![](/screenshots/3210a65c-022c-4d3f-a33b-ba7909ffc0de.png)
skfjuf65.top
Open in
urlscan Pro
172.67.129.224
Malicious Activity!
Public Scan
Submission: On June 21 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by WE1 on June 18th 2024. Valid for: 3 months.
This is the only time skfjuf65.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 172.67.129.224 172.67.129.224 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
9 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
skfjuf65.top
skfjuf65.top |
517 KB |
1 |
msauth.net
logincdn.msauth.net — Cisco Umbrella Rank: 4527 |
1 KB |
9 | 2 |
Domain | Requested by | |
---|---|---|
8 | skfjuf65.top |
skfjuf65.top
|
1 | logincdn.msauth.net |
skfjuf65.top
|
9 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
skfjuf65.top WE1 |
2024-06-18 - 2024-09-16 |
3 months | crt.sh |
identitycdn.msauth.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-06-07 - 2025-06-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://skfjuf65.top/
Frame ID: 35B8E947AF40E9D2E8681BCA31D4DBBE
Requests: 9 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
skfjuf65.top/ |
544 B 710 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chunk-vendors.9b17fbaf.js
skfjuf65.top/js/ |
2 MB 414 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.ygv4E3Vwmq.js
skfjuf65.top/js/ |
64 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chunk-vendors.fUU0x5Nm.css
skfjuf65.top/css/ |
262 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.XqK2a3cY.css
skfjuf65.top/css/ |
172 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_bc3d32a696895f78c19d.svg
logincdn.msauth.net/shared/5/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
SyPR3sq7Ky.png
skfjuf65.top/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.jpg
skfjuf65.top/img/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
skfjuf65.top/ |
555 B 555 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| webpackChunklogg function| clearImmediate function| setImmediate function| _0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
logincdn.msauth.net
skfjuf65.top
172.67.129.224
2620:1ec:bdf::45
030209247eb6425a8dad49177661967e46641932d9233ff4e83b72464ee75e7d
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
3365fd5bcca6db3766cf099d5bbb74dc8db7fae302c30fa6bdf43eeddaf98742
3812baaf9b340189652c2177dc33f9f6288a47fd54d9705492e7432b5b4a64d8
74047ad6ed440664f8626861883aeacde1546d6e1473ff0fd795b9ed95cba907
779426f1cd925a9ddf359cc4d446b7d72ad1e2e5492b82c04486a2b54df90067
7b3c8d90caf1e5c203fb0a0b8d604e447aa62da3df70b8338394c71fb1dc5800
9b9f434560a8a4db91ddce1e6e673c4f347afa511f42c9762eeb523762cf5db3
fe6851cb848d2e42bb5213f9c4a39cbe728d3af73d4cf12237e9aa2d4d7fb791