ThreatFox IOC Database
You are viewing the ThreatFox database entry for url https://39.99.34.125:8443/lib/v2/wcp-consent.js.
Database Entry
IOC ID: | 1289965 |
---|---|
IOC: | https://39.99.34.125:8443/lib/v2/wcp-consent.js |
IOC Type : | url |
Threat Type : | botnet_cc |
Malware: | Cobalt Strike |
Malware alias: | Agentemis, BEACON, CobaltStrike, cobeacon |
Confidence Level : | Confidence level is high (100%) |
ASN: | AS701 UUNET |
Country: | US |
First seen: | 2024-06-28 08:51:58 UTC |
Last seen: | never |
UUID: | ad720a44-352b-11ef-8261-42010aa4000a |
Reporter | drb_ra |
Reward |
10 credits from Jerome |
Tags: | CobaltStrike cs-watermark-666666666 Hangzhou Alibaba Advertising Co.Ltd. |
drb_ra
Cobalt Strike Server FoundC2: HTTPS @ 39[.]99[.]34[.]125:8443
C2 Server: 39[.]99[.]34[.]125,/lib/v2/wcp-consent[.]js
POST URI: /lib/v2/recaptcha__en[.]js
Country: China
ASN: Hangzhou Alibaba Advertising Co.,Ltd.
Host Header: static[.]microsoft[.]com