urlscan.io logo urlscan.io
SecurityTrails logo

ngaburimiijetes.al Open in urlscan Pro
104.21.47.228  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ngaburimiijetes.al/wp-includes/IXXR/?i=i&0=
Effective URL: https://ngaburimiijetes.al/wp-includes/IXXR/of8gljniysafob5jatbytduszt.php?0=&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YW...
Submission: On March 03 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 104.21.47.228, located in and belongs to CLOUDFLARENET, US. The main domain is ngaburimiijetes.al.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2022. Valid for: a year.
This is the only time ngaburimiijetes.al was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

IP Address AS Autonomous System
1 8 104.21.47.228 13335 (CLOUDFLAR...)
1 172.217.174.106 15169 (GOOGLE)
1 172.217.175.67 15169 (GOOGLE)
10 4
Apex Domain
Subdomains		 Transfer
8 ngaburimiijetes.al
ngaburimiijetes.al
266 KB
1 gstatic.com
fonts.gstatic.com
21 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
932 B
10 3
Domain Requested by
8 ngaburimiijetes.al 1 redirects ngaburimiijetes.al
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ngaburimiijetes.al
10 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-11 -
2023-06-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 1 frames:

Frame: https://ngaburimiijetes.al/wp-includes/IXXR/load.php?0=&guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENc
Frame ID: BCDC4A016A67A4ED8590A63C371FEF0A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Detecting Mail Server...

Page URL History Show full URLs

  1. https://ngaburimiijetes.al/wp-includes/IXXR/?i=i&0= HTTP 302
    https://ngaburimiijetes.al/wp-includes/IXXR/of8gljniysafob5jatbytduszt.php?0=&.verify??guce_referrer=aH... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

288 kB
Transfer

321 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ngaburimiijetes.al/wp-includes/IXXR/?i=i&0= HTTP 302
    https://ngaburimiijetes.al/wp-includes/IXXR/of8gljniysafob5jatbytduszt.php?0=&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request of8gljniysafob5jatbytduszt.php
ngaburimiijetes.al/wp-includes/IXXR/
Redirect Chain
  • https://ngaburimiijetes.al/wp-includes/IXXR/?i=i&0=
  • https://ngaburimiijetes.al/wp-includes/IXXR/of8gljniysafob5jatbytduszt.php?0=&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjx...
906 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ngaburimiijetes.al/wp-includes/IXXR/of8gljniysafob5jatbytduszt.php?0=&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.47.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f779fe75a86684a8d1aaf9301c790895571c61b047aa3e565be551a99472bb83

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a252b9a8eb78145-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 03 Mar 2023 22:03:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPkI8g5mpGP48nx%2Fmez9E7C%2FG%2FgvHjqL9FO%2BDj%2BMU6KGdGmxubvth0u0%2FORUcWMPzcU28ACUQaP9kNKGVYyedWlYcR%2BF0uUfznMii%2FLZtfzhdPW7Ti%2FZpHbhLGQX5%2B8AHZ2154Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a252b96bc378145-NRT
content-type
text/html; charset=UTF-8
date
Fri, 03 Mar 2023 22:03:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
of8gljniysafob5jatbytduszt.php?0=&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAn77A9ksHE8xyinGN0Wc%2BehipriFkWz5SFDs%2FD3APz%2FALeuGjfvEOHH3wNEJuSaU0KtG2wnGY2t4i%2BpVD0aVcHEGGGmPeL44MHWTOrBcjf9Ned6TDbdLU%2BO2uUnB9ymQzescwc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
background_styles.css
ngaburimiijetes.al/wp-includes/IXXR/cache/ 		377 B
524 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ngaburimiijetes.al/wp-includes/IXXR/cache/background_styles.css
Requested by
Host: ngaburimiijetes.al
URL: https://ngaburimiijetes.al/wp-includes/IXXR/of8gljniysafob5jatbytduszt.php?0=&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.47.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab362bcabb43f9282e475cb02923fae0a2acb1af1c1cf17f5096a30a6d95a2d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ngaburimiijetes.al/wp-includes/IXXR/of8gljniysafob5jatbytduszt.php?0=&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 22:03:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Thu, 22 Aug 2019 03:42:02 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=472
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjkXIs9jrrgh357xfxaQjiHMCQwPWgvERNvurO2GDceO1XUMd2iVG9OEzUPYH1gZ%2FRN8wTSbU%2BpDLtlIim7914jpEJtn%2F3MQzeIKTmojwVe7N42V4tYYP87UpEjNIuNbr4VsK5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a252b9bef788145-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
styles.css
ngaburimiijetes.al/wp-includes/IXXR/cache/ 		391 B
593 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ngaburimiijetes.al/wp-includes/IXXR/cache/styles.css
Requested by
Host: ngaburimiijetes.al
URL: https://ngaburimiijetes.al/wp-includes/IXXR/of8gljniysafob5jatbytduszt.php?0=&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.47.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93082477bd2c2df0beea88069c94ad0f95d9be83d44612d06ba3f7b875650033

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ngaburimiijetes.al/wp-includes/IXXR/of8gljniysafob5jatbytduszt.php?0=&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 22:03:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Wed, 21 Aug 2019 21:35:10 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=474
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6U5o8gbpT8cbHI8h8zeccMC0W48Qm320fYk5GkDGRnFb%2FYn7nRELKdzBEVd1tHSp1y2Z7ehm6v656QNHmDLghbl13E8YeLi6lCLy5kO1bFepWzDdnP4HWgYDIrPEhA56XjK4lk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a252b9bef7a8145-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rocket-loader.min.js
ngaburimiijetes.al/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ngaburimiijetes.al/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: ngaburimiijetes.al
URL: https://ngaburimiijetes.al/wp-includes/IXXR/of8gljniysafob5jatbytduszt.php?0=&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.47.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ngaburimiijetes.al/wp-includes/IXXR/of8gljniysafob5jatbytduszt.php?0=&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 22:03:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Feb 2023 18:28:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63fe47b5-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOCY%2BsklFUi%2Bsqnv303S1SqCKVnNvb7DDMx62SJVo%2FHGLzIR%2B3VoSwOVqnsCNW1%2FUaT5VVL7GrPGNPiC3dF7baxrOBnjPm%2B%2Basd8eoASiNfkGWmio6dzfEBKX2oQI3W4BkXbXN8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7a252b9bff818145-NRT
expires
Sun, 05 Mar 2023 22:03:35 GMT
css
fonts.googleapis.com/ 		2 KB
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway
Requested by
Host: ngaburimiijetes.al
URL: https://ngaburimiijetes.al/wp-includes/IXXR/cache/background_styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.174.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s28-in-f10.1e100.net
Software
ESF /
Resource Hash
7d3b9b124ab86b33b4c72d29ceca9c5a56e5205e546394f55e1ca7fac57d58d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ngaburimiijetes.al/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Mar 2023 22:03:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 21:40:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Mar 2023 22:03:36 GMT
script.js
ngaburimiijetes.al/wp-includes/IXXR/cache/ 		258 B
483 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ngaburimiijetes.al/wp-includes/IXXR/cache/script.js
Requested by
Host: ngaburimiijetes.al
URL: https://ngaburimiijetes.al/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.47.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfb37dea37d0e48711c8f5c2249d57276a9c599c7097dab5aae1fe607b778b66

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ngaburimiijetes.al/wp-includes/IXXR/of8gljniysafob5jatbytduszt.php?0=&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 22:03:37 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Wed, 21 Aug 2019 16:07:04 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=280
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxQM5kUy4yGkQme2RrOzwJPrAd7ofofofmxTFghTP3g1TWSTexafhGNZ57f6t2a7Ir6YObCJdco6HM0ttVJcI9G5%2BXwXFZ9EofnR%2FYcXuS79c3NqAcCyQ7O6eL1YrKjPZ4EXoIo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a252ba27a278145-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bgr.jpg
ngaburimiijetes.al/wp-includes/IXXR/cache/ 		244 KB
245 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngaburimiijetes.al/wp-includes/IXXR/cache/bgr.jpg
Requested by
Host: ngaburimiijetes.al
URL: https://ngaburimiijetes.al/wp-includes/IXXR/cache/background_styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.47.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae3ca3cd183c8dfe9acdf92751d544555cb50b5e2f3adfdd57edb1ba9a6250a4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ngaburimiijetes.al/wp-includes/IXXR/cache/background_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 22:03:37 GMT
cf-cache-status
MISS
last-modified
Wed, 21 Aug 2019 21:25:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQ23EcO6GYnVN%2B4yhVoQTzLpaa278wmAGu3nHy6dPGp3IQGLUQdQeRpRVsONsytdETyvdQkTusS1k9TDUhy9t0hTKIdXoJVOtyqOLOz%2FOyxY17E9jIUBYAvo4J7EaPSZPrWowrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a252ba2ca478145-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
250191
Technology-Bold.ttf
ngaburimiijetes.al/wp-includes/IXXR/cache/ 		40 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ngaburimiijetes.al/wp-includes/IXXR/cache/Technology-Bold.ttf
Requested by
Host: ngaburimiijetes.al
URL: https://ngaburimiijetes.al/wp-includes/IXXR/cache/background_styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.47.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0820a01e8be18589121c87e194a0f23f631ad9da45637c4719d218f5d124bf5

Request headers

Referer
https://ngaburimiijetes.al/wp-includes/IXXR/cache/background_styles.css
Origin
https://ngaburimiijetes.al
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 22:03:37 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 18 Dec 2018 23:23:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVC8SKLJBYGNoFMaFvfFAO2%2Fautfx20PcglQls9eLdG6Sqw0a1tzLELBdLgS4SSktQYvNy6Rqs8NeBJnKL2aboQ6o5JiFCjp9MKXnBzfCO4kCjaKhnYcjGa71ioZGxYZMG3gMb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
max-age=14400
cf-ray
7a252ba2ca468145-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v28/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f3.1e100.net
Software
sffe /
Resource Hash
c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ngaburimiijetes.al
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 21:44:13 GMT
x-content-type-options
nosniff
age
346764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21280
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:57:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Feb 2024 21:44:13 GMT
load.php
ngaburimiijetes.al/wp-includes/IXXR/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ngaburimiijetes.al
URL
https://ngaburimiijetes.al/wp-includes/IXXR/load.php?0=&guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENc

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| __cfQR boolean| __cfRLUnblockHandlers

1 Cookies

Domain/Path Name / Value
ngaburimiijetes.al/ Name: PHPSESSID
Value: 56b0c5d1d17981862d5c05a8b371d7c3