Suspicious

Phishings targeting Microsoft

Suspicious and active websites

Phishings targeting Microsoft

Suspicious and active websites

Active
55
New (7d)
9
Trend (7d)
↑350%
Website
microsoft.com
About
AIEnterprise SSO target. A successful Microsoft 365 / Outlook phish unlocks the mailbox plus downstream business apps via OAuth and is a frequent precursor to BEC fraud.
Hosts
Microsoft Corporation (21) · Amazon.com, Inc. (15) · Wildcard UK Limited (9)
Countries
IrelandIreland (20) · GermanyGermany (15) · United KingdomUnited Kingdom (9)
TLS certs
R13 (18) · Amazon RSA 2048 M02 (11) · ZeroSSL ECC DV SSL CA 2 (6)

Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.

Last check (UTC) First seen (UTC) URL Screenshot Flags Details
2026-06-24 01:30 2026-06-23 22:00
https://layer3-delivery.carpitg.workers.dev/s/xyz?error=login_require…
Screenshot of layer3-delivery.carpitg.workers.dev PhishTank Details
2026-06-24 01:30 2026-06-20 13:00
https://hotmailoutlook2026.iceiy.com/?i=1
Screenshot of hotmailoutlook2026.iceiy.com OpenPhish Details
2026-06-24 01:30 2026-06-19 13:01
https://reactivar-microsoft-mxx.iceiy.com/?i=1
Screenshot of reactivar-microsoft-mxx.iceiy.com OpenPhish urlscan Details
2026-06-24 01:30 2026-06-18 13:02
http://ucrhp.rgva725lyrd.teams-login.xyz/common/oauth2/v2.0/authorize…
Screenshot of ucrhp.rgva725lyrd.teams-login.xyz GSB OpenPhish Details
2026-06-24 01:30 2026-06-18 01:09
https://office365.rricrosoft-offices.org/i/d5089f128403840bf9ce3ef2c1…
Screenshot of office365.rricrosoft-offices.org OpenPhish Details
2026-06-24 01:30 2026-06-18 01:09
https://office365.rricrosoft-offices.org/index/7a6b921f91a04f67a43743…
Screenshot of office365.rricrosoft-offices.org OpenPhish Details
2026-06-24 01:30 2026-06-17 01:06
https://office365.rricrosoft-offices.org/i/df3667320560f4a8a9918ef9f3…
Screenshot of office365.rricrosoft-offices.org OpenPhish Details
2026-06-24 01:30 2026-06-17 01:06
http://microsoft-login.praetoria.fr
Screenshot of microsoft-login.praetoria.fr GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-06-17 01:02
https://office365.rricrosoft-offices.org/home/54f80b9d2ca445ce8bb4682…
Screenshot of office365.rricrosoft-offices.org OpenPhish Details
2026-06-24 01:30 2026-06-16 11:01
https://login.vingroup.work/common/oauth2/v2.0/authorize?client_id=47…
Screenshot of login.vingroup.work PhishTank Details
2026-06-24 01:30 2026-06-12 01:01
http://microsoftweb365.fwh.is
Screenshot of microsoftweb365.fwh.is OpenPhish urlscan Details
2026-06-24 01:30 2026-06-08 13:01
https://programme-hup.m365-microsoft.com/i/d721e212eb3094bfd99c9d047a…
Screenshot of programme-hup.m365-microsoft.com OpenPhish urlscan Details
2026-06-24 01:30 2026-06-08 13:01
https://programme-hup.m365-microsoft.com/home/fe25e4a4bcbe488aa658688…
Screenshot of programme-hup.m365-microsoft.com OpenPhish urlscan Details
2026-06-24 01:30 2026-06-08 03:00
https://office365elementos.fwh.is/?i=1
Screenshot of office365elementos.fwh.is PhishTank urlscan Details
2026-06-24 01:30 2026-06-08 03:00
https://office365elementos.fwh.is
Screenshot of office365elementos.fwh.is PhishTank urlscan Details
2026-06-24 01:30 2026-06-08 01:02
http://office365elementos.fwh.is
Screenshot of office365elementos.fwh.is OpenPhish urlscan Details
2026-06-24 01:30 2026-06-06 11:32
https://onedriveauthorization.pages.dev
Screenshot of onedriveauthorization.pages.dev urlscan Details
2026-06-24 01:30 2026-06-06 01:02
http://security.m365-microsoft.com/i/d51ee024a6cb3468996ec7c9307051d1d
Screenshot of security.m365-microsoft.com OpenPhish urlscan Details
2026-06-24 01:30 2026-06-06 01:01
http://security.m365-microsoft.com/page/15c1364653564f01a02719dced389…
Screenshot of security.m365-microsoft.com OpenPhish urlscan Details
2026-06-24 01:30 2026-05-31 01:01
https://microsoftquarantine.authorised-support.com/login/review/wjy99…
Screenshot of microsoftquarantine.authorised-support.com GSB OpenPhish Details
2026-06-24 01:30 2026-05-27 13:00
http://reactivar-microsoft-365.iceiy.com
Screenshot of reactivar-microsoft-365.iceiy.com OpenPhish urlscan Details
2026-06-24 01:30 2026-05-22 01:01
https://teresaardley.github.io/adobe.comaccess-onedrive-files.html
Screenshot of teresaardley.github.io GSB OpenPhish Details
2026-06-24 01:30 2026-05-15 13:01
https://microsoft.authorised-support.com/new-account/eozafbyj1bjlmguf…
Screenshot of microsoft.authorised-support.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-05-15 13:01
http://reactivar-outlook365.iceiy.com
Screenshot of reactivar-outlook365.iceiy.com OpenPhish Details
2026-06-24 01:30 2026-05-13 13:05
https://microsoft.account.trustedentity.com/http/microsoft.authorised…
Screenshot of microsoft.account.trustedentity.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-05-12 13:02
https://microsoftquarantine.authorised-support.com/login/review/wjy99…
Screenshot of microsoftquarantine.authorised-support.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-05-12 01:01
http://microsoftquarantine.authorised-support.com/login/review/wjy99u…
Screenshot of microsoftquarantine.authorised-support.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-05-12 01:00
http://microsoftquarantine.authorised-support.com/login/review/wjy99u…
Screenshot of microsoftquarantine.authorised-support.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-05-10 09:44
https://microsoft-se.us
Screenshot of microsoft-se.us urlscan Details
2026-06-24 01:30 2026-05-08 01:04
https://microsoft.authorised-support.com/new-account/eozafbyj1bjlmguf…
Screenshot of microsoft.authorised-support.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-05-05 13:02
https://outlook.webaccess-alert.com/s/63bzgfsvbwsfcdx7y9/584dd8/90eab…
Screenshot of outlook.webaccess-alert.com OpenPhish urlscan Details
2026-06-24 01:30 2026-05-04 13:02
http://microsoft.authorised-support.com/login/wmvddxjyf1nh7d0k4ednpyb…
Screenshot of microsoft.authorised-support.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-04-24 13:02
http://microsoft.authorised-support.com/new-account/eozafbyj1bjlmgufs…
Screenshot of microsoft.authorised-support.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-04-24 13:01
http://microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.c…
Screenshot of microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com OpenPhish urlscan Details
2026-06-24 01:30 2026-04-22 13:00
https://microsoft.authorised-support.com/new-account/eozafbyj1bjlmguf…
Screenshot of microsoft.authorised-support.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-04-22 01:01
https://microsoft.account.trustedentity.com/http:/microsoft.authorise…
Screenshot of microsoft.account.trustedentity.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-04-22 01:01
https://microsoft.authorised-support.com/login/wmvddxjyf1nh7d0k4ednpy…
Screenshot of microsoft.authorised-support.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-04-21 13:01
https://microsoft.account.trustedentity.com/http:/microsoft.authorise…
Screenshot of microsoft.account.trustedentity.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-04-20 23:54
https://hotmail.com.es
Screenshot of hotmail.com.es urlscan Details
2026-06-24 01:30 2026-04-20 01:01
http://reactivar-microsoft-live.iceiy.com
Screenshot of reactivar-microsoft-live.iceiy.com OpenPhish Details
2026-06-24 01:30 2026-04-19 13:00
https://microsoft.authorised-support.com/login/wmvddxjyf1nh7d0k4ednpy…
Screenshot of microsoft.authorised-support.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-04-09 00:00
https://outlook36validar.webcindario.com
Screenshot of outlook36validar.webcindario.com PhishTank urlscan Details
2026-06-24 01:30 2026-03-30 13:01
https://security.email-microsoft.com/diyc_smavt1av3ltaq
Screenshot of security.email-microsoft.com GSB OpenPhish urlscan Details
2026-06-24 01:30 2026-03-28 13:01
http://support.m365-microsoft.com/i/a3c830db69c7a4471885d1d2f44c22798
Screenshot of support.m365-microsoft.com OpenPhish Details
2026-06-24 01:30 2026-03-28 13:01
https://support.m365-microsoft.com/i/ac044ac20288e4a7bb84dd48b3cbb0756
Screenshot of support.m365-microsoft.com OpenPhish Details
2026-06-24 01:30 2026-03-28 13:01
https://support.m365-microsoft.com/index/8f9582b190ae4833831f9d605ef9…
Screenshot of support.m365-microsoft.com OpenPhish Details
2026-06-24 01:30 2026-03-28 13:01
http://support.m365-microsoft.com/i/a5722854c480a442880d9de7f2b5b55a9
Screenshot of support.m365-microsoft.com OpenPhish Details
2026-06-24 01:30 2026-03-28 13:01
http://support.m365-microsoft.com/page/b8b9adf6d6d74dad85d4773d4eb0b3…
Screenshot of support.m365-microsoft.com OpenPhish Details
2026-06-24 01:30 2026-03-28 13:01
http://support.m365-microsoft.com/index/592bfc700e07476abb25aea03dd15…
Screenshot of support.m365-microsoft.com OpenPhish Details
2026-06-24 01:30 2026-03-28 13:01
http://support.m365-microsoft.com/page/cab136d8e0b44fd69ca7282432a948…
Screenshot of support.m365-microsoft.com OpenPhish Details
2026-06-24 01:30 2026-03-28 13:01
http://support.m365-microsoft.com/i/a8472e4c0bb944ac1b09948052f48dd44
Screenshot of support.m365-microsoft.com OpenPhish Details
2026-06-24 01:30 2026-03-28 13:01
http://support.m365-microsoft.com/index/d0c0a4acb5134410a2a4222dddc5d…
Screenshot of support.m365-microsoft.com OpenPhish Details
2026-06-24 01:30 2026-03-28 13:01
http://support.m365-microsoft.com/i/ab041e84e499243eca3e98fb328201632
Screenshot of support.m365-microsoft.com OpenPhish Details
2026-06-24 01:30 2026-03-28 01:01
https://office365.internal-alerts.com/index/b445263c4c1f462796320ba80…
Screenshot of office365.internal-alerts.com OpenPhish urlscan Details
2026-06-24 01:30 2026-03-28 01:01
https://office365.internal-alerts.com/i/d5b9af0d256f14c03ab8396a78d36…
Screenshot of office365.internal-alerts.com OpenPhish urlscan Details

Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.

URL Screenshot Details
https://layer3-delivery.carpi…
PhishTank 		Screenshot of layer3-delivery.carpitg.workers.dev Details
https://hotmailoutlook2026.ic…
OpenPhish 		Screenshot of hotmailoutlook2026.iceiy.com Details
https://reactivar-microsoft-m…
OpenPhish urlscan 		Screenshot of reactivar-microsoft-mxx.iceiy.com Details
http://ucrhp.rgva725lyrd.team…
GSB OpenPhish 		Screenshot of ucrhp.rgva725lyrd.teams-login.xyz Details
https://office365.rricrosoft-…
OpenPhish 		Screenshot of office365.rricrosoft-offices.org Details
https://office365.rricrosoft-…
OpenPhish 		Screenshot of office365.rricrosoft-offices.org Details
https://office365.rricrosoft-…
OpenPhish 		Screenshot of office365.rricrosoft-offices.org Details
http://microsoft-login.praeto…
GSB OpenPhish urlscan 		Screenshot of microsoft-login.praetoria.fr Details
https://office365.rricrosoft-…
OpenPhish 		Screenshot of office365.rricrosoft-offices.org Details
https://login.vingroup.work/c…
PhishTank 		Screenshot of login.vingroup.work Details
http://microsoftweb365.fwh.is
OpenPhish urlscan 		Screenshot of microsoftweb365.fwh.is Details
https://programme-hup.m365-mi…
OpenPhish urlscan 		Screenshot of programme-hup.m365-microsoft.com Details
https://programme-hup.m365-mi…
OpenPhish urlscan 		Screenshot of programme-hup.m365-microsoft.com Details
https://office365elementos.fw…
PhishTank urlscan 		Screenshot of office365elementos.fwh.is Details
https://office365elementos.fw…
PhishTank urlscan 		Screenshot of office365elementos.fwh.is Details
http://office365elementos.fwh…
OpenPhish urlscan 		Screenshot of office365elementos.fwh.is Details
https://onedriveauthorization…
urlscan 		Screenshot of onedriveauthorization.pages.dev Details
http://security.m365-microsof…
OpenPhish urlscan 		Screenshot of security.m365-microsoft.com Details
http://security.m365-microsof…
OpenPhish urlscan 		Screenshot of security.m365-microsoft.com Details
https://microsoftquarantine.a…
GSB OpenPhish 		Screenshot of microsoftquarantine.authorised-support.com Details
http://reactivar-microsoft-36…
OpenPhish urlscan 		Screenshot of reactivar-microsoft-365.iceiy.com Details
https://teresaardley.github.i…
GSB OpenPhish 		Screenshot of teresaardley.github.io Details
https://microsoft.authorised-…
GSB OpenPhish urlscan 		Screenshot of microsoft.authorised-support.com Details
http://reactivar-outlook365.i…
OpenPhish 		Screenshot of reactivar-outlook365.iceiy.com Details
https://microsoft.account.tru…
GSB OpenPhish urlscan 		Screenshot of microsoft.account.trustedentity.com Details
https://microsoftquarantine.a…
GSB OpenPhish urlscan 		Screenshot of microsoftquarantine.authorised-support.com Details
http://microsoftquarantine.au…
GSB OpenPhish urlscan 		Screenshot of microsoftquarantine.authorised-support.com Details
http://microsoftquarantine.au…
GSB OpenPhish urlscan 		Screenshot of microsoftquarantine.authorised-support.com Details
https://microsoft-se.us
urlscan 		Screenshot of microsoft-se.us Details
https://microsoft.authorised-…
GSB OpenPhish urlscan 		Screenshot of microsoft.authorised-support.com Details
https://outlook.webaccess-ale…
OpenPhish urlscan 		Screenshot of outlook.webaccess-alert.com Details
http://microsoft.authorised-s…
GSB OpenPhish urlscan 		Screenshot of microsoft.authorised-support.com Details
http://microsoft.authorised-s…
GSB OpenPhish urlscan 		Screenshot of microsoft.authorised-support.com Details
http://microsoft.security.82a…
OpenPhish urlscan 		Screenshot of microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com Details
https://microsoft.authorised-…
GSB OpenPhish urlscan 		Screenshot of microsoft.authorised-support.com Details
https://microsoft.account.tru…
GSB OpenPhish urlscan 		Screenshot of microsoft.account.trustedentity.com Details
https://microsoft.authorised-…
GSB OpenPhish urlscan 		Screenshot of microsoft.authorised-support.com Details
https://microsoft.account.tru…
GSB OpenPhish urlscan 		Screenshot of microsoft.account.trustedentity.com Details
https://hotmail.com.es
urlscan 		Screenshot of hotmail.com.es Details
http://reactivar-microsoft-li…
OpenPhish 		Screenshot of reactivar-microsoft-live.iceiy.com Details
https://microsoft.authorised-…
GSB OpenPhish urlscan 		Screenshot of microsoft.authorised-support.com Details
https://outlook36validar.webc…
PhishTank urlscan 		Screenshot of outlook36validar.webcindario.com Details
https://security.email-micros…
GSB OpenPhish urlscan 		Screenshot of security.email-microsoft.com Details
http://support.m365-microsoft…
OpenPhish 		Screenshot of support.m365-microsoft.com Details
https://support.m365-microsof…
OpenPhish 		Screenshot of support.m365-microsoft.com Details
https://support.m365-microsof…
OpenPhish 		Screenshot of support.m365-microsoft.com Details
http://support.m365-microsoft…
OpenPhish 		Screenshot of support.m365-microsoft.com Details
http://support.m365-microsoft…
OpenPhish 		Screenshot of support.m365-microsoft.com Details
http://support.m365-microsoft…
OpenPhish 		Screenshot of support.m365-microsoft.com Details
http://support.m365-microsoft…
OpenPhish 		Screenshot of support.m365-microsoft.com Details
http://support.m365-microsoft…
OpenPhish 		Screenshot of support.m365-microsoft.com Details
http://support.m365-microsoft…
OpenPhish 		Screenshot of support.m365-microsoft.com Details
http://support.m365-microsoft…
OpenPhish 		Screenshot of support.m365-microsoft.com Details
https://office365.internal-al…
OpenPhish urlscan 		Screenshot of office365.internal-alerts.com Details
https://office365.internal-al…
OpenPhish urlscan 		Screenshot of office365.internal-alerts.com Details

AIHow to verify a real Microsoft URL

  • Legitimate Microsoft URLs always end in microsoft.com (e.g. www.microsoft.com, account.microsoft.com). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like .xyz / .top / .vip — is not Microsoft.
  • The padlock icon proves TLS is active, not that the site is safe. Free DV certificates are issued to attackers in minutes; every active site listed above has a valid TLS certificate.
  • If you got the link from email, SMS, or social media, do not click it. Open microsoft.com from your browser bookmark or type the domain manually.
  • Real Microsoft pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.