Report Overview

  1. Visited public
    2023-11-21 06:45:06
    Tags
    phishingmicrosoftoutlook
    Submit Tags
  2. URL

    selligenttier.naylorcampaigns.com/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTYyNDExMiZtZXNzYWdlaWQ9NjI0MTEyJmRhdGFiYXNlaWQ9NjI0MTEyJnNlcmlhbD0xNjgyODQwNyZlbWFpbGlkPVRpbUBFbGV2YXRlZGNnLmNvbSZ1c2VyaWQ9MjExMTg2JnRhcmdldGlkPSZtbj0mZmw9Jm12aWQ9JmV4dHJhPSYmJg==&&&9999&&&https://invest-raleigh.com/a/cPesv/aWFuLmJha2VyQHJvb21zZXJ2aWNlYnljb3J0LmNvbQ==

  3. Finishing URL

    lifesafee.us/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1pYW4uYmFrZXIlNDByb29tc2VydmljZWJ5Y29ydC5jb20mY2xpZW50LXJlcXVlc3QtaWQ9ZDljYWE1YjUtMmIxMi01ZGZjLWViNTAtOGFlYTViYzEyOTI0JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM2MTQ1ODkxODkzODY1OS5mYzkxY2RkZi05ODg3LTQzNWEtYmRiYS03ZjNiYTM5MzI4MDcmc3RhdGU9RGN0TERzSWdGRUJSMExVNGhFSWZuOGZBdUJURFY0a3RKTmhvM0wwTXpwMWRTZ2c1VDZlSmlobGlEU0FZcVRRNmlRN1FhTWRMZERLbVZKaER0RXlCOWl5azRKa3RFRHc0V0ZGWU90OTE2Vi1fM0xiLXFPMy1yTzI0VnQ5NDhLODhMa3FNM3ZkM0hwOGFjX2pGUGc0ZS1fNEg=

  4. IP / ASN
    144.202.229.149

    #11383 AS-TIERP-11383

    Title
    xw85vazgnk

  5. Phishing - Microsoft Outlook

Detections
urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
invest-raleigh.comunknown2019-10-182021-02-02 01:06:582023-11-20 21:21:36
ccbaacb8.73bbd26087c1fbe46ffbc71b.workers.devunknown2019-02-082023-11-14 20:49:552023-11-18 01:18:47
lifesafee.usunknown2023-11-202023-11-20 21:10:132023-11-20 21:10:13
outlook.office365.com512005-06-202013-04-11 01:09:242021-03-15 09:11:50
r4.res.office365.com1802005-06-202017-03-03 13:49:032023-11-20 01:53:07
challenges.cloudflare.comunknown2009-02-172021-10-20 07:02:032023-11-19 21:12:47
ocsp.netsolssl.com83812005-01-312012-05-20 23:51:492023-11-19 21:43:35
selligenttier.naylorcampaigns.comunknown2008-01-212021-04-20 09:07:122023-11-19 11:34:30

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


JavaScript (171)

HTTP Transactions (40)

URLIPResponseSize
ocsp.netsolssl.com/
104.18.38.233 472 B
selligenttier.naylorcampaigns.com/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTYyNDExMiZtZXNzYWdlaWQ9NjI0MTEyJmRhdGFiYXNlaWQ9NjI0MTEyJnNlcmlhbD0xNjgyODQwNyZlbWFpbGlkPVRpbUBFbGV2YXRlZGNnLmNvbSZ1c2VyaWQ9MjExMTg2JnRhcmdldGlkPSZtbj0mZmw9Jm12aWQ9JmV4dHJhPSYmJg==&&&9999&&&https://invest-raleigh.com/a/cPesv/aWFuLmJha2VyQHJvb21zZXJ2aWNlYnljb3J0LmNvbQ==
144.202.229.149 1.6 kB
invest-raleigh.com/a/cPesv/aWFuLmJha2VyQHJvb21zZXJ2aWNlYnljb3J0LmNvbQ==
69.49.245.172 0 B
GET ccbaacb8.73bbd26087c1fbe46ffbc71b.workers.dev/?qrc=ian.baker@roomservicebycort.com
104.21.11.118200 OK0 B
GET lifesafee.us/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2xpZmVzYWZlZS51cyIsImRvbWFpbiI6ImxpZmVzYWZlZS51cyIsImtleSI6IjRSYUd0WHFxa2puYiIsInFyYyI6Imlhbi5iYWtlckByb29tc2VydmljZWJ5Y29ydC5jb20iLCJpYXQiOjE3MDA1NDkwOTAsImV4cCI6MTcwMDU0OTIxMH0.djaNfGVrOEXPKQWT_xfQn4VhBlnVdD5Tivt1ni_Ze6U
5.230.43.144302 Found0 B
GET lifesafee.us/__//?ste=kcp.dcmgt%40tqqougtxkegdaeqtv.eqo
5.230.43.144302 Moved Temporarily0 B
GET lifesafee.us/owa/?login_hint=ian.baker%40roomservicebycort.com
5.230.43.144302 Found1.4 kB
GET lifesafee.us/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
5.230.43.144200 OK20 kB
GET lifesafee.us/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_o-ZZReABRa0UshwWo2BEBw2.js
5.230.43.144200 OK689 kB
GET lifesafee.us/aadcdn.msauth.net/~/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
5.230.43.144200 OK17 kB
GET outlook.office365.com/owa/prefetch.aspx
40.101.1.34200 OK1.2 kB
GET r4.res.office365.com/owa/prem/15.20.6977.22/scripts/boot.worldwide.0.mouse.js
95.101.10.136200 OK180 kB
GET lifesafee.us/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
5.230.43.144200 OK36 kB
GET lifesafee.us/aadcdn.msauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
5.230.43.144200 OK2.7 kB
GET r4.res.office365.com/owa/prem/15.20.6977.22/scripts/boot.worldwide.1.mouse.js
95.101.10.136200 OK163 kB
GET r4.res.office365.com/owa/prem/15.20.6977.22/scripts/boot.worldwide.2.mouse.js
95.101.10.136200 OK170 kB
GET r4.res.office365.com/owa/prem/15.20.6977.22/scripts/boot.worldwide.3.mouse.js
95.101.10.136200 OK146 kB
GET r4.res.office365.com/owa/prem/15.20.6977.22/resources/images/0/sprite1.mouse.png
95.101.10.136200 OK132 B
GET lifesafee.us/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_f7b06b70c72b4590b779.js
5.230.43.144200 OK7.4 kB
GET r4.res.office365.com/owa/prem/15.20.6977.22/resources/styles/0/boot.worldwide.mouse.css
95.101.10.136200 OK44 kB
GET r4.res.office365.com/owa/prem/15.20.6977.22/resources/styles/fonts/office365icons.woff
95.101.10.136200 OK78 kB
GET r4.res.office365.com/owa/prem/15.20.6977.22/resources/styles/fonts/office365icons.woff
95.101.10.136200 OK78 kB
GET lifesafee.us/aadcdn.msauth.net/~/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
5.230.43.144200 OK987 B
GET lifesafee.us/aadcdn.msauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
5.230.43.144200 OK1.4 kB
GET lifesafee.us/aadcdn.msauth.net/~/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
5.230.43.144200 OK5.1 kB
GET lifesafee.us/aadcdn.msauth.net/~/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
5.230.43.144200 OK18 kB
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8296f75a4c401bfa
104.17.2.184200 OK171 kB
GET lifesafee.us/aadcdn.msauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
5.230.43.144200 OK3.6 kB
GET r4.res.office365.com/owa/prem/15.20.6977.22/resources/images/0/sprite1.mouse.css
95.101.10.136200 OK994 B
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lnobv/0x4AAAAAAANHmfJ34aZJBvxl/auto/normal
104.17.2.184200 OK73 kB
GET lifesafee.us/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_orpt-59zawtpatdv5lgnaa2.js
5.230.43.144200 OK53 kB
GET challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
104.17.2.184302 Found34 kB
GET challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback
104.17.2.184200 OK34 kB
POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1814354766:1700548023:NAG9OZeQxoIiFlB9jyTbh1112JDBlhRrYHyaPgaViGU/8296f75a4c401bfa/7d490aae0ecc29f
104.17.2.184200 OK88 kB
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8296f75a4c401bfa/1700549088743/688192a3cf18b14fd3bb60667d50fbcbf3675f64fbb83e8b9ba113fc55494fe2/7_YqW5b6yGO59DH
104.17.2.184401 Unauthorized1 B
GET lifesafee.us/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmbG9naW5faGludD1pYW4uYmFrZXIlNDByb29tc2VydmljZWJ5Y29ydC5jb20mY2xpZW50LXJlcXVlc3QtaWQ9ZDljYWE1YjUtMmIxMi01ZGZjLWViNTAtOGFlYTViYzEyOTI0JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODM2MTQ1ODkxODkzODY1OS5mYzkxY2RkZi05ODg3LTQzNWEtYmRiYS03ZjNiYTM5MzI4MDcmc3RhdGU9RGN0TERzSWdGRUJSMExVNGhFSWZuOGZBdUJURFY0a3RKTmhvM0wwTXpwMWRTZ2c1VDZlSmlobGlEU0FZcVRRNmlRN1FhTWRMZERLbVZKaER0RXlCOWl5azRKa3RFRHc0V0ZGWU90OTE2Vi1fM0xiLXFPMy1yTzI0VnQ5NDhLODhMa3FNM3ZkM0hwOGFjX2pGUGc0ZS1fNEg=
5.230.43.144200 OK39 kB
GET ccbaacb8.73bbd26087c1fbe46ffbc71b.workers.dev/favicon.ico
104.21.11.118200 OK3.3 kB
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/9DKbiDfWH6ZjHxgSNTG3KHa3ucVmP6rj9MHN3bQn2%2BU%3D
104.17.2.184200 OK61 B
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8296f75a4c401bfa/1700549088743/sszKy_GC1e5W4ZI
104.17.2.184200 OK61 B
POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1814354766:1700548023:NAG9OZeQxoIiFlB9jyTbh1112JDBlhRrYHyaPgaViGU/8296f75a4c401bfa/7d490aae0ecc29f
104.17.2.184200 OK3.6 kB