URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Submission: On July 11 via manual from US

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 18 HTTP transactions.
The main IP is 168.62.224.13, located in Chicago, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is secure.proficiency.org.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 3rd 2019. Valid for: a year.
This is the first time this domain was scanned on urlscan.io!

Verdict: Malicious (Score: 100/100) Show Details

  • urlscan - Score: 100
    phishing
    Phishing against Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
12 168.62.224.13 8075 (MICROSOFT...)
6 52.85.182.101 16509 (AMAZON-02)
18 2
Domain
Subdomains
Transfer
12 proficiency.org
345 KB
6 d2i2wahzwrm1n5.cloudfront.net
92 KB
18 2
Domain Requested by
12 secure.proficiency.org secure.proficiency.org
6 d2i2wahzwrm1n5.cloudfront.net secure.proficiency.org
18 2

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
secure.gcmtotalsolutions.com
Go Daddy Secure Certificate Authority - G2
2019-06-03 -
2020-06-03
a year
*.cloudfront.net
DigiCert Global CA G2
2018-10-08 -
2019-10-09
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
  • url /\.aspx?(?:$|\?)/i
  • html /<input[^>]+name="__VIEWSTATE/i

Web
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
  • html /<input[^>]+name="__VIEWSTATE/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
  • url /\.aspx?(?:$|\?)/i
  • html /<input[^>]+name="__VIEWSTATE/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set default.aspx?cID=1&logoff=true
/customers
13 KB
7 KB
Document
General
Full URL
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-ch1-001.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
fe26902a4218fd6b98354a363fb5c7aea313de70cf5486f5aa3e63916b52627f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Host
secure.proficiency.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
private
Content-Length
6715
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
ASP.NET_SessionId=aubperyho1mqquxtvhhoujsz; path=/; HttpOnly RealName=; expires=Wed, 10-Jul-2019 21:19:00 GMT; path=/ UserName=; expires=Wed, 10-Jul-2019 21:19:00 GMT; path=/ UserID=; expires=Wed, 10-Jul-2019 21:19:00 GMT; path=/ Password=; expires=Wed, 10-Jul-2019 21:19:00 GMT; path=/ ClubID=; expires=Wed, 10-Jul-2019 21:19:00 GMT; path=/ ARRAffinity=8e3d5945daae2ee319dc32df76db9508a10a2c29f13be267cfc0520b2a15809c;Path=/;HttpOnly;Domain=secure.proficiency.org
X-AspNet-Version
4.0.30319
Request-Context
appId=cid-v1:4da1b9dc-872a-4671-b77b-fa82579b1768
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self'
Date
Thu, 11 Jul 2019 21:18:59 GMT
customer.css
/includes
1 KB
1 KB
Stylesheet
General
Full URL
https://secure.proficiency.org/includes/customer.css
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-ch1-001.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
ecf1a29eec5818834c98c75115f6e983f1bcd80bbe64c25d35debf2932f41f1a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Wed, 06 Feb 2019 03:32:33 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
SAMEORIGIN
ETag
"ab6ccc98ccbdd41:0"
Vary
Accept-Encoding
Content-Type
text/css
Date
Thu, 11 Jul 2019 21:19:00 GMT
Accept-Ranges
bytes
Content-Length
741
Request-Context
appId=cid-v1:4da1b9dc-872a-4671-b77b-fa82579b1768
WebResource.axd?d=pynGkmcFUV13He1Qd6_TZGLt1Nhdk37vWsp7VjlrpLTs-dA2jpfJlDDrXy7OHGinnJKClAh9pn64U7kzCIBOIA2&t=636940001807954174
23 KB
6 KB
Script
General
Full URL
https://secure.proficiency.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZGLt1Nhdk37vWsp7VjlrpLTs-dA2jpfJlDDrXy7OHGinnJKClAh9pn64U7kzCIBOIA2&t=636940001807954174
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-ch1-001.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Tue, 21 May 2019 01:49:40 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Date
Thu, 11 Jul 2019 21:19:02 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public
Request-Context
appId=cid-v1:4da1b9dc-872a-4671-b77b-fa82579b1768
Content-Length
6007
Expires
Fri, 10 Jul 2020 12:10:43 GMT
WebResource.axd?d=rhRRvYQTYv6mNRHqzCKJ7jIjqkc39p7GJZ40TeU9PL0PGaqYtWACcPFRdT6F4nCQ87BK5RaAO2HPMG03H5ah23_KCX9j5DzMRAZoPpWQ4nIkDpY-udoeOIfiG4H4s_y6I3K_kkh2aYOq1SjQR6bGsg2&t=636533781088774363
11 KB
3 KB
Stylesheet
General
Full URL
https://secure.proficiency.org/WebResource.axd?d=rhRRvYQTYv6mNRHqzCKJ7jIjqkc39p7GJZ40TeU9PL0PGaqYtWACcPFRdT6F4nCQ87BK5RaAO2HPMG03H5ah23_KCX9j5DzMRAZoPpWQ4nIkDpY-udoeOIfiG4H4s_y6I3K_kkh2aYOq1SjQR6bGsg2&t=636533781088774363
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-ch1-001.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
419f5efc478dfbf45830d4b84ce0d064601688349194ecd0ff68d8c77fc9a9d9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Sun, 04 Feb 2018 21:55:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Date
Thu, 11 Jul 2019 21:19:00 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Request-Context
appId=cid-v1:4da1b9dc-872a-4671-b77b-fa82579b1768
Content-Length
2501
Expires
Fri, 10 Jul 2020 12:10:57 GMT
WebResource.axd?d=6d0ORl_GDQ8il0vfaye5YT8TsJF1qSF6WbeHjXWVVNNS-e7X0X4bkTm4A2fCXQ_x2Wj3sGnLXkmMjikpLX_lUODuJKh8IAx5HbEgNXZFsr9k2AMzxT-e2-e7C3RASTXAnuXTEJ43wGlnkL8w0zS_tw2&t=636533781088774363
1 KB
1001 B
Stylesheet
General
Full URL
https://secure.proficiency.org/WebResource.axd?d=6d0ORl_GDQ8il0vfaye5YT8TsJF1qSF6WbeHjXWVVNNS-e7X0X4bkTm4A2fCXQ_x2Wj3sGnLXkmMjikpLX_lUODuJKh8IAx5HbEgNXZFsr9k2AMzxT-e2-e7C3RASTXAnuXTEJ43wGlnkL8w0zS_tw2&t=636533781088774363
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-ch1-001.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
4c7cb6c3c4be6580aa49c0bf23a13c2b0402e266e7be45c40a82f41a9f04cae3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Sun, 04 Feb 2018 21:55:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Date
Thu, 11 Jul 2019 21:19:00 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Request-Context
appId=cid-v1:4da1b9dc-872a-4671-b77b-fa82579b1768
Content-Length
541
Expires
Fri, 10 Jul 2020 12:10:57 GMT
WebResource.axd?d=VdPoLqp1pEU6N0-IfFplZG7B9Xps_-kJnlglaFF95Hu2LorhCVhRLG-JholuHiG0QAmm9ufv0IfSvFBeJ8otYLP0aq1sblQLjTqZca6Q16PyUXTCFsEv9tooxQbRAbEtaVBlG6ivFb7IS5ORAeqfwA2&t=636533781088774363
22 KB
7 KB
Stylesheet
General
Full URL
https://secure.proficiency.org/WebResource.axd?d=VdPoLqp1pEU6N0-IfFplZG7B9Xps_-kJnlglaFF95Hu2LorhCVhRLG-JholuHiG0QAmm9ufv0IfSvFBeJ8otYLP0aq1sblQLjTqZca6Q16PyUXTCFsEv9tooxQbRAbEtaVBlG6ivFb7IS5ORAeqfwA2&t=636533781088774363
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-ch1-001.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
fbac1766ac672c1852a114032584b8d3351c735b11e52b310368ccdaee7f78e0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Sun, 04 Feb 2018 21:55:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Date
Thu, 11 Jul 2019 21:19:01 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Request-Context
appId=cid-v1:4da1b9dc-872a-4671-b77b-fa82579b1768
Content-Length
6971
Expires
Fri, 10 Jul 2020 12:10:57 GMT
WebResource.axd?d=ki1n1Eahlh7Hg67y-z8gJoVZIvEQc4ft9YZrY9Jmr1tLJNRKRY_tIYa9z-GyOaqjm43lRI225SgikC7Ho6qWjB0spBqe-Y0fEU5O3aL6tbP_GonTfmkGHRg6peXwCSB3Dvu92nIfiKFgPjMPFom20g2&t=636533781088774363
4 KB
2 KB
Stylesheet
General
Full URL
https://secure.proficiency.org/WebResource.axd?d=ki1n1Eahlh7Hg67y-z8gJoVZIvEQc4ft9YZrY9Jmr1tLJNRKRY_tIYa9z-GyOaqjm43lRI225SgikC7Ho6qWjB0spBqe-Y0fEU5O3aL6tbP_GonTfmkGHRg6peXwCSB3Dvu92nIfiKFgPjMPFom20g2&t=636533781088774363
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-ch1-001.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
d436f4ca07b11e9071da3685d057b6028ca5d7d3b67fe29ec9e1e2f935fe6ff4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Sun, 04 Feb 2018 21:55:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Date
Thu, 11 Jul 2019 21:19:01 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Request-Context
appId=cid-v1:4da1b9dc-872a-4671-b77b-fa82579b1768
Content-Length
1597
Expires
Fri, 10 Jul 2020 12:13:31 GMT
WebResource.axd?d=zozFI0ndEpVTEe6YmZ4Mnyee0xvvVygzDuGTZ_oFjqb3igzL-Gu-2ExwCqnfvZnEZRYxWAH3_59qr4Drz1DsirvSnfZ75cmGg7mNAoE3sbRG87J7EQXVJq54a6zhsmT_wxP4BjDvHt74RK3VtHDTXlwxiNJQTyO6mB84_KnIOPA1&t=6365...
2 KB
1 KB
Stylesheet
General
Full URL
https://secure.proficiency.org/WebResource.axd?d=zozFI0ndEpVTEe6YmZ4Mnyee0xvvVygzDuGTZ_oFjqb3igzL-Gu-2ExwCqnfvZnEZRYxWAH3_59qr4Drz1DsirvSnfZ75cmGg7mNAoE3sbRG87J7EQXVJq54a6zhsmT_wxP4BjDvHt74RK3VtHDTXlwxiNJQTyO6mB84_KnIOPA1&t=636533781088774363
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-ch1-001.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
0e6361c652546e8dc9a2ac9b90e7c38a2ef2061cf530f894b822c4013878fdf6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Sun, 04 Feb 2018 21:55:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Date
Thu, 11 Jul 2019 21:19:01 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Request-Context
appId=cid-v1:4da1b9dc-872a-4671-b77b-fa82579b1768
Content-Length
938
Expires
Fri, 10 Jul 2020 12:13:31 GMT
WebResource.axd?d=qpDogBCh8B2zFH7Wt5kgoNVwYSzNmJ2TkrdQnE_Pka9jfMBAJv-WhpYPCJVnK4NeywyNio2WTj3yfi8o21z-OX-8wHI6jw0T2lSe_x7NAqNnl8t7i16poUA30dztnMoTROgA_pkSBKwnmXAIaqzcQw2&t=636533781088774363
5 KB
2 KB
Stylesheet
General
Full URL
https://secure.proficiency.org/WebResource.axd?d=qpDogBCh8B2zFH7Wt5kgoNVwYSzNmJ2TkrdQnE_Pka9jfMBAJv-WhpYPCJVnK4NeywyNio2WTj3yfi8o21z-OX-8wHI6jw0T2lSe_x7NAqNnl8t7i16poUA30dztnMoTROgA_pkSBKwnmXAIaqzcQw2&t=636533781088774363
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-ch1-001.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
5ec7c72cb0357bbec894977ecd2bdc6fbd453995682be5f3b028c69176656f92
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Sun, 04 Feb 2018 21:55:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Date
Thu, 11 Jul 2019 21:19:01 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Request-Context
appId=cid-v1:4da1b9dc-872a-4671-b77b-fa82579b1768
Content-Length
1779
Expires
Fri, 10 Jul 2020 12:13:31 GMT
WebResource.axd?d=NZp3oGkpijSHfvYvEXDUvA5QoEYetRj0EGWaHnfjqmMUMDj51sS7B5AJnMt1ziIVyDmN-qKvZDluQB8mk8Nimyb6fJN4xFF4JAzMjNqRWCExKnqbP5wA9jBbsz46ddZ4cYEA0jNARNkeQBoYSEW7IC9m48NSiPJbo5DLzqFflM01&t=6365...
3 KB
1 KB
Stylesheet
General
Full URL
https://secure.proficiency.org/WebResource.axd?d=NZp3oGkpijSHfvYvEXDUvA5QoEYetRj0EGWaHnfjqmMUMDj51sS7B5AJnMt1ziIVyDmN-qKvZDluQB8mk8Nimyb6fJN4xFF4JAzMjNqRWCExKnqbP5wA9jBbsz46ddZ4cYEA0jNARNkeQBoYSEW7IC9m48NSiPJbo5DLzqFflM01&t=636533781088774363
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-ch1-001.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
a7310b56e3575a7d16ce7d66e36ba262d266d54a2cd53ba5581dc64d59930ac2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Sun, 04 Feb 2018 21:55:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Date
Thu, 11 Jul 2019 21:19:02 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Request-Context
appId=cid-v1:4da1b9dc-872a-4671-b77b-fa82579b1768
Content-Length
771
Expires
Fri, 10 Jul 2020 12:13:31 GMT
Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31b...
140 KB
35 KB
Script
General
Full URL
https://secure.proficiency.org/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3ab7585254-495e-4311-9545-1f910247aca5%3aea597d4b%3ab25378d2
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-ch1-001.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
cc49c0ec309f1e68bdefade6456183700278be6e4cc30897d4bbf87eaf2b4db8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Wed, 13 Sep 2017 00:00:00 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Date
Thu, 11 Jul 2019 21:19:02 GMT
Vary
User-Agent
Content-Type
application/x-javascript
Cache-Control
public, max-age=31536000
Request-Context
appId=cid-v1:4da1b9dc-872a-4671-b77b-fa82579b1768
Content-Length
35161
Expires
Fri, 10 Jul 2020 21:19:03 GMT
Core.js
d2i2wahzwrm1n5.cloudfront.net/ajaxz/2017.3.913/Common
67 KB
18 KB
Script
General
Full URL
https://d2i2wahzwrm1n5.cloudfront.net/ajaxz/2017.3.913/Common/Core.js
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.182.101 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-182-101.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5923a6611f288633d8d94245df1da583e8cee46a3d72f0a5d4b29a0b7605541

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 08 Jun 2019 04:43:49 GMT
content-encoding
gzip
age
2910913
x-cache
Hit from cloudfront
status
200
content-length
18019
last-modified
Wed, 13 Sep 2017 17:51:43 GMT
server
AmazonS3
etag
"5a696e31d6e26bcb17cdbe40af37ceef"
content-type
application/x-javascript
via
1.1 da44a033908207250002410c047e8764.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50
accept-ranges
bytes
x-amz-cf-id
JYMlO96q_KcS8eugisAX7SeqqoRIT50EbM6CWEsh6cw1sAqmwJfLdw==
expires
Mon, 13 Sep 2027 17:51:05 GMT
MaterialRippleScripts.js
d2i2wahzwrm1n5.cloudfront.net/ajaxz/2017.3.913/Common/MaterialRipple
12 KB
4 KB
Script
General
Full URL
https://d2i2wahzwrm1n5.cloudfront.net/ajaxz/2017.3.913/Common/MaterialRipple/MaterialRippleScripts.js
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.182.101 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-182-101.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7c85dc88b397cac9022dc5673579971d0aa5a2d253dab47b77b860832851f1a

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 May 2019 01:21:46 GMT
content-encoding
gzip
age
4910236
x-cache
Hit from cloudfront
status
200
content-length
3694
last-modified
Wed, 13 Sep 2017 17:51:33 GMT
server
AmazonS3
etag
"05518a22d9caa088b57bb9823e8e442b"
content-type
application/x-javascript
via
1.1 da44a033908207250002410c047e8764.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50
accept-ranges
bytes
x-amz-cf-id
dsHEIeYrBWD-vmHs7NVyK0D1RFdWeayDmSGuteLC33IEhFASEAJ0Mg==
expires
Mon, 13 Sep 2027 17:51:05 GMT
RadInputScript.js
d2i2wahzwrm1n5.cloudfront.net/ajaxz/2017.3.913/Input/TextBox
60 KB
12 KB
Script
General
Full URL
https://d2i2wahzwrm1n5.cloudfront.net/ajaxz/2017.3.913/Input/TextBox/RadInputScript.js
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.182.101 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-182-101.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fddcc6ba29cdc40d1b81b139d2ad7bc0f79aaf8250e9266d944ecc5791bfe6f5

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 06:10:39 GMT
content-encoding
gzip
age
5843303
x-cache
Hit from cloudfront
status
200
content-length
11359
last-modified
Wed, 13 Sep 2017 17:51:13 GMT
server
AmazonS3
etag
"671b421f59ff270b635420f00b6f3e77"
content-type
application/x-javascript
via
1.1 da44a033908207250002410c047e8764.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50
accept-ranges
bytes
x-amz-cf-id
tgbI2liO6tilk0GphQ1GDfkAl29yZ8R-2wuAHmLjWQNDUC7LhcvQ6g==
expires
Mon, 13 Sep 2027 17:51:05 GMT
jQuery.js
d2i2wahzwrm1n5.cloudfront.net/ajaxz/2017.3.913/Common
94 KB
33 KB
Script
General
Full URL
https://d2i2wahzwrm1n5.cloudfront.net/ajaxz/2017.3.913/Common/jQuery.js
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.182.101 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-182-101.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1093de22dddbd83426ed457d3029d430770571ff71f083576333509a9b0e6d9

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 May 2019 01:31:54 GMT
content-encoding
gzip
age
4391227
x-cache
Hit from cloudfront
status
200
content-length
33243
last-modified
Wed, 13 Sep 2017 17:51:48 GMT
server
AmazonS3
etag
"d2dd67d7ebe5452ac37f7a615bd72ff9"
content-type
application/x-javascript
via
1.1 da44a033908207250002410c047e8764.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50
accept-ranges
bytes
x-amz-cf-id
x27WoRo0PQCUan8f66iPJI7lbYiqbQPuPdslA8PU-dEJpvLvrVkfNA==
expires
Mon, 13 Sep 2027 17:51:05 GMT
jQueryPlugins.js
d2i2wahzwrm1n5.cloudfront.net/ajaxz/2017.3.913/Common
12 KB
4 KB
Script
General
Full URL
https://d2i2wahzwrm1n5.cloudfront.net/ajaxz/2017.3.913/Common/jQueryPlugins.js
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.182.101 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-182-101.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04883a88645d4a6f541c7b5d649a8780cb88e51c7e4e412ace2a1118ca8b542f

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 07 Jun 2019 02:59:44 GMT
content-encoding
gzip
age
3003558
x-cache
Hit from cloudfront
status
200
content-length
4153
last-modified
Wed, 13 Sep 2017 17:51:23 GMT
server
AmazonS3
etag
"bf3e4dba7495236dbe2cba3d0b849f13"
content-type
application/x-javascript
via
1.1 da44a033908207250002410c047e8764.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50
accept-ranges
bytes
x-amz-cf-id
v9HX0F-49u-vutjmF7-fUmUseI1vhOYqk_pRgntPDgbKY_U9MljWvw==
expires
Mon, 13 Sep 2027 17:51:05 GMT
RadButtonScripts.js
d2i2wahzwrm1n5.cloudfront.net/ajaxz/2017.3.913/Button
104 KB
21 KB
Script
General
Full URL
https://d2i2wahzwrm1n5.cloudfront.net/ajaxz/2017.3.913/Button/RadButtonScripts.js
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.182.101 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-182-101.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
072de0984ec31d0e022ee49bb6913881b74ac821ec4f73ba03a1365fdb83c02c

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 04:27:37 GMT
content-encoding
gzip
age
5849485
x-cache
Hit from cloudfront
status
200
content-length
21385
last-modified
Wed, 13 Sep 2017 17:51:14 GMT
server
AmazonS3
etag
"8a89a823cddd5cb5e52a72f507bb0458"
content-type
application/x-javascript
via
1.1 da44a033908207250002410c047e8764.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50
accept-ranges
bytes
x-amz-cf-id
ELQsCWat9jzjIXc62jeuNDiycsd57SZczbhmtvpLOgeuU1F1iKq97Q==
expires
Mon, 13 Sep 2027 17:51:05 GMT
CustomerPage-Background.jpg
/includes/images
277 KB
277 KB
Image
General
Full URL
https://secure.proficiency.org/includes/images/CustomerPage-Background.jpg
Requested by
Host: secure.proficiency.org
URL: https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-ch1-001.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.proficiency.org/customers/default.aspx?cID=1&logoff=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Wed, 06 Feb 2019 03:32:38 GMT
Server
Microsoft-IIS/10.0
ETag
"7b3b829bccbdd41:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Date
Thu, 11 Jul 2019 21:19:02 GMT
Accept-Ranges
bytes
Content-Length
283351
Request-Context
appId=cid-v1:4da1b9dc-872a-4671-b77b-fa82579b1768

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan - Score: 100

Categories:
phishing

Tags:
phishing

Phishing against: Microsoft (Consumer)

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| OnKeyPress object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events object| commonScripts object| Telerik object| $telerik object| TelerikCommonScripts undefined| $ undefined| jQuery

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN