important-updates-center-029.cf Open in urlscan Pro
3.104.121.124  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response important-updates-center-029.cf/micrsharepoint/	67 KB 67 KB	756ms 378ms	Document text/html	3.104.121.124
General Check archive.org Show headers Download Go to Full URL http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Server 3.104.121.124 Sydney, Australia, ASN16509 (,), Reverse DNS ec2-3-104-121-124.ap-southeast-2.compute.amazonaws.com Software Apache / Resource Hash 6c839475c71c8663730d2243f3249a3c6706003fa9c6f5bb64a862cee5b37cb5 Request headers Host important-updates-center-029.cf Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:39 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	msa_jHDwk39fDYV3_-P32ZY7ew2.css auth.gfx.ms/	75 KB 15 KB	62ms 6ms	Stylesheet text/css	2a02:26f0:6c00:29f::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/msa_jHDwk39fDYV3_-P32ZY7ew2.css Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29f::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash b2766157ebf1d78b4284c68d170c066d77916e32472429845adc8b7ada274b7f Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:39 GMT Content-Encoding gzip Last-Modified Tue, 19 Jul 2016 03:08:04 GMT PPServer PPV: 30 H: BL2IDSPRTS1A003 V: 0 ETag "02e8c36ae1d11:0" Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=469433 Connection keep-alive Accept-Ranges bytes Content-Length 15207 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	AppCentipede_Microsoft.svg auth.gfx.ms/images/AppCentipede/	7 KB 3 KB	63ms 7ms	Image image/svg+xml	2a02:26f0:6c00:29f::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://auth.gfx.ms/images/AppCentipede/AppCentipede_Microsoft.svg Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29f::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash ba80f664bb6cb89c48c2d50baf1e5897940ed44946e902d52dd09b967616ce20 Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:39 GMT Content-Encoding gzip Last-Modified Tue, 14 Nov 2017 23:31:15 GMT PPServer PPV: 30 H: BL2IDSPRTS1A003 V: 0 ETag "8023dfa9a05dd31:0" Vary Accept-Encoding Content-Type image/svg+xml Access-Control-Allow-Origin * Cache-Control max-age=469471 Connection keep-alive Accept-Ranges bytes Content-Length 2980 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	jquery_1.7.2.js Show response auth.gfx.ms/	92 KB 33 KB	8ms 6ms	Script application/javascript	2a02:26f0:6c00:29f::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/jquery_1.7.2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29f::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 921f3fb487ee81989ae938e3faa052b6e0b8e5a0a7112549774ffd6918fe7146 Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Tue, 14 Feb 2017 01:44:07 GMT PPServer PPV: 30 H: BL2IDSPRTS1A002 V: 0 ETag "804d5ed46386d21:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469477 Connection keep-alive Accept-Ranges bytes Content-Length 33688 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	bootstrap_3.3.0_pPAJHVic1yRZoJnAQKOXeQ2.js Show response auth.gfx.ms/	36 KB 10 KB	8ms 6ms	Script application/javascript	2a02:26f0:6c00:29f::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/bootstrap_3.3.0_pPAJHVic1yRZoJnAQKOXeQ2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29f::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 127617f473f184116e282e43bd0781fa36c3bfba656c19c2722cb0f2ae3e2740 Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Tue, 14 Nov 2017 23:34:25 GMT PPServer PPV: 30 H: BL2IDSPRTS1A003 V: 0 ETag "80d61e1ba15dd31:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469453 Connection keep-alive Accept-Ranges bytes Content-Length 10050 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	wLivePackage_BUgt_VA9tVPtWGX7ifSLCA2.js Show response auth.gfx.ms/	27 KB 11 KB	15ms 6ms	Script application/javascript	2a02:26f0:6c00:29f::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/wLivePackage_BUgt_VA9tVPtWGX7ifSLCA2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29f::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash b621c9927a5ce93186803fb943eb9f0e679ca726ff9274c4790fc9cf89649a82 Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Tue, 19 Jul 2016 03:08:19 GMT PPServer PPV: 30 H: BL2IDSPRTS1A003 V: 0 ETag "80d3d8cc6ae1d11:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469424 Connection keep-alive Accept-Ranges bytes Content-Length 10606 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	compatNonIE_tBPhj8fBmQ29lERZ8otB7A2.js Show response auth.gfx.ms/	21 KB 6 KB	18ms 6ms	Script application/javascript	2a02:26f0:6c00:29f::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/compatNonIE_tBPhj8fBmQ29lERZ8otB7A2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29f::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 9d484ed2ea5d83df37f3163ea89b0ae598bc44fda47baf6736dc74a756767e8e Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Mon, 31 Oct 2016 19:06:07 GMT PPServer PPV: 30 H: BL2IDSPRTS1A003 V: 0 ETag "80b967d5a933d21:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469397 Connection keep-alive Accept-Ranges bytes Content-Length 6192 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	liveDepPackage_aDC9Fz5btxIUXW45hIRGXQ2.js Show response auth.gfx.ms/	4 KB 2 KB	20ms 6ms	Script application/javascript	2a02:26f0:6c00:283::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/liveDepPackage_aDC9Fz5btxIUXW45hIRGXQ2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:283::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 857f692a576f9864bed14d395406693d10149179a26e4dc9ce36e6782a0ea510 Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Mon, 31 Oct 2016 19:06:06 GMT PPServer PPV: 30 H: BL2IDSPRTS1A004 V: 0 ETag "023cfd4a933d21:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469446 Connection keep-alive Accept-Ranges bytes Content-Length 1724 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	animations_F0feig31z1IAjWLnhlI63Q2.js Show response auth.gfx.ms/	9 KB 3 KB	21ms 6ms	Script application/javascript	2a02:26f0:6c00:283::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/animations_F0feig31z1IAjWLnhlI63Q2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:283::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash e24a8417f9e68ca635d037a403710d997fb518f305bf0db2dd0321ffd3e6694a Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Tue, 14 Nov 2017 23:34:27 GMT PPServer PPV: 30 H: BL2IDSPRTS1A003 V: 0 ETag "803501ca15dd31:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469431 Connection keep-alive Accept-Ranges bytes Content-Length 2435 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	notificationsPackage_42CnZZn34lW5sAmyxNqC0g2.js Show response auth.gfx.ms/	28 KB 11 KB	17ms 10ms	Script application/javascript	2a02:26f0:6c00:283::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/notificationsPackage_42CnZZn34lW5sAmyxNqC0g2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:283::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 1fb467f7b10fb17b81588650aac7f3595ef1af6d1347e1e57293024673f1f8cc Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Mon, 22 Aug 2016 17:31:26 GMT PPServer PPV: 30 H: BL2IDSPRTS1A002 V: 0 ETag "06b5929bfcd11:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469436 Connection keep-alive Accept-Ranges bytes Content-Length 10370 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	knockout_kKvzfhsQd3RiAaz9AjzNgA2.js Show response auth.gfx.ms/	74 KB 27 KB	10ms 6ms	Script application/javascript	2a02:26f0:6c00:283::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/knockout_kKvzfhsQd3RiAaz9AjzNgA2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:283::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 9a3e8da684458384b0c4491a26eed8a7ac5f6f842f3ef3185f4f320709be12e2 Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Tue, 14 Nov 2017 23:34:25 GMT PPServer PPV: 30 H: BL2IDSPRTS1A003 V: 0 ETag "80d61e1ba15dd31:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469436 Connection keep-alive Accept-Ranges bytes Content-Length 27156 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	dataRequestPackage_la-fplmLZQsKzY10lWx4wg2.js Show response auth.gfx.ms/	11 KB 5 KB	6ms 6ms	Script application/javascript	2a02:26f0:6c00:29f::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/dataRequestPackage_la-fplmLZQsKzY10lWx4wg2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29f::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 786869320a7d38ae2b3a671df783549b5ac47f79294925046a4d2dfc31bc7bdb Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Tue, 19 Jul 2016 03:08:23 GMT PPServer PPV: 30 H: BL2IDSPRTS1A002 V: 0 ETag "802d3bcf6ae1d11:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469389 Connection keep-alive Accept-Ranges bytes Content-Length 4488 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	accountCorePackage_N-SJjK7ZIEWiNoJTjBH1UA2.js Show response auth.gfx.ms/	29 KB 10 KB	19ms 18ms	Script application/javascript	2a02:26f0:6c00:29f::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/accountCorePackage_N-SJjK7ZIEWiNoJTjBH1UA2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29f::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 8b62912f299e846007bb4945388401d69ec755c79116d0e86eeb3b4fb19831c3 Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Tue, 19 Jul 2016 03:08:12 GMT PPServer PPV: 30 H: BL2IDSPRTS1A003 V: 0 ETag "0b6acc86ae1d11:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469407 Connection keep-alive Accept-Ranges bytes Content-Length 10106 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	defineUtilitiesPackage_DKpLoa0tvT6qTm3ag6xDmQ2.js Show response auth.gfx.ms/	2 KB 1 KB	27ms 24ms	Script application/javascript	2a02:26f0:6c00:283::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/defineUtilitiesPackage_DKpLoa0tvT6qTm3ag6xDmQ2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:283::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 2aee680c7b06b1113a640de397ef4464132b437b0844188e481c37ad051d9a28 Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Tue, 14 Nov 2017 23:34:27 GMT PPServer PPV: 30 H: BL2IDSPRTS1A002 V: 0 ETag "803501ca15dd31:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469436 Connection keep-alive Accept-Ranges bytes Content-Length 696 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	validationPackage_Divy7HvD8o39YWyMfek2lg2.js Show response auth.gfx.ms/	8 KB 3 KB	26ms 24ms	Script application/javascript	2a02:26f0:6c00:29f::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/validationPackage_Divy7HvD8o39YWyMfek2lg2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29f::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash a54db03952cc4cb729ff1a932c6c78724858eeb18e5688d5834dbd8130d7aa55 Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Wed, 27 Jul 2016 01:00:24 GMT PPServer PPV: 30 H: BL2IDSPRTS1A003 V: 0 ETag "0c47e41a2e7d11:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469462 Connection keep-alive Accept-Ranges bytes Content-Length 2911 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	resetPasswordPackage_fVNotyQi0Xw-Ge_yYKpn1A2.js Show response auth.gfx.ms/	93 KB 27 KB	33ms 7ms	Script application/javascript	2a02:26f0:6c00:29f::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/resetPasswordPackage_fVNotyQi0Xw-Ge_yYKpn1A2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29f::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash e851771010987108b93a445fd1b4015ff4d971d9fa89ee97d1b22e07f16ae147 Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Tue, 19 Jul 2016 03:08:30 GMT PPServer PPV: 30 H: BL2IDSPRTS1A003 V: 0 ETag "04b67d36ae1d11:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469483 Connection keep-alive Accept-Ranges bytes Content-Length 26823 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	wedcs_LNiF397omcoBqRwx9cdJug2.js Show response auth.gfx.ms/	24 KB 6 KB	14ms 13ms	Script application/javascript	2a02:26f0:6c00:283::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://auth.gfx.ms/wedcs_LNiF397omcoBqRwx9cdJug2.js Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:283::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 01298bb0a71f0f14d4b58a2827b431a69e9aba77f77f9412b540fdac031162c8 Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Wed, 28 Jun 2017 19:53:53 GMT PPServer PPV: 30 H: BL2IDSPRTS1A002 V: 0 ETag "809ed04448f0d21:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=469436 Connection keep-alive Accept-Ranges bytes Content-Length 5226 Server Microsoft-IIS/8.5
GET		getid.js cs.microsoft.com/	0 0
GET		trans_pixel.aspx c.microsoft.com/	0 0
GET H/1.1	200 OK	Microsoft_Logotype_Gray.svg auth.gfx.ms/images/	5 KB 3 KB	6ms 5ms	Image image/svg+xml	2a02:26f0:6c00:283::34ef AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://auth.gfx.ms/images/Microsoft_Logotype_Gray.svg Requested by Host: important-updates-center-029.cf URL: http://important-updates-center-029.cf/micrsharepoint/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:283::34ef , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 356f7d1241f92c9de9c9cfd0bebb6c10d1b38508a3f37cebc26329c656bad19f Request headers Referer http://important-updates-center-029.cf/micrsharepoint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 21:30:40 GMT Content-Encoding gzip Last-Modified Tue, 14 Nov 2017 23:31:15 GMT PPServer PPV: 30 H: BL2IDSPRTS1A003 V: 0 ETag "8023dfa9a05dd31:0" Vary Accept-Encoding Content-Type image/svg+xml Access-Control-Allow-Origin * Cache-Control max-age=469436 Connection keep-alive Accept-Ranges bytes Content-Length 2160 Server Microsoft-IIS/8.5

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cs.microsoft.com

URL

http://cs.microsoft.com/getid.js?jsoncb=MscomSetFPC

Domain

c.microsoft.com

URL

http://c.microsoft.com/trans_pixel.aspx?wcs.tz=0&wcs.cot=0&wcs.route=&wcs.ctrl=&wcs.ts=1558474240514&wcs.fpc=ID%253Df48a3912ca3643f68fee721c8db53a6d%2526CS%253D0%2526LV%253D201905&wcs.cd=0&wcs.eid=2a306f5b-642b-4e9a-3847-3d1ee51e1753&wcs.sr=1600x1200&wcs.bs=1600x440&wcs.rsd=important-updates-center-029.cf&wcs.rsus=%2Fmicrsharepoint%2F&wcs.rsqs=&wcs.rihs=0&wcs.cks=&wcs.ti=Microsoft%20SharePoint&wcs.v=4&wcs.vct=&wcs.vs=&wcs.vclt=&wcs.vfpv=&wcs.et=0&wcs.tr=0

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| _ge object| _d object| _dh object| $U function| registerNamespace function| GetString object| ExternalHelper function| WizardExternalHelper object| $Do object| WIZARDUIConfig object| $B object| $Config function| $ function| jQuery object| jQuery17203638698913896601 object| Debug object| wLive object| $Debug function| _ce function| _get object| Sys object| $Utility object| $Beacon function| $CD function| $CC function| $Flags function| $Enum object| $css function| smartSetTimeout object| $Cookie object| $HelpContext object| $edh object| $f object| $footer function| $Trie function| $LogoutEventHandler object| $Logout object| $baseMaster object| $Browser function| CollectGarbage function| createPopup function| navigate function| attachEvent function| detachEvent function| XMLDOMParser function| $StringBuilder object| FunctionHelper object| $Dom object| $UI object| ko object| requests object| $ReportEvent function| getId function| getKey function| defineNamespace function| defineClass function| defineSubClass function| appendFunction function| mix function| bind function| Encrypt function| PackageSAData function| PackagePwdOnly function| PackagePinOnly function| PackageLoginIntData function| PackageSADataForProof function| PackageNewPwdOnly function| PackageNewAndOldPwd function| mapByteToBase64 function| base64Encode function| byteArrayToBase64 function| parseRSAKeyFromString function| RSAEncrypt function| RSAEncryptBlock function| JSMPnumber function| duplicateMP function| byteArrayToMP function| mpToByteArray function| modularExp function| modularMultiply function| multiplyMP function| normalizeJSMP function| removeLeadingZeroes function| divideMP function| multiplyAndSubtract function| applyPKCSv2Padding function| MGF function| XORarrays function| SHA1 function| wordToBytes function| PadSHA1Input function| SHA1RoundFunction function| rotateLeft function| hexStringToMP object| PasswordValidation object| WIZARDUI function| OnBack function| OnNext function| setFocus function| evt_master_onload object| HOSTUI function| MscomInit function| MscomProvisionFPC function| MscomSetFPC function| MscomGetFPC function| MscomGetClientCookies function| MscomGetCookieKeyValue function| MscomGetCookie function| MscomSendPageView function| MscomCustomEvent function| MscomProcessClick function| MscomBeacon function| MscomGetDebugValues function| MscomSetTitle function| MscomSetTimeZoneOffSet function| MscomSetReferrer function| MscomSetTimeStamp function| MscomSetScreenResolution function| MscomSetClickStreamFlag function| MscomReadAllTags function| MscomSetCot function| MscomSetSharedData function| MscomGetCurrentSD function| MscomGetFlashInfo function| MscomGetSilverLightInfo function| MscomInitMeta function| MscomReadElementTags function| MscomSetEventId function| MscomGetBrowserSize function| MscomSetRouteCtrl function| MscomGetCTypeHpInfo function| MscomIsHP function| MscomSetCookieDisabledFlag function| GuidPart function| GenerateGuid function| MscomGetSlvVersion function| Mscomdebug function| MscomGetId function| MscomGetImageHREF function| MscomIsInList function| MscomsetEvents function| MscomGetMUID function| MscomEncode function| Mscomdecode function| MscomGetStrFromArray function| MscomResetArrays function| MscomIsPII object| wcsIAr number| wcsIArI object| wedcsCE string| wcsTPUrl number| wcsPVsFpc number| wcsEFpc number| wcsCDFpc string| wcsFpcC number| wcsFpcSet string| wcsFPCUrl number| wcsAfPV number| wcsMUIDset string| wcsOrPms object| wcsccks string| customTags string| clickInfo string| customInfo object| wcs object| na object| ms number| vs object| expireDate string| wcsSId string| metaTags

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.important-updates-center-029.cf/	1970-01-19 18:25:46	Name: MSFPC Value: ID=f48a3912ca3643f68fee721c8db53a6d&CS=0&LV=201905
			important-updates-center-029.cf/micrsharepoint	1969-12-31 23:59:59	Name: MC0 Value: 1558474240514

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://auth.gfx.ms/wLivePackage_BUgt_VA9tVPtWGX7ifSLCA2.js(Line 1) Message: FlowController.showControl(why)
console-api	log	URL: https://auth.gfx.ms/wLivePackage_BUgt_VA9tVPtWGX7ifSLCA2.js(Line 1) Message: New State [why] from [none]
console-api	log	URL: https://auth.gfx.ms/wLivePackage_BUgt_VA9tVPtWGX7ifSLCA2.js(Line 1) Message: Hooking control events for [why]
console-api	log	URL: https://auth.gfx.ms/wLivePackage_BUgt_VA9tVPtWGX7ifSLCA2.js(Line 1) Message: PageDialogControl.show()
console-api	log	URL: https://auth.gfx.ms/wLivePackage_BUgt_VA9tVPtWGX7ifSLCA2.js(Line 1) Message: PageDialogControl.getButton [action(#resetPwdWhyAction)] = 1
console-api	log	URL: https://auth.gfx.ms/wLivePackage_BUgt_VA9tVPtWGX7ifSLCA2.js(Line 1) Message: PageDialogControl.on(Click) [action]
console-api	log	URL: https://auth.gfx.ms/wLivePackage_BUgt_VA9tVPtWGX7ifSLCA2.js(Line 1) Message: PageDialogControl.getButton [cancel(#resetPwdWhyCancel)] = 0
console-api	log	URL: https://auth.gfx.ms/wLivePackage_BUgt_VA9tVPtWGX7ifSLCA2.js(Line 1) Message: FlowController.handleControlEvent [onSetupEvents] for [why]
console-api	log	URL: https://auth.gfx.ms/wLivePackage_BUgt_VA9tVPtWGX7ifSLCA2.js(Line 1) Message: FlowController.handleControlEvent [onShow] for [why]
console-api	log	URL: https://auth.gfx.ms/wLivePackage_BUgt_VA9tVPtWGX7ifSLCA2.js(Line 1) Message: PageDialogControl.~show()
console-api	log	URL: https://auth.gfx.ms/wLivePackage_BUgt_VA9tVPtWGX7ifSLCA2.js(Line 1) Message: FlowController.notifyVisible [why]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.gfx.ms
c.microsoft.com
cs.microsoft.com
important-updates-center-029.cf
c.microsoft.com
cs.microsoft.com
2a02:26f0:6c00:283::34ef
2a02:26f0:6c00:29f::34ef
3.104.121.124
01298bb0a71f0f14d4b58a2827b431a69e9aba77f77f9412b540fdac031162c8
127617f473f184116e282e43bd0781fa36c3bfba656c19c2722cb0f2ae3e2740
1fb467f7b10fb17b81588650aac7f3595ef1af6d1347e1e57293024673f1f8cc
2aee680c7b06b1113a640de397ef4464132b437b0844188e481c37ad051d9a28
356f7d1241f92c9de9c9cfd0bebb6c10d1b38508a3f37cebc26329c656bad19f
6c839475c71c8663730d2243f3249a3c6706003fa9c6f5bb64a862cee5b37cb5
786869320a7d38ae2b3a671df783549b5ac47f79294925046a4d2dfc31bc7bdb
857f692a576f9864bed14d395406693d10149179a26e4dc9ce36e6782a0ea510
8b62912f299e846007bb4945388401d69ec755c79116d0e86eeb3b4fb19831c3
921f3fb487ee81989ae938e3faa052b6e0b8e5a0a7112549774ffd6918fe7146
9a3e8da684458384b0c4491a26eed8a7ac5f6f842f3ef3185f4f320709be12e2
9d484ed2ea5d83df37f3163ea89b0ae598bc44fda47baf6736dc74a756767e8e
a54db03952cc4cb729ff1a932c6c78724858eeb18e5688d5834dbd8130d7aa55
b2766157ebf1d78b4284c68d170c066d77916e32472429845adc8b7ada274b7f
b621c9927a5ce93186803fb943eb9f0e679ca726ff9274c4790fc9cf89649a82
ba80f664bb6cb89c48c2d50baf1e5897940ed44946e902d52dd09b967616ce20
e24a8417f9e68ca635d037a403710d997fb518f305bf0db2dd0321ffd3e6694a
e851771010987108b93a445fd1b4015ff4d971d9fa89ee97d1b22e07f16ae147