cgreenlandscapes.com Open in urlscan Pro
192.185.114.4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.kenkoh.com.hk/zil/ds.htm
Effective URL:
http://cgreenlandscapes.com/pla/index.php
Submission: On April 02 via manual (April 2nd 2018, 6:57:57 pm UTC) from US

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 21 HTTP transactions. The main IP is 192.185.114.4, located in Houston, United States and belongs to CYRUSONE - CyrusOne LLC, US. The main domain is cgreenlandscapes.com.

This is the only time cgreenlandscapes.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Navy Federal Credit Union (Government)

Domain & IP information

	IP Address	AS Autonomous System
1	103.38.161.13 103.38.161.13	55558 (CLOUDALLI...) (CLOUDALLIANCE-HK UNIT 323-325)
19	192.185.114.4 192.185.114.4	20013 (CYRUSONE) (CYRUSONE - CyrusOne LLC)
1	217.70.184.50 217.70.184.50	29169 (GANDI-AS ...) (GANDI-AS Domain name registrar - http://www.gandi.net)
21	3

1 103.38.161.13 (Central District, Hong Kong)

ASN55558 (CLOUDALLIANCE-HK UNIT 323-325, 3/F METRO CENTRE, HK)

www.kenkoh.com.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 192.185.114.4 (Houston, United States)

ASN20013 (CYRUSONE - CyrusOne LLC, US)
PTR: 192-185-114-4.unifiedlayer.com

cgreenlandscapes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.70.184.50 (France)

ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR)
PTR: webredir.vip.gandi.net

none.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	cgreenlandscapes.com cgreenlandscapes.com	350 KB
1	none.com none.com	1 KB
1	kenkoh.com.hk www.kenkoh.com.hk	448 B
21	3

	Domain	Requested by
19	cgreenlandscapes.com	cgreenlandscapes.com
1	none.com	cgreenlandscapes.com
1	www.kenkoh.com.hk
21	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://cgreenlandscapes.com/pla/index.php
Frame ID: 4E0D85B5DA61A7AC80C3B8BFB5CBE1D5
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.kenkoh.com.hk/zil/ds.htm Page URL
http://cgreenlandscapes.com/pla/index.php Page URL

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

21
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

352 kB
Transfer

440 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.kenkoh.com.hk/zil/ds.htm Page URL
http://cgreenlandscapes.com/pla/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	ds.htm Show response www.kenkoh.com.hk/zil/	104 B 448 B	594ms 297ms	Document text/html	103.38.161.13 CLOUDALLIANCE-HK ...
General Check archive.org Show headers Download Go to Full URL http://www.kenkoh.com.hk/zil/ds.htm Protocol HTTP/1.1 Server 103.38.161.13 Central District, Hong Kong, ASN55558 (CLOUDALLIANCE-HK UNIT 323-325, 3/F METRO CENTRE, HK), Reverse DNS Software Apache/2.2.16 (Debian) / Resource Hash `397f1f287385a86e365c42f825d374db310d1176a2b266eafd5a2979e5567372` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.kenkoh.com.hk Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:45 GMT Content-Encoding gzip Last-Modified Sat, 31 Mar 2018 21:22:00 GMT Server Apache/2.2.16 (Debian) ETag "488036-68-568bbf27cee00" Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 109
GET H/1.1	200 OK	Primary Request index.php Show response cgreenlandscapes.com/pla/	4 KB 2 KB	552ms 259ms	Document text/html	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `e70a1b241c5f991d5fbb7f593ed12c14fcc03195096e27ddcfd76825c229ae17` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://www.kenkoh.com.hk/zil/ds.htm Connection keep-alive Cache-Control no-cache Upgrade-Insecure-Requests 1 Referer http://www.kenkoh.com.hk/zil/ds.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:46 GMT Content-Encoding gzip Server nginx/1.12.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	bat.js cgreenlandscapes.com/pla/imgs/	0 0	137ms 136ms	Script text/html	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://cgreenlandscapes.com/pla/imgs/bat.js Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:46 GMT Content-Encoding gzip Last-Modified Mon, 28 Oct 2013 07:13:56 GMT Server nginx/1.12.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	s39876891442473.js cgreenlandscapes.com/pla/imgs/	0 0	143ms 142ms	Script text/html	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://cgreenlandscapes.com/pla/imgs/s39876891442473.js Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:46 GMT Content-Encoding gzip Last-Modified Mon, 28 Oct 2013 07:13:56 GMT Server nginx/1.12.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	styles.css cgreenlandscapes.com/pla/img/	51 KB 13 KB	140ms 136ms	Stylesheet text/css	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://cgreenlandscapes.com/pla/img/styles.css Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `72041e7efc90bb83d87cb5c52ec76f25f187ca63f3d828284b0de4588b1dd0e5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,/;q=0.1 Referer http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:46 GMT Content-Encoding gzip Last-Modified Fri, 20 Jan 2017 12:16:10 GMT Server nginx/1.12.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/css
GET H/1.1	200 OK	css.css cgreenlandscapes.com/pla/img/	647 B 528 B	259ms 131ms	Stylesheet text/css	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://cgreenlandscapes.com/pla/img/css.css Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `4e5eabe368b93c1a60fbbf4dc5d9c205f745fca366b4ebc0dfde32e0a1d99fcd` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,/;q=0.1 Referer http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:46 GMT Content-Encoding gzip Last-Modified Sun, 11 Jan 2015 17:08:58 GMT Server nginx/1.12.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/css
GET H/1.1	200 OK	facebox.css cgreenlandscapes.com/pla/img/	3 KB 1 KB	268ms 136ms	Stylesheet text/css	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://cgreenlandscapes.com/pla/img/facebox.css Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `369435ccb569ec682e01b629883a0444f33bef23f7ada7fd488c9118a680a203` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,/;q=0.1 Referer http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:46 GMT Content-Encoding gzip Last-Modified Sun, 11 Jan 2015 17:08:58 GMT Server nginx/1.12.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/css
GET H/1.1	200 OK	jquery-1.js Show response cgreenlandscapes.com/pla/img/	70 KB 28 KB	267ms 135ms	Script application/javascript	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://cgreenlandscapes.com/pla/img/jquery-1.js Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:46 GMT Content-Encoding gzip Last-Modified Sun, 11 Jan 2015 17:08:58 GMT Server nginx/1.12.2 Connection keep-alive Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	jquery.js Show response cgreenlandscapes.com/pla/img/	2 KB 1 KB	268ms 132ms	Script application/javascript	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://cgreenlandscapes.com/pla/img/jquery.js Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `5a7e54fbc97213c7e72c607aaabe9d32b9285e01dc5ec8f9e0fa72b98a18f6cc` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:46 GMT Content-Encoding gzip Last-Modified Sun, 11 Jan 2015 17:08:58 GMT Server nginx/1.12.2 Connection keep-alive Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	facebox.js Show response cgreenlandscapes.com/pla/img/	9 KB 3 KB	394ms 136ms	Script application/javascript	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://cgreenlandscapes.com/pla/img/facebox.js Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `648e8bbb6388bce48e2ae62585040075d8f8484ec301ecd576275e186636f5c4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:46 GMT Content-Encoding gzip Last-Modified Sun, 11 Jan 2015 17:08:58 GMT Server nginx/1.12.2 Connection keep-alive Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	404 Not Found	aggregator.css cgreenlandscapes.com/pla/imgs/	0 0	267ms 137ms	Stylesheet text/html	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://cgreenlandscapes.com/pla/imgs/aggregator.css Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,/;q=0.1 Referer http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:46 GMT Content-Encoding gzip Last-Modified Mon, 28 Oct 2013 07:13:56 GMT Server nginx/1.12.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	header.PNG cgreenlandscapes.com/pla/images/	20 KB 20 KB	140ms 140ms	Image image/png	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Show image Full URL http://cgreenlandscapes.com/pla/images/header.PNG Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `696e4c389f745a2e93d35ed8c3f63dbb1f0d257c44a6775c471bf90037d02351` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:47 GMT Last-Modified Mon, 21 Nov 2016 20:32:12 GMT Server nginx/1.12.2 Connection keep-alive Accept-Ranges bytes Content-Length 20351 Content-Type image/png
GET H/1.1	200 OK	headlnk.PNG cgreenlandscapes.com/pla/images/	3 KB 3 KB	146ms 145ms	Image image/png	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Show image Full URL http://cgreenlandscapes.com/pla/images/headlnk.PNG Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `c4829e9aed0e9ae4477d352cea824c69eacd6e6f970e1c19893df3df663f2ef3` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:47 GMT Last-Modified Mon, 21 Nov 2016 20:32:38 GMT Server nginx/1.12.2 Connection keep-alive Accept-Ranges bytes Content-Length 3218 Content-Type image/png
GET H/1.1	200 OK	loginbd.PNG cgreenlandscapes.com/pla/images/	110 KB 110 KB	141ms 140ms	Image image/png	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Show image Full URL http://cgreenlandscapes.com/pla/images/loginbd.PNG Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `b68f256cc106ceb48acd4ce1389ce0c554b306bcb770a64d1a04fbf69f90a00d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:47 GMT Last-Modified Mon, 21 Nov 2016 20:33:36 GMT Server nginx/1.12.2 Connection keep-alive Accept-Ranges bytes Content-Length 112447 Content-Type image/png
GET H/1.1	200 OK	signin.PNG cgreenlandscapes.com/pla/images/	15 KB 16 KB	133ms 132ms	Image image/png	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Show image Full URL http://cgreenlandscapes.com/pla/images/signin.PNG Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `6d4eed0e19b4d64d594e5780ea0547284205fc85f82b7488fddb0758bee03b4c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:47 GMT Last-Modified Mon, 21 Nov 2016 20:34:10 GMT Server nginx/1.12.2 Connection keep-alive Accept-Ranges bytes Content-Length 15799 Content-Type image/png
GET H/1.1	200 OK	ads.PNG cgreenlandscapes.com/pla/images/	83 KB 84 KB	141ms 140ms	Image image/png	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Show image Full URL http://cgreenlandscapes.com/pla/images/ads.PNG Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `f06abcc46b2d0c545565debf158c0383777bb9e620198caaea27c904c5804b28` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:47 GMT Last-Modified Mon, 21 Nov 2016 20:34:28 GMT Server nginx/1.12.2 Connection keep-alive Accept-Ranges bytes Content-Length 85370 Content-Type image/png
GET H/1.1	200 OK	help.PNG cgreenlandscapes.com/pla/images/	4 KB 4 KB	133ms 132ms	Image image/png	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Show image Full URL http://cgreenlandscapes.com/pla/images/help.PNG Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `c55c0eb5076a96447708fecec75ad0037a16b7f9d29e271e521fc0b22d2c6349` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:47 GMT Last-Modified Mon, 21 Nov 2016 20:34:50 GMT Server nginx/1.12.2 Connection keep-alive Accept-Ranges bytes Content-Length 4293 Content-Type image/png
GET H/1.1	200 OK	footer.PNG cgreenlandscapes.com/pla/images/	52 KB 53 KB	266ms 139ms	Image image/png	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Show image Full URL http://cgreenlandscapes.com/pla/images/footer.PNG Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `6154d31df47e3791ad06dd05bcd0950bce571412790330cc71e2c7c17e20b620` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:47 GMT Last-Modified Mon, 21 Nov 2016 20:35:58 GMT Server nginx/1.12.2 Connection keep-alive Accept-Ranges bytes Content-Length 53631 Content-Type image/png
GET H/1.1	200 OK	/ none.com/	0 1 KB	55ms 27ms	Image text/html	217.70.184.50 http://www.gandi.net
General Check archive.org Show headers Download Go to Show image Full URL http://none.com/ Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 217.70.184.50 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR), Reverse DNS webredir.vip.gandi.net Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:47 GMT Server nginx Connection close Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	aggregator.css cgreenlandscapes.com/pla/imgs/	0 0	183ms 182ms	Stylesheet text/html	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://cgreenlandscapes.com/pla/imgs/aggregator.css Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/index.php Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,/;q=0.1 Referer http://cgreenlandscapes.com/pla/index.php Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:46 GMT Content-Encoding gzip Last-Modified Mon, 28 Oct 2013 07:13:56 GMT Server nginx/1.12.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	bg_gradient.png cgreenlandscapes.com/pla/nfcu_images/	12 KB 12 KB	248ms 132ms	Image text/html	192.185.114.4 CyrusOne LLC
General Check archive.org Show headers Download Go to Show image Full URL http://cgreenlandscapes.com/pla/nfcu_images/bg_gradient.png Requested by Host: cgreenlandscapes.com URL: http://cgreenlandscapes.com/pla/img/jquery-1.js Protocol HTTP/1.1 Server 192.185.114.4 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS 192-185-114-4.unifiedlayer.com Software nginx/1.12.2 / Resource Hash `b98e58f0f2c62969d61ce2ec31043dacb8d378ecbbfcae138b6250d432e195dd` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cgreenlandscapes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://cgreenlandscapes.com/pla/img/styles.css Connection keep-alive Cache-Control no-cache Referer http://cgreenlandscapes.com/pla/img/styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 02 Apr 2018 18:57:47 GMT Content-Encoding gzip Last-Modified Mon, 28 Oct 2013 07:13:56 GMT Server nginx/1.12.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Navy Federal Credit Union (Government)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| unhideBody

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cgreenlandscapes.com
none.com
www.kenkoh.com.hk
103.38.161.13
192.185.114.4
217.70.184.50
369435ccb569ec682e01b629883a0444f33bef23f7ada7fd488c9118a680a203
397f1f287385a86e365c42f825d374db310d1176a2b266eafd5a2979e5567372
4e5eabe368b93c1a60fbbf4dc5d9c205f745fca366b4ebc0dfde32e0a1d99fcd
5a7e54fbc97213c7e72c607aaabe9d32b9285e01dc5ec8f9e0fa72b98a18f6cc
6154d31df47e3791ad06dd05bcd0950bce571412790330cc71e2c7c17e20b620
648e8bbb6388bce48e2ae62585040075d8f8484ec301ecd576275e186636f5c4
696e4c389f745a2e93d35ed8c3f63dbb1f0d257c44a6775c471bf90037d02351
6d4eed0e19b4d64d594e5780ea0547284205fc85f82b7488fddb0758bee03b4c
72041e7efc90bb83d87cb5c52ec76f25f187ca63f3d828284b0de4588b1dd0e5
b68f256cc106ceb48acd4ce1389ce0c554b306bcb770a64d1a04fbf69f90a00d
b98e58f0f2c62969d61ce2ec31043dacb8d378ecbbfcae138b6250d432e195dd
c4829e9aed0e9ae4477d352cea824c69eacd6e6f970e1c19893df3df663f2ef3
c55c0eb5076a96447708fecec75ad0037a16b7f9d29e271e521fc0b22d2c6349
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70a1b241c5f991d5fbb7f593ed12c14fcc03195096e27ddcfd76825c229ae17
f06abcc46b2d0c545565debf158c0383777bb9e620198caaea27c904c5804b28

cgreenlandscapes.com Open in urlscan Pro 192.185.114.4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

352 kBTransfer

440 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

cgreenlandscapes.com Open in urlscan Pro
192.185.114.4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

352 kB
Transfer

440 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!