IOC Report
https://u48635528.ct.sendgrid.net/ls/click?upn=u001.9c3qucD-2BQzNTT0bmLRTJr37m0fhz0zdKJtvEO5GYL-2FheRuyVOh-2FQG4V3oBgBPYNynDxn_I1ksFJapfNmw0nKrksu71KTxdlg2CVrjzBUVofCtIEhaWkhL1Pph-2Ffg-2BCFbPvkCL9SX-2Fn-2BNBrku3RcjHS1atB8ladrmemt-2BtQU5680xhgoUl-2FmS0Bdj-2FOfednny-2F-2Bj2bwjjubeRvrpN0J7TGLD3CnNRzymi

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 100
ASCII text
downloaded
Chrome Cache Entry: 101
ASCII text, with very long lines (64796)
downloaded
Chrome Cache Entry: 102
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 103
C source, ASCII text, with very long lines (65103)
dropped
Chrome Cache Entry: 104
C++ source, ASCII text
dropped
Chrome Cache Entry: 105
ASCII text, with very long lines (47691)
downloaded
Chrome Cache Entry: 106
HTML document, ASCII text, with very long lines (7461), with CRLF line terminators
downloaded
Chrome Cache Entry: 107
C++ source, ASCII text
dropped
Chrome Cache Entry: 108
ASCII text, with very long lines (655)
downloaded
Chrome Cache Entry: 109
ASCII text, with very long lines (505)
downloaded
Chrome Cache Entry: 110
ASCII text
downloaded
Chrome Cache Entry: 111
ASCII text, with very long lines (52717), with no line terminators
dropped
Chrome Cache Entry: 112
ASCII text, with very long lines (510)
downloaded
Chrome Cache Entry: 113
HTML document, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 114
ASCII text, with very long lines (52717), with no line terminators
downloaded
Chrome Cache Entry: 115
ASCII text
downloaded
Chrome Cache Entry: 116
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 117
ASCII text, with very long lines (48316), with no line terminators
downloaded
Chrome Cache Entry: 118
very short file (no magic)
dropped
Chrome Cache Entry: 119
ASCII text
downloaded
Chrome Cache Entry: 120
ASCII text, with very long lines (534)
downloaded
Chrome Cache Entry: 121
ASCII text, with very long lines (566)
downloaded
Chrome Cache Entry: 122
ASCII text, with very long lines (655)
dropped
Chrome Cache Entry: 123
ASCII text
downloaded
Chrome Cache Entry: 124
ASCII text, with very long lines (42133)
downloaded
Chrome Cache Entry: 125
Unicode text, UTF-8 text, with very long lines (65302)
downloaded
Chrome Cache Entry: 126
ASCII text, with very long lines (26038)
dropped
Chrome Cache Entry: 127
ASCII text
downloaded
Chrome Cache Entry: 128
ASCII text, with very long lines (505)
dropped
Chrome Cache Entry: 129
ASCII text, with very long lines (47691)
dropped
Chrome Cache Entry: 130
ASCII text
downloaded
Chrome Cache Entry: 131
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 132
ASCII text, with very long lines (26038)
downloaded
Chrome Cache Entry: 133
C source, ASCII text, with very long lines (65103)
downloaded
Chrome Cache Entry: 134
ASCII text, with very long lines (590)
downloaded
Chrome Cache Entry: 135
C++ source, ASCII text
downloaded
Chrome Cache Entry: 136
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 137
ASCII text
downloaded
Chrome Cache Entry: 138
ASCII text, with very long lines (510)
downloaded
Chrome Cache Entry: 139
PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 140
very short file (no magic)
downloaded
Chrome Cache Entry: 141
ASCII text, with very long lines (309), with no line terminators
downloaded
Chrome Cache Entry: 142
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 143
ASCII text, with very long lines (65471)
downloaded
Chrome Cache Entry: 144
ASCII text
downloaded
Chrome Cache Entry: 145
PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 146
C++ source, ASCII text
downloaded
Chrome Cache Entry: 148
Unicode text, UTF-8 text, with very long lines (1999)
downloaded
Chrome Cache Entry: 149
ASCII text
downloaded
Chrome Cache Entry: 150
ASCII text
downloaded
Chrome Cache Entry: 151
PNG image data, 85 x 84, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 152
ASCII text
downloaded
Chrome Cache Entry: 153
RIFF (little-endian) data, Web/P image
dropped
Chrome Cache Entry: 154
Unicode text, UTF-8 text, with very long lines (1999)
dropped
Chrome Cache Entry: 155
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 156
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 157
ISO Media, AVIF Image
downloaded
Chrome Cache Entry: 158
ASCII text, with very long lines (584)
downloaded
Chrome Cache Entry: 159
ASCII text, with very long lines (65447)
downloaded
Chrome Cache Entry: 160
ASCII text, with very long lines (584)
downloaded
Chrome Cache Entry: 90
ASCII text, with very long lines (48316), with no line terminators
dropped
Chrome Cache Entry: 91
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 92
ASCII text, with very long lines (42133)
dropped
Chrome Cache Entry: 93
ASCII text, with very long lines (534)
dropped
Chrome Cache Entry: 94
C++ source, ASCII text
downloaded
Chrome Cache Entry: 95
Unicode text, UTF-8 text, with very long lines (64241)
downloaded
Chrome Cache Entry: 96
ASCII text
downloaded
Chrome Cache Entry: 97
PNG image data, 85 x 84, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 98
ASCII text, with very long lines (65447)
dropped
Chrome Cache Entry: 99
ASCII text, with very long lines (889)
downloaded
There are 61 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 --field-trial-handle=2184,i,16216931406052077685,12258593512264580968,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://u48635528.ct.sendgrid.net/ls/click?upn=u001.9c3qucD-2BQzNTT0bmLRTJr37m0fhz0zdKJtvEO5GYL-2FheRuyVOh-2FQG4V3oBgBPYNynDxn_I1ksFJapfNmw0nKrksu71KTxdlg2CVrjzBUVofCtIEhaWkhL1Pph-2Ffg-2BCFbPvkCL9SX-2Fn-2BNBrku3RcjHS1atB8ladrmemt-2BtQU5680xhgoUl-2FmS0Bdj-2FOfednny-2F-2Bj2bwjjubeRvrpN0J7TGLD3CnNRzymiQOzypjCqxHhzmXtY2EWHJMJBxjl-2FHlyEIekWjEdTpTsRC8R5LaI-2BXF4kV8UeUtXxyFJLbYiR3fqcWt2evvBBECu9MeQj8TLZrmfuTf-2BJQraijp8-2BcIdxf8rnVxjHoJK1lo9-2Bkao444JbRSinVA-2FoUxeuAtdlrITU1Z6gHAn7DLZstY4XJkhkT16-2F2TN4CFt2LQ-2BEh9GWg4EPlocPi8ljTs-2B9D9RVbWdc3s2Vk2VPHSj20oCO3-2FalihBzGJuaYie5tnYaz6wBF3EqNzMXmVqRnMZwSYuGRwSMVhkchytYzt3hUH-2F51IUfn7nuhHUcUbdS8nBYneAMuB2eSDRn8IZzUkExLUascCVn8T9ImEyo0qhVsBPdJjfT9L3qli9clY1N-2BhQXDZgQnsN1Bs9PujeLzem37C62BvWnqPnqvXh5vbcvseiZwTP35DEJysw-3D-3D#mlyon@wc.com"

URLs

Name
IP
Malicious
https://u48635528.ct.sendgrid.net/ls/click?upn=u001.9c3qucD-2BQzNTT0bmLRTJr37m0fhz0zdKJtvEO5GYL-2FheRuyVOh-2FQG4V3oBgBPYNynDxn_I1ksFJapfNmw0nKrksu71KTxdlg2CVrjzBUVofCtIEhaWkhL1Pph-2Ffg-2BCFbPvkCL9SX-2Fn-2BNBrku3RcjHS1atB8ladrmemt-2BtQU5680xhgoUl-2FmS0Bdj-2FOfednny-2F-2Bj2bwjjubeRvrpN0J7TGLD3CnNRzymiQOzypjCqxHhzmXtY2EWHJMJBxjl-2FHlyEIekWjEdTpTsRC8R5LaI-2BXF4kV8UeUtXxyFJLbYiR3fqcWt2evvBBECu9MeQj8TLZrmfuTf-2BJQraijp8-2BcIdxf8rnVxjHoJK1lo9-2Bkao444JbRSinVA-2FoUxeuAtdlrITU1Z6gHAn7DLZstY4XJkhkT16-2F2TN4CFt2LQ-2BEh9GWg4EPlocPi8ljTs-2B9D9RVbWdc3s2Vk2VPHSj20oCO3-2FalihBzGJuaYie5tnYaz6wBF3EqNzMXmVqRnMZwSYuGRwSMVhkchytYzt3hUH-2F51IUfn7nuhHUcUbdS8nBYneAMuB2eSDRn8IZzUkExLUascCVn8T9ImEyo0qhVsBPdJjfT9L3qli9clY1N-2BhQXDZgQnsN1Bs9PujeLzem37C62BvWnqPnqvXh5vbcvseiZwTP35DEJysw-3D-3D#mlyon@wc.com
malicious
https://petadolex.ca/Privacy/mwe.html
192.185.77.74
 malicious
https://github.com/mozilla/rhino/issues/346
unknown
https://login.microsoftonline.com/uxlogout?appid
unknown
https://tc39.es/ecma262/#sec-toobject
unknown
https://bugzil.la/548397
unknown
https://code.jquery.com/jquery-3.6.0.min.js
151.101.66.137
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8f71270faa3f423a/1735049197093/4d817d3c4d7367ea88d3e4c448db4fd7f0e9c1b3844763606733f21905384022/4-si6UbIXrCDaOH
104.18.94.41
https://github.com/carhartl/jquery-cookie
unknown
https://tc39.es/ecma262/#sec-lengthofarraylike
unknown
https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot-aec
unknown
https://tc39.es/ecma262/#sec-iscallable
unknown
http://scottjehl.github.io/picturefill
unknown
https://tc39.es/ecma262/#sec-object.getownpropertydescriptor
unknown
https://aor0uy31giayv7sv489le3qcmkvpqjcnzqqb1rlz1pffhpbr94sby.ygncsqvu.ru/598751268380591bUNXIIfJaIAHTIXSYQUJXLCQDGIOWNJQWJMTAUJIIGQ
172.67.168.1
https://github.com/zloirock/core-js
unknown
https://login.microsoftonline.com/savedusers?appid
unknown
https://tc39.es/ecma262/#sec-object.prototype.propertyisenumerable
unknown
https://tc39.es/ecma262/#sec-array.prototype.includes
unknown
https://tc39.es/ecma262/#sec-object.defineproperty
unknown
http://petadolex.ca//Privacy/mwe.html
192.185.77.74
https://tc39.es/ecma262/#sec-object.setprototypeof
unknown
https://tc39.es/ecma262/#sec-hasownproperty
unknown
https://tc39.es/ecma262/#sec-math.trunc
unknown
https://bugs.chromium.org/p/v8/issues/detail?id=12006
unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1333725566:1735046060:ea7DtCrMPzRHKu6JjFqJvdNTHHkD3P6YuZW747PdR4Y/8f71270faa3f423a/qEnuJJ6hsd2nQpw8YmXDFEnYwgxQQgvbDsWJJCsuHBk-1735049192-1.1.1.1-uO8h3i.NDANY4hPZuNQYsijOqvbMG2iJ4kKaQ5gCVucf1LtqvyuODcuc2aYcszLF
104.18.94.41
https://bugzilla.mozilla.org/show_bug.cgi?id=277178
unknown
https://github.com/tc39/proposal-error-cause
unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1
104.18.94.41
https://bugzilla.mozilla.org/show_bug.cgi?id=308064
unknown
https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js
104.18.94.41
https://github.com/scottjehl/picturefill/blob/master/Authors.txt;
unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8f71270faa3f423a/1735049197089/RNQ7OOfTgli-F5R
104.18.94.41
https://tc39.es/ecma262/#sec-tointegerorinfinity
unknown
https://tc39.es/ecma262/#sec-requireobjectcoercible
unknown
https://github.com/w3c/aria-practices/pull/1757
unknown
http://github.com/requirejs/almond/LICENSE
unknown
https://github.com/scottjehl/picturefill/tree/3.0/src/plugins/gecko-picture
unknown
https://github.com/microsoft/BotFramework-WebChat/issues/2119
unknown
https://login.microsoftonline.com/forgetuser
unknown
https://github.com/zloirock/core-js/blob/v3.30.1/LICENSE
unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/o2okh/0x4AAAAAAA3SrXwIAdDnw3nH/auto/fbE/normal/auto/
104.18.94.41
https://keycode.info/table-of-all-keycodes
unknown
https://tc39.es/ecma262/#sec-getmethod
unknown
https://tc39.es/ecma262/#sec-toprimitive
unknown
https://github.com/nevware21/ts-async
unknown
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
104.17.24.14
https://scottjehl.github.io/picturefill/
unknown
https://a.nel.cloudflare.com/report/v4?s=ZDUxCl9o5ILuNQ9LtJV5oDGSehkMgtpnrYG3dGjUe%2BkEJhR5Vd0N%2B0QiT4mUIWvAWOCt%2FonG9TjoVuWrq4fzPWKOxgCQk5dzZPG6Ez4syCDm8IZxaOOzwCQpM%2BFunQ%3D%3D
35.190.80.1
https://developer.mozilla.org/en-US/docs/Web/API/KeyboardEvent/key/Key_Values
unknown
https://tc39.es/ecma262/#sec-topropertykey
unknown
https://dev.azure.com/mscomdev/Moray/_workitems/edit/4494
unknown
https://github.com/zloirock/core-js/blob/v3.25.0/LICENSE
unknown
https://elad.medium.com/css-position-sticky-how-it-really-works-54cd01dc2d46
unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8f71270faa3f423a&lang=auto
104.18.94.41
https://jquery.org/license
unknown
https://bugs.chromium.org/p/v8/issues/detail?id=3334
unknown
https://jquery.com/
unknown
https://tc39.es/ecma262/#sec-object.getownpropertynames
unknown
https://javascript.info/size-and-scroll-window#width-height-of-the-document
unknown
https://a.nel.cloudflare.com/report/v4?s=mE2ru3%2FloL1M4wGqzTMnZ9emURenUJcl7iXw3H2DbPreURfcPsPl96mKnx9D3mq6OzS%2FxlBwQ3LKUn900lsO69AmDyYB8ACps9jndZ2kUoJkB1bXail%2B9GrtGl3k4Oi5uKi1VPIX
35.190.80.1
https://tc39.es/ecma262/#sec-array.prototype.indexof
unknown
https://tc39.es/ecma262/#sec-tolength
unknown
https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot
unknown
https://github.com/zloirock/core-js/issues/86#issuecomment-115759028
unknown
https://sizzlejs.com/
unknown
https://u48635528.ct.sendgrid.net/ls/click?upn=u001.9c3qucD-2BQzNTT0bmLRTJr37m0fhz0zdKJtvEO5GYL-2FheRuyVOh-2FQG4V3oBgBPYNynDxn_I1ksFJapfNmw0nKrksu71KTxdlg2CVrjzBUVofCtIEhaWkhL1Pph-2Ffg-2BCFbPvkCL9SX-2Fn-2BNBrku3RcjHS1atB8ladrmemt-2BtQU5680xhgoUl-2FmS0Bdj-2FOfednny-2F-2Bj2bwjjubeRvrpN0J7TGLD3CnNRzymiQOzypjCqxHhzmXtY2EWHJMJBxjl-2FHlyEIekWjEdTpTsRC8R5LaI-2BXF4kV8UeUtXxyFJLbYiR3fqcWt2evvBBECu9MeQj8TLZrmfuTf-2BJQraijp8-2BcIdxf8rnVxjHoJK1lo9-2Bkao444JbRSinVA-2FoUxeuAtdlrITU1Z6gHAn7DLZstY4XJkhkT16-2F2TN4CFt2LQ-2BEh9GWg4EPlocPi8ljTs-2B9D9RVbWdc3s2Vk2VPHSj20oCO3-2FalihBzGJuaYie5tnYaz6wBF3EqNzMXmVqRnMZwSYuGRwSMVhkchytYzt3hUH-2F51IUfn7nuhHUcUbdS8nBYneAMuB2eSDRn8IZzUkExLUascCVn8T9ImEyo0qhVsBPdJjfT9L3qli9clY1N-2BhQXDZgQnsN1Bs9PujeLzem37C62BvWnqPnqvXh5vbcvseiZwTP35DEJysw-3D-3D
167.89.118.23
https://js.foundation/
unknown
https://tc39.es/proposal-error-cause/#sec-errorobjects-install-error-cause
unknown
https://tc39.es/ecma262/#sec-ordinarytoprimitive
unknown
There are 59 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
o6rl.inexpartan.ru
104.21.91.204
 malicious
petadolex.ca
192.185.77.74
 malicious
u48635528.ct.sendgrid.net
167.89.118.23
a.nel.cloudflare.com
35.190.80.1
code.jquery.com
151.101.66.137
cdnjs.cloudflare.com
104.17.24.14
challenges.cloudflare.com
104.18.94.41
www.google.com
172.217.21.36
aor0uy31giayv7sv489le3qcmkvpqjcnzqqb1rlz1pffhpbr94sby.ygncsqvu.ru
172.67.168.1
s-part-0035.t-0009.t-msedge.net
13.107.246.63
s.go-mpulse.net
unknown
www.azure.com
unknown
play.vidyard.com
unknown
cdn.botframework.com
unknown
There are 4 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
104.21.91.204
o6rl.inexpartan.ru
United States
malicious
192.185.77.74
petadolex.ca
United States
malicious
104.18.94.41
challenges.cloudflare.com
United States
192.168.2.4
unknown
unknown
192.168.2.5
unknown
unknown
151.101.66.137
code.jquery.com
United States
172.217.21.36
www.google.com
United States
35.190.80.1
a.nel.cloudflare.com
United States
104.17.24.14
cdnjs.cloudflare.com
United States
172.67.168.1
aor0uy31giayv7sv489le3qcmkvpqjcnzqqb1rlz1pffhpbr94sby.ygncsqvu.ru
United States
104.18.95.41
unknown
United States
167.89.118.23
u48635528.ct.sendgrid.net
United States
239.255.255.250
unknown
Reserved
104.17.25.14
unknown
United States
There are 4 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
https://o6rl.inexpartan.ru/0Fhb7R/?qrc=mlyon@wc.com
https://o6rl.inexpartan.ru/0Fhb7R/?qrc=mlyon@wc.com
https://o6rl.inexpartan.ru/0Fhb7R/?qrc=mlyon@wc.com
https://azure.microsoft.com/en-us/