IOC Report
https://lokicollective.org/project/

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 56
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 57
HTML document, ASCII text
downloaded
Chrome Cache Entry: 58
ASCII text, with very long lines (390), with no line terminators
downloaded
Chrome Cache Entry: 59
ASCII text, with very long lines (1222), with no line terminators
downloaded
Chrome Cache Entry: 60
ASCII text, with very long lines (2247)
downloaded
Chrome Cache Entry: 61
ASCII text, with very long lines (65465)
downloaded
Chrome Cache Entry: 62
C source, ASCII text, with very long lines (56290)
downloaded
Chrome Cache Entry: 63
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 64
MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors
downloaded
Chrome Cache Entry: 65
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 66
JSON data
dropped
Chrome Cache Entry: 67
ASCII text, with very long lines (597)
downloaded
Chrome Cache Entry: 68
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 69
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 70
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 71
ASCII text, with very long lines (17683)
downloaded
Chrome Cache Entry: 72
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 73
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
downloaded
Chrome Cache Entry: 74
HTML document, ASCII text, with very long lines (619)
downloaded
Chrome Cache Entry: 75
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 76
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 77
ASCII text, with very long lines (56412), with no line terminators
downloaded
Chrome Cache Entry: 78
JSON data
downloaded
Chrome Cache Entry: 79
HTML document, ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 80
ASCII text, with very long lines (2736)
downloaded
Chrome Cache Entry: 81
MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors
dropped
There are 17 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=2168,i,13060034692085098184,4281837526702625336,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://lokicollective.org/project/"

URLs

Name
IP
Malicious
https://lokicollective.org/project/
https://btloader.com/tag?o=5097926782615552&upapi=true
104.22.74.216
https://img1.wsimg.com/parking-lander/static/css/main.8a1d19af.css
unknown
https://img1.wsimg.com/parking-lander/static/js/main.93aa74bd.js
unknown
https://api.btloader.com/mw/state?bt_env=prod
130.211.23.194
https://developers.google.com/recaptcha/docs/faq#localhost_support
unknown
https://syndicatedsearch.goog
unknown
https://lokicollective.org/project/
76.223.67.189
https://www.godaddy.com/domainfind/v1/redirect?key=parkweb
unknown
https://support.google.com/recaptcha#6262736
unknown
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&s=HvyRYTb8JCTIQsjTBmWcfxZwavGlIxZBHYwtWjX603zvKXD_wY85wI_xUZJ9bvr2ySTHHyI_Fj41ha_HbTru4FzDvb6nUcXBIfrGjGh8LOa3GvsH9_G6KGNjRTqL1xJiA4k6bcgCRnxnXJbZWqQLvVTDG-p5hbGniG2FrKKtcxLpMtSjvZJypIG1HN8uuezkjA8Ij7MezmHUz52odH3bTqfkXDX4Lh6V7IWFJs9TCYucM5RVoK768hM9FZIzLNcHZvuKQOn_k4gB6OCLx8sbJ7TzXaY5nAE&cb=o8d72n2u6tuf
https://cloud.google.com/recaptcha-enterprise/billing-information
unknown
https://recaptcha.net
unknown
https://www.apache.org/licenses/
unknown
https://www.godaddy.com/domainfind/v1/redirect?key=parkweb&utm_source=godaddy&utm_medium=parkedpages&utm_campaign=x_dom-broker_parkedpages_x_x_invest_001&tmskey=dpp_dbs&domainToCheck=lokicollective.org&isc=GPPTCOM&itc=parkedpage_landers
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC
142.250.141.105
about:blank
https://www.gstatic.c..?/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__.
unknown
https://support.google.com/recaptcha/?hl=en#6223828
unknown
https://www.google.com/js/bg/6JK7PkhQPjgGeBZqyHKCSWuJKD5ZJmF_kzmP9QlV1DY.js
142.250.141.105
https://cloud.google.com/contact
unknown
https://ad-delivery.net/px.gif?ch=1&e=0.6066674524460127
172.67.69.19
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
unknown
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
142.251.2.148
https://play.google.com/log?format=json&hasfast=true
unknown
https://ad-delivery.net/px.gif?ch=2
172.67.69.19
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
unknown
https://lokicollective.org/lander
https://www.google.com/recaptcha/api.js
142.250.141.105
https://support.google.com/recaptcha/#6175971
unknown
https://www.google.com/recaptcha/api2/bframe?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
https://www.google.com/recaptcha/api2/
unknown
https://api.aws.parking.godaddy.com/v1/parking/landers/lokicollective.org?trafficTarget=reseller&abp=1&gdabp=true
52.32.46.203
https://support.google.com/recaptcha
unknown
https://www.google.com/adsense/domains/caf.js?abp=1&gdabp=true
142.250.141.99
There are 24 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
gddomainparking.com
52.32.46.203
www3.l.google.com
74.125.137.100
api.btloader.com
130.211.23.194
lokicollective.org
76.223.67.189
ad.doubleclick.net
142.251.2.148
www.google.com
142.250.141.106
btloader.com
104.22.74.216
fp2e7a.wpc.phicdn.net
192.229.211.108
ad-delivery.net
172.67.69.19
img1.wsimg.com
unknown
api.aws.parking.godaddy.com
unknown
www.godaddy.com
unknown
www.adsensecustomsearchads.com
unknown
There are 3 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
76.223.67.189
lokicollective.org
United States
142.250.141.99
unknown
United States
172.67.69.19
ad-delivery.net
United States
52.32.46.203
gddomainparking.com
United States
192.168.2.6
unknown
unknown
74.125.137.100
www3.l.google.com
United States
130.211.23.194
api.btloader.com
United States
142.251.2.149
unknown
United States
142.251.2.148
ad.doubleclick.net
United States
239.255.255.250
unknown
Reserved
104.22.74.216
btloader.com
United States
142.250.141.105
unknown
United States
142.250.141.106
www.google.com
United States
There are 3 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
https://lokicollective.org/lander
https://lokicollective.org/lander
https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dlokicollective.org%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301437%252C17301439%252C17301442%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D421713945521519%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713945521522%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26referer%3Dhttps%253A%252F%252Flokicollective.org%252Fproject%252F&q=EgSaEGkkGLT3orEGIjASKWvf3s_h17mP-Uc4UVzAQloNiIqRSy-JFjke5NIPT7PON1RaNAY9q1P-D0LQKt8yAXJKGVNPU
https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadsafe%3Dlow%26adtest%3Doff%26psid%3D7949183650%26pcsa%3Dfalse%26channel%3Dnon-expiry%26domain_name%3Dlokicollective.org%26client%3Ddp-godaddy1_xml%26r%3Dm%26rpbu%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-oo-1885714186540894%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300002%252C17301437%252C17301439%252C17301442%26client_gdprApplies%3D0%26format%3Dr3%26nocache%3D421713945521519%26num%3D0%26output%3Dafd_ads%26v%3D3%26bsl%3D8%26pac%3D2%26u_his%3D1%26u_tz%3D120%26dt%3D1713945521522%26u_w%3D1280%26u_h%3D1024%26biw%3D1280%26bih%3D907%26psw%3D1280%26psh%3D907%26frm%3D0%26uio%3D-%26cont%3DrelatedLinks%26drt%3D0%26jsid%3Dcaf%26nfp%3D1%26jsv%3D625314022%26rurl%3Dhttps%253A%252F%252Flokicollective.org%252Flander%26referer%3Dhttps%253A%252F%252Flokicollective.org%252Fproject%252F&q=EgSaEGkkGLT3orEGIjASKWvf3s_h17mP-Uc4UVzAQloNiIqRSy-JFjke5NIPT7PON1RaNAY9q1P-D0LQKt8yAXJKGVNPU
about:blank
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&s=HvyRYTb8JCTIQsjTBmWcfxZwavGlIxZBHYwtWjX603zvKXD_wY85wI_xUZJ9bvr2ySTHHyI_Fj41ha_HbTru4FzDvb6nUcXBIfrGjGh8LOa3GvsH9_G6KGNjRTqL1xJiA4k6bcgCRnxnXJbZWqQLvVTDG-p5hbGniG2FrKKtcxLpMtSjvZJypIG1HN8uuezkjA8Ij7MezmHUz52odH3bTqfkXDX4Lh6V7IWFJs9TCYucM5RVoK768hM9FZIzLNcHZvuKQOn_k4gB6OCLx8sbJ7TzXaY5nAE&cb=o8d72n2u6tuf
https://www.google.com/recaptcha/api2/bframe?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
https://www.godaddy.com/domainfind/v1/redirect?key=parkweb&utm_source=godaddy&utm_medium=parkedpages&utm_campaign=x_dom-broker_parkedpages_x_x_invest_001&tmskey=dpp_dbs&domainToCheck=lokicollective.org&isc=GPPTCOM&itc=parkedpage_landers