IOC Report
http://msn.com

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jun 17 14:57:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jun 17 14:57:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jun 17 14:57:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jun 17 14:57:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jun 17 14:57:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped

URLs

Name
IP
Malicious
http://msn.com
https://www.msn.com/
http://msn.com/
204.79.197.219
about:blank
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=d7b530a4-7680-4c23-a8bf-c52c121d2e87&scope=User.Read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fstaticsb%2Fstatics%2Flatest%2Fauth%2Fauth-redirect-blank.html&client-request-id=4362c772-8af9-495c-a64f-3fa3e8ba5c49&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=MsPL_NyeFGkcHRF84viDBMtgFCgBjac05sxOU-5fIVw&code_challenge_method=S256&prompt=none&nonce=26820882-70a0-4e61-9463-0baa3817ce36&state=eyJpZCI6Ijk3Y2ZmOWM4LTIzYTgtNGU4MC1iNmU1LWM1OTUzMjI0Y2NlMSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19
https://tsdtocl.com/

Domains

Name
IP
Malicious
s-part-0044.t-0009.fb-t-msedge.net
13.107.253.72
tls13.taboola.map.fastly.net
151.101.129.44
cm.mgid.com
104.19.129.76
api.btloader.com
130.211.23.194
hbx.media.net
23.212.88.20
eu-eb2.3lift.com
76.223.111.18
tsdtocl.com
151.101.1.44
ds-pr-bh.ybp.gysm.yahoodns.net
54.246.18.125
sync.im-apps.net
2.19.97.35
sni1gl.wpc.omegacdn.net
152.199.21.175
www.google.com
142.250.186.164
chidc2.outbrain.org
50.31.142.159
nydc1.outbrain.org
64.202.112.63
ad.doubleclick.net
172.217.16.198
s-part-0017.t-0009.t-msedge.net
13.107.246.45
s-part-0017.t-0009.fb-t-msedge.net
13.107.253.45
lb-sin.mgid.com
172.241.51.69
trace.popin.cc
35.213.89.133
trace.mediago.io
35.208.249.213
ad-delivery.net
104.26.3.70
msn.com
204.79.197.219
sb.scorecardresearch.com
18.239.83.98
prod.appnexus.map.fastly.net
151.101.65.108
btloader.com
104.22.74.216
m.anycast.adnxs.com
185.89.210.20
visitor-fra02.omnitagjs.com
185.255.84.152
ib.anycast.adnxs.com
37.252.173.215
js.monitor.azure.com
unknown
api.taboola.com
unknown
sync.inmobi.com
unknown
c.msn.com
unknown
srtb.msn.com
unknown
deff.nelreports.net
unknown
sync.outbrain.com
unknown
browser.events.data.msn.com
unknown
visitor.omnitagjs.com
unknown
pr-bh.ybp.yahoo.com
unknown
assets.msn.com
unknown
code.yengo.com
unknown
www.msn.com
unknown
acdn.adnxs.com
unknown
aadcdn.msftauth.net
unknown
px.ads.linkedin.com
unknown
m.adnxs.com
unknown
confiant.msn.com
unknown
mem.gfx.ms
unknown
cdn.taboola.com
unknown
ib.adnxs.com
unknown
login.microsoftonline.com
unknown
api.msn.com
unknown
eb2.3lift.com
unknown
There are 41 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
2.18.64.224
unknown
European Union
37.252.171.149
unknown
European Union
13.107.246.45
s-part-0017.t-0009.t-msedge.net
United States
54.229.168.32
unknown
United States
20.190.159.64
unknown
United States
130.211.23.194
api.btloader.com
United States
2.19.97.35
sync.im-apps.net
European Union
20.199.58.43
unknown
United States
2.23.209.181
unknown
European Union
68.219.88.97
unknown
United States
185.89.210.20
m.anycast.adnxs.com
Germany
20.50.80.209
unknown
United States
2.23.209.185
unknown
European Union
2.23.209.140
unknown
European Union
172.217.16.142
unknown
United States
204.79.197.237
unknown
United States
23.212.88.19
unknown
United States
2.23.209.187
unknown
European Union
151.101.193.44
unknown
United States
142.250.186.35
unknown
United States
142.250.186.78
unknown
United States
1.1.1.1
unknown
Australia
20.74.47.205
unknown
United States
2.23.209.45
unknown
European Union
13.107.21.237
unknown
United States
54.246.18.125
ds-pr-bh.ybp.gysm.yahoodns.net
United States
74.125.133.84
unknown
United States
35.213.89.133
trace.popin.cc
United States
151.101.1.44
tsdtocl.com
United States
13.107.42.14
unknown
United States
239.255.255.250
unknown
Reserved
20.190.160.22
unknown
United States
23.212.88.20
hbx.media.net
United States
152.199.21.175
sni1gl.wpc.omegacdn.net
United States
2.18.64.219
unknown
European Union
2.18.64.218
unknown
European Union
172.217.16.198
ad.doubleclick.net
United States