknown
|
||
|
https://www.progressive.com/home-warranty/
|
unknown
|
||
|
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=18&utmn=723330037&utmhn=www.progressive.com&utmt=event&utme=5(progCom*NsClient*N107N)(0)8(5!Site%20Server%20Session%20ID*39!encryptionType*41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af*39!TLSv1.2*41!GA)11(5!2*41!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070031750&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~
|
172.217.215.156
|
||
|
https://f.monetate.net/trk/4/s/a-513ece62/p/progressive.com/1263604929-0?mr=t1579717194&mi=%275.1637886292.1714070014426%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&cv=(NeustarSegment:N107N)&r=%27%27&sw=1280&sh=1024&sc=24&j=!f&tg=!(!(50925,%2701350ee8f84f43e6ab5e841826ff87af%27))&u=%27https://www.progressive.com/%27&fl=!f&hvc=!t&ce=(NeustarSegment:N107N)&eoq=!t
|
54.161.222.185
|
||
|
https://qm2.progressive.com/progressive?T=B&u=https%3A%2F%2Fwww.progressive.com%2F%23main&t=1714070032129&v=1714070070834&H=12a22a669b4c60bb12f5ca9f&s=9eff55bd140a02fc7e2219f8ffbb3eaf&Q=2&S=940&N=2&z=1
|
34.72.187.34
|
||
|
https://www.progressive.com/insurance/bundling/
|
unknown
|
||
|
https://www.progressive.com/electronic-device-insurance/
|
unknown
|
||
|
https://www.progressive.com/life-insurance/term-insurance/
|
unknown
|
||
|
https://res.cisco.com/websafe/images/pullFeature/arrowDown.svg
|
184.94.241.74
|
||
|
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blta4c800d8078b6fdb/5f3d43301020421e0b0
|
unknown
|
||
|
https://www.progressive.com/claims/
|
unknown
|
||
|
https://f.monetate.net/trk/4/i/a-513ece62/p/progressive.com/1263604929-4?mr=t1579717194&mi=%275.1637886292.1714070014426%27&u=%27https://www.progressive.com/%27&e=!(xi)&ii=!(%274,2,124999,,,,1714070020.326174,1,1714070019%27)&eoq=!t
|
54.161.222.185
|
||
|
https://www.progressive.com/mechanical-breakdown-insurance/
|
unknown
|
||
|
https://images.contentstack.io/v3/assets/blt62d40591b3650da3/blt23c87331cb02664b/6613eb9e0c47843006a
|
unknown
|
||
|
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=17&utmn=888450926&utmhn=www.progressive.com&utmt=event&utme=5(progCom*NsCookie*N107N)8(5!Site%20Server%20Session%20ID*39!encryptionType*41!EPM%20State%20Code)9(5!01350ee8f84f43e6ab5e841826ff87af*39!TLSv1.2*41!GA)11(5!2*41!2)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1263x907&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An%20Insurance%20Company%20You%20Can%20Rely%20On%20%7C%20Progressive&utmhid=1962391686&utmr=-&utmp=%2F&utmht=1714070031732&utmac=UA-2108837-10&utmni=1&utmgtm=45He44o0n51LFD5v6116846za200&utmcc=__utma%3D1.1237932308.1714070020.1714070020.1714070020.1%3B%2B__utmz%3D1.1714070020.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=63AgAABAAAGBAAAAAgAAgAAE~
|
172.217.215.156
|
||
|
https://www.progressive.com/snapshot/tdx
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
res.cisco.com
|
184.94.241.74
|
||
|
dart.l.doubleclick.net
|
172.253.124.149
|
||
|
bid.g.doubleclick.net
|
172.253.124.157
|
||
|
f.monetate-prod.zone
|
54.161.222.185
|
||
|
col.eum-appdynamics.com
|
34.223.159.30
|
||
|
d20qwf0wrdtevy.cloudfront.net
|
3.161.188.119
|
||
|
d2ctznuk6ro1vp.cloudfront.net
|
3.163.101.41
|
||
|
adservice.google.com
|
64.233.176.155
|
||
|
ActivationEdge-fabrick-1457061833.us-east-1.elb.amazonaws.com
|
34.192.53.208
|
||
|
d2qj7djftjbj85.cloudfront.net
|
3.163.115.70
|
||
|
stats.g.doubleclick.net
|
172.217.215.156
|
||
|
progressive.com
|
170.218.40.32
|
||
|
rl.quantummetric.com
|
34.66.3.160
|
||
|
cdn.appdynamics.com
|
13.32.208.17
|
||
|
ingest.quantummetric.com
|
34.72.187.34
|
||
|
googleads.g.doubleclick.net
|
64.233.176.154
|
||
|
cdnjs.cloudflare.com
|
104.17.24.14
|
||
|
www.google.com
|
108.177.122.99
|
||
|
rtds.progressive.com
|
170.218.247.28
|
||
|
api.progressive.com
|
170.218.213.137
|
||
|
d3faemdt1krtip.cloudfront.net
|
3.161.136.87
|
||
|
s.go-mpulse.net
|
unknown
|
||
|
e.monetate.net
|
unknown
|
||
|
d.agkn.com
|
unknown
|
||
|
engine.monetate.net
|
unknown
|
||
|
f.monetate.net
|
unknown
|
||
|
se.monetate.net
|
unknown
|
||
|
pt.ispot.tv
|
unknown
|
||
|
static.cres-aws.com
|
unknown
|
||
|
aa.agkn.com
|
unknown
|
||
|
sb.monetate.net
|
unknown
|
||
|
qm2.progressive.com
|
unknown
|
||
|
images.contentstack.io
|
unknown
|
||
|
www.progressive.com
|
unknown
|
||
|
1384245.fls.doubleclick.net
|
unknown
|
||
|
fid.agkn.com
|
unknown
|
||
|
rl.progressive.com
|
unknown
|
||
|
gateway.answerscloud.com
|
unknown
|
||
|
c.go-mpulse.net
|
unknown
|
There are 29 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
170.218.40.32
|
progressive.com
|
United States
|
||
|
3.161.136.87
|
d3faemdt1krtip.cloudfront.net
|
United States
|
||
|
34.223.159.30
|
col.eum-appdynamics.com
|
United States
|
||
|
3.86.126.62
|
unknown
|
United States
|
||
|
54.161.222.185
|
f.monetate-prod.zone
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
172.253.124.149
|
dart.l.doubleclick.net
|
United States
|
||
|
34.70.212.173
|
unknown
|
United States
|
||
|
34.66.3.160
|
rl.quantummetric.com
|
United States
|
||
|
34.136.205.139
|
unknown
|
United States
|
||
|
34.72.187.34
|
ingest.quantummetric.com
|
United States
|
||
|
170.218.247.28
|
rtds.progressive.com
|
United States
|
||
|
64.233.177.99
|
unknown
|
United States
|
||
|
3.163.115.70
|
d2qj7djftjbj85.cloudfront.net
|
United States
|
||
|
13.32.208.17
|
cdn.appdynamics.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
34.192.53.208
|
ActivationEdge-fabrick-1457061833.us-east-1.elb.amazonaws.com
|
United States
|
||
|
3.161.188.119
|
d20qwf0wrdtevy.cloudfront.net
|
United States
|
||
|
64.233.185.104
|
unknown
|
United States
|
||
|
108.177.122.99
|
www.google.com
|
United States
|
||
|
170.218.213.137
|
api.progressive.com
|
United States
|
||
|
44.209.59.9
|
unknown
|
United States
|
||
|
35.80.208.41
|
unknown
|
United States
|
||
|
64.233.176.154
|
googleads.g.doubleclick.net
|
United States
|
||
|
64.233.176.155
|
adservice.google.com
|
United States
|
||
|
3.163.101.41
|
d2ctznuk6ro1vp.cloudfront.net
|
United States
|
||
|
184.94.241.74
|
res.cisco.com
|
United States
|
||
|
108.138.85.84
|
unknown
|
United States
|
||
|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
35.193.17.96
|
unknown
|
United States
|
||
|
172.217.215.156
|
stats.g.doubleclick.net
|
United States
|
||
|
172.253.124.157
|
bid.g.doubleclick.net
|
United States
|
||
|
64.233.177.147
|
unknown
|
United States
|
There are 23 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
file:///C:/Users/user/Desktop/securedoc_20240425T124814.html
|
||
|
https://www.progressive.com/
|
||
|
https://www.progressive.com/
|
||
|
about:blank
|
||
|
https://www.progressive.com/#main
|
||
|
https://www.progressive.com/#TabOne
|