www.castleschool.co.uk
Open in
urlscan Pro
46.32.249.224
Malicious Activity!
Public Scan
Effective URL: https://www.castleschool.co.uk/FEDWIREREF/home/?sslchannel=true&sessionid=UveBe1YV81Du6gCLM9Dhd8GOChRZx22njxIVk23N0TDOi1h2DGXou...
Submission: On December 18 via manual from US
Summary
TLS certificate: Issued by Starfield Secure Certificate Authorit... on October 2nd 2019. Valid for: a year.
This is the only time www.castleschool.co.uk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Standard Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 184.187.220.69 184.187.220.69 | 22773 (ASN-CXA-A...) (ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc.) | |
1 13 | 46.32.249.224 46.32.249.224 | 20738 (GD-EMEA-D...) (GD-EMEA-DC-LD5) | |
2 | 104.16.243.67 104.16.243.67 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2620:0:862:ed... 2620:0:862:ed1a::2:b | 14907 (WIKIMEDIA) (WIKIMEDIA - Wikimedia Foundation Inc.) | |
1 | 95.131.143.115 95.131.143.115 | 47841 (OXALIDE) (OXALIDE) | |
37 | 5 |
ASN22773 (ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc., US)
PTR: webhost.acghosting.com
gsmx.thebusybodymassage.com |
ASN20738 (GD-EMEA-DC-LD5, GB)
PTR: 772124.vps-10.com
www.castleschool.co.uk |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
onlinebanking.standardbank.co.za |
ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US)
upload.wikimedia.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
castleschool.co.uk
1 redirects
www.castleschool.co.uk |
43 KB |
2 |
standardbank.co.za
onlinebanking.standardbank.co.za |
32 KB |
1 |
itespresso.fr
www.itespresso.fr |
11 KB |
1 |
wikimedia.org
upload.wikimedia.org |
29 KB |
1 |
thebusybodymassage.com
1 redirects
gsmx.thebusybodymassage.com |
262 B |
37 | 5 |
Domain | Requested by | |
---|---|---|
13 | www.castleschool.co.uk |
1 redirects
www.castleschool.co.uk
|
2 | onlinebanking.standardbank.co.za |
www.castleschool.co.uk
|
1 | www.itespresso.fr |
www.castleschool.co.uk
|
1 | upload.wikimedia.org |
www.castleschool.co.uk
|
1 | gsmx.thebusybodymassage.com | 1 redirects |
37 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
onlinebanking.standardbank.co.za |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.castleschool.co.uk Starfield Secure Certificate Authority - G2 |
2019-10-02 - 2020-10-02 |
a year | crt.sh |
standardbank.co.za CloudFlare Inc ECC CA-2 |
2019-11-25 - 2020-10-09 |
10 months | crt.sh |
*.wikipedia.org GlobalSign ECC OV SSL CA 2018 |
2019-11-08 - 2020-11-22 |
a year | crt.sh |
*.itespresso.fr Gandi Standard SSL CA 2 |
2018-04-18 - 2020-04-18 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.castleschool.co.uk/FEDWIREREF/home/?sslchannel=true&sessionid=UveBe1YV81Du6gCLM9Dhd8GOChRZx22njxIVk23N0TDOi1h2DGXouDWcH8UJpage9GxvUCbgc0Nm5fJX
Frame ID: 551524B974994866DEEBB5AE0DD1D261
Requests: 35 HTTP requests in this frame
Frame:
https://www.castleschool.co.uk/FEDWIREREF/home/home_data/dest5.html
Frame ID: 09EF22276BE9CDA9701E918F1FDFED27
Requests: 1 HTTP requests in this frame
Frame:
https://www.castleschool.co.uk/FEDWIREREF/home/home_data/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 4F47A7B04DFCDF476E7F111B6BBB5C94
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://gsmx.thebusybodymassage.com/
HTTP 301
https://www.castleschool.co.uk/FEDWIREREF HTTP 301
https://www.castleschool.co.uk/FEDWIREREF/ Page URL
- https://www.castleschool.co.uk/FEDWIREREF/home/?sslchannel=true&sessionid=UveBe1YV81Du6gCLM9Dhd8GOChRZx22nj... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: T&C's
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://gsmx.thebusybodymassage.com/
HTTP 301
https://www.castleschool.co.uk/FEDWIREREF HTTP 301
https://www.castleschool.co.uk/FEDWIREREF/ Page URL
- https://www.castleschool.co.uk/FEDWIREREF/home/?sslchannel=true&sessionid=UveBe1YV81Du6gCLM9Dhd8GOChRZx22njxIVk23N0TDOi1h2DGXouDWcH8UJpage9GxvUCbgc0Nm5fJX Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://gsmx.thebusybodymassage.com/ HTTP 301
- https://www.castleschool.co.uk/FEDWIREREF HTTP 301
- https://www.castleschool.co.uk/FEDWIREREF/
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.castleschool.co.uk/FEDWIREREF/ Redirect Chain
|
201 B 421 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.castleschool.co.uk/FEDWIREREF/home/ |
47 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.min.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
160 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1200px-Microsoft_Office_2013_logo.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/d/dd/Microsoft_Office_2013_logo.svg/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Illustration-reg-complete-.png
www.castleschool.co.uk/FEDWIREREF/home/home_data/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
locked_24_tertiary.png
www.castleschool.co.uk/FEDWIREREF/home/home_data/ |
351 B 520 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft-office-iphone1.jpg
www.itespresso.fr/wp-content/uploads/2013/06/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icn_register_28.png
www.castleschool.co.uk/FEDWIREREF/home/home_data/ |
611 B 780 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
www.castleschool.co.uk/FEDWIREREF/home/home_data/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_south_africa_white.png
www.castleschool.co.uk/FEDWIREREF/home/home_data/ |
850 B 1019 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_global_white.png
www.castleschool.co.uk/FEDWIREREF/home/home_data/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_email_white.png
www.castleschool.co.uk/FEDWIREREF/home/home_data/ |
795 B 964 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.html
www.castleschool.co.uk/FEDWIREREF/home/home_data/ Frame 09EF |
353 B 366 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
www.castleschool.co.uk/FEDWIREREF/home/home_data/ Frame 4F47 |
386 B 397 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
add.png
www.castleschool.co.uk/FEDWIREREF/home/home_data/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed22.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed21.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed20.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed19.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed18.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.min-blessed17.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
164 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed16.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed15.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed14.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed13.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed12.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed11.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed10.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed9.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed8.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed7.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed6.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed5.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed4.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed3.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed2.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.min-blessed1.css
onlinebanking.standardbank.co.za/assets/stylesheets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed22.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed21.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed20.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed19.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed18.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed16.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed15.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed14.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed13.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed12.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed11.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed10.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed9.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed8.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed7.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed6.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed5.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed4.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed3.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed2.css?z=1575629566874
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/assets/stylesheets/css/app.min-blessed1.css?z=1575629566874
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Standard Bank (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
gsmx.thebusybodymassage.com
onlinebanking.standardbank.co.za
upload.wikimedia.org
www.castleschool.co.uk
www.itespresso.fr
onlinebanking.standardbank.co.za
104.16.243.67
184.187.220.69
2620:0:862:ed1a::2:b
46.32.249.224
95.131.143.115
072f810fe1de2041a1ea75da75cdbf4353c6f556099cabfdc1375c684722bd46
13b5669dc857866805c2037d38b9700ffc95962336efacaf00fa540ef3aabb0c
2daf53b1d65351e31f6c8513731bec5ecd65fd1c072d8ddd5521e35cc31a73de
539663d83d4d2e55bca59ded8aefef25111691bc9795d5c0c1d13b142795cf6e
613435072f515417d02c4e95dae049095cbbfa98047f9c32a8e62ef0491e5223
659ec5c9f365d3e03d205766dcf6103fdb716dae3e99d8742d33f1e31eb37b2d
66c793150de3344dbfa18f345d8b2d99ac38f527888f1e00c36cca04d94b8540
6b11fa8f5938a0fa5e319beecddea5d663d16541ce49abe1e82494d5bf21fbcf
732987a7343d35e1db743bc4e94c3cb0e91854be7495c0468cda4aba340bf30c
a98db87f78fe65c1c150fe8eddba301a4040bec74b19304bcad6405dbc323d9d
adf79ff720d874bc61b5175914a519df3c9d3b80bbc0b32864714fdc287a5c82
b7b76d870a0a9617e0f6126f9c78b7d35733c13d67bd7df584515e8b32594f18
bcfdc0e59fbbdf96520e99e89f23622ae0b371c27b3f814f22a8cc8fc9d12f5d
c0442df7433bcf39cb8210da2fb54f218e1f9520823efb8b57fb2ad121f19fd4
d0a9d751061afbe3cb763b4da12dc9c6092300d228881d77a80689bce7863708