IOC Report
http://links.888brands.net/ctt?m=34615482&r=LTg3OTY1NDQ3MDYS1&b=0&j=Mjc2MDE1OTMzMwS2&mt=1&kt=12&kx=1&k=email-router-cross_secureutils&kd=//american-faucet-and-coatings-corporation.jimdosite.com

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 16 07:16:05 2025, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 16 07:16:05 2025, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:56:51 2023, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 16 07:16:05 2025, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 16 07:16:05 2025, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 16 07:16:05 2025, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 65
HTML document, ASCII text, with very long lines (8003)
downloaded
Chrome Cache Entry: 66
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 67
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 160x45, components 3
dropped
Chrome Cache Entry: 68
ASCII text, with very long lines (8818), with no line terminators
downloaded
Chrome Cache Entry: 69
ASCII text, with very long lines (8744), with no line terminators
dropped
Chrome Cache Entry: 70
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
downloaded
Chrome Cache Entry: 71
ASCII text, with very long lines (65458)
dropped
Chrome Cache Entry: 72
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 73
ASCII text, with very long lines (65458)
downloaded
Chrome Cache Entry: 74
RIFF (little-endian) data, Web/P image, VP8 encoding, 160x45, Scaling: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 75
ASCII text, with very long lines (1572)
downloaded
Chrome Cache Entry: 76
Unicode text, UTF-8 text, with very long lines (3041)
downloaded
Chrome Cache Entry: 77
ASCII text
downloaded
Chrome Cache Entry: 78
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
downloaded
There are 11 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 --field-trial-handle=1996,i,18226912359920256768,13340847022508515971,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://links.888brands.net/ctt?m=34615482&r=LTg3OTY1NDQ3MDYS1&b=0&j=Mjc2MDE1OTMzMwS2&mt=1&kt=12&kx=1&k=email-router-cross_secureutils&kd=//american-faucet-and-coatings-corporation.jimdosite.com"

URLs

Name
IP
Malicious
http://links.888brands.net/ctt?m=34615482&r=LTg3OTY1NDQ3MDYS1&b=0&j=Mjc2MDE1OTMzMwS2&mt=1&kt=12&kx=1&k=email-router-cross_secureutils&kd=//american-faucet-and-coatings-corporation.jimdosite.com
malicious
https://fonts.jimstatic.com/css?display=swap&family=Roboto:400,700
172.64.146.218
https://www.jimdo.com/info/jimdo-video-consultation-terms-of-service/)
unknown
https://www.jimdo.com/it/supporto-shop-online-pmi)
unknown
https://fonts.jimstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3CUBGEe.woff2)
unknown
https://www.jimdo.com/fr/addon/legal-text-generator/)
unknown
https://help.jimdo-dolphin.com/hc/es/sections/360000151906-Transferring-a-domain).
unknown
https://policy.pinterest.com/en/privacy-policy
unknown
https://help.jimdo-dolphin.com/hc/fr/articles/360058420551/
unknown
https://help.jimdo-dolphin.com/hc/en-us/articles/360001229966-How-do-I-forward-a-domain-to-my-Dolphi
unknown
https://jimdo-storage.freetls.fastly.net/image/498547766/80b831dc-22c3-45d4-bd23-e1f10db9496e.jpg?format=pjpg&quality=80,90&auto=webp&disable=upscale&width=160&height=45
151.101.130.79
https://www.spotify.com/de/legal/privacy-policy/
unknown
https://help.jimdo-dolphin.com/hc/de/articles/115005745466-Wie-richte-ich-eine-E-Mail-Weiterleitung-
unknown
https://help.jimdo-dolphin.com/hc/es/articles/360000775083-Where-can-I-find-the-AuthCode-for-my-doma
unknown
https://stripe.com/cookies-policy/legal
unknown
https://it.jimdo.com/info/condizioni-generali/)
unknown
https://policies.google.com/technologies/cookies
unknown
https://www.jimdo.com/it/addon/legal-text-generator/)
unknown
https://help.jimdo-dolphin.com/hc/es/articles/360058420551/
unknown
https://help.jimdo-dolphin.com/hc/it/articles/360000775083-Where-can-I-find-the-AuthCode-for-my-doma
unknown
https://fonts.jimstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3OUBGEe.woff2)
unknown
https://jimdo.com)
unknown
https://www.jimdo.com/de/info/jimdo-online-videoberatung-nutzungsbedingungen/)
unknown
https://help.jimdo-dolphin.com/hc/it/articles/360000775063-Guide-Transfer-a-domain-to-Dolphin?_gl=1
unknown
https://fonts.jimstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2)
unknown
https://fonts.jimstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3-UBGEe.woff2)
unknown
https://help.jimdo-dolphin.com/hc/en-us/articles/360000775063-Guide-Transfer-a-domain-to-Dolphin?_gl
unknown
https://jp.jimdo.com/info/cookies/policy/
unknown
https://fonts.jimstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3GUBGEe.woff2)
unknown
https://es.jimdo.com/info/cookies/policy/
unknown
https://help.jimdo-dolphin.com/hc/en-us/articles/115005745466-How-do-I-setup-Email-Forwarding
unknown
https://www.youtube.com/watch?v=pB-003Fu6AI&feature=youtu.be
unknown
https://at.prod.jimdo.systems/anon
54.171.97.194
https://www.jimdo.com/fr/)
unknown
https://american-faucet-and-coatings-corporation.jimdosite.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
162.159.128.70
https://www.google.com/analytics/terms)
unknown
https://www.jimdo.com/it/2020/03/23/coronavirus-consigli-per-imprese-e-professionisti/)
unknown
https://www.jimdo.com/fr/
unknown
http://tools.google.com/dlpage/gaoptout
unknown
https://policies.google.com/)
unknown
https://american-faucet-and-coatings-corporation.jimdosite.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js?
162.159.128.70
https://help.jimdo-dolphin.com/hc/de
unknown
https://help.jimdo-dolphin.com/hc/de/articles/360000906846-Was-ist-ein-Auth-Code-).
unknown
https://www.jimdo.com/nl/noodhulp-webshop-ondernemers)
unknown
https://www.resmio.com/en/privacy-policy/
unknown
https://www.tumblr.com/privacy
unknown
https://www.spotify.com/legal/privacy-policy/
unknown
https://help.jimdo-dolphin.com/hc/fr/articles/360000775063-Guide-Transfer-a-domain-to-Dolphin?_gl=1
unknown
https://help.jimdo-dolphin.com/hc/ja/articles/115005738383
unknown
https://www.spotify.com/nl/legal/privacy-policy/
unknown
https://help.jimdo-dolphin.com/hc/fr/articles/360000775083-Where-can-I-find-the-AuthCode-for-my-doma
unknown
http://links.888brands.net/ctt?m=34615482&r=LTg3OTY1NDQ3MDYS1&b=0&j=Mjc2MDE1OTMzMwS2&mt=1&kt=12&kx=1&k=email-router-cross_secureutils&kd=//american-faucet-and-coatings-corporation.jimdosite.com
13.35.58.2
https://www.jimdo.com/info/privacy/)
unknown
https://help.jimdo-dolphin.com/hc/nl/articles/115005738383-Hoe-verbind-ik-mijn-G-Suite-
unknown
https://help.jimdo-dolphin.com/hc/de/articles/360001229966-How-do-I-forward-a-domain-to-my-Dolphin-w
unknown
https://es.jimdo.com/info/condiciones-generales/)
unknown
https://policies.google.com/privacy
unknown
https://help.jimdo-dolphin.com/hc/fr/sections/360000151906).
unknown
https://de.jimdo.com/info/agb/)
unknown
https://help.jimdo-dolphin.com/hc/ja/articles/4407829956756)
unknown
https://www.jimdo-status.com/).
unknown
https://de.jimdo.com/info/cookies/policy/
unknown
https://help.jimdo-dolphin.com/hc/ja/articles/115005745466
unknown
https://www.jimdo.com/info/cookies/policy/
unknown
https://it.jimdo.com/info/cookies/policy/
unknown
https://help.jimdo-dolphin.com/hc/it/sections/360000151906-Trasferimento-di-un-dominio).
unknown
https://www.cloudflare.com/privacypolicy/
unknown
https://help.jimdo-dolphin.com/hc/en-us/articles/360000775083-Where-can-I-find-the-AuthCode-for-my-d
unknown
https://help.jimdo-dolphin.com/hc/en-us/articles/4407829956756/)
unknown
https://help.jimdo-dolphin.com/hc/ja/articles/360058420551/
unknown
https://help.jimdo-dolphin.com/hc/es/articles/115005738383--C%C3%B3mo-configuro-Google-G-Suite-
unknown
https://help.jimdo-dolphin.com/hc/nl
unknown
https://www.tiktok.com/legal/privacy-policy-eea?lang=de
unknown
https://help.jimdo-dolphin.com/hc/nl/articles/360000775083-Where-can-I-find-the-AuthCode-for-my-doma
unknown
https://www.jimdo.com/fr/aide-eboutique-PME)
unknown
https://es.jimdo.com/info/politica-de-privacidad/)
unknown
https://www.spotify.com/us/legal/privacy-policy/
unknown
https://help.jimdo-dolphin.com/hc/es/articles/115005745466--C%C3%B3mo-redirecciono-mis-emails-
unknown
https://fr.jimdo.com/info/conditions-d-utilisation/)
unknown
https://www.jimdo.com/fr/info/politique-de-confidentialite/
unknown
https://twitter.com/en/privacy
unknown
https://www.jimdo.com/es/addon/legal-text-generator/)
unknown
https://fonts.jimstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2)
unknown
https://help.jimdo-dolphin.com/hc/es/articles/360001229966-How-do-I-forward-a-domain-to-my-Dolphin-w
unknown
https://help.jimdo-dolphin.com/hc/es/sections/360000151906-Transferring-a-domain)
unknown
https://fonts.jimstatic.com/css?display=swap&family=Poppins:600
unknown
https://help.jimdo-dolphin.com/hc/en-us
unknown
https://www.jimdo.com/)
unknown
https://help.twitter.com/en/rules-and-policies/twitter-cookies
unknown
https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/
unknown
https://fonts.jimstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
172.64.146.218
https://help.jimdo-dolphin.com/hc/articles/4411319688596
unknown
https://www.spotify.com/es/legal/privacy-policy/
unknown
https://twitter.com/yourname
unknown
https://fonts.jimstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2)
unknown
https://jimdo.com/fr/)
unknown
https://policies.google.com/privacy?hl=nl
unknown
https://www.jimdo.com/it/info/cookies/policy/
unknown
https://www.jimdo.com/fr/2020/03/23/que-faire-si-l-%C3%A9pid%C3%A9mie-du-coronavirus-affecte-votre-a
unknown
https://help.jimdo-dolphin.com/hc/en-us/sections/360000151906-Transferring-a-domain)
unknown
https://fonts.jimstatic.com/css?display=swap&family=Roboto:400
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
jimdo-dolphin-static-assets-prod.freetls.fastly.net
151.101.130.79
at.prod.jimdo.systems
54.171.97.194
fonts.jimstatic.com.cdn.cloudflare.net
172.64.146.218
jimdo-storage.freetls.fastly.net
151.101.130.79
www.google.com
142.250.186.68
657f4e4356359b2e.acs4.tc
13.35.58.2
web.jimdosite.com.cdn.cloudflare.net
162.159.128.70
american-faucet-and-coatings-corporation.jimdosite.com
unknown
links.888brands.net
unknown
fonts.jimstatic.com
unknown

IPs

IP
Domain
Country
Malicious
142.250.186.68
www.google.com
United States
54.171.97.194
at.prod.jimdo.systems
United States
192.168.2.7
unknown
unknown
172.64.146.218
fonts.jimstatic.com.cdn.cloudflare.net
United States
192.168.2.9
unknown
unknown
192.168.2.4
unknown
unknown
151.101.2.79
unknown
United States
13.35.58.2
657f4e4356359b2e.acs4.tc
United States
239.255.255.250
unknown
Reserved
151.101.130.79
jimdo-dolphin-static-assets-prod.freetls.fastly.net
United States
162.159.128.70
web.jimdosite.com.cdn.cloudflare.net
United States
There are 1 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
https://american-faucet-and-coatings-corporation.jimdosite.com/
 malicious
https://american-faucet-and-coatings-corporation.jimdosite.com/
 malicious
https://american-faucet-and-coatings-corporation.jimdosite.com/