036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 5 HTTP transactions. The main IP is 169.255.59.6, located in South Africa and belongs to Web4Africa, ZA. The main domain is 036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com.

This is the only time 036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	169.255.59.6 169.255.59.6	327813 (Web4Africa) (Web4Africa)
1	185.96.93.149 185.96.93.149	198047 (UKWEB-EQX) (UKWEB-EQX)
1	52.218.97.9 52.218.97.9	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	109.74.247.37 109.74.247.37	50300 (CUSTDC) (CUSTDC)
5	5

1 169.255.59.6 (South Africa)

ASN327813 (Web4Africa, ZA)
PTR: carbon.web4africa.net

036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.96.93.149 (United Kingdom)

ASN198047 (UKWEB-EQX, GB)
PTR: torwood.footholds.net

www.visit-chester.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.97.9 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-3-w.amazonaws.com

snowdon-j6aio7915vnhwct.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.74.247.37 (United Kingdom)

ASN50300 (CUSTDC, GB)
PTR: sadsnet-1.sads.com

securitynewsdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	securitynewsdesk.com securitynewsdesk.com	92 KB
1	amazonaws.com snowdon-j6aio7915vnhwct.s3.amazonaws.com	28 KB
1	visit-chester.co.uk www.visit-chester.co.uk	138 KB
1	seahornmarine.com 036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com	7 KB
0	bsigroup.com Failed www.bsigroup.com Failed
5	5

	Domain	Requested by
1	securitynewsdesk.com	036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com
1	snowdon-j6aio7915vnhwct.s3.amazonaws.com	036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com
1	www.visit-chester.co.uk	036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com
1	036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com
0	www.bsigroup.com Failed	036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com
5	5

This site contains links to these domains. Also see Links.

Domain
is.gd

Subject Issuer	Validity	Valid
visit-chester.co.uk Let's Encrypt Authority X3	`2019-07-08` - `2019-10-06`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-11-07` - `2020-02-07`	a year	crt.sh
www.securitynewsdesk.com Go Daddy Secure Certificate Authority - G2	`2018-09-13` - `2020-09-13`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com/
Frame ID: 0755C436D87B293DB097401BA0C3559F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

5
Requests

60 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

265 kB
Transfer

274 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://is.gd/qvF742
Title: Click here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com/	7 KB 7 KB	730ms 243ms	Document text/html	169.255.59.6 Web4Africa
General Check archive.org Show headers Download Go to Full URL http://036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com/ Protocol HTTP/1.1 Server 169.255.59.6 , South Africa, ASN327813 (Web4Africa, ZA), Reverse DNS carbon.web4africa.net Software Apache / Resource Hash `d8fb737881237c588db8e400f2ee8d09f5a62c77ae2373c5e4bb0cf7d3034180` Request headers Host 036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 28 Aug 2019 12:26:26 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	Barclays-Bank.jpg www.visit-chester.co.uk/wp-content/uploads/2018/10/	137 KB 138 KB	90ms 30ms	Image image/jpeg	185.96.93.149 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL https://www.visit-chester.co.uk/wp-content/uploads/2018/10/Barclays-Bank.jpg Requested by Host: 036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com URL: http://036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.96.93.149 , United Kingdom, ASN198047 (UKWEB-EQX, GB), Reverse DNS torwood.footholds.net Software Apache / Resource Hash `aac577ce51fd8c6b59300412b4840bc87996c385dd944936655170231ba7638f` Request headers Sec-Fetch-Mode no-cors Referer http://036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 28 Aug 2019 12:26:26 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Sat, 13 Oct 2018 13:35:13 GMT Server Apache ETag "2244d-5781c4613fd18" Vary Accept-Encoding Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 140365 Expires Thu, 27 Aug 2020 12:26:26 GMT
GET H/1.1	200 OK	fscs-block-logo.svg snowdon-j6aio7915vnhwct.s3.amazonaws.com/cw-s-production/static/images/logos/	37 KB 28 KB	3209ms 48ms	Image image/svg+xml	52.218.97.9 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://snowdon-j6aio7915vnhwct.s3.amazonaws.com/cw-s-production/static/images/logos/fscs-block-logo.svg Requested by Host: 036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com URL: http://036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.97.9 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS s3-3-w.amazonaws.com Software AmazonS3 / Resource Hash `4d65f3182797594cd06f1ddb7f6eed4081347bf24a45e408baa700128ca5049f` Request headers Sec-Fetch-Mode no-cors Referer http://036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 28 Aug 2019 12:26:31 GMT Content-Encoding gzip Last-Modified Mon, 01 Oct 2018 12:38:49 GMT Server AmazonS3 x-amz-request-id 128A991F6F86500C ETag "51f6fc823b293e8cb8ddc31d207d554b" Content-Type image/svg+xml Cache-Control max-age=94608000 Accept-Ranges bytes Content-Length 28340 x-amz-id-2 FE2DzzurPidyN2GJssxr43CWA4bDP2gO55/hDkY4xY1vbFXlOaaM5YewREl0S0ZajmFrv38DD64= Expires Thu, 31 Dec 2099 20:00:00 GMT
GET		27001-lozenge.jpg www.bsigroup.com/LocalFiles/en-GB/iso-iec-27001/Images/	0 0

GET H2	200	Cyber-Essentials-Plus.png securitynewsdesk.com/wp-content/uploads/2017/04/	92 KB 92 KB	3192ms 91ms	Image image/png	109.74.247.37 CUSTDC
General Check archive.org Show headers Download Go to Show image Full URL https://securitynewsdesk.com/wp-content/uploads/2017/04/Cyber-Essentials-Plus.png Requested by Host: 036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com URL: http://036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.74.247.37 , United Kingdom, ASN50300 (CUSTDC, GB), Reverse DNS sadsnet-1.sads.com Software nginx / PleskLin Resource Hash `ad906d4d0118b83358641cf41d8c32ce7ad3e01a25fa8cc5c0f59dd77d4dfac4` Request headers Sec-Fetch-Mode no-cors Referer http://036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 28 Aug 2019 12:26:30 GMT etag "5b4ca0a6-17089" last-modified Mon, 16 Jul 2018 13:41:58 GMT server nginx x-powered-by PleskLin x-cache-status BYPASS content-type image/png status 200 accept-ranges bytes content-length 94345

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bsigroup.com
URL: https://www.bsigroup.com/LocalFiles/en-GB/iso-iec-27001/Images/27001-lozenge.jpg

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com
securitynewsdesk.com
snowdon-j6aio7915vnhwct.s3.amazonaws.com
www.bsigroup.com
www.visit-chester.co.uk
www.bsigroup.com
109.74.247.37
169.255.59.6
185.96.93.149
52.218.97.9
4d65f3182797594cd06f1ddb7f6eed4081347bf24a45e408baa700128ca5049f
aac577ce51fd8c6b59300412b4840bc87996c385dd944936655170231ba7638f
ad906d4d0118b83358641cf41d8c32ce7ad3e01a25fa8cc5c0f59dd77d4dfac4
d8fb737881237c588db8e400f2ee8d09f5a62c77ae2373c5e4bb0cf7d3034180

036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com Open in urlscan Pro 169.255.59.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

5 Requests

60 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

265 kBTransfer

274 kBSize

0 Cookies

1 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

036message-secure36-barclays36-uk-auth36-barclay36.seahornmarine.com Open in urlscan Pro
169.255.59.6 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

60 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

265 kB
Transfer

274 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions