www.schoolutions.africa
Open in
urlscan Pro
116.202.84.239
Malicious Activity!
Public Scan
Submission: On February 08 via automatic, source openphish — Scanned from CA
Summary
This is the only time www.schoolutions.africa was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Orange (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 116.202.84.239 116.202.84.239 | 24940 (HETZNER-AS) (HETZNER-AS) | |
14 | 2 |
ASN24940 (HETZNER-AS, DE)
PTR: rosie.hyliahub.com
www.schoolutions.africa |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
schoolutions.africa
www.schoolutions.africa |
3 MB |
14 | 1 |
Domain | Requested by | |
---|---|---|
8 | www.schoolutions.africa |
www.schoolutions.africa
|
14 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.schoolutions.africa/modules/post/z0n51/
Frame ID: C40C2C4AF407079F71BBB1AB5879A6D1
Requests: 14 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- http://www.schoolutions.africa/modules/post/z0n51/assets/dotsfont.582da904189bcce6.woff2 HTTP 301
- https://www.schoolutions.africa/modules/post/z0n51/assets/dotsfont.582da904189bcce6.woff2
- http://www.schoolutions.africa/modules/post/z0n51/assets/HelvNeue45_W1G.0110ef3a18f066bb.woff2 HTTP 301
- https://www.schoolutions.africa/modules/post/z0n51/assets/HelvNeue45_W1G.0110ef3a18f066bb.woff2
- http://www.schoolutions.africa/modules/post/z0n51/assets/HelvNeue75_W1G.f364686bceea8316.woff2 HTTP 301
- https://www.schoolutions.africa/modules/post/z0n51/assets/HelvNeue75_W1G.f364686bceea8316.woff2
- http://www.schoolutions.africa/modules/post/z0n51/assets/dotsfont.03594d68762bf6e4.woff HTTP 301
- https://www.schoolutions.africa/modules/post/z0n51/assets/dotsfont.03594d68762bf6e4.woff
- http://www.schoolutions.africa/modules/post/z0n51/HelvNeue45_W1G.0110ef3a18f066bb.woff2 HTTP 301
- https://www.schoolutions.africa/modules/post/z0n51/HelvNeue45_W1G.0110ef3a18f066bb.woff2
- http://www.schoolutions.africa/modules/post/z0n51/HelvNeue75_W1G.f364686bceea8316.woff2 HTTP 301
- https://www.schoolutions.africa/modules/post/z0n51/HelvNeue75_W1G.f364686bceea8316.woff2
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.schoolutions.africa/modules/post/z0n51/ |
70 KB 71 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.5.1.min.js
www.schoolutions.africa/modules/post/z0n51/assets/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe_api
www.schoolutions.africa/modules/post/z0n51/assets/ |
980 B 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.dad052a9765332b7.css
www.schoolutions.africa/modules/post/z0n51/assets/ |
108 KB 108 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
orange-bank-logo.png
www.schoolutions.africa/modules/post/z0n51/assets/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.a3e3353b38223ca9.js
www.schoolutions.africa/modules/post/z0n51/assets/ |
137 KB 137 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.7e588ed5fa9e806f.js
www.schoolutions.africa/modules/post/z0n51/assets/ |
28 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.653f85804406c299.js
www.schoolutions.africa/modules/post/z0n51/assets/ |
3 MB 3 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dotsfont.582da904189bcce6.woff2
www.schoolutions.africa/modules/post/z0n51/assets/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
HelvNeue45_W1G.0110ef3a18f066bb.woff2
www.schoolutions.africa/modules/post/z0n51/assets/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
HelvNeue75_W1G.f364686bceea8316.woff2
www.schoolutions.africa/modules/post/z0n51/assets/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dotsfont.03594d68762bf6e4.woff
www.schoolutions.africa/modules/post/z0n51/assets/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
HelvNeue45_W1G.0110ef3a18f066bb.woff2
www.schoolutions.africa/modules/post/z0n51/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
HelvNeue75_W1G.f364686bceea8316.woff2
www.schoolutions.africa/modules/post/z0n51/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.schoolutions.africa
- URL
- https://www.schoolutions.africa/modules/post/z0n51/assets/dotsfont.582da904189bcce6.woff2
- Domain
- www.schoolutions.africa
- URL
- https://www.schoolutions.africa/modules/post/z0n51/assets/HelvNeue45_W1G.0110ef3a18f066bb.woff2
- Domain
- www.schoolutions.africa
- URL
- https://www.schoolutions.africa/modules/post/z0n51/assets/HelvNeue75_W1G.f364686bceea8316.woff2
- Domain
- www.schoolutions.africa
- URL
- https://www.schoolutions.africa/modules/post/z0n51/assets/dotsfont.03594d68762bf6e4.woff
- Domain
- www.schoolutions.africa
- URL
- https://www.schoolutions.africa/modules/post/z0n51/HelvNeue45_W1G.0110ef3a18f066bb.woff2
- Domain
- www.schoolutions.africa
- URL
- https://www.schoolutions.africa/modules/post/z0n51/HelvNeue75_W1G.f364686bceea8316.woff2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Orange (Telecommunication)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| webpackChunkob_web_customer object| Sfdc string| oslo object| gadgets function| applyFocusVisiblePolyfill2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.schoolutions.africa/ | Name: PHPSESSID Value: 22adfca0535b70b4267c936171953be5 |
|
www.schoolutions.africa/ | Name: cec74ba4ebe3ec1bfa9ab60ca91a1a45 Value: 998c4a5151a2dd4100b6478912665a3f |
13 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.schoolutions.africa
www.schoolutions.africa
116.202.84.239
2ba928494f42496194afa6e9a4d07d95e0b78b1a9af1727d29b7b5cc45fe696e
59b075c7c91ff7b85bbdae7d07308e3a41169aa0d1c876357e45b2bde536cf37
6f86638ef721ea04e71b5db21c5ec2580f1b834e3dd3fcd44e1eb167875b5776
7f9d8fd695eed705b179847179d1df457e8810e89a92da79c7bf45db2c902861
bd4a128f754b6e3592d7a69a609e5400593eafeb0fe0ca59c9f48d6ea72667a7
d1cd39f30055bbac9d689e085719f0156c96fd71135bb51d834f7edcc259f27f
ec866d6aa51c4ca5ea72594257abc3ba9f5c0671f5e229978aa57939446df165
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d