skypedwe.com
Open in
urlscan Pro
202.162.98.174
Malicious Activity!
Public Scan
Effective URL: https://skypedwe.com/
Submission Tags: falconsandbox
Submission: On August 05 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R10 on July 24th 2024. Valid for: 3 months.
This is the only time skypedwe.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 202.162.98.174 202.162.98.174 | 152194 (CTGSERVER...) (CTGSERVERLIMITED-AS-AP CTG Server Limited) | |
1 | 172.67.75.96 172.67.75.96 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c | () () | |
10 | 4 |
ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)
skypedwe.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
skypedwe.com
skypedwe.com |
72 KB |
1 |
msftauth.net
logincdn.msftauth.net |
1 KB |
1 |
sskyqese.com
sskyqese.com |
503 B |
10 | 3 |
Domain | Requested by | |
---|---|---|
8 | skypedwe.com |
skypedwe.com
|
1 | logincdn.msftauth.net | |
1 | sskyqese.com |
skypedwe.com
|
10 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sky.n7ak.cn R10 |
2024-07-24 - 2024-10-22 |
3 months | crt.sh |
sskyqese.com WE1 |
2024-07-13 - 2024-10-11 |
3 months | crt.sh |
identitycdn.msauth.net Microsoft Azure RSA TLS Issuing CA 04 |
2024-06-07 - 2025-06-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://skypedwe.com/
Frame ID: DA1C3E910B58CBFF715F4CF413B2BA96
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
登入SkypePage URL History Show full URLs
-
http://skypedwe.com/
HTTP 307
https://skypedwe.com/ Page URL
Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://skypedwe.com/
HTTP 307
https://skypedwe.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
skypedwe.com/ Redirect Chain
|
961 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.0d4e2b7e.js
skypedwe.com/js/ |
78 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.5d83f22a.js
skypedwe.com/js/ |
30 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.be7abf4f.css
skypedwe.com/css/ |
70 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.db4fae0b.css
skypedwe.com/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
get_ip
sskyqese.com/node_api/ |
15 B 503 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
skypedwe.com/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s3.76e451d7.svg
skypedwe.com/img/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
documentation_dae218aac2d25462ae286ceba8d80ce2.svg
logincdn.msftauth.net/shared/1.0/content/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin_options_4e48046ce74f4b89d450.dacb6be2.svg
skypedwe.com/img/ |
2 KB 820 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunkskype_view object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
logincdn.msftauth.net
skypedwe.com
sskyqese.com
172.67.75.96
202.162.98.174
2606:2800:233:1cb7:261b:1f9c:2074:3c
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
06dfb2d32805cc19b91c5b7c2b38197d99d2a3d3b3c0ecd38a8f9319e9a71e0f
2977a2842c58be65966ad16ad06e2b376e01c883aa7c598c987df7d67c0de99a
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea
b90ea39ee2bc408cd2024b75a268863bc6fe0e0275c2e37189d57c4951d86f33
c0fc8927c10907c0078797f288c4acf57b1576848f2f5e5bb9ad9b60a65ca870
c2a13277cb28bfb9fc7b7d609f5b74a4ffed79faf5fee8c2c2dfaab0bf9b26c3
e50fcce683ed6994ca085fbd5656adf0198f712743f47849438c0217ac16c1c1
fe6851cb848d2e42bb5213f9c4a39cbe728d3af73d4cf12237e9aa2d4d7fb791