IOC Report
https://sanbernardinoscounty.telcom-info.com/

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 53
ASCII text, with very long lines (6645), with no line terminators
dropped
Chrome Cache Entry: 54
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 55
ASCII text, with very long lines (32065)
dropped
Chrome Cache Entry: 56
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 57
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 58
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 59
ASCII text, with very long lines (3379)
downloaded
Chrome Cache Entry: 60
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 61
ASCII text, with very long lines (65447)
dropped
Chrome Cache Entry: 62
HTML document, ASCII text
downloaded
Chrome Cache Entry: 63
ASCII text, with very long lines (47261)
downloaded
Chrome Cache Entry: 64
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 65
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
dropped
Chrome Cache Entry: 66
ASCII text, with very long lines (47261)
dropped
Chrome Cache Entry: 67
ASCII text, with very long lines (50758)
dropped
Chrome Cache Entry: 68
PNG image data, 12 x 71, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 69
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 70
PNG image data, 12 x 71, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 71
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 72
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 73
ASCII text, with very long lines (50758)
downloaded
Chrome Cache Entry: 74
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 75
HTML document, ASCII text, with very long lines (4903)
downloaded
Chrome Cache Entry: 76
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
downloaded
Chrome Cache Entry: 77
ASCII text, with very long lines (6645), with no line terminators
downloaded
Chrome Cache Entry: 78
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 79
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 80
ASCII text, with very long lines (32065)
downloaded
Chrome Cache Entry: 81
ASCII text, with very long lines (65447)
downloaded
Chrome Cache Entry: 82
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 83
SVG Scalable Vector Graphics image
downloaded
There are 22 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=2188,i,10797738705276059449,12300204305592509053,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sanbernardinoscounty.telcom-info.com/"

URLs

Name
IP
Malicious
https://sanbernardinoscounty.telcom-info.com/
malicious
https://sanbernardinoscounty.telcom-info.com/&redirect=748a7e906055260effecf777292e4da84f206e0fmain&uid=f253efe302d32ab264a76e0ce65be76966fc7b00337d8
malicious
https://sanbernardinoscounty.telcom-info.com/&redirect=748a7e906055260effecf777292e4da84f206e0fmain&uid=f253efe302d32ab264a76e0ce65be76966fc7b00337d8#
malicious
https://sanbernardinoscounty.telcom-info.com/sig/c96dc13f1d8b04b0d1feb407ec1a1d4666fc7b0344ab6
104.21.55.67
https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js
104.18.94.41
https://sanbernardinoscounty.telcom-info.com/logo_/c96dc13f1d8b04b0d1feb407ec1a1d4666fc7b03449ef
104.21.55.67
https://sanbernardinoscounty.telcom-info.com/logo_/5HwVWMJJMP8EV8z
104.21.55.67
https://code.jquery.com/jquery-3.6.0.min.js
151.101.2.137
https://sanbernardinoscounty.telcom-info.com/cdn-cgi/challenge-platform/h/g/rc/8cbff7d01962c33d
104.21.55.67
https://sanbernardinoscounty.telcom-info.com/js___/66fc7b007c23b-b860da8ffc87dc502860e1b645c22d2f
104.21.55.67
https://sanbernardinoscounty.telcom-info.com/js_/66fc7b007c248-b860da8ffc87dc502860e1b645c22d2f
104.21.55.67
https://sanbernardinoscounty.telcom-info.com/captcha/style.css
104.21.55.67
https://sanbernardinoscounty.telcom-info.com/b_/66fc7b007c246-b860da8ffc87dc502860e1b645c22d2f
104.21.55.67
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/u972b/0x4AAAAAAAwgo_4sU4R7BlsA/auto/fbE/normal/auto/
104.18.95.41
https://sanbernardinoscounty.telcom-info.com/fav/BxFYbJCBp2C7xgu
104.21.55.67
https://getbootstrap.com/)
unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8cbff7d01962c33d/1727822571917/09924a35f3c758709af88e0a588b7cd2bbbe09a1e05bd9809c84033ada6e7c05/xRO-NWK2Qn8voTN
104.18.95.41
https://sanbernardinoscounty.telcom-info.com/em9XWWsyOWNaZkNyVjZorobotem9XWWsyOWNaZkNyVjZo
104.21.55.67
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8cbff7d01962c33d/1727822571920/dF8dAYCSi2ZeUfY
104.18.95.41
https://github.com/twbs/bootstrap/graphs/contributors)
unknown
https://sanbernardinoscounty.telcom-info.com/
https://github.com/twbs/bootstrap/blob/master/LICENSE)
unknown
https://sanbernardinoscounty.telcom-info.com/2svg/ZLWhvXZy16NYSMW
104.21.55.67
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
104.18.95.41
https://sanbernardinoscounty.telcom-info.com/captcha/logo.svg
104.21.55.67
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8cbff7d01962c33d&lang=auto
104.18.95.41
https://sanbernardinoscounty.telcom-info.com/css_/DmiM9Aw3DnV3DPQ
104.21.55.67
https://sanbernardinoscounty.telcom-info.com/home6dca65610bad709b07a9e6041699d6ce
104.21.55.67
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1121365584:1727821582:FtjyX9VbAvqmLS5-UuL06udmIDQT7dp1rW-1y8F4S1Y/8cbff7d01962c33d/bcbf9bd71f426c2
104.18.95.41
https://sanbernardinoscounty.telcom-info.com/favicon.ico
104.21.55.67
There are 19 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
sanbernardinoscounty.telcom-info.com
104.21.55.67
 malicious
bg.microsoft.map.fastly.net
199.232.210.172
a.nel.cloudflare.com
35.190.80.1
code.jquery.com
151.101.2.137
challenges.cloudflare.com
104.18.94.41
www.google.com
216.58.206.36
fp2e7a.wpc.phicdn.net
192.229.221.95

IPs

IP
Domain
Country
Malicious
104.21.55.67
sanbernardinoscounty.telcom-info.com
United States
malicious
104.18.94.41
challenges.cloudflare.com
United States
104.18.95.41
unknown
United States
192.168.2.4
unknown
unknown
192.168.2.6
unknown
unknown
216.58.206.36
www.google.com
United States
151.101.2.137
code.jquery.com
United States
239.255.255.250
unknown
Reserved
35.190.80.1
a.nel.cloudflare.com
United States

DOM / HTML

URL
Malicious
https://sanbernardinoscounty.telcom-info.com/&redirect=748a7e906055260effecf777292e4da84f206e0fmain&uid=f253efe302d32ab264a76e0ce65be76966fc7b00337d8
 malicious
https://sanbernardinoscounty.telcom-info.com/&redirect=748a7e906055260effecf777292e4da84f206e0fmain&uid=f253efe302d32ab264a76e0ce65be76966fc7b00337d8#
 malicious
https://sanbernardinoscounty.telcom-info.com/
https://sanbernardinoscounty.telcom-info.com/
https://sanbernardinoscounty.telcom-info.com/&redirect=748a7e906055260effecf777292e4da84f206e0fmain&uid=f253efe302d32ab264a76e0ce65be76966fc7b00337d8