IOC Report
http://support.salad.com

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 64
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 65
HTML document, ASCII text, with very long lines (949)
downloaded
Chrome Cache Entry: 66
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 67
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 68
ASCII text, with very long lines (8151), with no line terminators
dropped
Chrome Cache Entry: 69
PNG image data, 156 x 75, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 70
JSON data
dropped
Chrome Cache Entry: 71
ASCII text, with very long lines (2565)
downloaded
Chrome Cache Entry: 72
ASCII text, with very long lines (5945)
downloaded
Chrome Cache Entry: 73
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 74
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 75
ASCII text, with very long lines (8059), with no line terminators
downloaded
Chrome Cache Entry: 76
ASCII text, with very long lines (2565)
dropped
Chrome Cache Entry: 77
HTML document, ASCII text, with very long lines (949)
downloaded
Chrome Cache Entry: 78
PNG image data, 594 x 548, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 79
gzip compressed data, max compression, from Unix, original size modulo 2^32 32057
downloaded
Chrome Cache Entry: 80
PNG image data, 594 x 548, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 81
JSON data
downloaded
Chrome Cache Entry: 82
HTML document, ASCII text, with very long lines (521)
downloaded
Chrome Cache Entry: 83
gzip compressed data, max compression, from Unix, original size modulo 2^32 32057
dropped
Chrome Cache Entry: 84
gzip compressed data, was "loader.js", last modified: Thu Oct 24 12:23:33 2024, max compression, from Unix, original size modulo 2^32 372
downloaded
Chrome Cache Entry: 85
PNG image data, 156 x 75, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 86
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 87
gzip compressed data, max compression, from Unix, original size modulo 2^32 63358
dropped
Chrome Cache Entry: 88
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 89
gzip compressed data, was "loader.js", last modified: Thu Oct 24 12:23:33 2024, max compression, from Unix, original size modulo 2^32 372
dropped
Chrome Cache Entry: 90
ASCII text, with very long lines (5945)
dropped
Chrome Cache Entry: 91
gzip compressed data, max compression, from Unix, original size modulo 2^32 63358
downloaded
There are 19 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=2080,i,12181754044327497218,2942225038663958688,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://support.salad.com"

URLs

Name
IP
Malicious
http://support.salad.com
https://d3eto7onm69fcz.cloudfront.net/assets/javascripts/app3.min.js
18.245.62.41
https://stats.g.doubleclick.net/g/collect
unknown
https://beacon-v2.helpscout.net/
143.204.215.107
https://beacon-v2.helpscout.net/static/js/vendor.5fe8f3bc.js
143.204.215.107
https://beacon-v2.helpscout.net
unknown
https://support.salad.com
unknown
https://support.salad.com/
https://support.salad.com/search?query=
unknown
https://d3eto7onm69fcz.cloudfront.net/assets/stylesheets/launch-1729149568815.css
18.245.62.41
https://www.helpscout.com/docs-refer/?co=Salad
unknown
https://d3eto7onm69fcz.cloudfront.net/assets/stylesheets/launch-1727093464133.css
18.245.62.41
https://d3eto7onm69fcz.cloudfront.net/assets/img/bg-content2.png
18.245.62.41
https://salad.com
unknown
https://schema.org
unknown
https://d3hb14vkzrxvla.cloudfront.net/v1/15f4012e-77c9-466f-8e3f-866d7b05ddec
18.66.137.169
https://cct.google/taggy/agent.js
unknown
https://support.salad.com/category/292-container-workloads
https://www.google.com
unknown
https://www.youtube.com/iframe_api
unknown
https://support.salad.com/collection/27-troubleshooting
https://support.salad.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
104.26.0.249
https://td.doubleclick.net
unknown
https://d3eto7onm69fcz.cloudfront.net/assets/stylesheets/launch-1728976791012.css
18.245.62.41
https://a.nel.cloudflare.com/report/v4?s=hsLAmYMlPFLDvZ%2BkT3mQ1pwWgyHheJay7ML95oNU9V4gsxnrEQAyL3LMr%2F%2FiPzoA7BoPZFM9rPo1uzeIo6BQz7eEwKz9uTvfQJ3sUw1QOM1fg9WVyY2mMmbmXKwQ9D0F%2FLXB
35.190.80.1
https://www.merchant-center-analytics.goog
unknown
https://support.salad.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
104.26.0.249
https://d33v4339jhl8k0.cloudfront.net/docs/assets/615b47bfca9e0011a4434693/images/61aa9ae6de3d7f58bfc6ad8e/logo.png
18.244.20.117
https://beacon-v2.helpscout.net/static/js/main.cec4b1f5.js
143.204.215.107
https://support.salad.com/cdn-cgi/challenge-platform/h/g/jsd/r/8d7ab1f6db566c56
104.26.0.249
https://adservice.google.com/pagead/regclk?
unknown
https://d33v4339jhl8k0.cloudfront.net/docs/assets/615b47bfca9e0011a4434693/images/61aa99ff8564e0276362985d/32x32.png
18.244.20.117
There are 21 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
bg.microsoft.map.fastly.net
199.232.214.172
a.nel.cloudflare.com
35.190.80.1
d33v4339jhl8k0.cloudfront.net
18.244.20.117
support.salad.com
104.26.0.249
d3eto7onm69fcz.cloudfront.net
18.245.62.41
www.google.com
172.217.16.196
beacon-v2.helpscout.net
143.204.215.107
d3hb14vkzrxvla.cloudfront.net
18.66.137.169

IPs

IP
Domain
Country
Malicious
18.239.47.64
unknown
United States
18.245.62.41
d3eto7onm69fcz.cloudfront.net
United States
18.244.20.117
d33v4339jhl8k0.cloudfront.net
United States
192.168.2.7
unknown
unknown
18.245.62.209
unknown
United States
239.255.255.250
unknown
Reserved
104.26.0.249
support.salad.com
United States
18.66.137.169
d3hb14vkzrxvla.cloudfront.net
United States
18.66.137.213
unknown
United States
35.190.80.1
a.nel.cloudflare.com
United States
172.217.16.196
www.google.com
United States
143.204.215.107
beacon-v2.helpscout.net
United States
13.224.132.90
unknown
United States
There are 3 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
https://support.salad.com/
https://support.salad.com/category/292-container-workloads
https://support.salad.com/category/292-container-workloads
https://support.salad.com/category/292-container-workloads
https://support.salad.com/category/292-container-workloads
https://support.salad.com/collection/27-troubleshooting
https://support.salad.com/collection/27-troubleshooting
https://support.salad.com/collection/27-troubleshooting