usc1.contabostorage.com
Open in
urlscan Pro
209.126.15.85
Malicious Activity!
Public Scan
Submission: On June 03 via manual from ZA — Scanned from DE
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on April 23rd 2024. Valid for: 3 months.
This is the only time usc1.contabostorage.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Standard Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 209.126.15.85 209.126.15.85 | 40021 (NL-811-40021) (NL-811-40021) | |
3 | 41.185.8.76 41.185.8.76 | 36943 (ZA-1-Grid) (ZA-1-Grid) | |
5 | 3 |
ASN40021 (NL-811-40021, US)
PTR: usc1.contabostorage.com
usc1.contabostorage.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
diatheke.sbs
diatheke.sbs |
56 KB |
1 |
contabostorage.com
usc1.contabostorage.com |
2 KB |
0 |
standardbank.co.za
Failed
onlinebanking.standardbank.co.za Failed |
|
5 | 3 |
Domain | Requested by | |
---|---|---|
3 | diatheke.sbs |
usc1.contabostorage.com
|
1 | usc1.contabostorage.com | |
0 | onlinebanking.standardbank.co.za Failed |
usc1.contabostorage.com
|
5 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.contabostorage.com ZeroSSL RSA Domain Secure Site CA |
2024-04-23 - 2024-07-22 |
3 months | crt.sh |
*.roarbar.sbs R3 |
2024-05-18 - 2024-08-16 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://usc1.contabostorage.com/a29eefb78e3d43e8a546f40552573775:debit-order-cancellation-276a4edc1/debit-order-cancellation-298a642dc-01.html
Frame ID: BF34E63F50A200AE7EEAD6E8FA584A2B
Requests: 4 HTTP requests in this frame
Frame:
https://onlinebanking.standardbank.co.za/
Frame ID: 79F74E94C8701D074533794FB0F0266D
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://diatheke.sbs/25278/well-known/app/index.php HTTP 302
- https://onlinebanking.standardbank.co.za/
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
debit-order-cancellation-298a642dc-01.html
usc1.contabostorage.com/a29eefb78e3d43e8a546f40552573775:debit-order-cancellation-276a4edc1/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.css
diatheke.sbs/25278/well-known/libraries/css/ |
11 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ionic.bundle.css
diatheke.sbs/25278/well-known/libraries/css/ |
19 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sbg.css
diatheke.sbs/25278/well-known/libraries/css/ |
26 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
onlinebanking.standardbank.co.za/ Frame 79F7 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- onlinebanking.standardbank.co.za
- URL
- https://onlinebanking.standardbank.co.za/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Standard Bank (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 00 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=16000000; includeSubDomains; preload; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
diatheke.sbs
onlinebanking.standardbank.co.za
usc1.contabostorage.com
onlinebanking.standardbank.co.za
209.126.15.85
41.185.8.76
3789296a3c60f4cfa82fd3c139d1d7ef968a06a4bab871f679562121a5869b44
b6d28e0a18f64433b680bd09b694f64bb5b3a24a27c4b1475c210023ff24c523
c38cb2bd5c5a1f6c04f18f487bc6f488454aa2668777ab0d9e515cfdac74b78b
de0155180c337684426db0246ce969f3ac30caf43499f932fe45e0b7ad003628