IOC Report
https://taxprofessionals-status.hostedtax.thomsonreuters.com/subscriΡtions/confirm/KDRivuRIqSqg5XSi

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 100
ASCII text
dropped
Chrome Cache Entry: 101
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 102
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 103
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
downloaded
Chrome Cache Entry: 104
HTML document, ASCII text, with very long lines (842)
downloaded
Chrome Cache Entry: 105
ASCII text, with very long lines (1897), with no line terminators
downloaded
Chrome Cache Entry: 106
ASCII text, with very long lines (545)
dropped
Chrome Cache Entry: 107
ASCII text
downloaded
Chrome Cache Entry: 108
Unicode text, UTF-8 text, with very long lines (58939)
dropped
Chrome Cache Entry: 109
ASCII text, with very long lines (18291)
dropped
Chrome Cache Entry: 110
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0
downloaded
Chrome Cache Entry: 111
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 112
ASCII text, with very long lines (1073), with no line terminators
downloaded
Chrome Cache Entry: 113
ASCII text, with very long lines (545)
downloaded
Chrome Cache Entry: 114
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 115
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
downloaded
Chrome Cache Entry: 116
Unicode text, UTF-8 (with BOM) text, with very long lines (45088)
downloaded
Chrome Cache Entry: 117
ASCII text, with very long lines (16292)
dropped
Chrome Cache Entry: 118
PNG image data, 461 x 140, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 119
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 120
ASCII text, with very long lines (4165), with no line terminators
downloaded
Chrome Cache Entry: 121
ASCII text, with very long lines (4165), with no line terminators
dropped
Chrome Cache Entry: 122
ASCII text, with very long lines (32684)
downloaded
Chrome Cache Entry: 123
PNG image data, 433 x 438, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 124
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 125
ASCII text, with very long lines (32684)
dropped
Chrome Cache Entry: 126
ASCII text, with very long lines (1897), with no line terminators
dropped
Chrome Cache Entry: 127
ASCII text, with very long lines (16292)
downloaded
Chrome Cache Entry: 128
Web Open Font Format, TrueType, length 71730, version 0.0
downloaded
Chrome Cache Entry: 129
ASCII text, with very long lines (545)
downloaded
Chrome Cache Entry: 130
ASCII text, with very long lines (32764)
downloaded
Chrome Cache Entry: 131
ASCII text, with very long lines (18291)
downloaded
Chrome Cache Entry: 132
ASCII text, with very long lines (34277)
downloaded
Chrome Cache Entry: 133
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
dropped
Chrome Cache Entry: 134
Web Open Font Format, TrueType, length 83588, version 1.0
downloaded
Chrome Cache Entry: 135
JSON data
dropped
Chrome Cache Entry: 136
ASCII text, with very long lines (32764)
dropped
Chrome Cache Entry: 74
PNG image data, 339 x 61, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 75
PNG image data, 461 x 140, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 76
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 77
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
dropped
Chrome Cache Entry: 78
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 79
ASCII text, with very long lines (34277)
dropped
Chrome Cache Entry: 80
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
downloaded
Chrome Cache Entry: 81
PNG image data, 433 x 438, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 82
PNG image data, 339 x 61, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 83
Unicode text, UTF-8 text, with very long lines (58939)
downloaded
Chrome Cache Entry: 84
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 85
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
downloaded
Chrome Cache Entry: 86
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
downloaded
Chrome Cache Entry: 87
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
downloaded
Chrome Cache Entry: 88
Web Open Font Format, TrueType, length 67559, version 0.0
downloaded
Chrome Cache Entry: 89
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
dropped
Chrome Cache Entry: 90
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
downloaded
Chrome Cache Entry: 91
PNG image data, 339 x 61, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 92
JSON data
downloaded
Chrome Cache Entry: 93
PNG image data, 339 x 61, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 94
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
dropped
Chrome Cache Entry: 95
ASCII text, with very long lines (1073), with no line terminators
dropped
Chrome Cache Entry: 96
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
dropped
Chrome Cache Entry: 97
ASCII text
downloaded
Chrome Cache Entry: 98
Web Open Font Format, TrueType, length 77701, version 0.0
downloaded
Chrome Cache Entry: 99
ASCII text, with no line terminators
downloaded
There are 54 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2000,i,2807071297624115394,7481603036306552305,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://taxprofessionals-status.hostedtax.thomsonreuters.com/subscriptions/confirm/KDRivuRIqSqg5XSi"

URLs

Name
IP
Malicious
https://taxprofessionals-status.hostedtax.thomsonreuters.com/subscriptions/confirm/KDRivuRIqSqg5XSi
http://fontawesome.io
unknown
https://www.atlassian.com/legal/cloud-terms-of-service
unknown
https://dka575ofm4ao0.cloudfront.net/assets/status_manifest-6a7ae3a8e2e1b1e1d9466495faa0851c3f5fff938743f6501c900aa2a8792e8c.js
18.165.213.195
https://developers.google.com/recaptcha/docs/faq#localhost_support
unknown
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LcH-b0UAAAAACVQtMb14LBhflMA9y0Nmu7l_W6d&co=aHR0cHM6Ly90YXhwcm9mZXNzaW9uYWxzLXN0YXR1cy5ob3N0ZWR0YXgudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=3ybxeg7efa4
172.217.19.227
https://github.com/carhartl/jquery-cookie
unknown
https://github.com/jsmreese/moment-duration-format
unknown
https://community.atlassian.com/t5/Statuspage-articles/Attention-SMS-notifications-will-be-disabled-
unknown
https://support.google.com/recaptcha#6262736
unknown
https://dka575ofm4ao0.cloudfront.net/assets/register_subscription_form-589b657fec607087fc5c740c56827
unknown
https://dka575ofm4ao0.cloudfront.net/assets/pages/status/externalities_dark-3761258b4ae696df202d52c2c4125ff1507f92ae547a059f7477de2a89193617.png
18.165.213.195
https://www.recaptcha.net/recaptcha/enterprise/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6LdTS8AUAAAAAOIbCKoCAP4LQku1olYGrywPTaZz
172.217.19.227
https://support.google.com/recaptcha/?hl=en#6223828
unknown
https://cloud.google.com/contact
unknown
https://dka575ofm4ao0.cloudfront.net/assets/status/status_manifest-260e48dd9b8c9b04e8d6c6286f76aecb8ac22f273beea6dba3eee902141bcbfe.css
18.165.213.195
https://policies.google.com/terms
unknown
https://dka575ofm4ao0.cloudfront.net/packs/runtime-8a1984f6547cb712c8d9.js
18.165.213.195
https://dka575ofm4ao0.cloudfront.net/packs/common-814024cd42fea12d6fe1.chunk.js
18.165.213.195
https://dka575ofm4ao0.cloudfront.net/pages-transactional_logos/retina/97134/tr_h_lg_rgb_ps.png
18.165.213.195
https://dka575ofm4ao0.cloudfront.net/assets/pages/status/externalities-2428cb8b890516d7bf8ee2939dbd78ad6428890b546c7447f5892524e11e94b1.png
18.165.213.195
https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LcH-b0UAAAAACVQtMb14LBhflMA9y0Nmu7l_W6d
172.217.19.227
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaSemibold-09566917307251d22021a3f91fc646f3e45f
unknown
https://dka575ofm4ao0.cloudfront.net/assets/fontawesome-webfont-c812ddc9e475d3e65d68a6b3b589ce598a2a5babb7afc55477d59215c4a38a40.woff
18.165.213.195
https://tax.thomsonreuters.com
unknown
https://dka575ofm4ao0.cloudfront.net/assets/status_manifest-6a7ae3a8e2e1b1e1d9466495faa0851c3f5fff93
unknown
https://dka575ofm4ao0.cloudfront.net/assets/jquery-3.5.1.min-729e416557a365062a8a20f0562f18aa171da57298005d392312670c706c68de.js
18.165.213.195
http://bootstraptour.com/
unknown
https://cs.thomsonreuters.com/support/contact.aspx
unknown
https://support.google.com/recaptcha/#6175971
unknown
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaBold-622ea489d20e12e691663f83217105e957e2d3d0
unknown
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaLight-e642ffe82005c6208632538a557e7f5dccb835c
unknown
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaRegularIt-0bf83a850b45e4ccda15bd04691e3c47ae8
unknown
https://dka575ofm4ao0.cloudfront.net/assets/status_common-c1b99d73ee7ab0fea796bd170723c1daac1381095a7dd7501a38ce6f333d86b3.js
18.165.213.195
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaBold-27177fe9242acbe089276ee587feef781446667f
unknown
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaRegular-366d17769d864aa72f27defaddf591e460a1d
unknown
https://www.google.com/recaptcha/api2/
unknown
https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=pPK749sccDmVW_9DSeTMVvh2
172.217.19.227
https://openjsf.org/
unknown
https://support.google.com/recaptcha
unknown
http://jedwatson.github.io/classnames
unknown
https://www.recaptcha.net/recaptcha/enterprise/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6LcH-b0UAAAAACVQtMb14LBhflMA9y0Nmu7l_W6d
172.217.19.227
https://dka575ofm4ao0.cloudfront.net/assets/status/status_manifest-260e48dd9b8c9b04e8d6c6286f76aecb8
unknown
http://www.apache.org/licenses/LICENSE-2.0
unknown
https://dka575ofm4ao0.cloudfront.net/packs/globals-0c851e8c6754c4375f64.chunk.js
18.165.213.195
https://www.atlassian.com/legal/product-specific-terms#statuspage-specific-terms
unknown
https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LcQ-b0UAAAAAJjfdwO_-ozGC-CzWDj4Pm1kJ2Ah
172.217.19.227
https://github.com/twitter/typeahead.js
unknown
https://lodash.com/
unknown
https://cloud.google.com/recaptcha-enterprise/billing-information
unknown
https://www.recaptcha.net/recaptcha/enterprise/payload?p=06AFcWeA4DA62wo-8iI44vvFm6VsdWqDs4IFRngr25KyAcvX5fLubKtH7aWIqUD9E_zEGBTumZ-a-3xY5_b0TJ7y1Y2cT8ngnuNd_rh2rq4XqV4lfS3hkfHDoZy5f6gx8Octi3vu25BihajY9_077dnFeS19X6AKhnvEgQL_ZYbTx0OY-ZGbaaFPxfwvodRJ0DkyuRhbXWv-Xk&k=6LcH-b0UAAAAACVQtMb14LBhflMA9y0Nmu7l_W6d
172.217.19.227
http://momentjs.com/
unknown
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaRegularIt-9e43859f8015a4d47d9eaf7bafe8d1e26e3
unknown
https://evilmartians.com/chronicles/postcss-8-plugin-migration
unknown
https://www.atlassian.com/legal/privacy-policy
unknown
https://www.google.com/js/bg/W8CPGdzYmlcjn--3_xeFmudIk8Wv0vupGU9Bdr5QE-g.js
142.250.181.68
https://subscriptions.statuspage.io/slack_authentication/kickoff?page_code=pf2sly4qclgk
unknown
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaSemibold-86724fb2152613d735ba47c3f47a9ad2424b
unknown
https://www.recaptcha.net/recaptcha/enterprise/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6LcQ-b0UAAAAAJjfdwO_-ozGC-CzWDj4Pm1kJ2Ah
172.217.19.227
https://cdnjs.cloudflare.com/polyfill.
unknown
https://dka575ofm4ao0.cloudfront.net/assets/jquery-3.5.1.min-729e416557a365062a8a20f0562f18aa171da57
unknown
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LcQ-b0UAAAAAJjfdwO_-ozGC-CzWDj4Pm1kJ2Ah&co=aHR0cHM6Ly90YXhwcm9mZXNzaW9uYWxzLXN0YXR1cy5ob3N0ZWR0YXgudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=75iljvchvz8u
172.217.19.227
http://fontawesome.io/license
unknown
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
unknown
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaSemibold-cf3e4eb7fbdf6fb83e526cc2a0141e55b010
unknown
https://www.recaptcha.net/recaptcha/enterprise/
unknown
http://underscorejs.org/LICENSE
unknown
https://dka575ofm4ao0.cloudfront.net/assets/status_common-c1b99d73ee7ab0fea796bd170723c1daac1381095a
unknown
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaRegular-a40a469edbd27b65b845b8000d47445a17def
unknown
https://play.google.com/log?format=json&hasfast=true
unknown
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaRegular-2ee4c449a9ed716f1d88207bd1094e21b69e2
unknown
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
unknown
https://feross.org/opensource
unknown
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaLight-0f094da9b301d03292f97db5544142a16f9f2dd
unknown
https://dka575ofm4ao0.cloudfront.net/assets/register_subscription_form-589b657fec607087fc5c740c568270907310bc4f6aaa20256e70f01b103025ca.js
18.165.213.195
https://www.thomsonreuters.com/en/privacy-statement.html
unknown
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdTS8AUAAAAAOIbCKoCAP4LQku1olYGrywPTaZz&co=aHR0cHM6Ly90YXhwcm9mZXNzaW9uYWxzLXN0YXR1cy5ob3N0ZWR0YXgudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=wgimsodqtml0
172.217.19.227
https://dka575ofm4ao0.cloudfront.net/pages-favicon_logos/original/97134/tr_v_lg_rgb_ps.png
18.165.213.195
https://cdnjs.cloudflare.com/polyfill/v3/polyfill.js
104.17.24.14
https://dka575ofm4ao0.cloudfront.net/packs/0.8826066e0f95dc57bbe6.css
18.165.213.195
https://github.com/jonschlinkert/is-plain-object
unknown
https://lodash.com/license
unknown
https://github.com/js-cookie/js-cookie
unknown
https://policies.google.com/privacy
unknown
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaLight-f0b2f7c12b6b87c65c02d3c1738047ea67a7607
unknown
https://www.gstatic.c..?/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__.
unknown
http://feross.org
unknown
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaBold-c8dc577ff7f76d2fc199843e38c04bb2e9fd1588
unknown
https://dka575ofm4ao0.cloudfront.net/assets/ProximaNovaRegularIt-0c394ec7a111aa7928ea470ec0a67c44ebd
unknown
https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdTS8AUAAAAAOIbCKoCAP4LQku1olYGrywPTaZz
172.217.19.227
There are 79 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
dka575ofm4ao0.cloudfront.net
18.165.213.195
cdnjs.cloudflare.com
104.17.24.14
www.recaptcha.net
172.217.19.227
www.google.com
142.250.181.68
taxprofessionals-status-h-0b7c000b-bc9c-471d-8eba-93b0262aadd5.saas.atlassian.com
108.138.7.7
taxprofessionals-status.hostedtax.thomsonreuters.com
unknown

IPs

IP
Domain
Country
Malicious
104.17.24.14
cdnjs.cloudflare.com
United States
172.217.19.227
www.recaptcha.net
United States
18.165.213.195
dka575ofm4ao0.cloudfront.net
United States
192.168.2.4
unknown
unknown
108.138.7.7
taxprofessionals-status-h-0b7c000b-bc9c-471d-8eba-93b0262aadd5.saas.atlassian.com
United States
239.255.255.250
unknown
Reserved
142.250.181.68
www.google.com
United States

DOM / HTML

URL
Malicious
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true#
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true#
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true#
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true#
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true#
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true#
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true#
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true#
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true#
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true#
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true#
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true#
https://taxprofessionals-status.hostedtax.thomsonreuters.com/?subscription_confirmed=true#
There are 4 hidden doms, click here to show them.