owa.itineraryupdate.com
Category: Phishing And Fraud
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of owa.itineraryupdate.com
The subdomain owa.itineraryupdate.com appears to host a phishing-awareness landing page rather than a general public website. The screenshot shows messaging such as "This was an authorized phishing simulation from your organization" along with educational content about spear phishing, suggesting the page may be part of a corporate security training or email-testing program.
The domain itself is not ranked among major popular websites, but it has been registered for several years and uses enterprise-oriented infrastructure. Based on the naming pattern, the "owa" subdomain may have been chosen to resemble a webmail or Outlook-style login environment for simulation purposes, while the visible page content indicates an internal awareness or training use case rather than a consumer-facing service.
The domain is registered through a corporate registrar and hosted on cloud infrastructure, which is consistent with managed business services. However, because the subdomain naming convention can resemble login-related services, context matters: this type of setup may be legitimate in an organizational training environment, but it could also attract phishing-related classifications from automated systems.
Safety Assessment for owa.itineraryupdate.com
Scan results show mixed signals at the time of this scan. A notable number of security engines flagged the URL or domain as phishing-related, with 13 out of 91 engines reporting malicious or phishing classifications, and several web-classification sources labeling it as phishing, fraud, or parked. Those detections are meaningful and suggest the domain may be associated with phishing-themed activity from the perspective of automated scanners.
At the same time, the visible page content appears to be an authorized phishing simulation and awareness page, not a credential-harvesting form or malware delivery page. The malware scan did not identify flagged files, and major blacklist and threat-database checks were clean at the time of this scan. This combination can occur when a legitimate security-training page intentionally imitates phishing scenarios closely enough to trigger automated detections.
Because the page explicitly presents itself as part of an organizational phishing simulation, the risk to a general visitor may depend heavily on context and authorization. Based on these findings, this website may pose potential risks if encountered unexpectedly, but the content shown also appears consistent with a sanctioned phishing-awareness exercise rather than an active malware page at the time of this scan.
Technical Description
The domain is approximately 9 years old, registered through Markmonitor Inc., and resolves via AWS-hosted nameservers and an AWS EC2 server in Sydney, Australia. It presents a valid Let's Encrypt SSL certificate with expiry in August 2026, which indicates encrypted HTTPS connectivity was available at the time of testing. The exact web server software and protocol details were not identified in the provided scan data.
DNSSEC appears to be unsigned, which means DNS responses do not benefit from DNSSEC validation. No malicious files, external links, or iframe references were identified in the supplied malware-scan output. From an infrastructure perspective, the setup appears professionally hosted, though the phishing-related detections and the login-like subdomain naming convention remain the primary security concern.
Share your experience with this website. Was it safe? Did you encounter any issues?