Report Overview

  1. Visited public
    2023-11-14 08:18:42
    Tags
    phishingmicrosoftoutlook
    Submit Tags
  2. URL

    priormarkets.com/.well-know/re/172.29.222.2/bm9lbC5mcmllbEBlc2IuaWU=

  3. Finishing URL

    weauthser.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1ub2VsLmZyaWVsJTQwZXNiLmllJmNsaWVudC1yZXF1ZXN0LWlkPTNjNTY0YjA5LTVlZDktNmVjYi1iYWZmLWJmMDVkMTZmMDg4NSZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02MzgzNTU0NjcxMDM3MjI5NjIuMjg2YTkzNTAtODBiOC00MGI0LWI4MzktNDhlZWMyMjgzYjZmJnN0YXRlPURjdEJEZ0loREVCUmNLNmlTNWphUWltTGlVY3hnLWtvQ1lGRVRieS1MTjdmZld1TVdhYlRaR0hHSkNhaEdBT25LMUJDekl3ZWhmZE1FWnhBRVJlZ0JGZUVzZ3VpLWtBVUtuelktWjdYOGR2WFd4dlAydS12MnI5Ykg5cjg4YTdhTGdIMFUzelZQdw==

  4. IP / ASN
    198.54.114.249

    #22612 NAMECHEAP-NET

    Title
    na0e0ucj1a

  5. Phishing - Microsoft Outlook

Detections
urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
priormarkets.comunknown2022-01-252022-01-25 17:39:302023-11-13 22:59:10
challenges.cloudflare.comunknown2009-02-172021-10-20 07:02:032023-11-13 18:13:05
weauthser.comunknown2023-08-282023-08-28 10:01:472023-11-13 09:01:38
r4.res.office365.com1802005-06-202017-03-03 13:49:032023-11-13 18:12:08
aadcdn.msauth.net14212018-10-252018-11-19 11:50:032023-11-13 18:12:49
c8c16a09.61cf65b9c50290e4b3cc66ca.workers.devunknown2019-02-082023-11-10 18:20:332023-11-13 22:59:11
outlook.office365.com512005-06-202013-04-11 01:09:242021-03-15 09:11:50
autologon.microsoftazuread-sso.com15342016-07-222017-01-30 09:17:572023-11-14 02:54:45
aadcdn.msftauthimages.net46222018-11-122019-08-14 20:22:232023-11-13 22:57:17

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


JavaScript (187)

HTTP Transactions (45)

URLIPResponseSize
priormarkets.com/.well-know/re/172.29.222.2/bm9lbC5mcmllbEBlc2IuaWU=
198.54.114.249 0 B
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wgi8s/0x4AAAAAAAM4qfwjwiJeS6L4/auto/normal
104.17.3.184200 OK17 kB
GET weauthser.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3dlYXV0aHNlci5jb20iLCJkb21haW4iOiJ3ZWF1dGhzZXIuY29tIiwia2V5IjoiaHlXSXZjeUhmVG1DIiwicXJjIjoibm9lbC5mcmllbEBlc2IuaWUiLCJpYXQiOjE2OTk5NDk5MDksImV4cCI6MTY5OTk1MDAyOX0.3O_u6U4jXSbRExLkx3y1nRYDHNbAETh-703VLEZXPAA
5.230.41.174302 Found0 B
GET weauthser.com/?qrc=noel.friel%40esb.ie
5.230.41.174302 Moved Temporarily0 B
GET weauthser.com/owa/?login_hint=noel.friel%40esb.ie
5.230.41.174302 Found1.4 kB
GET weauthser.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
5.230.41.174200 OK20 kB
GET weauthser.com/aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
5.230.41.174200 OK689 kB
GET weauthser.com/aadcdn.msftauth.net/~/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
5.230.41.174200 OK17 kB
GET outlook.office365.com/owa/prefetch.aspx
40.101.1.25200 OK1.2 kB
GET weauthser.com/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
5.230.41.174200 OK2.7 kB
GET weauthser.com/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
5.230.41.174200 OK3.6 kB
GET r4.res.office365.com/owa/prem/15.20.6977.31/scripts/boot.worldwide.0.mouse.js
23.73.4.69200 OK180 kB
GET r4.res.office365.com/owa/prem/15.20.6977.31/scripts/boot.worldwide.1.mouse.js
23.73.4.69200 OK163 kB
GET r4.res.office365.com/owa/prem/15.20.6977.31/scripts/boot.worldwide.2.mouse.js
23.73.4.69200 OK170 kB
GET r4.res.office365.com/owa/prem/15.20.6977.31/scripts/boot.worldwide.3.mouse.js
23.73.4.69200 OK146 kB
GET r4.res.office365.com/owa/prem/15.20.6977.31/resources/images/0/sprite1.mouse.png
23.73.4.69200 OK132 B
GET r4.res.office365.com/owa/prem/15.20.6977.31/resources/images/0/sprite1.mouse.css
23.73.4.69200 OK288 B
GET r4.res.office365.com/owa/prem/15.20.6977.31/resources/styles/0/boot.worldwide.mouse.css
23.73.4.69200 OK44 kB
GET weauthser.com/aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
5.230.41.174200 OK987 B
GET weauthser.com/aadcdn.msftauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
5.230.41.174200 OK1.4 kB
GET weauthser.com/aadcdn.msftauth.net/~/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
5.230.41.174200 OK5.1 kB
GET r4.res.office365.com/owa/prem/15.20.6977.31/resources/styles/fonts/office365icons.woff
23.73.4.69200 OK78 kB
GET weauthser.com/aadcdn.msftauth.net/~/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
5.230.41.174200 OK18 kB
GET r4.res.office365.com/owa/prem/15.20.6977.31/resources/styles/fonts/office365icons.woff
23.73.4.69200 OK78 kB
GET autologon.microsoftazuread-sso.com/esb.ie/winauth/iframe?client-request-id=3c564b09-5ed9-6ecb-baff-bf05d16f0885&isAdalRequest=False
20.190.181.1200 OK7.2 kB
aadcdn.msauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
13.107.213.53 40 kB
aadcdn.msauth.net/ests/2.1/content/cdnbundles/dsso.iframe.min_ola-etxskuesqyfim_hgua2.js
13.107.213.53 4.4 kB
POST weauthser.com/common/instrumentation/dssostatus
5.230.41.174200 OK265 B
GET aadcdn.msftauthimages.net/c1c6b6c8-d1whwooijlry0aj5tr0-7jzp3duyhxupxkp3vbqtqjk/logintenantbranding/0/bannerlogo?ts=637261825601439542
13.107.246.53200 OK8.3 kB
GET weauthser.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
5.230.41.174200 OK110 kB
GET weauthser.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js
5.230.41.174200 OK16 kB
GET weauthser.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_f7b06b70c72b4590b779.js
5.230.41.174200 OK24 kB
GET challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
104.17.3.184302 Found34 kB
GET c8c16a09.61cf65b9c50290e4b3cc66ca.workers.dev/favicon.ico
172.67.168.211200 OK3.3 kB
POST c8c16a09.61cf65b9c50290e4b3cc66ca.workers.dev/?qrc=noel.friel@esb.ie
172.67.168.211302 Found39 kB
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/825dd2d56e77712b/1699949906690/c34999f56b42ec7315fd75570bda8976b87da367a87ef79eebc61004cec4c395/5Bi_aiKUz0F3JMF
104.17.3.184401 Unauthorized1 B
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/825dd2d56e77712b/1699949906692/32cfWaQtpTw4Ojo
104.17.3.184200 OK61 B
POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/855657143:1699946441:dawvKoWk7NTSPaMOV7gq3uz0mVImVfGjGcsy6jLqcHE/825dd2d56e77712b/81db01d61011a66
104.17.3.184200 OK3.6 kB
GET c8c16a09.61cf65b9c50290e4b3cc66ca.workers.dev/?qrc=noel.friel@esb.ie
172.67.168.211200 OK3.3 kB
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/9DKbiDfWH6ZjHxgSNTG3KHa3ucVmP6rj9MHN3bQn2%2BU%3D
104.17.3.184200 OK61 B
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=825dd2d56e77712b
104.17.3.184200 OK177 kB
GET weauthser.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_orpt-59zawtpatdv5lgnaa2.js
5.230.41.174200 OK53 kB
GET challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback
104.17.3.184200 OK34 kB
POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/855657143:1699946441:dawvKoWk7NTSPaMOV7gq3uz0mVImVfGjGcsy6jLqcHE/825dd2d56e77712b/81db01d61011a66
104.17.3.184200 OK130 kB
GET weauthser.com/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1ub2VsLmZyaWVsJTQwZXNiLmllJmNsaWVudC1yZXF1ZXN0LWlkPTNjNTY0YjA5LTVlZDktNmVjYi1iYWZmLWJmMDVkMTZmMDg4NSZwcm90ZWN0ZWR0b2tlbj10cnVlJmNsYWltcz0lN2IlMjJpZF90b2tlbiUyMiUzYSU3YiUyMnhtc19jYyUyMiUzYSU3YiUyMnZhbHVlcyUyMiUzYSU1YiUyMkNQMSUyMiU1ZCU3ZCU3ZCU3ZCZub25jZT02MzgzNTU0NjcxMDM3MjI5NjIuMjg2YTkzNTAtODBiOC00MGI0LWI4MzktNDhlZWMyMjgzYjZmJnN0YXRlPURjdEJEZ0loREVCUmNLNmlTNWphUWltTGlVY3hnLWtvQ1lGRVRieS1MTjdmZld1TVdhYlRaR0hHSkNhaEdBT25LMUJDekl3ZWhmZE1FWnhBRVJlZ0JGZUVzZ3VpLWtBVUtuelktWjdYOGR2WFd4dlAydS12MnI5Ykg5cjg4YTdhTGdIMFUzelZQdw==
5.230.41.174200 OK39 kB