IOC Report
http://tax-com.com

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 51
ASCII text, with very long lines (2878)
dropped
Chrome Cache Entry: 52
HTML document, ASCII text, with very long lines (2173)
downloaded
Chrome Cache Entry: 53
ASCII text, with very long lines (3769)
dropped
Chrome Cache Entry: 54
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 55
ASCII text, with very long lines (3769)
dropped
Chrome Cache Entry: 56
ASCII text, with very long lines (2878)
downloaded
Chrome Cache Entry: 57
ASCII text, with very long lines (3693)
downloaded
Chrome Cache Entry: 58
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 59
HTML document, ASCII text
downloaded
Chrome Cache Entry: 60
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 61
HTML document, ASCII text, with very long lines (2178)
downloaded
Chrome Cache Entry: 62
ASCII text, with very long lines (3693)
downloaded
Chrome Cache Entry: 63
ASCII text, with no line terminators
dropped
There are 4 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 --field-trial-handle=2200,i,9564971714443996021,694442346471852842,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://tax-com.com"

URLs

Name
IP
Malicious
http://tax-com.com
malicious
https://tax-com.com/
malicious
https://www.innocraft.com/
unknown
https://tax-com.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyNDAzJTIwRm9yYmlkZGVuJTIyJTJDJTIyeCUyMiUzQTAuOTM3NzYyMjQ0NTk1MzkyNCUyQyUyMnclMjIlM0ExMjgwJTJDJTIyaCUyMiUzQTEwMjQlMkMlMjJqJTIyJTNBOTA3JTJDJTIyZSUyMiUzQTEyODAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ0YXgtY29tLmNvbSUyRmNnaS1iaW4lMkYlMjIlMkMlMjJyJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ0YXgtY29tLmNvbSUyRiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJ3aW5kb3dzLTEyNTIlMjIlMkMlMjJvJTIyJTNBMzAwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA==
104.21.22.91
http://www.apache.org/licenses/LICENSE-2.0
unknown
https://stats.us3.org/plugins/HeatmapSessionRecording/configs.php?idsite=111&trackerid=B18paG&url=https%3A%2F%2Ftax-com.com%2F
84.32.84.155
https://stats.us3.org/plugins/HeatmapSessionRecording/configs.php?idsite=111&trackerid=R3Fk4V&url=https%3A%2F%2Ftax-com.com%2Fcgi-bin%2F
84.32.84.155
https://tax-com.com/cgi-bin/
https://developer.matomo.org/api-reference/tracking-javascript
unknown
https://a.nel.cloudflare.com/report/v4?s=cHOwxTWvntvtoD%2FKprakJH1hPcbp4l6vF9lbpbGAYamh%2FPuLTg7ffu2CwcDFDPpbeKzb8kmDmmxvnZHiSQLnGRV6gZggvNwQ2t7jVaL39o2ekZtr7tVOFJZ4B7T0zQ%3D%3D
35.190.80.1
https://developer.matomo.org/guides/tracking-javascript-guide#multiple-piwik-trackers
unknown
https://github.com/matomo-org/matomo/blob/master/js/piwik.js
unknown
https://www.innocraft.com/license
unknown
https://piwik.org/free-software/bsd/
unknown
https://tax-com.com/favicon.ico
104.21.22.91
https://tax-com.com/cdn-cgi/zaraz/t
unknown
https://stats.us3.org/matomo.php?action_name=403%20Forbidden&idsite=111&rec=1&r=505989&h=9&m=53&s=20&url=https%3A%2F%2Ftax-com.com%2Fcgi-bin%2F&urlref=https%3A%2F%2Ftax-com.com%2F&_id=7d34fe4386c1df5d&_idn=0&cs=windows-1252&send_image=0&_refts=0&pv_id=kkG5QP&pf_net=598&pf_srv=565&pf_tfr=2&pf_dm1=20&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22117.0.5938.132%22%7D%2C%7B%22brand%22%3A%22Not%3BA%3DBrand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22117.0.5938.132%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024
84.32.84.155
https://stats.us3.org/matomo.php?action_name=Index%20of%20%2F&idsite=111&rec=1&r=447495&h=9&m=53&s=14&url=https%3A%2F%2Ftax-com.com%2F&_id=7d34fe4386c1df5d&_idn=1&cs=windows-1252&send_image=0&_refts=0&pv_id=YgBEbT&pf_net=2644&pf_srv=900&pf_tfr=2&pf_dm1=34&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22117.0.5938.132%22%7D%2C%7B%22brand%22%3A%22Not%3BA%3DBrand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22117.0.5938.132%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Windows%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024
84.32.84.155
https://piwik.org
unknown
https://tax-com.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIySW5kZXglMjBvZiUyMCUyRiUyMiUyQyUyMnglMjIlM0EwLjgxMjA2MzE1ODI3NTMxNDIlMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTkwNyUyQyUyMmUlMjIlM0ExMjgwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGdGF4LWNvbS5jb20lMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMndpbmRvd3MtMTI1MiUyMiUyQyUyMm8lMjIlM0EzMDAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
104.21.22.91
https://stats.us3.org/matomo.js
84.32.84.155
https://a.nel.cloudflare.com/report/v4?s=LicgkSgfUq0WJU8EF992D0f9LmQz7zfgnsdJJYOskaB3E7msbC7IY%2FHTLbRbQ7rXqiJgJqThljw1U688SVmQs7uvmIIJyPgdOfjrD3oNOBRRodIOo7OCUKPU04JQLA%3D%3D
35.190.80.1
There are 11 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
tax-com.com
172.67.203.198
malicious
a.nel.cloudflare.com
35.190.80.1
stats.us3.org
84.32.84.155
www.google.com
172.217.21.36

IPs

IP
Domain
Country
Malicious
172.67.203.198
tax-com.com
United States
malicious
239.255.255.250
unknown
Reserved
172.217.21.36
www.google.com
United States
35.190.80.1
a.nel.cloudflare.com
United States
192.168.2.4
unknown
unknown
104.21.22.91
unknown
United States
84.32.84.155
stats.us3.org
Lithuania

DOM / HTML

URL
Malicious
https://tax-com.com/
https://tax-com.com/
https://tax-com.com/cgi-bin/
https://tax-com.com/cgi-bin/