crm.sky-lance.com Open in urlscan Pro
103.175.31.211 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://crm.sky-lance.com/
Effective URL:
https://crm.sky-lance.com/login
Submission: On December 13 via manual (December 13th 2024, 1:01:18 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 103.175.31.211, located in New Delhi, India and belongs to ONEBROADBAND ONEOTT INTERTAINMENT LIMITED, IN. The main domain is crm.sky-lance.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 18th 2024. Valid for: a year.

This is the only time crm.sky-lance.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
1 8	103.175.31.211 103.175.31.211	17665 (ONEBROADB...) (ONEBROADBAND ONEOTT INTERTAINMENT LIMITED)
4	2a01:4f8:162:... 2a01:4f8:162:3029::2	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
11	2

8 103.175.31.211 (New Delhi, India) 1 redirects

ASN17665 (ONEBROADBAND ONEOTT INTERTAINMENT LIMITED, IN)

crm.sky-lance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:162:3029::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)

fonts.bunny.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	sky-lance.com 1 redirects crm.sky-lance.com	88 KB
4	bunny.net fonts.bunny.net — Cisco Umbrella Rank: 10427	37 KB
11	2

	Domain	Requested by
8	crm.sky-lance.com	1 redirects crm.sky-lance.com
4	fonts.bunny.net	crm.sky-lance.com fonts.bunny.net
11	2

This site contains no links.

Subject Issuer	Validity	Valid
crm.sky-lance.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-18` - `2025-09-18`	a year	crt.sh
fonts.bunny.net R10	`2024-11-15` - `2025-02-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://crm.sky-lance.com/login
Frame ID: 0D1AAF38FFEFF1C73AF1F33700C20A20
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

crm_avs

Page URL History Show full URLs

http://crm.sky-lance.com/ HTTP 307
https://crm.sky-lance.com/ HTTP 302
https://crm.sky-lance.com/login Page URL

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

124 kB
Transfer

249 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://crm.sky-lance.com/ HTTP 307
https://crm.sky-lance.com/ HTTP 302
https://crm.sky-lance.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
crm.sky-lance.com/
Redirect Chain

http://crm.sky-lance.com/
https://crm.sky-lance.com/
https://crm.sky-lance.com/login

4 KB
2 KB

193ms
172ms

Document
text/html

103.175.31.211
ONEBROADBAND ONEO...

General

Check archive.org

Show headers Download Go to

Full URL

https://crm.sky-lance.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.175.31.211 New Delhi, India, ASN17665 (ONEBROADBAND ONEOTT INTERTAINMENT LIMITED, IN),

Reverse DNS

Software

nginx / PHP/8.3.14 PleskLin

Resource Hash

3bebff78042e6cf0dc3aa5b932a9897dc720320c1f0e90a972cdbe1ebbab3ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 13 Dec 2024 13:01:11 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.3.14 PleskLin

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=utf-8
date: Fri, 13 Dec 2024 13:01:11 GMT
location: https://crm.sky-lance.com/login
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.3.14 PleskLin

GET
H2 200 css
fonts.bunny.net/ 3 KB
1 KB 205ms
15ms Stylesheet
text/css 2a01:4f8:162:3029::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/css?family=figtree:400,500,600&display=swap
Requested by: Host: crm.sky-lance.com
URL: https://crm.sky-lance.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:162:3029::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: BunnyCDN-DE1-1230 /
Resource Hash: 0ae52e4bd77c3fc50dad8de596fb5171a67686c94771023a92396810d946e45c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://crm.sky-lance.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
alt-svc: h3=":443"
date: Fri, 13 Dec 2024 13:01:12 GMT
last-modified: Fri, 22 Nov 2024 17:43:30 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/22/2024 17:43:30
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid: 61de4d7e2e6245c978f57b1e5801254e
cdn-pullzone: 781720
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1230
server: BunnyCDN-DE1-1230
cdn-requestcountrycode: DE

GET
H2 200 app-8184d167.css
crm.sky-lance.com/build/assets/ 33 KB
7 KB 173ms
172ms Stylesheet
text/css 103.175.31.211
ONEBROADBAND ONEO...

General

Check archive.org

Show headers Download Go to

Full URL

https://crm.sky-lance.com/build/assets/app-8184d167.css

Requested by

Host: crm.sky-lance.com
URL: https://crm.sky-lance.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.175.31.211 New Delhi, India, ASN17665 (ONEBROADBAND ONEOTT INTERTAINMENT LIMITED, IN),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

8184d167b520ff7ed6a03c01d3bc1aa1b62b4a91506ff5399cd062e0b29b9ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://crm.sky-lance.com/login

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
etag: W/"6759e5c1-84d2"
date: Fri, 13 Dec 2024 13:01:12 GMT
content-type: text/css
last-modified: Wed, 11 Dec 2024 19:19:29 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 app-aef5015d.js Show response
crm.sky-lance.com/build/assets/ 72 KB
28 KB 338ms
338ms Script
application/javascript 103.175.31.211
ONEBROADBAND ONEO...

General

Check archive.org

Show headers Download Go to

Full URL

https://crm.sky-lance.com/build/assets/app-aef5015d.js

Requested by

Host: crm.sky-lance.com
URL: https://crm.sky-lance.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.175.31.211 New Delhi, India, ASN17665 (ONEBROADBAND ONEOTT INTERTAINMENT LIMITED, IN),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

9614a70a7b39e665bb3903e3704a010ae2d4592fb1670ae9bd4af034b71cf739

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://crm.sky-lance.com
Referer: https://crm.sky-lance.com/login

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
etag: W/"6759e5c1-11fbf"
date: Fri, 13 Dec 2024 13:01:12 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 19:19:29 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 pusher-0fd7a0f9.js Show response
crm.sky-lance.com/build/assets/ 77 KB
23 KB 1553ms
1552ms Script
application/javascript 103.175.31.211
ONEBROADBAND ONEO...

General

Check archive.org

Show headers Download Go to

Full URL

https://crm.sky-lance.com/build/assets/pusher-0fd7a0f9.js

Requested by

Host: crm.sky-lance.com
URL: https://crm.sky-lance.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.175.31.211 New Delhi, India, ASN17665 (ONEBROADBAND ONEOTT INTERTAINMENT LIMITED, IN),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

96139580335c71da8e3c49d0ceb9d35e89b1629e02700b8cbdec67ac143de830

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://crm.sky-lance.com
Referer: https://crm.sky-lance.com/login

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
etag: W/"6759e5c1-132f1"
date: Fri, 13 Dec 2024 13:01:12 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 19:19:29 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 _commonjsHelpers-39b5b250.js Show response
crm.sky-lance.com/build/assets/ 116 B
309 B 1547ms
1546ms Script
application/javascript 103.175.31.211
ONEBROADBAND ONEO...

General

Check archive.org

Show headers Download Go to

Full URL

https://crm.sky-lance.com/build/assets/_commonjsHelpers-39b5b250.js

Requested by

Host: crm.sky-lance.com
URL: https://crm.sky-lance.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.175.31.211 New Delhi, India, ASN17665 (ONEBROADBAND ONEOTT INTERTAINMENT LIMITED, IN),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

4c81dcd54e7e877a79145c4c6fde30ac0e8d857f412b73f48f6970e5d7eab938

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://crm.sky-lance.com
Referer: https://crm.sky-lance.com/login

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
etag: "6759e5c1-74"
accept-ranges: bytes
content-length: 116
date: Fri, 13 Dec 2024 13:01:12 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 19:19:29 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 logo.png
crm.sky-lance.com/build/assets/images/brand/ 26 KB
26 KB 1548ms
1547ms Image
image/png 103.175.31.211
ONEBROADBAND ONEO...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crm.sky-lance.com/build/assets/images/brand/logo.png

Requested by

Host: crm.sky-lance.com
URL: https://crm.sky-lance.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.175.31.211 New Delhi, India, ASN17665 (ONEBROADBAND ONEOTT INTERTAINMENT LIMITED, IN),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

7081a2610dfd958747c231f917077d0baf9310a7a7124e6c692ad46ff6166b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://crm.sky-lance.com/login

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
etag: "6759e5c2-6659"
accept-ranges: bytes
content-length: 26201
date: Fri, 13 Dec 2024 13:01:12 GMT
content-type: image/png
last-modified: Wed, 11 Dec 2024 19:19:30 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 figtree-latin-500-normal.woff2
fonts.bunny.net/figtree/files/ 11 KB
12 KB 124ms
36ms Font
font/woff2 2a01:4f8:162:3029::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/figtree/files/figtree-latin-500-normal.woff2
Requested by: Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=figtree:400,500,600&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:162:3029::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: BunnyCDN-DE1-1230 /
Resource Hash: 832fe3c243177aae49521045d8b592c2487af359fc7a159e506e4269982b24e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://crm.sky-lance.com
Referer: https://fonts.bunny.net/css?family=figtree:400,500,600&display=swap

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "67032d31-2d18"
cdn-fileserver: 644
date: Fri, 13 Dec 2024 13:01:12 GMT
cdn-storageserver: DE-635
content-type: font/woff2
last-modified: Mon, 07 Oct 2024 00:37:05 GMT
cdn-cachedat: 11/22/2024 17:43:30
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid: c36e22ff5b5961f5657479cf8704bcb7
cdn-pullzone: 781720
cdn-proxyver: 1.07
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11544
cdn-edgestorageid: 1230
server: BunnyCDN-DE1-1230
cdn-requestcountrycode: DE

GET
H2 200 figtree-latin-400-normal.woff2
fonts.bunny.net/figtree/files/ 11 KB
12 KB 129ms
43ms Font
font/woff2 2a01:4f8:162:3029::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/figtree/files/figtree-latin-400-normal.woff2
Requested by: Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=figtree:400,500,600&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:162:3029::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: BunnyCDN-DE1-1230 /
Resource Hash: cb2880eb4d03a4e6b3e5c3b2812772b6922694d333c4ed8aa529d774ff346e25

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://crm.sky-lance.com
Referer: https://fonts.bunny.net/css?family=figtree:400,500,600&display=swap

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "67032d2f-2d08"
cdn-fileserver: 659
date: Fri, 13 Dec 2024 13:01:12 GMT
cdn-storageserver: DE-633
content-type: font/woff2
last-modified: Mon, 07 Oct 2024 00:37:03 GMT
cdn-cachedat: 11/22/2024 17:43:30
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid: f0f1e5b4833b28d73c477fe78934a000
cdn-pullzone: 781720
cdn-proxyver: 1.07
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11528
cdn-edgestorageid: 1230
server: BunnyCDN-DE1-1230
cdn-requestcountrycode: DE

GET
H2 200 figtree-latin-600-normal.woff2
fonts.bunny.net/figtree/files/ 11 KB
12 KB 121ms
35ms Font
font/woff2 2a01:4f8:162:3029::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/figtree/files/figtree-latin-600-normal.woff2
Requested by: Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=figtree:400,500,600&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:162:3029::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: BunnyCDN-DE1-1230 /
Resource Hash: 7f51b3b3e5d27301d34903e74cc550d8cbff6842e1933ea676014da9b1c4aa90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://crm.sky-lance.com
Referer: https://fonts.bunny.net/css?family=figtree:400,500,600&display=swap

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "67032d32-2d9c"
cdn-fileserver: 339
date: Fri, 13 Dec 2024 13:01:12 GMT
cdn-storageserver: DE-588
content-type: font/woff2
last-modified: Mon, 07 Oct 2024 00:37:06 GMT
cdn-cachedat: 11/22/2024 17:43:30
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid: a79878ea4746b7e3c611ae070faf06cd
cdn-pullzone: 781720
cdn-proxyver: 1.07
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11676
cdn-edgestorageid: 1230
server: BunnyCDN-DE1-1230
cdn-requestcountrycode: DE

GET
H2 200 favicon.ico
crm.sky-lance.com/ 0
174 B 161ms
161ms Other
image/x-icon 103.175.31.211
ONEBROADBAND ONEO...

General

Check archive.org

Show headers Download Go to

Full URL

https://crm.sky-lance.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.175.31.211 New Delhi, India, ASN17665 (ONEBROADBAND ONEOTT INTERTAINMENT LIMITED, IN),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://crm.sky-lance.com/login

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
etag: "66eb2b68-0"
accept-ranges: bytes
content-length: 0
date: Fri, 13 Dec 2024 13:01:13 GMT
content-type: image/x-icon
last-modified: Wed, 18 Sep 2024 19:35:04 GMT
server: nginx
x-powered-by: PleskLin

Verdicts & Comments Add Verdict or Comment

Malicious page.domain
Submitted on December 17th 2024, 11:52:02 pm UTC — From United States

Threats: Brand Impersonation Scam
Comment: The domain is being used in SEO poisoning and refund cancellation scams impersonating Expedia.

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Pusher function| axios object| Alpine object| Echo

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			crm.sky-lance.com/	1970-01-21 01:43:01	Name: XSRF-TOKEN Value: eyJpdiI6IlhXODlIMUdweE9KL1ZJc0FFMlBCMmc9PSIsInZhbHVlIjoic1pLeUU3Q3h0d3NKTDdBQmoxTTYvMUhZenNOcit0VWFraUQ5V0tmc1poNkdZUzBxZUllK003VGttZndWWjdmS3NJZ09mYmxpVjRRQ3BqczNFWlRsclJWbU5NWGtEVWgzVFlDSEFCR2pJcnRVS0pkMHlnZG12VUV1VTRwZDlWdDMiLCJtYWMiOiJlZGUwOTNhMDA1ZGVkMWM3YTg0ZjJhOWZhYjY3OWQzODFkZDllMTE1YjZiMGMyMzNiZDA0OGY0YzgzYjgzZDJhIiwidGFnIjoiIn0%3D
			crm.sky-lance.com/	1970-01-21 01:43:01	Name: crm_avs_session Value: eyJpdiI6IjhjUkFoS2hpV3JhUitRS3Vodzk5UVE9PSIsInZhbHVlIjoiZ1NuSmJHWEQvamM4U25aN2FSU3R5VWpaZEZKN0xja1JGSXBRUTdOSjF3RjkrUVNQWVZmWXcrbWNpNDMxSXhVYjFkRHVkQnlKOElDT09wVXdyU0lpb2ZDMmFBRDRRbXNMcjJGcVVzZDBwbzZzakhZK3VCaXlQdWJjQzFtOHJJcjUiLCJtYWMiOiIxZWQ1ZWE1OWE3MDZjMzBiODlhMDk3ZjIwZTc5Y2FiNTgwMGQ5YjQ2MWI0MDMzZTJkN2NiZDg1NjQ2ZGUxMThhIiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

crm.sky-lance.com
fonts.bunny.net
103.175.31.211
2a01:4f8:162:3029::2
0ae52e4bd77c3fc50dad8de596fb5171a67686c94771023a92396810d946e45c
3bebff78042e6cf0dc3aa5b932a9897dc720320c1f0e90a972cdbe1ebbab3ecb
4c81dcd54e7e877a79145c4c6fde30ac0e8d857f412b73f48f6970e5d7eab938
7081a2610dfd958747c231f917077d0baf9310a7a7124e6c692ad46ff6166b65
7f51b3b3e5d27301d34903e74cc550d8cbff6842e1933ea676014da9b1c4aa90
8184d167b520ff7ed6a03c01d3bc1aa1b62b4a91506ff5399cd062e0b29b9ae4
832fe3c243177aae49521045d8b592c2487af359fc7a159e506e4269982b24e0
96139580335c71da8e3c49d0ceb9d35e89b1629e02700b8cbdec67ac143de830
9614a70a7b39e665bb3903e3704a010ae2d4592fb1670ae9bd4af034b71cf739
cb2880eb4d03a4e6b3e5c3b2812772b6922694d333c4ed8aa529d774ff346e25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

crm.sky-lance.com Open in urlscan Pro 103.175.31.211 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

124 kBTransfer

249 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Malicious page.domain Submitted on December 17th 2024, 11:52:02 pm UTC — From United States

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

4 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

crm.sky-lance.com Open in urlscan Pro
103.175.31.211 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

124 kB
Transfer

249 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions

Malicious page.domain
Submitted on December 17th 2024, 11:52:02 pm UTC — From United States

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!