IOC Report
https://u44056869.ct.sendgrid.net/ls/click?upn=u001.nH1ryR-2Btr2av-2Bkfc8quLEXKlGRKFonctFf3nB-2FAP-2Bjae3IsQgCoKtK-2FQ57cEEmmhZzRyd07G16kQ6rsc4EaJT6S7Rh48kOVsBPHV-2Fkkk9Vfz7cojLOCLuj4sUGVMM7pbdmwtinmtiLhfYkhEkgve628OiJsccHyeYc3lkmkn6epsOmmj4-2Fi-2BWjxfm73m7vUzCOGnDWnQJBmmd6DmkDcfIw-3D-3DU_vL_MRfqZW9

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 100
HTML document, ASCII text
downloaded
Chrome Cache Entry: 101
PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 102
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 103
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 104
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 105
HTML document, ASCII text, with very long lines (1048)
dropped
Chrome Cache Entry: 106
PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 107
HTML document, ASCII text, with very long lines (1048)
dropped
Chrome Cache Entry: 108
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 109
ASCII text, with very long lines (65461)
downloaded
Chrome Cache Entry: 110
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 111
ASCII text, with very long lines (45667)
downloaded
Chrome Cache Entry: 112
ASCII text, with very long lines (65447)
downloaded
Chrome Cache Entry: 113
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 114
PNG image data, 84 x 31, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 115
ASCII text, with very long lines (1437), with CRLF line terminators
downloaded
Chrome Cache Entry: 116
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 117
HTML document, ASCII text, with very long lines (1445), with CRLF line terminators
downloaded
Chrome Cache Entry: 118
PNG image data, 1174 x 1108, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 119
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 67
PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 68
PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 69
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 70
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 71
Web Open Font Format, TrueType, length 36696, version 1.0
downloaded
Chrome Cache Entry: 72
JSON data
dropped
Chrome Cache Entry: 73
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 74
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 75
PNG image data, 84 x 31, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 76
HTML document, ASCII text, with very long lines (1048)
downloaded
Chrome Cache Entry: 77
ASCII text, with very long lines (23398), with no line terminators
downloaded
Chrome Cache Entry: 78
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 79
Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
downloaded
Chrome Cache Entry: 80
Web Open Font Format, TrueType, length 35970, version 1.0
downloaded
Chrome Cache Entry: 81
HTML document, ASCII text, with very long lines (59417), with CRLF line terminators
downloaded
Chrome Cache Entry: 82
ASCII text, with very long lines (42414)
downloaded
Chrome Cache Entry: 83
Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
downloaded
Chrome Cache Entry: 84
PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 85
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
downloaded
Chrome Cache Entry: 86
HTML document, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 87
Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
downloaded
Chrome Cache Entry: 88
JSON data
downloaded
Chrome Cache Entry: 89
PNG image data, 1174 x 1108, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 90
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 91
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 92
ASCII text, with very long lines (1222), with no line terminators
downloaded
Chrome Cache Entry: 93
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 94
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 95
PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 96
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 97
Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
downloaded
Chrome Cache Entry: 98
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 99
ASCII text, with very long lines (597)
downloaded
There are 44 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1996,i,18295829002547481321,4121505981409542590,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://u44056869.ct.sendgrid.net/ls/click?upn=u001.nH1ryR-2Btr2av-2Bkfc8quLEXKlGRKFonctFf3nB-2FAP-2Bjae3IsQgCoKtK-2FQ57cEEmmhZzRyd07G16kQ6rsc4EaJT6S7Rh48kOVsBPHV-2Fkkk9Vfz7cojLOCLuj4sUGVMM7pbdmwtinmtiLhfYkhEkgve628OiJsccHyeYc3lkmkn6epsOmmj4-2Fi-2BWjxfm73m7vUzCOGnDWnQJBmmd6DmkDcfIw-3D-3DU_vL_MRfqZW9nS4IDBSHT8MfJfSAq9b0aOVvtJoUhpW1Ga8ePAnfV-2FfXwE0xIGnayeXag21qNKRc5VLcgMkPlIuCBf7Hi8EFUvj1-2FlklJpMLZNx1IQq8eO26tVdmeuxhGn-2B2zjA71oEkiC9pTrxX9Dz-2FMJk8mkJr62ye1KlBo-2B8fxBlVl-2B6T0POpB0GKoibGhcjh4Z-2FnPU453nMAkUkNy65MlaA-3D-3D"

URLs

Name
IP
Malicious
https://u44056869.ct.sendgrid.net/ls/click?upn=u001.nH1ryR-2Btr2av-2Bkfc8quLEXKlGRKFonctFf3nB-2FAP-2Bjae3IsQgCoKtK-2FQ57cEEmmhZzRyd07G16kQ6rsc4EaJT6S7Rh48kOVsBPHV-2Fkkk9Vfz7cojLOCLuj4sUGVMM7pbdmwtinmtiLhfYkhEkgve628OiJsccHyeYc3lkmkn6epsOmmj4-2Fi-2BWjxfm73m7vUzCOGnDWnQJBmmd6DmkDcfIw-3D-3DU_vL_MRfqZW9nS4IDBSHT8MfJfSAq9b0aOVvtJoUhpW1Ga8ePAnfV-2FfXwE0xIGnayeXag21qNKRc5VLcgMkPlIuCBf7Hi8EFUvj1-2FlklJpMLZNx1IQq8eO26tVdmeuxhGn-2B2zjA71oEkiC9pTrxX9Dz-2FMJk8mkJr62ye1KlBo-2B8fxBlVl-2B6T0POpB0GKoibGhcjh4Z-2FnPU453nMAkUkNy65MlaA-3D-3D
malicious
https://o5u7g.zleu9.com/bsqyvqfxmioiirznzcsplwstNStNPZKgUSHSLTOBEDPOGXXHYFBZUHYCLYJNOFMEYDGWGR?SPdroiIMagSCTURiGzFpfnBKPRGIBCHAVPJPKBVOFEBKHGIEVRHWDEV
malicious
https://o5u7g.zleu9.com/bsqyvqfxmioiirznzcsplwstNStNPZKgUSHSLTOBEDPOGXXHYFBZUHYCLYJNOFMEYDGWGR?SPdroiIMagSCTURiGzFpfnBKPRGIBCHAVPJPKBVOFEBKHGIEVRHWDEV#
malicious
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gl5s2/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normal
https://code.jquery.com/jquery-3.6.0.min.js
151.101.66.137
https://o5u7g.zleu9.com/opKtNEkOO9Dn5Z3ieoQTLGfaxj0rEuZ6stDscP1Mf9W3N2jRIwOg7b36f6kef240
172.67.143.205
https://developers.google.com/recaptcha/docs/faq#localhost_support
unknown
https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/forms/845fbd3
unknown
https://o5u7g.zleu9.com/78OF5bqYVtW234tiXjpuv60
172.67.143.205
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8793fe7a3eb209f1/1713939697720/vu_lqyi6eyYTFKi
104.17.2.184
https://support.google.com/recaptcha#6262736
unknown
https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/images/1cf4ec
unknown
https://assets-usa.mkt.dynamics.com/favicon.ico
13.107.246.69
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/862063700:1713935735:n_kDzPRHRfNhpmTiH_iizdB-6K4G1lTc2-dx7iY2jIs/8793fe7a3eb209f1/e5ab976078d7bfd
104.17.2.184
https://o5u7g.zleu9.com/ghNa4wLQP2OPEa9yshBcpr4efS5s5gdiDgklu0B4xFFqbm5P1vQiCliLqsoef210
172.67.143.205
https://o5u7g.zleu9.com/pqp6GRMmyzxSSwx37
172.67.143.205
https://support.google.com/recaptcha/?hl=en#6223828
unknown
https://cloud.google.com/contact
unknown
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/4df527c8-5afd-ee11-9048-000d3a10682d/landingpagefo
unknown
https://o5u7g.zleu9.com/yzDWvxmd4z6t78IC8k0DdMqr41
172.67.143.205
https://o5u7g.zleu9.com/web8socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket
172.67.143.205
https://o5u7g.zleu9.com/O5u7Gw/
https://o5u7g.zleu9.com/eftMAJHTBnysRGQKrxyJ63mOX7yU8KOklytyEGBc4earPa90145
172.67.143.205
https://o5u7g.zleu9.com/uheZ2JNUtohhkJJk2aSnqjTR382vFe5akZBa78xe
172.67.143.205
https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/images/1cf4ecdd-c500-ef11-a1fd-7c1e521c0288?ts=638494003333783206
13.107.246.69
https://a.nel.cloudflare.com/report/v4?s=5O5X6EfqLsJZozrSmIps6OCiBy71mqFGK58Z8g76jsnH3koVfMAUf%2Fz18OES8oq4qcGr1GoqPBnpZzIshA6Sg5mQ7Pa%2FUKg%2Fwhz0fWCyd5FR9%2BDUVnZAkrq5mwU%2BZw%3D%3D
35.190.80.1
https://www.google.com/recaptcha/api.js
142.250.141.105
https://support.google.com/recaptcha/#6175971
unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
104.17.2.184
https://o5u7g.zleu9.com/563KK3u3NwxxyErXHsR6720
172.67.143.205
https://o5u7g.zleu9.com/56uBqa9ykEk4SXxAWkluwOlrHDLqhWH89110
172.67.143.205
https://o5u7g.zleu9.com/uvrv0nvmDOsXHKV34pwPipAsKsHSlDlCvdeuw2pQxymnju5Vc2hvOQdNMRr6sQunMUef253
172.67.143.205
https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288
https://www.google.com/recaptcha/api2/
unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8793fe7a3eb209f1
104.17.2.184
https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288
13.107.246.69
https://u44056869.ct.sendgrid.net/ls/click?upn=u001.nH1ryR-2Btr2av-2Bkfc8quLEXKlGRKFonctFf3nB-2FAP-2Bjae3IsQgCoKtK-2FQ57cEEmmhZzRyd07G16kQ6rsc4EaJT6S7Rh48kOVsBPHV-2Fkkk9Vfz7cojLOCLuj4sUGVMM7pbdmwtinmtiLhfYkhEkgve628OiJsccHyeYc3lkmkn6epsOmmj4-2Fi-2BWjxfm73m7vUzCOGnDWnQJBmmd6DmkDcfIw-3D-3DU_vL_MRfqZW9nS4IDBSHT8MfJfSAq9b0aOVvtJoUhpW1Ga8ePAnfV-2FfXwE0xIGnayeXag21qNKRc5VLcgMkPlIuCBf7Hi8EFUvj1-2FlklJpMLZNx1IQq8eO26tVdmeuxhGn-2B2zjA71oEkiC9pTrxX9Dz-2FMJk8mkJr62ye1KlBo-2B8fxBlVl-2B6T0POpB0GKoibGhcjh4Z-2FnPU453nMAkUkNy65MlaA-3D-3D
167.89.115.54
https://support.google.com/recaptcha
unknown
https://o5u7g.zleu9.com/yz5PZPtwocgsIPZRmHcNESROmn19TJ53vuPbrfs9jTab175
172.67.143.205
https://cloud.google.com/recaptcha-enterprise/billing-information
unknown
https://recaptcha.net
unknown
https://o5u7g.zleu9.com/xydUz5DTJCpqPef27
172.67.143.205
https://www.apache.org/licenses/
unknown
https://o5u7g.zleu9.com/favicon.ico
172.67.143.205
https://o5u7g.zleu9.com/klq2ifsW0HfcmafJUxQT7Luk567iXAtDW7TwsAOhvh4nOXLFVLSfDuv211
172.67.143.205
https://www.gstatic.c..?/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__.
unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8793fe7a3eb209f1/1713939697721/681e541e9a1a67d6e1315c07be63bcb685fe8bd723a5af625b1d726887b549f7/q8iZoGCUAv7fCGs
104.17.2.184
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
unknown
https://o5u7g.zleu9.com/cdymTrOVgnRdYFmBC56gQ4sIcGIV3nkl100
172.67.143.205
https://o5u7g.zleu9.com/23vPcUTsDItyMtMhkOGabvVduvoZpQHvw65
172.67.143.205
https://O5u7G.zleu9.com/O5u7Gw/
unknown
https://play.google.com/log?format=json&hasfast=true
unknown
https://o5u7g.zleu9.com/nmWPBkGJrsuMPxdA2qSyaRhvPyg
172.67.143.205
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
unknown
https://cdn.socket.io/4.6.0/socket.io.min.js
13.226.210.111
https://o5u7g.zleu9.com/O5u7Gw/?j
172.67.143.205
https://o5u7g.zleu9.com/wxWSoCFL9zms6gSg3cOqXHoUWbqrInujjGZw2Rn6TuCvw2G12124
172.67.143.205
https://a.nel.cloudflare.com/report/v4?s=C%2F5Y20FLlb1C9qjojdfXxADbYVDagsxic45f0wa9gLbdQhHDnVbwLmpTIVkB%2BMSQ3tubvN2q9JnJiO7UMlcFehBcuzufmnYpEBEJTNndiMlgG4jA46yCoI79ThovIw%3D%3D
35.190.80.1
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/4df527c8-5afd-ee11-9048-000d3a10682d/landingpageforms/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288
52.146.76.30
https://o5u7g.zleu9.com/klyBe9NSOrY8ZijzQ3s7K3pEH9RWbxIXvopZVhYNMAY8ePNOIX2EwQcv1AjXiyHXEA9yz228
172.67.143.205
https://o5u7g.zleu9.com/rsfAsqHuLsXFgw6UDvoIUuvHOsf7LZhZuT3HwX7S8quvaFmUD9N38UmiF476dNcd194
172.67.143.205
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/4df527c8-5afd-ee11-9048-000d3a10682d/landingpageforms/forms/845fbd3d-a401-ef11-a1fd-7c1e521c0288/visits
52.146.76.30
https://o5u7g.zleu9.com/ijU31uim6UJs1J5Xbuowxt0mAFgOT9UCKlsOPRjhr78169
172.67.143.205
There are 52 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
a.nel.cloudflare.com
35.190.80.1
code.jquery.com
151.101.66.137
d2vgu95hoyrpkh.cloudfront.net
13.226.210.111
part-0041.t-0009.t-msedge.net
13.107.246.69
challenges.cloudflare.com
104.17.2.184
www.google.com
142.250.141.103
prdia888eus0aks.mkt.dynamics.com
52.146.76.30
o5u7g.zleu9.com
172.67.143.205
u44056869.ct.sendgrid.net
167.89.115.54
public-usa.mkt.dynamics.com
unknown
assets-usa.mkt.dynamics.com
unknown
cdn.socket.io
unknown
There are 2 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
13.226.210.111
d2vgu95hoyrpkh.cloudfront.net
United States
13.107.246.69
part-0041.t-0009.t-msedge.net
United States
52.146.76.30
prdia888eus0aks.mkt.dynamics.com
United States
167.89.115.54
u44056869.ct.sendgrid.net
United States
192.168.2.6
unknown
unknown
104.17.3.184
unknown
United States
13.107.213.69
unknown
United States
172.67.143.205
o5u7g.zleu9.com
United States
239.255.255.250
unknown
Reserved
151.101.66.137
code.jquery.com
United States
142.250.141.105
unknown
United States
142.250.141.103
www.google.com
United States
35.190.80.1
a.nel.cloudflare.com
United States
104.17.2.184
challenges.cloudflare.com
United States
There are 4 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
https://o5u7g.zleu9.com/bsqyvqfxmioiirznzcsplwstNStNPZKgUSHSLTOBEDPOGXXHYFBZUHYCLYJNOFMEYDGWGR?SPdroiIMagSCTURiGzFpfnBKPRGIBCHAVPJPKBVOFEBKHGIEVRHWDEV
 malicious
https://o5u7g.zleu9.com/bsqyvqfxmioiirznzcsplwstNStNPZKgUSHSLTOBEDPOGXXHYFBZUHYCLYJNOFMEYDGWGR?SPdroiIMagSCTURiGzFpfnBKPRGIBCHAVPJPKBVOFEBKHGIEVRHWDEV#
 malicious
https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288
https://assets-usa.mkt.dynamics.com/4df527c8-5afd-ee11-9048-000d3a10682d/digitalassets/standaloneforms/845fbd3d-a401-ef11-a1fd-7c1e521c0288
https://o5u7g.zleu9.com/O5u7Gw/
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gl5s2/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normal
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gl5s2/0x4AAAAAAAXj4ylnvzeCbeUc/auto/normal