afghanbazarrugs.com Open in urlscan Pro
2606:4700:30::681b:99b3  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.html Show response afghanbazarrugs.com/serverwellsfargo20/wfad/	409 KB 292 KB	313ms 254ms	Document text/html	2606:4700:30::681b:99b3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:99b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash d709d9969f0eaed2494ac931a0162646fd81d6ce991f2a00613aedf88423e50a Request headers :method GET :authority afghanbazarrugs.com :scheme https :path /serverwellsfargo20/wfad/login.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers status 200 date Mon, 30 Sep 2019 18:04:56 GMT content-type text/html set-cookie __cfduid=df3e0de6cafcbd293f750af0a3f1f459a1569866696; expires=Tue, 29-Sep-20 18:04:56 GMT; path=/; domain=.afghanbazarrugs.com; HttpOnly; Secure last-modified Fri, 01 Feb 2019 21:52:28 GMT vary Accept-Encoding x-turbo-charged-by LiteSpeed expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 51e81f43fca2cbb4-VIE content-encoding br
GET H2	200	nd Show response afghanbazarrugs.com/serverwellsfargo20/wfad/css/	40 KB 13 KB	249ms 249ms	Script text/plain	2606:4700:30::681b:99b3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://afghanbazarrugs.com/serverwellsfargo20/wfad/css/nd Requested by Host: afghanbazarrugs.com URL: https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:99b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 135c67d9b6df48d37ccf2e6724259abe281f65e2c94a329505c6c7b750e20b9e Request headers Sec-Fetch-Mode no-cors Referer https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 18:04:56 GMT content-encoding br last-modified Tue, 28 Aug 2018 17:14:38 GMT server cloudflare etag W/"9ede-5b8582fe-abf5aa53614dc7bc;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain status 200 x-turbo-charged-by LiteSpeed cf-ray 51e81f459a03cbb4-VIE
GET H2	200	utag.js Show response afghanbazarrugs.com/serverwellsfargo20/wfad/css/	142 KB 18 KB	361ms 360ms	Script application/x-javascript	2606:4700:30::681b:99b3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://afghanbazarrugs.com/serverwellsfargo20/wfad/css/utag.js Requested by Host: afghanbazarrugs.com URL: https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:99b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 705bd8e4384ec9aa56df0603e0763aca2ce9a427c15d36fee5d97622b318c535 Request headers Sec-Fetch-Mode no-cors Referer https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 18:04:56 GMT content-encoding br cf-cache-status MISS last-modified Tue, 28 Aug 2018 17:14:38 GMT server cloudflare etag W/"2373d-5b8582fe-8b4e9b3a45721e00;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 51e81f459a05cbb4-VIE expires Mon, 07 Oct 2019 18:04:56 GMT
GET H2	200	gen_validatorv2.js Show response afghanbazarrugs.com/serverwellsfargo20/wfad/css/	12 KB 2 KB	254ms 253ms	Script application/x-javascript	2606:4700:30::681b:99b3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://afghanbazarrugs.com/serverwellsfargo20/wfad/css/gen_validatorv2.js Requested by Host: afghanbazarrugs.com URL: https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:99b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 344ce7ae9a0179e949d1daf2b1811828294ec092ebdd622a7d8f2f379e801823 Request headers Sec-Fetch-Mode no-cors Referer https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 18:04:56 GMT content-encoding br cf-cache-status MISS last-modified Sat, 28 Nov 2009 20:08:16 GMT server cloudflare etag W/"301b-4b118330-853236d7ded55b5;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 51e81f459a08cbb4-VIE expires Mon, 07 Oct 2019 18:04:56 GMT
GET H2	200	global.css afghanbazarrugs.com/serverwellsfargo20/wfad/css/	20 KB 6 KB	254ms 254ms	Stylesheet text/css	2606:4700:30::681b:99b3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://afghanbazarrugs.com/serverwellsfargo20/wfad/css/global.css Requested by Host: afghanbazarrugs.com URL: https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:99b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash ab78c44d5e86c6f0937d203066ebcadbf50c8d63407564a151bdd03701f40a70 Request headers Sec-Fetch-Mode no-cors Referer https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 18:04:56 GMT content-encoding br cf-cache-status MISS last-modified Tue, 28 Aug 2018 17:14:38 GMT server cloudflare etag W/"4f7f-5b8582fe-e04861fdde78cc34;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 51e81f459a06cbb4-VIE expires Mon, 07 Oct 2019 18:04:56 GMT
GET H2	200	utag_002.js Show response afghanbazarrugs.com/serverwellsfargo20/wfad/css/	39 KB 4 KB	250ms 250ms	Script application/x-javascript	2606:4700:30::681b:99b3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://afghanbazarrugs.com/serverwellsfargo20/wfad/css/utag_002.js Requested by Host: afghanbazarrugs.com URL: https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:99b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 037d71c699303b123f95a8c914479511db22b9f9262f19e51fc17385aff0323d Request headers Sec-Fetch-Mode no-cors Referer https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 18:04:56 GMT content-encoding br cf-cache-status MISS last-modified Tue, 28 Aug 2018 17:14:38 GMT server cloudflare etag W/"9b26-5b8582fe-9f688da0e6fdec1d;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 51e81f459a09cbb4-VIE expires Mon, 07 Oct 2019 18:04:56 GMT
GET H2	200	utag_003.js Show response afghanbazarrugs.com/serverwellsfargo20/wfad/css/	3 KB 1 KB	262ms 262ms	Script application/x-javascript	2606:4700:30::681b:99b3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://afghanbazarrugs.com/serverwellsfargo20/wfad/css/utag_003.js Requested by Host: afghanbazarrugs.com URL: https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:99b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 7b276e5173282620545b51350123f747ceeaca0f1d67137d65694074ddabccff Request headers Sec-Fetch-Mode no-cors Referer https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 18:04:57 GMT content-encoding br cf-cache-status MISS last-modified Tue, 28 Aug 2018 17:14:38 GMT server cloudflare etag W/"b48-5b8582fe-c4b4ad3b82bbe042;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 51e81f472fe6cbb4-VIE expires Mon, 07 Oct 2019 18:04:57 GMT
GET DATA	200 OK	truncated /	12 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f809fa596dc2e66029e195d0aef2d6d7b077ea1f7d145455441ba893875aec41 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 17f3818bba16137fba7657230309043ae41cd08a5df25a7c61cd9583291c1354 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	270 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2910f07eb1efbf99cb485fe848fd1aaa251bcd9c6cb3276426492daa45651be3 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	467 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5145f5faf6c1269bdd974357ed344b9cd5f4e4cea424c14dd302a9c11a206741 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	login-userprefs.js Show response afghanbazarrugs.com/serverwellsfargo20/wfad/css/	137 KB 47 KB	486ms 485ms	Script application/x-javascript	2606:4700:30::681b:99b3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://afghanbazarrugs.com/serverwellsfargo20/wfad/css/login-userprefs.js Requested by Host: afghanbazarrugs.com URL: https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:99b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 440105e7f661813d1c26ab82c39af094cf142aa857774ab7db67936cbfaeecf7 Request headers Sec-Fetch-Mode no-cors Referer https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 18:04:57 GMT content-encoding br cf-cache-status MISS last-modified Tue, 28 Aug 2018 17:14:38 GMT server cloudflare etag W/"22252-5b8582fe-c7fa5a10bc2b69ca;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 51e81f48be1bcbb4-VIE expires Mon, 07 Oct 2019 18:04:57 GMT
GET H2	200	conutils-6.js Show response afghanbazarrugs.com/serverwellsfargo20/wfad/css/	10 KB 4 KB	258ms 258ms	Script application/x-javascript	2606:4700:30::681b:99b3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://afghanbazarrugs.com/serverwellsfargo20/wfad/css/conutils-6.js Requested by Host: afghanbazarrugs.com URL: https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:99b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 198506f95f9c0cf3a670f82ea63f9a560bd6ff9a17c153ad4ac5d8777e0fda21 Request headers Sec-Fetch-Mode no-cors Referer https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 18:04:57 GMT content-encoding br cf-cache-status MISS last-modified Tue, 28 Aug 2018 17:14:38 GMT server cloudflare etag W/"26dc-5b8582fe-3caddc0cd8206265;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 51e81f48be1ccbb4-VIE expires Mon, 07 Oct 2019 18:04:57 GMT
GET H2	200	atadun.js Show response afghanbazarrugs.com/serverwellsfargo20/wfad/css/	1 KB 509 B	260ms 259ms	Script application/x-javascript	2606:4700:30::681b:99b3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://afghanbazarrugs.com/serverwellsfargo20/wfad/css/atadun.js Requested by Host: afghanbazarrugs.com URL: https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:99b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 524334591f0a303f83bca01c7c38da4147eb139c098aeff6fe0e393cca06630c Request headers Sec-Fetch-Mode no-cors Referer https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 18:04:57 GMT content-encoding br cf-cache-status MISS last-modified Tue, 28 Aug 2018 17:14:38 GMT server cloudflare etag W/"437-5b8582fe-7cce0c4cf4dd01ec;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 51e81f48be21cbb4-VIE expires Mon, 07 Oct 2019 18:04:57 GMT
GET DATA	200 OK	truncated /	839 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b99dead0deb91299630edd2fdc72855aac3836ea262473d47348e218a7744264 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b319b049366dde73690990738ac5af4fb9937d18abac85b01aaff185b5262868 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	889 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f7899cfdbc342decc4aeb0bae9ada39bfaa8ae3c687fc72119fca2efdf77dff2 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash df500743bbedcef7623fdf2ef0c05ca411437c6216674271f4cc8b32f910f96d Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1ed889a15705bc76729d29d715c64f3d7f35de2ea519e1d2704924cf40d9e30d Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/jpeg
GET H2	404	conutils-6.2.2.js afghanbazarrugs.com/auth/static/scripts/	0 0	3096ms 3096ms	Script text/html	2606:4700:30::681b:99b3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://afghanbazarrugs.com/auth/static/scripts/conutils-6.2.2.js Requested by Host: afghanbazarrugs.com URL: https://afghanbazarrugs.com/serverwellsfargo20/wfad/css/login-userprefs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:99b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/7.2.20 Resource Hash Request headers Sec-Fetch-Mode no-cors Referer https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 18:05:00 GMT content-encoding gzip cf-cache-status MISS server cloudflare x-powered-by PHP/7.2.20 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control no-transform, no-cache, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed cf-ray 51e81f4c1c0acbb4-VIE link <https://afghanbazarrugs.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	404	atadun.js afghanbazarrugs.com/auth/static/prefs/	0 0	2848ms 2848ms	Script text/html	2606:4700:30::681b:99b3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://afghanbazarrugs.com/auth/static/prefs/atadun.js Requested by Host: afghanbazarrugs.com URL: https://afghanbazarrugs.com/serverwellsfargo20/wfad/css/login-userprefs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:99b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/7.2.20 Resource Hash Request headers Sec-Fetch-Mode no-cors Referer https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 18:05:00 GMT content-encoding gzip cf-cache-status MISS server cloudflare x-powered-by PHP/7.2.20 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control no-transform, no-cache, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed cf-ray 51e81f4c1c0bcbb4-VIE link <https://afghanbazarrugs.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	200	nd Show response connect.secure.wellsfargo.com/jenny/	44 KB 16 KB	755ms 199ms	Script application/javascript	159.45.170.156 Wells Fargo & Com...
General Check archive.org Show headers Download Go to Full URL https://connect.secure.wellsfargo.com/jenny/nd Requested by Host: afghanbazarrugs.com URL: https://afghanbazarrugs.com/serverwellsfargo20/wfad/css/atadun.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.45.170.156 , United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US), Reverse DNS Software KONICHIWA/1.1 / Resource Hash 2988d6e73c0e941bacfce1a19c1bf760ca9506dac8b682dc5b385481ff88fa3a Request headers Sec-Fetch-Mode no-cors Referer https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 18:04:57 GMT Content-Encoding gzip Vary Accept-Encoding Server KONICHIWA/1.1 Transfer-Encoding chunked Content-Type application/javascript;charset=ISO-8859-1
GET H/1.1	200 OK	utag.js Show response static.wellsfargo.com/tracking/main/	246 KB 31 KB	742ms 170ms	Script application/x-javascript	159.45.66.178 Wells Fargo & Com...
General Check archive.org Show headers Download Go to Full URL https://static.wellsfargo.com/tracking/main/utag.js Requested by Host: afghanbazarrugs.com URL: https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.45.66.178 Charlotte, United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US), Reverse DNS Software KONICHIWA/2.0 / Resource Hash 88ea1e8571c24bb405188183eb65160319757c7a93a4db1da31451458d63efff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://afghanbazarrugs.com/serverwellsfargo20/wfad/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 18:04:58 GMT Content-Encoding gzip X-Content-Type-Options nosniff Connection Keep-Alive Content-Length 31649 X-XSS-Protection 1; mode=block Last-Modified Tue, 17 Sep 2019 18:58:19 GMT Server KONICHIWA/2.0 X-Frame-Options SAMEORIGIN ETag "3d85b-592c44dbc88c0-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubdomains; Content-Type application/x-javascript Cache-Control max-age=1800 Accept-Ranges bytes Keep-Alive timeout=15, max=100 Expires Mon, 30 Sep 2019 18:34:58 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) Wells Fargo (Banking)

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| ndoGetObjectKeys string| ndjsStaticVersion object| nskkdsd object| nscunk boolean| nsvhper number| nsvhp number| nsvhpergh object| nsyyapmhym object| nsjldzep object| nsjxztgfsj object| nszomrz object| nsjxzt object| nskkdsdek boolean| nsjldzepyx string| nszomr object| nds object| nsjldzepy number| numQueries object| returned string| version undefined| nsyyapmh string| nskkds string| nswhxr string| nsjxztg string| nswhx string| nswhxrqitz string| nsvhperghu object| nsjldze object| nscunkvea function| nscun function| nswhxrqit function| nsjxz boolean| nskkdsdekp object| nsyyap function| nskkd function| nsvhpe function| nswhxrqi function| nszomrzr function| nsvhperg function| ndwti function| nsjxztgfs function| nskkdsde function| nscunkv function| nszomrzrg function| HashUtil function| nsjldz function| nsjxztgf function| nsyyapmhy function| nsyyapm function| nscunkve function| nsjld function| nsyya function| nswhxrq function| nszom function| nscunkveat function| nszomrzrgh function| nsfxu function| nsqepzifno function| nskcqnzcpi function| nsqepzifn function| nsfxujyqoc function| ndwts function| nspabwuz function| nswlxr function| nspabwu function| nspabwuzc function| nskcq function| nsqafduxp function| nsgdyq function| nswlx function| nsqepz function| nsqpkbeb object| ndsapi object| antiClickjack function| Validator function| set_addnl_vfunction function| clear_all_validations function| form_submit_handler function| add_validation function| ValidationDesc function| vdesc_validate function| ValidationSet function| add_validationdesc function| vset_validate function| validateEmailv2 function| mod10 function| V2validateData string| webId string| ndURI boolean| utag_condload string| new_path object| utag_cfg_ovrd object| utag_data object| userAgentArr object| utag function| utag_pad function| utag_visitor_id string| USERPREFS_PATH string| UPRESOURCE_PATH string| ATADUN_PATH string| loginUrlBase object| scriptParent function| disableSubmitsCollectUserPrefs function| addLoginFormFieldsAndSubmit function| jsEnabled function| addEvent object| UserPrefsHelper object| collector function| loadUserPrefs function| submitUserPrefs function| getUserPrefsOnPageLoad function| undoSaveUsername function| maskedUsernameChanged function| addScriptElement boolean| m object| q object| options object| lun3 boolean| isNative object| js object| fjs object| LoginForm object| Search function| updateCustomSelect object| frmvalidator function| nsshe function| nswbgoe function| nsznfszywq boolean| nsukaf object| nslkopmt object| nswbg boolean| nsukafbslr function| nsmnkhjpfh number| nslkopm number| nswlfamew function| nsukafbsl function| nslko function| nswbgoegf function| nssjuiwv object| nswlfame function| nsznfs object| nssheski object| nssheskik function| nsmnkhj object| nsukafb object| nsznfsz object| nswbgoeg function| nswbgoegff function| nsukafbs boolean| nswbgo string| nslkopmtmr function| nssheskiko function| nssjuiw string| nsznfszy function| nsznf function| nsshesk string| nsshes string| nsznfszyw function| nsmnkhjp string| nssjuiwvbs string| nsuka function| nswlfam string| nssju string| nsmnkhjpf string| nslkop object| nswlfamewz object| nswlfa function| nsmnk function| nswlf function| nssjuiwvb function| nsmnkh function| nslkopmtm function| nsuapxehq function| nsvxyfnhy function| nsuapx function| nsxfinbio function| nswythlg function| nslemlokdn function| nsqakeyil function| nsqake function| nsqbef function| nsqbefqe function| nsxfin function| nslemlok function| nslemlo function| nsvxy function| nswyt function| nsuap function| nswythlgie function| nsqakeyi function| nsuapxeh function| nsxfinbi function| nsuapxehqy function| nswmqy function| nswythl function| nswythlgi object| nssjui function| nslemlokd undefined| pathname undefined| urlArray undefined| url undefined| sRegExInput string| GoogleAnalyticsObject function| ga

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afghanbazarrugs.com
connect.secure.wellsfargo.com
static.wellsfargo.com
159.45.170.156
159.45.66.178
2606:4700:30::681b:99b3
037d71c699303b123f95a8c914479511db22b9f9262f19e51fc17385aff0323d
135c67d9b6df48d37ccf2e6724259abe281f65e2c94a329505c6c7b750e20b9e
17f3818bba16137fba7657230309043ae41cd08a5df25a7c61cd9583291c1354
198506f95f9c0cf3a670f82ea63f9a560bd6ff9a17c153ad4ac5d8777e0fda21
1ed889a15705bc76729d29d715c64f3d7f35de2ea519e1d2704924cf40d9e30d
2910f07eb1efbf99cb485fe848fd1aaa251bcd9c6cb3276426492daa45651be3
2988d6e73c0e941bacfce1a19c1bf760ca9506dac8b682dc5b385481ff88fa3a
344ce7ae9a0179e949d1daf2b1811828294ec092ebdd622a7d8f2f379e801823
440105e7f661813d1c26ab82c39af094cf142aa857774ab7db67936cbfaeecf7
5145f5faf6c1269bdd974357ed344b9cd5f4e4cea424c14dd302a9c11a206741
524334591f0a303f83bca01c7c38da4147eb139c098aeff6fe0e393cca06630c
705bd8e4384ec9aa56df0603e0763aca2ce9a427c15d36fee5d97622b318c535
7b276e5173282620545b51350123f747ceeaca0f1d67137d65694074ddabccff
88ea1e8571c24bb405188183eb65160319757c7a93a4db1da31451458d63efff
ab78c44d5e86c6f0937d203066ebcadbf50c8d63407564a151bdd03701f40a70
b319b049366dde73690990738ac5af4fb9937d18abac85b01aaff185b5262868
b99dead0deb91299630edd2fdc72855aac3836ea262473d47348e218a7744264
d709d9969f0eaed2494ac931a0162646fd81d6ce991f2a00613aedf88423e50a
df500743bbedcef7623fdf2ef0c05ca411437c6216674271f4cc8b32f910f96d
f7899cfdbc342decc4aeb0bae9ada39bfaa8ae3c687fc72119fca2efdf77dff2
f809fa596dc2e66029e195d0aef2d6d7b077ea1f7d145455441ba893875aec41