IOC Report
https://blgwlnauto.com/kylefax/faxdocuments.html

loading gif

Files

File Path
Type
Category
Malicious
Chrome Cache Entry: 122
HTML document, ASCII text
downloaded
Chrome Cache Entry: 123
JSON data
dropped
Chrome Cache Entry: 124
JSON data
dropped
Chrome Cache Entry: 125
JSON data
dropped
Chrome Cache Entry: 126
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 127
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 128
ASCII text, with very long lines (24745), with no line terminators
dropped
Chrome Cache Entry: 129
JSON data
dropped
Chrome Cache Entry: 130
JSON data
downloaded
Chrome Cache Entry: 131
ASCII text, with very long lines (65448)
downloaded
Chrome Cache Entry: 132
JSON data
downloaded
Chrome Cache Entry: 133
ASCII text, with very long lines (10998)
downloaded
Chrome Cache Entry: 134
ASCII text, with very long lines (19948), with no line terminators
downloaded
Chrome Cache Entry: 135
ASCII text, with very long lines (521)
downloaded
Chrome Cache Entry: 136
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 137
JSON data
dropped
Chrome Cache Entry: 138
JSON data
dropped
Chrome Cache Entry: 139
ASCII text, with very long lines (21229)
downloaded
Chrome Cache Entry: 140
JSON data
downloaded
Chrome Cache Entry: 141
PNG image data, 666 x 87, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 142
PNG image data, 2163 x 1128, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 143
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 144
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 145
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 146
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 147
ASCII text, with very long lines (1297), with no line terminators
downloaded
Chrome Cache Entry: 148
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 149
JSON data
dropped
Chrome Cache Entry: 150
HTML document, ASCII text
downloaded
Chrome Cache Entry: 151
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
downloaded
Chrome Cache Entry: 152
ASCII text, with very long lines (32740)
downloaded
Chrome Cache Entry: 153
JSON data
dropped
Chrome Cache Entry: 154
JSON data
downloaded
Chrome Cache Entry: 155
C source, Unicode text, UTF-8 (with BOM) text, with very long lines (573)
downloaded
Chrome Cache Entry: 156
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 157
ASCII text, with very long lines (1236)
downloaded
Chrome Cache Entry: 158
PNG image data, 311 x 174, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 159
ASCII text, with very long lines (41556)
downloaded
Chrome Cache Entry: 160
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 161
Unicode text, UTF-8 text, with very long lines (41188)
downloaded
Chrome Cache Entry: 162
JSON data
downloaded
Chrome Cache Entry: 163
ASCII text, with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 164
ASCII text, with very long lines (17272)
downloaded
Chrome Cache Entry: 165
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 166
Unicode text, UTF-8 text, with very long lines (12183), with no line terminators
downloaded
Chrome Cache Entry: 167
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 168
HTML document, ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 169
HTML document, ASCII text
dropped
Chrome Cache Entry: 170
HTML document, ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 171
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 172
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 173
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 174
HTML document, ASCII text, with very long lines (394)
downloaded
Chrome Cache Entry: 175
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 176
JSON data
downloaded
Chrome Cache Entry: 177
ASCII text, with very long lines (6371), with no line terminators
downloaded
Chrome Cache Entry: 178
JSON data
dropped
Chrome Cache Entry: 179
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 180
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 181
ASCII text, with very long lines (606)
downloaded
Chrome Cache Entry: 182
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 183
PNG image data, 54 x 54, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 184
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 185
HTML document, ASCII text, with very long lines (815)
downloaded
Chrome Cache Entry: 186
ASCII text, with very long lines (65432)
downloaded
Chrome Cache Entry: 187
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 188
ASCII text, with very long lines (24050)
downloaded
Chrome Cache Entry: 189
HTML document, ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 190
HTML document, Unicode text, UTF-8 text, with very long lines (49854)
downloaded
Chrome Cache Entry: 191
JSON data
downloaded
Chrome Cache Entry: 192
Unicode text, UTF-8 text, with very long lines (51781), with no line terminators
downloaded
Chrome Cache Entry: 193
ASCII text, with very long lines (3138)
downloaded
Chrome Cache Entry: 194
PNG image data, 54 x 54, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 195
ASCII text, with very long lines (6105), with no line terminators
downloaded
Chrome Cache Entry: 196
JSON data
downloaded
Chrome Cache Entry: 197
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 198
JSON data
downloaded
Chrome Cache Entry: 199
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
dropped
Chrome Cache Entry: 200
ASCII text, with very long lines (65451)
downloaded
Chrome Cache Entry: 201
ASCII text, with very long lines (58876), with no line terminators
downloaded
Chrome Cache Entry: 202
ASCII text, with very long lines (1051)
downloaded
Chrome Cache Entry: 203
JSON data
downloaded
Chrome Cache Entry: 204
Unicode text, UTF-8 text, with very long lines (39112), with CRLF line terminators
downloaded
Chrome Cache Entry: 205
ASCII text, with very long lines (5268)
downloaded
Chrome Cache Entry: 206
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 207
PNG image data, 12 x 47, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 208
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 209
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 210
JSON data
downloaded
Chrome Cache Entry: 211
ASCII text, with very long lines (16863), with no line terminators
downloaded
Chrome Cache Entry: 212
RIFF (little-endian) data, Web/P image
downloaded
Chrome Cache Entry: 213
ASCII text, with very long lines (24745), with no line terminators
downloaded
Chrome Cache Entry: 214
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 215
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 216
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 217
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 218
Unicode text, UTF-8 text, with very long lines (59934)
downloaded
Chrome Cache Entry: 219
ASCII text, with very long lines (1888), with no line terminators
downloaded
Chrome Cache Entry: 220
ASCII text, with very long lines (32762)
downloaded
Chrome Cache Entry: 221
Unicode text, UTF-8 text, with very long lines (7554)
downloaded
Chrome Cache Entry: 222
ASCII text, with no line terminators
dropped
Chrome Cache Entry: 223
JSON data
dropped
Chrome Cache Entry: 224
ASCII text, with very long lines (878)
downloaded
Chrome Cache Entry: 225
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 226
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 227
JSON data
dropped
Chrome Cache Entry: 228
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 229
HTML document, ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 230
ASCII text, with very long lines (36393)
downloaded
Chrome Cache Entry: 231
ASCII text, with very long lines (19759), with no line terminators
downloaded
Chrome Cache Entry: 232
PNG image data, 12 x 47, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 233
ASCII text, with very long lines (12331)
downloaded
Chrome Cache Entry: 234
ASCII text, with very long lines (48238)
downloaded
Chrome Cache Entry: 235
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
dropped
There are 105 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2028,i,4502375984620957682,8057564348071720540,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2148 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://blgwlnauto.com/kylefax/faxdocuments.html"

URLs

Name
IP
Malicious
https://blgwlnauto.com/kylefax/faxdocuments.html
malicious
https://blgwlnauto.com/cgi-sys/suspendedpage.cgi
188.114.97.3
 malicious
https://blgwlnauto.com/favicon.ico
188.114.97.3
 malicious
https://blgwlnauto.com/cdn-cgi/styles/cf.errors.css
188.114.97.3
 malicious
https://blgwlnauto.com/kylefax/faxdocuments.html
malicious
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
104.16.80.73
https://stats.g.doubleclick.net/g/collect
unknown
https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1742235788904&uuid=0a782dc0-b1fd-4c2
unknown
https://www.cloudflare.com/page-data/learning/access-management/what-is-identity-and-access-management/page-data.json
104.16.123.96
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=921e850c7c1718c8&lang=auto
104.18.95.41
https://id.rlcdn.com/464526.gif
35.244.174.68
https://www.cloudflare.com/component---src-components-page-page-template-tsx-c7ec2b92ba43b220ad2d.js
104.16.123.96
https://px.ads.linkedin.com/collect/?pid=28851&fmt=gif
unknown
https://cloudflareinc.demdex.net/dest5.html?d_nsid=0
34.242.163.237
https://app.qualified.com/w/1/37pXYrro6wCZbsU7/events/trace
104.18.16.5
https://unctad.org/page/data-protection-and-privacy-legislation-worldwide
unknown
https://ot.www.cloudflare.com/public/vendor/onetrust/scripttemplates/202407.2.0/otBannerSdk.js
104.16.123.96
https://cf-assets.www.cloudflare.com/slt3lc6tev37/6i8d186tH2iueYvgwVRaJf/ab27fd31033bdd31aea69065480
unknown
https://www.cloudflare.com/saas/)
unknown
https://www.cloudflare.com/static/z/i.js
104.16.123.96
https://cdn.bizible.com/u?mapType=ecid&mapValue=8AD56F28618A50850A495FB6%40AdobeOrg_44283745478348705660075396246819360266&_biz_u=7238b984d46a4b61baf5b7f990e552f3&_biz_l=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&_biz_t=1742235789500&_biz_i=What%20is%20a%20phishing%20attack%3F%20%7C%20Cloudflare&_biz_n=1&rnd=459314&cdn_o=a&_biz_z=1742235790618
2.19.11.121
https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_Acti
unknown
https://ws6.qualified.com/cable?wv=9&token=37pXYrro6wCZbsU7&vu=678a6416-aad5-47dc-aa51-22ffa4d8590a&wu=f01c38cf-aa12-4c68-bbdb-ea6cbc9a6e00&ca=2025-03-17T18%3A23%3A09.636Z&tz=America%2FNew_York&bis=5&referrer=https%3A%2F%2Fblgwlnauto.com%2F&pv=1&fv=2025-03-17-6fd1b7ecaa&iml=false&bl=en-US&ic=false
104.18.17.5
https://cf-assets.www.cloudflare.com/slt3lc6tev37/4sfL2iS6H10uq2waT6ehym/ad18b77fa469ce07f23d22e19ab
unknown
https://www.google.com
unknown
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-PGV1K2BN4M&cid=710e171b-0786-42c0-b460-6f82edff68c1&_u=KGDAAEADQAAAAC%7E&z=280957499&slf_rd=1
142.250.186.164
https://pixel.rubiconproject.com/tap.php?nid=5578&put=47eec515-a7c4-4937-ac7a-2d0f766f4868&v=1181926
69.173.144.139
https://www.cloudflare.com/page-data/sq/d/3934964512.json
104.16.123.96
https://challenges.cloudflare.com/turnstile/v0/g/f3b948d8acb8/api.js
104.18.95.41
https://schema.org/FAQPage
unknown
https://cdn.logr-ingest.com/logger-1.min.js
104.21.64.1
https://www.cloudflare.com/page-data/plans/page-data.json
104.16.123.96
https://scout.salesloft.com/i
3.209.97.229
https://cf-assets.www.cloudflare.com/slt3lc6tev37/42XkFj9Uywkm8Jahf62RtP/0563d91cc1fa54da2bf2c50bad8
unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/83j4o/0x4AAAAAAAnv2jFa1hO0Znbl/light/fbE/new/normal/auto/
104.18.95.41
https://tag.demandbase.com/1be41a80498a5b73.min.js
18.245.46.25
https://www.cloudflare.com/learning/access-management/what-is-browser-isolation/
unknown
https://www.google.com/gmp/conversion;
unknown
https://munchkin.marketo.net/munchkin-beta.js
2.23.65.88
https://scout.us4.salesloft.com
unknown
https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-PGV1K2BN4M&cid=710e171b-0786-42c0-b460-6f82edff68c1&_u=KGDAAEADQAAAAC%7E&z=280957499
74.125.71.154
https://713-xsc-918.mktoresp.com/webevents/visitWebPage?_mchNc=1742235790308&_mchCn=&_mchId=713-XSC-918&_mchTk=_mch-cloudflare.com-2c0826d42ca34d316a578bf6c1a6792a&_mchHo=www.cloudflare.com&_mchPo=&_mchRu=%2Flearning%2Faccess-management%2Fphishing-attack%2F&_mchPc=https%3A&_mchVr=164&_mchEcid=8AD56F28618A50850A495FB6%40AdobeOrg%3A6%3A44283745478348705660075396246819360266&_mchHa=&_mchRe=https%3A%2F%2Fblgwlnauto.com%2F&_mchQp=
192.28.144.124
https://cf-assets.www.cloudflare.com/slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264b2c1c/banner-new.png
104.16.123.96
https://www.cloudflare.com/page-data/plans/enterprise/contact/page-data.json
104.16.123.96
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=28851&time=1742235789392&li_adsId=97c07a85-bf50-4699-ad2a-8c0b067f3ba0&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&liSync=true
13.107.42.14
https://api.www.cloudflare.com/api/v1/marketo/form/2459
104.16.123.96
https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=xAXKmsuCtnuUVn-pGy3awxK99KOlYucU68jgGZRiKDJw9yAEhOv7EA==&api-version=v3
108.138.7.51
https://assets.adobedtm.com/f597f8065f97/065ba81630d7/6d3ddf5fffa8/RC55904e5e1abc4d38a5f1ac3dea0edaab-source.min.js
2.19.245.23
https://www.cloudflare.com/img/learning/security/threats/phishing-attack/diagram-phishing-attack.png
104.16.123.96
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/921e850c7c1718c8/1742235790677/8e0f088034263321804c8629fe4ae2c222c64aff3646966b3c99514df7afa38e/QFiFQpYyAiyE39n
104.18.95.41
https://schema.org/Answer
unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1885822282:1742232477:PFI6QdCJRvY1XQ0gqAdOhWIk9BIh1Pakr_3Z5j4OXgc/921e850c7c1718c8/5sdAu.AfeVKw6Y9c5XHECJGrSYluBCENIVT1MOOJc34-1742235788-1.1.1.1-JFanl2ACTzBVjILOpBM6z4.5mTzqRk1t78L9XJoyVhWoCbBonhzPkdLB7QbnXtEI
104.18.95.41
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/921e850c7c1718c8/1742235790678/gfm1BQPql__MuxD
104.18.95.41
https://www.cloudflare.com/a06cff934e9579536ce1c10bad21c1d6d7f63ae0-90484db4602d401d94ca.js
104.16.123.96
https://cf-assets.www.cloudflare.com/slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264
unknown
https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1742235819575&pid=28851&conversionId=20071137
13.107.42.14
https://www.cloudflare.com
unknown
https://analytics.twitter.com/1/i/adsct?bci=4&dv=America%2FNew_York%26en-US%2Cen%26Google%20Inc.%26Win32%26255%261280%261024%264%2624%261280%26984%260%26na&eci=3&event=%7B%7D&event_id=2aa45797-8618-48a9-afcf-60b73c19e526&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e5676468-c608-41bd-8cbf-d9675e39911d&restricted_data_use=restrict_optimization&tw_document_href=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&tw_iframe_status=0&txn_id=nvldc&type=javascript&version=2.3.31
172.66.0.227
https://cf-assets.www.cloudflare.com/slt3lc6tev37/17RhepZZwxiD452Hs0gKFk/5324e2c81dcdef79c74efea2c60
unknown
https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.min.js
2.19.245.23
https://scout-cdn.salesloft.com/sl.js
104.16.71.105
https://cct.google/taggy/agent.js
unknown
https://static.ads-twitter.com/uwt.js
146.75.116.157
https://di.rlcdn.com/710030.gif?pdata=d=desktop,lc=US,ref=blgwlnauto.com
35.244.174.68
https://www.cloudflare.com/5xx-error-landing
unknown
https://www.cloudflare.com/174-242772ef10d8d161ae24.js
104.16.123.96
https://edge.adobedc.net/ee/irl1/v1/interact?configId=715c679b-19c8-4402-8093-423571ad58c4&requestId=82b128ae-2ea9-420e-a0df-55ca5dd7d719
63.140.62.17
https://cdn.bizible.com/xdc.js?_biz_u=7238b984d46a4b61baf5b7f990e552f3&_biz_h=-1777624096&cdn_o=a&jsVer=4.25.02.19
2.19.11.121
https://www.cloudflare.com/static/z/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV2hhdCUyMGlzJTIwYSUyMHBoaXNoaW5nJTIwYXR0YWNrJTNGJTIwJTdDJTIwQ2xvdWRmbGFyZSUyMiUyQyUyMnglMjIlM0EwLjY3NjgxMTEwNjgwNzM0NjglMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTg5NyUyQyUyMmUlMjIlM0ExMjgwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmNsb3VkZmxhcmUuY29tJTJGbGVhcm5pbmclMkZhY2Nlc3MtbWFuYWdlbWVudCUyRnBoaXNoaW5nLWF0dGFjayUyRiUyMiUyQyUyMnIlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmJsZ3dsbmF1dG8uY29tJTJGJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTI0MCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
104.16.123.96
https://developers.marketo.com/MunchkinLicense.pdf
unknown
https://adobedc.demdex.net/ee/v1/identity/acquire?configId=715c679b-19c8-4402-8093-423571ad58c4&requestId=3310612a-d4c7-4eeb-b78f-cf11b9d8d8ca
63.140.62.27
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1
104.18.95.41
https://stats.g.doubleclick.net/g/collect?v=2&
unknown
https://www.cloudflare.com/page-data/app-data.json
104.16.123.96
https://github.com/js-cookie/js-cookie
unknown
https://r.logr-ingest.com/i?a=ykolez%2Fcloudflarecom&r=6-0195a558-5a7c-7120-8dfb-eba38abc4e70&t=261f1060-ee1b-4330-b789-067c384c3d84&s=0&u=fe774ab3-e39f-4821-9e42-601ed80eb9e6&is=1&rs=0%2Cu
104.198.23.205
https://suspended.hawkhost.com/
unknown
https://staging.mrk.cfdata.org/mrk/redwood-blade-repository/
unknown
https://app.qualified.com/w/1/37pXYrro6wCZbsU7/visitor_events
104.18.16.5
https://px.ads.linkedin.com/wa/
13.107.42.14
https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_ActivityMap.min.js
2.19.245.23
https://cf-assets.www.cloudflare.com/slt3lc6tev37/3aiXyraQa82SPHcEOgsxLq/ace1025cc5204f2ca8885646b8b
unknown
https://www.cloudflare.com/cdn-cgi/rum?
104.16.123.96
https://www.cloudflare.com/page-data/sq/d/3199558980.json
104.16.123.96
https://performance.radar.cloudflare.com/beacon.js
104.18.31.78
https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1742235788904&pid=28851&conversionId=13043044&cookiesTest=true
13.107.42.14
https://js.qualified.com
unknown
https://r.logr-ingest.com/i?a=ykolez%2Fcloudflarecom&r=6-0195a558-5a7c-7120-8dfb-eba38abc4e70&t=261f1060-ee1b-4330-b789-067c384c3d84&s=0&rs=0%2Ct&ct=81.22142398828301
104.198.23.205
https://assets.adobedtm.com/f597f8065f97/065ba81630d7/6d3ddf5fffa8/RC392ad6d4bbf94c7283b4eda6cbf689a0-source.min.js
2.19.245.23
https://s.company-target.com/s/sync?exc=lr
34.96.71.22
https://www.cloudflare.com/page-data/learning/access-management/what-is-sase/page-data.json
104.16.123.96
https://assets.adobedtm.com/f597f8065f97/065ba81630d7/launch-efab6d095ce0.js
unknown
https://ot.www.cloudflare.com/public/vendor/onetrust/consent/b1e05d49-f072-4bae-9116-bdb78af15448/b1e05d49-f072-4bae-9116-bdb78af15448.json
104.16.123.96
https://js.qualified.com/qualified.js?token=37pXYrro6wCZbsU7
104.18.16.5
https://www.cloudflare.com/lp/multi-channel-phishing-demo?utm_medium=banner
unknown
https://a.nel.cloudflare.com/report/v4?s=RL%2FAQ1OH9RbHiVP4VTpumM3JQhccKN1kpuw3nSthlvyCInYa12EIODddvdvbvLpXiyDiwcGjP6NHtfxNRNPD%2BNsj3RCLY3haijS4WjTzNFpDc6gtAGV2JXE0aHkTWWxcueXLOZd787I%3D
35.190.80.1
https://www.cloudflare.com/component---src-components-learning-center-templates-learning-center-article-template-tsx-49a0a9ee350debcad655.js
104.16.123.96
https://cf-assets.www.cloudflare.com/slt3lc6tev37/2fMg89go9MegG1EDg39mNy/5a42817cd388ae352f77f56e53b1ff81/card-new.png
104.16.123.96
https://cm.everesttech.net/cm/dd?d_uuid=39417500058995438360778150707161042992
52.16.235.250
https://app.qualified.com
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
blgwlnauto.com
188.114.97.3
 malicious
prod-default.lb.logrocket.network
104.198.23.205
static.cloudflareinsights.com
104.16.80.73
pixel.rubiconproject.net.akadns.net
69.173.144.139
segments.company-target.com
18.245.86.7
scout-cdn.salesloft.com.cdn.cloudflare.net
104.16.71.105
s.dsp-prod.demandbase.com
34.96.71.22
e10776.b.akamaiedge.net
2.23.65.88
scout.us1.salesloft.com
3.209.97.229
adservice.google.com
142.250.185.194
platform.twitter.map.fastly.net
146.75.116.157
stats.g.doubleclick.net
74.125.71.154
ot.www.cloudflare.com
104.16.123.96
l-0005.l-msedge.net
13.107.42.14
tag.demandbase.com
18.245.46.25
t.co
172.66.0.227
performance.radar.cloudflare.com
104.18.31.78
www.google.com
142.250.185.68
demdex.net.ssl.sc.omtrdc.net
63.140.62.27
api.www.cloudflare.com
104.16.123.96
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com
54.194.53.123
partners-1864332697.us-east-1.elb.amazonaws.com
18.213.58.31
cf-assets.www.cloudflare.com
104.16.123.96
id.rlcdn.com
35.244.174.68
tag-logger.demandbase.com
108.138.7.51
a798.dscd.akamai.net
2.19.11.121
a.nel.cloudflare.com
35.190.80.1
s.twitter.com
172.66.0.227
cm.everesttech.net.akadns.net
52.16.235.250
ad.doubleclick.net
142.250.185.230
js.qualified.com
104.18.16.5
ws6.qualified.com
104.18.17.5
ax-0001.ax-msedge.net
150.171.27.10
di.rlcdn.com
35.244.174.68
www.linkedin.com.cdn.cloudflare.net
172.64.146.215
www.cloudflare.com
104.16.123.96
cdn.logr-ingest.com
104.21.64.1
reddit.map.fastly.net
151.101.1.140
dsum-sec.casalemedia.com
104.18.26.193
e7808.dscg.akamaiedge.net
2.19.245.23
challenges.cloudflare.com
104.18.95.41
adobedc.net.ssl.sc.omtrdc.net
63.140.62.17
api.company-target.com
18.66.102.98
analytics.google.com
142.250.185.110
td.doubleclick.net
142.250.186.66
app.qualified.com
104.18.16.5
713-xsc-918.mktoresp.com
192.28.144.124
a1916.dscg2.akamai.net
88.221.110.145
alb.reddit.com
unknown
static.ads-twitter.com
unknown
scout.salesloft.com
unknown
scout-cdn.salesloft.com
unknown
cm.everesttech.net
unknown
adobedc.demdex.net
unknown
s.company-target.com
unknown
assets.adobedtm.com
unknown
pixel.rubiconproject.com
unknown
px.ads.linkedin.com
unknown
munchkin.marketo.net
unknown
r.logr-ingest.com
unknown
partners.tremorhub.com
unknown
cdn.bizibly.com
unknown
cloudflareinc.demdex.net
unknown
cdn.bizible.com
unknown
dpm.demdex.net
unknown
www.linkedin.com
unknown
analytics.twitter.com
unknown
snap.licdn.com
unknown
edge.adobedc.net
unknown
There are 59 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
188.114.97.3
blgwlnauto.com
European Union
malicious
18.66.102.98
api.company-target.com
United States
192.28.144.124
713-xsc-918.mktoresp.com
United States
54.161.194.228
unknown
United States
142.250.185.100
unknown
United States
192.168.2.6
unknown
unknown
104.16.80.73
static.cloudflareinsights.com
United States
104.198.23.205
prod-default.lb.logrocket.network
United States
172.64.146.215
www.linkedin.com.cdn.cloudflare.net
United States
2.19.245.23
e7808.dscg.akamaiedge.net
European Union
108.138.7.82
unknown
United States
35.190.80.1
a.nel.cloudflare.com
United States
104.16.124.96
unknown
United States
162.159.140.229
unknown
United States
69.173.144.165
unknown
United States
142.250.185.68
www.google.com
United States
142.250.184.230
unknown
United States
34.96.71.22
s.dsp-prod.demandbase.com
United States
142.250.184.194
unknown
United States
142.250.185.110
analytics.google.com
United States
104.18.95.41
challenges.cloudflare.com
United States
63.140.62.17
adobedc.net.ssl.sc.omtrdc.net
United States
2.19.11.106
unknown
European Union
13.107.42.14
l-0005.l-msedge.net
United States
104.16.71.105
scout-cdn.salesloft.com.cdn.cloudflare.net
United States
104.18.16.5
js.qualified.com
United States
142.250.185.230
ad.doubleclick.net
United States
34.242.163.237
unknown
United States
142.250.185.194
adservice.google.com
United States
104.18.31.78
performance.radar.cloudflare.com
United States
54.194.53.123
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com
United States
35.244.174.68
id.rlcdn.com
United States
142.250.186.102
unknown
United States
88.221.110.145
a1916.dscg2.akamai.net
European Union
18.66.102.75
unknown
United States
146.75.116.157
platform.twitter.map.fastly.net
Sweden
52.16.235.250
cm.everesttech.net.akadns.net
United States
216.58.212.166
unknown
United States
74.125.71.154
stats.g.doubleclick.net
United States
108.138.7.51
tag-logger.demandbase.com
United States
104.18.94.41
unknown
United States
69.173.144.139
pixel.rubiconproject.net.akadns.net
United States
192.168.2.17
unknown
unknown
104.21.64.1
cdn.logr-ingest.com
United States
142.250.181.230
unknown
United States
63.140.62.27
demdex.net.ssl.sc.omtrdc.net
United States
2.23.65.88
e10776.b.akamaiedge.net
European Union
52.206.41.94
unknown
United States
18.245.46.25
tag.demandbase.com
United States
3.209.97.229
scout.us1.salesloft.com
United States
104.18.27.193
unknown
United States
104.18.26.193
dsum-sec.casalemedia.com
United States
151.101.1.140
reddit.map.fastly.net
United States
2.19.11.121
a798.dscd.akamai.net
European Union
104.18.17.5
ws6.qualified.com
United States
188.114.96.3
unknown
European Union
142.250.186.164
unknown
United States
151.101.129.140
unknown
United States
18.213.58.31
partners-1864332697.us-east-1.elb.amazonaws.com
United States
18.245.86.7
segments.company-target.com
United States
63.35.2.123
unknown
United States
172.66.0.227
t.co
United States
104.16.123.96
ot.www.cloudflare.com
United States
142.250.186.66
td.doubleclick.net
United States
There are 54 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
https://blgwlnauto.com/kylefax/faxdocuments.html
 malicious
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://www.cloudflare.com/learning/access-management/phishing-attack/
https://www.cloudflare.com/learning/access-management/phishing-attack/
There are 5 hidden doms, click here to show them.