IOC Report
https://xeinadinuk.accountantspace.co.uk

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 100
Unicode text, UTF-8 (with BOM) text, with no line terminators
dropped
Chrome Cache Entry: 101
ASCII text, with very long lines (63963)
downloaded
Chrome Cache Entry: 102
Web Open Font Format (Version 2), TrueType, length 28132, version 1.0
downloaded
Chrome Cache Entry: 103
ASCII text, with very long lines (32074)
dropped
Chrome Cache Entry: 104
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 105
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 106
ASCII text, with very long lines (56656)
downloaded
Chrome Cache Entry: 107
ASCII text, with very long lines (65409)
dropped
Chrome Cache Entry: 108
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
downloaded
Chrome Cache Entry: 109
MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel
downloaded
Chrome Cache Entry: 110
ASCII text, with very long lines (686)
downloaded
Chrome Cache Entry: 111
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
Chrome Cache Entry: 112
ASCII text, with very long lines (23117), with no line terminators
downloaded
Chrome Cache Entry: 113
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 114
gzip compressed data, from Unix, original size modulo 2^32 136387
downloaded
Chrome Cache Entry: 115
ASCII text, with very long lines (15790), with no line terminators
dropped
Chrome Cache Entry: 116
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
Chrome Cache Entry: 117
Unicode text, UTF-8 text, with very long lines (65504), with no line terminators
dropped
Chrome Cache Entry: 118
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 119
Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
dropped
Chrome Cache Entry: 120
ASCII text, with very long lines (671), with CRLF line terminators
dropped
Chrome Cache Entry: 121
ASCII text
downloaded
Chrome Cache Entry: 122
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 123
ASCII text, with very long lines (15790), with no line terminators
downloaded
Chrome Cache Entry: 124
Web Open Font Format (Version 2), TrueType, length 28076, version 1.0
downloaded
Chrome Cache Entry: 125
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
dropped
Chrome Cache Entry: 126
ASCII text, with very long lines (39553)
downloaded
Chrome Cache Entry: 127
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
downloaded
Chrome Cache Entry: 128
ASCII text, with very long lines (32065)
dropped
Chrome Cache Entry: 129
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 130
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 131
ASCII text, with very long lines (65450), with CRLF line terminators
downloaded
Chrome Cache Entry: 132
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 133
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
downloaded
Chrome Cache Entry: 134
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 135
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 136
Unicode text, UTF-8 (with BOM) text, with no line terminators
downloaded
Chrome Cache Entry: 137
ASCII text, with very long lines (556), with CRLF line terminators
downloaded
Chrome Cache Entry: 138
JSON data
downloaded
Chrome Cache Entry: 139
MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel
dropped
Chrome Cache Entry: 140
JSON data
downloaded
Chrome Cache Entry: 141
gzip compressed data, from Unix, original size modulo 2^32 22636
downloaded
Chrome Cache Entry: 142
JSON data
downloaded
Chrome Cache Entry: 143
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
downloaded
Chrome Cache Entry: 144
JSON data
dropped
Chrome Cache Entry: 145
gzip compressed data, from Unix, original size modulo 2^32 136387
dropped
Chrome Cache Entry: 146
JSON data
dropped
Chrome Cache Entry: 147
ASCII text, with very long lines (65450), with CRLF line terminators
dropped
Chrome Cache Entry: 148
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 149
Unicode text, UTF-8 text, with very long lines (1714), with CRLF line terminators
dropped
Chrome Cache Entry: 150
ASCII text, with very long lines (19067)
dropped
Chrome Cache Entry: 151
Web Open Font Format (Version 2), TrueType, length 129488, version 4.6946
downloaded
Chrome Cache Entry: 152
ASCII text, with very long lines (671), with CRLF line terminators
downloaded
Chrome Cache Entry: 153
PC bitmap, Windows 3.x format, 60 x 60 x 32, resolution 3780 x 3780 px/m, cbSize 14454, bits offset 54
downloaded
Chrome Cache Entry: 154
ASCII text, with very long lines (1253), with CRLF line terminators
dropped
Chrome Cache Entry: 155
ASCII text, with very long lines (39553)
dropped
Chrome Cache Entry: 156
ASCII text, with very long lines (32074)
downloaded
Chrome Cache Entry: 157
ASCII text, with very long lines (32017)
downloaded
Chrome Cache Entry: 158
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
Chrome Cache Entry: 159
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 160
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 161
Unicode text, UTF-8 (with BOM) text, with very long lines (502), with CRLF line terminators
downloaded
Chrome Cache Entry: 162
Unicode text, UTF-8 (with BOM) text, with very long lines (849), with CRLF line terminators
downloaded
Chrome Cache Entry: 163
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 164
Unicode text, UTF-8 text, with very long lines (65504), with no line terminators
downloaded
Chrome Cache Entry: 165
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 166
Web Open Font Format (Version 2), TrueType, length 129740, version 4.6946
downloaded
Chrome Cache Entry: 167
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 168
Web Open Font Format (Version 2), TrueType, length 132864, version 4.6946
downloaded
Chrome Cache Entry: 169
ASCII text, with very long lines (672)
downloaded
Chrome Cache Entry: 170
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
Chrome Cache Entry: 171
Unicode text, UTF-8 (with BOM) text, with very long lines (849), with CRLF line terminators
dropped
Chrome Cache Entry: 172
JSON data
dropped
Chrome Cache Entry: 173
ASCII text, with very long lines (1253), with CRLF line terminators
downloaded
Chrome Cache Entry: 174
ASCII text, with very long lines (19067)
downloaded
Chrome Cache Entry: 175
ASCII text, with very long lines (39553), with CRLF line terminators
dropped
Chrome Cache Entry: 176
ASCII text, with very long lines (32017)
dropped
Chrome Cache Entry: 177
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 178
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 179
ASCII text, with very long lines (39553), with CRLF line terminators
downloaded
Chrome Cache Entry: 180
Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
downloaded
Chrome Cache Entry: 181
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 182
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
Chrome Cache Entry: 183
ASCII text, with very long lines (65365), with CRLF line terminators
downloaded
Chrome Cache Entry: 184
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
downloaded
Chrome Cache Entry: 185
ASCII text, with very long lines (32065)
downloaded
Chrome Cache Entry: 186
Unicode text, UTF-8 text, with very long lines (1714), with CRLF line terminators
downloaded
Chrome Cache Entry: 187
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 188
ASCII text, with very long lines (23044), with no line terminators
downloaded
Chrome Cache Entry: 189
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 190
HTML document, Unicode text, UTF-8 text, with very long lines (2811), with CRLF line terminators
downloaded
Chrome Cache Entry: 191
PC bitmap, Windows 3.x format, 60 x 60 x 32, resolution 3780 x 3780 px/m, cbSize 14454, bits offset 54
dropped
Chrome Cache Entry: 98
ASCII text, with very long lines (65409)
downloaded
Chrome Cache Entry: 99
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
downloaded
There are 85 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 --field-trial-handle=2324,i,8835228511342235594,6212627677141902743,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://xeinadinuk.accountantspace.co.uk"

URLs

Name
IP
Malicious
https://xeinadinuk.accountantspace.co.uk
https://cdn.wolterskluwer.io/wk/fundamentals/1.x.x/icons/assets/flags/
unknown
https://github.com/paulmillr/es6-shim/issues/176
unknown
https://cdn.jsdelivr.net/npm/bootstrap
unknown
https://www.basecone.com/en/flux/
unknown
https://xeinadinuk.accountantspace.co.uk/html/css/style.min.css?v=9c36d04a1cae7a1c8dc097d5038f549f
45.60.123.62
https://cdn.jsdelivr.net/npm/jquery@2.2.4/dist/jquery.min.js
151.101.1.229
https://cdn.wolterskluwer.io/wk/fundamentals/1.x.x/logo/assets/wheel-small.svg
18.239.83.84
http://es5.github.io/#x15.5.4.20
unknown
http://jqueryui.com
unknown
https://cdn.jsdelivr.net/npm/moment@2.24.0/min/moment-with-locales.min.js
151.101.1.229
https://login.wolterskluwer.eu/selfservice/extern/locallogout
unknown
https://api.appcues.net/v1/socket/websocket?vsn=2.0.0
52.38.248.37
http://www.ecma-international.org/ecma-262/6.0/#sec-additional-properties-of-the-string.prototype-ob
unknown
https://github.com/petkaantonov/bluebird/wiki/Optimization-killers#32-leaking-arguments
unknown
https://bugzilla.mozilla.org/show_bug.cgi?id=1170742
unknown
https://github.com/paulmillr/es6-shim
unknown
https://login.wolterskluwer.eu/auth/core/login?signin=fbd494a82bfa796c18c5f8b21d35e2dc9a829f47d8e36fa84e3acade16340385&client_id=WK.UK.OneClick.MFA&redirect_uri=https://xeinadinuk.accountantspace.co.uk/
http://polymer.github.io/AUTHORS.txt
unknown
https://bugs.webkit.org/show_bug.cgi?id=143865
unknown
https://www.youtube.com/watch?v=D0d2QgTzcHU
unknown
https://fontawesome.com
unknown
https://api.accountantspace.co.uk/compliance/
unknown
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Math/imul
unknown
https://api.accountantspace.co.uk/practice-portal
unknown
https://xeinadinuk.accountantspace.co.uk/html/Scripts/lib.min.js?v=1348967b506b4f6306818ac4698d04d0
45.60.123.62
http://jsperf.com/string-repeat2/2
unknown
http://dbaron.org/log/20100309-faster-timeouts
unknown
http://www.ecma-international.org/ecma-262/6.0/#sec-call
unknown
http://getbootstrap.com)
unknown
https://cdn.jsdelivr.net/npm/breeze-client@1.6.3/breeze.min.js
151.101.1.229
https://www.basecone.com/en/
unknown
https://fast.appcues.com/widget-bundle.js
unknown
https://api.accountantspace.co.uk/data-collection/
unknown
https://gist.github.com/WebReflection/4327762cb87a8c634a29
unknown
https://cdn.wolterskluwer.io/wk/fundamentals/1.15.5/typography/assets/FiraSans-MediumItalic.woff)
unknown
https://bugs.ecmascript.org/show_bug.cgi?id=2416
unknown
https://cdn.wolterskluwer.io/wk/fundamentals/1.15.5/typography/assets/FiraSans-Italic.woff)
unknown
https://login.wolterskluwer.eu
unknown
https://bugzilla.mozilla.org/show_bug.cgi?id=907077#c14
unknown
https://xeinadinuk.accountantspace.co.uk/
45.60.123.62
https://xeinadinuk.accountantspace.co.uk/html/content/favicon.ico
45.60.123.62
https://github.com/ljharb/is-arguments/blob/master/index.js
unknown
http://polymer.github.io/PATENTS.txt
unknown
https://xeinadinuk.accountantspace.co.uk/html/locales/en/app.json
45.60.123.62
https://xeinadinuk.accountantspace.co.uk/html/config/features.json
45.60.123.62
https://fast.appcues.com
unknown
https://cdn.wolterskluwer.io/wk/fundamentals/1.15.5/icons/assets/wk-icons.woff2)
unknown
http://durandaljs.com
unknown
https://www.youtube.com/watch?v=wSeH3SCVPJg
unknown
https://fast.appcues.com/widget.css
unknown
http://polymer.github.io/LICENSE.txt
unknown
https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js
151.101.1.229
https://cdn.wolterskluwer.io/wk/fundamentals/1.15.5/typography/assets/FiraSans-Light.woff2)
unknown
https://www.basecone.com/en/pricing/
unknown
http://www.ecma-international.org/ecma-262/6.0/#sec-typeof-operator-runtime-semantics-evaluation
unknown
http://www.opensource.org/licenses/mit-license.php)
unknown
https://cdn.wolterskluwer.io/wk/fundamentals/1.15.5/typography/assets/FiraSans-MediumItalic.woff2)
unknown
https://github.com/domenic/promises-unwrapping/issues/75
unknown
https://cdn.jsdelivr.net/npm/moment
unknown
https://xeinadinuk.accountantspace.co.uk/servicehosts/oneclick/api/configuration/subdomains/xeinadinuk/theme/css?v=1724853405446
45.60.123.62
https://code.google.com/p/v8/issues/detail?id=4161
unknown
https://bugs.webkit.org/show_bug.cgi?id=144190
unknown
https://github.com/twbs/bootstrap/blob/master/LICENSE)
unknown
https://cdn.wolterskluwer.io/wk/fundamentals/1.15.5/typography/assets/FiraSans-Medium.woff2)
unknown
http://www.ecma-international.org/ecma-262/6.0/#sec-terms-and-definitions-number-type
unknown
https://bugs.webkit.org/show_bug.cgi?id=143658
unknown
https://xeinadinuk.accountantspace.co.uk/html/
https://cdn.wolterskluwer.io/wk/fundamentals/1.15.5/typography/assets/FiraSans-Light.woff)
unknown
https://github.com/lipis/bootstrap-social
unknown
https://code.google.com/p/chromium/issues/detail?id=575314
unknown
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
104.17.24.14
https://github.com/paulmillr/es6-shim/issues/252
unknown
https://github.com/Raynos/observ-hash/issues/2#issuecomment-35857671
unknown
https://cdn.wolterskluwer.io/wk/fundamentals/1.15.5/typography/assets/FiraSans-Light.woff2
18.239.83.84
https://github.com/paulmillr/es6-shim/issues/314#issuecomment-70293986
unknown
https://gist.github.com/WebReflection/5593554
unknown
https://www.basecone.com/en/spenser/
unknown
https://cdn.wolterskluwer.io/wk/components/1.x.x/all.min.css
18.239.83.84
https://bugzilla.mozilla.org/show_bug.cgi?id=1062484
unknown
https://fast.appcues.com/generic/main/6.2.21/appcues.main.37c675fb5e2bda615a7b768ac06082e017429ff1.j
unknown
https://github.com/BlueSpire/Durandal
unknown
https://cdn.jsdelivr.net/npm/jquery
unknown
https://bugs.ecmascript.org/show_bug.cgi?id=2465
unknown
https://fontawesome.com/license/free
unknown
https://cdn.wolterskluwer.io/wk/components/1.x.x/bundle.js
18.239.83.84
https://cdn.wolterskluwer.io/wk/fundamentals/1.15.5/typography/assets/FiraSans-Regular.woff)
unknown
https://github.com/paulmillr/es6-shim/blob/0.35.3/LICENSE
unknown
http://paulmillr.com)
unknown
https://esdiscuss.org/topic/fixing-promise-resolve
unknown
https://cdn.wolterskluwer.io/wk/fundamentals/1.15.5/typography/assets/FiraSans-Regular.woff2
18.239.83.84
https://xeinadinuk.accountantspace.co.uk/activation/api/aaamigration/aaaflags/subdomain/xeinadinuk
45.60.123.62
https://cdn.wolterskluwer.io/wk/fundamentals/1.x.x/all.min.css
18.239.83.84
https://cdn.wolterskluwer.io/wk/fundamentals/1.15.5/typography/assets/FiraSans-Medium.woff2
18.239.83.84
http://angularjs.org
unknown
https://cdn.wolterskluwer.io/wk/fundamentals/1.15.5/typography/assets/FiraSans-LightItalic.woff2)
unknown
https://xeinadinuk.accountantspace.co.uk/html/Scripts/app.min.js?v=1092a1a2912824a6c7910ccfe3edf064
45.60.123.62
https://cdn.wolterskluwer.io/wk/fundamentals/1.x.x/logo/assets/wheel-medium.svg
18.239.83.84
https://cdn.wolterskluwer.io/wk/fundamentals/1.15.5/typography/assets/FiraSans-LightItalic.woff)
unknown
http://www.addison.de
unknown
https://bugzilla.mozilla.org/show_bug.cgi?id=869996
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
jsdelivr.map.fastly.net
151.101.1.229
bg.microsoft.map.fastly.net
199.232.214.172
maga2pa.impervadns.net
45.60.123.62
cdnjs.cloudflare.com
104.17.24.14
www.google.com
142.250.185.164
dxqv408cny2ja.cloudfront.net
18.239.83.84
api.appcues.net
52.38.248.37
windowsupdatebg.s.llnwi.net
87.248.205.0
cdn.wolterskluwer.io
unknown
cdn.jsdelivr.net
unknown
login.wolterskluwer.eu
unknown
xeinadinuk.accountantspace.co.uk
unknown
fast.appcues.com
unknown
There are 3 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
104.17.24.14
cdnjs.cloudflare.com
United States
151.101.1.229
jsdelivr.map.fastly.net
United States
45.60.123.62
maga2pa.impervadns.net
United States
52.38.248.37
api.appcues.net
United States
192.168.2.9
unknown
unknown
18.245.31.33
unknown
United States
192.168.2.6
unknown
unknown
18.239.83.84
dxqv408cny2ja.cloudfront.net
United States
239.255.255.250
unknown
Reserved
142.250.185.164
www.google.com
United States
104.17.25.14
unknown
United States
There are 1 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
https://xeinadinuk.accountantspace.co.uk/html/
https://xeinadinuk.accountantspace.co.uk/html/
https://xeinadinuk.accountantspace.co.uk/html/
https://login.wolterskluwer.eu/auth/core/login?signin=fbd494a82bfa796c18c5f8b21d35e2dc9a829f47d8e36fa84e3acade16340385&client_id=WK.UK.OneClick.MFA&redirect_uri=https://xeinadinuk.accountantspace.co.uk/
https://login.wolterskluwer.eu/auth/core/login?signin=fbd494a82bfa796c18c5f8b21d35e2dc9a829f47d8e36fa84e3acade16340385&client_id=WK.UK.OneClick.MFA&redirect_uri=https://xeinadinuk.accountantspace.co.uk/