skybilling-updated.com Open in urlscan Pro
185.61.154.5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://skybilling-updated.com/secure/banks/halifax-online.co.uk/
Submission Tags: phishing malicious Search All
Submission: On January 26 via api (January 26th 2021, 12:58:55 am UTC) from US

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 24 HTTP transactions. The main IP is 185.61.154.5, located in United Kingdom and belongs to NAMECHEAP-NET, US. The main domain is skybilling-updated.com.

This is the only time skybilling-updated.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Halifax Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 25	185.61.154.5 185.61.154.5		22612 (NAMECHEAP...) (NAMECHEAP-NET)
24	1

25 185.61.154.5 (United Kingdom) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server248-2.web-hosting.com

skybilling-updated.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	skybilling-updated.com 1 redirects skybilling-updated.com	438 KB
24	1

	Domain	Requested by
25	skybilling-updated.com	1 redirects skybilling-updated.com
24	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/
Frame ID: ED83B6451BB1E787F5D43BEC756F8EE5
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://skybilling-updated.com/secure/banks/halifax-online.co.uk HTTP 301
http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

24
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

438 kB
Transfer

1720 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://skybilling-updated.com/secure/banks/halifax-online.co.uk HTTP 301
http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response skybilling-updated.com/secure/banks/halifax-online.co.uk/ Redirect Chain http://skybilling-updated.com/secure/banks/halifax-online.co.uk http://skybilling-updated.com/secure/banks/halifax-online.co.uk/	24 KB 15 KB	148ms 147ms	Document text/html	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / PHP/7.2.34 Resource Hash `8cc1e1b00b7b6212ca939139843bf8d258f94e203e76669381b92738ad24c435` Request headers Host skybilling-updated.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT server Apache x-powered-by PHP/7.2.34 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache set-cookie PHPSESSID=97bfede295145abf1452e0a122ac9aad; path=/ vary Accept-Encoding content-encoding gzip content-length 15320 content-type text/html; charset=UTF-8 Redirect headers date Tue, 26 Jan 2021 00:58:37 GMT server Apache location http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ content-length 272 content-type text/html; charset=iso-8859-1
GET H/1.1	200 OK	global1-min140807.css skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/	236 KB 41 KB	43ms 40ms	Stylesheet text/css	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `e388cd0c4c733d2162b59838f5d6de0747133ea1194280b34f4e5aadf4e9c1c8` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT content-encoding gzip last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 41689
GET H/1.1	200 OK	global2-min140729.css skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/	272 KB 43 KB	66ms 50ms	Stylesheet text/css	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global2-min140729.css Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `23ab30355da2b99fe837f423f33b70c8355a1ad871a8bff9da12f76fdfab68cd` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT content-encoding gzip last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 44206
GET H/1.1	200 OK	yeah-js.css skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/	630 B 524 B	53ms 38ms	Stylesheet text/css	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/yeah-js.css Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `f67491f0e2977cfdc9042ab933668392132fbdb101e3d507a3b200234c3d7901` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT content-encoding gzip last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 292
GET H/1.1	200 OK	jquery-min140807.js Show response skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/	488 KB 86 KB	68ms 52ms	Script application/javascript	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/jquery-min140807.js Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `e1c71520d373b7b607916d6b4353670e5f01777fce2e5bf7279a6fc676e10d4c` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT content-encoding gzip last-modified Sat, 17 Oct 2020 17:34:40 GMT server Apache vary Accept-Encoding content-type application/javascript transfer-encoding chunked accept-ranges bytes
GET H/1.1	200 OK	scriptsnippet.jspf Show response skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/	50 KB 50 KB	53ms 37ms	Script text/plain	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/scriptsnippet.jspf Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `cb03f9cc18b77935eecf6e81108264305d0f1c1d7e80ea1d889af60bcd4222d5` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:40 GMT server Apache accept-ranges bytes content-length 51348
GET H/1.1	200 OK	global-min140807.js Show response skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/	524 KB 78 KB	69ms 54ms	Script application/javascript	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/global-min140807.js Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `e5da09408be49cb69aca3978e1c90d21ec9f9f3acb1d5ab749ee3630f4f3fea3` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT content-encoding gzip last-modified Sat, 17 Oct 2020 17:34:40 GMT server Apache vary Accept-Encoding content-type application/javascript transfer-encoding chunked accept-ranges bytes
GET H/1.1	200 OK	custom-min140729.js Show response skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/	5 KB 1 KB	82ms 29ms	Script application/javascript	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/custom-min140729.js Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `31105bd27cef6c4194a8c2321896636fe2a761e5f4d68c2bdac1a5d88275352f` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT content-encoding gzip last-modified Sat, 17 Oct 2020 17:34:40 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1269
GET H/1.1	200 OK	progressbar.js Show response skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/	2 KB 778 B	90ms 29ms	Script application/javascript	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/js/progressbar.js Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `d7502edec4d603cecaf6bedefcc80f0b0ad36d414d42e7b3c6421dcfb4142363` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT content-encoding gzip last-modified Sat, 17 Oct 2020 17:34:40 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 532
GET H/1.1	200 OK	583.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	3 KB 3 KB	30ms 29ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/583.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `c5bafb009f4e1f964a63551c8b5201ea67476bf837dde26795f1b184c008ea51` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 2884 content-type image/png
GET H/1.1	200 OK	continue.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	1 KB 2 KB	30ms 29ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/continue.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `ae129cb1d5b77a0c194b7cce7ba1740386bf6053c50003e487f95408cd33fa8e` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 1406 content-type image/png
GET H/1.1	200 OK	101.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	3 KB 3 KB	29ms 28ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/101.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `ba380237b4c7838d5751356ae573e6d2fea8014b83b13a13ae12c4095009a8d5` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 2703 content-type image/png
GET H/1.1	200 OK	ad1.jpg skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	20 KB 20 KB	29ms 28ms	Image image/jpeg	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ad1.jpg Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `3e84ed2e39cddc9772709e16b447cab495863c9c7e2c51843ab447cab04ef61d` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 20040 content-type image/jpeg
GET H/1.1	200 OK	ad2.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	12 KB 13 KB	28ms 27ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ad2.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `06477cbb34ee2cebc77845e54509b3f146982cfb15dc65d547fb52b60e82d63e` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 12717 content-type image/png
GET H/1.1	200 OK	ad3.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	74 KB 75 KB	28ms 27ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/ad3.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `ee98c8c3234bf0d33163b027a50dd242b8c8574d8790bfc7a6dd142c44f4f001` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 76127 content-type image/png
GET H/1.1	200 OK	header_bg.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	410 B 596 B	27ms 27ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/header_bg.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `5429563ef6fb1bfb565142b8466fccd64684b08ea9725dadb8395c94a1913a95` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 410 content-type image/png
GET H/1.1	200 OK	logo_scrn.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	3 KB 3 KB	27ms 27ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/logo_scrn.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `a9ba92bf7baffa72e78ab7a2772f99e85ca7b033733a246efa81f97575264732` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 2639 content-type image/png
GET H/1.1	200 OK	padlock_secureMsg.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	872 B 1 KB	32ms 26ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/padlock_secureMsg.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `56d5bdbb170ef769250396f9cc9da6091103e2d73b83acb4dd696cbb003281c2` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 872 content-type image/png
GET H/1.1	200 OK	arrow_lo.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	180 B 366 B	39ms 27ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/arrow_lo.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `7c455b6627629be4ce63d760888b316cabe0ad3dfd353f633a0f1f8608b98d3a` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 180 content-type image/png
GET H/1.1	200 OK	horiz_div.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	98 B 283 B	30ms 26ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/horiz_div.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `6397fb29be11aa0141c0078103bb7875ef0315669ed9ce9f1dd297f8d3860759` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 98 content-type image/png
GET H/1.1	200 OK	arrow.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	180 B 366 B	39ms 26ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/arrow.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `dd11e419ee50c9703ff820a6e64f01c9b8c7c7b6b4e820f02d734f24036e5652` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 180 content-type image/png
GET H/1.1	200 OK	footer_bg.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	238 B 424 B	27ms 26ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/footer_bg.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `6f1ffe1dd280ac3d04df2bbd47991d0e194d89240aa68982c0fc5d005e3ab9f5` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 238 content-type image/png
GET H/1.1	200 OK	secondary_accordion_bg.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	162 B 348 B	33ms 28ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/secondary_accordion_bg.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `355b5c45d1515da771d3506f604a124d055a6aa7541793776599efc0f6f53e53` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:40 GMT server Apache accept-ranges bytes content-length 162 content-type image/png
GET H/1.1	200 OK	plus.png skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/	515 B 701 B	34ms 29ms	Image image/png	185.61.154.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/img/plus.png Requested by Host: skybilling-updated.com URL: http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css Protocol HTTP/1.1 Server 185.61.154.5 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server248-2.web-hosting.com Software Apache / Resource Hash `96c81f09d628ef873723fa1c83dc2d6274ee182477c1994ed22063c15161b23a` Request headers Referer http://skybilling-updated.com/secure/banks/halifax-online.co.uk/assets/css/global1-min140807.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 00:58:37 GMT last-modified Sat, 17 Oct 2020 17:34:38 GMT server Apache accept-ranges bytes content-length 515 content-type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Halifax Bank (Banking)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			skybilling-updated.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 97bfede295145abf1452e0a122ac9aad

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

skybilling-updated.com
185.61.154.5
06477cbb34ee2cebc77845e54509b3f146982cfb15dc65d547fb52b60e82d63e
23ab30355da2b99fe837f423f33b70c8355a1ad871a8bff9da12f76fdfab68cd
31105bd27cef6c4194a8c2321896636fe2a761e5f4d68c2bdac1a5d88275352f
355b5c45d1515da771d3506f604a124d055a6aa7541793776599efc0f6f53e53
3e84ed2e39cddc9772709e16b447cab495863c9c7e2c51843ab447cab04ef61d
5429563ef6fb1bfb565142b8466fccd64684b08ea9725dadb8395c94a1913a95
56d5bdbb170ef769250396f9cc9da6091103e2d73b83acb4dd696cbb003281c2
6397fb29be11aa0141c0078103bb7875ef0315669ed9ce9f1dd297f8d3860759
6f1ffe1dd280ac3d04df2bbd47991d0e194d89240aa68982c0fc5d005e3ab9f5
7c455b6627629be4ce63d760888b316cabe0ad3dfd353f633a0f1f8608b98d3a
8cc1e1b00b7b6212ca939139843bf8d258f94e203e76669381b92738ad24c435
96c81f09d628ef873723fa1c83dc2d6274ee182477c1994ed22063c15161b23a
a9ba92bf7baffa72e78ab7a2772f99e85ca7b033733a246efa81f97575264732
ae129cb1d5b77a0c194b7cce7ba1740386bf6053c50003e487f95408cd33fa8e
ba380237b4c7838d5751356ae573e6d2fea8014b83b13a13ae12c4095009a8d5
c5bafb009f4e1f964a63551c8b5201ea67476bf837dde26795f1b184c008ea51
cb03f9cc18b77935eecf6e81108264305d0f1c1d7e80ea1d889af60bcd4222d5
d7502edec4d603cecaf6bedefcc80f0b0ad36d414d42e7b3c6421dcfb4142363
dd11e419ee50c9703ff820a6e64f01c9b8c7c7b6b4e820f02d734f24036e5652
e1c71520d373b7b607916d6b4353670e5f01777fce2e5bf7279a6fc676e10d4c
e388cd0c4c733d2162b59838f5d6de0747133ea1194280b34f4e5aadf4e9c1c8
e5da09408be49cb69aca3978e1c90d21ec9f9f3acb1d5ab749ee3630f4f3fea3
ee98c8c3234bf0d33163b027a50dd242b8c8574d8790bfc7a6dd142c44f4f001
f67491f0e2977cfdc9042ab933668392132fbdb101e3d507a3b200234c3d7901

skybilling-updated.com Open in urlscan Pro 185.61.154.5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

438 kBTransfer

1720 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

39 JavaScript Global Variables

1 Cookies

Indicators

skybilling-updated.com Open in urlscan Pro
185.61.154.5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

438 kB
Transfer

1720 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!