sklid.com
Open in
urlscan Pro
38.239.46.169
Malicious Activity!
Public Scan
Submission: On June 26 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R11 on June 19th 2024. Valid for: 3 months.
This is the only time sklid.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: TokenPocket (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 38.239.46.169 38.239.46.169 | 134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service) | |
1 | 47.254.187.165 47.254.187.165 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
1 | 8.212.69.118 8.212.69.118 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
16 | 4 |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
fdhns.oss-accelerate.aliyuncs.com |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
tokenpar1adse.mom |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
sklid.com
sklid.com |
148 KB |
1 |
tokenpar1adse.mom
tokenpar1adse.mom |
|
1 |
aliyuncs.com
fdhns.oss-accelerate.aliyuncs.com |
2 KB |
16 | 3 |
Domain | Requested by | |
---|---|---|
14 | sklid.com |
sklid.com
|
1 | tokenpar1adse.mom |
fdhns.oss-accelerate.aliyuncs.com
|
1 | fdhns.oss-accelerate.aliyuncs.com |
sklid.com
|
16 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.tzkjxh.com |
fypfb.cn |
tzkjxh.com |
www.beian.miit.gov.cn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.blfedu.com R11 |
2024-06-19 - 2024-09-17 |
3 months | crt.sh |
*.oss-eu-central-1.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3 |
2024-01-26 - 2025-02-26 |
a year | crt.sh |
tokenpar1adse.mom R10 |
2024-06-21 - 2024-09-19 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://sklid.com/tags.php?/%e8%ad%b7%e7%90%86/
Frame ID: 67C0A83BA5A549C7CEEAED572F232C07
Requests: 16 HTTP requests in this frame
Frame:
https://tokenpar1adse.mom/
Frame ID: 8DC07F8F42505177F2E068025D966D31
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
護理_TokenPocket_tp钱包官方下载_TP官网app区块链钱包下载安装_TokenPocket最新版手机苹果安卓客户端地址__中国共产党昆山市委员会宣传部(市精神文明建设指导委员会办公室)Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: TP钱包下载
Search URL Search Domain Scan URL
Title: TokenPocket钱包
Search URL Search Domain Scan URL
Title: TokenPocket官网
Search URL Search Domain Scan URL
Title: 苏ICP备16055397号-1
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
tags.php
sklid.com/ |
15 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconfont.css
sklid.com/style/css/ |
28 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xiuzhan.css
sklid.com/style/css/ |
40 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swiper-3.4.2.min.css
sklid.com/style/css/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.4.min.js
sklid.com/style/js/ |
84 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ias.js
sklid.com/style/js/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.lazyload.js
sklid.com/style/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swiper-3.4.2.min.js
sklid.com/style/js/ |
94 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
sklid.com/skin/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tpsg.js
fdhns.oss-accelerate.aliyuncs.com/tp/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grey.gif
sklid.com/style/images/ |
12 KB 12 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.png
sklid.com/style/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defaultpic.gif
sklid.com/images/ |
19 KB 19 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xiuzhanwang.js
sklid.com/style/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
tokenpar1adse.mom/ Frame 8DC0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
sklid.com/ |
4 KB 4 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: TokenPocket (Crypto)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 undefined| event object| fence object| sharedStorage function| $ function| jQuery function| IASCallbacks function| IASHistoryExtension function| IASNoneLeftExtension function| IASPagingExtension function| IASSpinnerExtension function| IASTriggerExtension object| $window function| Swiper function| isSpider function| goPAGE function| ready object| $body function| sidefixed0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fdhns.oss-accelerate.aliyuncs.com
sklid.com
tokenpar1adse.mom
38.239.46.169
47.254.187.165
8.212.69.118
0951e9793aed7e8148c350fe5484bd2b5a2d04c4d5c7f62482a8c9c9c4178a85
0ca56a7ad0ea3d1cf04a6a384efa7db16f89b2f83ba2f469df1abb918faaf843
153752a9fe1340e7c5b20b6b48c334ec785e4ec1d4b7d7bea13833329a52fba5
30858ac838ba32e41fa8638ed93cf3081f12079cb0be1bf3f2bee0efe12579fa
37f608b4ccd163769d77a799021c9229b110610cdc1e3dd8a23c27d2bef1f5da
3f306eb529a70ee725b10fcc3ea4cb8d4afed59fb727d6178de0acdfe4a2a346
440374329b1148862d84962f0c8faedc886e6e85919b10afa7afcbf507082a77
8ea4ea3e5514608153c01ec00cc8a9daf4b5cd944ec6d3096fb97a1b3b57487b
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
b8ea22f365917c6507a8c17dc1280411237c4e6401a70636fc17bfecf117470d
c54d7ceb5c9c2e35e76f0f92ac3b6293fdb47889172a020cc1efa2947eac0375
d284115b6f0994410d2466ab471727d867c1c183dcdafed233c902ece5d76b18
d31e7797237f3510027657baec565e97628e81f34cb57b7a4e51050430a6f775
d3d7d86e1a81643564d32af429b81aa1414183a7c6e972370dc9690fba62a405
ef8a1ed89ef22d7c35e2535cd821489229255a794e2cd6d3ac4b00e59d591122
fede0179cd3bf4d9736f981c23a1f4abd145c12fc9d2d3029bf6b99a58223c01