skybilling-updated.com
Open in
urlscan Pro
185.61.154.5
Malicious Activity!
Public Scan
Submission Tags: phishing malicious Search All
Submission: On January 26 via api from US
Summary
This is the only time skybilling-updated.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Halifax Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 25 | 185.61.154.5 185.61.154.5 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
24 | 1 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server248-2.web-hosting.com
skybilling-updated.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
skybilling-updated.com
1 redirects
skybilling-updated.com |
438 KB |
24 | 1 |
Domain | Requested by | |
---|---|---|
25 | skybilling-updated.com |
1 redirects
skybilling-updated.com
|
24 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://skybilling-updated.com/secure/banks/halifax-online.co.uk/
Frame ID: ED83B6451BB1E787F5D43BEC756F8EE5
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://skybilling-updated.com/secure/banks/halifax-online.co.uk
HTTP 301
http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://skybilling-updated.com/secure/banks/halifax-online.co.uk
HTTP 301
http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
skybilling-updated.com/secure/banks/halifax-online.co.uk/ Redirect Chain
|
24 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global1-min140807.css
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/ |
236 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global2-min140729.css
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/ |
272 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yeah-js.css
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/ |
630 B 524 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-min140807.js
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/ |
488 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scriptsnippet.jspf
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/ |
50 KB 50 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global-min140807.js
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/ |
524 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom-min140729.js
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
progressbar.js
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/ |
2 KB 778 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
583.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
continue.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
101.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ad1.jpg
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ad2.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ad3.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
74 KB 75 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_bg.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
410 B 596 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_scrn.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
padlock_secureMsg.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
872 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_lo.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
180 B 366 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
horiz_div.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
98 B 283 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
180 B 366 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer_bg.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
238 B 424 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
secondary_accordion_bg.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
162 B 348 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plus.png
skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ |
515 B 701 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Halifax Bank (Banking)39 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| Aes object| Base64 object| Utf8 string| hea2p string| hea2t string| output string| ctrTxt object| swfobject object| LBG function| $ function| jQuery function| DP_jQuery object| campaignScripts object| Messages object| DI function| AspectCollection function| bankInputFocusHandler function| bankInputBlurHandler function| setBankBrowseLinks function| displayResults function| getJsonResults object| cur number| interval number| timeStep number| lastTime function| goFwd function| goBack function| back function| forward function| showPause function| showPlay function| start boolean| hasDuplicate object| $initElements1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
skybilling-updated.com/ | Name: PHPSESSID Value: 97bfede295145abf1452e0a122ac9aad |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
skybilling-updated.com
185.61.154.5
06477cbb34ee2cebc77845e54509b3f146982cfb15dc65d547fb52b60e82d63e
23ab30355da2b99fe837f423f33b70c8355a1ad871a8bff9da12f76fdfab68cd
31105bd27cef6c4194a8c2321896636fe2a761e5f4d68c2bdac1a5d88275352f
355b5c45d1515da771d3506f604a124d055a6aa7541793776599efc0f6f53e53
3e84ed2e39cddc9772709e16b447cab495863c9c7e2c51843ab447cab04ef61d
5429563ef6fb1bfb565142b8466fccd64684b08ea9725dadb8395c94a1913a95
56d5bdbb170ef769250396f9cc9da6091103e2d73b83acb4dd696cbb003281c2
6397fb29be11aa0141c0078103bb7875ef0315669ed9ce9f1dd297f8d3860759
6f1ffe1dd280ac3d04df2bbd47991d0e194d89240aa68982c0fc5d005e3ab9f5
7c455b6627629be4ce63d760888b316cabe0ad3dfd353f633a0f1f8608b98d3a
8cc1e1b00b7b6212ca939139843bf8d258f94e203e76669381b92738ad24c435
96c81f09d628ef873723fa1c83dc2d6274ee182477c1994ed22063c15161b23a
a9ba92bf7baffa72e78ab7a2772f99e85ca7b033733a246efa81f97575264732
ae129cb1d5b77a0c194b7cce7ba1740386bf6053c50003e487f95408cd33fa8e
ba380237b4c7838d5751356ae573e6d2fea8014b83b13a13ae12c4095009a8d5
c5bafb009f4e1f964a63551c8b5201ea67476bf837dde26795f1b184c008ea51
cb03f9cc18b77935eecf6e81108264305d0f1c1d7e80ea1d889af60bcd4222d5
d7502edec4d603cecaf6bedefcc80f0b0ad36d414d42e7b3c6421dcfb4142363
dd11e419ee50c9703ff820a6e64f01c9b8c7c7b6b4e820f02d734f24036e5652
e1c71520d373b7b607916d6b4353670e5f01777fce2e5bf7279a6fc676e10d4c
e388cd0c4c733d2162b59838f5d6de0747133ea1194280b34f4e5aadf4e9c1c8
e5da09408be49cb69aca3978e1c90d21ec9f9f3acb1d5ab749ee3630f4f3fea3
ee98c8c3234bf0d33163b027a50dd242b8c8574d8790bfc7a6dd142c44f4f001
f67491f0e2977cfdc9042ab933668392132fbdb101e3d507a3b200234c3d7901