tejotu.swiftfrontiershq.com Open in urlscan Pro
104.21.92.68 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sender10.zohoinsights-crm.com/ck1/2d6f.327230a/9b196900-82fb-11ee-a3b3-52540064429e/49c32cb9fca137f096c931b338c6e02f757e5518/1...
Effective URL:
https://tejotu.swiftfrontiershq.com/wujeri/hunohuyo/cacu/index.php?rpclk=tBkOOyjcpROqFHBaa7SylOgSNFHTwhsz%2BIzDrOGBrbnHVmgdGRSTCIJpm...
Submission: On December 07 via api (December 7th 2023, 1:40:43 pm UTC) from GB — Scanned from GB

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 47 HTTP transactions. The main IP is 104.21.92.68, located in and belongs to CLOUDFLARENET, US. The main domain is tejotu.swiftfrontiershq.com.
TLS certificate: Issued by GTS CA 1P5 on November 12th 2023. Valid for: 3 months.

This is the only time tejotu.swiftfrontiershq.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	136.143.190.89 136.143.190.89	2639 (ZOHO-AS) (ZOHO-AS)
1 18	81.7.3.148 81.7.3.148	35366 (ISPPRO-AS...) (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
1 1	193.106.249.72 193.106.249.72	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
1 3	104.21.77.110 104.21.77.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.187.162 172.67.187.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.92.68 104.21.92.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2606:4700:303... 2606:4700:3036::6815:5c44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.141.13 172.64.141.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	() ()
1	172.64.100.6 172.64.100.6	() ()
47	8

1 136.143.190.89 (United States) 1 redirects

ASN2639 (ZOHO-AS, US)
PTR: sender3.zohoinsights-crm.com

sender10.zohoinsights-crm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 81.7.3.148 (Germany) 1 redirects

ASN35366 (ISPPRO-AS ISPPRO-AS covers the networks of ISPpro, DE)
PTR: Redirect-01.localhost

mistfabulous.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.249.72 (Frankfurt am Main, Germany) 1 redirects

ASN63023 (AS-GLOBALTELEHOST, US)

www.desiresafe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.77.110 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t3.vitalitysurgehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.187.162 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tejotu.swiftfrontiershq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.92.68 (None, )

ASN13335 (CLOUDFLARENET, US)

tejotu.swiftfrontiershq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3036::6815:5c44 (United States)

ASN13335 (CLOUDFLARENET, US)

tejotu.swiftfrontiershq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.141.13 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (None, )

ASN- ()

quantumsurge.sc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.100.6 (None, )

ASN- ()

pushrev.neptuneadspush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	swiftfrontiershq.com 1 redirects tejotu.swiftfrontiershq.com	869 KB
18	mistfabulous.com 1 redirects mistfabulous.com	333 KB
3	vitalitysurgehq.com 1 redirects t3.vitalitysurgehq.com	18 KB
1	neptuneadspush.com pushrev.neptuneadspush.com	8 KB
1	quantumsurge.sc quantumsurge.sc	644 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	426 KB
1	desiresafe.com 1 redirects www.desiresafe.com	679 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	zohoinsights-crm.com 1 redirects sender10.zohoinsights-crm.com	550 B
47	9

	Domain	Requested by
25	tejotu.swiftfrontiershq.com	1 redirects t3.vitalitysurgehq.com tejotu.swiftfrontiershq.com
18	mistfabulous.com	1 redirects mistfabulous.com
3	t3.vitalitysurgehq.com	1 redirects mistfabulous.com t3.vitalitysurgehq.com
1	pushrev.neptuneadspush.com	tejotu.swiftfrontiershq.com
1	quantumsurge.sc	tejotu.swiftfrontiershq.com
1	use.fontawesome.com	tejotu.swiftfrontiershq.com
1	www.desiresafe.com	1 redirects
1	fonts.googleapis.com	mistfabulous.com
1	sender10.zohoinsights-crm.com	1 redirects
47	9

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
swiftfrontiershq.com GTS CA 1P5	`2023-11-12` - `2024-02-10`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
quantumsurge.sc GTS CA 1P5	`2023-10-15` - `2024-01-13`	3 months	crt.sh
neptuneadspush.com E1	`2023-12-02` - `2024-03-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tejotu.swiftfrontiershq.com/wujeri/hunohuyo/cacu/index.php?rpclk=tBkOOyjcpROqFHBaa7SylOgSNFHTwhsz%2BIzDrOGBrbnHVmgdGRSTCIJpmx1qE%2Bu65ruiFv18YcK5Mzxs%2FTIgDAs%2FdEHTvFJRa%2FmQcGq88l515Z7r9r3GOm95I10KFqYDpv1IM8cF6qEpY6te6ubL4yqeANGZ6bEQEarwVX7ULUMKNiz4%2FgdwelvRHEbPW7cs6xuDEKDpEbDHmnjUmB1otn0K9eOsMXXdXctKjEEmhgzlQWWKhaPt%2BTZmPdsi0Io6zSgPlj7PPFLeW55l%2B929i%2FwxR7%2FOfyxNAHrbLlVIbMaOl%2BkpAjyC2Y1oO6LzWoXcymbTg0A1ijRhxarhMwfJWAy8ys0eOT7FGMXvq2bdzrW6FAnVDc1TFZC2FOuXU4gLN7KQ1EFoREug%2BFcEOqsDx4Ok4r9XnI5hpjBHBoAmceZ47cG23KGIiIs1lmFFquA1nKZf4uUn73PtPTPZgUv%2F8D%2BzhP4uYmNrX1VUKOTk3uSLGi6uhfj%2FZkuzY2GlmQzgncqi8%2FbZ9%2BPC%2Bq8pyAW5u3O%2BBt%2FvkZnSDuVHfAVgi89ESZcr0nRezW68WIx18u6etu6lKQMTlrZTIqiKXX0ZtjBaNOIUwddki25tFNqsHG3TV56Zlv8YUEKkQzm7TkvkFQql9FYH96S9UioNlOtzVVZn2Gb04iUog4GV6UsBl9vECwydQ5UQ1lToqRjyBam3tBRDD1GqpObr0EtvBLD1RzZCQhWx%2FDKYwMw3YdcnQQ8mUfcJs9Y0S6Djen2OlUmOGl2b8F1dGY8tiruL28xANmBQ06qfUaow8swD75bPZEYfrh2PWmI2DRpiFFGR9FlOFt8SxTzk84sET9lmkXBj%2FaJYzWu3ZRXWZZdLAk89QEU5xYF9Faft4iOhTUJSl64tnfsyTRl07SdfWjZBH6wUZoRV3zAlrE9VGaiFsqYr6u8OU67ksmuME1Y9igGl7NGxCTbPRopgLZZWsE%2FdGa%2F4DcPMnBaxsfZpT8GoohN1Cqgzl3EM%2BqGvb6B0521d%2Fn3Fx3qiCZVe6TYVMDCHEC%2B2N5NtbvN3E4hM0r0n7ygQsd3YQR8Aqn4%2BdSCJtur9F%2FSNA7Chf9xUCoG2GGbDb2wdJPh9Kx7Wh55AJzhxmuzB69tlHCiyQRCM7HWed25%2FeymSaIEeloy1IAIYCLWxplZ4XzLZiC%2BcYdpJEOPK7ieK5dK%2F87uxVQmjwxU11YcqbGbLG8ox4MYt6sE%2FMq3yXlOB2G9ou%2B7J9kgvYvr7xmwBzcPCKmsTtsaSos9uQh9B0HbKFIaT1crtqWFDl1LEz%2B2wjmqNTgv8L%2BMyn14vqdw%2FN8dXDygOLIQlcYkWe8RBcSBGgCsZkT5wjoCkSJ7Y09mytny8PEMDOQd2lUliGwLV2QhiHqIybN%2F3RVaiXlAtYbCsEpdYpygJrhNHGjT385NKh4vOtb2p8kMS6Uw39G6xQDFFRhl6w7n35%2B0m9Ny8xJOdEZ6nlZm4ccn%2FIPXvYrEoZUuyaT22L5pWlKlZx%2BroQQDQXdDjmkFLP2pXeGqSQEvyc%2BSgtdsRVU8oT4NvPAj34NYiqzI8e0lZ%2F9PhvssxzWllXoL2jiM8vXOzVBN3P64pYVPCtP%2FbAR9uDQdvZQeT22R2x15rRHTeO2S5koccwirgTvza4MbI9zK%2BuytRLxJdX8PIsjyJ8GFcYxEAx25KPW6mMWMmv2wXHx4br1VBmODmv%2BITJrNMt9pvV9g%3D%3A%3A3ea546d07bf53c6f4f3064d0cb26b284&p=W5qz3Rvc9Tb7SDQyTKpqdzQuHA%3D%3D%3A%3A50f00b3aa6a5e93a8fff7e0a7d2c5d49
Frame ID: C6C226EA96F2A7108E8ADB475DF81002
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Survey Rewards

Page URL History Show full URLs

https://sender10.zohoinsights-crm.com/ck1/2d6f.327230a/9b196900-82fb-11ee-a3b3-52540064429e/49c32cb9fca137f096c931... HTTP 302
http://mistfabulous.com/ Page URL
http://mistfabulous.com/?act=cl&pid=8999_pd&uid=30&vid=1767851&ofid=1734&lid=401&cid=332017 HTTP 302
https://www.desiresafe.com/727ZZ6P/26B1422K?sub1=iltc_30&sub2=8999_13&sub3=401_332017_1767851_7765766_pd HTTP 302
http://t3.vitalitysurgehq.com/aff_c?offer_id=733&aff_id=1730&aff_sub=uk-tepall&aff_click_id=2af677c1a48c47... Page URL
https://t3.vitalitysurgehq.com/aff_c?offer_id=733&aff_id=1730&aff_sub=uk-tepall&aff_click_id=2af677c1a48c47... HTTP 302
http://tejotu.swiftfrontiershq.com/fclkv2/uk-tepall/?cc=uk&c=%7C733&clickid=wu0j5d0mi8jgaditid9u9fdo&id=wu0j5d0... HTTP 302
https://tejotu.swiftfrontiershq.com/wujeri/hunohuyo/cacu/index.php Page URL
https://tejotu.swiftfrontiershq.com/wujeri/hunohuyo/cacu/index.php?rpclk=tBkOOyjcpROqFHBaa7SylOgSNFHTwhsz%2BIzDr... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

47
Requests

60 %
HTTPS

9 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

1650 kB
Transfer

3382 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sender10.zohoinsights-crm.com/ck1/2d6f.327230a/9b196900-82fb-11ee-a3b3-52540064429e/49c32cb9fca137f096c931b338c6e02f757e5518/1?e=l0LCcLkEWqspdxX0mkdj%2FnR5lmG4ZKOCVQu86Ou5q2A%3D HTTP 302
http://mistfabulous.com/ Page URL
http://mistfabulous.com/?act=cl&pid=8999_pd&uid=30&vid=1767851&ofid=1734&lid=401&cid=332017 HTTP 302
https://www.desiresafe.com/727ZZ6P/26B1422K?sub1=iltc_30&sub2=8999_13&sub3=401_332017_1767851_7765766_pd HTTP 302
http://t3.vitalitysurgehq.com/aff_c?offer_id=733&aff_id=1730&aff_sub=uk-tepall&aff_click_id=2af677c1a48c47e2b2ec48398b69b797&aff_sub2=3728 Page URL
https://t3.vitalitysurgehq.com/aff_c?offer_id=733&aff_id=1730&aff_sub=uk-tepall&aff_click_id=2af677c1a48c47e2b2ec48398b69b797&aff_sub2=3728&view=ec7bffeef5fed2202e20be3a8c503f61_0 HTTP 302
http://tejotu.swiftfrontiershq.com/fclkv2/uk-tepall/?cc=uk&c=%7C733&clickid=wu0j5d0mi8jgaditid9u9fdo&id=wu0j5d0mi8jgaditid9u9fdo&k=uk-tepall&s=1730&src=&lpc=1701956439358&region=Manchester&privacy=1&cep=0Py1vKKZlArgBMTTI8IEdS65j2ZUAJXKco8WFfSNQT-SSiAju-ztT0mfKoh_j10soCr2bRrquKlZjOayXqZbNveUGs9USYAueH8_bvlT4fwabMIDhuclk377UO6GRbW7sL25wI52YFAHIdrwusKoS3GeUKEXkw_4eLnOjAcGNz-Z-rpTSdtsM9zDNcDQowgFyhia0gQDp66bvOsrx1g_GF0o_y8O0BBesrj4Y1aAIrYKpjenxzW9mmrTCgzGi1q2QpozapCpeMRcGJN8H0jBD1V1ZBgHYjBV2A0Bn__yHAd5Uks0WS-o2WdklNBKTnedArKj6DeHlAB56O2aFGBXUyIxZPKLjO95SkLXGxWLH5LAJEYVjChVjiP55g2gCX90n-ZkPAbByh8YdcJ1XAw89T_01UW2L26EImnCndNPRctu71mrf6okcH6OPwgRSSLNIYvyobJFuFXlJ3R2OIQpbdGXk1Z1G7u4Ec_FcXN7aqm96u5DHr6q43ycJGiiXE1y25UQ10Da-VtXqo0YjRPQONwwIhWG7OHdNuIQSIrfWYxiBx34XGPpkmFLTBDd23-duXpwmBKi_kSw8NLYUQEBpDPVpJ8LBbAhfgq6eHGoW7nBK7cSyTLvckhonnJrwyDXF8lBG9ejtao4paextzzpBQcuauClZZgqZrfoPLx8iL0&lptoken=174d01c195f282bd3992&offer_id=733&keyword=uk-tepall&source=&affiliate_id=1730&aff_sub2=3728&aff_sub3=&aff_sub4=&aff_sub5=&aff_id=push_aff_id&vid=OS100&cpc=0.0&modifier=&view=ec7bffeef5fed2202e20be3a8c503f61_0&tracker=surfadvance.com&oho=t3.vitalitysurgehq.com&ptf=3725d816cd83fc0348f5588f8820cf26 HTTP 302
https://tejotu.swiftfrontiershq.com/wujeri/hunohuyo/cacu/index.php Page URL
https://tejotu.swiftfrontiershq.com/wujeri/hunohuyo/cacu/index.php?rpclk=tBkOOyjcpROqFHBaa7SylOgSNFHTwhsz%2BIzDrOGBrbnHVmgdGRSTCIJpmx1qE%2Bu65ruiFv18YcK5Mzxs%2FTIgDAs%2FdEHTvFJRa%2FmQcGq88l515Z7r9r3GOm95I10KFqYDpv1IM8cF6qEpY6te6ubL4yqeANGZ6bEQEarwVX7ULUMKNiz4%2FgdwelvRHEbPW7cs6xuDEKDpEbDHmnjUmB1otn0K9eOsMXXdXctKjEEmhgzlQWWKhaPt%2BTZmPdsi0Io6zSgPlj7PPFLeW55l%2B929i%2FwxR7%2FOfyxNAHrbLlVIbMaOl%2BkpAjyC2Y1oO6LzWoXcymbTg0A1ijRhxarhMwfJWAy8ys0eOT7FGMXvq2bdzrW6FAnVDc1TFZC2FOuXU4gLN7KQ1EFoREug%2BFcEOqsDx4Ok4r9XnI5hpjBHBoAmceZ47cG23KGIiIs1lmFFquA1nKZf4uUn73PtPTPZgUv%2F8D%2BzhP4uYmNrX1VUKOTk3uSLGi6uhfj%2FZkuzY2GlmQzgncqi8%2FbZ9%2BPC%2Bq8pyAW5u3O%2BBt%2FvkZnSDuVHfAVgi89ESZcr0nRezW68WIx18u6etu6lKQMTlrZTIqiKXX0ZtjBaNOIUwddki25tFNqsHG3TV56Zlv8YUEKkQzm7TkvkFQql9FYH96S9UioNlOtzVVZn2Gb04iUog4GV6UsBl9vECwydQ5UQ1lToqRjyBam3tBRDD1GqpObr0EtvBLD1RzZCQhWx%2FDKYwMw3YdcnQQ8mUfcJs9Y0S6Djen2OlUmOGl2b8F1dGY8tiruL28xANmBQ06qfUaow8swD75bPZEYfrh2PWmI2DRpiFFGR9FlOFt8SxTzk84sET9lmkXBj%2FaJYzWu3ZRXWZZdLAk89QEU5xYF9Faft4iOhTUJSl64tnfsyTRl07SdfWjZBH6wUZoRV3zAlrE9VGaiFsqYr6u8OU67ksmuME1Y9igGl7NGxCTbPRopgLZZWsE%2FdGa%2F4DcPMnBaxsfZpT8GoohN1Cqgzl3EM%2BqGvb6B0521d%2Fn3Fx3qiCZVe6TYVMDCHEC%2B2N5NtbvN3E4hM0r0n7ygQsd3YQR8Aqn4%2BdSCJtur9F%2FSNA7Chf9xUCoG2GGbDb2wdJPh9Kx7Wh55AJzhxmuzB69tlHCiyQRCM7HWed25%2FeymSaIEeloy1IAIYCLWxplZ4XzLZiC%2BcYdpJEOPK7ieK5dK%2F87uxVQmjwxU11YcqbGbLG8ox4MYt6sE%2FMq3yXlOB2G9ou%2B7J9kgvYvr7xmwBzcPCKmsTtsaSos9uQh9B0HbKFIaT1crtqWFDl1LEz%2B2wjmqNTgv8L%2BMyn14vqdw%2FN8dXDygOLIQlcYkWe8RBcSBGgCsZkT5wjoCkSJ7Y09mytny8PEMDOQd2lUliGwLV2QhiHqIybN%2F3RVaiXlAtYbCsEpdYpygJrhNHGjT385NKh4vOtb2p8kMS6Uw39G6xQDFFRhl6w7n35%2B0m9Ny8xJOdEZ6nlZm4ccn%2FIPXvYrEoZUuyaT22L5pWlKlZx%2BroQQDQXdDjmkFLP2pXeGqSQEvyc%2BSgtdsRVU8oT4NvPAj34NYiqzI8e0lZ%2F9PhvssxzWllXoL2jiM8vXOzVBN3P64pYVPCtP%2FbAR9uDQdvZQeT22R2x15rRHTeO2S5koccwirgTvza4MbI9zK%2BuytRLxJdX8PIsjyJ8GFcYxEAx25KPW6mMWMmv2wXHx4br1VBmODmv%2BITJrNMt9pvV9g%3D%3A%3A3ea546d07bf53c6f4f3064d0cb26b284&p=W5qz3Rvc9Tb7SDQyTKpqdzQuHA%3D%3D%3A%3A50f00b3aa6a5e93a8fff7e0a7d2c5d49 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://sender10.zohoinsights-crm.com/ck1/2d6f.327230a/9b196900-82fb-11ee-a3b3-52540064429e/49c32cb9fca137f096c931b338c6e02f757e5518/1?e=l0LCcLkEWqspdxX0mkdj%2FnR5lmG4ZKOCVQu86Ou5q2A%3D HTTP 302
http://mistfabulous.com/

Request Chain 18

http://mistfabulous.com/?act=cl&pid=8999_pd&uid=30&vid=1767851&ofid=1734&lid=401&cid=332017 HTTP 302
https://www.desiresafe.com/727ZZ6P/26B1422K?sub1=iltc_30&sub2=8999_13&sub3=401_332017_1767851_7765766_pd HTTP 302
http://t3.vitalitysurgehq.com/aff_c?offer_id=733&aff_id=1730&aff_sub=uk-tepall&aff_click_id=2af677c1a48c47e2b2ec48398b69b797&aff_sub2=3728

Request Chain 20

https://t3.vitalitysurgehq.com/aff_c?offer_id=733&aff_id=1730&aff_sub=uk-tepall&aff_click_id=2af677c1a48c47e2b2ec48398b69b797&aff_sub2=3728&view=ec7bffeef5fed2202e20be3a8c503f61_0 HTTP 302
http://tejotu.swiftfrontiershq.com/fclkv2/uk-tepall/?cc=uk&c=%7C733&clickid=wu0j5d0mi8jgaditid9u9fdo&id=wu0j5d0mi8jgaditid9u9fdo&k=uk-tepall&s=1730&src=&lpc=1701956439358&region=Manchester&privacy=1&cep=0Py1vKKZlArgBMTTI8IEdS65j2ZUAJXKco8WFfSNQT-SSiAju-ztT0mfKoh_j10soCr2bRrquKlZjOayXqZbNveUGs9USYAueH8_bvlT4fwabMIDhuclk377UO6GRbW7sL25wI52YFAHIdrwusKoS3GeUKEXkw_4eLnOjAcGNz-Z-rpTSdtsM9zDNcDQowgFyhia0gQDp66bvOsrx1g_GF0o_y8O0BBesrj4Y1aAIrYKpjenxzW9mmrTCgzGi1q2QpozapCpeMRcGJN8H0jBD1V1ZBgHYjBV2A0Bn__yHAd5Uks0WS-o2WdklNBKTnedArKj6DeHlAB56O2aFGBXUyIxZPKLjO95SkLXGxWLH5LAJEYVjChVjiP55g2gCX90n-ZkPAbByh8YdcJ1XAw89T_01UW2L26EImnCndNPRctu71mrf6okcH6OPwgRSSLNIYvyobJFuFXlJ3R2OIQpbdGXk1Z1G7u4Ec_FcXN7aqm96u5DHr6q43ycJGiiXE1y25UQ10Da-VtXqo0YjRPQONwwIhWG7OHdNuIQSIrfWYxiBx34XGPpkmFLTBDd23-duXpwmBKi_kSw8NLYUQEBpDPVpJ8LBbAhfgq6eHGoW7nBK7cSyTLvckhonnJrwyDXF8lBG9ejtao4paextzzpBQcuauClZZgqZrfoPLx8iL0&lptoken=174d01c195f282bd3992&offer_id=733&keyword=uk-tepall&source=&affiliate_id=1730&aff_sub2=3728&aff_sub3=&aff_sub4=&aff_sub5=&aff_id=push_aff_id&vid=OS100&cpc=0.0&modifier=&view=ec7bffeef5fed2202e20be3a8c503f61_0&tracker=surfadvance.com&oho=t3.vitalitysurgehq.com&ptf=3725d816cd83fc0348f5588f8820cf26 HTTP 302
https://tejotu.swiftfrontiershq.com/wujeri/hunohuyo/cacu/index.php

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
mistfabulous.com/
Redirect Chain

https://sender10.zohoinsights-crm.com/ck1/2d6f.327230a/9b196900-82fb-11ee-a3b3-52540064429e/49c32cb9fca137f096c931b338c6e02f757e5518/1?e=l0LCcLkEWqspdxX0mkdj%2FnR5lmG4ZKOCVQu86Ou5q2A%3D
http://mistfabulous.com/

27 KB
28 KB

149ms
133ms

Document
text/html

81.7.3.148
ISPPRO-AS ISPPRO-...

General

Domain/Path	Expires	Name / Value
sender10.zohoinsights-crm.com/	1969-12-31 23:59:59	Name: 8a231755c9 Value: 31a2ce54685c927afdcdaeb4c1559997
sender10.zohoinsights-crm.com/	1969-12-31 23:59:59	Name: tm_csrf_cookie Value: 15471aaf-ef6f-4fdf-9d41-ab74aeeb8adf
sender10.zohoinsights-crm.com/	1969-12-31 23:59:59	Name: _zcsr_tmp Value: 15471aaf-ef6f-4fdf-9d41-ab74aeeb8adf
t3.vitalitysurgehq.com/	1969-12-31 23:59:59	Name: C Value: 3725d816cd83fc0348f5588f8820cf26
t3.vitalitysurgehq.com/	1970-01-20 16:47:22	Name: 95b7e0d7-ea25-4329-8b18-af5f4ee20a30-v4 Value: mGPgNDun2mpZ68JXeGGbj-5lB4f_aYhrtg_H_bsSSzA
t3.vitalitysurgehq.com/	1970-01-20 16:47:22	Name: cep-v4 Value: 2HeABWo01R9F6kqd6LoBeg_TxmIZgX6ZE-HCE3ovaVNG-209UyA2tF5pPynVb7_Q7-nGIeJvXhReIPD83F0WHT-NEcK7n5MbOLiVrmRYReEEM0A68qsFvNh60h4UWp9YRAVVtju5sqR26mhrwooMvnvmyE100hAe5B-hdxpbPqeKiYsYsFuj-_gQzH5LsRuDeAJYZMmuCiRN6tFdVlJiwKw1udgEw9ww9bv1wbwAEbJeRJdHu72o9YLSRhUQOOspM_Ds2XD5dnOYVOr1aPlLHMLLoJhpxCtdETJPJzl8vVMVK7730qh6U7JFScx2CZqUS44s5V64-rY0KXUiyCs5XomMe3IyXPomZZdV3rdvDXU0f9vQQ-gYm5pguU5KWpfqaci8tgxbq7aSqJwBusElA3WmoFk8nDO6PhUvZULTunz3yhWL5RklWdgegID4eYNvKQrZEWdEif9hBoaKhkSOGeTVgyUKRD56Q7NtCQK1wnPfIsaGWwzaZ6B-_j5utjzzcbMeNnh5wj1ZbnIawt_KTnwwuAqLSIwTiEFs9GYOE3CME1_hpr7xV9WZ7xMrRA6mkanJ0SkxJGPN8Dr16t1AWXa-S89p2yc9jYgUT1CsxZ6MpH03dR7ixtTPgUimhUyYYCseUHMHGcI1TR37dQZB0ZsZfJM84Ud6vxgf_4yWZUA
tejotu.swiftfrontiershq.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 44attf8opcj1k2aqe6h99hn6uk

tejotu.swiftfrontiershq.com Open in urlscan Pro 104.21.92.68 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

60 %HTTPS

9 %IPv6

9 Domains

9 Subdomains

8 IPs

3 Countries

1650 kBTransfer

3382 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tejotu.swiftfrontiershq.com Open in urlscan Pro
104.21.92.68 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

60 %
HTTPS

9 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

1650 kB
Transfer

3382 kB
Size

7
Cookies

47 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!