urlscan.io logo urlscan.io
SecurityTrails logo

nycfug.com Open in urlscan Pro
217.21.85.2  Public Scan

Go To Rescan Add Verdict Report
URL: https://nycfug.com/wp-includes/PHPMailer/?products=onic4d
Submission Tags: @phish_report
Submission: On June 04 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 9 HTTP transactions. The main IP is 217.21.85.2, located in Mumbai, India and belongs to AS-HOSTINGER, CY. The main domain is nycfug.com.
TLS certificate: Issued by R3 on May 25th 2024. Valid for: 3 months.
This is the only time nycfug.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 217.21.85.2 47583 (AS-HOSTINGER)
4 2620:127:f00f... ()
9 3
Domain Requested by
4 558184-3.myshopify.com nycfug.com
1 nycfug.com
0 pub-e23199bba4644c4cb5622bb3f94415c9.r2.dev Failed nycfug.com
9 3

This site contains no links.

Subject Issuer Validity Valid
nycfug.com
R3		 2024-05-25 -
2024-08-23		 3 months crt.sh
myshopify.com
E1		 2024-04-13 -
2024-07-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nycfug.com/wp-includes/PHPMailer/?products=onic4d
Frame ID: 0BF5874EB960773ABC262486E374D82F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

9
Requests

56 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

12 kB
Transfer

46 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nycfug.com/wp-includes/PHPMailer/ 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://nycfug.com/wp-includes/PHPMailer/?products=onic4d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.21.85.2 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
in-mum-cpl28.main-hosting.eu
Software
LiteSpeed / PHP/8.1.27
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
26201
content-type
text/html; charset=UTF-8
date
Tue, 04 Jun 2024 12:25:36 GMT
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
PHP/8.1.27
x-xss-protection
1; mode=block
constants.js
558184-3.myshopify.com/cdn/shop/t/1/assets/ 		195 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://558184-3.myshopify.com/cdn/shop/t/1/assets/constants.js?v=58251544750838685771705119265
Requested by
Host: nycfug.com
URL: https://nycfug.com/wp-includes/PHPMailer/?products=onic4d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e0a3f177110e78bc309f58d2e7b602bc821d6f54f7aa816792d630a6d8db48
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nycfug.com/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 12:26:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
313340
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=74.873, imageryFetch;dur=48.775, cfRequestDuration;dur=17.999887, ipv6
alt-svc
h3=":443"; ma=86400
content-length
139
x-xss-protection
1; mode=block
x-sorting-hat-shopid
68113989884
x-request-id
a88e4d62-4cb3-414f-b541-201e37327169-1715646929
last-modified
Tue, 14 May 2024 00:35:29 GMT
server
cloudflare
x-shopid
68113989884
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E6aeN86IEF23kb3PkYnaZ%2F%2BXpYZyp%2B8XUbq3ukiJq6lj7ib8VZK5W6IkHu%2BOhGBNiNsAOYNOC2rxLWWPUxYss%2BCQuwYhUY5wKVjOdVxkD7oJdMSH9kzC4Mut9F5Gco%2BX%2BWMsl2TEfSsCmFh5UdIt%2FBqUa%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
88e7e8ffbd558d70-HEL
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0681/1398/9884/t/1/assets/constants.js>; rel="canonical"
x-sorting-hat-podid
251
pubsub.js
558184-3.myshopify.com/cdn/shop/t/1/assets/ 		476 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://558184-3.myshopify.com/cdn/shop/t/1/assets/pubsub.js?v=158357773527763999511705119266
Requested by
Host: nycfug.com
URL: https://nycfug.com/wp-includes/PHPMailer/?products=onic4d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a42234475f74be430c334d3334223d08e1a57d4d9f2533c2d50683522d3084e7
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nycfug.com/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 12:26:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
313340
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=155.387, imageryFetch;dur=124.342, cfRequestDuration;dur=22.000074, ipv6
alt-svc
h3=":443"; ma=86400
content-length
206
x-xss-protection
1; mode=block
x-sorting-hat-shopid
68113989884
x-request-id
eabe8e0f-c94b-46a0-bd42-02eed8e6628f-1715624507
last-modified
Mon, 13 May 2024 18:21:47 GMT
server
cloudflare
x-shopid
68113989884
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hoOr4sOx0sPionWf8bkxY6UI59J65Qr7FUMwpkbzF5UgY0IAM1NNlgQL5JUBr%2BAshJipFeksdZ6lTh8bLLUFh2vdy1I0kMRBIaN45b9XPhxz9EY30af%2FFHKHTJX%2BProkn7xu5K1rryss2IVGYsml%2BNhdXDU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
88e7e8ffbd548d70-HEL
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0681/1398/9884/t/1/assets/pubsub.js>; rel="canonical"
x-sorting-hat-podid
251
global.js
558184-3.myshopify.com/cdn/shop/t/1/assets/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://558184-3.myshopify.com/cdn/shop/t/1/assets/global.js?v=113367515774722599301705119266
Requested by
Host: nycfug.com
URL: https://nycfug.com/wp-includes/PHPMailer/?products=onic4d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac5b6b0ccd30d0a0835f78288eecc41b08c355ae6f291de96db9ea4ffc1a961
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nycfug.com/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 12:26:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
313340
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=148.974, imageryFetch;dur=103.994, cfRequestDuration;dur=16.999960, ipv6
alt-svc
h3=":443"; ma=86400
content-length
7833
x-xss-protection
1; mode=block
x-sorting-hat-shopid
68113989884
x-request-id
d1e34f4a-828e-442f-a0a6-84f377c07d91-1715619462
last-modified
Mon, 13 May 2024 16:57:42 GMT
server
cloudflare
x-shopid
68113989884
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cvqZNxm2ySwCChjU72lUgrFIKAVPY21%2Bhb56sILUCMIzqNC0co9ie7dEoxeCdWyrbZWOviG9Ln8bghIbzEE7By%2FzN2%2FxyzFh2LfHBqefZMTkCGLJHch1pm72PopbDQ3AG1RxR2p0BAX3OCJq1IKcvITLb9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
88e7e9054b7b8d70-HEL
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0681/1398/9884/t/1/assets/global.js>; rel="canonical"
x-sorting-hat-podid
251
animations.js
558184-3.myshopify.com/cdn/shop/t/1/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://558184-3.myshopify.com/cdn/shop/t/1/assets/animations.js?v=88693664871331136111705119264
Requested by
Host: nycfug.com
URL: https://nycfug.com/wp-includes/PHPMailer/?products=onic4d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fdfc01f476db0dee764e021a339d46e9270f2d9d4bf4b960e4d5d5ecd0dc2d27
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nycfug.com/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 12:26:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
313339
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=74.342, imageryFetch;dur=46.826, cfRequestDuration;dur=17.999887, ipv6
alt-svc
h3=":443"; ma=86400
content-length
892
x-xss-protection
1; mode=block
x-sorting-hat-shopid
68113989884
x-request-id
3952b444-8c98-4d49-80f4-6e1d24bb4155-1715637100
last-modified
Mon, 13 May 2024 21:51:41 GMT
server
cloudflare
x-shopid
68113989884
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OECSvdxfrpV3QYN7E9aCeLIa19cgwXqfRaytQagdn%2BucQuf076%2FRLdFlOJJRZapIkiNAPVzfaE37N34TLdJ%2Ff9B8T84pbNHDkhApccOUQqQKAHh0HrIyO857%2Bz4dMZVNSo6BRwiwiAfB0RwxYt6eUtx9hYw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
88e7e9054b7e8d70-HEL
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0681/1398/9884/t/1/assets/animations.js>; rel="canonical"
x-sorting-hat-podid
251
astaga-amp-pisang-three.html
pub-e23199bba4644c4cb5622bb3f94415c9.r2.dev/ 		0
0
load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js
558184-3.myshopify.com/cdn/shop/t/1/cdn/shopifycloud/shopify/assets/storefront/ 		0
0
features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
558184-3.myshopify.com/cdn/shop/t/1/cdn/shopifycloud/shopify/assets/storefront/ 		0
0
scripts.js
558184-3.myshopify.com/cdn/shop/t/1/compiled_assets/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pub-e23199bba4644c4cb5622bb3f94415c9.r2.dev
URL
https://pub-e23199bba4644c4cb5622bb3f94415c9.r2.dev/astaga-amp-pisang-three.html
Domain
558184-3.myshopify.com
URL
https://558184-3.myshopify.com/cdn/shop/t/1/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js
Domain
558184-3.myshopify.com
URL
https://558184-3.myshopify.com/cdn/shop/t/1/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
Domain
558184-3.myshopify.com
URL
https://558184-3.myshopify.com/cdn/shop/t/1/compiled_assets/scripts.js?7

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block