Today while investigating a phishing email I submitted the url to https://urlscan.io
Upon looking at one of the http responses the criminal kindly comment they encoded another URL used in redirection in Base64.
Using CyberChef I was able to decoded these URLs, which also allows me to block them.
Upon looking at one of the http responses the criminal kindly comment they encoded another URL used in redirection in Base64.
Using CyberChef I was able to decoded these URLs, which also allows me to block them.
Comments