hxxps://ato71hibz[.]accounts[.]ondemand[.]com/saml2/idp/sso/ato71hibz[.]accounts[.]ondemand[.]com?SAMLRequest=hZJNc9sgEIb%2FCrN3IUHtWGEsZ5x6MvVMPzyNmkMuHYxWMTMSqCzUbX99FdnppIckFw7w7L7LA8urX33HfmIg610FghfA0BnfWPdQwbf6JivharUk3XdyUOsUD%2B4r%2FkhIkY2FjtTppIIUnPKaLCmneyQVjbpdf%2FqoJC%2FUEHz0xnfANmOhdTpOYYcYB1J5rqNfiIPd%2F%2BHaGJ9cJO5dg712DTe%2Bz6eI3DZDTuTfooHd%2BGBwmrSCVneEwLabCr7P55fNfHFRZns9LrOZFFl5UV5mphWtEAXu56UYUaKEW0dRu1iBLOQsKxZZIWshlZwp%2BY4XcnEPbHe%2B07V1J1evCdifIFIf6nqX7b7c1sDunpyPAJwNqyk9PFf7emNNhOHRJqyebB6PR07JGCRqtYk%2BEMeUj0gM%2BnGIZf486t%2FTfh57bzc731nzm627zh%2FfB9QRK4gh4WS11%2FHlaQQX045tsnZCVXI0oLGtxQby1Tn2%2Fz%2B0%2Bgs%3D&RelayState=%2Fsf%2Fhrisworkflowapprovelink%3FworkflowRequestId%3DV4-0-a1-o3-xy2DCrslagMIFDxLfm29itRRg4rrlde9_wq6nigd-%26company%3Diontrading%26username%3Dsumit[.]jain%40iongroup[.]com%26_s[.]crb%3DXZjdxIANokrA%25252bi2Mb2NZsfFhdzJJzMQzbiOeAU5bqjQ%25253d&SigAlg=http%3A%2F%2Fwww[.]w3[.]org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=VpfhglYoRRyYF33B%2BX43WzD3iVhkkjNpK8Om7E3zYYidbRb7c%2Bj7CL%2BatmY4u50xGQcGwV9uBtNTuRowUlXEwwBp9HZrXng7%2BoPxrBmPx1TNQBi2esrXAwcFE4RuuYytCCzLb1KKbuLgFOwU40QR9DXcET22Q8MyjYIESxZXsYc%3D

Sharing

Target

https://ato71hibz.accounts.ondemand.com/saml2/idp/sso/ato71hibz.accounts.ondemand.com?SAMLRequest=hZJNc9sgEIb%2FCrN3IUHtWGEsZ5x6MvVMPzyNmkMuHYxWMTMSqCzUbX99FdnppIckFw7w7L7LA8urX33HfmIg610FghfA0BnfWPdQwbf6JivharUk3XdyUOsUD%2B4r%2FkhIkY2FjtTppIIUnPKaLCmneyQVjbpdf%2FqoJC%2FUEHz0xnfANmOhdTpOYYcYB1J5rqNfiIPd%2F%2BHaGJ9cJO5dg712DTe%2Bz6eI3DZDTuTfooHd%2BGBwmrSCVneEwLabCr7P55fNfHFRZns9LrOZFFl5UV5mphWtEAXu56UYUaKEW0dRu1iBLOQsKxZZIWshlZwp%2BY4XcnEPbHe%2B07V1J1evCdifIFIf6nqX7b7c1sDunpyPAJwNqyk9PFf7emNNhOHRJqyebB6PR07JGCRqtYk%2BEMeUj0gM%2BnGIZf486t%2FTfh57bzc731nzm627zh%2FfB9QRK4gh4WS11%2FHlaQQX045tsnZCVXI0oLGtxQby1Tn2%2Fz%2B0%2Bgs%3D&RelayState=%2Fsf%2Fhrisworkflowapprovelink%3FworkflowRequestId%3DV4-0-a1-o3-xy2DCrslagMIFDxLfm29itRRg4rrlde9_wq6nigd-%26company%3Diontrading%26username%3Dsumit.jain%40iongroup.com%26_s.crb%3DXZjdxIANokrA%25252bi2Mb2NZsfFhdzJJzMQzbiOeAU5bqjQ%25253d&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=VpfhglYoRRyYF33B%2BX43WzD3iVhkkjNpK8Om7E3zYYidbRb7c%2Bj7CL%2BatmY4u50xGQcGwV9uBtNTuRowUlXEwwBp9HZrXng7%2BoPxrBmPx1TNQBi2esrXAwcFE4RuuYytCCzLb1KKbuLgFOwU40QR9DXcET22Q8MyjYIESxZXsYc%3D

Score

8^/10

phishing

A potential corporate email address has been identified in the URL: /sf/hrisworkflowapprovelink?workflowRequestId=V4-0-a1-o3-xy2DCrslagMIFDxLfm29itRRg4rrlde9_wq6nigd-&company=iontrading&[email protected]&_s.crb=XZjdxIANokrA%252bi2Mb2NZsfFhdzJJzMQzbiOeAU5bqjQ%253d
phishing