green-garden-astana.com
Open in
urlscan Pro
37.140.192.158
Malicious Activity!
Public Scan
Submission: On January 17 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on April 14th 2022. Valid for: a year.
This is the only time green-garden-astana.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 37.140.192.158 37.140.192.158 | 197695 (AS-REG) (AS-REG) | |
12 | 1 |
ASN197695 (AS-REG, RU)
PTR: server136.hosting.reg.ru
green-garden-astana.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
green-garden-astana.com
green-garden-astana.com |
224 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
12 | green-garden-astana.com |
green-garden-astana.com
|
12 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.green-garden-astana.com GlobalSign GCC R3 DV TLS CA 2020 |
2022-04-14 - 2023-05-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/personal.html
Frame ID: EECDA4B111956B643B2FA06472915E6A
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
personal.html
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/ |
351 KB 38 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mask.js
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ |
146 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-logos-BofA_rgb-CSX5624a146.svg
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-header-lock-CSX1f35fd71.png
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ |
51 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-footer-eha_logo_1x-CSXc5bd9130.png
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ |
343 B 548 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-header-secure-lock-CSXa09bf5fc.svg
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ |
353 B 562 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-title-flagscape_red-CSX345e7fd7.svg
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cnx-regular.woff2
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/ |
11 KB 12 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cnx-bold.woff2
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/ |
12 KB 12 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cnx-medium.woff2
green-garden-astana.com/wp-content/plugins/wp-file-manager/lib/files/BOA/ |
12 KB 12 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| IMask object| element object| maskOptions object| mask0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
green-garden-astana.com
37.140.192.158
35a77234f396ce2e5cc205ab9dd78c0cef11eaf14e4ef92bb910243021e83147
38fc756dfdd0689c674e787e6e030549f7f3856e533350aabeb46cce0d2b9b77
3c149e754af1a297e924c97c84aa5a1fafebc7c2b377e825738b8cb452fb3237
3cdd9ba9092f92151550572ffa5b3b9749a8c44261a014a945c5c99f6be5a20b
46b1bdd52215324f3660248b3d50538503d8ad4f32afe3d82e2d8f7b35bf820d
548b37f90e8d723652b1e22176926b9e3fa497a7167b4048ec75c902621f72eb
6c7f8fb9f19d36be96cb37942cbd0ff926437d0ad258fbbbd7e24a85b2b85f6b
79f02d139cfd07f2a19e0a8831553b3de4627fcab371e18eb776af035465949b
a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a
a431986817e5d309cdd61c623a5259d6ea5840375876ffb41f5a2cab65ddd2e3
d48faa13adcd567a29299db487912dd91fd45f777cadf153520f52023b58cee7
ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a