Report - assets-apj.mkt.dynamics.com/3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/standaloneforms/e7071954-55ec-ee11-a1fd-6045bd2172c1#redacted@redacted.com

Report Overview

Submitted URL
assets-apj.mkt.dynamics.com/3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/standaloneforms/e7071954-55ec-ee11-a1fd-6045bd2172c1#redacted@redacted.com
IP
13.107.213.53
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2024-03-28 10:37:11
Access
public
Website Title
Outlook Web App
Final URL
new-compliance.b-cdn.net/2resources147.html#redacted@redacted.com
Tags
microsoft phishing
urlquery detections
Phishing - Microsoft

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
assets-apj.mkt.dynamics.com	unknown	1994-04-12	2022-04-01	2024-02-12	1.2 kB	11 kB	13.107.213.53
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-03-28	439 B	32 kB	142.250.74.106
webmail.bourbon-online.com	unknown	2005-02-07	2017-02-06	2024-03-26	1.7 kB	32 kB	40.68.95.2
new-compliance.b-cdn.net	unknown	unknown	No data	No data	1.5 kB	433 kB	89.187.169.39

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	new-compliance.b-cdn.net/2resources147.html#redacted@redacted.com	307 kB	2024-03-14	2024-03-28
Pretty URL new-compliance.b-cdn.net/2resources147.html#redacted@redacted.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-14 05:57:14 Last Seen2024-03-28 11:37:17 Times Seen2 Hash 60c867cc6f86261d08c848a76de34bc7 8c61b782261dad2bf0da78f8a43d47bdef24f8f4 aba16da729b0c6303fb67cf524b9089bd1e1b8ce434d5d2c518ee6a55035a739 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-27 08:21:46 Times Seen139554 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	new-compliance.b-cdn.net/2resources147.html#redacted@redacted.com	122 kB	2024-03-14	2024-03-28
Pretty URL new-compliance.b-cdn.net/2resources147.html#redacted@redacted.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-14 05:57:14 Last Seen2024-03-28 11:37:18 Times Seen2 Hash fa777016e4f7d9162125dfb10997c117 44b0f47446173abb1fa0775b32a51ce3ec760e97 a4b9754480e40f4ae9cb69f798821d6cfa865499af721516fc919933b71cbb3e Loading...

	unknown	34 B	2023-04-11	2024-04-27
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16:40 Last Seen2024-04-27 08:17:48 Times Seen75214 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

		Size	First Seen	Last Seen
	#1 Write - fb9cd9cb9e340e38be05fab2178e62a0	40 kB	2024-03-14	2024-04-27
Pretty Observations First Seen2024-03-14 05:57:14 Last Seen2024-04-27 07:07:37 Times Seen5 Hash fb9cd9cb9e340e38be05fab2178e62a0 67f4666c25f7945e50b9bbcb9be36de0873b4c1d 7dd7018ca1193a47d05f8d3759827773d028b8f0e18677e88ebaf22c9620b087 Loading...

HTTP Transactions (8)

URL IP Response Size

assets-apj.mkt.dynamics.com/3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/standaloneforms/e7071954-55ec-ee11-a1fd-6045bd2172c1

13.107.213.53

491 B

URL
assets-apj.mkt.dynamics.com/3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/standaloneforms/e7071954-55ec-ee11-a1fd-6045bd2172c1
IP
13.107.213.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, ASCII text
Size
491 B (491 bytes)
Hash
584aecfa34358c198f27e173ebfaa385
a611d9687389104db820434e6ffeb55fb4131488
3193c4adc296a9594bce9c8fa20aacfce01026d79d5a23eee49adeb7e26ad5b2

HTTP Headers

GET /3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/standaloneforms/e7071954-55ec-ee11-a1fd-6045bd2172c1 HTTP/1.1
Host: assets-apj.mkt.dynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 10:36:46 GMT
content-type: text/html
content-length: 491
access-control-allow-origin: *
cache-control: public, max-age=900, must-revalidate
x-ms-trace-id: b26b6ffa9c6ff0d6fcd18e68df4c6388
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
x-azure-ref: 20240328T103646Z-7efuu6q5mt33t53zm4z26yf3zw00000002r00000000017ex
x-fd-int-roxy-purgeid: 67825145
x-cache-info: L1_T2
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

assets-apj.mkt.dynamics.com/3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/forms/e7071954-55ec-ee11-a1fd-6045bd2172c1

13.107.213.53

9.8 kB

URL
assets-apj.mkt.dynamics.com/3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/forms/e7071954-55ec-ee11-a1fd-6045bd2172c1
IP
13.107.213.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, ASCII text, with very long lines (1048)
Size
9.8 kB (9763 bytes)
Hash
240cfe7e7e0794dedc59a849a4031e55
a4ca4ad5d871acdd906b0f1caac6946320b2fa4c
ca8a95b9cac79e2cb42cec524535be42acfd67cf7f494201c6795f5d2d0da356

HTTP Headers

GET /3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/forms/e7071954-55ec-ee11-a1fd-6045bd2172c1 HTTP/1.1
Host: assets-apj.mkt.dynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/plain
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://assets-apj.mkt.dynamics.com/3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/standaloneforms/e7071954-55ec-ee11-a1fd-6045bd2172c1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 10:36:47 GMT
content-type: text/html
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=900, must-revalidate
x-ms-trace-id: da95397935efb71c81319348ca0ad564
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
x-azure-ref: 20240328T103647Z-7efuu6q5mt33t53zm4z26yf3zw00000002r00000000017fk
x-fd-int-roxy-purgeid: 67825145
x-cache-info: L1_T2
x-cache: TCP_HIT
content-encoding: br
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://new-compliance.b-cdn.net/2resources147.html#redacted@redacted.com
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new-compliance.b-cdn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Mar 2024 16:27:17 GMT
expires: Wed, 26 Mar 2025 16:27:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 151770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

webmail.bourbon-online.com/owa/14.3.513.0/themes/resources/favicon.ico

40.68.95.2

302 Found

283 B

URL GET HTTP/1.1
webmail.bourbon-online.com/owa/14.3.513.0/themes/resources/favicon.ico
IP
40.68.95.2:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://new-compliance.b-cdn.net/2resources147.html#redacted@redacted.com
Certificate
IssuerGlobalSign nv-sa
Subject*.bourbon-online.com
FingerprintDD:05:12:FD:78:C8:65:A1:61:70:99:C5:2F:3D:1B:D5:88:13:22:6E
ValidityThu, 30 Mar 2023 13:38:32 GMT - Tue, 30 Apr 2024 13:38:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
283 B (283 bytes)
Hash
3118fe47da7f59ed3f952f1054020688
7f2261accf953c38b9389dd4c3be401ef2f5ab05
64304be82c90b33e86841f091bf41dc8620ee94c7594e0356b5072e66eda7d73

HTTP Headers

GET /owa/14.3.513.0/themes/resources/favicon.ico HTTP/1.1
Host: webmail.bourbon-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new-compliance.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Content-Length: 283
Content-Type: text/html; charset=utf-8
Location: https://webmail.bourbon-online.com/owa/auth/logon.aspx?url=https%3a%2f%2fwebmail.bourbon-online.com%2fowa%2f14.3.513.0%2fthemes%2fresources%2ffavicon.ico&reason=0
x-ms-proxy-app-id: 2fae948a-2e1b-443c-a062-e3f3eec07536
x-ms-proxy-group-id: cf763f30-62e8-43e4-b3aa-abc5f7c8224a
x-ms-proxy-subscription-id: d30c28fe-0ba2-40bd-b498-76d8fa33a04d
x-ms-proxy-transaction-id: dafe2766-7f0c-4009-b4b0-46edb4a38a74
x-ms-proxy-service-name: proxy-appproxy-WEUR-AMS02P-2
x-ms-proxy-data-center: WEUR
x-ms-proxy-connector-id: a705a5e9-bb98-4974-9868-bc8c215b2a5f
request-id: 16fcde9c-94f7-4a69-b0b7-407aa9a11488
X-FEServer: MRSEXC11
X-OWA-Version: 15.1.2507.27
X-Powered-By: ASP.NET
Nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.2,"failure_fraction":1.0}
Report-To: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://ffde.nelreports.net/api/report?cat=proxy-appproxy-WEUR-AMS02P-2"}]}
Set-Cookie: AzureAppProxyAnalyticCookie_2fae948a-2e1b-443c-a062-e3f3eec07536_https_1.3=MGD:MIIBwAYJKoZIhvcNAQcDoIIBsTCCAa0CAQIxggEzooIBLwIBBDCB8gRUTAAAAAAAAAABAAAAS0RTSwIAAABqAQAACQAAABoAAACQzkM4rtqVel8AakHaL5XlIAAAAF9keagr6aPKMbkf3M/AiGjHTf8C+LunmZypAPrlgFd0MIGZBgkrBgEEAYI3SgEwgYsGCisGAQQBgjdKAQ0wfTB7MHkMBERTVFMMcWV1cm9wZXdlc3QtZGtkcy5ka2RzLmNvcmUud2luZG93cy5uZXQ7aHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZTtjd2FwcHJveHlka2RzZXVyMAsGCWCGSAFlAwQBLQQo9Ye2AgptSWPFCh2nWxp2dxyzjjIP+K7jLRQdshkh9C3wa6usv7/tNjBxBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDNR0xor15joBe9kVrAIBEIBE4VtPR+R4wKdyHrEBQ+/aNHzn3I7Eq95s+zw/U9wQY+I2l2e3eIt9fvpz4o2u4GQRuD3uvY1UxN88mDFNGkPO43DakGI=; path=/; Secure; SameSite=None
Date: Thu, 28 Mar 2024 10:36:48 GMT

webmail.bourbon-online.com/owa/auth/logon.aspx?url=https%3a%2f%2fwebmail.bourbon-online.com%2fowa%2f14.3.513.0%2fthemes%2fresources%2ffavicon.ico&reason=0

40.68.95.2

200 OK

29 kB

URL GET HTTP/1.1
webmail.bourbon-online.com/owa/auth/logon.aspx?url=https%3a%2f%2fwebmail.bourbon-online.com%2fowa%2f14.3.513.0%2fthemes%2fresources%2ffavicon.ico&reason=0
IP
40.68.95.2:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://new-compliance.b-cdn.net/2resources147.html#redacted@redacted.com
Certificate
IssuerGlobalSign nv-sa
Subject*.bourbon-online.com
FingerprintDD:05:12:FD:78:C8:65:A1:61:70:99:C5:2F:3D:1B:D5:88:13:22:6E
ValidityThu, 30 Mar 2023 13:38:32 GMT - Tue, 30 Apr 2024 13:38:31 GMT

File type
HTML document, ASCII text, with very long lines (1062), with CRLF, LF line terminators
Size
29 kB (28935 bytes)
Hash
144be0fc827716300854860fd56e664b
34f1063bf904acfc1b07d2de51eb47b1bbc51f6d
d15d680942795e12fb5cf4e060bedaca16b3fa6b2052ec2da5ee73619fafb702

HTTP Headers

GET /owa/auth/logon.aspx?url=https%3a%2f%2fwebmail.bourbon-online.com%2fowa%2f14.3.513.0%2fthemes%2fresources%2ffavicon.ico&reason=0 HTTP/1.1
Host: webmail.bourbon-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-compliance.b-cdn.net/
DNT: 1
Connection: keep-alive
Cookie: AzureAppProxyAnalyticCookie_2fae948a-2e1b-443c-a062-e3f3eec07536_https_1.3=MGD:MIIBwAYJKoZIhvcNAQcDoIIBsTCCAa0CAQIxggEzooIBLwIBBDCB8gRUTAAAAAAAAAABAAAAS0RTSwIAAABqAQAACQAAABoAAACQzkM4rtqVel8AakHaL5XlIAAAAF9keagr6aPKMbkf3M/AiGjHTf8C+LunmZypAPrlgFd0MIGZBgkrBgEEAYI3SgEwgYsGCisGAQQBgjdKAQ0wfTB7MHkMBERTVFMMcWV1cm9wZXdlc3QtZGtkcy5ka2RzLmNvcmUud2luZG93cy5uZXQ7aHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZTtjd2FwcHJveHlka2RzZXVyMAsGCWCGSAFlAwQBLQQo9Ye2AgptSWPFCh2nWxp2dxyzjjIP+K7jLRQdshkh9C3wa6usv7/tNjBxBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDNR0xor15joBe9kVrAIBEIBE4VtPR+R4wKdyHrEBQ+/aNHzn3I7Eq95s+zw/U9wQY+I2l2e3eIt9fvpz4o2u4GQRuD3uvY1UxN88mDFNGkPO43DakGI=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 28935
Content-Type: text/html; charset=utf-8
Expires: -1
x-ms-proxy-app-id: 2fae948a-2e1b-443c-a062-e3f3eec07536
x-ms-proxy-group-id: cf763f30-62e8-43e4-b3aa-abc5f7c8224a
x-ms-proxy-subscription-id: d30c28fe-0ba2-40bd-b498-76d8fa33a04d
x-ms-proxy-transaction-id: 6b091b19-ed67-4d29-bef4-5882a8f75f67
x-ms-proxy-service-name: proxy-appproxy-WEUR-AMS02P-2
x-ms-proxy-data-center: WEUR
x-ms-proxy-connector-id: a705a5e9-bb98-4974-9868-bc8c215b2a5f
request-id: 2d2c3a6b-bdb7-45e5-b7f1-99b99c3e16a1
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.2,"failure_fraction":1.0}
Report-To: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://ffde.nelreports.net/api/report?cat=proxy-appproxy-WEUR-AMS02P-2"}]}
Date: Thu, 28 Mar 2024 10:36:48 GMT

new-compliance.b-cdn.net/Outlook%20Web%20App_files/lgnbotr.gif

89.187.169.39

404 Not Found

678 B

URL GET HTTP/2
new-compliance.b-cdn.net/Outlook%20Web%20App_files/lgnbotr.gif
IP
89.187.169.39:443
ASN
#60068 Datacamp Limited

Requested by
https://new-compliance.b-cdn.net/2resources147.html#redacted@redacted.com
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (679), with no line terminators
Size
678 B (678 bytes)
Hash
b48b23014bbda0eeea49d1fa5fbfb166
ce85e4a8f383a8fd65ef0f7c4ca03316dde0e651
b0cddd291a108e0fb202462de262aa03895bd54a25679245586d532fa2a23eee

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Outlook%20Web%20App_files/lgnbotr.gif HTTP/1.1
Host: new-compliance.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new-compliance.b-cdn.net/2resources147.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Thu, 28 Mar 2024 10:36:47 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-755
cdn-pullzone: 2111760
cdn-uid: 9caf5e36-3d37-45d4-b973-6a709e2d62ce
cdn-requestcountrycode: NO
cache-control: no-cache
cdn-storageserver: DE-51
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 404
cdn-cachedat: 03/28/2024 10:36:47
cdn-edgestorageid: 1047
cdn-status: 404
cdn-requestid: 77b9cf45b9f749cefcb72604b0a47271
cdn-cache: MISS
content-encoding: gzip
X-Firefox-Spdy: h2

new-compliance.b-cdn.net/2resources147.html

89.187.169.39

200 OK

430 kB

URL User Request GET HTTP/2
new-compliance.b-cdn.net/2resources147.html
IP
89.187.169.39:443
ASN
#60068 Datacamp Limited

Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (65432)
Size
430 kB (429867 bytes)
Hash
3c215e7849565083ca8b34ebc9290d8a
1f4868ba55db1f6c171ca744c0931ee2258c3456
cf4dfde05d0d871e2ef8485694acdf47c96a6d3a772ff114b52a15fe39b8e081

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /2resources147.html HTTP/1.1
Host: new-compliance.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 10:36:47 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-755
cdn-pullzone: 2111760
cdn-uid: 9caf5e36-3d37-45d4-b973-6a709e2d62ce
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Wed, 27 Mar 2024 15:54:02 GMT
cdn-storageserver: DE-663
cdn-fileserver: 646
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 03/28/2024 09:57:14
cdn-edgestorageid: 1076
cdn-status: 200
cdn-requestid: 13f7694e78a28377318e2355c35c2b2d
cdn-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

new-compliance.b-cdn.net/Outlook%20Web%20App_files/lgnexlogo.gif

89.187.169.39

404 Not Found

678 B

URL GET HTTP/2
new-compliance.b-cdn.net/Outlook%20Web%20App_files/lgnexlogo.gif
IP
89.187.169.39:443
ASN
#60068 Datacamp Limited

Requested by
https://new-compliance.b-cdn.net/2resources147.html#redacted@redacted.com
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (679), with no line terminators
Size
678 B (678 bytes)
Hash
b48b23014bbda0eeea49d1fa5fbfb166
ce85e4a8f383a8fd65ef0f7c4ca03316dde0e651
b0cddd291a108e0fb202462de262aa03895bd54a25679245586d532fa2a23eee

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Outlook%20Web%20App_files/lgnexlogo.gif HTTP/1.1
Host: new-compliance.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new-compliance.b-cdn.net/2resources147.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Thu, 28 Mar 2024 10:36:47 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-755
cdn-pullzone: 2111760
cdn-uid: 9caf5e36-3d37-45d4-b973-6a709e2d62ce
cdn-requestcountrycode: NO
cache-control: no-cache
cdn-storageserver: DE-661
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 404
cdn-cachedat: 03/28/2024 10:36:47
cdn-edgestorageid: 1053
cdn-status: 404
cdn-requestid: 15e9a7f7050b86f6b66cb0833c51e5aa
cdn-cache: MISS
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (8)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN