www.aktia-wallet.garetechgh.com

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 173.205.124.158, located in United States and belongs to GTT-BACKBONE GTT, US. The main domain is www.aktia-wallet.garetechgh.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 8th 2023. Valid for: 3 months.

This is the only time www.aktia-wallet.garetechgh.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Aktia Bank (Financial)

Domain & IP information

	IP Address		AS Autonomous System
7	173.205.124.158 173.205.124.158		3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
7	1

7 173.205.124.158 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

www.aktia-wallet.garetechgh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	garetechgh.com www.aktia-wallet.garetechgh.com	73 KB
7	1

	Domain	Requested by
7	www.aktia-wallet.garetechgh.com	www.aktia-wallet.garetechgh.com
7	1

This site contains no links.

Subject Issuer	Validity	Valid
aktia-wallet.garetechgh.com cPanel, Inc. Certification Authority	`2023-09-08` - `2023-12-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.aktia-wallet.garetechgh.com/
Frame ID: 4ADCAA5EAAD9EE5BE4B7D6AB73D7CC0D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aktia - tunnistautuminen

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

73 kB
Transfer

72 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.aktia-wallet.garetechgh.com/	9 KB 10 KB	1419ms 626ms	Document text/html	173.205.124.158 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL https://www.aktia-wallet.garetechgh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.205.124.158 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Apache / Resource Hash `3c3a12368dcb685d3aa17740b857968be2044fdf419b838457a33e97d6f86a54` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 date Fri, 08 Sep 2023 17:43:50 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache
GET H2	200	style.css www.aktia-wallet.garetechgh.com/files/	58 KB 58 KB	124ms 124ms	Stylesheet text/css	173.205.124.158 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL https://www.aktia-wallet.garetechgh.com/files/style.css Requested by Host: www.aktia-wallet.garetechgh.com URL: https://www.aktia-wallet.garetechgh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.205.124.158 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Apache / Resource Hash `f2d3c2dc14b7ad458581bb4440cbf6b59ac5613ad5921dcf38cd14e8f2434449` Request headers accept-language de-DE,de;q=0.9 Referer https://www.aktia-wallet.garetechgh.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Fri, 08 Sep 2023 17:43:51 GMT last-modified Tue, 30 Aug 2022 23:23:02 GMT server Apache accept-ranges bytes content-length 59671 content-type text/css
GET H2	200	verkkopankki_logo_fi.png www.aktia-wallet.garetechgh.com/files/	2 KB 2 KB	126ms 125ms	Image image/png	173.205.124.158 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://www.aktia-wallet.garetechgh.com/files/verkkopankki_logo_fi.png Requested by Host: www.aktia-wallet.garetechgh.com URL: https://www.aktia-wallet.garetechgh.com/files/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.205.124.158 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Apache / Resource Hash `ff05cc85a54aa616611e34315f079de33309b3b5b9c0ab571e5eeff36b9a1d08` Request headers accept-language de-DE,de;q=0.9 Referer https://www.aktia-wallet.garetechgh.com/files/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Fri, 08 Sep 2023 17:43:51 GMT last-modified Tue, 30 Aug 2022 23:15:46 GMT server Apache accept-ranges bytes content-length 2234 content-type image/png
GET H2	404	portlet-title-middle.png www.aktia-wallet.garetechgh.com/images/	236 B 236 B	123ms 123ms	Image text/html	173.205.124.158 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://www.aktia-wallet.garetechgh.com/images/portlet-title-middle.png Requested by Host: www.aktia-wallet.garetechgh.com URL: https://www.aktia-wallet.garetechgh.com/files/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.205.124.158 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Apache / Resource Hash `6c09a3f77e8a1ce36ffdf1bf0cff8aa9bb5c17616ba8f31db31d8b5946245362` Request headers accept-language de-DE,de;q=0.9 Referer https://www.aktia-wallet.garetechgh.com/files/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Fri, 08 Sep 2023 17:43:51 GMT server Apache content-length 236 content-type text/html; charset=iso-8859-1
GET H2	200	menu-item_bg.png www.aktia-wallet.garetechgh.com/files/	2 KB 2 KB	123ms 123ms	Image image/png	173.205.124.158 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://www.aktia-wallet.garetechgh.com/files/menu-item_bg.png Requested by Host: www.aktia-wallet.garetechgh.com URL: https://www.aktia-wallet.garetechgh.com/files/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.205.124.158 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Apache / Resource Hash `a7bf07390624fd80f1cb05a0bcbc20535f518476bf89df74b218b5dd7b8a2a04` Request headers accept-language de-DE,de;q=0.9 Referer https://www.aktia-wallet.garetechgh.com/files/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Fri, 08 Sep 2023 17:43:51 GMT last-modified Tue, 30 Aug 2022 23:22:38 GMT server Apache accept-ranges bytes content-length 1764 content-type image/png
GET H2	404	footer_bg.gif www.aktia-wallet.garetechgh.com/images/	236 B 236 B	123ms 122ms	Image text/html	173.205.124.158 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://www.aktia-wallet.garetechgh.com/images/footer_bg.gif Requested by Host: www.aktia-wallet.garetechgh.com URL: https://www.aktia-wallet.garetechgh.com/files/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.205.124.158 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Apache / Resource Hash `6c09a3f77e8a1ce36ffdf1bf0cff8aa9bb5c17616ba8f31db31d8b5946245362` Request headers accept-language de-DE,de;q=0.9 Referer https://www.aktia-wallet.garetechgh.com/files/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Fri, 08 Sep 2023 17:43:51 GMT server Apache content-length 236 content-type text/html; charset=iso-8859-1
GET H2	200	nuoli.gif www.aktia-wallet.garetechgh.com/files/	51 B 111 B	125ms 124ms	Image image/gif	173.205.124.158 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://www.aktia-wallet.garetechgh.com/files/nuoli.gif Requested by Host: www.aktia-wallet.garetechgh.com URL: https://www.aktia-wallet.garetechgh.com/files/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.205.124.158 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Apache / Resource Hash `d7b2f4d394d1dbdc0d1625daed5d0fb932d5429645ae1db8fd12eecf6d90e238` Request headers accept-language de-DE,de;q=0.9 Referer https://www.aktia-wallet.garetechgh.com/files/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Fri, 08 Sep 2023 17:43:51 GMT last-modified Tue, 30 Aug 2022 23:21:10 GMT server Apache accept-ranges bytes content-length 51 content-type image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Aktia Bank (Financial)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.aktia-wallet.garetechgh.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: a96a48dca346b690462610b498cccb80

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.aktia-wallet.garetechgh.com/images/footer_bg.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.aktia-wallet.garetechgh.com/images/portlet-title-middle.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.aktia-wallet.garetechgh.com
173.205.124.158
3c3a12368dcb685d3aa17740b857968be2044fdf419b838457a33e97d6f86a54
6c09a3f77e8a1ce36ffdf1bf0cff8aa9bb5c17616ba8f31db31d8b5946245362
a7bf07390624fd80f1cb05a0bcbc20535f518476bf89df74b218b5dd7b8a2a04
d7b2f4d394d1dbdc0d1625daed5d0fb932d5429645ae1db8fd12eecf6d90e238
f2d3c2dc14b7ad458581bb4440cbf6b59ac5613ad5921dcf38cd14e8f2434449
ff05cc85a54aa616611e34315f079de33309b3b5b9c0ab571e5eeff36b9a1d08

www.aktia-wallet.garetechgh.com Open in urlscan Pro 173.205.124.158 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

73 kBTransfer

72 kBSize

1 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

www.aktia-wallet.garetechgh.com Open in urlscan Pro
173.205.124.158 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

73 kB
Transfer

72 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!