Report Overview

  1. Visited public
    2023-11-13 19:46:28
    Tags
  2. URL

    r20.rs6.net/tn.jsp?f=001sWVH5o0uPHMl--qomMp5XoTlxgoJPeNIcMvx8-SNAi72c_GA9ZIJo7XEQneKK_zIp2bCOOduVmc9f9X_aaFV_iFO5R8U69g4J9M76ryIa57utigVFC3EfRK5YMwtbJgr8wgNNhwd06eBH09GcGaIrawb110dAWhcF4nVUS2q42b7fNblQVAS1kDZ9XSYUL-i&c=R4aSCs_t9Sh6JU7MUbXHzAKDFzEdfKrO4z-Bs91a4Nv76gBC8Nn7YQ==&ch=q4VLcvt1mwQQroLrJZ2MrE5bi_iXMjBesPsVGjw3M9QEdLpkwzu0jg===&__=/o/d2VzLnRyZWVjZUB3ZWxsc2ZhcmdvLmNvbQ==

  3. Finishing URL

    shttps-tech.pw/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD13ZXMudHJlZWNlJTQwd2VsbHNmYXJnby5jb20mY2xpZW50LXJlcXVlc3QtaWQ9ZmYwN2QzMTMtYTdmOC03MzJhLWMzYWMtMWYyM2FhZDE1ZDcxJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM1NTAxNTc3MzcwMTk3NS5hZTYzZWY0Yi0wOGMyLTQ0NzUtYjI2My1hNWY2ZDk0NTZkM2Ymc3RhdGU9RGN0QkRvTWdFRUJSYU1fU1hVRjBtQmxkTkQxS2d6aFlFeXFKbW5EOXNuaF85N1ZTNnQ3Y0d1MWFGQk9NZ09oNlpBWjJfY1JvZ3hCSThyTnhZeHlNOTR4bUhnaE13RVRMNUpFV1NMcTl6NjdVMEwxeldiZjk4OTMyNjFYbHROY2hFdVhoWFpXY3p4U090ZGhZZm44

  4. IP / ASN
    208.75.122.11

    #40444 ASN-CC

    Title
    xk9nu85236

  5. Phishing - Microsoft Outlook

Detections
urlquery
2
Network Intrusion Detection
21
Threat Detection Systems
0

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
aecommrcs.comunknown2023-11-132023-11-13 12:01:132023-11-13 12:01:40
shttps-tech.pwunknownunknownNo dataNo data
autologon.microsoftazuread-sso.com15342016-07-222017-01-30 09:17:572023-11-13 11:21:40
aadcdn.msauthimages.net47952018-11-122019-08-14 20:34:062023-11-13 05:10:18
outlook.office365.com512005-06-202013-04-11 01:09:242021-03-15 09:11:50
r20.rs6.net67352001-12-212014-04-18 19:30:062023-11-13 11:08:23
challenges.cloudflare.comunknown2009-02-172021-10-20 07:02:032023-11-13 05:10:12
shttps-redr.pwunknownunknownNo dataNo data
r4.res.office365.com1802005-06-202017-03-03 13:49:032023-11-13 11:21:39
aadcdn.msauth.net14212018-10-252018-11-19 11:50:032023-11-13 05:10:30

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile
mediumClient IPInternal IP
ET DNS Query to a *.pw domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


JavaScript (187)

HTTP Transactions (56)

URLIPResponseSize
r20.rs6.net/tn.jsp?f=001sWVH5o0uPHMl--qomMp5XoTlxgoJPeNIcMvx8-SNAi72c_GA9ZIJo7XEQneKK_zIp2bCOOduVmc9f9X_aaFV_iFO5R8U69g4J9M76ryIa57utigVFC3EfRK5YMwtbJgr8wgNNhwd06eBH09GcGaIrawb110dAWhcF4nVUS2q42b7fNblQVAS1kDZ9XSYUL-i&c=R4aSCs_t9Sh6JU7MUbXHzAKDFzEdfKrO4z-Bs91a4Nv76gBC8Nn7YQ==&ch=q4VLcvt1mwQQroLrJZ2MrE5bi_iXMjBesPsVGjw3M9QEdLpkwzu0jg===&__=/o/d2VzLnRyZWVjZUB3ZWxsc2ZhcmdvLmNvbQ==
208.75.122.11 0 B
aecommrcs.com/RHYeKSmhCoaNJAjbUTLrznfyDFsdWG//o/d2VzLnRyZWVjZUB3ZWxsc2ZhcmdvLmNvbQ==
104.21.43.58 7.6 kB
aecommrcs.com/cdn-cgi/styles/challenges.css
104.21.43.58 2.6 kB
aecommrcs.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=825984e15c1556cb
104.21.43.58 55 kB
aecommrcs.com/favicon.ico
104.21.43.58 238 B
aecommrcs.com/favicon.ico
104.21.43.58 238 B
challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit
104.17.3.184 21 kB
aecommrcs.com/cdn-cgi/challenge-platform/h/g/flow/ov1/752099394:1699903326:P1SYYfe3nL__m73CVV9MlVbX1uTDOczFneM10ot5Q4o/825984e15c1556cb/a6f9bad7769b9fd
104.21.43.58 2.5 kB
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t2m1q/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
104.17.3.184 80 kB
shttps-redr.pw/?maqdobld&qrc=wes.treece@wellsfargo.com
167.99.131.232302 Found0 B
shttps-redr.pw/?maqdobld=7103507f01dd18cc7eebce987cb3319ecc80f70b5b2b34177821d5c463798b459a4af2efdf78ce9c2bfcae8d062cfe6abbbb8466058215943c48773983ebdc68&qrc=wes.treece%40wellsfargo.com
167.99.131.232302 Found3.3 kB
shttps-redr.pw/favicon.ico
167.99.131.232500 Internal Server Error22 B
shttps-redr.pw/?maqdobld=7103507f01dd18cc7eebce987cb3319ecc80f70b5b2b34177821d5c463798b459a4af2efdf78ce9c2bfcae8d062cfe6abbbb8466058215943c48773983ebdc68&qrc=wes.treece%40wellsfargo.com
167.99.131.232302 Found0 B
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/825985044c32b4ed/1699904774206/KgKHLNXR1JwwAcz
104.17.3.184200 OK61 B
shttps-tech.pw/__//?ste=ygu.vtggeg%40ygnnuhctiq.eqo
167.99.131.232302 Moved Temporarily0 B
shttps-tech.pw/owa/?login_hint=wes.treece%40wellsfargo.com
167.99.131.232302 Found1.4 kB
shttps-tech.pw/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
167.99.131.232200 OK20 kB
shttps-tech.pw/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
167.99.131.232200 OK689 kB
shttps-tech.pw/aadcdn.msauth.net/~/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
167.99.131.232200 OK17 kB
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/991674611:1699903244:4MJZnIAJI43WH6A2hEGe_s-OcD38XcDVDarjJhwnbcM/825984e46aa356a8/9b5f7bbf7da9689
104.17.3.184 84 kB
shttps-tech.pw/aadcdn.msauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
167.99.131.232200 OK3.6 kB
shttps-tech.pw/aadcdn.msauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
167.99.131.232200 OK2.7 kB
r4.res.office365.com/owa/prem/15.20.6977.31/scripts/boot.worldwide.0.mouse.js
23.36.79.11200 OK180 kB
r4.res.office365.com/owa/prem/15.20.6977.31/scripts/boot.worldwide.1.mouse.js
23.36.79.11200 OK163 kB
r4.res.office365.com/owa/prem/15.20.6977.31/scripts/boot.worldwide.2.mouse.js
23.36.79.11200 OK170 kB
shttps-tech.pw/aadcdn.msauth.net/~/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
167.99.131.232200 OK987 B
r4.res.office365.com/owa/prem/15.20.6977.31/scripts/boot.worldwide.3.mouse.js
23.36.79.11200 OK146 kB
shttps-tech.pw/aadcdn.msauth.net/~/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
167.99.131.232200 OK5.1 kB
shttps-tech.pw/aadcdn.msauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
167.99.131.232200 OK1.4 kB
r4.res.office365.com/owa/prem/15.20.6977.31/resources/images/0/sprite1.mouse.png
23.36.79.11200 OK132 B
shttps-tech.pw/aadcdn.msauth.net/~/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
167.99.131.232200 OK18 kB
r4.res.office365.com/owa/prem/15.20.6977.31/resources/images/0/sprite1.mouse.css
23.36.79.11200 OK288 B
r4.res.office365.com/owa/prem/15.20.6977.31/resources/styles/0/boot.worldwide.mouse.css
23.36.79.11200 OK44 kB
r4.res.office365.com/owa/prem/15.20.6977.31/resources/styles/fonts/office365icons.woff
23.36.79.11200 OK78 kB
r4.res.office365.com/owa/prem/15.20.6977.31/resources/styles/fonts/office365icons.woff
23.36.79.11200 OK78 kB
autologon.microsoftazuread-sso.com/wellsfargo.com/winauth/iframe?client-request-id=ff07d313-a7f8-732a-c3ac-1f23aad15d71&isAdalRequest=False
20.190.177.22200 OK7.2 kB
aadcdn.msauth.net/ests/2.1/content/cdnbundles/dsso.iframe.min_ola-etxskuesqyfim_hgua2.js
13.107.246.53 4.4 kB
aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
13.107.246.53 40 kB
shttps-tech.pw/common/instrumentation/dssostatus
167.99.131.232200 OK265 B
aadcdn.msauthimages.net/dbd5a2dd-vhy-21yov26emrx2fdnlcusl-zih4cbmaxzya2xhhsu/logintenantbranding/0/bannerlogo?ts=637061848620069316
152.199.23.72200 OK8.9 kB
aadcdn.msauthimages.net/dbd5a2dd-vhy-21yov26emrx2fdnlcusl-zih4cbmaxzya2xhhsu/logintenantbranding/0/illustration?ts=637257814362511019
152.199.23.72200 OK113 kB
shttps-tech.pw/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_orpt-59zawtpatdv5lgnaa2.js
167.99.131.232200 OK53 kB
shttps-tech.pw/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
167.99.131.232200 OK110 kB
shttps-tech.pw/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_f7b06b70c72b4590b779.js
167.99.131.232200 OK24 kB
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/qduir/0x4AAAAAAANEEGRQ_vEDdVPL/auto/normal
104.17.3.184200 OK73 kB
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/113622715:1699903506:rK73SjfQkWGXhLFXHoeH3CNJyGz6aUNJYkzmQ_Ca9A4/825985044c32b4ed/18720d7f9844838
104.17.3.184200 OK90 kB
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/825985044c32b4ed/1699904774208/607d1466448bf0c9a99a5be7111f83ab0bb4a14b95daed88b153ea5062d5cf43/B8YNLLs4n-WFrZ0
104.17.3.184401 Unauthorized1 B
shttps-tech.pw/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD13ZXMudHJlZWNlJTQwd2VsbHNmYXJnby5jb20mY2xpZW50LXJlcXVlc3QtaWQ9ZmYwN2QzMTMtYTdmOC03MzJhLWMzYWMtMWYyM2FhZDE1ZDcxJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM1NTAxNTc3MzcwMTk3NS5hZTYzZWY0Yi0wOGMyLTQ0NzUtYjI2My1hNWY2ZDk0NTZkM2Ymc3RhdGU9RGN0QkRvTWdFRUJSYU1fU1hVRjBtQmxkTkQxS2d6aFlFeXFKbW5EOXNuaF85N1ZTNnQ3Y0d1MWFGQk9NZ09oNlpBWjJfY1JvZ3hCSThyTnhZeHlNOTR4bUhnaE13RVRMNUpFV1NMcTl6NjdVMEwxeldiZjk4OTMyNjFYbHROY2hFdVhoWFpXY3p4U090ZGhZZm44
167.99.131.232200 OK40 kB
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/113622715:1699903506:rK73SjfQkWGXhLFXHoeH3CNJyGz6aUNJYkzmQ_Ca9A4/825985044c32b4ed/18720d7f9844838
104.17.3.184200 OK3.4 kB
challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback
104.17.3.184200 OK34 kB
challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
104.17.3.184302 Found34 kB
shttps-tech.pw/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3NodHRwcy10ZWNoLnB3IiwiZG9tYWluIjoic2h0dHBzLXRlY2gucHciLCJrZXkiOiJGdjlaajB2cFRvVTIiLCJxcmMiOiJ3ZXMudHJlZWNlQHdlbGxzZmFyZ28uY29tIiwiaWF0IjoxNjk5OTA0Nzc2LCJleHAiOjE2OTk5MDQ4OTZ9.IIMu83tGYBp_o1XQJhWZX2gOd4XrNiOkXL1gbfo_e9s
167.99.131.232302 Found40 kB
shttps-tech.pw/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js
167.99.131.232200 OK16 kB
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/9DKbiDfWH6ZjHxgSNTG3KHa3ucVmP6rj9MHN3bQn2%2BU%3D
104.17.3.184200 OK61 B
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=825985044c32b4ed
104.17.3.184200 OK179 kB
outlook.office365.com/owa/prefetch.aspx
52.98.228.210200 OK2.7 kB