urlscan.io logo urlscan.io
SecurityTrails logo

castlhill.com Open in urlscan Pro
159.65.99.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tinyurl.com/2d53wbsd/sjdkhgfkjsdghkdshjksdhgjkhsdkjghsdgsdgsdgsdg.html?od=1syf62322b447af37_vl_Active06vl_0t...
Effective URL: http://castlhill.com/images/whoops.jpg
Submission: On March 22 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 3 countries across 4 domains to perform 1 HTTP transactions. The main IP is 159.65.99.190, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is castlhill.com. The Cisco Umbrella rank of the primary domain is 894938.
This is the only time castlhill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 79.143.182.219 51167 (CONTABO)
1 1 103.227.252.132 59279 (IDNIC-RMI...)
1 159.65.99.190 14061 (DIGITALOC...)
1 1
Apex Domain
Subdomains		 Transfer
1 castlhill.com
castlhill.com — Cisco Umbrella Rank: 894938
41 KB
1 croodeboy.com
www.croodeboy.com
317 B
1 now-dns.org
s6oh8e5d96q65qd.now-dns.org
550 B
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 16797
539 B
1 4
Domain Requested by
1 castlhill.com
1 www.croodeboy.com 1 redirects
1 s6oh8e5d96q65qd.now-dns.org 1 redirects
1 tinyurl.com 1 redirects
1 4

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://castlhill.com/images/whoops.jpg
Frame ID: E58CEB30FBE7F6748E16FB810051B85E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

whoops.jpg (450×230)

Page URL History Show full URLs

  1. https://tinyurl.com/2d53wbsd/sjdkhgfkjsdghkdshjksdhgjkhsdkjghsdgsdgsdgsdg.html?od=1syf62322b447a... HTTP 301
    http://s6oh8e5d96q65qd.now-dns.org/sjdkhgfkjsdghkdshjksdhgjkhsdkjghsdgsdgsdgsdg.html?od=1syf62322b447af37_vl_Ac... HTTP 302
    https://www.croodeboy.com/moaMO71wnyGp4T8oBfHs12_AUMmSbDb68qvsJ1QsvcUSwyHEUIsZuPcy0py-6mwES3ifx8-HhKxx... HTTP 302
    http://castlhill.com/images/whoops.jpg Page URL

Page Statistics

1
Requests

0 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

1
IPs

3
Countries

41 kB
Transfer

41 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinyurl.com/2d53wbsd/sjdkhgfkjsdghkdshjksdhgjkhsdkjghsdgsdgsdgsdg.html?od=1syf62322b447af37_vl_Active06vl_0tq4.31wi3jo.U0000rh9z781fys010_x11070.h9z78MTNrYzl4LTJtbDRkZHM0g2s3U HTTP 301
    http://s6oh8e5d96q65qd.now-dns.org/sjdkhgfkjsdghkdshjksdhgjkhsdkjghsdgsdgsdgsdg.html?od=1syf62322b447af37_vl_Active06vl_0tq4.31wi3jo.U0000rh9z781fys010_x11070.h9z78MTNrYzl4LTJtbDRkZHM0g2s3U HTTP 302
    https://www.croodeboy.com/moaMO71wnyGp4T8oBfHs12_AUMmSbDb68qvsJ1QsvcUSwyHEUIsZuPcy0py-6mwES3ifx8-HhKxx802LVdatnw~~/sdgsdgsd_0tq62322b447b460/yf0tq%7CM21unJj=%7Ch9z78%7C13kc9x%7C2ml4dds%7C67348%7C0000rh9z78%7CU%7CDzy6pTS0nS9coaEypt==%7CPC%7C2stb6t5/p3yzAwVmZwWvAQD3LJLmA192oS9OL3EcqzHjAaMfKmO0pGD= HTTP 302
    http://castlhill.com/images/whoops.jpg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request whoops.jpg
castlhill.com/images/
Redirect Chain
  • https://tinyurl.com/2d53wbsd/sjdkhgfkjsdghkdshjksdhgjkhsdkjghsdgsdgsdgsdg.html?od=1syf62322b447af37_vl_Active06vl_0tq4.31wi3jo.U0000rh9z781fys010_x11070.h9z78MTNrYzl4LTJtbDRkZHM0g2s3U
  • http://s6oh8e5d96q65qd.now-dns.org/sjdkhgfkjsdghkdshjksdhgjkhsdkjghsdgsdgsdgsdg.html?od=1syf62322b447af37_vl_Active06vl_0tq4.31wi3jo.U0000rh9z781fys010_x11070.h9z78MTNrYzl4LTJtbDRkZHM0g2s3U
  • https://www.croodeboy.com/moaMO71wnyGp4T8oBfHs12_AUMmSbDb68qvsJ1QsvcUSwyHEUIsZuPcy0py-6mwES3ifx8-HhKxx802LVdatnw~~/sdgsdgsd_0tq62322b447b460/yf0tq%7CM21unJj=%7Ch9z78%7C13kc9x%7C2ml4dds%7C67348%7C00...
  • http://castlhill.com/images/whoops.jpg
41 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://castlhill.com/images/whoops.jpg
Protocol
HTTP/1.1
Server
159.65.99.190 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
378508849997be414ca3966a65635fd15b1bc2dbf1c733634b5054739088945e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.12.2
Date
Tue, 22 Mar 2022 00:28:49 GMT
Content-Type
image/jpeg
Content-Length
41589
Last-Modified
Wed, 18 Jul 2018 19:50:29 GMT
Connection
keep-alive
ETag
"5b4f9a05-a275"
Accept-Ranges
bytes

Redirect headers

Date
Tue, 22 Mar 2022 00:28:48 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Server
Apache
Location
http://castlhill.com/images/whoops.jpg

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

1 Cookies

Domain/Path Name / Value
.croodeboy.com/ Name: uid8759
Value: 683475200-20220321202848-0895b34e1369bd673295402fb3e540db-

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

castlhill.com
s6oh8e5d96q65qd.now-dns.org
tinyurl.com
www.croodeboy.com
103.227.252.132
159.65.99.190
2606:4700:10::6814:8b41
79.143.182.219
378508849997be414ca3966a65635fd15b1bc2dbf1c733634b5054739088945e