oldweb.globalstar.com.bd Open in urlscan Pro
68.66.224.49  Malicious Activity! Public Scan

Submitted URL: http://nextadmission.com/.well-known
Effective URL: https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&countr...
Submission: On February 22 via manual from NZ — Scanned from NZ

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 68.66.224.49, located in United States and belongs to A2HOSTING, US. The main domain is oldweb.globalstar.com.bd.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 8th 2022. Valid for: 3 months.
This is the only time oldweb.globalstar.com.bd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Paylife (Banking)

Domain & IP information

IP Address AS Autonomous System
4 17 68.66.224.49 55293 (A2HOSTING)
2 52.143.15.90 8075 (MICROSOFT...)
15 2
Apex Domain
Subdomains
Transfer
15 globalstar.com.bd
oldweb.globalstar.com.bd
347 KB
2 paylife.at
my.paylife.at
9 KB
2 nextadmission.com
nextadmission.com
815 B
15 3
Domain Requested by
15 oldweb.globalstar.com.bd 2 redirects oldweb.globalstar.com.bd
2 my.paylife.at oldweb.globalstar.com.bd
2 nextadmission.com 2 redirects
15 3

This site contains links to these domains. Also see Links.

Domain
www.paylife.at
b2bpr.vaservices.eu
Subject Issuer Validity Valid
oldweb.globalstar.com.bd
cPanel, Inc. Certification Authority
2022-12-08 -
2023-03-08
3 months crt.sh
my.paylife.at
Entrust Certification Authority - L1M
2022-11-11 -
2023-12-11
a year crt.sh

This page contains 1 frames:

Primary Page: https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
Frame ID: 0EAF0FBE50DA46D192A225CF31DC9B03
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

myPayLife

Page URL History Show full URLs

  1. http://nextadmission.com/.well-known HTTP 301
    http://nextadmission.com/.well-known/ HTTP 302
    https://oldweb.globalstar.com.bd/%D0%94/pay/de/authentifizierung/ HTTP 302
    https://oldweb.globalstar.com.bd/%D0%94/pay/de/authentifizierung/on HTTP 301
    https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/ Page URL
  2. https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=86414384... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

355 kB
Transfer

1067 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nextadmission.com/.well-known HTTP 301
    http://nextadmission.com/.well-known/ HTTP 302
    https://oldweb.globalstar.com.bd/%D0%94/pay/de/authentifizierung/ HTTP 302
    https://oldweb.globalstar.com.bd/%D0%94/pay/de/authentifizierung/on HTTP 301
    https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/ Page URL
  2. https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://nextadmission.com/.well-known HTTP 301
  • http://nextadmission.com/.well-known/ HTTP 302
  • https://oldweb.globalstar.com.bd/%D0%94/pay/de/authentifizierung/ HTTP 302
  • https://oldweb.globalstar.com.bd/%D0%94/pay/de/authentifizierung/on HTTP 301
  • https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/
Redirect Chain
  • http://nextadmission.com/.well-known
  • http://nextadmission.com/.well-known/
  • https://oldweb.globalstar.com.bd/%D0%94/pay/de/authentifizierung/
  • https://oldweb.globalstar.com.bd/%D0%94/pay/de/authentifizierung/on
  • https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/
268 B
606 B
Document
General
Full URL
https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.224.49 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss24.a2hosting.com
Software
Apache / PHP/7.4.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
218
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Feb 2023 08:14:51 GMT
Keep-Alive
timeout=3, max=498
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.33

Redirect headers

Connection
Keep-Alive
Content-Length
276
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 22 Feb 2023 08:14:51 GMT
Keep-Alive
timeout=3, max=499
Location
https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Primary Request htmlwindows.php
oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/
15 KB
4 KB
Document
General
Full URL
https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.224.49 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss24.a2hosting.com
Software
Apache / PHP/7.4.33
Resource Hash
176a870db78cfc4976b2f27e547bb5f12a4ce0090effc5158822712d57361d41
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3900
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Feb 2023 08:14:52 GMT
Keep-Alive
timeout=3, max=497
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.33
Umbraco%20styles%20for%20RTE.css
oldweb.globalstar.com.bd/%d0%94/pay/css/
1020 B
825 B
Stylesheet
General
Full URL
https://oldweb.globalstar.com.bd/%d0%94/pay/css/Umbraco%20styles%20for%20RTE.css
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.224.49 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss24.a2hosting.com
Software
Apache /
Resource Hash
67c13bc1e7b30e39f21198569a976a15806b2d81aa325db32e7294c5cce95e40
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 08:14:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Tue, 04 Aug 2020 21:35:08 GMT
Server
Apache
Content-Encoding
gzip
ETag
"49b6b31-3fc-5ac1407753b00-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=496
Content-Length
332
webportal-v=wQn4spmujMJL0Llwu8vQ7NhGT6nfCio2Kk6M7LY4PiE1.css
oldweb.globalstar.com.bd/%d0%94/pay/bundles/css/
378 KB
50 KB
Stylesheet
General
Full URL
https://oldweb.globalstar.com.bd/%d0%94/pay/bundles/css/webportal-v=wQn4spmujMJL0Llwu8vQ7NhGT6nfCio2Kk6M7LY4PiE1.css
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.224.49 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss24.a2hosting.com
Software
Apache /
Resource Hash
78814fb0e9ae2fe9245f2d91f2b35715ce5f5a9ee5e972900407df0b79c31c4b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 08:14:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Jan 2023 18:04:18 GMT
Server
Apache
Content-Encoding
gzip
ETag
"4964d8e-5e608-5f30658292c80-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=500
Content-Length
50563
js-v=VdFq4nv7Rl2n-_qUVZdurp_SQjnIrdw85_JGmKfS_9E1.js
oldweb.globalstar.com.bd/%d0%94/pay/bundles/
535 KB
158 KB
Script
General
Full URL
https://oldweb.globalstar.com.bd/%d0%94/pay/bundles/js-v=VdFq4nv7Rl2n-_qUVZdurp_SQjnIrdw85_JGmKfS_9E1.js
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.224.49 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss24.a2hosting.com
Software
Apache /
Resource Hash
807ccdd80be2a66c8b7ae183c89e4953ef681df8c5be4978e5b8133f7dfdaaf6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 08:14:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Sun, 16 Aug 2020 23:19:38 GMT
Server
Apache
Content-Encoding
gzip
ETag
"4964db5-85b1c-5ad06e3465680-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=495
logo.png
oldweb.globalstar.com.bd/%d0%94/pay/Content/Images/PayLife/
4 KB
4 KB
Image
General
Full URL
https://oldweb.globalstar.com.bd/%d0%94/pay/Content/Images/PayLife/logo.png
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.224.49 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss24.a2hosting.com
Software
Apache /
Resource Hash
ce4bc09c26096e87390c0a4d62140ed26eb5948b4ee80a07756750770f238fc9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 08:14:53 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Jul 2021 21:25:34 GMT
Server
Apache
Content-Encoding
gzip
ETag
"49b6b2e-f2d-5c7d10b3a0f80-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=499
Content-Length
3622
logo-width=170.png
oldweb.globalstar.com.bd/%d0%94/pay/Content/Images/PayLife/
6 KB
6 KB
Image
General
Full URL
https://oldweb.globalstar.com.bd/%d0%94/pay/Content/Images/PayLife/logo-width=170.png
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.224.49 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss24.a2hosting.com
Software
Apache /
Resource Hash
2a4ddac9cfcfd7f83c09fb10cfdddba8b76ee6abcfd9e799f762f3919855e91b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 08:14:53 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Jul 2021 21:25:34 GMT
Server
Apache
Content-Encoding
gzip
ETag
"49b6b2d-175a-5c7d10b3a0f80-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=498
Content-Length
6001
logo-width=150.png
oldweb.globalstar.com.bd/%d0%94/pay/Content/Images/PayLife/
5 KB
5 KB
Image
General
Full URL
https://oldweb.globalstar.com.bd/%d0%94/pay/Content/Images/PayLife/logo-width=150.png
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.224.49 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss24.a2hosting.com
Software
Apache /
Resource Hash
6fefab9015af22d17b2e5346f940396a464b2735cfd3bb62522c4154a1e1707d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 08:14:53 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Jul 2021 21:25:34 GMT
Server
Apache
Content-Encoding
gzip
ETag
"49b6b2c-13d0-5c7d10b3a0f80-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=494
Content-Length
5095
help.png
oldweb.globalstar.com.bd/%d0%94/pay/Content/Images/PayLife/
752 B
1 KB
Image
General
Full URL
https://oldweb.globalstar.com.bd/%d0%94/pay/Content/Images/PayLife/help.png
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.224.49 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss24.a2hosting.com
Software
Apache /
Resource Hash
21e8c9fb8978cf65e8b926af1d7a143cce4e6edfa7082fa5ae17e6d79c35b7ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 08:14:53 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Jul 2021 21:25:34 GMT
Server
Apache
Content-Encoding
gzip
ETag
"49b6b2a-2f0-5c7d10b3a0f80-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=497
Content-Length
534
secureboxicon.png
my.paylife.at/media/1025/
3 KB
4 KB
Image
General
Full URL
https://my.paylife.at/media/1025/secureboxicon.png
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.143.15.90 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
47a13da74f9915ae50863e89a9bdaca2960f502b70b064a1874132f9532e495d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://oldweb.globalstar.com.bd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 08:14:54 GMT
last-modified
Fri, 29 Aug 2014 07:37:12 GMT
accept-ranges
bytes
etag
"0c4d5b5cc3cf1:0"
content-length
3363
content-type
image/png
logo-footer.jpg
oldweb.globalstar.com.bd/%d0%94/pay/Content/Images/PayLife/
6 KB
5 KB
Image
General
Full URL
https://oldweb.globalstar.com.bd/%d0%94/pay/Content/Images/PayLife/logo-footer.jpg
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.224.49 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss24.a2hosting.com
Software
Apache /
Resource Hash
6a19d22bfc68b1bb582052960839c1ab0057f9aa4ab6d9d36522d69cda5f603b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://oldweb.globalstar.com.bd/%d0%94/pay/de/authentifizierung/on/htmlwindows.php?ip=583392914code=864143847&id=52829639&country=441404778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 08:14:53 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Jul 2021 21:25:34 GMT
Server
Apache
Content-Encoding
gzip
ETag
"49b6b2b-16bd-5c7d10b3a0f80-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=500
Content-Length
4790
background.png
my.paylife.at/Content/Images/Paylife/
6 KB
6 KB
Image
General
Full URL
https://my.paylife.at/Content/Images/Paylife/background.png
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/bundles/css/webportal-v=wQn4spmujMJL0Llwu8vQ7NhGT6nfCio2Kk6M7LY4PiE1.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.143.15.90 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
70b675ffdf3c31c1ab63ae23fd328484b1fa2475ded5b8a99a44ce0cd4a15e7e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://oldweb.globalstar.com.bd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 08:14:54 GMT
last-modified
Thu, 16 Feb 2023 14:18:38 GMT
accept-ranges
bytes
etag
"073e28f1142d91:0"
content-length
5712
content-type
image/png
FrutigerLTW01-45Light.woff
oldweb.globalstar.com.bd/%d0%94/pay/Content/Fonts/
51 KB
52 KB
Font
General
Full URL
https://oldweb.globalstar.com.bd/%d0%94/pay/Content/Fonts/FrutigerLTW01-45Light.woff
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/bundles/css/webportal-v=wQn4spmujMJL0Llwu8vQ7NhGT6nfCio2Kk6M7LY4PiE1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.224.49 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss24.a2hosting.com
Software
Apache /
Resource Hash
c59249bec52a8fe8daa4cb518df92b5962157957901487ba571fc4c7d803e4d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://oldweb.globalstar.com.bd/%d0%94/pay/bundles/css/webportal-v=wQn4spmujMJL0Llwu8vQ7NhGT6nfCio2Kk6M7LY4PiE1.css
Origin
https://oldweb.globalstar.com.bd
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 08:14:54 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Jul 2021 21:25:34 GMT
Server
Apache
ETag
"4964e70-ccfd-5c7d10b3a0f80"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=493
Content-Length
52477
glyphicons-halflings-regular.woff
oldweb.globalstar.com.bd/%d0%94/pay/Content/Fonts/
23 KB
23 KB
Font
General
Full URL
https://oldweb.globalstar.com.bd/%d0%94/pay/Content/Fonts/glyphicons-halflings-regular.woff
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/bundles/css/webportal-v=wQn4spmujMJL0Llwu8vQ7NhGT6nfCio2Kk6M7LY4PiE1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.224.49 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss24.a2hosting.com
Software
Apache /
Resource Hash
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://oldweb.globalstar.com.bd/%d0%94/pay/bundles/css/webportal-v=wQn4spmujMJL0Llwu8vQ7NhGT6nfCio2Kk6M7LY4PiE1.css
Origin
https://oldweb.globalstar.com.bd
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 08:14:54 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Jul 2021 21:25:34 GMT
Server
Apache
ETag
"4964f2e-5b18-5c7d10b3a0f80"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=496
Content-Length
23320
registration.jpg
oldweb.globalstar.com.bd/%d0%94/pay/Content/Images/PayLife/
35 KB
35 KB
Image
General
Full URL
https://oldweb.globalstar.com.bd/%d0%94/pay/Content/Images/PayLife/registration.jpg
Requested by
Host: oldweb.globalstar.com.bd
URL: https://oldweb.globalstar.com.bd/%d0%94/pay/bundles/css/webportal-v=wQn4spmujMJL0Llwu8vQ7NhGT6nfCio2Kk6M7LY4PiE1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.224.49 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss24.a2hosting.com
Software
Apache /
Resource Hash
6cf93c289fb59cccdd59929eb1cd902521aa9436a3c20e8d6a97244970851894
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://oldweb.globalstar.com.bd/%d0%94/pay/bundles/css/webportal-v=wQn4spmujMJL0Llwu8vQ7NhGT6nfCio2Kk6M7LY4PiE1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 08:14:54 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Jul 2021 21:25:34 GMT
Server
Apache
Content-Encoding
gzip
ETag
"49b6b2f-8b6c-5c7d10b3a0f80-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=499
Content-Length
35518

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Paylife (Banking)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| LZ function| isDate function| compareDates function| formatDate function| _isInteger function| _getInt function| getDateFromFormat function| parseDate function| ResponsiveDatatablesHelper function| FileUpload object| ClientValidation object| MONTH_NAMES object| DAY_NAMES object| XBBCODE object| Browser object| Common object| AcceptCookies object| DataTableHelper object| Global object| Header object| StringUtil object| Timeout object| Tracker object| DataTablePlugins function| MobileSorting object| Account object| CurrencyTranslation object| CryptoUtil object| ExchangeRateHistory object| Faq object| FinancialTransactions object| Home object| Invoice object| Messaging object| MobileDevice object| MobileWallet object| MyControl object| OsaAuthentication object| DecryptPin object| DecryptPinIE11 object| PasswordOrder object| PersonalData object| ProductDetails object| ScaProcess object| PasswordValidator function| $ function| jQuery object| html5 object| Modernizr object| respond function| Truncate function| Spinner object| viewportSize function| _ object| FileUploadStorage

2 Cookies

Domain/Path Name / Value
oldweb.globalstar.com.bd/ Name: PHPSESSID
Value: dcaa737dd5b372f1f6b5273ea8623170
my.paylife.at/ Name: ApplicationGatewayAffinityCORS
Value: 0b2ceeb53e7d7551aafefb5354e57014

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN