greenkinkajou.com Open in urlscan Pro
198.54.116.83 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://greenkinkajou.com/groupbnpparibasnc/
Effective URL:
https://greenkinkajou.com/groupbnpparibasnc/app/user.php
Submission: On November 16 via manual (November 16th 2023, 1:50:12 am UTC) from NZ — Scanned from NZ

Summary HTTP 14 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 198.54.116.83, located in United States and belongs to NAMECHEAP-NET, US. The main domain is greenkinkajou.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 11th 2023. Valid for: a year.

This is the only time greenkinkajou.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 14	198.54.116.83 198.54.116.83	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2600:1415:200... 2600:1415:2000:1ab::4415	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2

14 198.54.116.83 (United States) 2 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: business31-4.web-hosting.com

greenkinkajou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1415:2000:1ab::4415 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)

nc.bnpparibas.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	greenkinkajou.com 2 redirects greenkinkajou.com	903 KB
2	bnpparibas.net nc.bnpparibas.net	2 KB
14	2

	Domain	Requested by
14	greenkinkajou.com	2 redirects greenkinkajou.com
2	nc.bnpparibas.net	greenkinkajou.com
14	2

This site contains links to these domains. Also see Links.

Domain
nc.bnpparibas.net
www.bnpparibas.nc
antilles-guyane.bnpparibas
antilles-guyane.bnpparibas.net

Subject Issuer	Validity	Valid
greenkinkajou.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-11` - `2023-12-22`	a year	crt.sh
bnp06s.bnpparibas.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-14` - `2024-06-11`	7 months	crt.sh

This page contains 1 frames:

Primary Page: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
Frame ID: EB76841781672E98D5B8C6EF2E5EE58A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BNPPARIBAS NET IDENTIFICATION

Page URL History Show full URLs

https://greenkinkajou.com/groupbnpparibasnc/ HTTP 302
https://greenkinkajou.com/groupbnpparibasnc/app/index.php HTTP 302
https://greenkinkajou.com/groupbnpparibasnc/app/user.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

904 kB
Transfer

928 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://nc.bnpparibas.net/part/fr/idehom.html

Search URL Search Domain Scan URL

URL: https://nc.bnpparibas.net/part/en/idehom.html

Search URL Search Domain Scan URL

URL: https://www.bnpparibas.nc/particuliers/banque-a-distance/#4
Title: Banque distance - NouvelleCaledonie.bnpparibas.nc

Search URL Search Domain Scan URL

URL: http://antilles-guyane.bnpparibas/
Title: Accueil

Search URL Search Domain Scan URL

URL: http://antilles-guyane.bnpparibas/aide/aide-connexion-bnpinet/
Title: Aide la connexion ?

Search URL Search Domain Scan URL

URL: http://antilles-guyane.bnpparibas/convention/
Title: Convention

Search URL Search Domain Scan URL

URL: https://antilles-guyane.bnpparibas.net/part/fr/cookiesp.html
Title: Politique des Cookies

Search URL Search Domain Scan URL

URL: https://antilles-guyane.bnpparibas/espace-donnees-personnelles/77777777
Title: Espace Donn es Personnelles

Search URL Search Domain Scan URL

URL: https://antilles-guyane.bnpparibas.net/part/fr/ide1hom.html
Title: Visite guid e

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://greenkinkajou.com/groupbnpparibasnc/ HTTP 302
https://greenkinkajou.com/groupbnpparibasnc/app/index.php HTTP 302
https://greenkinkajou.com/groupbnpparibasnc/app/user.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request user.php Show response
greenkinkajou.com/groupbnpparibasnc/app/
Redirect Chain

https://greenkinkajou.com/groupbnpparibasnc/
https://greenkinkajou.com/groupbnpparibasnc/app/index.php
https://greenkinkajou.com/groupbnpparibasnc/app/user.php

16 KB
4 KB

207ms
206ms

Document
text/html

198.54.116.83
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.116.83 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business31-4.web-hosting.com

Software

LiteSpeed / PHP/8.0.30

Resource Hash

6177af01393759499dd3201f4b469f7a2f276b376a7bfd9736bfa0b5b70cc97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

content-encoding: br
content-length: 4071
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 01:50:05 GMT
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.0.30
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 01:50:05 GMT
location: user.php
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.0.30
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 dciweb.css
greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/ 7 KB
2 KB 794ms
790ms Stylesheet
text/css 198.54.116.83
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/dciweb.css

Requested by

Host: greenkinkajou.com
URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.116.83 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business31-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

69613cf59b48e5b3762119469f32715e4546d170725d1675d1fd02a364de7d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 01:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1555
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Jul 2022 06:28:22 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:50:05 GMT

GET
H2 200 bnp.css
greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/ 16 KB
4 KB 795ms
792ms Stylesheet
text/css 198.54.116.83
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/bnp.css

Requested by

Host: greenkinkajou.com
URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.116.83 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business31-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

7e226712937dc5e54e9575ef0cb6ec124dc77aab6bde0cecaa9face4a583f911

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 01:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 3469
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Jul 2022 06:28:20 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:50:05 GMT

GET
H2 200 tools.js.download Show response
greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/ 42 KB
42 KB 206ms
203ms Script
application/octet-stream 198.54.116.83
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/tools.js.download

Requested by

Host: greenkinkajou.com
URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.116.83 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business31-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

a88e26f41f545357457f98016637f8f4311437060f90e1352eb4ed220972b50e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 01:50:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Jul 2022 06:28:22 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 42497
x-xss-protection: 1; mode=block

GET
H2 200 headerBack.jpg
greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/ 10 KB
10 KB 796ms
794ms Image
image/jpeg 198.54.116.83
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/headerBack.jpg

Requested by

Host: greenkinkajou.com
URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.116.83 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business31-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

f7ac02953144040664d7bbcbe0ef5af6ad2966a546de3846931557852538d5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 01:50:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Jul 2022 06:28:22 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 10333
x-xss-protection: 1; mode=block
expires: Thu, 23 Nov 2023 01:50:05 GMT

GET
H/1.1 200
OK francec.gif
nc.bnpparibas.net/part/fr/ 208 B
548 B 2484ms
1362ms Image
image/gif 2600:1415:2000:1ab::4415
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nc.bnpparibas.net/part/fr/francec.gif

Requested by

Host: greenkinkajou.com
URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1415:2000:1ab::4415 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9acb35fd1f062dca2710241d1f7ac8cb1b5eb21375f1be5b339172cf17d2e802

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 16 Nov 2023 01:50:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2011 09:42:16 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: keep-alive
Content-Length: 208, 208
X-XSS-Protection: 0

GET
H/1.1 200
OK greatbrc.gif
nc.bnpparibas.net/part/fr/ 2 KB
2 KB 2329ms
1251ms Image
image/gif 2600:1415:2000:1ab::4415
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nc.bnpparibas.net/part/fr/greatbrc.gif

Requested by

Host: greenkinkajou.com
URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1415:2000:1ab::4415 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0da01629c4b396bd5d1433cdc5d901f9f32df0ffcdc8c9703153014e7d36e674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Thu, 16 Nov 2023 01:50:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2011 08:42:16 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: keep-alive
Content-Length: 1622, 1622
X-XSS-Protection: 0

GET
H2 200 etape1.png
greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/ 476 B
859 B 797ms
791ms Image
image/png 198.54.116.83
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/etape1.png

Requested by

Host: greenkinkajou.com
URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.116.83 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business31-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

8a56cd2b0b8b3fb49bbd0502d7ad0ad6d01e955a0e270b68ccc83bf03dd9d25b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 01:50:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Jul 2022 06:28:20 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 476
x-xss-protection: 1; mode=block
expires: Thu, 23 Nov 2023 01:50:05 GMT

GET
H2 200 etape2.png
greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/ 567 B
950 B 982ms
977ms Image
image/png 198.54.116.83
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/etape2.png

Requested by

Host: greenkinkajou.com
URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.116.83 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business31-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

4ede7bb44d8cdb4447d0e9589c5ce0980725605bbb6193f96be49d72fd7b4827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 01:50:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Jul 2022 06:28:22 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 567
x-xss-protection: 1; mode=block
expires: Thu, 23 Nov 2023 01:50:05 GMT

GET
H2 200 dciweb.png
greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/ 2 KB
2 KB 794ms
790ms Image
image/png 198.54.116.83
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/dciweb.png

Requested by

Host: greenkinkajou.com
URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.116.83 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business31-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

b67681cb230c4d6e1c7635b95fbdc00ddf56a3dcf4bfeb6e94c08336e6534b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 01:50:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Jul 2022 06:28:20 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2151
x-xss-protection: 1; mode=block
expires: Thu, 23 Nov 2023 01:50:05 GMT

GET
H2 200 flecheCorriger.png
greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/ 538 B
921 B 796ms
793ms Image
image/png 198.54.116.83
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/flecheCorriger.png

Requested by

Host: greenkinkajou.com
URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.116.83 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business31-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

99c5135aa6eed33bf4ad8aa53556a5b3a508e9a0fab486cc25806090831c57cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 01:50:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Jul 2022 06:28:22 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 538
x-xss-protection: 1; mode=block
expires: Thu, 23 Nov 2023 01:50:05 GMT

GET
H2 200 btn_valider.png
greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/ 1 KB
1 KB 797ms
794ms Image
image/png 198.54.116.83
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/btn_valider.png

Requested by

Host: greenkinkajou.com
URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.116.83 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business31-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

955510e34da1928b4ab68f72385e6281ffdf2e5c4326c70cb73f914579bb9c43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 01:50:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Jul 2022 06:28:20 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1094
x-xss-protection: 1; mode=block
expires: Thu, 23 Nov 2023 01:50:05 GMT

GET
H2 200 btn_annuler.png
greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/ 1 KB
1 KB 791ms
788ms Image
image/png 198.54.116.83
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/btn_annuler.png

Requested by

Host: greenkinkajou.com
URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.116.83 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business31-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

0635d965c9c0bc6b7958c2f4a30fecf1e70f67c68cb8caf520dfa8b910d6b4f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 01:50:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Jul 2022 06:28:20 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1090
x-xss-protection: 1; mode=block
expires: Thu, 23 Nov 2023 01:50:05 GMT

GET
H2 200 covid19-information.png
greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/ 831 KB
831 KB 980ms
978ms Image
image/png 198.54.116.83
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/covid19-information.png

Requested by

Host: greenkinkajou.com
URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.116.83 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business31-4.web-hosting.com

Software

LiteSpeed /

Resource Hash

f266f7e14644c34b42531dc2022dc3bc0b92c09d9c6613d5ff92a0edbe45d40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://greenkinkajou.com/groupbnpparibasnc/app/user.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 01:50:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Jul 2022 06:28:20 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 850519
x-xss-protection: 1; mode=block
expires: Thu, 23 Nov 2023 01:50:05 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			greenkinkajou.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 201dj8s4hdmv48lt1hb1dknep9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://greenkinkajou.com/groupbnpparibasnc/app/user.php Message: Refused to execute script from 'https://greenkinkajou.com/groupbnpparibasnc/app/BNPPARIBAS_files/tools.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

greenkinkajou.com
nc.bnpparibas.net
198.54.116.83
2600:1415:2000:1ab::4415
0635d965c9c0bc6b7958c2f4a30fecf1e70f67c68cb8caf520dfa8b910d6b4f0
0da01629c4b396bd5d1433cdc5d901f9f32df0ffcdc8c9703153014e7d36e674
4ede7bb44d8cdb4447d0e9589c5ce0980725605bbb6193f96be49d72fd7b4827
6177af01393759499dd3201f4b469f7a2f276b376a7bfd9736bfa0b5b70cc97d
69613cf59b48e5b3762119469f32715e4546d170725d1675d1fd02a364de7d3a
7e226712937dc5e54e9575ef0cb6ec124dc77aab6bde0cecaa9face4a583f911
8a56cd2b0b8b3fb49bbd0502d7ad0ad6d01e955a0e270b68ccc83bf03dd9d25b
955510e34da1928b4ab68f72385e6281ffdf2e5c4326c70cb73f914579bb9c43
99c5135aa6eed33bf4ad8aa53556a5b3a508e9a0fab486cc25806090831c57cd
9acb35fd1f062dca2710241d1f7ac8cb1b5eb21375f1be5b339172cf17d2e802
a88e26f41f545357457f98016637f8f4311437060f90e1352eb4ed220972b50e
b67681cb230c4d6e1c7635b95fbdc00ddf56a3dcf4bfeb6e94c08336e6534b5a
f266f7e14644c34b42531dc2022dc3bc0b92c09d9c6613d5ff92a0edbe45d40b
f7ac02953144040664d7bbcbe0ef5af6ad2966a546de3846931557852538d5be

greenkinkajou.com Open in urlscan Pro 198.54.116.83 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

904 kBTransfer

928 kBSize

1 Cookies

9 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

greenkinkajou.com Open in urlscan Pro
198.54.116.83 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

904 kB
Transfer

928 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!