productsgallerydetails.com Open in urlscan Pro
188.114.96.3  Malicious Activity! Public Scan

URL: https://productsgallerydetails.com/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On April 15 via api from IT — Scanned from NL

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 15 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is productsgallerydetails.com.
TLS certificate: Issued by GTS CA 1P5 on April 14th 2024. Valid for: 3 months.
This is the only time productsgallerydetails.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alibaba (Online)

Domain & IP information

IP Address AS Autonomous System
1 188.114.96.3 13335 (CLOUDFLAR...)
4 104.16.85.20 13335 (CLOUDFLAR...)
1 142.250.185.74 15169 (GOOGLE)
1 151.101.66.137 54113 (FASTLY)
8 154.72.194.117 327724 (NITA)
15 5
Apex Domain
Subdomains
Transfer
8 ecitizen.go.ug
ecitizen.go.ug
249 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 315
81 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 771
30 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
775 B
1 productsgallerydetails.com
productsgallerydetails.com
101 KB
15 5
Domain Requested by
8 ecitizen.go.ug productsgallerydetails.com
4 cdn.jsdelivr.net productsgallerydetails.com
1 code.jquery.com productsgallerydetails.com
1 fonts.googleapis.com productsgallerydetails.com
1 productsgallerydetails.com
15 5
Subject Issuer Validity Valid
productsgallerydetails.com
GTS CA 1P5
2024-04-14 -
2024-07-13
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.ecitizen.go.ug
R3
2024-04-14 -
2024-07-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://productsgallerydetails.com/
Frame ID: 8ADA7E873641676D4A0E18D3F63DCC8C
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Alibaba Manufacturer Directory - Suppliers, Manufacturers, Exporters & Importers

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

462 kB
Transfer

2385 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
productsgallerydetails.com/
2 MB
101 KB
Document
General
Full URL
https://productsgallerydetails.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14f7b024f41a5174b061dd3ce653f2fcbdb41e5ac9e1b13f7ce43dbc7d797cf1

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
874a54ab181b66d5-AMS
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 15 Apr 2024 07:47:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BgjyLIR7vQx%2FHVIAVAf0cjBgmMYTTc72dAychO%2FtKePdA1r6XmrWOd1TsgwMr9lotWnu4da%2BLc%2FU70Rn1TyMzc4MyjQ%2BHbLQxZrKzmZq3TiqMIbNPZ5DJpACZ%2FK9o%2B%2BKw0%2FY5UcpOr8q8E9FKg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/
158 KB
25 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css
Requested by
Host: productsgallerydetails.com
URL: https://productsgallerydetails.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:48:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2823296
x-jsd-version
4.6.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230063-FRA, cache-lga21931-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9hs2lnCGpj%2BcKnf10vqh3G%2B0FYzAb4FvPx2CYUL3%2BDEREtc9V5T%2BEsq2rSpiUqXH97JWL5PnSWM4WKxFsSMzScs%2FEqvJ%2BlV1YlTwqU8RGeJ3Dma2S9jMmSCb65BKNzznG1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
874a54ae4af91ca6-AMS
icon
fonts.googleapis.com/
569 B
775 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: productsgallerydetails.com
URL: https://productsgallerydetails.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Apr 2024 07:48:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Apr 2024 07:48:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Apr 2024 07:48:00 GMT
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: productsgallerydetails.com
URL: https://productsgallerydetails.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:48:00 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5624899
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-mad2200109-MAD
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1713167280.457486,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
5, 209648
jquery.slim.min.js
cdn.jsdelivr.net/npm/jquery@3.7.1/dist/
69 KB
25 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.slim.min.js
Requested by
Host: productsgallerydetails.com
URL: https://productsgallerydetails.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:48:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2822630
x-jsd-version
3.7.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220118-FRA, cache-lga21928-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"11278-ix1dvRFLnJL0ogE54ayjGW2UgUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KqftpzYDw4HUnIk7Ecn%2FCIovj51Kuorbyx71lRDPeVa1WkmM%2F8olc8ajK4hctnbCgbKBPIqtEWawoq%2FxDB4OAYr2XmE9QmlD69OAGm%2B0SCHDwuKGtuMoBSs1yus9Ogvft3g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
874a54ae4af81ca6-AMS
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/
21 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by
Host: productsgallerydetails.com
URL: https://productsgallerydetails.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:48:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2814459
x-jsd-version
1.16.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220021-FRA, cache-lga21940-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FmXBWXOVCOGRAL0rcf0O47RSTGQOQxI209zlyScAxrAaCfpw7qFqTt7iOYFhmy%2B24t5SsbVjrgfcx9CO1Bv3K%2B7xb6n6GRnilKbBYxbvj7MC9xqQdhV%2Fe5%2FLvJf%2BC0sTtzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
874a54ae4af21ca6-AMS
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/
81 KB
23 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: productsgallerydetails.com
URL: https://productsgallerydetails.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:48:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2819097
x-jsd-version
4.6.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220105-FRA, cache-lga21952-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"145b0-MjP9Adh/ukV+qtjcvCifdbFw+BQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bB%2FjTRGhmvnSUqKw85YnC6Oq2YThV2CFn35knfMsrJcS55wxT66urvCEQ5ekwP8FUkN5osLOyQ5Jq3TnhXcYk5a1ZsyP1N0JFeVCLYGrnALvafIX1O8SMzqac788pqNCtv8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
874a54ae4af51ca6-AMS
gtjfjfjfjfgjfgjfjfjfjffg.png
ecitizen.go.ug/sitttes/img/
16 KB
16 KB
Image
General
Full URL
https://ecitizen.go.ug/sitttes/img/gtjfjfjfjfgjfgjfjfjfjffg.png
Requested by
Host: productsgallerydetails.com
URL: https://productsgallerydetails.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
e639fea6b09edde576c7e201e64996e7429017d54351e8cc7e163ca0773551a5
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:48:01 GMT
x-content-type-options
nosniff, nosniff
last-modified
Wed, 24 Jan 2024 17:11:40 GMT
server
Apache
etag
W/"PSA-tyzZ5XD1e3"
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
16527
expires
Mon, 29 Apr 2024 06:03:19 GMT
load2.gif
ecitizen.go.ug/sitttes/img/
35 KB
35 KB
Image
General
Full URL
https://ecitizen.go.ug/sitttes/img/load2.gif
Requested by
Host: productsgallerydetails.com
URL: https://productsgallerydetails.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
fd969eab7bf38ffda200dcbf707646810df3039138abe643793c20404ecf5900
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:48:01 GMT
x-content-type-options
nosniff, nosniff
last-modified
Wed, 24 Jan 2024 17:12:44 GMT
server
Apache
etag
W/"PSA-dQ_H98Y5G3"
content-type
image/gif
cache-control
max-age=1209600
accept-ranges
bytes
content-length
36044
expires
Mon, 29 Apr 2024 06:03:19 GMT
barcode.png
ecitizen.go.ug/sitttes/img/
449 B
539 B
Image
General
Full URL
https://ecitizen.go.ug/sitttes/img/barcode.png
Requested by
Host: productsgallerydetails.com
URL: https://productsgallerydetails.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
de7805633c7a0de8664f0631249124bdc16c95538a7a3d6c888d8a291e735649
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:48:01 GMT
x-content-type-options
nosniff, nosniff
x-original-content-length
828
server
Apache
etag
W/"PSA-aj-y_16Szzhid"
content-type
image/png
cache-control
max-age=1203317
accept-ranges
bytes
content-length
449
expires
Mon, 29 Apr 2024 06:03:19 GMT
notice-icon.png
ecitizen.go.ug/sitttes/img/
301 B
395 B
Image
General
Full URL
https://ecitizen.go.ug/sitttes/img/notice-icon.png
Requested by
Host: productsgallerydetails.com
URL: https://productsgallerydetails.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
97f86999497130c29fb1a19835e182e4f6ffc01eda4b53b09addb5ab641623f4
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:48:01 GMT
x-content-type-options
nosniff, nosniff
x-original-content-length
549
server
Apache
etag
W/"PSA-aj-zatoIw361M"
content-type
image/png
cache-control
max-age=1203316
accept-ranges
bytes
content-length
301
expires
Mon, 29 Apr 2024 06:03:18 GMT
notice2.png
ecitizen.go.ug/sitttes/img/
744 B
803 B
Image
General
Full URL
https://ecitizen.go.ug/sitttes/img/notice2.png
Requested by
Host: productsgallerydetails.com
URL: https://productsgallerydetails.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
f13161c98fa72a2e1f1bed49c4c65ffdcd43e71df1ebe07fd90cb376a21bd93b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:48:01 GMT
x-content-type-options
nosniff, nosniff
x-original-content-length
2524
server
Apache
etag
W/"PSA-aj-dk38saD5Mz"
content-type
image/png
cache-control
max-age=1203317
accept-ranges
bytes
content-length
744
expires
Mon, 29 Apr 2024 06:03:19 GMT
confirm.png
ecitizen.go.ug/sitttes/img/
741 B
801 B
Image
General
Full URL
https://ecitizen.go.ug/sitttes/img/confirm.png
Requested by
Host: productsgallerydetails.com
URL: https://productsgallerydetails.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
b14106503ec607d5b1f58a6585ac58d2b677c844ca452fccba917470e33d5502
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:48:01 GMT
x-content-type-options
nosniff, nosniff
x-original-content-length
2527
server
Apache
etag
W/"PSA-aj-sQH6l75xwh"
content-type
image/png
cache-control
max-age=1203317
accept-ranges
bytes
content-length
741
expires
Mon, 29 Apr 2024 06:03:19 GMT
wi.jpg
ecitizen.go.ug/sitttes/img/
194 KB
194 KB
Image
General
Full URL
https://ecitizen.go.ug/sitttes/img/wi.jpg
Requested by
Host: productsgallerydetails.com
URL: https://productsgallerydetails.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
1ed2c655524e31b8e6fc672fa0bf2c5e40ceb54a751bd688220f702ab497f8d1
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:48:01 GMT
x-content-type-options
nosniff, nosniff
last-modified
Sun, 07 Apr 2024 21:13:45 GMT
server
Apache
etag
W/"PSA-Snzcapy-6G"
content-type
image/jpeg
cache-control
max-age=1209600, s-maxage=10
accept-ranges
bytes
content-length
198353
expires
Mon, 29 Apr 2024 06:03:18 GMT
favicon.ico
ecitizen.go.ug/sitttes/img/
1 KB
546 B
Other
General
Full URL
https://ecitizen.go.ug/sitttes/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
12a8e74153c9331dfb091e086a88a20f8b417399d86adf5d18202b095e4d15b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://productsgallerydetails.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:48:01 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Jan 2024 17:11:16 GMT
server
Apache
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=1209600, s-maxage=10
accept-ranges
bytes
content-length
440
expires
Mon, 29 Apr 2024 07:48:01 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alibaba (Online)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| dF function| $ function| jQuery function| Popper object| bootstrap function| _0x254bfc function| _0x366a40 function| _0x5438dd function| _0x20f7 function| _0x528f function| _0x2a5b2f function| _0x296ab4

0 Cookies

6 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
recommendation verbose URL: https://productsgallerydetails.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o