IOC Report
http://forwardrewinddesign.com/

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 155
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 156
ASCII text, with very long lines (1352)
downloaded
Chrome Cache Entry: 157
Web Open Font Format (Version 2), TrueType, length 16680, version 1.0
downloaded
Chrome Cache Entry: 158
HTML document, Unicode text, UTF-8 text, with very long lines (32309)
downloaded
Chrome Cache Entry: 159
HTML document, Unicode text, UTF-8 text, with very long lines (29713)
downloaded
Chrome Cache Entry: 160
ASCII text, with very long lines (2368)
dropped
Chrome Cache Entry: 161
ASCII text
downloaded
Chrome Cache Entry: 162
ASCII text, with very long lines (522)
downloaded
Chrome Cache Entry: 163
ASCII text, with very long lines (905)
dropped
Chrome Cache Entry: 164
PNG image data, 226 x 100, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 165
ASCII text, with very long lines (1352)
dropped
Chrome Cache Entry: 166
ASCII text, with very long lines (2368)
downloaded
Chrome Cache Entry: 167
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 168
PNG image data, 141 x 100, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 169
ASCII text, with very long lines (829)
downloaded
Chrome Cache Entry: 170
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 171
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 172
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 173
HTML document, Unicode text, UTF-8 text, with very long lines (30993)
downloaded
Chrome Cache Entry: 174
ASCII text, with very long lines (905)
downloaded
Chrome Cache Entry: 175
ASCII text, with very long lines (46314)
dropped
Chrome Cache Entry: 176
ASCII text, with very long lines (1211)
downloaded
Chrome Cache Entry: 177
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 178
Web Open Font Format (Version 2), TrueType, length 24448, version 1.0
downloaded
Chrome Cache Entry: 179
PNG image data, 224 x 100, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 180
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 181
PNG image data, 99 x 100, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 182
ASCII text
dropped
Chrome Cache Entry: 183
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 184
ASCII text, with very long lines (3413)
dropped
Chrome Cache Entry: 185
ASCII text, with very long lines (14775)
downloaded
Chrome Cache Entry: 186
ASCII text
downloaded
Chrome Cache Entry: 187
ASCII text, with very long lines (1211)
dropped
Chrome Cache Entry: 188
ASCII text, with very long lines (651)
downloaded
Chrome Cache Entry: 189
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
downloaded
Chrome Cache Entry: 190
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 191
ASCII text, with very long lines (1824)
downloaded
Chrome Cache Entry: 192
ASCII text, with very long lines (4451)
dropped
Chrome Cache Entry: 193
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 194
ASCII text
downloaded
Chrome Cache Entry: 195
ASCII text, with very long lines (3413)
downloaded
Chrome Cache Entry: 196
PNG image data, 365 x 182, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 197
ASCII text, with very long lines (19192)
dropped
Chrome Cache Entry: 198
ASCII text, with very long lines (849)
downloaded
Chrome Cache Entry: 199
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 200
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 201
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 202
Web Open Font Format (Version 2), TrueType, length 24408, version 1.0
downloaded
Chrome Cache Entry: 203
PNG image data, 190 x 100, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 204
ASCII text, with very long lines (442)
downloaded
Chrome Cache Entry: 205
ASCII text, with very long lines (966)
downloaded
Chrome Cache Entry: 206
ASCII text, with very long lines (56338)
downloaded
Chrome Cache Entry: 207
ASCII text
dropped
Chrome Cache Entry: 208
Unicode text, UTF-8 text, with very long lines (20947)
downloaded
Chrome Cache Entry: 209
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 210
ASCII text
downloaded
Chrome Cache Entry: 211
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 212
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 213
HTML document, Unicode text, UTF-8 text, with very long lines (31238)
downloaded
Chrome Cache Entry: 214
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 215
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
downloaded
Chrome Cache Entry: 216
ASCII text, with very long lines (367)
dropped
Chrome Cache Entry: 217
ASCII text, with very long lines (12251)
dropped
Chrome Cache Entry: 218
HTML document, Unicode text, UTF-8 text, with very long lines (32309)
downloaded
Chrome Cache Entry: 219
ASCII text, with very long lines (651)
dropped
Chrome Cache Entry: 220
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 221
ASCII text
downloaded
Chrome Cache Entry: 222
ASCII text, with very long lines (56338)
dropped
Chrome Cache Entry: 223
PNG image data, 365 x 365, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 224
ASCII text
dropped
Chrome Cache Entry: 225
ASCII text, with very long lines (14756)
downloaded
Chrome Cache Entry: 226
Web Open Font Format (Version 2), TrueType, length 22504, version 1.0
downloaded
Chrome Cache Entry: 227
Web Open Font Format (Version 2), TrueType, length 48336, version 1.0
downloaded
Chrome Cache Entry: 228
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 229
ASCII text, with very long lines (21556)
dropped
Chrome Cache Entry: 230
ASCII text, with very long lines (330)
dropped
Chrome Cache Entry: 231
ASCII text, with very long lines (12251)
downloaded
Chrome Cache Entry: 232
Unicode text, UTF-8 text, with very long lines (63425)
downloaded
Chrome Cache Entry: 233
JSON data
downloaded
Chrome Cache Entry: 234
ASCII text, with very long lines (402)
downloaded
Chrome Cache Entry: 235
Web Open Font Format (Version 2), TrueType, length 23236, version 1.0
downloaded
Chrome Cache Entry: 236
ASCII text, with very long lines (966)
dropped
Chrome Cache Entry: 237
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 238
ASCII text, with very long lines (558), with no line terminators
downloaded
Chrome Cache Entry: 239
ASCII text, with very long lines (4451)
downloaded
Chrome Cache Entry: 240
ASCII text, with very long lines (14756)
dropped
Chrome Cache Entry: 241
PNG image data, 1160 x 920, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 242
Unicode text, UTF-8 text, with very long lines (63425)
dropped
Chrome Cache Entry: 243
ASCII text
dropped
Chrome Cache Entry: 244
ASCII text, with very long lines (46314)
downloaded
Chrome Cache Entry: 245
ASCII text, with very long lines (829)
dropped
Chrome Cache Entry: 246
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 247
ASCII text, with very long lines (402)
dropped
Chrome Cache Entry: 248
ASCII text, with very long lines (442)
dropped
Chrome Cache Entry: 249
ASCII text, with very long lines (32952), with no line terminators
downloaded
Chrome Cache Entry: 250
Unicode text, UTF-8 text, with very long lines (20947)
dropped
Chrome Cache Entry: 251
RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 252
ASCII text, with very long lines (14775)
dropped
Chrome Cache Entry: 253
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 254
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 255
ASCII text, with very long lines (367)
downloaded
Chrome Cache Entry: 256
ASCII text
dropped
Chrome Cache Entry: 257
ASCII text, with very long lines (558), with no line terminators
dropped
Chrome Cache Entry: 258
ASCII text, with very long lines (21556)
downloaded
Chrome Cache Entry: 259
JPEG image data, baseline, precision 8, 192x192, components 3
dropped
Chrome Cache Entry: 260
ASCII text, with very long lines (1828)
dropped
Chrome Cache Entry: 261
ASCII text, with very long lines (1824)
dropped
Chrome Cache Entry: 262
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 263
ASCII text, with very long lines (522)
dropped
Chrome Cache Entry: 264
ASCII text, with very long lines (330)
downloaded
Chrome Cache Entry: 265
HTML document, Unicode text, UTF-8 text, with very long lines (21660)
downloaded
Chrome Cache Entry: 266
ASCII text, with very long lines (1828)
downloaded
Chrome Cache Entry: 267
Web Open Font Format (Version 2), TrueType, length 21508, version 1.0
downloaded
Chrome Cache Entry: 268
ASCII text, with very long lines (849)
dropped
Chrome Cache Entry: 269
ASCII text, with very long lines (19192)
downloaded
Chrome Cache Entry: 270
PNG image data, 100 x 100, 8-bit colormap, non-interlaced
dropped
There are 107 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=2156,i,12298263502820354307,3859923451546465588,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://forwardrewinddesign.com/"

URLs

Name
IP
Malicious
http://forwardrewinddesign.com/
https://img1.wsimg.com/gfonts/s/cabin/v27/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7mlx17r.w
unknown
https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2)
unknown
https://forwardrewinddesign.com/markup/ad
76.223.105.230
https://forwardrewinddesign.com/manifest.webmanifest
76.223.105.230
https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2)
unknown
https://img1.wsimg.com/gfonts/s/cabin/v27/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7ilx17r.w
unknown
https://img1.wsimg.com/gfonts/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2)
unknown
https://img1.wsimg.com/gfonts/s/lato/v24/S6u8w4BMUTPHh30AUi-qJCY.woff2)
unknown
https://forwardrewinddesign.com/contact-us
76.223.105.230
https://img1.wsimg.com/gfonts/s/lato/v24/S6u8w4BMUTPHjxsAUi-qJCY.woff2)
unknown
https://cdn.reamaze.com/assets/reamaze-godaddy-loader.js
104.22.9.8
http://forwardrewinddesign.com/
76.223.105.230
https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)
unknown
https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh50XSwaPGR_p.woff2)
unknown
https://forwardrewinddesign.com/social-media
76.223.105.230
https://img1.wsimg.com/gfonts/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2)
unknown
https://forwardrewinddesign.com/sw.js
76.223.105.230
https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)
unknown
https://img1.wsimg.com/gfonts/s/raleway/v34/1Ptug8zYS_SKggPNyCkIT5lu.woff2)
unknown
https://img1.wsimg.com/gfonts/s/raleway/v34/1Ptug8zYS_SKggPNyCMIT5lu.woff2)
unknown
https://forwardrewinddesign.com/
https://b2d38851-7aec-40b6-bcb5-d87442342071.reamaze.godaddy.com/api/v2/bots
52.223.43.160
https://img1.wsimg.com/gfonts/s/raleway/v34/1Ptug8zYS_SKggPNyCAIT5lu.woff2)
unknown
https://img1.wsimg.com/gfonts/s/lato/v24/S6u8w4BMUTPHh30AXC-q.woff2)
unknown
https://img1.wsimg.com/gfonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)
unknown
https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc
unknown
https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh7USSwaPGR_p.woff2)
unknown
https://img1.wsimg.com/gfonts/s/raleway/v34/1Ptug8zYS_SKggPNyCIIT5lu.woff2)
unknown
https://forwardrewinddesign.com/favicon.ico
76.223.105.230
https://img1.wsimg.com/gfonts/s/lato/v24/S6u_w4BMUTPHjxsI5wq_FQft1dw.woff2)
unknown
http://scripts.sil.org/OFL
unknown
https://img1.wsimg.com/isteam/ip/b2d38851-7aec-40b6-bcb5-d87442342071/blob-758804b.png
unknown
https://forwardrewinddesign.com/404
unknown
https://img1.wsimg.com/gfonts/s/cabin/v27/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alxw.wof
unknown
https://forwardrewinddesign.com/about-us
76.223.105.230
http://jedwatson.github.io/classnames
unknown
https://img1.wsimg.com/gfonts/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2)
unknown
https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2)
unknown
There are 28 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
bg.microsoft.map.fastly.net
199.232.210.172
www.google.com
142.250.186.164
cdn.reamaze.com
104.22.9.8
forwardrewinddesign.com
76.223.105.230
b2d38851-7aec-40b6-bcb5-d87442342071.reamaze.godaddy.com
52.223.43.160
img1.wsimg.com
unknown
csp.secureserver.net
unknown
events.api.secureserver.net
unknown

IPs

IP
Domain
Country
Malicious
76.223.105.230
forwardrewinddesign.com
United States
192.168.2.7
unknown
unknown
104.22.9.8
cdn.reamaze.com
United States
104.22.8.8
unknown
United States
192.168.2.9
unknown
unknown
192.168.2.4
unknown
unknown
52.223.43.160
b2d38851-7aec-40b6-bcb5-d87442342071.reamaze.godaddy.com
United States
239.255.255.250
unknown
Reserved
142.250.186.164
www.google.com
United States

DOM / HTML

URL
Malicious
https://forwardrewinddesign.com/
https://forwardrewinddesign.com/
https://forwardrewinddesign.com/