Report Overview
URL
s6kn8968.bumefexu.workers.dev/DnIAzIyN
Finishing URL
s6kn8968.bumefexu.workers.dev/DnIAzIyN
IP / ASN
172.67.145.102
Title
Dev Portal Login
Phishing - Microsoft Outlook
Detections
urlquery
2
Network Intrusion Detection
4
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
challenges.cloudflare.com | 11393 | 2009-02-17 | 2021-10-20 | 2025-11-16 | 6.7 kB | 527 kB | 104.18.94.41 |  |
eu-mobile.events.data.microsoft.com | 3935 | 1991-05-02 | 2021-09-30 | 2025-11-18 | 1.6 kB | 1.7 kB |  20.50.201.195 |  |
provati-insurance.com | unknown | 2009-05-22 | 2025-11-19 | 2025-11-19 | 463 B | 5.6 kB |  103.65.139.90 | |
login.live.com | 179 | 1994-12-28 | 2012-05-21 | 2025-11-17 | 983 B | 5.0 kB |  40.126.53.9 | |
aadcdn.msauth.net | 5248 | 2018-10-25 | 2018-11-19 | 2025-11-17 | 5.2 kB | 1.4 MB |  13.107.246.53 |  |
cdn.jsdelivr.net | 1678 | 2012-05-16 | 2012-09-30 | 2025-11-16 | 456 B | 3.5 kB | 151.101.65.229 | |
s6kn8968.bumefexu.workers.dev 4 alert(s) on this Host | unknown | 2019-02-08 | 2025-11-19 | 2025-11-19 | 3.3 kB | 124 kB | 172.67.145.102 |  |
pub-7fdfab7dc2c34944b7ca30cacec3192f.r2.dev | unknown | 2022-08-23 | 2025-11-19 | 2025-11-19 | 2.4 kB | 188 kB | 104.18.54.45 | |
Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Microsoft HTTPAPI:2.0 (Web servers)
Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.Azure Front Door (Load balancers)
Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.Azure (PaaS)
Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.jsDelivr (CDN)
JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | 172.18.0.24 | 172.67.145.102 | ET INFO Observed Cloudflare workers.dev Domain in TLS SNI | |
| low | 172.18.0.24 | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | 172.18.0.24 | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | 172.18.0.24 | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI |
Threat Detection Systems
No alerts detected
JavaScript (254)
| HASH | FROM | Size | First Seen | Last Seen | |
|---|---|---|---|---|---|
| 086707e4369f60afedcafb16050a7618 | DocumentWrite | 39 B | 2023-03-07 | 2026-04-16 | |
Introduced by DocumentWrite First Seen 2023-03-07 Last Seen 2026-04-16 Times Seen 791122 Size 39 B (39 bytes) MD5 086707e4369f60afedcafb16050a7618 SHA1 8216b0cc6876cbd44f01c158e7dff3833ceccd41 Loading... | |||||
HTTP Transactions (33)
| URL | IP | Response | Size |
|---|