sky.com.se
Open in
urlscan Pro
198.54.115.59
Malicious Activity!
Public Scan
Effective URL: https://sky.com.se/claim/refund/
Submission: On January 13 via manual from GB — Scanned from GB
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 26th 2021. Valid for: a year.
This is the only time sky.com.se was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sky (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 18 | 198.54.115.59 198.54.115.59 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
3 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6810:5614 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:dd1d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 198.145.13.12 198.145.13.12 | 2044 (DF-PTL01) (DF-PTL01) | |
24 | 7 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server65-2.web-hosting.com
sky.com.se |
ASN2044 (DF-PTL01, US)
PTR: getclicky.com
in.getclicky.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
com.se
2 redirects
sky.com.se |
607 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202 |
102 KB |
2 |
getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 10412 in.getclicky.com — Cisco Umbrella Rank: 8629 |
6 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 398 |
23 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 541 |
29 KB |
24 | 5 |
Domain | Requested by | |
---|---|---|
18 | sky.com.se |
2 redirects
sky.com.se
cdnjs.cloudflare.com |
3 | cdnjs.cloudflare.com |
sky.com.se
|
2 | cdn.jsdelivr.net |
sky.com.se
|
1 | in.getclicky.com |
static.getclicky.com
|
1 | static.getclicky.com |
sky.com.se
|
1 | code.jquery.com |
sky.com.se
|
24 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.sky.com |
skyid.sky.com |
skyaccessibility.sky |
www.skygroup.sky |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sky.com.se Sectigo RSA Domain Validation Secure Server CA |
2021-11-26 - 2022-11-26 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA |
2020-08-03 - 2022-08-03 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://sky.com.se/claim/refund/
Frame ID: 35AB09FF3C21CE4D1F64C1EE2CAD041D
Requests: 25 HTTP requests in this frame
Screenshot
Page Title
Sky - Sign in | Sky.comPage URL History Show full URLs
-
http://sky.com.se/
HTTP 301
https://sky.com.se/ Page URL
-
https://sky.com.se/claim/
HTTP 302
https://sky.com.se/claim/refund/ Page URL
Detected technologies
Clicky (Analytics) ExpandDetected patterns
- static\.getclicky\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
30 Outgoing links
These are links going to different origins than the main page.
Title: TV
Search URL Search Domain Scan URL
Title: TV & Broadband
Search URL Search Domain Scan URL
Title: Cinema
Search URL Search Domain Scan URL
Title: Sports
Search URL Search Domain Scan URL
Title: What to Watch
Search URL Search Domain Scan URL
Title: Sky Q
Search URL Search Domain Scan URL
Title: Broadband
Search URL Search Domain Scan URL
Title: Mobile
Search URL Search Domain Scan URL
Title: Tablets
Search URL Search Domain Scan URL
Title: SIM Only
Search URL Search Domain Scan URL
Title: Brands
Search URL Search Domain Scan URL
Title: Accessories
Search URL Search Domain Scan URL
Title: SIM Activation
Search URL Search Domain Scan URL
Title: Manage
Search URL Search Domain Scan URL
Title: Deals
Search URL Search Domain Scan URL
Title: TV & Broadband
Search URL Search Domain Scan URL
Title: My Account
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: username
Search URL Search Domain Scan URL
Title: password
Search URL Search Domain Scan URL
Title: Need an online account?
Search URL Search Domain Scan URL
Title: Privacy & Cookies Notice
Search URL Search Domain Scan URL
Title: Sky home page
Search URL Search Domain Scan URL
Title: Terms & conditions
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Site map
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Complaints
Search URL Search Domain Scan URL
Title: Sky Group
Search URL Search Domain Scan URL
Title: Store locator
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://sky.com.se/
HTTP 301
https://sky.com.se/ Page URL
-
https://sky.com.se/claim/
HTTP 302
https://sky.com.se/claim/refund/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://sky.com.se/ HTTP 301
- https://sky.com.se/
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
sky.com.se/ Redirect Chain
|
294 KB 30 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m3d.css
sky.com.se/ |
151 B 350 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.4.min.js
code.jquery.com/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax.php
sky.com.se/m3dularbh/ |
0 136 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
sky.com.se/claim/refund/ Redirect Chain
|
666 KB 65 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
toolkit-core.min.css
sky.com.se/claim/refund/assets/ |
36 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sky-logo.png
sky.com.se/claim/refund/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
toolkit.min.css
sky.com.se/claim/refund/assets/ |
122 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle-acd498bd.css
sky.com.se/claim/refund/assets/ |
44 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sky-regular.woff2
sky.com.se/claim/refund/fonts/ |
25 KB 25 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sky-medium.woff2
sky.com.se/claim/refund/fonts/ |
25 KB 25 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.eabdc203e363a79ed6e9.css
sky.com.se/claim/refund/dssp/watch/assets/ |
520 KB 123 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.eabdc203e363a79ed6e9-blessed1.css
sky.com.se/claim/refund/dssp/watch/assets/ |
498 KB 62 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.eabdc203e363a79ed6e9-blessed2.css
sky.com.se/claim/refund/dssp/watch/assets/ |
121 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Sign_in_asset_-_full_width.png
sky.com.se/claim/refund/assets/ |
217 KB 218 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ |
281 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ |
23 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/ |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
additional-methods.js
cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/ |
51 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mask.js
sky.com.se/claim/refund/form/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
101349611.js
static.getclicky.com/ |
15 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sky-logo.png
sky.com.se/claim/refund/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
353 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in.php
in.getclicky.com/ |
139 B 435 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sky (Entertainment)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onsecuritypolicyviolation object| onslotchange function| $ function| jQuery object| clicky_obj object| clicky object| clicky_custom undefined| test object| clicky_site_ids object| _genericStats object| _genericStatsCustom4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sky.com.se/ | Name: PHPSESSID Value: 61f0c50b182ff6286f44d2d37fc17882 |
|
.sky.com.se/ | Name: _first_pageview Value: 1 |
|
.sky.com.se/ | Name: _jsuid Value: 1246998887 |
|
in.getclicky.com/ | Name: cluid Value: 1246998887 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
in.getclicky.com
sky.com.se
static.getclicky.com
198.145.13.12
198.54.115.59
2001:4de0:ac18::1:a:1a
2606:4700::6810:125e
2606:4700::6810:5614
2606:4700::6810:dd1d
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
085f777ea15c86fe2f0352fa90261641beffa68f3332ae4817e9fa696780d1c3
2ffab5435cecbb784332bb55063e0d4f991dc0299deedce3a3d8c618d16841cd
30e59037f0bdb32c341760a756688235b6cb2884f3cc8cc01ea49f55a6cff12c
319e55db8d1178ffc0982f5e12322d43066c136d6e14ce8d9b1b37cf2c2f1899
325906e10930e9eab32395be9c8fd46132926a722ed4767e834e1193f53fb16f
35cc8734b0a1e3a9d53053a2ab88faa1967903c6f357a5789dffca403a16e208
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
44df0e0fc997dcb6ec19680189b1043e3c077e788ca3a0551c533d3c646d87bf
9ed395fe132970b5c8d4e58891541f3781aa535ef2c7897918dcc522e09faf85
a0c4fd365644d3ab297a2c06bacaaa01fe7e093c8cceb9605e4c13fb22099bad
af7ec06aafce1fbbc0bd2eb5271ea2a9f38d7b8d496bd4df2898aebea6bdcef8
af9652b231e2759f0dd7c92645df4dd05b5954021c790c3c1dc52ccae51172c8
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
b259280bbd999616707d2b374714c2f949d4b05448f281a87ef6a4f91287453b
b471d8f7be349253211399c6fabc7dcb754b8c3022ab451947ab313c44c409c5
b858be201e0b3536ad333382bf4b8be55e9e2fdebc3ede07aca54676419f7efd
c113ebc50cb4d96a2b7829a0aaca2fe5a01b36197859283dab10767d6a267072
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70
c8c84936db164aa706a26fed3c7c28d713f6e0c95f7913624d58f57db0980b0a
e27e3c04778c3f638acd045366223fd95bbbf4b16fcdd92037c8cfa939a756bd
e55d9cd27634ff29e28ad30f56f7ad419d0b6b86d3d9d9433970334f28e2f5a8