Potentially Malicious Activity
mackenziefunds.morningglowrain.de
"The primary reason is a clear brand impersonation and phishing attempt targeting Microsoft credentials. The URL contains parameters indicating a redirect to "office.com" and requests for Microsoft Graph API scopes (mail.read, mail.send), while hosted on the unofficial domain "morningglowrain.de". This pattern is consistent with credential theft phishing."
Note: This finding is based on scans of specific URLs on the domain, not necessarily the root domain itself.
URLert analyzed recent scan activity for mackenziefunds.morningglowrain.de and found 1 result.
| Status | Target URL | Time |
|---|---|---|
| Malicious | https://mackenziefunds.morningglowrain.de/gto4T/?client_i... | 2w ago |
Historical and current IP address mappings for this domain.
| IP Address / Infrastructure | Status | Subdomains | Last Seen |
|---|---|---|---|
CLOUDFLARENET - Cloudflare, Inc. (AS13335) | Active | mackenziefunds.morningglowrain.de | Today |
CLOUDFLARENET - Cloudflare, Inc. (AS13335) | Active | mackenziefunds.morningglowrain.de | Today |
Run a real-time investigation to understand the specific threats on any URL from this domain.
This assessment is based on automated analysis and may not be definitive.
Always verify independently before taking action.
Real experiences from people who visited this domain