IOC Report
http://ftwappraisal.com/

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 22:00:03 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 22:00:03 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 22:00:02 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 22:00:03 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 22:00:02 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 118
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 119
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 120
ASCII text, with very long lines (906)
dropped
Chrome Cache Entry: 121
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 122
ASCII text, with very long lines (10075)
downloaded
Chrome Cache Entry: 123
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 124
ASCII text, with very long lines (4293)
downloaded
Chrome Cache Entry: 125
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 126
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 2560x1668, components 3
dropped
Chrome Cache Entry: 127
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 128
ASCII text, with very long lines (42288)
downloaded
Chrome Cache Entry: 129
ASCII text, with very long lines (1575)
dropped
Chrome Cache Entry: 130
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 131
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 132
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 2560x1705, components 3
dropped
Chrome Cache Entry: 133
ASCII text, with very long lines (908)
downloaded
Chrome Cache Entry: 134
PNG image data, 2924 x 500, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 135
ASCII text, with very long lines (65446)
dropped
Chrome Cache Entry: 136
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 137
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 2560x1389, components 3
dropped
Chrome Cache Entry: 138
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 139
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 140
ASCII text, with very long lines (10619)
dropped
Chrome Cache Entry: 141
ASCII text, with very long lines (2628)
dropped
Chrome Cache Entry: 142
ASCII text, with very long lines (3637)
downloaded
Chrome Cache Entry: 143
ASCII text, with very long lines (1246)
downloaded
Chrome Cache Entry: 144
PNG image data, 2924 x 500, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 145
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 146
ASCII text, with very long lines (1575)
downloaded
Chrome Cache Entry: 147
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 148
ASCII text, with very long lines (10075)
dropped
Chrome Cache Entry: 149
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 2560x1856, components 3
downloaded
Chrome Cache Entry: 150
ASCII text, with very long lines (2628)
downloaded
Chrome Cache Entry: 151
ASCII text, with very long lines (6470)
downloaded
Chrome Cache Entry: 152
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 153
Unicode text, UTF-8 text, with very long lines (65441), with CRLF line terminators
dropped
Chrome Cache Entry: 154
Unicode text, UTF-8 text, with very long lines (65441), with CRLF line terminators
downloaded
Chrome Cache Entry: 155
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 156
ASCII text, with very long lines (3637)
dropped
Chrome Cache Entry: 157
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 600x900, components 3
downloaded
Chrome Cache Entry: 158
ASCII text, with very long lines (554)
downloaded
Chrome Cache Entry: 159
Web Open Font Format (Version 2), TrueType, length 13980, version 1.0
downloaded
Chrome Cache Entry: 160
ASCII text, with very long lines (10619)
downloaded
Chrome Cache Entry: 161
ASCII text, with very long lines (908)
dropped
Chrome Cache Entry: 162
ASCII text, with very long lines (4859)
downloaded
Chrome Cache Entry: 163
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 164
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 165
HTML document, ASCII text, with very long lines (26342)
downloaded
Chrome Cache Entry: 166
Web Open Font Format, TrueType, length 10320, version 2.4
downloaded
Chrome Cache Entry: 167
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 168
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 600x900, components 3
downloaded
Chrome Cache Entry: 169
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 2560x1668, components 3
downloaded
Chrome Cache Entry: 170
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 171
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 172
HTML document, ASCII text, with very long lines (26342)
downloaded
Chrome Cache Entry: 173
Web Open Font Format (Version 2), TrueType, length 38340, version 1.0
downloaded
Chrome Cache Entry: 174
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 175
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 600x900, components 3
dropped
Chrome Cache Entry: 176
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 177
ASCII text, with very long lines (65446)
downloaded
Chrome Cache Entry: 178
ASCII text, with very long lines (21556)
dropped
Chrome Cache Entry: 179
ASCII text, with very long lines (906)
downloaded
Chrome Cache Entry: 180
JSON data
dropped
Chrome Cache Entry: 181
HTML document, Unicode text, UTF-8 text, with very long lines (2490)
downloaded
Chrome Cache Entry: 182
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 183
ASCII text, with very long lines (65446)
downloaded
Chrome Cache Entry: 184
Web Open Font Format (Version 2), TrueType, length 78460, version 331.-31392
downloaded
Chrome Cache Entry: 185
JSON data
downloaded
Chrome Cache Entry: 186
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 2560x1389, components 3
downloaded
Chrome Cache Entry: 187
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 188
ASCII text, with very long lines (1246)
dropped
Chrome Cache Entry: 189
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 2560x1705, components 3
downloaded
Chrome Cache Entry: 190
ASCII text, with very long lines (854)
downloaded
Chrome Cache Entry: 191
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 192
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 193
ASCII text, with very long lines (21556)
downloaded
Chrome Cache Entry: 194
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 2560x1856, components 3
dropped
Chrome Cache Entry: 195
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 196
ASCII text, with very long lines (45240), with no line terminators
downloaded
Chrome Cache Entry: 197
ASCII text, with very long lines (554)
dropped
Chrome Cache Entry: 198
ASCII text, with very long lines (4859)
dropped
Chrome Cache Entry: 199
ASCII text, with very long lines (65446)
dropped
Chrome Cache Entry: 200
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 600x900, components 3
downloaded
Chrome Cache Entry: 201
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 600x900, components 3
dropped
Chrome Cache Entry: 202
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 203
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 204
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 600x900, components 3
dropped
Chrome Cache Entry: 205
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 206
Web Open Font Format (Version 2), TrueType, length 14168, version 1.0
downloaded
Chrome Cache Entry: 207
ASCII text, with very long lines (854)
dropped
Chrome Cache Entry: 208
Web Open Font Format (Version 2), TrueType, length 13912, version 1.0
downloaded
Chrome Cache Entry: 209
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 210
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 211
GIF image data, version 89a, 1 x 1
dropped
There are 91 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1964 --field-trial-handle=1856,i,3150787035667680596,5905655838944801480,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://ftwappraisal.com/"

URLs

Name
IP
Malicious
http://ftwappraisal.com/
https://search.google.com/local/reviews?placeid=ChIJf9_Pw5ZgvE8Rf1T7XSDENLo
unknown
https://ftwappraisal.com/wp-json/wp/v2/pages/519
unknown
https://ftwappraisal.com/wp-content/uploads/2022/11/unnamed-3.png
160.153.0.29
http://www.broofa.com
unknown
https://ftwappraisal.com/#website
unknown
http://daverupert.com
unknown
http://g.co/dev/maps-no-account
unknown
https://ftwappraisal.com/feed/
unknown
https://www.clarity.ms/s/0.7.49/clarity.js
13.107.246.45
https://ftwappraisal.com/comments/feed/
unknown
https://ftwappraisal.com/wp-content/cache/wpo-minify/1729885561/assets/wpo-minify-footer-e2bb34b8.mi
unknown
https://ftwappraisal.com/wp-content/cache/wpo-minify/1729885561/assets/wpo-minify-header-981e234b.min.css
160.153.0.29
https://swiperjs.com
unknown
https://ftwappraisal.com/specialty-use-and-going-concern-appraisal/
unknown
https://www.google.com
unknown
https://ftwappraisal.com/#organization
unknown
https://ftwappraisal.com/?p=519
unknown
http://www.opensource.org/licenses/mit-license.php
unknown
https://ftwappraisal.com/wp-content/uploads/2023/02/full_trimmed_transparent_base-5-1.png
160.153.0.29
https://www.linkedin.com/in/brendan-hopps-mai-29702410/
unknown
https://www.quora.com/profile/Eric-Webster-88
unknown
http://www.gnu.org/licenses/gpl-2.0.html
unknown
https://ftwappraisal.com/?s=
unknown
https://goo.gle/js-api-loading
unknown
https://ftwappraisal.com/wp-content/uploads/2022/08/Eric-Webster-2-1.jpg
160.153.0.29
https://developers.google.com/maps/documentation/javascript/styling#cloud_tooling
unknown
https://github.com/microsoft/clarity
unknown
https://ftwappraisal.com/wp-content/uploads/2022/12/real-estate-appraisal-washington-image.jpg
160.153.0.29
https://ftwappraisal.com/wp-content/uploads/2022/12/real-estate-appraisers-washington-image.jpg
160.153.0.29
https://support.google.com/fusiontables/answer/9185417).
unknown
https://developers.google.com/maps/deprecations
unknown
https://ftwappraisal.com/wp-json/
unknown
http://ianlunn.github.io/Hover/)
unknown
https://www.pinterest.com/165838i1u8l5ekk0obbmiayykcsdgc
unknown
https://support.google.com/maps?p=kml
unknown
https://ftwappraisal.com/
https://ftwappraisal.com/wp-content/themes/Divi/core/admin/fonts/fontawesome/fa-brands-400.woff2
160.153.0.29
https://www.linkedin.com/in/eric-webster-78430439/
unknown
http://www.idangero.us/swiper/
unknown
https://ftwappraisal.com/wp-json/wp/v2/pages/13
unknown
https://schema.org
unknown
https://ftwappraisal.com/commercial-real-estate-appraisal/
unknown
https://ftwappraisal.com/privacy-policy/
unknown
https://ftwappraisal.com/king-county-real-estate-appraisals/
unknown
https://ftwappraisal.com/contact-francis-t-webster-appraisal-partners/#breadcrumb
unknown
http://www.elegantthemes.com/gallery/divi/
unknown
https://ftwappraisal.com/wp-content/uploads/2023/03/cropped-Francis-T-Webster-Appraisal-Partners-Logo-32x32.png
160.153.0.29
https://getwpo.com
unknown
https://ftwappraisal.com/wp-content/uploads/2022/08/Jeff-Totzek-1.jpg
160.153.0.29
http://ianlunn.co.uk/
unknown
https://www.linkedin.com/company/71601412
unknown
https://ftwappraisal.com/wp-content/uploads/2023/03/Real-Estate-Appraisal-scaled.jpg
unknown
https://developers.google.com/maps/documentation/javascript/advanced-markers/migration
unknown
https://github.com/IanLunn/Hover
unknown
https://ftwappraisal.com/wp-content/themes/Divi/core/admin/fonts/modules/social/modules.woff
160.153.0.29
https://ftwappraisal.com/wp-content/uploads/2022/11/unnamed-2.png
160.153.0.29
http://www.ftwappraisal.com/
unknown
http://css-tricks.com
unknown
https://ftwappraisal.com/wp-content/uploads/2022/08/Porch-scaled-1.jpg
160.153.0.29
https://ftwappraisal.com/wp-content/cache/wpo-minify/1729885561/assets/wpo-minify-header-981e234b.mi
unknown
https://ftwappraisal.com/wp-content/cache/wpo-minify/1729885561/assets/wpo-minify-header-98e1235f.min.css
160.153.0.29
http://www.elegantthemes.com
unknown
https://ftwappraisal.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fftwappraisal.com%2Fcontact-franc
unknown
http://sam.zoy.org/wtfpl/
unknown
https://ftwappraisal.com/wp-content/uploads/2022/08/Brendan-Hopps-2-1.jpg
160.153.0.29
https://yoast.com/wordpress/plugins/seo/
unknown
https://ftwappraisal.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fftwappraisal.com%2F
unknown
https://ftwappraisal.com/wp-content/uploads/2022/12/property-appraisal-washington-image.jpg
160.153.0.29
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2688.0511948944495!2d-122.20263368436811!3d47.64457197918717!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x4fbc6096c3cfdf7f%3A0xba34c4205dfb547f!2sFrancis%20T%20Webster%20Appraisal%20Partners!5e0!3m2!1sen!2sus!4v1671118294059!5m2!1sen!2sus
142.250.184.196
https://developers.google.com/maps/documentation/javascript/error-messages#unsupported-browsers
unknown
https://ftwappraisal.com/#primaryimage
unknown
https://www.clarity.ms/tag/
unknown
https://ftwappraisal.com/wp-content/uploads/2023/03/Francis-T-Webster-Appraisal-Partners-Full-Logo-W
unknown
https://ftwappraisal.com/xmlrpc.php?rsd
unknown
https://ftwappraisal.com/wp-content/uploads/2022/11/unnamed-4.png
160.153.0.29
https://ftwappraisal.com/xmlrpc.php
unknown
https://developers.google.com/maps/documentation/javascript/libraries
unknown
https://ftwappraisal.com/wp-content/cache/wpo-minify/1729885561/assets/wpo-minify-header-98e1235f.mi
unknown
https://developers.google.com/maps/documentation/javascript/error-messages
unknown
https://ftwappraisal.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fftwappraisal.com%2F&format=
unknown
http://daneden.me/animate
unknown
https://ftwappraisal.com/wp-content/cache/wpo-minify/1729885561/assets/wpo-minify-footer-5d6d2b1c.mi
unknown
https://www.clarity.ms/tag/kmjxhprk74?ref=wordpress
13.107.246.45
https://developer.mozilla.org/docs/Web/API/EventTarget/addEventListener
unknown
https://developers.google.com/maps/documentation/javascript/webgl/support
unknown
https://ftwappraisal.com/wp-content/et-cache/519/et-divi-dynamic-tb-652-tb-653-519-late.css
160.153.0.29
https://ftwappraisal.com/home-appraisals-near-seattle/
unknown
https://ftwappraisal.com/contact-francis-t-webster-appraisal-partners/
https://ftwappraisal.com/wp-content/et-cache/13/et-divi-dynamic-tb-9-tb-10-13-late.css
160.153.0.29
https://ftwappraisal.com/wp-content/cache/wpo-minify/1729885561/assets/wpo-minify-footer-5d6d2b1c.min.js
160.153.0.29
https://ftwappraisal.com/home-appraisals/
unknown
https://ftwappraisal.com/#breadcrumb
unknown
https://www.yelp.com/biz/francis-t-webster-appraisal-partners-kirkland
unknown
https://www.linkedin.com/in/jeff-totzek-5114a117/
unknown
https://ftwappraisal.com/wp-content/uploads/2023/03/cropped-Francis-T-Webster-Appraisal-Partners-Log
unknown
https://www.google.com/maps/embed?pb=
unknown
https://api.w.org/
unknown
https://developers.google.com/maps/documentation/javascript/error-messages#
unknown
https://ftwappraisal.com/wp-content/uploads/2022/11/unnamed.png
160.153.0.29
http://opensource.org/licenses/MIT
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
s-part-0016.t-0009.t-msedge.net
13.107.246.44
ftwappraisal.com
160.153.0.29
s-part-0017.t-0009.t-msedge.net
13.107.246.45
s-part-0015.t-0009.t-msedge.net
13.107.246.43
www.google.com
142.250.185.100
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
217.20.57.34
fp2e7a.wpc.phicdn.net
192.229.221.95
img1.wsimg.com
unknown
csp.secureserver.net
unknown
events.api.secureserver.net
unknown
u.clarity.ms
unknown
www.clarity.ms
unknown
c.clarity.ms
unknown
There are 3 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
13.107.246.45
s-part-0017.t-0009.t-msedge.net
United States
13.107.246.44
s-part-0016.t-0009.t-msedge.net
United States
192.168.2.8
unknown
unknown
142.250.185.100
www.google.com
United States
192.168.2.5
unknown
unknown
160.153.0.29
ftwappraisal.com
United States
142.250.184.196
unknown
United States
239.255.255.250
unknown
Reserved
127.0.0.1
unknown
unknown

DOM / HTML

URL
Malicious
https://ftwappraisal.com/
https://ftwappraisal.com/
https://ftwappraisal.com/
https://ftwappraisal.com/
https://ftwappraisal.com/
https://ftwappraisal.com/contact-francis-t-webster-appraisal-partners/
https://ftwappraisal.com/contact-francis-t-webster-appraisal-partners/
https://ftwappraisal.com/contact-francis-t-webster-appraisal-partners/
https://ftwappraisal.com/contact-francis-t-webster-appraisal-partners/