Report Overview

  1. Visited public
    2023-11-19 06:07:04
    Tags
    phishingmicrosoftoutlook
    Submit Tags
  2. URL

    fishnotdead.com/c/asdf/cGF1bC5saW5kZm9yc0BjbGVhcmVzdWx0LmNvbQ==

  3. Finishing URL

    mottolacco.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1wYXVsLmxpbmRmb3JzJTQwY2xlYXJlc3VsdC5jb20mY2xpZW50LXJlcXVlc3QtaWQ9YjliODc5N2MtOWE1Ny02ZmJmLWVhNTItOWRmYmI5YTM2ZTY1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM1OTcwODA4NzY0NDM1MC5mNDk2ZjI1MC1iODYyLTQ5YjItYTQzYS0xZjhjYjZiZDdiNTQmc3RhdGU9RGN0TERzSWdGRUJSMExVNEJKN3ctQTFNbDlJQUxVcEN3ZlFUdHktRGMyZVhFa0x1dzIyZ01FS3NVVTVwYjhHQnN3WlJhZUFadmNsU0E0dk9TSVktU2haUUJmYk1Ma1VURnhzMTB2RUswWDlCVExXX1M1c19wWjJ2YjdncXI2VXR1ZV9IQXlIVk5lenJjZFdUcDc3OUFR

  4. IP / ASN
    162.241.120.242

    #46606 UNIFIEDLAYER-AS-1

    Title
    12uv0lwuu6

  5. Phishing - Microsoft Outlook

Detections
urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
ed06b08c.1266b8dd0c622df28d9af103.workers.devunknown2019-02-082023-11-13 23:55:342023-11-17 15:45:53
mottolacco.comunknownunknownNo dataNo data
outlook.office365.com512005-06-202013-04-11 01:09:242021-03-15 09:11:50
aadcdn.msauth.net14212018-10-252018-11-19 11:50:032023-11-18 05:09:52
aadcdn.msftauthimages.net46222018-11-122019-08-14 20:22:232023-11-18 18:19:17
browser.events.data.microsoft.com2901991-05-022018-05-25 08:23:052023-11-18 18:14:41
challenges.cloudflare.comunknown2009-02-172021-10-20 07:02:032023-11-18 05:09:04
fishnotdead.comunknown2023-08-252023-10-03 07:43:472023-11-17 17:25:45
r4.res.office365.com1802005-06-202017-03-03 13:49:032023-11-18 06:40:06
autologon.microsoftazuread-sso.com15342016-07-222017-01-30 09:17:572023-11-18 16:34:19

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


JavaScript (188)

HTTP Transactions (48)

URLIPResponseSize
fishnotdead.com/c/asdf/cGF1bC5saW5kZm9yc0BjbGVhcmVzdWx0LmNvbQ==
162.241.120.242 0 B
POST ed06b08c.1266b8dd0c622df28d9af103.workers.dev/?qrc=paul.lindfors@clearesult.com
104.21.28.156302 Found0 B
GET mottolacco.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL21vdHRvbGFjY28uY29tIiwiZG9tYWluIjoibW90dG9sYWNjby5jb20iLCJrZXkiOiIwNUFrMjhNVHVaVXIiLCJxcmMiOiJwYXVsLmxpbmRmb3JzQGNsZWFyZXN1bHQuY29tIiwiaWF0IjoxNzAwMzc0MDA4LCJleHAiOjE3MDAzNzQxMjh9.Zok1U2Uaiya0QjU4aEL0leli2rG06FNzNOzbgBtUfJY
5.230.43.202302 Found0 B
GET mottolacco.com/?qrc=paul.lindfors%40clearesult.com
5.230.43.202302 Moved Temporarily0 B
GET mottolacco.com/owa/?login_hint=paul.lindfors%40clearesult.com
5.230.43.202302 Found1.4 kB
GET mottolacco.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
5.230.43.202200 OK20 kB
GET mottolacco.com/aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
5.230.43.202200 OK689 kB
GET mottolacco.com/aadcdn.msftauth.net/~/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
5.230.43.202200 OK17 kB
GET outlook.office365.com/owa/prefetch.aspx
40.101.1.25200 OK1.2 kB
GET r4.res.office365.com/owa/prem/15.20.7002.25/scripts/boot.worldwide.0.mouse.js
23.36.79.11200 OK180 kB
GET r4.res.office365.com/owa/prem/15.20.7002.25/scripts/boot.worldwide.1.mouse.js
23.36.79.11200 OK163 kB
GET r4.res.office365.com/owa/prem/15.20.7002.25/scripts/boot.worldwide.2.mouse.js
23.36.79.11200 OK170 kB
GET r4.res.office365.com/owa/prem/15.20.7002.25/scripts/boot.worldwide.3.mouse.js
23.36.79.11200 OK146 kB
GET r4.res.office365.com/owa/prem/15.20.7002.25/resources/images/0/sprite1.mouse.png
23.36.79.11200 OK132 B
GET r4.res.office365.com/owa/prem/15.20.7002.25/resources/images/0/sprite1.mouse.css
23.36.79.11200 OK288 B
GET mottolacco.com/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
5.230.43.202200 OK3.6 kB
GET mottolacco.com/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
5.230.43.202200 OK2.7 kB
GET r4.res.office365.com/owa/prem/15.20.7002.25/resources/styles/0/boot.worldwide.mouse.css
23.36.79.11200 OK44 kB
GET r4.res.office365.com/owa/prem/15.20.7002.25/resources/styles/fonts/office365icons.woff
23.36.79.11200 OK78 kB
GET r4.res.office365.com/owa/prem/15.20.7002.25/resources/styles/fonts/office365icons.woff
23.36.79.11200 OK78 kB
GET mottolacco.com/aadcdn.msftauth.net/~/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
5.230.43.202200 OK5.1 kB
GET mottolacco.com/aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
5.230.43.202200 OK18 kB
GET mottolacco.com/aadcdn.msftauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
5.230.43.202200 OK1.4 kB
GET mottolacco.com/aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
5.230.43.202200 OK987 B
GET autologon.microsoftazuread-sso.com/clearesult.com/winauth/iframe?client-request-id=b9b8797c-9a57-6fbf-ea52-9dfbb9a36e65&isAdalRequest=False
40.126.53.18200 OK7.2 kB
aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
13.107.213.53 40 kB
aadcdn.msauth.net/ests/2.1/content/cdnbundles/dsso.iframe.min_ola-etxskuesqyfim_hgua2.js
13.107.213.53 4.4 kB
GET aadcdn.msftauthimages.net/dbd5a2dd-dlbfudu3w3lqs2ogetveqgi9qjk03jteqc-bgvolyni/logintenantbranding/0/bannerlogo?ts=636359174080207214
13.107.246.53200 OK6.9 kB
POST mottolacco.com/common/instrumentation/dssostatus
5.230.43.202200 OK265 B
GET aadcdn.msftauthimages.net/dbd5a2dd-dlbfudu3w3lqs2ogetveqgi9qjk03jteqc-bgvolyni/logintenantbranding/0/illustration?ts=636359174064189356
13.107.246.53200 OK432 kB
OPTIONS browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
104.208.16.90200 OK0 B
OPTIONS browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
104.208.16.90200 OK153 B
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/9DKbiDfWH6ZjHxgSNTG3KHa3ucVmP6rj9MHN3bQn2%2BU%3D
104.17.3.184200 OK61 B
GET mottolacco.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_f7b06b70c72b4590b779.js
5.230.43.202200 OK24 kB
GET mottolacco.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_orpt-59zawtpatdv5lgnaa2.js
5.230.43.202200 OK53 kB
GET mottolacco.com/aadcdn.msftauth.net/~/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js
5.230.43.202200 OK190 kB
GET challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
104.17.3.184302 Found34 kB
POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1751027930:1700371577:5ygnByAFNHOf4jPJysADeP-OxYYdsifWP10Wk9gQYoE/828644dc4e1f56b9/a8dda281284b9e1
104.17.3.184200 OK3.6 kB
POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1751027930:1700371577:5ygnByAFNHOf4jPJysADeP-OxYYdsifWP10Wk9gQYoE/828644dc4e1f56b9/a8dda281284b9e1
104.17.3.184200 OK87 kB
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/828644dc4e1f56b9/1700374005533/b4081345b406bcaaa888d9deb9767b833236c9d75337e3ded7a668ba41e54cfe/YWaMTX4NuNz4SJv
104.17.3.184401 Unauthorized1 B
GET mottolacco.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js
5.230.43.202200 OK16 kB
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=828644dc4e1f56b9
104.17.3.184200 OK183 kB
GET challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback
104.17.3.184200 OK34 kB
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/828644dc4e1f56b9/1700374005530/RPi5J609k8unP-H
104.17.3.184200 OK61 B
GET mottolacco.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1wYXVsLmxpbmRmb3JzJTQwY2xlYXJlc3VsdC5jb20mY2xpZW50LXJlcXVlc3QtaWQ9YjliODc5N2MtOWE1Ny02ZmJmLWVhNTItOWRmYmI5YTM2ZTY1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM1OTcwODA4NzY0NDM1MC5mNDk2ZjI1MC1iODYyLTQ5YjItYTQzYS0xZjhjYjZiZDdiNTQmc3RhdGU9RGN0TERzSWdGRUJSMExVNEJKN3ctQTFNbDlJQUxVcEN3ZlFUdHktRGMyZVhFa0x1dzIyZ01FS3NVVTVwYjhHQnN3WlJhZUFadmNsU0E0dk9TSVktU2haUUJmYk1Ma1VURnhzMTB2RUswWDlCVExXX1M1c19wWjJ2YjdncXI2VXR1ZV9IQXlIVk5lenJjZFdUcDc3OUFR
5.230.43.202200 OK40 kB
GET mottolacco.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
5.230.43.202200 OK110 kB
GET ed06b08c.1266b8dd0c622df28d9af103.workers.dev/favicon.ico
104.21.28.156200 OK3.3 kB
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/z5r7t/0x4AAAAAAANE4PoTnaFKKHTX/auto/normal
104.17.3.184200 OK73 kB