green-garden-astana.com Open in urlscan Pro
37.140.192.158 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
Submission: On January 17 via automatic, source openphish (January 17th 2023, 1:33:53 am UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 37.140.192.158, located in Russian Federation and belongs to AS-REG, RU. The main domain is green-garden-astana.com.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on April 14th 2022. Valid for: a year.

This is the only time green-garden-astana.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address		AS Autonomous System
13	37.140.192.158 37.140.192.158		197695 (AS-REG) (AS-REG)
13	1

13 37.140.192.158 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: server136.hosting.reg.ru

green-garden-astana.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	green-garden-astana.com green-garden-astana.com	241 KB
13	1

	Domain	Requested by
13	green-garden-astana.com	green-garden-astana.com
13	1

This site contains no links.

Subject Issuer	Validity	Valid
www.green-garden-astana.com GlobalSign GCC R3 DV TLS CA 2020	`2022-04-14` - `2023-05-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
Frame ID: F7348F37F4CC15148692189F7BBA06CB
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank of America | Online Banking | Login

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

241 kB
Transfer

796 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request otp.html Show response
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/ 346 KB
38 KB 8753ms
8589ms Document
text/html 37.140.192.158
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.140.192.158 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server136.hosting.reg.ru

Software

nginx /

Resource Hash

593026484af4eabff2bfe4847d324d99f4187e02464d95b714c28423b7fba94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 17 Jan 2023 01:33:47 GMT
server: nginx
strict-transport-security: max-age=31536000;
vary: Accept-Encoding

GET
H2 200 bactouch.css
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ 158 KB
28 KB 63ms
63ms Stylesheet
text/css 37.140.192.158
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/bactouch.css

Requested by

Host: green-garden-astana.com
URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.140.192.158 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server136.hosting.reg.ru

Software

nginx /

Resource Hash

fac1a05cc1573fc17fecda6fbdc393e0aebbb7e4e791325e2c372bcd805122ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 01:33:47 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 20:12:38 GMT
server: nginx
etag: W/"634f08b6-276c1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 24 Jan 2023 01:33:47 GMT

GET
H2 200 mask.js Show response
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ 146 KB
31 KB 71ms
71ms Script
application/javascript 37.140.192.158
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/mask.js

Requested by

Host: green-garden-astana.com
URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.140.192.158 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server136.hosting.reg.ru

Software

nginx /

Resource Hash

3c149e754af1a297e924c97c84aa5a1fafebc7c2b377e825738b8cb452fb3237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 01:33:47 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 21:50:54 GMT
server: nginx
etag: W/"621fe6be-24645"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Tue, 24 Jan 2023 01:33:47 GMT

GET
H2 200 assets-images-global-logos-BofA_rgb-CSX5624a146.svg
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ 3 KB
2 KB 59ms
59ms Image
image/svg+xml 37.140.192.158
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/assets-images-global-logos-BofA_rgb-CSX5624a146.svg

Requested by

Host: green-garden-astana.com
URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.140.192.158 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server136.hosting.reg.ru

Software

nginx /

Resource Hash

6c7f8fb9f19d36be96cb37942cbd0ff926437d0ad258fbbbd7e24a85b2b85f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 01:33:47 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 16:21:16 GMT
server: nginx
etag: W/"634ed27c-dc7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Tue, 24 Jan 2023 01:33:47 GMT

GET
H2 200 assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ 2 KB
1 KB 53ms
52ms Image
image/svg+xml 37.140.192.158
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg

Requested by

Host: green-garden-astana.com
URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.140.192.158 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server136.hosting.reg.ru

Software

nginx /

Resource Hash

46b1bdd52215324f3660248b3d50538503d8ad4f32afe3d82e2d8f7b35bf820d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 01:33:48 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 16:21:32 GMT
server: nginx
etag: W/"634ed28c-7d7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Tue, 24 Jan 2023 01:33:48 GMT

GET
H2 404 assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ 64 KB
64 KB 739ms
738ms Image
text/html 37.140.192.158
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif
Requested by: Host: green-garden-astana.com
URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.140.192.158 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server136.hosting.reg.ru
Software: nginx /
Resource Hash: 3cdd9ba9092f92151550572ffa5b3b9749a8c44261a014a945c5c99f6be5a20b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 01:33:48 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 secure_lock.png
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ 352 B
557 B 53ms
52ms Image
image/png 37.140.192.158
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/secure_lock.png

Requested by

Host: green-garden-astana.com
URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.140.192.158 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server136.hosting.reg.ru

Software

nginx /

Resource Hash

b1f1b36d5a72970f7331a6d62472b2183611314a6535cb5f691a89c0aca8b52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 01:33:48 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 18 Oct 2022 18:21:12 GMT
server: nginx
etag: "634eee98-160"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 352
expires: Tue, 24 Jan 2023 01:33:48 GMT

GET
H2 200 assets-images-global-header-lock-CSX1f35fd71.png
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ 51 KB
51 KB 54ms
53ms Image
image/png 37.140.192.158
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/assets-images-global-header-lock-CSX1f35fd71.png

Requested by

Host: green-garden-astana.com
URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.140.192.158 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server136.hosting.reg.ru

Software

nginx /

Resource Hash

38fc756dfdd0689c674e787e6e030549f7f3856e533350aabeb46cce0d2b9b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 01:33:48 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 18 Oct 2022 16:10:14 GMT
server: nginx
etag: "634ecfe6-cc36"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 52278
expires: Tue, 24 Jan 2023 01:33:48 GMT

GET
H2 200 assets-images-global-footer-eha_logo_1x-CSXc5bd9130.png
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ 343 B
548 B 55ms
54ms Image
image/png 37.140.192.158
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/assets-images-global-footer-eha_logo_1x-CSXc5bd9130.png

Requested by

Host: green-garden-astana.com
URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.140.192.158 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server136.hosting.reg.ru

Software

nginx /

Resource Hash

35a77234f396ce2e5cc205ab9dd78c0cef11eaf14e4ef92bb910243021e83147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 01:33:48 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 18 Oct 2022 16:21:52 GMT
server: nginx
etag: "634ed2a0-157"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 343
expires: Tue, 24 Jan 2023 01:33:48 GMT

GET
H2 200 assets-images-global-header-secure-lock-CSXa09bf5fc.svg
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ 353 B
562 B 53ms
52ms Image
image/svg+xml 37.140.192.158
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/assets-images-global-header-secure-lock-CSXa09bf5fc.svg

Requested by

Host: green-garden-astana.com
URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.140.192.158 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server136.hosting.reg.ru

Software

nginx /

Resource Hash

ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 01:33:48 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 18 Oct 2022 16:21:56 GMT
server: nginx
etag: "634ed2a4-161"
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 353
expires: Tue, 24 Jan 2023 01:33:48 GMT

GET
H2 200 assets-images-global-title-flagscape_red-CSX345e7fd7.svg
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ 2 KB
1 KB 53ms
53ms Image
image/svg+xml 37.140.192.158
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/assets-images-global-title-flagscape_red-CSX345e7fd7.svg

Requested by

Host: green-garden-astana.com
URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.140.192.158 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server136.hosting.reg.ru

Software

nginx /

Resource Hash

a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 01:33:48 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 16:21:06 GMT
server: nginx
etag: W/"634ed272-84c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Tue, 24 Jan 2023 01:33:48 GMT

GET
H2 200 cnx-regular.woff2
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/ 11 KB
12 KB 832ms
832ms Font
application/octet-stream 37.140.192.158
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/cnx-regular.woff2

Requested by

Host: green-garden-astana.com
URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.140.192.158 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server136.hosting.reg.ru

Software

nginx /

Resource Hash

79f02d139cfd07f2a19e0a8831553b3de4627fcab371e18eb776af035465949b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
Origin: https://green-garden-astana.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 01:33:48 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 18 Oct 2022 15:30:38 GMT
server: nginx
accept-ranges: bytes
etag: "2d58-5eb50c6286380"
content-length: 11608

GET
H2 200 cnx-medium.woff2
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/ 12 KB
12 KB 780ms
779ms Font
application/octet-stream 37.140.192.158
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/cnx-medium.woff2

Requested by

Host: green-garden-astana.com
URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.140.192.158 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server136.hosting.reg.ru

Software

nginx /

Resource Hash

a431986817e5d309cdd61c623a5259d6ea5840375876ffb41f5a2cab65ddd2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/otp.html
Origin: https://green-garden-astana.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 01:33:48 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 18 Oct 2022 15:30:30 GMT
server: nginx
accept-ranges: bytes
etag: "2ed0-5eb50c5ae5180"
content-length: 11984

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

green-garden-astana.com
37.140.192.158
35a77234f396ce2e5cc205ab9dd78c0cef11eaf14e4ef92bb910243021e83147
38fc756dfdd0689c674e787e6e030549f7f3856e533350aabeb46cce0d2b9b77
3c149e754af1a297e924c97c84aa5a1fafebc7c2b377e825738b8cb452fb3237
3cdd9ba9092f92151550572ffa5b3b9749a8c44261a014a945c5c99f6be5a20b
46b1bdd52215324f3660248b3d50538503d8ad4f32afe3d82e2d8f7b35bf820d
593026484af4eabff2bfe4847d324d99f4187e02464d95b714c28423b7fba94c
6c7f8fb9f19d36be96cb37942cbd0ff926437d0ad258fbbbd7e24a85b2b85f6b
79f02d139cfd07f2a19e0a8831553b3de4627fcab371e18eb776af035465949b
a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a
a431986817e5d309cdd61c623a5259d6ea5840375876ffb41f5a2cab65ddd2e3
b1f1b36d5a72970f7331a6d62472b2183611314a6535cb5f691a89c0aca8b52e
ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a
fac1a05cc1573fc17fecda6fbdc393e0aebbb7e4e791325e2c372bcd805122ae

green-garden-astana.com Open in urlscan Pro 37.140.192.158 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

241 kBTransfer

796 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

green-garden-astana.com Open in urlscan Pro
37.140.192.158 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

241 kB
Transfer

796 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!