https://l.facebook.com/l.php?u=https%3A%2F%2Ftinyurl.com%2F4h5ff4kp&h=AT02Iq92cEUEmZ7dwEMkw50G_aGN3Hc5aVRhAg3vUIrHk5SSyv0ochfE5WLeZH2sP2x0fbLRka92eXFTo9CjZHnrPYtiQmcS6fzxTaK8VrzsAHcOja485J7VuLYShW0UedO_5qLxEOQIJpbGJHvEJhrK8A&tn=-UK-R&c%5B0%5D=AT0YX0IDItFm_RSp2FxvOTikEtiXj4DALlvQGbqDxEoUfqsHIBWL_c2N_PTcqERUycereGWzUqa4i53hMc4-nL_oektvDTEte00gEBsp-IfTdNSIujhH0hGyN9aK7qrJi87O-VHq443h_SFqf8N3YmME_OcHbENzoBhchvdK_lGJ0jPpeL2HJFrurm_XnNl7F7xDYPeSw3tArqtiVH7n7wPj4dS3bTSKXgKJxTeJGw

Status: finished

Submission Time: 2023-12-04 14:03:48 +01:00

Suspicious

Phishing

Comments

Details

Analysis ID:
1353147
API (Web) ID:
1353147
Analysis Started:

2023-12-04 14:03:48 +01:00
Analysis Finished:

2023-12-04 14:09:04 +01:00
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	suspicious Score: 23	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP	Country	Detection
54.208.232.8	United States
13.107.213.40	United States
172.253.122.103	United States
Click to see the 69 hidden entries
76.13.32.146	United States
142.251.16.101	United States
157.240.229.36	United States
185.184.10.30	Poland
142.251.163.154	United States
142.251.16.103	United States
142.251.179.101	United States
69.167.127.106	United States
185.184.8.90	Poland
18.154.230.46	United States
70.85.220.74	United States
172.253.63.84	United States
35.190.36.172	United States
142.251.167.191	United States
151.101.129.140	United States
172.253.63.132	United States
52.85.150.20	United States
172.253.115.132	United States
104.18.91.64	United States
157.240.229.1	United States
99.84.109.102	United States
68.67.181.211	United States
141.226.224.48	Israel
18.160.41.58	United States
216.93.246.18	United States
172.67.192.228	United States
18.238.50.110	United States
37.19.206.6	Ukraine
172.253.122.155	United States
35.190.13.203	United States
142.250.31.105	United States
142.251.16.191	United States
104.18.129.12	United States
3.12.39.216	United States
66.51.128.11	Canada
69.147.92.11	United States
69.147.92.12	United States
172.67.1.225	United States
77.72.169.210	Netherlands
99.84.109.77	United States
77.72.169.212	Netherlands
151.101.193.44	United States
142.251.111.132	United States
151.101.1.44	United States
18.164.96.77	United States
27.111.12.93	New Zealand
151.101.65.140	United States
68.67.179.155	United States
104.18.90.64	United States
18.238.50.207	United States
142.251.163.101	United States
172.253.122.132	United States
142.251.16.156	United States
99.84.109.94	United States
18.235.30.10	United States
31.13.66.35	Ireland
142.251.111.113	United States
104.17.24.14	United States
172.253.62.100	United States
172.253.122.191	United States
52.15.137.79	United States
142.251.16.132	United States
35.190.72.161	United States
142.251.167.100	United States
52.85.150.74	United States
216.145.109.98	Canada
172.253.115.191	United States
239.255.255.250	Reserved
34.141.179.97	United States

Domains

Name	IP	Detection
blue.redredirector.com	0.0.0.0
t.afftrackr.com	54.208.232.8
stun.botonakis.com	0.0.0.0
Click to see the 91 hidden entries
cdn.taboola.com	0.0.0.0
www.opera.com	0.0.0.0
s.yimg.com	0.0.0.0
px.ads.linkedin.com	0.0.0.0
connect.facebook.net	0.0.0.0
bratajaya-leadsgoo.blogspot.com	0.0.0.0
cm.creativecdn.com	0.0.0.0
trc.taboola.com	0.0.0.0
lh6.googleusercontent.com	0.0.0.0
www.redditstatic.com	0.0.0.0
c.clarity.ms	0.0.0.0
stun.voxox.com	0.0.0.0
static.hotjar.com	0.0.0.0
clients2.google.com	0.0.0.0
www-static.operacdn.com	0.0.0.0
stun.node4.co.uk	0.0.0.0
alb.reddit.com	0.0.0.0
stun.voipzoom.com	77.72.169.212
edge.gycpi.b.yahoodns.net	69.147.92.12
ib.anycast.adnxs.com	68.67.179.155
blogger.l.google.com	142.251.167.191
www.getgx.net	18.235.30.10
trc-events.taboola.com	0.0.0.0
apis.google.com	0.0.0.0
blogger.googleusercontent.com	0.0.0.0
ib.adnxs.com	0.0.0.0
stun.budgetphone.nl	0.0.0.0
snap.licdn.com	0.0.0.0
tags.creativecdn.com	0.0.0.0
www.linkedin.com	0.0.0.0
www.clarity.ms	0.0.0.0
www.facebook.com	0.0.0.0
clients1.google.com	0.0.0.0
lh4.googleusercontent.com	0.0.0.0
d3nxbjuv18k2dn.cloudfront.net	18.154.230.46
stun.gradwell.com	0.0.0.0
lh5.googleusercontent.com	0.0.0.0
cdn-production-opera-website.operacdn.com	0.0.0.0
resources.blogblog.com	0.0.0.0
lh3.googleusercontent.com	0.0.0.0
p.clarity.ms	0.0.0.0
w3-reporting-nel.reddit.com	0.0.0.0
l.facebook.com	0.0.0.0
sp.analytics.yahoo.com	0.0.0.0
www.blogger.com	0.0.0.0
www.cdn925.com	104.18.90.64
d266key948fg17.cloudfront.net	99.84.109.77
reddit.map.fastly.net	151.101.129.140
1589314308.rsc.cdn77.org	37.19.206.6
dualstack.reddit.map.fastly.net	151.101.129.140
www.googleoptimize.com	142.251.179.101
stun.2talk.com	27.111.12.93
front-geo.production.opera-website.route53.opera.com	52.15.137.79
aux.fqtag.com	35.190.13.203
plus.l.google.com	172.253.62.100
stun.nas.net	216.145.109.98
star-mini.c10r.facebook.com	31.13.66.35
clients.l.google.com	172.253.62.100
static-cdn.hotjar.com	18.160.41.58
www.clicken.us	104.18.129.12
stun.veoh.com	69.167.127.106
stun.counterpath.com	216.93.246.18
www.google.com	142.251.16.103
cm.g.doubleclick.net	172.253.122.155
cdnjs.cloudflare.com	104.17.24.14
dualstack.tls13.taboola.map.fastly.net	151.101.193.44
stats.g.doubleclick.net	142.251.16.156
stun.voip.aebc.com	66.51.128.11
script.hotjar.com	18.164.96.77
analytics.google.com	172.253.63.139
play.google.com	142.251.111.113
z-m.c10r.facebook.com	157.240.229.36
sites.google.com	142.251.179.101
blogspot.l.googleusercontent.com	172.253.63.132
stun.jumblo.com	77.72.169.210
accounts.google.com	172.253.63.84
tinyurl.com	172.67.1.225
ash.creativecdn.com	185.184.10.30
part-0012.t-0009.t-msedge.net	13.107.213.40
wdigital.g2afse.com	34.141.179.97
tls13.taboola.map.fastly.net	151.101.1.44
stun.wwdl.net	70.85.220.74
scontent.xx.fbcdn.net	157.240.229.1
spdc-global.pbp.gysm.yahoodns.net	76.13.32.146
ams.creativecdn.com	185.184.8.90
www.rewardsgiantusa.com	172.67.192.228
d15yf6o9bagzl3.cloudfront.net	52.85.150.20
us-vip001.taboola.com	141.226.224.48
cdn.fqtag.com	35.190.36.172
fqtag.com	35.190.72.161
googlehosted.l.googleusercontent.com	172.253.122.132

URLs

Name	Detection
https://www.google.com/shopping/customerreviews/badge?usegapi=1
https://cdn-production-opera-website.operacdn.com/staticfiles/assets/gx/images/gx2021/gaming-inspire
https://aux.fqtag.com/aux/d
Click to see the 97 hidden entries
https://apis.google.com
https://aux.fqtag.com/aux/a
https://trc-events.taboola.com/1410119/log/3/unip?en=pre_d_eng_tb&tos=9660&scd=0&ssd=2&est=1701695122543&ver=36&isls=true&src=i&invt=3000&msa=9410&rv=1&tim=1701695154256&vi=1701695144684&ri=0dcb524f43f76b8e9b4e13f421b88d40&ref=null&cv=20231130-4-RELEASE&item-url=https%3A%2F%2Fwww.opera.com%2Fgx%3Futm_source%3DPWNgames4%26utm_medium%3Dpa%26utm_campaign%3DPWN_US_LVR_PQS%26utm_id%3D2db96dd2f2304d19909c63b7577a6aca%26edition%3Dstd-1&ler=other
https://cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.6.6/sweetalert2.min.css
https://cdn-production-opera-website.operacdn.com/staticfiles/assets/gx/images/welcomeGx/favicon/app
https://github.com/tc39/proposal-object-values-entries
https://privacyportal-cdn.onetrust.com/dsarwebform/42194476-4013-4c77-ba0d-3040a55b20f2/eb6d600c-07d
https://cdn-production-opera-website.operacdn.com/staticfiles/assets/gx/images/welcomeGx/favicon/bro
http://bugs.jquery.com/ticket/12273)
https://d15yf6o9bagzl3.cloudfront.net/public/external/check.php?it=4192887&time=1701695177463
https://aux.fqtag.com/aux/p
https://www.fqtag.com/img?org=fCq1gZqyFqUkeesfgeVC&rt=click
https://d266key948fg17.cloudfront.net/uploads/assets/151999678694833b4c5a49a55ef7f9224b286820f0.js
https://github.com/google/safevalues/issues
http://jacklmoore.com/notes/click-events/
http://jacklmoore.com/colorbox
https://code.google.com/p/v8/issues/detail?id=687
https://googleads.g.doubleclick.net/
https://auth.opera.com/
https://www.opera.com/webmanifest-gx
https://www.blogger.com/profile/01049541088089956830
https://www.rewardsgiantusa.com/Services/GetRewardValue.ashx?c=29&Value=rewardsgiantusa.com
https://cdn-production-opera-website.operacdn.com/staticfiles/assets/gx/images/welcomeGx/favicon/and
https://blogger.googleusercontent.com/img/b/U2hvZWJveA/AVvXsEjM54nbnZ_3vJNWguqV2mKJIvUnlmJdJv3xC2JQG5xY7x6tFBgUbcVuQ5FxXSaCugT60yV9C9e6iHKzzOENtBm_OQDmOysQcuw4TVP-x0a4RDjL_Gr1qOBMtVTPtOvqNmI_Ckjs7xJGdXYPExknsBJ7Fg9UbPmNCLs/w192
https://resources.blogblog.com/img/navbar/arrows-black.png
https://security.opera.com/
https://www.opera.com/gx?utm_source=PWNgames4&utm_medium=pa&utm_campaign=PWN_US_LVR_PQS&utm_id=7b16b
https://ams.creativecdn.com/cm?tk=2OrlkHoSSgO0CkVnQeLNxWy518wpXdp8vJSr_bkHcrlaI59pCGBZD3gdR1FaFDHchlz-XVn4g9Dry1sZ6tRn2HLGFiVf8EW64c6eLlfciUXfR9RuD0EWPEuFCun37jT6r-aIMCtSwJucwATt6WG7KaSFZfXYdJJ29w3glwNXDyN7YnY72aJBeJuLfrkbiZN7Vjo1iIz4dw3PjGdfS5rDyEvf4CSpVI2kuB2c7QN5b2A
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.132&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1
https://www.rewardsgiantusa.com/Services/GetRewardValue.ashx?c=29&Value=termscollection_495
https://d266key948fg17.cloudfront.net/uploads/assets/1528378365c61458d74e58133affe8bd44bc4cbf9c.js
https://esdiscuss.org/topic/promise-returning-delay-function
https://help.opera.com/touch
http://jsperf.lnkit.com/fast-apply/5
https://blue.redredirector.com/click?pid=434&offer_id=12396&sub1=Cdbae717480b33&sub2=434_541698&sub4=2&sub5=12396
https://ams.creativecdn.com/cm?tk=2OrlkHoSSgO0CkVnQeLNxWy518wpXdp8vJSr_bkHcrlaI59pCGBZD3gdR1FaFDHchlz-XVn4g9Dry1sZ6tRn2HLGFiVf8EW64c6eLlfciUXfR9RuD0EWPEuFCun37jT6EGEd9SwgqLBnJsLyFHAcxqE2y4uCCM-hHSRJDkqEPFpEwswvMLTMyT1BxNGRY9q14B3Dpc5xtA8_h_OUZkBKuq8mte54AS0_lGSJI9Aek9M
https://v5rs.regflow.com/SurveyAPI/Survey/QuestionAPI?
https://static.hotjar.com/c/hotjar-
https://lh3.googleusercontent.com/AqG_lb5U7vVtD3Vj34cOeV6QeP0TY8Tjwg82BknE8ya_cboUdKlcxX9s4oJ1lz8Fpd_MQYQMNrUXftlD0t-_XlLiel6RrwYBLUPzyigT7_LzTrfoqEYq1c8g5seXZ1lU1Q=w1280
https://www.blogger.com/about/img/ui/icon-arrow-down.png
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
https://forums.opera.com/
https://ib.adnxs.com/setuid?entity=315&code=6iFimKrvln1yQYMiAWjUhl7IXH8NoLDm0nQmmrSM5Ug
https://www.rewardsgiantusa.com/JS/ExternalLibrary.js
https://domains.google.com/suggest/flow
https://blue.redredirector.com/favicon.ico
https://www.facebook.com/tr/?id=1123357797681867&ev=PageView&dl=https%3A%2F%2Fwww.opera.com%2Fgx%3Futm_source%3DPWNgames4%26utm_medium%3Dpa%26utm_campaign%3DPWN_US_LVR_PQS%26utm_id%3D7b16bd740b984dfbab3b01e190ee24ff%26edition%3Dstd-1&rl=&if=false&ts=1701695125368&sw=1280&sh=1024&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701695125364.1434491936&cs_est=true&ler=empty&it=1701695123965&coo=false&rqm=GET
https://d15yf6o9bagzl3.cloudfront.net/favicon.ico
https://alb.reddit.com/rp.gif?ts=1701695144678&id=t2_378pcjv6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=4daf22cd-8450-47f9-b31b-e289203a2fec&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_f5bd31b2
https://www.rewardsgiantusa.com/CampImg/13069/assets/financial.svg
https://legal.opera.com/eula/
https://contact.uplevelrewards.com/policies/terms
https://addons.opera.com
https://pay.google.com/gp/v/widget/save
http://www.opensource.org/licenses/mit-license.php
https://www.rewardsgiantusa.com/Services/GetRewardValue.ashx?c=29&Value=uplevelrewards
https://ams.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&google_gid=CAESEMwxCmb4N4b8WjGvX7Qp7HM&google_cver=1&google_ula=5153224,0
https://apis.google.com/js/platform:gapi.iframes.style.common.js
https://legal.opera.com/cookies/
https://github.com/microsoft/clarity
https://static.hotjar.com/c/hotjar-445451.js?sv=7
https://w3-reporting-nel.reddit.com/reports
https://security.opera.com
https://ampcid.google.com/v1/publisher:getClientId
https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/svg/settings-gx-red.979b
https://alb.reddit.com/rp.gif?ts=1701695121997&id=t2_378pcjv6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=4daf22cd-8450-47f9-b31b-e289203a2fec&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_f5bd31b2
https://d15yf6o9bagzl3.cloudfront.net/public/dynamo/lockerClick.php?offer=1196338&offer_position=1&it=4192887&m=0&visitor_id=Vdb3f15a21e4f4&s1=insomnia&cpguid=&hash=7b5bb5aa46391e0b2698526ee64c836d
https://blogger.googleusercontent.com/img/b/U2hvZWJveA/AVvXsEilRpwTYctRHYxDTM7vSQ4OdfTOjG3aVPoWxeNm-C8uNZFCMjI8206OoWREjqnyHs74CirBtQoc5DkQmkFsjUFox4XZ6Zld_815DvttKerWnnqKPZMH3G4-dbAYn4znXhp3sDwavPi_KPMHTikKeNU7GysvDmCoSA/w384
https://apis.google.com/js/client.js
https://www.blogger.com
https://tinyurl.com/4h5ff4kp
https://www.blogger.com/about/js/main.min.js?v=1476060773
https://blogger.googleusercontent.com/img/b/U2hvZWJveA/AVvXsEjY_0xh1pbiJgI2UJ129eGYzOEVFyRUeASasTqy0_ZIUzDeLmiz28yuvZh2iB7M7fcn5rwinFmgQinl5oj_RdFi9LshDZ_3SitVVhZ3J03qFL0Qp6njnfOqgd4cbHnNkXkkQEhXGFyH74PVpT70jao08oyqxQ/w768
https://rapid.corp.google.com/
https://sites.google.com/view/ksnwjwijd922nenbei4i84i4nrnr88/halaman-muka
https://tc39.github.io/String.prototype.matchAll/
https://gamemaker.io
http://rock.mit-license.org
https://blogger.googleusercontent.com/img/b/U2hvZWJveA/AVvXsEghOZH01xb31Afa3i74T2lrdCH2CWjI9MZXXmgbJ6BXacZYjWpgsSKCcbvhHdZuR0QI_A6duLZYddHY-wzdESrlNmEhw4vMSK32PZWO-NHfO3qOQ4ITCBEjUUo80tSek28PSVzVnjVBFC3QDgtb56Txl06MvVuA2o4/w256
https://www.blogger.com/profile/12377439466502068545
https://blogger.googleusercontent.com/img/b/U2hvZWJveA/AVvXsEiKcvu9hJsHC-b_QpHjXykOYrSZL4Ro2FCs3JPE0POr_t3JAdFiRQ-75jiMvimr9EbpLUnbYWvGtjPXGD77NtUcjCEfGY1vNc31jN9ukbKwlVHYBhQo48lVmBwqDGydn58JP72010JcMXZtKqj7c5ZO6JFvGlHLp55INqY/w256
https://github.com/ljharb/proposal-is-error
https://www.rewardsgiantusa.com/PixelEventLogIframe.aspx?FlowID=38381&VID=DkYExxe4moUmw0uTeZGlGA2&PixelEvtID=23991&fbclid=&gclid=&ckmc=&ckmscn=&ckmsc=
https://schema.org/ListItem
https://www.rewardsgiantusa.com/CampImg/13069/image3.png
https://gx.games
https://ams.creativecdn.com/tags/v2?type=json&tc=1
https://www.youtube.com/subscribe_embed?usegapi=1
https://fqtag.com/implement.js?org=fCq1gZqyFqUkeesfgeVC&rt=click&s=DkYExxe4moUmw0uTeZGlGA2&p=207468&a=541698&cmp=229940&c1=Walmart-100&c2=541698_207468_229940_Walmart-100
https://blue.redredirector.com/click?pid=434&offer_id=12396&sub1=Cdb6ea3138fbd9&sub2=434_541698&sub4=2&sub5=12396
https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/1x1px.91e42db1c66c.png
https://blogger.googleusercontent.com/img/b/U2hvZWJveA/AVvXsEhy9r8vyLfwnrBV2wBe_8yh4eCCMJtO8VNiNucSp35Amu05tih3a8xYXQxRxoUkQDHdCw7nW8D31w-xBqya757bcQ7tErWAxrTj9EFSteCHgxGebiCnCAX83DBcNX67kWNZGIBWSj7OMMl1HDtYhiuajGSNS7_O4XHMhKSOufUDUw/w768
https://www.opera.com/gx
https://www.blogger.com/about/img/sections/millions/millions-map_2x.png
https://www.instagram.com/opera_gx/
https://d266key948fg17.cloudfront.net/themes/startui/css/lib/colorpicker/css/colorpicker.css

Dropped files

No malicious files found. See full and IOC report for all dropped files.

Deep Malware Analysis

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Deep Malware Analysis

Comments

Tags

Available tags:

Details

Joe Sandbox

IPs

Domains

URLs

Dropped files

Search started