IOC Report
https://cloudflare-verify.rarnonalumber.com/ASSHykolD9ckJdIuH3YlABDbqab5Og9Kycuy0pGl5dMYU7RfBjnGAFd94Vr9AbkcaqckheKUDTYsjw.html

loading gifFilesURLsDomainsIPs2015105020102Label

Files

File Path
Type
Category
Malicious
Download
Chrome Cache Entry: 65
HTML document, ASCII text
downloaded
Chrome Cache Entry: 67
JSON data
downloaded
Chrome Cache Entry: 68
ASCII text, with very long lines (65317)
downloaded
Chrome Cache Entry: 71
RIFF (little-endian) data, Web/P image, VP8 encoding, 75x75, Suserng: [none]x[none], YUV color, decoders should clamp
downloaded
Chrome Cache Entry: 72
Unicode text, UTF-8 (with BOM) text
downloaded
Chrome Cache Entry: 73
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 513
dropped
Chrome Cache Entry: 74
JSON data
dropped
Chrome Cache Entry: 75
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 76
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 77
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3
dropped
Chrome Cache Entry: 79
ASCII text, with very long lines (48122)
downloaded
Chrome Cache Entry: 80
PNG image data, 83 x 90, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 81
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 7390
downloaded
Chrome Cache Entry: 82
ASCII text, with very long lines (49854)
downloaded
Chrome Cache Entry: 83
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 84
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 87
HTML document, Unicode text, UTF-8 text, with very long lines (15552)
downloaded
Chrome Cache Entry: 88
JSON data
dropped
Chrome Cache Entry: 89
HTML document, Unicode text, UTF-8 text
downloaded
Chrome Cache Entry: 90
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
downloaded
Chrome Cache Entry: 92
ASCII text, with very long lines (48316), with no line terminators
downloaded
Chrome Cache Entry: 93
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 250
downloaded
Chrome Cache Entry: 95
MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
downloaded
There are 14 hidden files, click here to show them.

URLs

Name
IP
Malicious
https://cloudflare-verify.rarnonalumber.com/ASSHykolD9ckJdIuH3YlABDbqab5Og9Kycuy0pGl5dMYU7RfBjnGAFd94Vr9AbkcaqckheKUDTYsjw.html
malicious
https://portion.icu/socket.io/?EIO=4&transport=websocket&sid=d9n3UOjJBenkg8YIAAQi
104.21.65.141
 malicious
https://portion.icu/socket.io/?EIO=4&transport=polling&t=PNu_LHb&sid=d9n3UOjJBenkg8YIAAQi
104.21.65.141
 malicious
https://portion.icu/socket.io/?EIO=4&transport=polling&t=PNu_LHc&sid=d9n3UOjJBenkg8YIAAQi
104.21.65.141
 malicious
https://portion.icu/socket.io/?EIO=4&transport=polling&t=PNu_BZR&sid=93z4-nY84hfohGWfAAQc
104.21.65.141
 malicious
https://portion.icu/socket.io/?EIO=4&transport=websocket&sid=93z4-nY84hfohGWfAAQc
104.21.65.141
 malicious
https://cloudflare-verify.rarnonalumber.com/ASSHykolD9ckJdIuH3YlABDbqab5Og9Kycuy0pGl5dMYU7RfBjnGAFd94Vr9AbkcaqckheKUDTYsjw.html
malicious
https://portion.icu/socket.io/?EIO=4&transport=polling&t=PNu_GSd&sid=Aqz-l4-jvMryztWWAAQf
104.21.65.141
 malicious
https://portion.icu/socket.io/?EIO=4&transport=polling&t=PNu_BZT&sid=93z4-nY84hfohGWfAAQc
104.21.65.141
 malicious
https://portion.icu/socket.io/?EIO=4&transport=polling&t=PNu_L0r
104.21.65.141
 malicious
https://portion.icu/socket.io/?EIO=4&transport=polling&t=PNu_BGw
104.21.65.141
 malicious
https://portion.icu/socket.io/?EIO=4&transport=polling&t=PNu_GSc&sid=Aqz-l4-jvMryztWWAAQf
104.21.65.141
 malicious
https://kitsaplawlibrary.com/favicon.ico
104.21.18.76
 malicious
https://kitsaplawlibrary.com/files/images/Logo.png
104.21.18.76
 malicious
https://cloudflare-verify.rarnonalumber.com/encrypt.php
3.145.122.115
 malicious
https://portion.icu/socket.io/?EIO=4&transport=websocket&sid=Aqz-l4-jvMryztWWAAQf
104.21.65.141
 malicious
https://portion.icu/socket.io/?EIO=4&transport=polling&t=PNu_C3m&sid=93z4-nY84hfohGWfAAQc
104.21.65.141
 malicious
https://portion.icu/socket.io/?EIO=4&transport=polling&t=PNu_GBd
104.21.65.141
 malicious
https://kitsaplawlibrary.com/o/?c3Y9bzM2NV8xX3NwJnJhbmQ9WWtwcmNqQT0mdWlkPVVTRVIwMjA0MjAyNVU1ODA0MDIzMg==N0123N
104.21.18.76
 malicious
https://cloudflare-verify.rarnonalumber.com/favicon.ico
3.145.122.115
 malicious
https://a.nel.cloudflare.com/report/v4?s=ZVG7b%2Fsi1Bende409yCuMHDE2mdNrm3liGhX1YmwATtG7vS4y7oC7ya48jJqB5tICY%2B%2FlAlX5QTadCtd1okmUuIQygqNOdy6V7vjsWcPtE%2F032StMfjjitWOX3IkgQ%3D%3D
35.190.80.1
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
104.17.24.14
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
104.17.25.14
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/v87j1/0x4AAAAAAAhaQk6O3Rxrh_sb/auto/fbE/new/normal/auto/
104.18.94.41
https://www.w3schools.com/w3css/4/w3.css
23.44.133.151
https://challenges.cloudflare.com/turnstile/v0/g/64912bd87b0e/api.js
104.18.94.41
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=92a457e02c0f8ccc&lang=auto
104.18.94.41
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/92a457e02c0f8ccc/1743639031196/MDpy8t4RbSeHhov
104.18.94.41
https://cdn.socket.io/4.7.5/socket.io.min.js
3.168.73.27
https://cloudflare-verify.rarnonalumber.com/421ca4369738433e33348785fe776a0c839605d59Kycuy0pGl5dMYU7RfBjnGAFd39605d5QEceopzow.html
https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg
23.209.72.9
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1
104.18.94.41
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/468408820:1743635575:eN_tXAEIWGuwmG6_ddw3XZyOtMyYl-SRX6SBwVnOEvc/92a457e02c0f8ccc/67XtbP._9fcyR0sdWjbjjmXusJamF_QrrzZlNMKTZg0-1743639029-1.1.1.1-AZR.XElpaTBbPvifNwkKL1qDxhf8H_c3e7mmxl9YPBhlJuZKUht_TY4JHgcNRUrJ
104.18.94.41
https://a.nel.cloudflare.com/report/v4?s=2jbua%2Fg%2BqizB33q73HklpH7nq%2BEqqNrdha2sjWKMia9%2F6S6jOL7yGh7zIRlzFgyH6Cjexjl39DFl%2BFIF1RqvMgcAyRifN0Rb87ilsKIddMA43wbxyDHjVkvr3lRjbg%3D%3D
35.190.80.1
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/0h5gj/xsb/auto/fbE/new/normal/auto/
104.18.94.41
https://a.nel.cloudflare.com/report/v4?s=zNF%2F2I%2BfGObVqtHPFaJGkn8sFF6xXsRv4KktGMiq7x1frHzsTNNzItWLTzyKW0jiFniz%2FQ%2FfvX5JktrWP3Ui%2FTENC7CFIZjK9OJoo5HA5uokqpi4gPE9AdMemMAS6Zf7LwjqnUDerQ%3D%3D
35.190.80.1
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/92a457e02c0f8ccc/1743639031195/71f3a5c8d9e06809d81f34d71d22b8e295937b6713099d764246644272f1ac1a/26cvCDoy0Su1SA5
104.18.94.41
https://ih1.redbubble.net/image.3812524360.1168/raf,360x360,075,t,fafafa:ca443f4786.jpg
172.64.144.67
There are 27 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
kitsaplawlibrary.com
104.21.18.76
 malicious
s-part-0012.t-0009.t-msedge.net
13.107.246.40
portion.icu
104.21.65.141
e329293.dscd.akamaiedge.net
23.209.72.9
a.nel.cloudflare.com
35.190.80.1
d2vgu95hoyrpkh.cloudfront.net
3.168.73.27
cdnjs.cloudflare.com
104.17.24.14
challenges.cloudflare.com
104.18.94.41
ih1.redbubble.net
172.64.144.67
www.google.com
142.251.32.100
cloudflare-verify.rarnonalumber.com
3.145.122.115
a1400.dscb.akamai.net
23.44.133.151
aadcdn.msftauth.net
unknown
www.w3schools.com
unknown
cdn.socket.io
unknown
There are 5 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
104.21.18.76
kitsaplawlibrary.com
United States
malicious
192.168.2.16
unknown
unknown
malicious
142.250.80.46
unknown
United States
13.107.246.40
s-part-0012.t-0009.t-msedge.net
United States
142.250.65.163
unknown
United States
23.216.132.21
unknown
United States
104.18.94.41
challenges.cloudflare.com
United States
142.250.176.206
unknown
United States
3.168.73.40
unknown
United States
104.18.43.189
unknown
United States
104.21.65.141
portion.icu
United States
142.251.32.100
www.google.com
United States
172.64.144.67
ih1.redbubble.net
United States
23.48.224.114
unknown
United States
23.44.133.151
a1400.dscb.akamai.net
United States
35.190.80.1
a.nel.cloudflare.com
United States
172.217.165.131
unknown
United States
142.251.40.170
unknown
United States
23.55.243.82
unknown
United States
23.33.42.152
unknown
United States
104.17.24.14
cdnjs.cloudflare.com
United States
23.209.72.9
e329293.dscd.akamaiedge.net
United States
1.1.1.1
unknown
Australia
142.251.179.84
unknown
United States
3.145.122.115
cloudflare-verify.rarnonalumber.com
United States
142.250.65.227
unknown
United States
3.168.73.27
d2vgu95hoyrpkh.cloudfront.net
United States
142.251.32.110
unknown
United States
142.250.176.195
unknown
United States
104.17.25.14
unknown
United States
There are 20 hidden IPs, click here to show them.