IOC Report
http://teaandrosemary.com

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Nov 21 08:58:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Nov 21 08:58:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Nov 21 08:58:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Nov 21 08:58:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Nov 21 08:58:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 214
ASCII text, with very long lines (27005), with no line terminators
downloaded
Chrome Cache Entry: 215
ASCII text, with very long lines (32819), with no line terminators
downloaded
Chrome Cache Entry: 216
ASCII text
dropped
Chrome Cache Entry: 217
ASCII text, with very long lines (64561)
downloaded
Chrome Cache Entry: 218
JSON data
dropped
Chrome Cache Entry: 219
ASCII text
downloaded
Chrome Cache Entry: 220
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x569, components 3
downloaded
Chrome Cache Entry: 221
ASCII text, with very long lines (22361), with no line terminators
downloaded
Chrome Cache Entry: 222
ASCII text, with very long lines (37922), with no line terminators
downloaded
Chrome Cache Entry: 223
ASCII text, with very long lines (65445)
downloaded
Chrome Cache Entry: 224
ASCII text, with very long lines (4205)
dropped
Chrome Cache Entry: 225
ASCII text, with very long lines (14634), with no line terminators
dropped
Chrome Cache Entry: 226
HTML document, ASCII text
downloaded
Chrome Cache Entry: 227
Unicode text, UTF-8 text, with very long lines (62670)
dropped
Chrome Cache Entry: 228
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 229
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 230
ASCII text, with very long lines (602), with no line terminators
downloaded
Chrome Cache Entry: 231
JSON data
downloaded
Chrome Cache Entry: 232
ASCII text, with very long lines (54915)
downloaded
Chrome Cache Entry: 233
JSON data
dropped
Chrome Cache Entry: 234
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 235
HTML document, ASCII text
downloaded
Chrome Cache Entry: 236
ASCII text, with very long lines (2522), with no line terminators
dropped
Chrome Cache Entry: 237
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 238
ASCII text
downloaded
Chrome Cache Entry: 239
ASCII text, with very long lines (27375)
downloaded
Chrome Cache Entry: 240
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 241
JSON data
dropped
Chrome Cache Entry: 242
JSON data
dropped
Chrome Cache Entry: 243
JSON data
downloaded
Chrome Cache Entry: 244
JSON data
downloaded
Chrome Cache Entry: 245
ASCII text, with very long lines (12780)
dropped
Chrome Cache Entry: 246
ASCII text, with very long lines (24702), with no line terminators
downloaded
Chrome Cache Entry: 247
ASCII text, with very long lines (14634), with no line terminators
downloaded
Chrome Cache Entry: 248
HTML document, ASCII text
downloaded
Chrome Cache Entry: 249
ASCII text, with very long lines (58981)
downloaded
Chrome Cache Entry: 250
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 251
ASCII text, with very long lines (1191), with no line terminators
downloaded
Chrome Cache Entry: 252
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 253
JSON data
dropped
Chrome Cache Entry: 254
JSON data
dropped
Chrome Cache Entry: 255
JSON data
downloaded
Chrome Cache Entry: 256
ASCII text, with very long lines (65454)
downloaded
Chrome Cache Entry: 257
ASCII text
downloaded
Chrome Cache Entry: 258
ASCII text, with very long lines (8743), with no line terminators
downloaded
Chrome Cache Entry: 259
ASCII text, with very long lines (3224)
downloaded
Chrome Cache Entry: 260
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 320x320, components 3
dropped
Chrome Cache Entry: 261
ASCII text, with very long lines (39555)
dropped
Chrome Cache Entry: 262
JSON data
downloaded
Chrome Cache Entry: 263
HTML document, ASCII text
downloaded
Chrome Cache Entry: 264
ASCII text, with very long lines (65454)
dropped
Chrome Cache Entry: 265
HTML document, ASCII text, with very long lines (20309), with no line terminators
downloaded
Chrome Cache Entry: 266
ASCII text, with very long lines (4123)
dropped
Chrome Cache Entry: 267
ASCII text, with very long lines (65266)
downloaded
Chrome Cache Entry: 268
ASCII text, with very long lines (6482), with no line terminators
dropped
Chrome Cache Entry: 269
JSON data
dropped
Chrome Cache Entry: 270
HTML document, ASCII text, with very long lines (20438), with no line terminators
downloaded
Chrome Cache Entry: 271
ASCII text, with very long lines (60833), with no line terminators
downloaded
Chrome Cache Entry: 272
Unicode text, UTF-8 text, with very long lines (65463)
downloaded
Chrome Cache Entry: 273
PNG image data, 1 x 1, 1-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 274
ASCII text, with very long lines (2036), with no line terminators
dropped
Chrome Cache Entry: 275
ASCII text
downloaded
Chrome Cache Entry: 276
Java source, ASCII text, with very long lines (464)
dropped
Chrome Cache Entry: 277
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 278
ASCII text, with very long lines (65266)
dropped
Chrome Cache Entry: 279
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 320x320, components 3
dropped
Chrome Cache Entry: 280
ASCII text, with very long lines (47886)
downloaded
Chrome Cache Entry: 282
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 283
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 284
Java source, ASCII text, with very long lines (309)
downloaded
Chrome Cache Entry: 285
PNG image data, 1 x 1, 1-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 286
ASCII text, with very long lines (65445)
dropped
Chrome Cache Entry: 287
ASCII text, with very long lines (11126)
dropped
Chrome Cache Entry: 288
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 289
ASCII text, with very long lines (30523), with no line terminators
downloaded
Chrome Cache Entry: 290
Web Open Font Format (Version 2), TrueType, length 13860, version 1.0
downloaded
Chrome Cache Entry: 291
ASCII text, with very long lines (7337)
dropped
Chrome Cache Entry: 292
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 293
HTML document, ASCII text, with very long lines (20438), with no line terminators
dropped
Chrome Cache Entry: 294
Web Open Font Format (Version 2), TrueType, length 24768, version 1.0
downloaded
Chrome Cache Entry: 295
ASCII text, with very long lines (27578)
downloaded
Chrome Cache Entry: 296
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 297
ASCII text, with very long lines (36707), with no line terminators
downloaded
Chrome Cache Entry: 298
ASCII text, with very long lines (18142)
dropped
Chrome Cache Entry: 299
JSON data
dropped
Chrome Cache Entry: 300
ASCII text
downloaded
Chrome Cache Entry: 301
HTML document, ASCII text, with very long lines (906), with no line terminators
dropped
Chrome Cache Entry: 302
ASCII text, with very long lines (27578)
dropped
Chrome Cache Entry: 303
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 304
ASCII text, with very long lines (32819), with no line terminators
dropped
Chrome Cache Entry: 305
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 320x320, components 3
downloaded
Chrome Cache Entry: 306
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 307
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x569, components 3
dropped
Chrome Cache Entry: 308
ASCII text, with very long lines (4205)
downloaded
Chrome Cache Entry: 309
ASCII text, with very long lines (62928)
dropped
Chrome Cache Entry: 310
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 311
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 312
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 313
JSON data
downloaded
Chrome Cache Entry: 314
JSON data
downloaded
Chrome Cache Entry: 315
ASCII text, with very long lines (37922), with no line terminators
dropped
Chrome Cache Entry: 316
JSON data
dropped
Chrome Cache Entry: 317
ASCII text, with very long lines (794), with no line terminators
downloaded
Chrome Cache Entry: 318
Unicode text, UTF-8 text, with very long lines (8189)
dropped
Chrome Cache Entry: 319
ASCII text, with very long lines (12886)
downloaded
Chrome Cache Entry: 320
ASCII text, with very long lines (45889)
downloaded
Chrome Cache Entry: 321
HTML document, ASCII text, with very long lines (906), with no line terminators
downloaded
Chrome Cache Entry: 322
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 323
JSON data
dropped
Chrome Cache Entry: 324
ASCII text, with very long lines (20522), with no line terminators
dropped
Chrome Cache Entry: 325
ASCII text, with very long lines (5945)
downloaded
Chrome Cache Entry: 326
ASCII text, with very long lines (65439)
dropped
Chrome Cache Entry: 327
ASCII text, with very long lines (45889)
dropped
Chrome Cache Entry: 328
ASCII text, with very long lines (7106)
dropped
Chrome Cache Entry: 329
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 330
JSON data
downloaded
Chrome Cache Entry: 331
PNG image data, 1 x 1, 1-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 332
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 333
ASCII text, with very long lines (5893)
downloaded
Chrome Cache Entry: 334
HTML document, ASCII text, with very long lines (20309), with no line terminators
downloaded
Chrome Cache Entry: 335
Unicode text, UTF-8 text, with very long lines (8189)
downloaded
Chrome Cache Entry: 336
JSON data
downloaded
Chrome Cache Entry: 337
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 338
ASCII text, with very long lines (42652), with no line terminators
downloaded
Chrome Cache Entry: 339
HTML document, ASCII text, with very long lines (1288)
downloaded
Chrome Cache Entry: 340
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 320x568, components 3
downloaded
Chrome Cache Entry: 341
HTML document, ASCII text, with very long lines (6771)
downloaded
Chrome Cache Entry: 342
ASCII text, with very long lines (65439)
downloaded
Chrome Cache Entry: 343
Unicode text, UTF-8 text, with very long lines (62670)
downloaded
Chrome Cache Entry: 344
ASCII text, with very long lines (2755), with no line terminators
downloaded
Chrome Cache Entry: 345
ASCII text, with very long lines (2522), with no line terminators
downloaded
Chrome Cache Entry: 346
JSON data
dropped
Chrome Cache Entry: 347
ASCII text, with very long lines (7337)
downloaded
Chrome Cache Entry: 348
HTML document, ASCII text, with very long lines (20309), with no line terminators
downloaded
Chrome Cache Entry: 349
Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049
downloaded
Chrome Cache Entry: 350
ASCII text, with very long lines (14218), with no line terminators
dropped
Chrome Cache Entry: 351
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x567, components 3
downloaded
Chrome Cache Entry: 352
JSON data
dropped
Chrome Cache Entry: 353
ASCII text, with very long lines (32436)
dropped
Chrome Cache Entry: 354
ASCII text, with very long lines (65447)
dropped
Chrome Cache Entry: 355
JSON data
downloaded
Chrome Cache Entry: 356
Java source, ASCII text
downloaded
Chrome Cache Entry: 357
JSON data
downloaded
Chrome Cache Entry: 358
ASCII text, with very long lines (2343)
dropped
Chrome Cache Entry: 359
JSON data
downloaded
Chrome Cache Entry: 360
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 361
JSON data
downloaded
Chrome Cache Entry: 362
JSON data
dropped
Chrome Cache Entry: 363
JSON data
downloaded
Chrome Cache Entry: 364
ASCII text, with very long lines (7106)
downloaded
Chrome Cache Entry: 365
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 366
JSON data
downloaded
Chrome Cache Entry: 367
ASCII text, with very long lines (18523)
dropped
Chrome Cache Entry: 368
PNG image data, 1000 x 560, 1-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 369
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 370
ASCII text
dropped
Chrome Cache Entry: 371
ASCII text, with very long lines (5959)
downloaded
Chrome Cache Entry: 372
ASCII text, with very long lines (20522), with no line terminators
downloaded
Chrome Cache Entry: 373
JSON data
downloaded
Chrome Cache Entry: 374
ASCII text, with very long lines (4123)
downloaded
Chrome Cache Entry: 375
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 376
JSON data
dropped
Chrome Cache Entry: 377
Unicode text, UTF-8 text, with very long lines (55649), with NEL line terminators
downloaded
Chrome Cache Entry: 378
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, feather
downloaded
Chrome Cache Entry: 379
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 380
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 381
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 382
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 383
ASCII text
downloaded
Chrome Cache Entry: 384
ASCII text, with very long lines (62928)
downloaded
Chrome Cache Entry: 385
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 386
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 387
JSON data
dropped
Chrome Cache Entry: 388
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 320x320, components 3
downloaded
Chrome Cache Entry: 389
ASCII text, with very long lines (2343)
downloaded
Chrome Cache Entry: 390
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 391
ASCII text, with very long lines (7651), with no line terminators
downloaded
Chrome Cache Entry: 392
ASCII text, with very long lines (12780)
downloaded
Chrome Cache Entry: 393
ASCII text, with very long lines (22361), with no line terminators
dropped
Chrome Cache Entry: 394
HTML document, ASCII text, with very long lines (11866), with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 395
ASCII text
downloaded
Chrome Cache Entry: 396
JSON data
downloaded
Chrome Cache Entry: 397
ASCII text, with very long lines (51159)
downloaded
Chrome Cache Entry: 398
ASCII text, with very long lines (64561)
dropped
Chrome Cache Entry: 399
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 320x320, components 3
dropped
Chrome Cache Entry: 400
JSON data
dropped
Chrome Cache Entry: 401
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 402
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 320x320, components 3
downloaded
Chrome Cache Entry: 403
PNG image data, 1000 x 560, 1-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 404
JSON data
downloaded
Chrome Cache Entry: 405
Java source, ASCII text
dropped
Chrome Cache Entry: 406
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 407
ASCII text
downloaded
Chrome Cache Entry: 408
JSON data
dropped
Chrome Cache Entry: 409
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 410
ASCII text, with very long lines (36707), with no line terminators
dropped
Chrome Cache Entry: 411
ASCII text, with very long lines (3224)
dropped
Chrome Cache Entry: 412
JSON data
downloaded
Chrome Cache Entry: 413
ASCII text, with very long lines (11126)
downloaded
Chrome Cache Entry: 414
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 415
Unicode text, UTF-8 text, with very long lines (65463)
dropped
Chrome Cache Entry: 416
ASCII text, with very long lines (6482), with no line terminators
downloaded
Chrome Cache Entry: 417
ASCII text, with very long lines (18523)
downloaded
Chrome Cache Entry: 418
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 419
JSON data
dropped
Chrome Cache Entry: 420
HTML document, ASCII text, with very long lines (20309), with no line terminators
dropped
Chrome Cache Entry: 421
JSON data
downloaded
Chrome Cache Entry: 422
ASCII text, with very long lines (27005), with no line terminators
dropped
Chrome Cache Entry: 424
ASCII text, with very long lines (12886)
dropped
Chrome Cache Entry: 425
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 426
JSON data
dropped
Chrome Cache Entry: 427
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 428
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 429
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 430
ASCII text, with very long lines (1723), with no line terminators
downloaded
Chrome Cache Entry: 431
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 432
JSON data
dropped
Chrome Cache Entry: 433
ASCII text, with very long lines (7651), with no line terminators
dropped
Chrome Cache Entry: 434
Web Open Font Format (Version 2), TrueType, length 23676, version 1.0
downloaded
Chrome Cache Entry: 435
ASCII text, with very long lines (1133)
dropped
Chrome Cache Entry: 436
ASCII text, with very long lines (30523), with no line terminators
dropped
Chrome Cache Entry: 437
JSON data
downloaded
Chrome Cache Entry: 438
ASCII text, with very long lines (65447)
downloaded
Chrome Cache Entry: 439
ASCII text, with very long lines (51159)
dropped
Chrome Cache Entry: 440
HTML document, ASCII text, with very long lines (2156)
downloaded
Chrome Cache Entry: 441
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 442
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 443
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 444
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 445
ASCII text, with very long lines (1191), with no line terminators
dropped
Chrome Cache Entry: 446
JSON data
dropped
Chrome Cache Entry: 447
ASCII text, with very long lines (42652), with no line terminators
dropped
Chrome Cache Entry: 448
JSON data
dropped
Chrome Cache Entry: 449
ASCII text, with very long lines (60833), with no line terminators
dropped
Chrome Cache Entry: 450
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 451
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 452
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 453
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 454
JSON data
dropped
Chrome Cache Entry: 455
JSON data
dropped
Chrome Cache Entry: 456
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 457
JSON data
downloaded
Chrome Cache Entry: 458
ASCII text
downloaded
Chrome Cache Entry: 459
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 460
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 461
JSON data
dropped
Chrome Cache Entry: 462
JSON data
dropped
Chrome Cache Entry: 463
ASCII text, with very long lines (39555)
downloaded
Chrome Cache Entry: 464
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x569, components 3
downloaded
Chrome Cache Entry: 465
ASCII text, with very long lines (17484), with no line terminators
downloaded
Chrome Cache Entry: 466
Web Open Font Format (Version 2), TrueType, length 18792, version 1.0
downloaded
Chrome Cache Entry: 467
ASCII text, with very long lines (1561), with no line terminators
dropped
Chrome Cache Entry: 468
ASCII text, with very long lines (5893)
dropped
Chrome Cache Entry: 469
ASCII text, with very long lines (27375)
dropped
Chrome Cache Entry: 470
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 320x568, components 3
dropped
Chrome Cache Entry: 471
ASCII text, with very long lines (602), with no line terminators
dropped
Chrome Cache Entry: 472
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 473
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 474
ASCII text
downloaded
Chrome Cache Entry: 475
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 476
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 477
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 320x320, components 3
dropped
Chrome Cache Entry: 478
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 479
gzip compressed data, was "tmpmt9r_1tz", last modified: Thu May 27 18:30:51 2021, max compression, original size modulo 2^32 24615
downloaded
Chrome Cache Entry: 480
ASCII text, with very long lines (5945)
dropped
Chrome Cache Entry: 481
ASCII text, with very long lines (32092)
dropped
Chrome Cache Entry: 482
ASCII text, with very long lines (14218), with no line terminators
downloaded
Chrome Cache Entry: 483
ASCII text
dropped
Chrome Cache Entry: 484
ASCII text, with very long lines (32092)
downloaded
Chrome Cache Entry: 485
HTML document, ASCII text
downloaded
Chrome Cache Entry: 486
HTML document, ASCII text, with very long lines (27274)
downloaded
Chrome Cache Entry: 487
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 488
JSON data
downloaded
Chrome Cache Entry: 489
Java source, ASCII text, with very long lines (309)
dropped
Chrome Cache Entry: 490
ASCII text, with very long lines (32436)
downloaded
Chrome Cache Entry: 491
PNG image data, 1 x 1, 1-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 492
gzip compressed data, was "tmpmt9r_1tz", last modified: Thu May 27 18:30:51 2021, max compression, original size modulo 2^32 24615
dropped
Chrome Cache Entry: 493
ASCII text, with very long lines (3835)
downloaded
Chrome Cache Entry: 494
JSON data
downloaded
Chrome Cache Entry: 495
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x569, components 3
dropped
Chrome Cache Entry: 496
ASCII text, with very long lines (5959)
dropped
Chrome Cache Entry: 497
Unicode text, UTF-8 text, with very long lines (55649), with NEL line terminators
dropped
Chrome Cache Entry: 498
Web Open Font Format (Version 2), TrueType, length 74508, version 329.-1049
downloaded
Chrome Cache Entry: 499
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 320x320, components 3
downloaded
Chrome Cache Entry: 500
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 501
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 502
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 503
JSON data
dropped
Chrome Cache Entry: 504
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 505
JSON data
dropped
Chrome Cache Entry: 506
HTML document, ASCII text, with very long lines (52990)
downloaded
Chrome Cache Entry: 507
HTML document, ASCII text
downloaded
Chrome Cache Entry: 508
JSON data
dropped
Chrome Cache Entry: 509
ASCII text
downloaded
Chrome Cache Entry: 510
JSON data
downloaded
Chrome Cache Entry: 511
ASCII text
dropped
Chrome Cache Entry: 512
ASCII text, with very long lines (3835)
dropped
Chrome Cache Entry: 513
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 514
JSON data
downloaded
Chrome Cache Entry: 515
ASCII text, with very long lines (3313)
downloaded
Chrome Cache Entry: 516
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 517
JSON data
downloaded
Chrome Cache Entry: 518
Java source, ASCII text, with very long lines (464)
downloaded
Chrome Cache Entry: 519
ASCII text, with very long lines (1133)
downloaded
Chrome Cache Entry: 520
ASCII text, with very long lines (14857), with no line terminators
downloaded
Chrome Cache Entry: 521
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 522
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
dropped
Chrome Cache Entry: 523
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 524
HTML document, ASCII text, with very long lines (20309), with no line terminators
downloaded
Chrome Cache Entry: 525
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 526
ASCII text, with very long lines (8743), with no line terminators
dropped
Chrome Cache Entry: 527
JSON data
dropped
Chrome Cache Entry: 528
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x567, components 3
dropped
Chrome Cache Entry: 529
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x600, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 530
ASCII text, with very long lines (18142)
downloaded
There are 312 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2392 --field-trial-handle=2164,i,14562950122353892082,8938884654339843377,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://teaandrosemary.com"

URLs

Name
IP
Malicious
http://teaandrosemary.com
https://pippio.com/api/sync?pid=5324&it=1&iv=aff9a569ab9b525bd26618e909f117512695aa642c546870077e8e6537735e48791426b5417dce21&_=2
107.178.254.65
https://teaandrosemary.com/wp-content/uploads/2024/07/a7d472d912e46ac12a53c193af5b3395-480x600.jpg
unknown
https://exchange.mediavine.com/usersync/redirect?partner=pubmatic&uuid=53c22730-a7ef-11ef-9524-59b39092d66a&s2sVersion=production&partnerId=8C0D9DDA-0AEA-4A22-96F8-FA9C551D724B
3.73.221.49
https://usersync.gumgum.com/usersync?b=oth&i=y-fNoxFSRE2peVxqjwJ2GMyh7NknUbHBg6HZyn~A
34.247.233.198
https://teaandrosemary.com/wp-content/uploads/2021/08/Copy-of-Copy-of-Tea-6-768x269.png.webp
unknown
https://teaandrosemary.com/wp-content/uploads/2024/07/32210d6be77cfec56427fb36e962a9bc-480x600.jpg
unknown
https://teaandrosemary.com/wp-content/uploads/sb-instagram-feed-images/467651190_18049831349001741_5210491199902608146_nlow.jpg
104.21.34.20
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
3.211.75.57
https://ampcid.google.com/v1/publisher:getClientId
unknown
https://sync.colossusssp.com/ortb.gif?redir=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dhuddled_masses%26uuid%3D53c22730-a7ef-11ef-9524-59b39092d66a%26s2sVersion%3Dproduction%26partnerId%3D%5BUID%5D
172.240.155.100
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8C0D9DDA-0AEA-4A22-96F8-FA9C551D724B&sInitiator=external&gdpr=0&gdpr_consent=
77.243.51.122
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7439670164659829102&gdpr=0&gdpr_consent=
198.47.127.205
https://mediavine-auth.cloud.optable.co/s-2dda8616-76d0-4ba6-9fcf-000ee349ee45/v2/targeting?id=__passport__&osdk=web-v0.20.1&cookies=no&passport=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InY6NTN2d2tSb3p4aEo4MUJHcTN4VnFZTCIsIm5ldyI6dHJ1ZSwiZXhwIjoxNzM0Nzc1MjA1fQ.xbVrvsxR85kb5nfwvavOfSuY5wSWYeDijkPwQQQKuw5J7Y05JGXuUcsm9s_KuGTkm9ov3UQ3ZUVpCUmLqL6DkQ
34.149.155.241
https://sync.1rx.io/usersync/turn/3401281489091757236?dspret=1&gdpr=&gdpr_consent=&us_privacy=
46.228.174.117
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
142.250.185.66
https://exchange.mediavine.com/usersync/redirect?partner=criteo&uuid=53c22730-a7ef-11ef-9524-59b39092d66a&s2sVersion=production&partnerId=k-frujyAx-dSfYnD0gPqVmP-6FH3DF23qDk5DEsQ
3.121.150.111
https://mediavine-auth.cloud.optable.co/s-2dda8616-76d0-4ba6-9fcf-000ee349ee45/identify?osdk=web-v0.20.1&cookies=no&passport=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InY6NTN2d2tSb3p4aEo4MUJHcTN4VnFZTCIsIm5ldyI6ZmFsc2UsImV4cCI6MTczNDc3NTIwN30.SNCmzqGqDIlVqMCeHY6LzUCyl8daadbrXQA5qXthfg5BtxirZJOz5WLPbfZGu8Og0S6kpSG72fHMom3WUn6SnQ
34.149.155.241
https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&gdpr=0&src=pbjs&ver=9.8.0&coppa=0&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
35.244.193.51
https://teaandrosemary.com/#/schema/logo/image/
unknown
https://teaandrosemary.com/wp-content/uploads/2021/08/Copy-of-Copy-of-Tea-6.png
unknown
https://teaandrosemary.com/wp-content/uploads/2021/04/cropped-Untitled-design-1-32x32.png
unknown
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=b27cf35f-f0d6-09c9-0692-e2273c95401b
34.111.113.62
https://teaandrosemary.com/4-signs-hecate-might-be-calling/
unknown
https://teaandrosemary.com/wp-content/uploads/2024/09/basilandbella_photo_of_hecate_straight_on_to_t
unknown
https://teaandrosemary.com/tarot-2
unknown
https://teaandrosemary.com/wp-content/themes/fox/css/lib/feather/feather.ttf?rny1sd
104.21.34.20
https://match.sharethrough.com/universal/v1?supply_id=47b99924&us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dsharethrough%26uuid%3D53c22730-a7ef-11ef-9524-59b39092d66a%26s2sVersion%3Dproduction%26partnerId%3D
18.197.30.174
https://teaandrosemary.com/wp-content/plugins/convertkit/resources/frontend/js/broadcasts.js?ver=2.3
unknown
https://teaandrosemary.com/wp-content/uploads/sb-instagram-feed-images/464423623_1263198934822275_3845619286450297427_nlow.jpg
104.21.34.20
https://match.adsrvr.org/track/rid?ttd_pid=sne7dew&fmt=json
52.223.40.198
https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
unknown
https://dsp-ap.eskimi.com/pixelGet?ex=50&gdpr=
unknown
https://dsp-cookie.adfarm1.adition.com/?ssp=9&gdpr=0&gdpr_consent=
80.82.210.217
https://oa.openxcdn.net/esp.js
34.102.146.192
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=n5JVlcfrU9k6YArUqgBA13ioZWkA9h9FVRMBz9nk0_k&pi=pubmatic&gdpr=0&gdpr_consent=
198.47.127.205
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent
54.38.113.4
https://schema.org/SearchAction
unknown
https://www.instagram.com/reel/DBcPHRvSaFY/
unknown
https://teaandrosemary.com/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.2
104.21.34.20
https://dsp-ap.eskimi.com/pixelGet?ex=50&gdpr={gdpr}&gdpr_consent={gdpr_consent}&dest=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM3MDcmdGw9MjAxNjA=&piggybackCookie={dmp_id}&gdpr={gdpr}&gdpr_consent={gdpr_consent}
188.42.63.48
https://rtb.gumgum.com/usync/9534?us_privacy=1---&r=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3D53c22730-a7ef-11ef-9524-59b39092d66a%26s2sVersion%3Dproduction%26partnerId%3D
54.229.252.101
https://pr-bh.ybp.yahoo.com/sync/openx/20c5e6e7-3b7d-a607-7da4-6c04f04e4c5e?gdpr=0
52.16.54.39
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6584676363640427219
34.98.64.218
https://teaandrosemary.com/wp-content/uploads/2021/08/Copy-of-Copy-of-Tea-6.png.webp
unknown
https://cdn-api.ethyca.com/location
unknown
https://teaandrosemary.com/wp-content/uploads/2024/01/tim-cooper-XfqGuWevmvs-unsplash.jpg
unknown
https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
141.94.242.206
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3Dmediagrid%26uuid%3D53c22730-a7ef-11ef-9524-59b39092d66a%26s2sVersion%3Dproduction%26partnerId%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=1---&user_id=53c22730-a7ef-11ef-9524-59b39092d66a
35.214.136.108
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
178.32.197.53
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
142.250.186.162
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMCoy5WkKFJ-n6z3RN5CuHc&google_cver=1
185.64.191.210
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
34.36.216.150
https://schema.org/WPHeader
unknown
https://teaandrosemary.com/venus-uranus-aspects-synastry/
unknown
https://teaandrosemary.com/wp-content/uploads/2024/11/basilandbella_photo_of_persephone_holding_a_po
unknown
https://teaandrosemary.com/wp-content/uploads/2024/09/basilandbella_photo_of_Lughnasadh_Ancestral_Harvest_Ritual_329bfa3d-283c-457f-b047-fa066b42d721-480x600.jpg.webp
104.21.34.20
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=e_d40d1578-b327-4db4-8691-eb2636444379&s=2&us_privacy=1---
50.31.142.127
https://teaandrosemary.com/category/astrology/learning/
unknown
https://mediavine-res.cloudinary.com/v1612197439/k4hpblizdzx4jckhy73t.jpg
unknown
https://teaandrosemary.com/category/spirituality/inner-work/
unknown
https://www.instagram.com/p/DBe25cYSjeD/
unknown
https://teaandrosemary.com/category/spirituality/starseeds/
unknown
https://teaandrosemary.com/wp-content/uploads/2023/12/prchi-palwe-lZnjX8kA9dY-unsplash-480x600.jpg
unknown
https://teaandrosemary.com/wp-content/uploads/2024/09/basilandbella_aphrodite_standing_in_the_distan
unknown
https://widget.us.criteo.com/dis/usersync.aspx?r=146&p=319&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fuid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue%26gdpr%3d%26gdprapplies%3dFalse%26ccpa%3d%26gpp%3dDBABzw~1---~BqgAAAAAAgA%26gpp_sid%3d-1%26profile%3d319%26redir%3dhttps%253A%252F%252Fexchange.mediavine.com%252Fusersync%252Fredirect%253Fpartner%253Dcriteo%2526uuid%253D53c22730-a7ef-11ef-9524-59b39092d66a%2526s2sVersion%253Dproduction%2526partnerId%253D%2524%7BCRITEO_USER_ID%7D&gdpr=&gdpr_consent=&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=-1
74.119.117.16
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Zz8EkgAGkCPfTwAZ&gdpr=0&gdpr_consent=
198.47.127.205
https://usersync.gumgum.com/usersync?b=zem&i=GGC9q9qJE4uP2EF5dzGL&us_privacy=1---
34.247.233.198
https://teaandrosemary.com/wp-content/plugins/instagram-feed/img/placeholder.png
104.21.34.20
https://b1sync.zemanta.com/usersync/openx?puid=9fcffae5-4059-05cc-1b40-e6332c095f6c&cb=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D560843120%26val%3D__ZUID__
50.31.142.127
https://teaandrosemary.com/category/witchcraft/occult/
unknown
https://teaandrosemary.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
104.21.34.20
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
142.250.185.66
https://ice.360yield.com/server_match?&partner_id=1625&r=https://exchange.mediavine.com/usersync/redirect?partner=improvedigital&uuid=53c22730-a7ef-11ef-9524-59b39092d66a&s2sVersion=production&partnerId={PUB_USER_ID}
18.203.194.139
https://teaandrosemary.com/wp-content/plugins/convertkit/resources/frontend/css/broadcasts.css?ver=2
unknown
https://teaandrosemary.com/wp-includes/wlwmanifest.xml
unknown
https://teaandrosemary.com/how-to-read-tea-leaves-tasseography/
unknown
https://ups.analytics.yahoo.com/ups/58749/sync?redir=true&gpp_sid=-1&gpp=DBABzw~1---~BqgAAAAAAgA&verify=true
87.248.119.251
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ecd4fcde-b77b-8fb4-8c7d-f866672a4af7
98.82.156.207
https://teaandrosemary.com/wp-content/uploads/2022/10/basilandbella_photo_of_woman_dressed_like_demeter_in_the_fall_3f0f5bde-7560-4c19-b3b8-8ae43a7937f9-480x600.jpg.webp
104.21.34.20
https://teaandrosemary.com/wp-content/plugins/convertkit/resources/frontend/css/button.css?ver=2.3.2
104.21.34.20
https://scontent-ord5-2.cdninstagram.com/v/t51.75761-15/464503602_18047027729001741_8568069576548420
unknown
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
34.36.216.150
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
unknown
https://www.rtbhouse.com/
unknown
https://ssum-sec.casalemedia.com/usermatchredir?s=193478&cb=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3DindexExchange%26uuid%3D53c22730-a7ef-11ef-9524-59b39092d66a%26s2sVersion%3Dproduction%26partnerId%3D
104.18.27.193
https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
3.121.150.111
https://fontawesome.com/license/free
unknown
https://scontent-ord5-2.cdninstagram.com/v/t51.75761-15/467870704_18049895015001741_1675791445307522
unknown
https://teaandrosemary.com/wp-content/plugins/convertkit/resources/frontend/js/broadcasts.js?ver=2.3.2
104.21.34.20
https://teaandrosemary.com/bibliomancy/
unknown
https://teaandrosemary.com/wp-content/uploads/2021/08/Copy-of-Copy-of-Tea-6-480x168.png.webp
unknown
https://teaandrosemary.com/wp-content/uploads/2021/08/Copy-of-Copy-of-Tea-6-480x168.png
unknown
https://pixel.onaudience.com/?partner=214&mapped=8C0D9DDA-0AEA-4A22-96F8-FA9C551D724B&gdpr=0&gdpr_consent=
54.38.113.7
https://c1.adform.net/serving/cookie/match?party=14&cid=8C0D9DDA-0AEA-4A22-96F8-FA9C551D724B&gdpr=0&
unknown
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8C0D9DDA-0AEA-4A22-96F8-FA9C551D724B&redir=true&gdpr=0&gdpr_consent=
67.220.228.200
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3700136482230454526&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
3.122.214.165
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3601273278595652539&gdpr=0&gdpr_consent=
198.47.127.205
https://ssp-sync.criteo.com/user-sync/match?p=ZFfkGF9PSkx0dGlyVk9pbE1ZdkJkY2Mzcm1nQ2pVNkZzMXFITXU5YmIxbFJxUlJ5YUVUbW1ycGRjUkdWJTJCYyUyQm9oNGJ5biUyRnlYYXl0aHFvcmtXM1M5RjZta3J0eFlpTDJvZlIza0N4TDIxYU9valBqNnVrS2Q5aXAwcm5KMmkzWGNsblNlVCUyRldpVyUyRmxjcUFGcmwlMkJnQVF5U0J5bTUxbUl1UUlGUEE1MXNPeUFRT0xvd2ZWTmEyWVNEU0RZYVRDbyUyQldVNHJSJTJCcWFvaHRMdnlkckg3NEc3NmhucjkzUXdnWUQ0VjFZVFp6STVSRk15Z0puZW4ySWU3WVBid0w3ZHdCVVkzbUNtaFpJUzU4MyUyRkF2MWh3RTBnSnJmNUxQMTVLMiUyQjVBY0prVm5rUFFjOHNZbkpFJTNE&u=3094c032-c6fa-4250-9b72-b5665ef8a65d
178.250.1.57
https://teaandrosemary.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
104.21.34.20
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fexchange.mediavine.com%2Fusersync%2Fredirect%3Fpartner%3DindexExchange%26uuid%3D53c22730-a7ef-11ef-9524-59b39092d66a%26s2sVersion%3Dproduction%26partnerId%3D&s=193478&C=1
104.18.27.193
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
stats.wp.com
192.0.76.3
securepubads.g.doubleclick.net
142.250.186.162
um.simpli.fi
34.13.138.208
1.gravatar.com
192.0.73.2
static.nl3.vip.prod.criteo.net
178.250.1.3
e.chicoryapp.com
34.36.130.12
global.px.quantserve.com
91.228.74.159
id5-sync.com
162.19.138.120
d-ams1.turn.com
46.228.164.13
rtb.openx.net
35.186.253.211
platform.twitter.map.fastly.net
146.75.120.157
disqus.com
151.101.192.134
mediavine-3pd.cloud.optable.co
34.149.155.241
pandg.tapad.com
34.102.243.38
crb.kargo.com
35.157.49.87
mwzeom.zeotap.com
172.67.40.173
www.google.com
142.250.185.132
sync.intentiq.com
18.245.60.10
lb.eu-1-id5-sync.com
141.95.33.120
id.rlcdn.com
35.244.174.68
dta23xhexutk5.cloudfront.net
18.244.18.125
match.adsrvr.org
52.223.40.198
dsp-cookie.adfarm1.adition.com
80.82.210.217
match.prod.bidr.io
54.229.88.203
chidc2.outbrain.org
50.31.142.127
creativecdn.com
185.184.8.90
pagead-googlehosted.l.google.com
216.58.206.65
pugm-lhrc.pubmnet.com
185.64.190.78
plus.l.google.com
172.217.18.14
uip.semasio.net
77.243.51.122
m.deepintent.com
38.91.45.7
events-ssc.33across.com
34.117.239.71
nld-prebid.a-mx.net
163.5.194.30
esp.rtbhouse.com
35.190.39.111
i0.wp.com
192.0.77.2
pixel.onaudience.com
54.38.113.7
pug-lhr-bc.pubmnet.com
185.64.191.210
pixel-sync.sitescout.com
34.36.216.150
detgh1asa1dg4.cloudfront.net
18.66.147.40
teaandrosemary.com
172.67.153.54
i2.wp.com
192.0.77.2
euw-ice.360yield.com
18.203.194.139
d1ykf07e75w7ss.cloudfront.net
108.138.3.93
pdmp.papi-public.eu-central-1.dmp.3lift.com
18.195.239.197
d3mdrpbbs8qfxa.cloudfront.net
18.173.205.127
ssum-sec.casalemedia.com
104.18.27.193
oajs.openx.net
34.120.107.143
in-ftd-104.nl3.vip.prod.criteo.com
178.250.1.57
presentation-ams1.turn.com
46.228.164.11
t-amsc.pubmnet.com
185.64.189.226
mediavine-auth.cloud.optable.co
34.149.155.241
rtb.adgrx.com
52.19.224.221
config.aps.amazon-adsystem.com
18.245.31.92
widget.us5.vip.prod.criteo.com
74.119.117.16
sda.fyi
188.114.96.3
am1-direct-bgp.contextweb.com
208.93.169.131
oa.openxcdn.net
34.102.146.192
pdmp.dcapi.dmp.3lift.com
52.20.95.51
de.tynt.com
67.202.105.32
pugm-amsfpairbc.pubmnet.com
198.47.127.19
hde.tynt.com
67.202.105.34
pghub.io
35.241.45.217
pixel-eu.onaudience.com
54.38.113.4
contextual.media.net
95.101.148.20
scontent.xx.fbcdn.net
157.240.0.6
api.rlcdn.com
34.120.133.55
some.growplow.events
188.114.97.3
s.gravatar.com
192.0.73.2
widget.nl3.vip.prod.criteo.com
178.250.1.9
spug-lhrc.pubmnet.com
185.64.190.81
sync.srv.stackadapt.com
3.211.75.57
cdn.id5-sync.com
172.67.38.106
pixel.tapad.com
34.111.113.62
a.nel.cloudflare.com
35.190.80.1
pippio.com
107.178.254.65
sync.ipredictive.com
34.196.74.196
s.amazon-adsystem.com
98.82.156.207
aax-eu.amazon-adsystem.com
67.220.228.200
i1.wp.com
192.0.77.2
mediavine.cloud.optable.co
34.149.155.241
syndication.twitter.com
104.244.42.72
youtube.com
142.250.185.142
outspot2-ams.adx.opera.com
82.145.213.8
sync.colossusssp.com
172.240.155.100
t-lhrc.pubmnet.com
185.64.190.82
d1wsawskf2klzj.cloudfront.net
13.33.187.51
feed.pghub.io
34.102.243.38
ib.anycast.adnxs.com
37.252.173.215
dsp.nrich.ai
51.255.68.171
uipus.semasio.net
50.57.31.206
eu-eb2.3lift.com
13.248.245.213
hbopenbid-ams.pubmnet.com
185.64.189.112
livepixel-production.bln.liveintent.com
52.204.113.148
sync.crwdcntrl.net
108.128.75.152
cdnjs.cloudflare.com
104.17.25.14
cm.g.doubleclick.net
142.250.185.66
sync.1rx.io
46.228.174.117
ds-pr-bh.ybp.gysm.yahoodns.net
52.16.54.39
eu-tlx.3lift.com
18.157.230.4
dcs-ups.g03.yahoodns.net
87.248.119.251
There are 90 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
38.91.45.7
m.deepintent.com
United States
18.66.147.40
detgh1asa1dg4.cloudfront.net
United States
34.96.70.87
invstatic101.creativecdn.com
United States
13.35.57.188
unknown
United States
3.160.150.30
unknown
United States
98.82.156.207
s.amazon-adsystem.com
United States
185.64.190.82
t-lhrc.pubmnet.com
United Kingdom
77.243.51.122
uip.semasio.net
Denmark
185.64.190.81
spug-lhrc.pubmnet.com
United Kingdom
54.72.67.43
unknown
United States
5.9.235.246
unknown
Germany
52.16.54.39
ds-pr-bh.ybp.gysm.yahoodns.net
United States
35.190.80.1
a.nel.cloudflare.com
United States
198.47.127.205
pug-ams-bc.pubmnet.com
United States
37.252.171.52
unknown
European Union
95.101.148.20
contextual.media.net
European Union
3.73.221.49
unknown
United States
211.120.53.192
unknown
Japan
13.248.245.213
eu-eb2.3lift.com
United States
35.190.39.111
esp.rtbhouse.com
United States
18.203.194.139
euw-ice.360yield.com
United States
107.178.254.65
pippio.com
United States
13.33.173.196
d1jvc9b8z3vcjs.cloudfront.net
United States
239.255.255.250
unknown
Reserved
34.196.74.196
sync.ipredictive.com
United States
54.229.88.203
match.prod.bidr.io
United States
34.247.233.198
usersync.gumgum.com
United States
178.250.1.11
gum.nl3.vip.prod.criteo.com
France
91.228.74.159
global.px.quantserve.com
United Kingdom
67.202.105.22
pixel.33across.com
United States
47.253.61.56
bid-iad-static.yeahtargeter.com
United States
35.244.174.68
id.rlcdn.com
United States
18.244.18.104
unknown
United States
51.255.68.171
dsp.nrich.ai
France
18.245.31.92
config.aps.amazon-adsystem.com
United States
172.67.40.173
mwzeom.zeotap.com
United States
216.58.206.34
unknown
United States
208.93.169.131
am1-direct-bgp.contextweb.com
United States
188.40.16.146
client-rapi-mediavine.recombee.com
Germany
18.157.230.4
eu-tlx.3lift.com
United States
87.248.119.251
dcs-ups.g03.yahoodns.net
United Kingdom
46.228.164.13
d-ams1.turn.com
United Kingdom
87.248.119.252
unknown
United Kingdom
34.91.165.80
unknown
United States
107.178.250.95
ads.optable.co
United States
34.36.130.12
e.chicoryapp.com
United States
46.228.164.11
presentation-ams1.turn.com
United Kingdom
34.149.155.241
mediavine-3pd.cloud.optable.co
United States
162.19.138.120
id5-sync.com
United States
169.197.150.7
unknown
United States
185.64.189.112
hbopenbid-ams.pubmnet.com
United Kingdom
3.121.150.111
exchange.mediavine.com
United States
3.122.214.165
ps.eyeota.net
United States
178.250.1.9
widget.nl3.vip.prod.criteo.com
France
35.186.154.107
cm-supply-web.gammaplatform.com
United States
172.67.38.106
cdn.id5-sync.com
United States
34.36.216.150
pixel-sync.sitescout.com
United States
34.120.133.55
api.rlcdn.com
United States
54.229.252.101
rtb.gumgum.com
United States
178.250.1.3
static.nl3.vip.prod.criteo.net
France
185.64.190.78
pugm-lhrc.pubmnet.com
United Kingdom
104.18.26.193
htlb.casalemedia.com
United States
3.211.75.57
sync.srv.stackadapt.com
United States
141.95.33.120
lb.eu-1-id5-sync.com
Germany
188.114.96.3
sda.fyi
European Union
18.197.30.174
match-eu-central-1-ecs.sharethrough.com
United States
3.123.137.67
unknown
United States
65.9.66.66
unknown
United States
162.19.138.119
unknown
United States
185.64.189.226
t-amsc.pubmnet.com
United Kingdom
18.210.235.203
idx.cph.liveintent.com
United States
18.244.18.125
dta23xhexutk5.cloudfront.net
United States
46.228.174.117
sync.1rx.io
United Kingdom
178.32.197.53
unknown
France
37.252.171.21
unknown
European Union
50.31.142.127
chidc2.outbrain.org
United States
34.102.243.38
pandg.tapad.com
United States
13.32.99.21
sb.scorecardresearch.com
United States
35.244.193.51
lexicon.33across.com
United States
67.220.228.200
aax-eu.amazon-adsystem.com
United States
192.168.2.5
unknown
unknown
67.220.228.201
unknown
United States
34.120.107.143
oajs.openx.net
United States
163.5.194.30
nld-prebid.a-mx.net
France
198.47.127.20
spug-amsfpairbc.pubmnet.com
United States
52.48.164.2
unknown
United States
142.250.185.66
cm.g.doubleclick.net
United States
3.33.220.150
unknown
United States
98.82.158.241
unknown
United States
172.64.150.63
a.tribalfusion.com
United States
54.38.113.4
pixel-eu.onaudience.com
France
178.250.1.57
in-ftd-104.nl3.vip.prod.criteo.com
France
3.78.168.176
unknown
United States
34.13.138.208
um.simpli.fi
United States
185.184.8.90
creativecdn.com
Poland
52.209.53.88
unknown
United States
198.47.127.19
pugm-amsfpairbc.pubmnet.com
United States
188.114.97.3
some.growplow.events
European Union
34.120.135.53
unknown
United States
13.33.187.51
d1wsawskf2klzj.cloudfront.net
United States
There are 90 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
https://teaandrosemary.com/
There are 34 hidden doms, click here to show them.