productsdetailgallery.com Open in urlscan Pro
104.21.34.70 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://productsdetailgallery.com/
Effective URL:
https://productsdetailgallery.com/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On April 10 via api (April 10th 2024, 7:40:58 am UTC) from IT — Scanned from IT

Summary HTTP 15 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 104.21.34.70, located in and belongs to CLOUDFLARENET, US. The main domain is productsdetailgallery.com.
TLS certificate: Issued by GTS CA 1P5 on April 9th 2024. Valid for: 3 months.

This is the only time productsdetailgallery.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alibaba (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	104.21.34.70 104.21.34.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.16.88.20 104.16.88.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
8	154.72.194.117 154.72.194.117	327724 (NITA) (NITA)
15	5

1 104.21.34.70 (None, )

ASN13335 (CLOUDFLARENET, US)

productsdetailgallery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 154.72.194.117 (Kampala, Uganda)

ASN327724 (NITA, UG)
PTR: wh5.nita.go.ug

ecitizen.go.ug	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	ecitizen.go.ug ecitizen.go.ug	167 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 454	81 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1217	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 116	775 B
1	productsdetailgallery.com productsdetailgallery.com	99 KB
15	5

	Domain	Requested by
8	ecitizen.go.ug	productsdetailgallery.com
4	cdn.jsdelivr.net	productsdetailgallery.com
1	code.jquery.com	productsdetailgallery.com
1	fonts.googleapis.com	productsdetailgallery.com
1	productsdetailgallery.com
15	5

This site contains links to these domains. Also see Links.

Domain
www.alibaba.com
spanish.alibaba.com
portuguese.alibaba.com
german.alibaba.com
french.alibaba.com
italian.alibaba.com
hindi.alibaba.com
russian.alibaba.com
korean.alibaba.com
japanese.alibaba.com
arabic.alibaba.com
thai.alibaba.com
dutch.alibaba.com
vietnamese.alibaba.com
indonesian.alibaba.com
hebrew.alibaba.com
www.alibabagroup.com
www.taobao.com
www.tmall.com
ju.taobao.com
www.aliexpress.com
www.1688.com
www.alimama.com
www.fliggy.com
world.taobao.com
www.alibabacloud.com
www.alios.cn
aliqin.tmall.com
www.net.cn
www.autonavi.com
www.uc.cn
www.umeng.com
www.xiami.com
www.dingtalk.com
global.alipay.com
taobao.lazada.sg
rule.alibaba.com
idinfo.zjaic.gov.cn

Subject Issuer	Validity	Valid
productsdetailgallery.com GTS CA 1P5	`2024-04-09` - `2024-07-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
ecitizen.go.ug cPanel, Inc. Certification Authority	`2024-02-13` - `2024-05-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://productsdetailgallery.com/
Frame ID: 6E02F53BBC7EE160689B55643ECFB189
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Alibaba Manufacturer Directory - Suppliers, Manufacturers, Exporters & Importers

Page URL History Show full URLs

http://productsdetailgallery.com/ HTTP 307
https://productsdetailgallery.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

378 kB
Transfer

2274 kB
Size

0
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alibaba.com/
Title: International

Search URL Search Domain Scan URL

URL: https://spanish.alibaba.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://portuguese.alibaba.com/
Title: Português

Search URL Search Domain Scan URL

URL: https://german.alibaba.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://french.alibaba.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://italian.alibaba.com/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://hindi.alibaba.com/
Title: हिंदी

Search URL Search Domain Scan URL

URL: https://russian.alibaba.com/
Title: Pусский

Search URL Search Domain Scan URL

URL: https://korean.alibaba.com/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://japanese.alibaba.com/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://arabic.alibaba.com/
Title: اللغة العربية

Search URL Search Domain Scan URL

URL: https://thai.alibaba.com/
Title: ภาษาไทย

Search URL Search Domain Scan URL

URL: https://dutch.alibaba.com/
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://vietnamese.alibaba.com/
Title: tiếng Việt

Search URL Search Domain Scan URL

URL: https://indonesian.alibaba.com/
Title: Indonesian

Search URL Search Domain Scan URL

URL: https://hebrew.alibaba.com/
Title: עברית

Search URL Search Domain Scan URL

URL: https://www.alibabagroup.com/en/global/home
Title: Alibaba Group

Search URL Search Domain Scan URL

URL: https://www.taobao.com/
Title: Taobao Marketplace

Search URL Search Domain Scan URL

URL: https://www.tmall.com/
Title: Tmall.com

Search URL Search Domain Scan URL

URL: https://ju.taobao.com/
Title: Juhuasuan

Search URL Search Domain Scan URL

URL: https://www.aliexpress.com/
Title: AliExpress

Search URL Search Domain Scan URL

URL: https://www.1688.com/
Title: 1688.com

Search URL Search Domain Scan URL

URL: https://www.alimama.com/index.htm
Title: Alimama

Search URL Search Domain Scan URL

URL: https://www.fliggy.com/
Title: Fliggy

Search URL Search Domain Scan URL

URL: https://world.taobao.com/
Title: Taobao Global

Search URL Search Domain Scan URL

URL: https://www.alibabacloud.com/
Title: Alibaba Cloud

Search URL Search Domain Scan URL

URL: https://www.alios.cn/
Title: AliOS

Search URL Search Domain Scan URL

URL: https://aliqin.tmall.com/
Title: AliTelecom

Search URL Search Domain Scan URL

URL: https://www.net.cn/
Title: HiChina

Search URL Search Domain Scan URL

URL: https://www.autonavi.com/
Title: Autonavi

Search URL Search Domain Scan URL

URL: https://www.uc.cn/
Title: UCWeb

Search URL Search Domain Scan URL

URL: https://www.umeng.com/
Title: Umeng

Search URL Search Domain Scan URL

URL: https://www.xiami.com/
Title: Xiami

Search URL Search Domain Scan URL

URL: https://www.dingtalk.com/en
Title: DingTalk

Search URL Search Domain Scan URL

URL: https://global.alipay.com/
Title: Alipay

Search URL Search Domain Scan URL

URL: https://taobao.lazada.sg/
Title: Lazada

Search URL Search Domain Scan URL

URL: https://rule.alibaba.com/rule/detail/2047.htm
Title: Product Listing Policy

Search URL Search Domain Scan URL

URL: http://rule.alibaba.com/rule/detail/2049.htm
Title: Intellectual Property Protection

Search URL Search Domain Scan URL

URL: http://rule.alibaba.com/rule/detail/2034.htm
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://rule.alibaba.com/rule/detail/2041.htm
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://idinfo.zjaic.gov.cn/bscx.do

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/trade/servlet/page/static/copyright_policy
Title: ©

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://productsdetailgallery.com/ HTTP 307
https://productsdetailgallery.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
productsdetailgallery.com/
Redirect Chain

http://productsdetailgallery.com/
https://productsdetailgallery.com/

2 MB
99 KB

141ms
57ms

Document
text/html

104.21.34.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://productsdetailgallery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.34.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b37d5bc858b595fb2ed35684155a3c712026b74129da01fb18d07ae81c8ef0f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8721175c0d6c0e8f-MXP
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 10 Apr 2024 07:40:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ip%2FIYF8OEdl%2Bxzw%2FyvjPhGQJyYv8TGmuhOKvMQGdfvtxPT2HOGXtf085IWvSQ1PTFAEBUZbDkW7Xvq9n49kRv5qRfb1omwDYYpiCYvT03assEki58v%2FIO9YUoD5Bqxac%2FlxG%2FQXUSibDwQ6I"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://productsdetailgallery.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/ 158 KB
25 KB 166ms
129ms Stylesheet
text/css 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css

Requested by

Host: productsdetailgallery.com
URL: https://productsdetailgallery.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 07:40:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3157783
x-jsd-version: 4.6.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230063-FRA, cache-lga21931-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YupwapXNRWqJznePME7tIQlHDjJncpotR7J5XuSjHv8U3TscTmXJ2%2BmfZxfg%2FfNZsxe%2Fhwm6ILMVDzatKwP3l52YxLalA8BTNCl496ArpXhOG%2FaTSths%2FRxtsN2AvhSvUFI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8721175d89714be4-MXP

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 146ms
52ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: productsdetailgallery.com
URL: https://productsdetailgallery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Apr 2024 07:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 07:40:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Apr 2024 07:40:52 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 77ms
23ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: productsdetailgallery.com
URL: https://productsdetailgallery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 07:40:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5192472
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fco2270026-FCO
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1712734853.736636,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 16, 209422

GET
H3 200 jquery.slim.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.7.1/dist/ 69 KB
25 KB 112ms
83ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.slim.min.js

Requested by

Host: productsdetailgallery.com
URL: https://productsdetailgallery.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 07:40:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3157737
x-jsd-version: 3.7.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220118-FRA, cache-lga21972-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"11278-ix1dvRFLnJL0ogE54ayjGW2UgUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DcNcqEvnYovZDwXgwFpubQ49qLT48Xylzc54YKr%2BWPYy4p4D5kxUPfiiDIZF8tkr08Nwjd37A3Q7NlVooi9QNjecuCLqXiHdvBm42iPtel1Id%2F6u4%2FgsgpaYPCpwo62oaBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8721175d896a4be4-MXP

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 78ms
49ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: productsdetailgallery.com
URL: https://productsdetailgallery.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 07:40:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3147464
x-jsd-version: 1.16.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220021-FRA, cache-lga21953-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLGE%2B5%2FgJjL9Ne6IR7yiJG4KaMTK8rh%2BpQYK3UiY4vc2jjhEX5m4tgJzfm2nHlqC078ZLBH%2FuRNgPQ5cgvpRjvb32ohW0XxmOxwu1GNs%2Bh5mpssOBgnaB8nFlv0N6%2BDe%2Bc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8721175d896e4be4-MXP

GET
H3 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ 81 KB
23 KB 79ms
50ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: productsdetailgallery.com
URL: https://productsdetailgallery.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 07:40:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3151620
x-jsd-version: 4.6.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220105-FRA, cache-lga21968-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"145b0-MjP9Adh/ukV+qtjcvCifdbFw+BQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qKSFLXnYriAnabKhM7aw31Z8zWYgZhfCTvJjblyLcHknJXEUE4mXlJHCvmlDXrRDCTSSY3vwIboqM2TvbvCZa2x%2Fvnnsbbe%2BOq%2FvqOLNk17ztB91JkJliha3BgAacaAwExc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8721175d896b4be4-MXP

GET
H2 200 gtjfjfjfjfgjfgjfjfjfjffg.png
ecitizen.go.ug/sitttes/img/ 16 KB
16 KB 1111ms
295ms Image
image/png 154.72.194.117
NITA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecitizen.go.ug/sitttes/img/gtjfjfjfjfgjfgjfjfjfjffg.png

Requested by

Host: productsdetailgallery.com
URL: https://productsdetailgallery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),

Reverse DNS

wh5.nita.go.ug

Software

Apache /

Resource Hash

e639fea6b09edde576c7e201e64996e7429017d54351e8cc7e163ca0773551a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 07:40:53 GMT
x-content-type-options: nosniff, nosniff
last-modified: Wed, 24 Jan 2024 17:11:40 GMT
server: Apache
etag: W/"PSA-tyzZ5XD1e3"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 16527
expires: Wed, 24 Apr 2024 07:02:38 GMT

GET
H2 200 load2.gif
ecitizen.go.ug/sitttes/img/ 35 KB
35 KB 1365ms
566ms Image
image/gif 154.72.194.117
NITA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecitizen.go.ug/sitttes/img/load2.gif

Requested by

Host: productsdetailgallery.com
URL: https://productsdetailgallery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),

Reverse DNS

wh5.nita.go.ug

Software

Apache /

Resource Hash

fd969eab7bf38ffda200dcbf707646810df3039138abe643793c20404ecf5900

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 07:40:53 GMT
x-content-type-options: nosniff, nosniff
last-modified: Wed, 24 Jan 2024 17:12:44 GMT
server: Apache
etag: W/"PSA-dQ_H98Y5G3"
content-type: image/gif
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 36044
expires: Wed, 24 Apr 2024 07:02:38 GMT

GET
H2 200 barcode.png
ecitizen.go.ug/sitttes/img/ 449 B
508 B 1355ms
566ms Image
image/png 154.72.194.117
NITA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecitizen.go.ug/sitttes/img/barcode.png

Requested by

Host: productsdetailgallery.com
URL: https://productsdetailgallery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),

Reverse DNS

wh5.nita.go.ug

Software

Apache /

Resource Hash

de7805633c7a0de8664f0631249124bdc16c95538a7a3d6c888d8a291e735649

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 07:40:53 GMT
x-content-type-options: nosniff, nosniff
x-original-content-length: 828
server: Apache
etag: W/"PSA-aj-y_16Szzhid"
content-type: image/png
cache-control: max-age=1207304
accept-ranges: bytes
content-length: 449
expires: Wed, 24 Apr 2024 07:02:38 GMT

GET
H2 200 notice-icon.png
ecitizen.go.ug/sitttes/img/ 301 B
359 B 1356ms
567ms Image
image/png 154.72.194.117
NITA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecitizen.go.ug/sitttes/img/notice-icon.png

Requested by

Host: productsdetailgallery.com
URL: https://productsdetailgallery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),

Reverse DNS

wh5.nita.go.ug

Software

Apache /

Resource Hash

97f86999497130c29fb1a19835e182e4f6ffc01eda4b53b09addb5ab641623f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 07:40:53 GMT
x-content-type-options: nosniff, nosniff
x-original-content-length: 549
server: Apache
etag: W/"PSA-aj-zatoIw361M"
content-type: image/png
cache-control: max-age=1207304
accept-ranges: bytes
content-length: 301
expires: Wed, 24 Apr 2024 07:02:38 GMT

GET
H2 200 notice2.png
ecitizen.go.ug/sitttes/img/ 744 B
804 B 1355ms
567ms Image
image/png 154.72.194.117
NITA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecitizen.go.ug/sitttes/img/notice2.png

Requested by

Host: productsdetailgallery.com
URL: https://productsdetailgallery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),

Reverse DNS

wh5.nita.go.ug

Software

Apache /

Resource Hash

f13161c98fa72a2e1f1bed49c4c65ffdcd43e71df1ebe07fd90cb376a21bd93b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 07:40:53 GMT
x-content-type-options: nosniff, nosniff
x-original-content-length: 2524
server: Apache
etag: W/"PSA-aj-dk38saD5Mz"
content-type: image/png
cache-control: max-age=1207304
accept-ranges: bytes
content-length: 744
expires: Wed, 24 Apr 2024 07:02:38 GMT

GET
H2 200 confirm.png
ecitizen.go.ug/sitttes/img/ 741 B
801 B 1354ms
566ms Image
image/png 154.72.194.117
NITA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecitizen.go.ug/sitttes/img/confirm.png

Requested by

Host: productsdetailgallery.com
URL: https://productsdetailgallery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),

Reverse DNS

wh5.nita.go.ug

Software

Apache /

Resource Hash

b14106503ec607d5b1f58a6585ac58d2b677c844ca452fccba917470e33d5502

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 07:40:53 GMT
x-content-type-options: nosniff, nosniff
x-original-content-length: 2527
server: Apache
etag: W/"PSA-aj-sQH6l75xwh"
content-type: image/png
cache-control: max-age=1207304
accept-ranges: bytes
content-length: 741
expires: Wed, 24 Apr 2024 07:02:38 GMT

GET
H2 200 wi.jpg
ecitizen.go.ug/sitttes/img/ 112 KB
112 KB 1069ms
295ms Image
image/jpeg 154.72.194.117
NITA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecitizen.go.ug/sitttes/img/wi.jpg

Requested by

Host: productsdetailgallery.com
URL: https://productsdetailgallery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),

Reverse DNS

wh5.nita.go.ug

Software

Apache /

Resource Hash

a9ecafdec694d45843c6215fd76de772a2b6f36974f16742858035c7194ef658

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 07:40:53 GMT
x-content-type-options: nosniff, nosniff
x-original-content-length: 198353
server: Apache
etag: W/"PSA-aj-ySMpuHs-1z"
content-type: image/jpeg
cache-control: max-age=1207304
accept-ranges: bytes
content-length: 114866
expires: Wed, 24 Apr 2024 07:02:38 GMT

GET
H2 200 favicon.ico
ecitizen.go.ug/sitttes/img/ 1 KB
590 B 167ms
166ms Other
image/x-icon 154.72.194.117
NITA

General

Check archive.org

Show headers Download Go to

Full URL

https://ecitizen.go.ug/sitttes/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),

Reverse DNS

wh5.nita.go.ug

Software

Apache /

Resource Hash

12a8e74153c9331dfb091e086a88a20f8b417399d86adf5d18202b095e4d15b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://productsdetailgallery.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 07:40:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Jan 2024 17:11:16 GMT
server: Apache
vary: Accept-Encoding
content-type: image/x-icon
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
content-length: 440
expires: Wed, 24 Apr 2024 07:40:54 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alibaba (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
recommendation	verbose	URL: https://productsdetailgallery.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
ecitizen.go.ug
fonts.googleapis.com
productsdetailgallery.com
104.16.88.20
104.21.34.70
142.250.185.74
151.101.2.137
154.72.194.117
12a8e74153c9331dfb091e086a88a20f8b417399d86adf5d18202b095e4d15b5
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf
97f86999497130c29fb1a19835e182e4f6ffc01eda4b53b09addb5ab641623f4
a9ecafdec694d45843c6215fd76de772a2b6f36974f16742858035c7194ef658
b14106503ec607d5b1f58a6585ac58d2b677c844ca452fccba917470e33d5502
b37d5bc858b595fb2ed35684155a3c712026b74129da01fb18d07ae81c8ef0f1
de7805633c7a0de8664f0631249124bdc16c95538a7a3d6c888d8a291e735649
e639fea6b09edde576c7e201e64996e7429017d54351e8cc7e163ca0773551a5
f13161c98fa72a2e1f1bed49c4c65ffdcd43e71df1ebe07fd90cb376a21bd93b
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
fd969eab7bf38ffda200dcbf707646810df3039138abe643793c20404ecf5900
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

productsdetailgallery.com Open in urlscan Pro 104.21.34.70 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

378 kBTransfer

2274 kBSize

0 Cookies

42 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

6 Console Messages

Indicators

productsdetailgallery.com Open in urlscan Pro
104.21.34.70 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

378 kB
Transfer

2274 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!