my-dashboard-plan.com Open in urlscan Pro
44.227.238.106  Malicious Activity! Public Scan

Submitted URL: http://my-dashboard-plan.com/
Effective URL: https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2Fzf...
Submission: On February 17 via manual from PL — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 44.227.238.106, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is my-dashboard-plan.com.
TLS certificate: Issued by R3 on February 15th 2022. Valid for: 3 months.
This is the only time my-dashboard-plan.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sky (Entertainment)

Domain & IP information

IP Address AS Autonomous System
1 7 44.227.238.106 16509 (AMAZON-02)
2 104.111.253.163 16625 (AKAMAI-AS)
2 2a02:26f0:710... 20940 (AKAMAI-ASN1)
10 4
Apex Domain
Subdomains
Transfer
7 my-dashboard-plan.com
my-dashboard-plan.com
324 KB
2 skyassets.com
static.skyassets.com — Cisco Umbrella Rank: 82204
51 KB
2 sky.com
www.sky.com — Cisco Umbrella Rank: 118916
18 KB
10 3
Domain Requested by
7 my-dashboard-plan.com 1 redirects my-dashboard-plan.com
2 static.skyassets.com my-dashboard-plan.com
2 www.sky.com my-dashboard-plan.com
10 3

This site contains links to these domains. Also see Links.

Domain
www.sky.com
skyid.sky.com
skyaccessibility.sky
www.skygroup.sky
Subject Issuer Validity Valid
my-dashboard-plan.com
R3
2022-02-15 -
2022-05-16
3 months crt.sh
www.sky.com
DigiCert SHA2 Extended Validation Server CA
2021-07-26 -
2022-07-26
a year crt.sh
sky.com
DigiCert SHA2 Secure Server CA
2021-11-08 -
2022-07-06
8 months crt.sh

This page contains 1 frames:

Primary Page: https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU
Frame ID: 274D908458603A5EB22D49C6173E1C66
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Sky - Sign in | Sky.com

Page URL History Show full URLs

  1. http://my-dashboard-plan.com/ HTTP 302
    https://my-dashboard-plan.com/ Page URL
  2. https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRu... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <[^>]+class=\"[^\"]+\ssvelte-[\w]*\"

Page Statistics

10
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

393 kB
Transfer

958 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my-dashboard-plan.com/ HTTP 302
    https://my-dashboard-plan.com/ Page URL
  2. https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://my-dashboard-plan.com/ HTTP 302
  • https://my-dashboard-plan.com/

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
my-dashboard-plan.com/
Redirect Chain
  • http://my-dashboard-plan.com/
  • https://my-dashboard-plan.com/
156 B
439 B
Document
General
Full URL
https://my-dashboard-plan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.227.238.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-238-106.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
openresty
date
Thu, 17 Feb 2022 14:23:24 GMT
content-type
text/html; charset=UTF-8
content-length
135
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
br
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
x-cache
BYPASS
x-service
pixie-cpanel

Redirect headers

Server
openresty
Date
Thu, 17 Feb 2022 14:23:23 GMT
Content-Type
text/html
Content-Length
142
Connection
keep-alive
Location
https://my-dashboard-plan.com/
X-Frame-Options
sameorigin
Primary Request login.php
my-dashboard-plan.com/
59 KB
6 KB
Document
General
Full URL
https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU
Requested by
Host: my-dashboard-plan.com
URL: https://my-dashboard-plan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.227.238.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-238-106.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
deae07c019224a2d769c6a722fb58c1c927ae4e3ead8762f500396adcbc86a1c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://my-dashboard-plan.com/

Response headers

server
openresty
date
Thu, 17 Feb 2022 14:23:24 GMT
content-type
text/html; charset=UTF-8
content-length
6255
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
br
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
x-cache
BYPASS
x-service
pixie-cpanel
sky-logo.png
www.sky.com/assets/masthead/images/
4 KB
9 KB
Image
General
Full URL
https://www.sky.com/assets/masthead/images/sky-logo.png
Requested by
Host: my-dashboard-plan.com
URL: https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.253.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-253-163.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
325906e10930e9eab32395be9c8fd46132926a722ed4767e834e1193f53fb16f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' android-webview-video-poster: *.sky.com *.bskyb.com *.skyassets.com *.lpsnmedia.net *.liveperson.net *.doubleclick.net http://ad.doubleclick.net analytics.twitter.com assets.adobedtm.com bat.bing.com cdn3.nowinteract.com *.clicktale.net *.tvsquared.com connect.facebook.net imp3.nowinteract.com *.googlesyndication.com s2.go-mpulse.net secure.quantserve.com *.qualtrics.com *.15gifts.com smct.co track.uniqodo.com *.assistant.watson.appdomain.cloud www.dwin1.com www.google-analytics.com www.googletagmanager.com static.ads-twitter.com staging-liveperson-dtm.herokuapp.com cdn.tt.omtrdc.net *.demdex.net *.cloudfront.net ssl.google-analytics.com ecustomeropinions.com universal.iperceptions.com sd.iperceptions.com britishskybroadcasti.tt.omtrdc.net cti.w55c.net platform.twitter.com www.awin1.com s0.2mdn.net www.zenaps.com *.google.com *.google.co.uk *.google.ie data1.ablapol.com www.facebook.com *.optimizely.com cdn.spatialbuzz.com cdn.privacy-mgmt.com *.contentsquare.net www.googleadservices.com servedby.flashtalking.com *.lucidcx.com www.gstatic.com *.8thwall.com cdnjs.cloudflare.com rules.quantcount.com t.contentsquare.net contentsquare.com app.contentsquare.com cdn-assets-prod.s3.amazonaws.com apps.8thwall.com sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com dmp.vfwmrm.net match.adsrvr.org pm.w55c.net tr.snapchat.com secure.adnxs.com www.uqd.io *.yimg.com yahoo.com *.teads.tv smct.co js.smct.co smct.io js.smct.io; style-src 'self' 'unsafe-inline' *.sky.com *.skyassets.com *.15gifts.com s0.2mdn.net www.gstatic.com *.liveperson.net www.facebook.com *.doubleclick.net assets.adobedtm.com www.google-analytics.com *.lpsnmedia.net *.clicktale.net *.contentsquare.net *.googlesyndication.com sky.lucidcx.com fonts.googleapis.com; font-src 'self' data: *.sky.com fonts.gstatic.com http://fonts.gstatic.com *.skyassets.com use.typekit.net *.15gifts.com *.google.com *.google.co.uk *.google.ie sky.lucidcx.com cdn.8thwall.com tr.snapchat.com www.pinterest.com fonts.smct.co fonts.smct.io fonts.gstatic.com; img-src 'self' data: android-webview-video-poster: *.sky.com http://search.sky.com *.doubleclick.net *.skyassets.com *.15gifts.com bat.bing.com *.clicktale.net *.optimizely.com *.tvsquared.com *.demdex.net *.online-metrix.net *.qualtrics.com t.co tracking.audio.thisisdax.com www.facebook.com www.google-analytics.com *.google.com *.google.co.uk *.google.ie *.atdmt.com *.cloudfront.net live.staticflickr.com tags.w55c.net www.googletagmanager.com *.contentstack.io *.lpsnmedia.net s0.2mdn.net www.zenaps.com connect.facebook.net engagement.uniqodo.com *.liveperson.net www.gstatic.com www.awin1.com analytics.twitter.com cdn.spatialbuzz.com assets.adobedtm.com cdn.privacy-mgmt.com *.googlesyndication.com *.contentsquare.net www.googleadservices.com servedby.flashtalking.com *.lucidcx.com cdn.8thwall.com uniqodo.s3-eu-west-1.amazonaws.com production-image-placeholder.herokuapp.com pixel.quantserve.com http://t.newsletter.contact.sky *.sky 8th.io sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com match.adsrvr.org pm.w55c.net dmp.v.fwmrm.net ct.pinterest.com tr.snapchat.com www.pinterest.com secure.adnxs.com events.smct.co *.yahoo.com *.gumgum.com smct.co cdn.smct.co smct.io cdn.smct.io px.smct.co px.smct.io ep.smct.co ep.smct.io *.teads.tv; connect-src 'self' blob: android-webview-video-poster: *.sky.com wss://*.sky.com *.skyassets.com *.bskyb.com *.15gifts.com api.amplitude.com bat.bing.com *.bf.dynatrace.com britishskybroadcasti.tt.omtrdc.net *.clicktale.net *.optimizely.com cdn.privacy-mgmt.com *.demdex.net *.doubleclick.net *.assistant.watson.appdomain.cloud *.qualtrics.com vip.timezonedb.com www.google-analytics.com api.amplitude.com *.go-mpulse.net *.akstat.io api.iperceptions.com www.facebook.com www.zenaps.com *.google.com *.google.co.uk *.google.ie s0.2mdn.net *.contentstack.io help-search-api-stage.herokuapp.com wss://*.liveperson.net *.lpsnmedia.net cdn.spatialbuzz.com prod-my-photo-api.herokuapp.com track.uniqodo.com connect.facebook.net engagement.uniqodo.com www.gstatic.com *.liveperson.net assets.adobedtm.com *.tvsquared.com *.googlesyndication.com www.googletagmanager.com wss://127.0.0.1 *.contentsquare.net www.googleadservices.com *.lucidcx.com awk.epgsky.com production-retriever.herokuapp.com cdn-assets-prod.s3.amazonaws.com apps.8thwall.com sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com match.adsrvr.org pm.w55c.net dmp.v.fwmrm.net ct.pinterest.com tr.snapchat.com www.pinterest.com secure.adnxs.com www.pinterest.co.uk *.yimg.com smct.co smct.co js.smct.co smct.io js.smct.io ipb.smct.co ipb.smct.io cfg.smct.co cfg.smct.io ep.smct.co ep.smct.io cognito-identity.eu-west-1.amazonaws.com firehose.eu-west-1.amazonaws.com *.teads.tv; frame-src 'self' blob: *.sky.com *.bskyb.com *.skyassets.com *.15gifts.com *.doubleclick.net *.optimizely.com *.demdex.net *.online-metrix.net *.lpsnmedia.net *.qualtrics.com www.facebook.com cdn.privacy-mgmt.com universal.iperceptions.com *.google.com *.google.co.uk *.google.ie *.clicktale.net s0.2mdn.net www.zenaps.com connect.facebook.net *.liveperson.net www.google-analytics.com analytics.twitter.com cdn.spatialbuzz.com assets.adobedtm.com *.googlesyndication.com *.contentsquare.net www.googleadservices.com sky.lucidcx.com live.tvgenius.net servedby.flashtalking.com players.brightcove.net sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com match.adsrvr.org pm.w55c.net dmp.v.fwmrm.net tr.snapchat.com ct.pinterest.com www.pinterest.com secure.adnxs.com www.pinterest.co.uk smct.co smct.io ls.smct.co ls.smct.io d2d7do8qaecbru.cloudfront.net; worker-src 'self' blob: *.sky.com *.skyassets.com assets.adobedtm.com *.liveperson.net; child-src 'self' blob:; media-src 'self' data: *.sky.com *.skyassets.com http://static.video.sky.com *.15gifts.com *.contentstack.io *.lpsnmedia.net *.doubleclick.net *.google.com *.google.co.uk *.google.ie *.clicktale.net *.liveperson.net www.facebook.com bat.bing.com *.demdex.net assets.adobedtm.com www.google-analytics.com *.contentsquare.net *.googlesyndication.com; object-src 'self' *.sky.com; report-uri /csp-reports
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my-dashboard-plan.com/
Origin
https://my-dashboard-plan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 14:23:24 GMT
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
4484
x-xss-protection
1; mode=block
last-modified
Thu, 02 Jul 2020 12:51:23 GMT
server
Akamai Image Manager
etag
"7bc31a3e54b13abef5ccd0e11891112f"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=43200
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' android-webview-video-poster: *.sky.com *.bskyb.com *.skyassets.com *.lpsnmedia.net *.liveperson.net *.doubleclick.net http://ad.doubleclick.net analytics.twitter.com assets.adobedtm.com bat.bing.com cdn3.nowinteract.com *.clicktale.net *.tvsquared.com connect.facebook.net imp3.nowinteract.com *.googlesyndication.com s2.go-mpulse.net secure.quantserve.com *.qualtrics.com *.15gifts.com smct.co track.uniqodo.com *.assistant.watson.appdomain.cloud www.dwin1.com www.google-analytics.com www.googletagmanager.com static.ads-twitter.com staging-liveperson-dtm.herokuapp.com cdn.tt.omtrdc.net *.demdex.net *.cloudfront.net ssl.google-analytics.com ecustomeropinions.com universal.iperceptions.com sd.iperceptions.com britishskybroadcasti.tt.omtrdc.net cti.w55c.net platform.twitter.com www.awin1.com s0.2mdn.net www.zenaps.com *.google.com *.google.co.uk *.google.ie data1.ablapol.com www.facebook.com *.optimizely.com cdn.spatialbuzz.com cdn.privacy-mgmt.com *.contentsquare.net www.googleadservices.com servedby.flashtalking.com *.lucidcx.com www.gstatic.com *.8thwall.com cdnjs.cloudflare.com rules.quantcount.com t.contentsquare.net contentsquare.com app.contentsquare.com cdn-assets-prod.s3.amazonaws.com apps.8thwall.com sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com dmp.vfwmrm.net match.adsrvr.org pm.w55c.net tr.snapchat.com secure.adnxs.com www.uqd.io *.yimg.com yahoo.com *.teads.tv smct.co js.smct.co smct.io js.smct.io; style-src 'self' 'unsafe-inline' *.sky.com *.skyassets.com *.15gifts.com s0.2mdn.net www.gstatic.com *.liveperson.net www.facebook.com *.doubleclick.net assets.adobedtm.com www.google-analytics.com *.lpsnmedia.net *.clicktale.net *.contentsquare.net *.googlesyndication.com sky.lucidcx.com fonts.googleapis.com; font-src 'self' data: *.sky.com fonts.gstatic.com http://fonts.gstatic.com *.skyassets.com use.typekit.net *.15gifts.com *.google.com *.google.co.uk *.google.ie sky.lucidcx.com cdn.8thwall.com tr.snapchat.com www.pinterest.com fonts.smct.co fonts.smct.io fonts.gstatic.com; img-src 'self' data: android-webview-video-poster: *.sky.com http://search.sky.com *.doubleclick.net *.skyassets.com *.15gifts.com bat.bing.com *.clicktale.net *.optimizely.com *.tvsquared.com *.demdex.net *.online-metrix.net *.qualtrics.com t.co tracking.audio.thisisdax.com www.facebook.com www.google-analytics.com *.google.com *.google.co.uk *.google.ie *.atdmt.com *.cloudfront.net live.staticflickr.com tags.w55c.net www.googletagmanager.com *.contentstack.io *.lpsnmedia.net s0.2mdn.net www.zenaps.com connect.facebook.net engagement.uniqodo.com *.liveperson.net www.gstatic.com www.awin1.com analytics.twitter.com cdn.spatialbuzz.com assets.adobedtm.com cdn.privacy-mgmt.com *.googlesyndication.com *.contentsquare.net www.googleadservices.com servedby.flashtalking.com *.lucidcx.com cdn.8thwall.com uniqodo.s3-eu-west-1.amazonaws.com production-image-placeholder.herokuapp.com pixel.quantserve.com http://t.newsletter.contact.sky *.sky 8th.io sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com match.adsrvr.org pm.w55c.net dmp.v.fwmrm.net ct.pinterest.com tr.snapchat.com www.pinterest.com secure.adnxs.com events.smct.co *.yahoo.com *.gumgum.com smct.co cdn.smct.co smct.io cdn.smct.io px.smct.co px.smct.io ep.smct.co ep.smct.io *.teads.tv; connect-src 'self' blob: android-webview-video-poster: *.sky.com wss://*.sky.com *.skyassets.com *.bskyb.com *.15gifts.com api.amplitude.com bat.bing.com *.bf.dynatrace.com britishskybroadcasti.tt.omtrdc.net *.clicktale.net *.optimizely.com cdn.privacy-mgmt.com *.demdex.net *.doubleclick.net *.assistant.watson.appdomain.cloud *.qualtrics.com vip.timezonedb.com www.google-analytics.com api.amplitude.com *.go-mpulse.net *.akstat.io api.iperceptions.com www.facebook.com www.zenaps.com *.google.com *.google.co.uk *.google.ie s0.2mdn.net *.contentstack.io help-search-api-stage.herokuapp.com wss://*.liveperson.net *.lpsnmedia.net cdn.spatialbuzz.com prod-my-photo-api.herokuapp.com track.uniqodo.com connect.facebook.net engagement.uniqodo.com www.gstatic.com *.liveperson.net assets.adobedtm.com *.tvsquared.com *.googlesyndication.com www.googletagmanager.com wss://127.0.0.1 *.contentsquare.net www.googleadservices.com *.lucidcx.com awk.epgsky.com production-retriever.herokuapp.com cdn-assets-prod.s3.amazonaws.com apps.8thwall.com sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com match.adsrvr.org pm.w55c.net dmp.v.fwmrm.net ct.pinterest.com tr.snapchat.com www.pinterest.com secure.adnxs.com www.pinterest.co.uk *.yimg.com smct.co smct.co js.smct.co smct.io js.smct.io ipb.smct.co ipb.smct.io cfg.smct.co cfg.smct.io ep.smct.co ep.smct.io cognito-identity.eu-west-1.amazonaws.com firehose.eu-west-1.amazonaws.com *.teads.tv; frame-src 'self' blob: *.sky.com *.bskyb.com *.skyassets.com *.15gifts.com *.doubleclick.net *.optimizely.com *.demdex.net *.online-metrix.net *.lpsnmedia.net *.qualtrics.com www.facebook.com cdn.privacy-mgmt.com universal.iperceptions.com *.google.com *.google.co.uk *.google.ie *.clicktale.net s0.2mdn.net www.zenaps.com connect.facebook.net *.liveperson.net www.google-analytics.com analytics.twitter.com cdn.spatialbuzz.com assets.adobedtm.com *.googlesyndication.com *.contentsquare.net www.googleadservices.com sky.lucidcx.com live.tvgenius.net servedby.flashtalking.com players.brightcove.net sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com match.adsrvr.org pm.w55c.net dmp.v.fwmrm.net tr.snapchat.com ct.pinterest.com www.pinterest.com secure.adnxs.com www.pinterest.co.uk smct.co smct.io ls.smct.co ls.smct.io d2d7do8qaecbru.cloudfront.net; worker-src 'self' blob: *.sky.com *.skyassets.com assets.adobedtm.com *.liveperson.net; child-src 'self' blob:; media-src 'self' data: *.sky.com *.skyassets.com http://static.video.sky.com *.15gifts.com *.contentstack.io *.lpsnmedia.net *.doubleclick.net *.google.com *.google.co.uk *.google.ie *.clicktale.net *.liveperson.net www.facebook.com bat.bing.com *.demdex.net assets.adobedtm.com www.google-analytics.com *.contentsquare.net *.googlesyndication.com; object-src 'self' *.sky.com; report-uri /csp-reports
access-control-allow-headers
*
expires
Fri, 18 Feb 2022 02:23:24 GMT
toolkit.min.css
my-dashboard-plan.com/css/
122 KB
18 KB
Stylesheet
General
Full URL
https://my-dashboard-plan.com/css/toolkit.min.css
Requested by
Host: my-dashboard-plan.com
URL: https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.227.238.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-238-106.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
5d7226ec3e82f921665076378d48a4e6ae788f4682437d656580046da621d24a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 14:23:24 GMT
content-encoding
br
last-modified
Sun, 01 Nov 2020 20:48:18 GMT
server
openresty
vary
Accept-Encoding
x-cache
BYPASS
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-service
pixie-cpanel
accept-ranges
bytes
content-length
18434
expires
Thu, 24 Feb 2022 14:23:24 GMT
bundle-8c63bb5d.css
my-dashboard-plan.com/css/
37 KB
6 KB
Stylesheet
General
Full URL
https://my-dashboard-plan.com/css/bundle-8c63bb5d.css
Requested by
Host: my-dashboard-plan.com
URL: https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.227.238.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-238-106.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
85219335a1cf22f8bad8998669324725e39695ded6d1e013fbed1342b7380484

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 14:23:24 GMT
content-encoding
br
last-modified
Sun, 01 Nov 2020 20:48:28 GMT
server
openresty
vary
Accept-Encoding
x-cache
BYPASS
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-service
pixie-cpanel
accept-ranges
bytes
content-length
6126
expires
Thu, 24 Feb 2022 14:23:24 GMT
common.c93f4e8fb40aa7311521-blessed1.css
my-dashboard-plan.com/css/
445 KB
57 KB
Stylesheet
General
Full URL
https://my-dashboard-plan.com/css/common.c93f4e8fb40aa7311521-blessed1.css
Requested by
Host: my-dashboard-plan.com
URL: https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.227.238.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-238-106.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
7a68109d28adaac90712c10b102717f90dbada8dc7f1ce6fafb86787c76d902a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 14:23:24 GMT
content-encoding
br
last-modified
Sun, 01 Nov 2020 20:50:42 GMT
server
openresty
vary
Accept-Encoding
x-cache
BYPASS
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-service
pixie-cpanel
accept-ranges
bytes
content-length
57989
expires
Thu, 24 Feb 2022 14:23:24 GMT
loginpic.png
my-dashboard-plan.com/assets/
235 KB
236 KB
Image
General
Full URL
https://my-dashboard-plan.com/assets/loginpic.png
Requested by
Host: my-dashboard-plan.com
URL: https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.227.238.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-238-106.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
7a9893667c6710034bea23365ae3476930585db1abbdb82179a2278eeabb93d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 14:23:24 GMT
last-modified
Sun, 01 Nov 2020 20:55:00 GMT
server
openresty
x-cache
BYPASS
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-service
pixie-cpanel
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
241003
expires
Thu, 24 Feb 2022 14:23:24 GMT
sky-logo.png
www.sky.com/assets/masthead/images/
4 KB
9 KB
Image
General
Full URL
https://www.sky.com/assets/masthead/images/sky-logo.png
Requested by
Host: my-dashboard-plan.com
URL: https://my-dashboard-plan.com/css/bundle-8c63bb5d.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.253.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-253-163.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
325906e10930e9eab32395be9c8fd46132926a722ed4767e834e1193f53fb16f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' android-webview-video-poster: *.sky.com *.bskyb.com *.skyassets.com *.lpsnmedia.net *.liveperson.net *.doubleclick.net http://ad.doubleclick.net analytics.twitter.com assets.adobedtm.com bat.bing.com cdn3.nowinteract.com *.clicktale.net *.tvsquared.com connect.facebook.net imp3.nowinteract.com *.googlesyndication.com s2.go-mpulse.net secure.quantserve.com *.qualtrics.com *.15gifts.com smct.co track.uniqodo.com *.assistant.watson.appdomain.cloud www.dwin1.com www.google-analytics.com www.googletagmanager.com static.ads-twitter.com staging-liveperson-dtm.herokuapp.com cdn.tt.omtrdc.net *.demdex.net *.cloudfront.net ssl.google-analytics.com ecustomeropinions.com universal.iperceptions.com sd.iperceptions.com britishskybroadcasti.tt.omtrdc.net cti.w55c.net platform.twitter.com www.awin1.com s0.2mdn.net www.zenaps.com *.google.com *.google.co.uk *.google.ie data1.ablapol.com www.facebook.com *.optimizely.com cdn.spatialbuzz.com cdn.privacy-mgmt.com *.contentsquare.net www.googleadservices.com servedby.flashtalking.com *.lucidcx.com www.gstatic.com *.8thwall.com cdnjs.cloudflare.com rules.quantcount.com t.contentsquare.net contentsquare.com app.contentsquare.com cdn-assets-prod.s3.amazonaws.com apps.8thwall.com sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com dmp.vfwmrm.net match.adsrvr.org pm.w55c.net tr.snapchat.com secure.adnxs.com www.uqd.io *.yimg.com yahoo.com *.teads.tv smct.co js.smct.co smct.io js.smct.io; style-src 'self' 'unsafe-inline' *.sky.com *.skyassets.com *.15gifts.com s0.2mdn.net www.gstatic.com *.liveperson.net www.facebook.com *.doubleclick.net assets.adobedtm.com www.google-analytics.com *.lpsnmedia.net *.clicktale.net *.contentsquare.net *.googlesyndication.com sky.lucidcx.com fonts.googleapis.com; font-src 'self' data: *.sky.com fonts.gstatic.com http://fonts.gstatic.com *.skyassets.com use.typekit.net *.15gifts.com *.google.com *.google.co.uk *.google.ie sky.lucidcx.com cdn.8thwall.com tr.snapchat.com www.pinterest.com fonts.smct.co fonts.smct.io fonts.gstatic.com; img-src 'self' data: android-webview-video-poster: *.sky.com http://search.sky.com *.doubleclick.net *.skyassets.com *.15gifts.com bat.bing.com *.clicktale.net *.optimizely.com *.tvsquared.com *.demdex.net *.online-metrix.net *.qualtrics.com t.co tracking.audio.thisisdax.com www.facebook.com www.google-analytics.com *.google.com *.google.co.uk *.google.ie *.atdmt.com *.cloudfront.net live.staticflickr.com tags.w55c.net www.googletagmanager.com *.contentstack.io *.lpsnmedia.net s0.2mdn.net www.zenaps.com connect.facebook.net engagement.uniqodo.com *.liveperson.net www.gstatic.com www.awin1.com analytics.twitter.com cdn.spatialbuzz.com assets.adobedtm.com cdn.privacy-mgmt.com *.googlesyndication.com *.contentsquare.net www.googleadservices.com servedby.flashtalking.com *.lucidcx.com cdn.8thwall.com uniqodo.s3-eu-west-1.amazonaws.com production-image-placeholder.herokuapp.com pixel.quantserve.com http://t.newsletter.contact.sky *.sky 8th.io sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com match.adsrvr.org pm.w55c.net dmp.v.fwmrm.net ct.pinterest.com tr.snapchat.com www.pinterest.com secure.adnxs.com events.smct.co *.yahoo.com *.gumgum.com smct.co cdn.smct.co smct.io cdn.smct.io px.smct.co px.smct.io ep.smct.co ep.smct.io *.teads.tv; connect-src 'self' blob: android-webview-video-poster: *.sky.com wss://*.sky.com *.skyassets.com *.bskyb.com *.15gifts.com api.amplitude.com bat.bing.com *.bf.dynatrace.com britishskybroadcasti.tt.omtrdc.net *.clicktale.net *.optimizely.com cdn.privacy-mgmt.com *.demdex.net *.doubleclick.net *.assistant.watson.appdomain.cloud *.qualtrics.com vip.timezonedb.com www.google-analytics.com api.amplitude.com *.go-mpulse.net *.akstat.io api.iperceptions.com www.facebook.com www.zenaps.com *.google.com *.google.co.uk *.google.ie s0.2mdn.net *.contentstack.io help-search-api-stage.herokuapp.com wss://*.liveperson.net *.lpsnmedia.net cdn.spatialbuzz.com prod-my-photo-api.herokuapp.com track.uniqodo.com connect.facebook.net engagement.uniqodo.com www.gstatic.com *.liveperson.net assets.adobedtm.com *.tvsquared.com *.googlesyndication.com www.googletagmanager.com wss://127.0.0.1 *.contentsquare.net www.googleadservices.com *.lucidcx.com awk.epgsky.com production-retriever.herokuapp.com cdn-assets-prod.s3.amazonaws.com apps.8thwall.com sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com match.adsrvr.org pm.w55c.net dmp.v.fwmrm.net ct.pinterest.com tr.snapchat.com www.pinterest.com secure.adnxs.com www.pinterest.co.uk *.yimg.com smct.co smct.co js.smct.co smct.io js.smct.io ipb.smct.co ipb.smct.io cfg.smct.co cfg.smct.io ep.smct.co ep.smct.io cognito-identity.eu-west-1.amazonaws.com firehose.eu-west-1.amazonaws.com *.teads.tv; frame-src 'self' blob: *.sky.com *.bskyb.com *.skyassets.com *.15gifts.com *.doubleclick.net *.optimizely.com *.demdex.net *.online-metrix.net *.lpsnmedia.net *.qualtrics.com www.facebook.com cdn.privacy-mgmt.com universal.iperceptions.com *.google.com *.google.co.uk *.google.ie *.clicktale.net s0.2mdn.net www.zenaps.com connect.facebook.net *.liveperson.net www.google-analytics.com analytics.twitter.com cdn.spatialbuzz.com assets.adobedtm.com *.googlesyndication.com *.contentsquare.net www.googleadservices.com sky.lucidcx.com live.tvgenius.net servedby.flashtalking.com players.brightcove.net sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com match.adsrvr.org pm.w55c.net dmp.v.fwmrm.net tr.snapchat.com ct.pinterest.com www.pinterest.com secure.adnxs.com www.pinterest.co.uk smct.co smct.io ls.smct.co ls.smct.io d2d7do8qaecbru.cloudfront.net; worker-src 'self' blob: *.sky.com *.skyassets.com assets.adobedtm.com *.liveperson.net; child-src 'self' blob:; media-src 'self' data: *.sky.com *.skyassets.com http://static.video.sky.com *.15gifts.com *.contentstack.io *.lpsnmedia.net *.doubleclick.net *.google.com *.google.co.uk *.google.ie *.clicktale.net *.liveperson.net www.facebook.com bat.bing.com *.demdex.net assets.adobedtm.com www.google-analytics.com *.contentsquare.net *.googlesyndication.com; object-src 'self' *.sky.com; report-uri /csp-reports
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my-dashboard-plan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 14:23:25 GMT
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
4484
x-xss-protection
1; mode=block
last-modified
Thu, 02 Jul 2020 12:51:23 GMT
server
Akamai Image Manager
etag
"7bc31a3e54b13abef5ccd0e11891112f"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=43200
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' android-webview-video-poster: *.sky.com *.bskyb.com *.skyassets.com *.lpsnmedia.net *.liveperson.net *.doubleclick.net http://ad.doubleclick.net analytics.twitter.com assets.adobedtm.com bat.bing.com cdn3.nowinteract.com *.clicktale.net *.tvsquared.com connect.facebook.net imp3.nowinteract.com *.googlesyndication.com s2.go-mpulse.net secure.quantserve.com *.qualtrics.com *.15gifts.com smct.co track.uniqodo.com *.assistant.watson.appdomain.cloud www.dwin1.com www.google-analytics.com www.googletagmanager.com static.ads-twitter.com staging-liveperson-dtm.herokuapp.com cdn.tt.omtrdc.net *.demdex.net *.cloudfront.net ssl.google-analytics.com ecustomeropinions.com universal.iperceptions.com sd.iperceptions.com britishskybroadcasti.tt.omtrdc.net cti.w55c.net platform.twitter.com www.awin1.com s0.2mdn.net www.zenaps.com *.google.com *.google.co.uk *.google.ie data1.ablapol.com www.facebook.com *.optimizely.com cdn.spatialbuzz.com cdn.privacy-mgmt.com *.contentsquare.net www.googleadservices.com servedby.flashtalking.com *.lucidcx.com www.gstatic.com *.8thwall.com cdnjs.cloudflare.com rules.quantcount.com t.contentsquare.net contentsquare.com app.contentsquare.com cdn-assets-prod.s3.amazonaws.com apps.8thwall.com sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com dmp.vfwmrm.net match.adsrvr.org pm.w55c.net tr.snapchat.com secure.adnxs.com www.uqd.io *.yimg.com yahoo.com *.teads.tv smct.co js.smct.co smct.io js.smct.io; style-src 'self' 'unsafe-inline' *.sky.com *.skyassets.com *.15gifts.com s0.2mdn.net www.gstatic.com *.liveperson.net www.facebook.com *.doubleclick.net assets.adobedtm.com www.google-analytics.com *.lpsnmedia.net *.clicktale.net *.contentsquare.net *.googlesyndication.com sky.lucidcx.com fonts.googleapis.com; font-src 'self' data: *.sky.com fonts.gstatic.com http://fonts.gstatic.com *.skyassets.com use.typekit.net *.15gifts.com *.google.com *.google.co.uk *.google.ie sky.lucidcx.com cdn.8thwall.com tr.snapchat.com www.pinterest.com fonts.smct.co fonts.smct.io fonts.gstatic.com; img-src 'self' data: android-webview-video-poster: *.sky.com http://search.sky.com *.doubleclick.net *.skyassets.com *.15gifts.com bat.bing.com *.clicktale.net *.optimizely.com *.tvsquared.com *.demdex.net *.online-metrix.net *.qualtrics.com t.co tracking.audio.thisisdax.com www.facebook.com www.google-analytics.com *.google.com *.google.co.uk *.google.ie *.atdmt.com *.cloudfront.net live.staticflickr.com tags.w55c.net www.googletagmanager.com *.contentstack.io *.lpsnmedia.net s0.2mdn.net www.zenaps.com connect.facebook.net engagement.uniqodo.com *.liveperson.net www.gstatic.com www.awin1.com analytics.twitter.com cdn.spatialbuzz.com assets.adobedtm.com cdn.privacy-mgmt.com *.googlesyndication.com *.contentsquare.net www.googleadservices.com servedby.flashtalking.com *.lucidcx.com cdn.8thwall.com uniqodo.s3-eu-west-1.amazonaws.com production-image-placeholder.herokuapp.com pixel.quantserve.com http://t.newsletter.contact.sky *.sky 8th.io sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com match.adsrvr.org pm.w55c.net dmp.v.fwmrm.net ct.pinterest.com tr.snapchat.com www.pinterest.com secure.adnxs.com events.smct.co *.yahoo.com *.gumgum.com smct.co cdn.smct.co smct.io cdn.smct.io px.smct.co px.smct.io ep.smct.co ep.smct.io *.teads.tv; connect-src 'self' blob: android-webview-video-poster: *.sky.com wss://*.sky.com *.skyassets.com *.bskyb.com *.15gifts.com api.amplitude.com bat.bing.com *.bf.dynatrace.com britishskybroadcasti.tt.omtrdc.net *.clicktale.net *.optimizely.com cdn.privacy-mgmt.com *.demdex.net *.doubleclick.net *.assistant.watson.appdomain.cloud *.qualtrics.com vip.timezonedb.com www.google-analytics.com api.amplitude.com *.go-mpulse.net *.akstat.io api.iperceptions.com www.facebook.com www.zenaps.com *.google.com *.google.co.uk *.google.ie s0.2mdn.net *.contentstack.io help-search-api-stage.herokuapp.com wss://*.liveperson.net *.lpsnmedia.net cdn.spatialbuzz.com prod-my-photo-api.herokuapp.com track.uniqodo.com connect.facebook.net engagement.uniqodo.com www.gstatic.com *.liveperson.net assets.adobedtm.com *.tvsquared.com *.googlesyndication.com www.googletagmanager.com wss://127.0.0.1 *.contentsquare.net www.googleadservices.com *.lucidcx.com awk.epgsky.com production-retriever.herokuapp.com cdn-assets-prod.s3.amazonaws.com apps.8thwall.com sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com match.adsrvr.org pm.w55c.net dmp.v.fwmrm.net ct.pinterest.com tr.snapchat.com www.pinterest.com secure.adnxs.com www.pinterest.co.uk *.yimg.com smct.co smct.co js.smct.co smct.io js.smct.io ipb.smct.co ipb.smct.io cfg.smct.co cfg.smct.io ep.smct.co ep.smct.io cognito-identity.eu-west-1.amazonaws.com firehose.eu-west-1.amazonaws.com *.teads.tv; frame-src 'self' blob: *.sky.com *.bskyb.com *.skyassets.com *.15gifts.com *.doubleclick.net *.optimizely.com *.demdex.net *.online-metrix.net *.lpsnmedia.net *.qualtrics.com www.facebook.com cdn.privacy-mgmt.com universal.iperceptions.com *.google.com *.google.co.uk *.google.ie *.clicktale.net s0.2mdn.net www.zenaps.com connect.facebook.net *.liveperson.net www.google-analytics.com analytics.twitter.com cdn.spatialbuzz.com assets.adobedtm.com *.googlesyndication.com *.contentsquare.net www.googleadservices.com sky.lucidcx.com live.tvgenius.net servedby.flashtalking.com players.brightcove.net sc-static.net acdn.adnxs.com s.pinimg.com ib.adnxs.com match.adsrvr.org pm.w55c.net dmp.v.fwmrm.net tr.snapchat.com ct.pinterest.com www.pinterest.com secure.adnxs.com www.pinterest.co.uk smct.co smct.io ls.smct.co ls.smct.io d2d7do8qaecbru.cloudfront.net; worker-src 'self' blob: *.sky.com *.skyassets.com assets.adobedtm.com *.liveperson.net; child-src 'self' blob:; media-src 'self' data: *.sky.com *.skyassets.com http://static.video.sky.com *.15gifts.com *.contentstack.io *.lpsnmedia.net *.doubleclick.net *.google.com *.google.co.uk *.google.ie *.clicktale.net *.liveperson.net www.facebook.com bat.bing.com *.demdex.net assets.adobedtm.com www.google-analytics.com *.contentsquare.net *.googlesyndication.com; object-src 'self' *.sky.com; report-uri /csp-reports
access-control-allow-headers
*
expires
Fri, 18 Feb 2022 02:23:25 GMT
truncated
/
353 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b858be201e0b3536ad333382bf4b8be55e9e2fdebc3ede07aca54676419f7efd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
530 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afa3f8f93435fecb5d86ece92704d0ada1fd1495b5ceaad6a8c403c4b67e8b0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
sky-regular.woff2
static.skyassets.com/fonts/
25 KB
26 KB
Font
General
Full URL
https://static.skyassets.com/fonts/sky-regular.woff2
Requested by
Host: my-dashboard-plan.com
URL: https://my-dashboard-plan.com/css/toolkit.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:198::36fb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a0c4fd365644d3ab297a2c06bacaaa01fe7e093c8cceb9605e4c13fb22099bad

Request headers

Referer
https://my-dashboard-plan.com/
Origin
https://my-dashboard-plan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 14:23:25 GMT
last-modified
Tue, 01 Oct 2019 08:22:27 GMT
server
AkamaiNetStorage
etag
"16624a0abfe12f40974d7a404e0d2c8d:1569918147.52558"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=700741
accept-ranges
bytes
content-length
25864
expires
Fri, 25 Feb 2022 17:02:26 GMT
sky-medium.woff2
static.skyassets.com/fonts/
25 KB
25 KB
Font
General
Full URL
https://static.skyassets.com/fonts/sky-medium.woff2
Requested by
Host: my-dashboard-plan.com
URL: https://my-dashboard-plan.com/css/toolkit.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:198::36fb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c8c84936db164aa706a26fed3c7c28d713f6e0c95f7913624d58f57db0980b0a

Request headers

Referer
https://my-dashboard-plan.com/
Origin
https://my-dashboard-plan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 14:23:25 GMT
last-modified
Tue, 01 Oct 2019 08:22:27 GMT
server
AkamaiNetStorage
etag
"8e1d1979120f7fd6afc570056f890a3a:1569918147.263037"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=629184
accept-ranges
bytes
content-length
25612
expires
Thu, 24 Feb 2022 21:09:49 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sky (Entertainment)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

1 Cookies

Domain/Path Name / Value
my-dashboard-plan.com/ Name: PHPSESSID
Value: 85f03a5d3e195bcc9b14540b460d6503

2 Console Messages

Source Level URL
Text
other warning URL: https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU
Message:
A preload for 'https://www.sky.com/assets/masthead/images/sky-logo.png' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript warning URL: https://my-dashboard-plan.com/login.php?sessionID=CwoXP0tAOiQSlI63ozS6qv2alhnC2AyeRdg45ak6NB66KqgCGDlV0XRuObM0LuhEm59ekFeF2FzfxKjtNclphE0Wnz2QoTJ53HQU
Message:
The resource https://www.sky.com/assets/masthead/images/sky-logo.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.