Report - dpgmsl3mq8efn.cloudfront.net/imgs/gmapsextractor/G-MAPS-EXTRACTOR-v2.2.22-Chrome.zip

Report Overview

Submitted URL
dpgmsl3mq8efn.cloudfront.net/imgs/gmapsextractor/G-MAPS-EXTRACTOR-v2.2.22-Chrome.zip
IP
54.230.241.120
ASN
#16509 AMAZON-02
Submitted
2024-04-19 08:18:44
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dpgmsl3mq8efn.cloudfront.net	unknown	2008-04-25	2023-12-10	2023-12-10	538 B	4.6 MB	54.230.241.25

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
dpgmsl3mq8efn.cloudfront.net/imgs/gmapsextractor/G-MAPS-EXTRACTOR-v2.2.22-Chrome.zip
IP
54.230.241.25
ASN
#16509 AMAZON-02

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
4.6 MB (4589373 bytes)
Hash
54e6b177238c0326fc99c86c7fa61478
5462f96b1352cf02f138a94b326600afae77b6ca
15e66f7c5231d64a3d4687ebb68ad1f3db387e2ce32e6ad7cc04f38086b2ebad

Archive (41)

Modified	Filename	Size	Md5	File type
2024-03-22 15:27	background.js	1.7 MB	7f142a20bc163997bbfce1b55f45aab2	ASCII text, with very long lines (65536), with no line terminators
2024-03-22 15:27	contentScript.js	1.0 MB	4ebd60fd4a4066bb50c18d6e4975b6ec	JavaScript source, ASCII text, with very long lines (65536), with no line terminators
2024-03-22 15:27	dashboard.css	422 kB	0872e0558111e28e021732f8b2d85b44	ASCII text, with very long lines (64778)
2024-03-22 15:27	dashboard.html	407 B	d3f678cdcda18407eb0396c81760e479	HTML document, ASCII text, with very long lines (407), with no line terminators
2024-03-22 15:27	dashboard.js	2.8 MB	92b165b65186847a6be6bf687fdf6ba4	ASCII text, with very long lines (65536), with no line terminators
2024-03-22 15:27	how-to-install-g-maps-extractor.url	113 B	3b1ae4302baa4abd18a4b4aba7174ac8	MS Windows 95 Internet shortcut text (URL=<https://gmapsextractor.com/how-to-install-g-maps-extractor-chrome-extension?utm_source=zip>), ASCII text
2024-03-22 15:27	.DS_Store	6.1 kB	194577a7e20bdcc7afbb718f502c134c	Apple Desktop Services Store
2024-03-22 15:27	128.png	4.3 kB	257356a962ce0aacd5fdfa1f772e4079	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
2024-03-22 15:27	48.png	1.8 kB	929f05108cec7d02cfb08bfc8c7f631a	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
2024-03-22 15:27	injected.js	64 kB	da216f044f5467de626ac19def3914da	JavaScript source, ASCII text, with very long lines (63844), with no line terminators
2024-03-22 15:27	.DS_Store	6.1 kB	f652beef40bb72d97ced4c822f3473e2	Apple Desktop Services Store
2024-03-22 15:27	.DS_Store	6.1 kB	194577a7e20bdcc7afbb718f502c134c	Apple Desktop Services Store
2024-03-22 15:27	all.min.css	59 kB	6a1b5933f8692e60c8337c0d68255ec1	ASCII text, with very long lines (59159)
2024-03-22 15:27	.DS_Store	6.1 kB	194577a7e20bdcc7afbb718f502c134c	Apple Desktop Services Store
2024-03-22 15:27	secure-stripe-payment.jpeg	94 kB	c1521168b4194d1300d70ca44029f479	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2020:06:24 13:58:53], progressive, precision 8, 1000x150, components 3
2024-03-22 15:27	secure-stripe-payment.jpg	10 kB	d137904eb5bae57a3a8c5da58b851b0e	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 445x113, components 3
2024-03-22 15:27	jquery-3.2.1.min.js	86 kB	49a446918ecdc2fcbeaa385821db9482	JavaScript source, Unicode text, UTF-8 text, with very long lines (65449)
2024-03-22 15:27	msal-browser.min.js	182 kB	e42ff47d388f69146329e8cdba9a259f	JavaScript source, ASCII text, with very long lines (61313)
2024-03-22 15:27	msal.min.js	130 kB	931f50bf5a8c53a8f2df4454d38088b9	JavaScript source, ASCII text, with very long lines (64420)
2024-03-22 15:27	parse.min.js	428 kB	3c3fb44ed115bbbd6b3db725c4352f92	JavaScript source, ASCII text, with very long lines (65536), with no line terminators
2024-03-22 15:27	style.css	4.5 kB	bd137e00a3a0f09c05d3d9d604183947	ASCII text
2024-03-22 15:27	.DS_Store	8.2 kB	c6bf75d887c18ca63b8ca5703f80a2b4	Apple Desktop Services Store
2024-03-22 15:27	fa-brands-400.eot	137 kB	d28c96cabe5302f1b2c90275cd3f4e69	Embedded OpenType (EOT), Font Awesome 5 Brands Regular family
2024-03-22 15:27	fa-brands-400.svg	748 kB	5d10d00980077f67990f73b1961bc46e	SVG Scalable Vector Graphics image
2024-03-22 15:27	fa-brands-400.ttf	136 kB	dfe5aa4344a2d8a29aec8d83fb3fb14e	TrueType Font data, 13 tables, 1st "FFTM", 28 names, Macintosh
2024-03-22 15:27	fa-brands-400.woff	92 kB	0ce1e868452204695c8ac1c70f693c2d	Web Open Font Format, TrueType, length 92136, version 331.-31327
2024-03-22 15:27	fa-brands-400.woff2	78 kB	0c9f225e8f69c622f681cf1ed973cc3d	Web Open Font Format (Version 2), TrueType, length 78472, version 331.-31327
2024-03-22 15:27	fa-solid-900.eot	186 kB	b5596f4d339f99e3d69bc41be78db962	Embedded OpenType (EOT), Font Awesome 5 Free Solid family
2024-03-22 15:27	fa-solid-900.svg	816 kB	82905d8d1c06969df11c8c378e9bdd4c	SVG Scalable Vector Graphics image
2024-03-22 15:27	fa-solid-900.ttf	186 kB	b70cea0339374107969eb53e5b1f603f	TrueType Font data, 13 tables, 1st "FFTM", 28 names, Macintosh
2024-03-22 15:27	fa-solid-900.woff	96 kB	61969d433bf265b9717a6c357a1e04e4	Web Open Font Format, TrueType, length 96244, version 329.31064
2024-03-22 15:27	fa-solid-900.woff2	74 kB	462806316fea535a6a57651bc2b000b0	Web Open Font Format (Version 2), TrueType, length 74348, version 329.31064
2024-03-22 15:27	manifest.json	14 kB	5a0e126c904d0c6bd5a813ec4458ad99	JSON text data
2024-03-22 15:27	options.css	35 B	5acf7a13e885a92ffbdd1c46ee220002	ASCII text
2024-03-22 15:27	options.html	309 B	a1e205e1ac942215cb15ba1770f6d820	HTML document, ASCII text, with very long lines (309), with no line terminators
2024-03-22 15:27	options.js	75 kB	849eacaa3239d0742fd78ddd051ea3bf	JavaScript source, ASCII text, with very long lines (60088)
2024-03-22 15:27	popup.css	422 kB	c3795178b1bbb13fa8239af195644fc7	ASCII text, with very long lines (64149)
2024-03-22 15:27	popup.html	337 B	64dd4730c4a8ea0cb98cca1bdefdfa3e	HTML document, ASCII text, with very long lines (337), with no line terminators
2024-03-22 15:27	popup.js	2.5 MB	a9f6747842c874eb635158dec4c31b40	JavaScript source, ASCII text, with very long lines (65536), with no line terminators
2024-03-22 15:27	rsScript.js	910 kB	3208752d982a393b6e881727198e818d	JavaScript source, ASCII text, with very long lines (65536), with no line terminators
2024-03-22 15:27	service-worker.js	7.1 kB	d4b2e170424ed0bb9eaadf08f735031a	JavaScript source, ASCII text, with very long lines (7138), with no line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/61

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

dpgmsl3mq8efn.cloudfront.net/imgs/gmapsextractor/G-MAPS-EXTRACTOR-v2.2.22-Chrome.zip

54.230.241.25

200 OK

4.6 MB

URL User Request GET HTTP/2
dpgmsl3mq8efn.cloudfront.net/imgs/gmapsextractor/G-MAPS-EXTRACTOR-v2.2.22-Chrome.zip
IP
54.230.241.25:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
4.6 MB (4589373 bytes)
Hash
54e6b177238c0326fc99c86c7fa61478
5462f96b1352cf02f138a94b326600afae77b6ca
15e66f7c5231d64a3d4687ebb68ad1f3db387e2ce32e6ad7cc04f38086b2ebad

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/61

HTTP Headers

GET /imgs/gmapsextractor/G-MAPS-EXTRACTOR-v2.2.22-Chrome.zip HTTP/1.1
Host: dpgmsl3mq8efn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/zip
content-length: 4589373
last-modified: Fri, 22 Mar 2024 15:27:56 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 19 Apr 2024 08:18:16 GMT
etag: "54e6b177238c0326fc99c86c7fa61478"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R_VthjIfz-mh8TuCBle-8vF0yuPOWYfymxtftLKdIoBUApJgsv6U7Q==
age: 67193
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (41)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers