aydhapptendi398met.office-on-the.net Open in urlscan Pro
45.86.86.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aydhapptendi398met.office-on-the.net/Regularize-H345B6OI2JNFS23/login.php?hash=0b4d83493865241325bb022c0f6cc53954064f30112b384221a7c2...
Submission Tags: @phish_report
Submission: On November 12 via api (November 12th 2024, 5:08:18 pm UTC) from FI — Scanned from FI

Summary HTTP 3 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 45.86.86.16, located in Chisinau, Moldova and belongs to ALEXHOST, MD. The main domain is aydhapptendi398met.office-on-the.net.
TLS certificate: Issued by R10 on November 6th 2024. Valid for: 3 months.

This is the only time aydhapptendi398met.office-on-the.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	45.86.86.16 45.86.86.16		200019 (ALEXHOST) (ALEXHOST)
3	2

3 45.86.86.16 (Chisinau, Moldova)

ASN200019 (ALEXHOST, MD)
PTR: manel

aydhapptendi398met.office-on-the.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	office-on-the.net aydhapptendi398met.office-on-the.net	195 KB
3	1

	Domain	Requested by
3	aydhapptendi398met.office-on-the.net	aydhapptendi398met.office-on-the.net
3	1

This site contains no links.

Subject Issuer	Validity	Valid
aydhapptendi398met.office-on-the.net R10	`2024-11-06` - `2025-02-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://aydhapptendi398met.office-on-the.net/Regularize-H345B6OI2JNFS23/login.php?hash=0b4d83493865241325bb022c0f6cc53954064f30112b384221a7c2a4e3cbd5e2
Frame ID: 06ADADFEE5B1A263CB9337758EA7B563
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

E-mail UOL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

195 kB
Transfer

387 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.php Show response aydhapptendi398met.office-on-the.net/Regularize-H345B6OI2JNFS23/	223 KB 36 KB	692ms 253ms	Document text/html	45.86.86.16 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://aydhapptendi398met.office-on-the.net/Regularize-H345B6OI2JNFS23/login.php?hash=0b4d83493865241325bb022c0f6cc53954064f30112b384221a7c2a4e3cbd5e2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.86.86.16 Chisinau, Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS manel Software Apache/2.4.29 (Ubuntu) / Resource Hash `0a4db20f669b0c7817b481e67f2a319d5b6c7f3933c1d62d4a1eab18eabc6e6f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers Connection Keep-Alive Content-Encoding gzip Content-Length 36124 Content-Type text/html; charset=UTF-8 Date Tue, 12 Nov 2024 17:08:14 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b75d97768deedde2829838149f82856789465d957771f78e54644a876626d262` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer Response headers Content-Type image/png
GET H/1.1	200 OK	uol-text-regular.woff2 aydhapptendi398met.office-on-the.net/Regularize-H345B6OI2JNFS23/fonts/	26 KB 26 KB	162ms 162ms	Font application/octet-stream	45.86.86.16 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://aydhapptendi398met.office-on-the.net/Regularize-H345B6OI2JNFS23/fonts/uol-text-regular.woff2 Requested by Host: aydhapptendi398met.office-on-the.net URL: https://aydhapptendi398met.office-on-the.net/Regularize-H345B6OI2JNFS23/login.php?hash=0b4d83493865241325bb022c0f6cc53954064f30112b384221a7c2a4e3cbd5e2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.86.86.16 Chisinau, Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS manel Software Apache/2.4.29 (Ubuntu) / Resource Hash `c63635ffe1ea1c4731169ccfa13c0499174c7634d264beb4fca4809b7e75c0ee` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://aydhapptendi398met.office-on-the.net Referer https://aydhapptendi398met.office-on-the.net/Regularize-H345B6OI2JNFS23/login.php?hash=0b4d83493865241325bb022c0f6cc53954064f30112b384221a7c2a4e3cbd5e2 Response headers ETag "663f-6239a50374880" Connection Keep-Alive Accept-Ranges bytes Content-Length 26175 Keep-Alive timeout=5, max=99 Date Tue, 12 Nov 2024 17:08:14 GMT Last-Modified Thu, 03 Oct 2024 22:45:38 GMT Server Apache/2.4.29 (Ubuntu)
GET H/1.1	200 OK	favicon.ico aydhapptendi398met.office-on-the.net/Regularize-H345B6OI2JNFS23/img/	133 KB 134 KB	166ms 166ms	Other image/vnd.microsoft.icon	45.86.86.16 ALEXHOST
General Check archive.org Show headers Download Go to Full URL https://aydhapptendi398met.office-on-the.net/Regularize-H345B6OI2JNFS23/img/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.86.86.16 Chisinau, Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS manel Software Apache/2.4.29 (Ubuntu) / Resource Hash `8858dccff58b1764c2f1af0b2d90ecda7f5f9ba0886bab76f9f8522e337d331c` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://aydhapptendi398met.office-on-the.net/Regularize-H345B6OI2JNFS23/login.php?hash=0b4d83493865241325bb022c0f6cc53954064f30112b384221a7c2a4e3cbd5e2 Response headers ETag "2159e-6239a50374880" Connection Keep-Alive Accept-Ranges bytes Content-Length 136606 Keep-Alive timeout=5, max=98 Date Tue, 12 Nov 2024 17:08:14 GMT Last-Modified Thu, 03 Oct 2024 22:45:38 GMT Content-Type image/vnd.microsoft.icon Server Apache/2.4.29 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
intervention	info	URL: https://aydhapptendi398met.office-on-the.net/Regularize-H345B6OI2JNFS23/login.php?hash=0b4d83493865241325bb022c0f6cc53954064f30112b384221a7c2a4e3cbd5e2 Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://aydhapptendi398met.office-on-the.net/Regularize-H345B6OI2JNFS23/fonts/uol-text-regular.woff2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aydhapptendi398met.office-on-the.net
45.86.86.16
0a4db20f669b0c7817b481e67f2a319d5b6c7f3933c1d62d4a1eab18eabc6e6f
8858dccff58b1764c2f1af0b2d90ecda7f5f9ba0886bab76f9f8522e337d331c
b75d97768deedde2829838149f82856789465d957771f78e54644a876626d262
c63635ffe1ea1c4731169ccfa13c0499174c7634d264beb4fca4809b7e75c0ee

aydhapptendi398met.office-on-the.net Open in urlscan Pro 45.86.86.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

195 kBTransfer

387 kBSize

0 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

aydhapptendi398met.office-on-the.net Open in urlscan Pro
45.86.86.16 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

195 kB
Transfer

387 kB
Size

0
Cookies

3 HTTP transactions
1 data transactions