Report Overview

  1. Submitted URL

    www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http:aiitpune.com/js/xfsy//b2xpdmVyLmphbnpAYWx1cHJlc3MuY29t&$

  2. IP

    95.215.226.7

    ASN

    #59778 Synextra Limited

  3. Submitted

    2024-04-16 07:03:55

    Access

    public

  4. Website Title

    dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=oliver.janz@alupress.com

  5. Final URL

    dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=oliver.janz@alupress.com

  6. Tags

  7. urlquery detections

    Phishing - Microsoft Outlook

Detections

  2. urlquery

    18

  3. Network Intrusion Detection

    0

  4. Threat Detection Systems

    0

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
aiitpune.comunknown2013-02-062017-08-242024-04-15
challenges.cloudflare.comunknown2009-02-172021-10-202024-04-15
dc3889e1.b24b366159a504c34a2004dc.workers.devunknown2019-02-082024-04-112024-04-15
r4.res.office365.com1802005-06-202017-03-032024-04-15
aadcdn.msftauthimages.net46222018-11-122019-08-142024-04-16
www.goodnewsliverpool.co.ukunknown2013-11-012017-12-112024-03-02
mailfoneuscellular.comunknown2024-01-232024-04-112024-04-12
outlook.office365.com512005-06-202013-04-112021-03-15
autologon.microsoftazuread-sso.com15342016-07-222017-01-302024-04-15
aadcdn.msauth.net14212018-10-252018-11-192024-04-16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


JavaScript (199)

HTTP Transactions (41)

URLIPResponseSize
www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http:aiitpune.com/js/xfsy//b2xpdmVyLmphbnpAYWx1cHJlc3MuY29t&$
95.215.226.7 0 B
www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http%3Aaiitpune.com%2Fjs%2Fxfsy%2F%2Fb2xpdmVyLmphbnpAYWx1cHJlc3MuY29t&%24
95.215.226.7 0 B
www.goodnewsliverpool.co.uk/
95.215.226.7 795 B
aiitpune.com/js/xfsy//b2xpdmVyLmphbnpAYWx1cHJlc3MuY29t
132.148.128.8 269 B
aiitpune.com/js/xfsy/b2xpdmVyLmphbnpAYWx1cHJlc3MuY29t
132.148.128.8 0 B
challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
104.17.3.184 0 B
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1102426274:1713248977:TYE6dpZHPcTDqEPzzNWuaDz-NdbM2ovSlwW-TjRF0As/875250e94a415688/835c5ba42c71700
104.17.3.184 3.2 kB
dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=oliver.janz@alupress.com
172.67.139.22200 OK599 B
mailfoneuscellular.com/?qrc=oliver.janz%40alupress.com
51.161.109.46302 Moved Temporarily0 B
mailfoneuscellular.com/owa/?login_hint=oliver.janz%40alupress.com
51.161.109.46302 Found1.4 kB
mailfoneuscellular.com/?2e3q8az7x=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1vbGl2ZXIuamFueiU0MGFsdXByZXNzLmNvbSZjbGllbnQtcmVxdWVzdC1pZD1mNWEwODA0MC02MzEzLWNkZjQtNWYyZC1iNmY4OTkyZWEzNGYmcHJvdGVjdGVkdG9rZW49dHJ1ZSZjbGFpbXM9JTdiJTIyaWRfdG9rZW4lMjIlM2ElN2IlMjJ4bXNfY2MlMjIlM2ElN2IlMjJ2YWx1ZXMlMjIlM2ElNWIlMjJDUDElMjIlNWQlN2QlN2QlN2Qmbm9uY2U9NjM4NDg4NDc4MTk5ODI3Mzc2LmNiMTljMzhkLTZlZWEtNGM3Ny04ZTczLTY0YjBjMTM4ZjQ0ZSZzdGF0ZT1EY3RORHNJZ0VFQmhzR2R4WmFBZ0UyWllOQjdGVUJ3VlE4RzBfaVNlWGhiZjJ6MHBoQmk2WFNkTmowRHZDSWdBeVlaQVIzVG9kWnB0U0k0dXlqTkhCUWxSRWFOVEhtYVRyS01yQU12LUhzYjJqZU9wdEZ1dTUzdXVyNm1WX09GVlAyTDk3Y0hFOG42dXZHMDZ0ZVVQ
51.161.109.46200 OK23 kB
mailfoneuscellular.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
51.161.109.46200 OK20 kB
mailfoneuscellular.com/aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_xtPRDEy3EhlAdpju-Ah7qw2.js
51.161.109.46200 OK689 kB
outlook.office365.com/owa/prefetch.aspx
40.99.202.34200 OK2.7 kB
r4.res.office365.com/owa/prem/15.20.7452.50/scripts/boot.worldwide.0.mouse.js
23.36.79.10200 OK180 kB
r4.res.office365.com/owa/prem/15.20.7452.50/scripts/boot.worldwide.1.mouse.js
23.36.79.10200 OK163 kB
r4.res.office365.com/owa/prem/15.20.7452.50/scripts/boot.worldwide.2.mouse.js
23.36.79.10200 OK170 kB
mailfoneuscellular.com/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
51.161.109.46200 OK2.7 kB
mailfoneuscellular.com/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
51.161.109.46200 OK3.6 kB
mailfoneuscellular.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
51.161.109.46200 OK183 kB
r4.res.office365.com/owa/prem/15.20.7452.50/resources/images/0/sprite1.mouse.png
23.36.79.10200 OK132 B
r4.res.office365.com/owa/prem/15.20.7452.50/resources/images/0/sprite1.mouse.css
23.36.79.10200 OK288 B
r4.res.office365.com/owa/prem/15.20.7452.50/resources/styles/0/boot.worldwide.mouse.css
23.36.79.10200 OK44 kB
r4.res.office365.com/owa/prem/15.20.7452.50/resources/styles/fonts/office365icons.woff
23.36.79.10200 OK78 kB
autologon.microsoftazuread-sso.com/alupress.com/winauth/iframe?client-request-id=f5a08040-6313-cdf4-5f2d-b6f8992ea34f&isAdalRequest=False
20.190.177.23200 OK7.2 kB
r4.res.office365.com/owa/prem/15.20.7452.50/resources/styles/fonts/office365icons.woff
23.36.79.10200 OK78 kB
mailfoneuscellular.com/aadcdn.msftauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
51.161.109.46200 OK1.4 kB
aadcdn.msauth.net/ests/2.1/content/cdnbundles/dsso.iframe.min_ola-etxskuesqyfim_hgua2.js
13.107.246.53 4.4 kB
aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
13.107.246.53 40 kB
mailfoneuscellular.com/aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
51.161.109.46200 OK18 kB
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=875250e94a415688
104.17.3.184 124 kB
dc3889e1.b24b366159a504c34a2004dc.workers.dev/favicon.ico
172.67.139.22200 OK2.3 kB
mailfoneuscellular.com/common/instrumentation/dssostatus
51.161.109.46200 OK265 B
aadcdn.msftauthimages.net/c1c6b6c8-ii24asg9i29naos22lnajmvnq1capqun39stdvikll4/logintenantbranding/0/bannerlogo?ts=638149006786024499
13.107.246.53200 OK6.3 kB
mailfoneuscellular.com/aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
51.161.109.46200 OK987 B
mailfoneuscellular.com/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL21haWxmb25ldXNjZWxsdWxhci5jb20iLCJkb21haW4iOiJtYWlsZm9uZXVzY2VsbHVsYXIuY29tIiwia2V5IjoiNk42aUZ1NTJqOHo4IiwicXJjIjoib2xpdmVyLmphbnpAYWx1cHJlc3MuY29tIiwiaWF0IjoxNzEzMjUxMDE4LCJleHAiOjE3MTMyNTExMzh9.NHDC7Z_JKuKeJiN12ZTXo41o4-2v_MepblOC_AxsrM8
51.161.109.46302 Found40 kB
mailfoneuscellular.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_pxjdzrjcwtmbr-ntjn_f8q2.js
51.161.109.46200 OK55 kB
r4.res.office365.com/owa/prem/15.20.7452.50/scripts/boot.worldwide.3.mouse.js
23.36.79.10200 OK660 kB
mailfoneuscellular.com/aadcdn.msftauth.net/~/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
51.161.109.46200 OK5.1 kB
mailfoneuscellular.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js
51.161.109.46200 OK16 kB
mailfoneuscellular.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_f7b06b70c72b4590b779.js
51.161.109.46200 OK24 kB