Report Overview
Visitedpublic
2026-02-18 21:15:21
Submit Tags
openphish
URL
markspro.short.gy/eTbEYo?eta=a@slurpmail.net
Finishing URL
amazonnworld.standard.us-east-1.oortstorages.com/fitsal.vhb?eta=a@slurpmail.net
IP / ASN
91.197.243.143
#16509 AMAZON-02
Title
Webmail Sign-in

Suspicious - Suspicious Javascript code

Detections

urlquery
2
Network Intrusion Detection
1
Threat Detection Systems
12

Host Summary

HostRankRegisteredFirst SeenLast Seen
amazonnworld.standard.us-east-1.oortstorages.com
unknown2025-03-112026-01-072026-02-05
slurpmail.net
unknown2022-07-062022-07-062026-02-18
markspro.short.gy
unknown2021-01-212026-02-182026-02-18
fonts.googleapis.com
3132005-01-252012-05-232026-02-15
t0.gstatic.com
unknown2008-02-112013-05-062026-02-12
www.google.com
221997-09-152015-05-102026-02-15
fonts.gstatic.com
unknown2008-02-112014-04-022026-02-15
cdn.jsdelivr.net
16782012-05-162012-09-302026-02-15
api.ipify.org
81662014-01-052014-10-062026-02-16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
lowClient IP
104.26.13.205
ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI
Threat Detection Systems
Detection SystemIndicatorVerdictAlert
YARAhub by abuse.chamazonnworld.standard.us-east-1.oortstorages.com/fitsal.vhb?eta=a@slurpmail.netmalware
Detects file containing Telegram Bot API
Cloudflare DNSamazonnworld.standard.us-east-1.oortstorages.commalicious
Sinkholed
OpenDNSamazonnworld.standard.us-east-1.oortstorages.comphishing
Phishing Block
DigiCert UltraDNSamazonnworld.standard.us-east-1.oortstorages.commalicious
Sinkholed
Hagezi Threat Feedamazonnworld.standard.us-east-1.oortstorages.commalicious
Sinkholed
DNS4EUamazonnworld.standard.us-east-1.oortstorages.commalicious
Sinkholed
Quad9 DNSamazonnworld.standard.us-east-1.oortstorages.commalicious
Sinkholed
DNS4EUslurpmail.netmalicious
Sinkholed
Hagezi Threat Feedslurpmail.netmalicious
Sinkholed
OpenDNSmarkspro.short.gyphishing
Phishing Block
Hagezi Threat Feedmarkspro.short.gymalicious
Sinkholed
DNS4EUmarkspro.short.gymalicious
Sinkholed

Telegram Bot detected (1)

URL
amazonnworld.standard.us-east-1.oortstorages.com/fitsal.vhb?eta=a@slurpmail.net
IP / ASN
170.106.62.62
#132203 Tencent Building, Kejizhongyi Avenue
Token
6708516191:AAGCJeqoh0Cl2YUOMQ2aIRSdCvKiBI9rTKQ
Bot Overview
User ID6708516191
Usernamearimoney007bot
First Namearimoney07
Last NameN/A
Chat Info
Chat ID-1002146775371
Chat Typechannel
Titlearimoney007
User Count2
Admins2
Pending Msgs0

JavaScript (4)

HTTP Transactions (14)

URLIPResponseSize