Report - oikjnv.tqgqnobicky.ru/5b4MHEwfyfY@iEmO/$jgomez@slurpmail.net

Report Overview

Visitedpublic

2025-08-21 12:52:56

Tags

microsoft phishing suspicious tycoon aitm

Submit Tags

URL

oikjnv.tqgqnobicky.ru/5b4MHEwfyfY@iEmO/$jgomez@slurpmail.net

Finishing URL

oikjnv.tqgqnobicky.ru/2croi74efi9dy4?id=d0d474867a928f36d49cfc33-de65c49df1708-c874d14fb-ef34b916973b780-a31379627b3e-1c3a9213baffab7-43eac0580-40247f73f3b3689-ff71d42f6d0-52013ffd-789514ab61b5e6-adca99a81bb896d-501b7969704f-21f928533dbb38d4

IP / ASN

104.21.96.1

#13335 CLOUDFLARENET

Title

Login To Your Secure Account

Phishing - Microsoft

Suspicious - Anti-debugging code

Phishing - Tycoon Phishing Kit

Detections

urlquery

4

Network Intrusion Detection

1

Threat Detection Systems

1

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
github.com	40	2007-10-09	2016-07-13	2025-08-20	460 B	15 kB	140.82.121.4
challenges.cloudflare.com	11393	2009-02-17	2021-10-20	2025-08-20	7.2 kB	599 kB	104.18.95.41
iavuj.stadrourea.ru	unknown	unknown	No data	No data	462 B	578 B	104.21.48.1
release-assets.githubusercontent.com	67648	2014-02-06	2025-05-11	2025-08-20	1.3 kB	11 kB	185.199.110.133
cdn.jsdelivr.net	1678	2012-05-16	2012-09-30	2025-08-20	452 B	5.9 kB	104.16.174.226
oikjnv.tqgqnobicky.ru	unknown	2025-07-30	2025-08-21	2025-08-21	39 kB	1.0 MB	104.21.80.1
ok4static.oktacdn.com	150296	2014-11-11	2018-06-15	2025-08-20	2.0 kB	268 kB	3.167.2.106
cdnjs.cloudflare.com	1222	2009-02-17	2012-05-23	2025-08-20	4.6 kB	332 kB	104.17.25.14
code.jquery.com	4915	2005-12-10	2012-05-21	2025-08-20	1.3 kB	270 kB	151.101.2.137
get.geojs.io	99948	2017-02-18	2017-03-30	2025-08-14	998 B	2.4 kB	172.67.70.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-08-21 12:52:45	medium	Client IP	172.67.70.233	ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI

Threat Detection Systems

Detection System	Indicator	Verdict	Alert
Nextron YARA rules	oikjnv.tqgqnobicky.ru/2croi74efi9dy4?id=d0d474867a928f36d49cfc33-de65c49df1708-c874d14fb-ef34b916973b780-a31379627b3e-1c3a9213baffab7-43eac0580-40247f73f3b3689-ff71d42f6d0-52013ffd-789514ab61b5e6-adca99a81bb896d-501b7969704f-21f928533dbb38d4	malware	Detects hex encoded code that has been base64 encoded

JavaScript (183)

	HASH	FROM	Size	First Seen	Last Seen
	086707e4369f60afedcafb16050a7618	DocumentWrite	39 B	2023-03-07	2025-08-21
Introduced by DocumentWrite First Seen 2023-03-07 Last Seen 2025-08-21 Times Seen 146256 Size 39 B (39 bytes) MD5 086707e4369f60afedcafb16050a7618 SHA1 8216b0cc6876cbd44f01c158e7dff3833ceccd41 SHA256 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Format Code Loading...

	62af9f7a01c8320d748d196a7ebb0376	DocumentWrite	38 kB	2025-08-21	2025-08-21
Introduced by DocumentWrite First Seen 2025-08-21 Last Seen 2025-08-21 Times Seen 1 Size 38 kB (38261 bytes) MD5 62af9f7a01c8320d748d196a7ebb0376 SHA1 0652a2f0b98e6e34497289f19169b52120594b89 SHA256 a1e15bcf1cbed96368dd053571694fbfcd5414b9af1d5e8350d986960f5012df Format Code Loading...

	fa201492b52cd27d93945e5e7f85bda1	DocumentWrite	7.1 kB	2025-08-21	2025-08-21
Introduced by DocumentWrite First Seen 2025-08-21 Last Seen 2025-08-21 Times Seen 1 Size 7.1 kB (7081 bytes) MD5 fa201492b52cd27d93945e5e7f85bda1 SHA1 98f691a844473dff34e99f4ae74568c90bd53361 SHA256 904cf33878969d1d2ed03bebff017c2ec6bda4255ad359fd8c15f84b28c41ba6 Format Code Loading...

	50b79cc5edc5c0fe8779f0b0d208771c	DocumentWrite	247 kB	2025-08-21	2025-08-21
Introduced by DocumentWrite First Seen 2025-08-21 Last Seen 2025-08-21 Times Seen 1 Size 247 kB (246681 bytes) MD5 50b79cc5edc5c0fe8779f0b0d208771c SHA1 21040b3b07eceacf018fef2bbbab243fc4efb492 SHA256 aa107c8e64a9a6ac171fc1c6e8da387ec2bf967be80ff9243199fc5b98062f7c Format Code Loading...

	1bc433c4b16d074027196490decc6ae8	DocumentWrite	131 kB	2025-08-21	2025-08-21
Introduced by DocumentWrite First Seen 2025-08-21 Last Seen 2025-08-21 Times Seen 1 Size 131 kB (131012 bytes) MD5 1bc433c4b16d074027196490decc6ae8 SHA1 cc53a80e6348c0789c5ed0e2d1c26e345edb039e SHA256 80163bcf1c8cb82e25ce574cfd1b76168feb76a8aaf0318c3bfe0a8f956f66bd Format Code Loading...

HTTP Transactions (61)

	URL	IP	Response	Size