Report Overview

  1. Visited public
    2023-11-21 07:44:01
  2. URL

    bmwag-rt-prod2-t.campaign.adobe.com/r/?id=h2ccc12b,8d23fb3,492093b&p1=elhamadsteel.com/wp-admin/js/auth/esmjL/YWxiZXJ0b0BlbHphYnVydS5lcw==

  3. Finishing URL

    osnrafbtea.oneswittla.ru/kswqjl/#alberto@elzaburu.es

  4. IP / ASN
    34.254.109.246

    #16509 AMAZON-02

    Title
    Sign in to your Microsoft account
  5. Phishing - Microsoft Outlook

Detections
urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
code.jquery.com6342005-12-102012-05-21 19:28:022023-11-21 05:09:18
osnrafbtea.oneswittla.ruunknown2023-11-012023-11-03 14:57:422023-11-20 18:15:31
aadcdn.msftauth.net14552018-10-252018-11-19 11:50:322023-11-21 05:09:23
adfs.heart.orgunknown1995-01-122016-10-10 20:42:572023-11-20 03:49:53
httpbin.org3529752011-06-122013-07-23 00:01:272023-11-20 07:00:03
cdn.socket.io620682010-04-182015-03-23 23:14:032023-11-19 19:45:11
elhamadsteel.comunknown2019-11-142020-01-28 21:15:482023-11-19 20:58:49
challenges.cloudflare.comunknown2009-02-172021-10-20 07:02:032023-11-21 05:09:18
aadcdn.msauth.net14212018-10-252018-11-19 11:50:032023-11-21 05:09:23
logincdn.msauth.net23302018-10-252019-04-23 03:13:282023-11-20 05:31:50
bmwag-rt-prod2-t.campaign.adobe.comunknown1986-11-172020-10-06 11:33:482023-11-20 05:41:55

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


JavaScript (13)

HTTP Transactions (46)

URLIPResponseSize
bmwag-rt-prod2-t.campaign.adobe.com/r/?id=h2ccc12b,8d23fb3,492093b&p1=elhamadsteel.com/wp-admin/js/auth/esmjL/YWxiZXJ0b0BlbHphYnVydS5lcw==
52.215.148.88 17 B
elhamadsteel.com/wp-admin/js/auth/esmjL/YWxiZXJ0b0BlbHphYnVydS5lcw==
192.185.88.231 0 B
GET code.jquery.com/jquery-3.6.0.min.js
151.101.66.137200 OK31 kB
GET osnrafbtea.oneswittla.ru/web1/assets/fonts/GDSherpa-bold.woff
104.21.17.6200 OK36 kB
GET osnrafbtea.oneswittla.ru/web1/assets/fonts/GDSherpa-regular.woff
104.21.17.6200 OK37 kB
GET osnrafbtea.oneswittla.ru/web1/assets/fonts/GDSherpa-bold.woff2
104.21.17.6200 OK28 kB
GET osnrafbtea.oneswittla.ru/web1/assets/fonts/GDSherpa-regular.woff2
104.21.17.6200 OK29 kB
GET osnrafbtea.oneswittla.ru/web1/assets/css/pages-okta.css?cb=1700552627311
104.21.17.6200 OK0 B
GET osnrafbtea.oneswittla.ru/web1/assets/fonts/GDSherpa-vf2.woff2
104.21.17.6200 OK93 kB
GET osnrafbtea.oneswittla.ru/web1/assets/fonts/GDSherpa-vf.woff2
104.21.17.6200 OK44 kB
GET aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg
152.199.23.37200 OK1.2 kB
GET aadcdn.msftauth.net/shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg
152.199.23.37200 OK190 B
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/82974dbb6cc10b65/1700552626831/eljqDvuj3lRu93U
104.17.3.184 8.5 kB
GET aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
13.107.246.53200 OK673 B
GET osnrafbtea.oneswittla.ru/web1/assets/js/pages-head-web.min.js?cb=1700552627311
104.21.17.6200 OK11 kB
POST osnrafbtea.oneswittla.ru/web1/validatecaptcha
104.21.17.6200 OK751 B
GET osnrafbtea.oneswittla.ru/web1/assets/godaddy-left.png
104.21.17.6200 OK30 kB
GET osnrafbtea.oneswittla.ru/web1/assets/godaddy-microsoftlogo.png
104.21.17.6200 OK71 kB
GET osnrafbtea.oneswittla.ru/web1/assets/officelogo.png
104.21.17.6200 OK1.4 kB
GET adfs.heart.org/adfs/portal/logo/logo.png
69.152.183.140200 OK6.4 kB
GET challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
104.17.3.184302 Found30 kB
GET osnrafbtea.oneswittla.ru/web1/assets/godaddy-logo.png
104.21.17.6200 OK50 kB
osnrafbtea.oneswittla.ru//web1socket/socket.io/?type=User&EIO=4&transport=websocket
104.21.17.6 0 B
GET osnrafbtea.oneswittla.ru/web1/assets/microsoftfavicon.ico
104.21.17.6200 OK919 B
GET httpbin.org/ip
52.20.41.59200 OK31 B
GET cdn.socket.io/4.6.0/socket.io.min.js
143.204.55.40200 OK46 kB
GET aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg
152.199.23.37200 OK7.4 kB
GET osnrafbtea.oneswittla.ru/web1/assets/css/pages-godaddy.css?cb=1700552627311
104.21.17.6200 OK38 kB
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8i7ga/0x4AAAAAAAMj9eiEWzeCaLNQ/auto/normal
104.17.3.184200 OK73 kB
POST osnrafbtea.oneswittla.ru/web1/info
104.21.17.6200 OK36 kB
GET challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?render=explicit
104.17.3.184200 OK34 kB
GET osnrafbtea.oneswittla.ru/web1/assets/pages/104gf8.css?cb=1700552627311
104.21.17.6200 OK1.1 kB
GET osnrafbtea.oneswittla.ru/web1/assets/cloudfavicon.ico
104.21.17.6200 OK34 kB
POST osnrafbtea.oneswittla.ru/web1/info
104.21.17.6200 OK91 B
POST osnrafbtea.oneswittla.ru/web1/info
104.21.17.6200 OK20 B
GET osnrafbtea.oneswittla.ru/web1/assets/back.png
104.21.17.6200 OK231 B
GET osnrafbtea.oneswittla.ru/web1/assets/cloudfavicon.ico
104.21.17.6200 OK34 kB
GET logincdn.msauth.net/shared/1.0/content/images/picker_verify_email_958962caa7cf6b75cd412e9e3b687b22.svg
192.229.221.185200 OK268 B
GET osnrafbtea.oneswittla.ru/kswqjl/
104.21.17.6200 OK115 B
GET osnrafbtea.oneswittla.ru/web1/assets/key.png
104.21.17.6200 OK727 B
GET osnrafbtea.oneswittla.ru//web1socket/socket.io/?type=User&EIO=4&transport=websocket
104.21.17.6101 Switching Protocols0 B
POST osnrafbtea.oneswittla.ru/web1/info
104.21.17.6200 OK1 B
GET osnrafbtea.oneswittla.ru/kswqjl/myscr558155.js
104.21.17.6200 OK28 kB
GET osnrafbtea.oneswittla.ru/web1/assets/css/pages.min.css?cb=1700552627311
104.21.17.6200 OK17 kB
GET osnrafbtea.oneswittla.ru/web1/assets/js/pages-head-top-web.min.js?cb=1700552626312
104.21.17.6200 OK2.4 kB
GET osnrafbtea.oneswittla.ru/web1/assets/js/pages.min.js?cb=1700552627311
104.21.17.6200 OK92 kB