IOC Report
http://www.depositsaccount.com/bank/orange_-county-cu/offers

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 54
JSON data
downloaded
Chrome Cache Entry: 55
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 56
gzip compressed data, from Unix, original size modulo 2^32 1008
downloaded
Chrome Cache Entry: 57
HTML document, ASCII text, with very long lines (619)
downloaded
Chrome Cache Entry: 58
HTML document, ASCII text, with very long lines (376), with no line terminators
downloaded
Chrome Cache Entry: 59
ASCII text, with very long lines (392), with no line terminators
downloaded
Chrome Cache Entry: 60
JSON data
dropped
Chrome Cache Entry: 61
ASCII text, with very long lines (60343)
dropped
Chrome Cache Entry: 62
ASCII text, with very long lines (392), with no line terminators
dropped
Chrome Cache Entry: 63
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 64
ASCII text, with very long lines (1932)
dropped
Chrome Cache Entry: 65
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 66
ASCII text, with very long lines (3809)
downloaded
Chrome Cache Entry: 67
ASCII text, with very long lines (65465)
dropped
Chrome Cache Entry: 68
ASCII text, with very long lines (1932)
dropped
Chrome Cache Entry: 69
MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors
downloaded
Chrome Cache Entry: 70
ASCII text, with very long lines (65465)
downloaded
Chrome Cache Entry: 71
HTML document, ASCII text, with very long lines (13818)
downloaded
Chrome Cache Entry: 72
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 73
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 74
ASCII text, with very long lines (60343)
downloaded
Chrome Cache Entry: 75
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 76
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 77
JSON data
dropped
Chrome Cache Entry: 78
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 79
ASCII text, with very long lines (1932)
downloaded
Chrome Cache Entry: 80
ASCII text, with very long lines (1932)
downloaded
Chrome Cache Entry: 81
MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors
dropped
There are 19 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 --field-trial-handle=1992,i,5654750564187038092,3657250810642955894,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.depositsaccount.com/bank/orange_-county-cu/offers"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1

URLs

Name
IP
Malicious
http://www.depositsaccount.com/bank/orange_-county-cu/offers
https://btloader.com/tag?o=5097926782615552&upapi=true
104.22.75.216
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
172.217.16.198
https://ad-delivery.net/px.gif?ch=2
104.26.2.70
https://api.aws.parking.godaddy.com/v1/parkingEvents?abp=1&gdabp=true
44.212.248.130
https://ad-delivery.net/px.gif?ch=1&e=0.7057905409078107
104.26.2.70
https://syndicatedsearch.goog
unknown
https://api.aws.parking.godaddy.com/v1/domains/domain?domain=www6.depositsaccount.com&portfolioId=&abp=1&gdabp=true
44.212.248.130
https://syndicatedsearch.goog/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=az2zcdvxfoft&aqid=ROEbZ8u3IbjRjuwP_vSJmAw&psid=7621175430&pbt=bs&adbx=390&adby=116&adbh=449&adbw=500&adbah=143%2C143%2C143&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=688160506&csala=24%7C0%7C1998%7C1715%7C379&lle=0&ifv=1&hpt=0
142.250.186.46
https://syndicatedsearch.goog/adsense/domains/caf.js?pac=0
142.250.184.206
http://www6.depositsaccount.com/?template=ARROW_3&tdfs=1&s_token=1729880380.0493870000&uuid=1729880380.0493870000&term=Best%20Bank%20Rates%20For%20Savings%20Accounts&term=Best%20Bank%20Rates%20For%20Checking%20Accounts&term=Compare%20Bank%20Refinance%20Rates&searchbox=0&showDomain=0&backfill=0
15.197.204.56
https://postback.trafficmotor.com/sn/
unknown
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%230f1c21
142.250.186.129
http://InquiryGrid.com/sk-domsale.php?dom=depositsaccount.com
unknown
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%230f1c21
142.250.186.129
http://ww8.depositsaccount.com/
http://www6.depositsaccount.com/lander?template=ARROW_3&tdfs=1&s_token=1729880380.0493870000&uuid=1729880380.0493870000&term=Best%20Bank%20Rates%20For%20Savings%20Accounts&term=Best%20Bank%20Rates%20For%20Checking%20Accounts&term=Compare%20Bank%20Refinance%20Rates&searchbox=0&showDomain=0&backfill=0
http://www.depositsaccount.com/bank/orange_-county-cu/offers
199.191.50.184
https://img1.wsimg.com/parking-lander/static/js/main.a6395724.js
unknown
https://postback.trafficmotor.com/sn/?abp=1&gdabp=true
45.79.38.145
https://syndicatedsearch.goog/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=4qqpdpi2ry3k&aqid=ROEbZ8u3IbjRjuwP_vSJmAw&psid=7621175430&pbt=bv&adbx=390&adby=116&adbh=449&adbw=500&adbah=143%2C143%2C143&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=688160506&csala=24%7C0%7C1998%7C1715%7C379&lle=0&ifv=1&hpt=0
142.250.186.46
https://www.google.com/pagead/1p-conversion/16521530460/?gad_source=1&adview_type=5
unknown
https://www.google.com/adsense/domains/caf.js?abp=1&gdabp=true
172.217.16.196
http://www6.depositsaccount.com/?template
unknown
https://img1.wsimg.com/parking-lander/static/css/main.ef90a627.css
unknown
There are 14 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
gddomainparking.com
44.212.248.130
www.depositsaccount.com
199.191.50.184
syndicatedsearch.goog
142.250.186.46
ad.doubleclick.net
172.217.16.198
s-part-0017.t-0009.t-msedge.net
13.107.246.45
www10.smartname.com
15.197.204.56
postback.trafficmotor.com
45.79.38.145
fp2e7a.wpc.phicdn.net
192.229.221.95
ad-delivery.net
104.26.2.70
bg.microsoft.map.fastly.net
199.232.214.172
www.google.com
172.217.16.196
btloader.com
104.22.75.216
deliver.trafficmotor.com
72.14.178.174
googlehosted.l.googleusercontent.com
142.250.186.129
img1.wsimg.com
unknown
afs.googleusercontent.com
unknown
www6.depositsaccount.com
unknown
ww8.depositsaccount.com
unknown
api.aws.parking.godaddy.com
unknown
There are 9 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
142.250.186.46
syndicatedsearch.goog
United States
45.79.38.145
postback.trafficmotor.com
United States
192.168.2.4
unknown
unknown
216.58.206.38
unknown
United States
44.212.248.130
gddomainparking.com
United States
142.250.184.206
unknown
United States
104.22.75.216
btloader.com
United States
104.26.2.70
ad-delivery.net
United States
199.191.50.184
www.depositsaccount.com
Virgin Islands (BRITISH)
72.14.178.174
deliver.trafficmotor.com
United States
142.250.185.110
unknown
United States
15.197.204.56
www10.smartname.com
United States
172.67.41.60
unknown
United States
142.250.186.129
googlehosted.l.googleusercontent.com
United States
142.250.185.193
unknown
United States
239.255.255.250
unknown
Reserved
18.210.70.42
unknown
United States
142.250.186.164
unknown
United States
172.217.16.196
www.google.com
United States
172.217.16.198
ad.doubleclick.net
United States
There are 10 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
http://ww8.depositsaccount.com/
http://www6.depositsaccount.com/lander?template=ARROW_3&tdfs=1&s_token=1729880380.0493870000&uuid=1729880380.0493870000&term=Best%20Bank%20Rates%20For%20Savings%20Accounts&term=Best%20Bank%20Rates%20For%20Checking%20Accounts&term=Compare%20Bank%20Refinance%20Rates&searchbox=0&showDomain=0&backfill=0
http://www6.depositsaccount.com/lander?template=ARROW_3&tdfs=1&s_token=1729880380.0493870000&uuid=1729880380.0493870000&term=Best%20Bank%20Rates%20For%20Savings%20Accounts&term=Best%20Bank%20Rates%20For%20Checking%20Accounts&term=Compare%20Bank%20Refinance%20Rates&searchbox=0&showDomain=0&backfill=0
http://www6.depositsaccount.com/lander?template=ARROW_3&tdfs=1&s_token=1729880380.0493870000&uuid=1729880380.0493870000&term=Best%20Bank%20Rates%20For%20Savings%20Accounts&term=Best%20Bank%20Rates%20For%20Checking%20Accounts&term=Compare%20Bank%20Refinance%20Rates&searchbox=0&showDomain=0&backfill=0
http://www6.depositsaccount.com/lander?template=ARROW_3&tdfs=1&s_token=1729880380.0493870000&uuid=1729880380.0493870000&term=Best%20Bank%20Rates%20For%20Savings%20Accounts&term=Best%20Bank%20Rates%20For%20Checking%20Accounts&term=Compare%20Bank%20Refinance%20Rates&searchbox=0&showDomain=0&backfill=0
http://www6.depositsaccount.com/lander?template=ARROW_3&tdfs=1&s_token=1729880380.0493870000&uuid=1729880380.0493870000&term=Best%20Bank%20Rates%20For%20Savings%20Accounts&term=Best%20Bank%20Rates%20For%20Checking%20Accounts&term=Compare%20Bank%20Refinance%20Rates&searchbox=0&showDomain=0&backfill=0