IOC Report
https://meritpages.com/Celena-Staudenraus/5501590

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 22:02:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 22:02:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 22:02:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 22:02:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 22:02:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 103
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
downloaded
Chrome Cache Entry: 104
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 105
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 106
ASCII text, with very long lines (17622), with no line terminators
downloaded
Chrome Cache Entry: 107
ASCII text, with very long lines (32058)
dropped
Chrome Cache Entry: 108
HTML document, ASCII text, with very long lines (350)
downloaded
Chrome Cache Entry: 109
PNG image data, 313 x 313, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 110
PNG image data, 408 x 123, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 111
ASCII text, with very long lines (54456), with no line terminators
downloaded
Chrome Cache Entry: 112
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 113
ASCII text, with very long lines (7726)
dropped
Chrome Cache Entry: 114
ASCII text, with very long lines (57791)
dropped
Chrome Cache Entry: 115
PNG image data, 280 x 280, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 116
ASCII text, with very long lines (2960)
dropped
Chrome Cache Entry: 117
PNG image data, 280 x 280, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 118
Web Open Font Format (Version 2), TrueType, length 74348, version 329.31064
downloaded
Chrome Cache Entry: 119
ASCII text, with very long lines (2960)
downloaded
Chrome Cache Entry: 120
HTML document, Unicode text, UTF-8 text, with very long lines (755)
downloaded
Chrome Cache Entry: 121
ASCII text, with very long lines (2343)
dropped
Chrome Cache Entry: 122
ASCII text, with very long lines (12795), with no line terminators
downloaded
Chrome Cache Entry: 123
ASCII text, with very long lines (20831)
downloaded
Chrome Cache Entry: 124
PNG image data, 408 x 121, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 125
PNG image data, 408 x 121, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 126
C source, ASCII text, with very long lines (32755)
dropped
Chrome Cache Entry: 127
ASCII text, with very long lines (2343)
downloaded
Chrome Cache Entry: 128
ASCII text, with very long lines (7726)
downloaded
Chrome Cache Entry: 129
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 130
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
dropped
Chrome Cache Entry: 131
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=10, manufacturer=NIKON CORPORATION, model=NIKON D700, xresolution=164, yresolution=172, resolutionunit=2, software=Adobe Photoshop Lightroom 5.7 (Macintosh), datetime=2015:05:08 09:01:56], baseline, precision 8, 4256x2832, components 3
dropped
Chrome Cache Entry: 132
ASCII text, with very long lines (20831)
dropped
Chrome Cache Entry: 133
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 134
Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
downloaded
Chrome Cache Entry: 135
ASCII text, with very long lines (65324)
downloaded
Chrome Cache Entry: 136
HTML document, ASCII text, with very long lines (31994)
downloaded
Chrome Cache Entry: 137
PNG image data, 24 x 20, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 138
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 139
ASCII text, with very long lines (57791)
downloaded
Chrome Cache Entry: 140
Unicode text, UTF-8 (with BOM) text, with very long lines (65529), with no line terminators
downloaded
Chrome Cache Entry: 141
ASCII text, with very long lines (17622), with no line terminators
dropped
Chrome Cache Entry: 142
PNG image data, 29 x 29, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 143
PNG image data, 24 x 20, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 144
HTML document, ASCII text, with very long lines (350)
downloaded
Chrome Cache Entry: 145
PNG image data, 408 x 123, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 146
ASCII text, with very long lines (32747)
downloaded
Chrome Cache Entry: 147
PNG image data, 313 x 313, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 148
ASCII text, with very long lines (32747)
dropped
Chrome Cache Entry: 149
ASCII text, with very long lines (29183)
downloaded
Chrome Cache Entry: 150
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 151
HTML document, ASCII text, with very long lines (31994)
dropped
Chrome Cache Entry: 152
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
downloaded
Chrome Cache Entry: 153
PNG image data, 29 x 29, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 154
ASCII text, with very long lines (32058)
downloaded
Chrome Cache Entry: 155
C source, ASCII text, with very long lines (32755)
downloaded
Chrome Cache Entry: 156
ASCII text, with very long lines (23824), with no line terminators
dropped
Chrome Cache Entry: 157
ASCII text
downloaded
Chrome Cache Entry: 158
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=10, manufacturer=NIKON CORPORATION, model=NIKON D700, xresolution=164, yresolution=172, resolutionunit=2, software=Adobe Photoshop Lightroom 5.7 (Macintosh), datetime=2015:05:08 09:01:56], baseline, precision 8, 4256x2832, components 3
downloaded
Chrome Cache Entry: 159
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 160
ASCII text, with very long lines (23824), with no line terminators
downloaded
There are 55 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1996,i,1106831681500273532,3446299001080067052,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://meritpages.com/Celena-Staudenraus/5501590"

URLs

Name
IP
Malicious
https://meritpages.com/Celena-Staudenraus/5501590
https://meritpages.com/email_login
unknown
 malicious
https://meritpages.com/login_or_signup
malicious
https://meritpages.com/assets/linkedin.logo.white-521978b3561f396374acc27be291078135ab91db8408a41d23a805db8f1863f7.png
3.224.198.248
 malicious
https://meritpages.com/assets/facebook.logo.white-53c410f2864972705c250f8c95f111e583c15f6efce891dae6f902c3490d97bf.png
3.224.198.248
 malicious
https://meritpages.com/assets/m-badge-888a3ce099d7b2279379da40b5acc3bc2a6f8880c79813ffbe5a0a756d47ba
unknown
 malicious
https://meritpages.com/students/5501590/claim
unknown
 malicious
https://meritpages.com/login
malicious
https://meritpages.com/assets/me/libs-8451d77e90c700d0d758750996c8689c414ed866b0e4e4e3ee307a9c04d58abf.js
3.224.198.248
 malicious
https://meritpages.com/assets/merit-logo-white-a258d24d84679628f17c4c8c26657cf47997ab8ad8a5dbee0aed36a18250bb1d.png
3.224.198.248
 malicious
https://meritpages.com/follow/5501590
3.224.198.248
 malicious
https://meritpages.com/favicon.ico
3.224.198.248
 malicious
https://meritpages.com/assets/me/index-94ad12ccc3b1a41d7bb4662fa9704ad695501d336e1f599fe642ed62ad3a8847.css
3.224.198.248
 malicious
https://meritpages.com/assets/application_v4_libs-e1e0f31386c19c8f906119cb47f5fc8fddbe9bebe9083b40dfd1f498a1551b18.js
3.224.198.248
 malicious
https://meritpages.com/assets/merit-wordmark-white-447a46a7e5aa3aa55fb2b01bed3f63e6327bb42eee52b3092141abfd4a516267.png
3.224.198.248
 malicious
https://meritpages.com/assets/merit-star-white-32-4b34c2747204e2c89ec1a528f376cfffd3c0a93d595ed28e7a1803fe7622f29f.png
3.224.198.248
 malicious
https://meritpages.com/password_recovery
unknown
 malicious
https://meritpages.com/assets/me/application-332c5bcff8d7ba6d4e63faf1e14e979e5cc99df67c84edb27da908aab7ec50b6.js
3.224.198.248
 malicious
https://meritpages.com/assets/application_v4-842a1854a77963017889b0f6fc595dfbbc5c252b12adb69e7a02409b6eec5581.css
3.224.198.248
 malicious
https://meritpages.com/photos/medium/missing.png
3.224.198.248
 malicious
https://meritpages.com/Celena-Staudenraus/5501590
malicious
https://meritpages.com/twitter_login
unknown
 malicious
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
104.18.10.207
http://fontawesome.io
unknown
http://www.ccs.spokane.edu
unknown
https://stats.g.doubleclick.net/g/collect
unknown
https://ccs-spokane.meritpages.com
unknown
http://jqueryui.com
unknown
http://www.dropzonejs.com)
unknown
http://api.jqueryui.com/category/theming/
unknown
https://ampcid.google.com/v1/publisher:getClientId
unknown
https://github.com/jquery/jquery-color
unknown
http://ogp.me/ns/fb#
unknown
https://s3.amazonaws.com/rm3.badges.prod.readmedia.com/3809/original/_home_ubuntu_readabout.me_tmp_1
unknown
https://www.google.com
unknown
https://github.com/twbs/bootstrap/graphs/contributors)
unknown
https://stats.g.doubleclick.net/j/collect
unknown
http://opensource.org/licenses/MIT).
unknown
https://s3.amazonaws.com/rm3.backgrounds.prod.readmedia.com/brandings/1255/original/15.05.SCC.campus.07._building_7.jpg?2016
16.15.185.48
http://www.dailymotion.com/video/xoytqh_dr-seuss-the-lorax-premiere_people
unknown
http://ogp.me/ns/website#
unknown
https://cdnjs.cloudflare.com/ajax/libs/enquire.js/2.1.6/enquire.min.js
104.17.25.14
https://s3.amazonaws.com/rm3.badges.prod.readmedia.com/3809/medium/_home_ubuntu_readabout.me_tmp_1474903881-40_Academic_Award.png?1474903909
16.15.185.48
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
104.17.25.14
https://cdn.jsdelivr.net/gh/fancyapps/fancybox
unknown
https://github.com/blueimp/jQuery-File-Upload
unknown
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/
unknown
http://wicky.nillia.ms/enquire.js
unknown
https://cct.google/taggy/agent.js
unknown
https://blueimp.net
unknown
http://fancyapps.com/fancybox/
unknown
http://www.opensource.org/licenses/mit-license.php)
unknown
http://twitvid.com/QY7MD
unknown
https://www.google.%/ads/ga-audiences
unknown
https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.6/dist/jquery.fancybox.min.css
151.101.1.229
http://www.opensource.org/licenses/MIT
unknown
http://ogp.me/ns#
unknown
https://github.com/twbs/bootstrap/blob/master/LICENSE)
unknown
http://meritpages.com/about#contact
unknown
http://vimeo.com/40648169
unknown
http://www.metacafe.com/watch/7635964/
unknown
http://youtu.be/opj24KnzrWo
unknown
https://www.linkedin.com/oauth/v2/authorization?client_id=77k3mdd9dltt8m&redirect_uri=https%3A%2
unknown
http://jqueryui.com/themeroller/
unknown
https://www.meritpages.com/privacy-policy
unknown
http://jquery.org/license
unknown
http://player.vimeo.com/video/45074303
unknown
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
104.18.10.207
http://www.youtube.com/watch?v=opj24KnzrWo
unknown
https://s3.amazonaws.com/rm3.backgrounds.prod.readmedia.com/brandings/1255/original/15.05.SCC.campus
unknown
http://sizzlejs.com/
unknown
https://use.fontawesome.com/releases/v5.7.2/css/all.css
unknown
https://cdnjs.cloudflare.com/ajax/libs/jquery-backstretch/2.1.18/jquery.backstretch.min.js
104.17.25.14
http://api.jqueryui.com/datepicker/#theming
unknown
http://vimeo.com/channels/staffpicks/38843628
unknown
https://code.jquery.com/jquery-3.2.1.min.js
151.101.66.137
http://maps.google.com/?ll=48.857995
unknown
http://maps.google.com/maps?q=Eiffel
unknown
http://www.youtube-nocookie.com/embed/opj24KnzrWo
unknown
http://app.meritpages.com
unknown
https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.6/dist/jquery.fancybox.min.js
151.101.1.229
https://www.meritpages.com/terms-of-service
unknown
http://maps.google.com/?ll=48.859463
unknown
https://s3.amazonaws.com/rm3.badges.prod.readmedia.com/3809/original/_home_ubuntu_readabout.me_tmp_1474903881-40_Academic_Award.png?1474903909
16.15.185.48
http://instagr.am/p/IejkuUGxQn/
unknown
https://tagassistant.google.com/
unknown
http://api.jqueryui.com/position/
unknown
https://getbootstrap.com/)
unknown
http://api.jqueryui.com/tooltip/#theming
unknown
http://www.youtube.com/embed/opj24KnzrWo
unknown
http://fontawesome.io/license
unknown
http://instagram.com/p/IejkuUGxQn/
unknown
http://vimeo.com/groups/surrealism/videos/36516384
unknown
https://www.google.com/ads/ga-audiences
unknown
http://twitpic.com/7p93st
unknown
https://td.doubleclick.net
unknown
https://www.merchant-center-analytics.goog
unknown
https://s3.amazonaws.com/rm3.badges.prod.readmedia.com/3809/medium/_home_ubuntu_readabout.me_tmp_147
unknown
https://www.meritpages.com
unknown
http://www.metacafe.com/watch/7635964/dr_seuss_the_lorax_movie_trailer/
unknown
https://ccs-spokane.meritpages.com/stories/Celena-Staudenraus-of-Spokane-WA-has-made-the-honor-roll-
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
stackpath.bootstrapcdn.com
104.18.10.207
jsdelivr.map.fastly.net
151.101.1.229
bg.microsoft.map.fastly.net
199.232.210.172
s3.amazonaws.com
16.15.185.48
code.jquery.com
151.101.66.137
cdnjs.cloudflare.com
104.17.25.14
s-part-0017.t-0009.t-msedge.net
13.107.246.45
www.google.com
142.250.185.68
meritpages.com
3.224.198.248
fp2e7a.wpc.phicdn.net
192.229.221.95
use.fontawesome.com
unknown
cdn.jsdelivr.net
unknown
There are 2 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
104.18.10.207
stackpath.bootstrapcdn.com
United States
3.224.198.248
meritpages.com
United States
192.168.2.7
unknown
unknown
192.168.2.5
unknown
unknown
192.168.2.23
unknown
unknown
16.15.185.48
s3.amazonaws.com
United States
151.101.66.137
code.jquery.com
United States
151.101.194.137
unknown
United States
151.101.1.229
jsdelivr.map.fastly.net
United States
104.17.24.14
unknown
United States
142.250.185.68
www.google.com
United States
52.217.230.168
unknown
United States
54.84.13.179
unknown
United States
239.255.255.250
unknown
Reserved
104.17.25.14
cdnjs.cloudflare.com
United States
There are 5 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
https://meritpages.com/Celena-Staudenraus/5501590
https://meritpages.com/Celena-Staudenraus/5501590
https://meritpages.com/login_or_signup
https://meritpages.com/login_or_signup
https://meritpages.com/login_or_signup
https://meritpages.com/login
https://meritpages.com/login