Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 2 14:55:15 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 2 14:55:15 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 2 14:55:15 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 2 14:55:15 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 2 14:55:14 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
Chrome Cache Entry: 100
|
ASCII text, with very long lines (1879)
|
dropped
|
||
Chrome Cache Entry: 101
|
ASCII text, with very long lines (65465)
|
dropped
|
||
Chrome Cache Entry: 102
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 24134
|
downloaded
|
||
Chrome Cache Entry: 103
|
gzip compressed data, max compression, original size modulo 2^32 1078
|
downloaded
|
||
Chrome Cache Entry: 104
|
HTML document, ASCII text, with very long lines (12869)
|
downloaded
|
||
Chrome Cache Entry: 105
|
Web Open Font Format (Version 2), TrueType, length 30480, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 106
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 107
|
Web Open Font Format (Version 2), TrueType, length 34852, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 108
|
ASCII text, with very long lines (1879)
|
downloaded
|
||
Chrome Cache Entry: 109
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 110
|
MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors
|
dropped
|
||
Chrome Cache Entry: 81
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 82
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 55734
|
downloaded
|
||
Chrome Cache Entry: 83
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 84
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
||
Chrome Cache Entry: 85
|
ASCII text, with very long lines (392), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 86
|
ASCII text, with very long lines (59565)
|
dropped
|
||
Chrome Cache Entry: 87
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 691197
|
downloaded
|
||
Chrome Cache Entry: 88
|
ASCII text
|
downloaded
|
||
Chrome Cache Entry: 89
|
ASCII text, with very long lines (59565)
|
downloaded
|
||
Chrome Cache Entry: 90
|
GIF image data, version 89a, 1 x 1
|
dropped
|
||
Chrome Cache Entry: 91
|
ASCII text, with very long lines (3285)
|
downloaded
|
||
Chrome Cache Entry: 92
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 24134
|
dropped
|
||
Chrome Cache Entry: 93
|
ASCII text, with very long lines (1879)
|
downloaded
|
||
Chrome Cache Entry: 94
|
ASCII text, with very long lines (392), with no line terminators
|
dropped
|
||
Chrome Cache Entry: 95
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3854
|
downloaded
|
||
Chrome Cache Entry: 96
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 97
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 7751
|
downloaded
|
||
Chrome Cache Entry: 98
|
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 55734
|
dropped
|
||
Chrome Cache Entry: 99
|
HTML document, ASCII text, with very long lines (619)
|
downloaded
|
There are 27 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1944,i,10710429286931592157,6771887150613169542,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://northeastcolors.com"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://northeastcolors.com
|
|||
https://btloader.com/tag?o=5097926782615552&upapi=true
|
104.22.74.216
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCv6KVjbNBYlgoCjC3js2yNL4U.woff2)
|
unknown
|
||
https://api.aws.parking.godaddy.com/v1/parking/landers/northeastcolors.com?trafficTarget=reseller&abp=1&gdabp=true
|
3.214.241.142
|
||
https://api.aws.parking.godaddy.com/v1/parkingEvents?abp=1&gdabp=true
|
44.195.54.163
|
||
https://widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/main.js
|
52.222.236.60
|
||
https://syndicatedsearch.goog
|
unknown
|
||
https://img1.wsimg.com/parking-lander/static/js/main.36e19f48.js
|
unknown
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCs6KVjbNBYlgoKfA72j00.woff2)
|
unknown
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCv6KVjbNBYlgoCxCvjvGyNL4U.woff2)
|
unknown
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCv6KVjbNBYlgoCjC3jvWyNL4U.woff2)
|
unknown
|
||
https://widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/index.html?templateId=5419b637fa0340045cd0c936&businessunitId=483fd2b90000640005029919
|
52.222.236.60
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCv6KVjbNBYlgoCxCvjsGyN.woff2)
|
unknown
|
||
https://www.godaddy.com/domainsearch/find?key=parkweb
|
unknown
|
||
https://widget.trustpilot.com/fonts/ubuntu.css
|
52.222.236.60
|
||
https://widget.trustpilot.com/trustbox-data/5419b637fa0340045cd0c936?businessUnitId=483fd2b90000640005029919&locale=en-US
|
52.222.236.60
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2)
|
unknown
|
||
https://www.godaddy.com
|
unknown
|
||
https://northeastcolors.com/lander
|
|||
https://www.trustpilot.com/evaluate/www.godaddy.com
|
unknown
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCs6KVjbNBYlgoKfw72.woff2)
|
unknown
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCv6KVjbNBYlgoCjC3jsGyN.woff2)
|
unknown
|
||
https://www.trustpilot.com/evaluate/embed/www.godaddy.com
|
unknown
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCv6KVjbNBYlgoCxCvjs2yNL4U.woff2)
|
unknown
|
||
https://a.nel.cloudflare.com/report/v4?s=GDo2bKOXSU9PssIxuOhl2rt3VrC6WEepzVMEKgmOeisJcqJfZBHU%2BZlrA%2BrGQcmZ2SAalKZjovqu1oW6IAJaSfFn0rVo6UlwVdXMztb9Yi6bEBS5I0zrvWyKbwOrQ0bJaw%3D%3D
|
35.190.80.1
|
||
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.186.164
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCs6KVjbNBYlgoKfw72.woff2
|
52.222.236.60
|
||
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
|
172.217.18.102
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCv6KVjbNBYlgoCxCvjvWyNL4U.woff2)
|
unknown
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCs6KVjbNBYlgoKcQ72j00.woff2)
|
unknown
|
||
https://widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=20px&styleWidth=fit-content&theme=light&fontFamily=Ubuntu&url=https%3A%2F%2Fnortheastcolors.com%2Flander&referrer=https%3A%2F%2Fnortheastcolors.com%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=483fd2b90000640005029919&widgetId=5419b637fa0340045cd0c936
|
52.222.236.60
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCv6KVjbNBYlgoCjC3jvGyNL4U.woff2)
|
unknown
|
||
https://ad-delivery.net/px.gif?ch=1&e=0.9534353814630845
|
172.67.69.19
|
||
https://syndicatedsearch.goog/adsense/domains/caf.js?pac=0
|
142.250.185.174
|
||
https://www.trustpilot.com/review/www.godaddy.com
|
unknown
|
||
https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=20px&styleWidth=fit-content&theme=light&fontFamily=Ubuntu&url=https%3A%2F%2Fnortheastcolors.com%2Flander&referrer=https%3A%2F%2Fnortheastcolors.com%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=483fd2b90000640005029919&widgetId=5419b637fa0340045cd0c936
|
52.222.236.60
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCs6KVjbNBYlgoKcg72j00.woff2)
|
unknown
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCs6KVjbNBYlgoKcw72j00.woff2)
|
unknown
|
||
https://northeastcolors.com/
|
|||
https://widget.trustpilot.com/fonts/ubuntu/4iCs6KVjbNBYlgoKew72j00.woff2)
|
unknown
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCv6KVjbNBYlgoCjC3jvmyNL4U.woff2)
|
unknown
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCv6KVjbNBYlgoCjC3jtGyNL4U.woff2)
|
unknown
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2)
|
unknown
|
||
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
|
52.222.236.107
|
||
https://www.google.com/pagead/1p-conversion/16521530460/?gad_source=1&adview_type=5
|
unknown
|
||
https://www.google.com/adsense/domains/caf.js?abp=1&gdabp=true
|
142.250.185.132
|
||
https://widget.trustpilot.com/fonts/ubuntu/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
|
52.222.236.60
|
||
https://img1.wsimg.com/parking-lander/static/css/main.ef90a627.css
|
unknown
|
There are 37 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
gddomainparking.com
|
3.214.241.142
|
||
northeastcolors.com
|
76.223.67.189
|
||
a.nel.cloudflare.com
|
35.190.80.1
|
||
syndicatedsearch.goog
|
142.250.181.238
|
||
ad.doubleclick.net
|
172.217.18.6
|
||
www.google.com
|
142.250.185.132
|
||
btloader.com
|
104.22.74.216
|
||
widget.trustpilot.com
|
52.222.236.107
|
||
googlehosted.l.googleusercontent.com
|
142.250.186.161
|
||
ad-delivery.net
|
172.67.69.19
|
||
img1.wsimg.com
|
unknown
|
||
afs.googleusercontent.com
|
unknown
|
||
api.aws.parking.godaddy.com
|
unknown
|
There are 3 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
52.222.236.107
|
widget.trustpilot.com
|
United States
|
||
192.168.2.17
|
unknown
|
unknown
|
||
3.214.241.142
|
gddomainparking.com
|
United States
|
||
192.168.2.6
|
unknown
|
unknown
|
||
52.222.236.60
|
unknown
|
United States
|
||
192.168.2.23
|
unknown
|
unknown
|
||
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
142.250.184.196
|
unknown
|
United States
|
||
104.26.2.70
|
unknown
|
United States
|
||
76.223.67.189
|
northeastcolors.com
|
United States
|
||
142.250.186.161
|
googlehosted.l.googleusercontent.com
|
United States
|
||
172.67.69.19
|
ad-delivery.net
|
United States
|
||
142.250.185.132
|
www.google.com
|
United States
|
||
172.217.18.6
|
ad.doubleclick.net
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
142.250.185.174
|
unknown
|
United States
|
||
52.222.236.71
|
unknown
|
United States
|
||
192.168.2.13
|
unknown
|
unknown
|
||
104.22.74.216
|
btloader.com
|
United States
|
||
142.250.186.164
|
unknown
|
United States
|
||
44.195.54.163
|
unknown
|
United States
|
||
172.217.18.102
|
unknown
|
United States
|
||
142.250.184.238
|
unknown
|
United States
|
There are 13 hidden IPs, click here to show them.
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://northeastcolors.com/
|
||
https://northeastcolors.com/lander
|
||
https://northeastcolors.com/lander
|
||
https://northeastcolors.com/lander
|
||
https://northeastcolors.com/lander
|
||
https://northeastcolors.com/lander
|
||
https://northeastcolors.com/lander
|
||
https://northeastcolors.com/lander
|
||
https://northeastcolors.com/lander
|
||
https://northeastcolors.com/lander
|
||
https://northeastcolors.com/lander
|
||
https://northeastcolors.com/lander
|
There are 2 hidden doms, click here to show them.