Submitted URL: http://skypedwe.com/
Effective URL: https://skypedwe.com/
Submission Tags: falconsandbox
Submission: On August 05 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 202.162.98.174, located in Ho Chi Minh City, Viet Nam and belongs to CTGSERVERLIMITED-AS-AP CTG Server Limited, HK. The main domain is skypedwe.com.
TLS certificate: Issued by R10 on July 24th 2024. Valid for: 3 months.
This is the only time skypedwe.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
8 202.162.98.174 152194 (CTGSERVER...)
1 172.67.75.96 13335 (CLOUDFLAR...)
1 2606:2800:233... ()
10 4
Apex Domain
Subdomains
Transfer
8 skypedwe.com
skypedwe.com
72 KB
1 msftauth.net
logincdn.msftauth.net
1 KB
1 sskyqese.com
sskyqese.com
503 B
10 3
Domain Requested by
8 skypedwe.com skypedwe.com
1 logincdn.msftauth.net
1 sskyqese.com skypedwe.com
10 3

This site contains no links.

Subject Issuer Validity Valid
sky.n7ak.cn
R10
2024-07-24 -
2024-10-22
3 months crt.sh
sskyqese.com
WE1
2024-07-13 -
2024-10-11
3 months crt.sh
identitycdn.msauth.net
Microsoft Azure RSA TLS Issuing CA 04
2024-06-07 -
2025-06-02
a year crt.sh

This page contains 1 frames:

Primary Page: https://skypedwe.com/
Frame ID: DA1C3E910B58CBFF715F4CF413B2BA96
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

登入Skype

Page URL History Show full URLs

  1. http://skypedwe.com/ HTTP 307
    https://skypedwe.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

10
Requests

20 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

74 kB
Transfer

210 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://skypedwe.com/ HTTP 307
    https://skypedwe.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
skypedwe.com/
Redirect Chain
  • http://skypedwe.com/
  • https://skypedwe.com/
961 B
1 KB
Document
General
Full URL
https://skypedwe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.162.98.174 Ho Chi Minh City, Viet Nam, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
06dfb2d32805cc19b91c5b7c2b38197d99d2a3d3b3c0ecd38a8f9319e9a71e0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
961
content-type
text/html
date
Mon, 05 Aug 2024 07:18:06 GMT
etag
"669274c6-3c1"
last-modified
Sat, 13 Jul 2024 12:36:22 GMT
server
nginx
strict-transport-security
max-age=31536000

Redirect headers

Location
https://skypedwe.com/
Non-Authoritative-Reason
HttpsUpgrades
chunk-vendors.0d4e2b7e.js
skypedwe.com/js/
78 KB
32 KB
Script
General
Full URL
https://skypedwe.com/js/chunk-vendors.0d4e2b7e.js
Requested by
Host: skypedwe.com
URL: https://skypedwe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.162.98.174 Ho Chi Minh City, Viet Nam, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
c0fc8927c10907c0078797f288c4acf57b1576848f2f5e5bb9ad9b60a65ca870
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://skypedwe.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 07:18:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 13 Jul 2024 12:36:22 GMT
server
nginx
etag
W/"669274c6-13750"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 05 Aug 2024 19:18:07 GMT
app.5d83f22a.js
skypedwe.com/js/
30 KB
11 KB
Script
General
Full URL
https://skypedwe.com/js/app.5d83f22a.js
Requested by
Host: skypedwe.com
URL: https://skypedwe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.162.98.174 Ho Chi Minh City, Viet Nam, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e50fcce683ed6994ca085fbd5656adf0198f712743f47849438c0217ac16c1c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://skypedwe.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 07:18:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 13 Jul 2024 12:36:22 GMT
server
nginx
etag
W/"669274c6-7617"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 05 Aug 2024 19:18:07 GMT
chunk-vendors.be7abf4f.css
skypedwe.com/css/
70 KB
7 KB
Stylesheet
General
Full URL
https://skypedwe.com/css/chunk-vendors.be7abf4f.css
Requested by
Host: skypedwe.com
URL: https://skypedwe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.162.98.174 Ho Chi Minh City, Viet Nam, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
c2a13277cb28bfb9fc7b7d609f5b74a4ffed79faf5fee8c2c2dfaab0bf9b26c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://skypedwe.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 07:18:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 13 Jul 2024 12:36:22 GMT
server
nginx
etag
W/"669274c6-1182b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 05 Aug 2024 19:18:07 GMT
app.db4fae0b.css
skypedwe.com/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://skypedwe.com/css/app.db4fae0b.css
Requested by
Host: skypedwe.com
URL: https://skypedwe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.162.98.174 Ho Chi Minh City, Viet Nam, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
2977a2842c58be65966ad16ad06e2b376e01c883aa7c598c987df7d67c0de99a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://skypedwe.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 07:18:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 13 Jul 2024 12:36:22 GMT
server
nginx
etag
W/"669274c6-1930"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 05 Aug 2024 19:18:07 GMT
get_ip
sskyqese.com/node_api/
15 B
503 B
Fetch
General
Full URL
https://sskyqese.com/node_api/get_ip
Requested by
Host: skypedwe.com
URL: https://skypedwe.com/js/app.5d83f22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b90ea39ee2bc408cd2024b75a268863bc6fe0e0275c2e37189d57c4951d86f33

Request headers

Referer
https://skypedwe.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 07:18:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"f-A5Mv9vIFovRPSgAxgDk1IESpwXQ"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OLWglve%2BI%2B7OFY41hs3GalBv%2FfWOucHr5QH0QdtP9gkMGMMh4tblUqFGth8pljV724bWKgzjkUs%2Bn32HMNqgk43lpLleNb1pMb4xWf0v3L3Bo3Rw9yaRpH46MxVEG9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8ae502ec497b085c-FRA
alt-svc
h3=":443"; ma=86400
content-length
15
favicon.ico
skypedwe.com/
17 KB
17 KB
Other
General
Full URL
https://skypedwe.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.162.98.174 Ho Chi Minh City, Viet Nam, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://skypedwe.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 07:18:08 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 13 Jul 2024 12:36:22 GMT
server
nginx
etag
"669274c6-4316"
content-type
image/x-icon
accept-ranges
bytes
content-length
17174
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe6851cb848d2e42bb5213f9c4a39cbe728d3af73d4cf12237e9aa2d4d7fb791

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
s3.76e451d7.svg
skypedwe.com/img/
4 KB
2 KB
Image
General
Full URL
https://skypedwe.com/img/s3.76e451d7.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.162.98.174 Ho Chi Minh City, Viet Nam, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://skypedwe.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 07:18:15 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 13 Jul 2024 12:36:22 GMT
server
nginx
etag
W/"669274c6-e43"
vary
Accept-Encoding
content-type
image/svg+xml
documentation_dae218aac2d25462ae286ceba8d80ce2.svg
logincdn.msftauth.net/shared/1.0/content/images/
2 KB
1 KB
Image
General
Full URL
https://logincdn.msftauth.net/shared/1.0/content/images/documentation_dae218aac2d25462ae286ceba8d80ce2.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4CA6) /
Resource Hash
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea

Request headers

Referer
https://skypedwe.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Aug 2024 07:18:15 GMT
content-encoding
gzip
content-md5
6dTbAT1RVL9d6geobv3IJg==
age
11590572
x-cache
HIT
content-length
606
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:21:19 GMT
server
ECAcc (frc/4CA6)
etag
0x8DB5C409DB3FCBC
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ce27f916-f01e-004c-5b9d-7d7d2e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin_options_4e48046ce74f4b89d450.dacb6be2.svg
skypedwe.com/img/
2 KB
820 B
Image
General
Full URL
https://skypedwe.com/img/signin_options_4e48046ce74f4b89d450.dacb6be2.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.162.98.174 Ho Chi Minh City, Viet Nam, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://skypedwe.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 07:18:15 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 13 Jul 2024 12:36:22 GMT
server
nginx
etag
W/"669274c6-638"
vary
Accept-Encoding
content-type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkskype_view object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000