urlscan.io logo urlscan.io
SecurityTrails logo

ztm.famuzo.com Open in urlscan Pro
173.236.35.187  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://itax.topappformobile.com/
Effective URL: https://ztm.famuzo.com/?utm_term=7050103763163414533&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb888...
Submission Tags: @phishunt_io
Submission: On January 06 via api from DE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 5 domains to perform 5 HTTP transactions. The main IP is 173.236.35.187, located in United States and belongs to SINGLEHOP-LLC, US. The main domain is ztm.famuzo.com. The Cisco Umbrella rank of the primary domain is 153137.
TLS certificate: Issued by R3 on November 4th 2021. Valid for: 3 months.
This is the only time ztm.famuzo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.68.82.147 16276 (OVH)
1 1 213.227.134.196 60781 (LEASEWEB-...)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 173.236.35.187 32475 (SINGLEHOP...)
5 3
1    51.68.82.147 (France)

ASN16276 (OVH, FR)
itax.topappformobile.com
1    213.227.134.196 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
admoustache.go2affise.com
2    2606:4700:e0::ac40:601d (United States)

ASN13335 (CLOUDFLARENET, US)
grix.tanfanatu.com
1    2606:4700:3037::ac43:8be2 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
2    173.236.35.187 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
ztm.famuzo.com
Apex Domain
Subdomains		 Transfer
2 famuzo.com
ztm.famuzo.com — Cisco Umbrella Rank: 153137
2 KB
2 tanfanatu.com
grix.tanfanatu.com — Cisco Umbrella Rank: 160498
17 KB
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 280337
1 KB
1 go2affise.com
admoustache.go2affise.com — Cisco Umbrella Rank: 110951
211 B
1 topappformobile.com
itax.topappformobile.com
268 B
5 5
Domain Requested by
2 ztm.famuzo.com grix.tanfanatu.com
ztm.famuzo.com
2 grix.tanfanatu.com grix.tanfanatu.com
1 cdn.addlnk.com grix.tanfanatu.com
1 admoustache.go2affise.com 1 redirects
1 itax.topappformobile.com 1 redirects
5 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-28 -
2022-05-27		 a year crt.sh
ztm.famuzo.com
R3		 2021-11-04 -
2022-02-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ztm.famuzo.com/?utm_term=7050103763163414533&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbd81b3c5b1c3b7b484bcbbb889bfbdbcbd82b380b18687b5859a9bf4f8f0fbeffef3e3f5bce6e5fdf88b9991e9dfefab828d848c84c6ae8a86d4fbcacdfecdc8fdf2f384838392f4f5fbcbf9fffeffccfcf0f3f0c1c6c7c406
Frame ID: A49C65BAA0945139A8CD94925276FE7C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. https://itax.topappformobile.com/ HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=1 HTTP 302
    https://grix.tanfanatu.com/rc/a91581ead4?affclick=61d70004a701c000014fd2ca&pubid=503 Page URL
  2. https://ztm.famuzo.com/?utm_medium=fe09ffb655aedcdb64c9448c5aef6d1305e390b7&utm_campaign=mainstream... Page URL
  3. https://ztm.famuzo.com/?utm_term=7050103763163414533&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL

Page Statistics

5
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

21 kB
Transfer

52 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://itax.topappformobile.com/ HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=1 HTTP 302
    https://grix.tanfanatu.com/rc/a91581ead4?affclick=61d70004a701c000014fd2ca&pubid=503 Page URL
  2. https://ztm.famuzo.com/?utm_medium=fe09ffb655aedcdb64c9448c5aef6d1305e390b7&utm_campaign=mainstream_redirect&1=8fe20426&2=503&cid=pub479ef08ee1414c71a42d2383494dff65 Page URL
  3. https://ztm.famuzo.com/?utm_term=7050103763163414533&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbd81b3c5b1c3b7b484bcbbb889bfbdbcbd82b380b18687b5859a9bf4f8f0fbeffef3e3f5bce6e5fdf88b9991e9dfefab828d848c84c6ae8a86d4fbcacdfecdc8fdf2f384838392f4f5fbcbf9fffeffccfcf0f3f0c1c6c7c406 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://itax.topappformobile.com/ HTTP 302
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=1 HTTP 302
  • https://grix.tanfanatu.com/rc/a91581ead4?affclick=61d70004a701c000014fd2ca&pubid=503

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
a91581ead4
grix.tanfanatu.com/rc/
Redirect Chain
  • https://itax.topappformobile.com/
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=1
  • https://grix.tanfanatu.com/rc/a91581ead4?affclick=61d70004a701c000014fd2ca&pubid=503
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grix.tanfanatu.com/rc/a91581ead4?affclick=61d70004a701c000014fd2ca&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:601d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107cdcec99f322aba021a59cec0f4aee64af90d0b3bb5cb5799fd7873cdcbe44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

date
Thu, 06 Jan 2022 14:43:16 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding, Accept-Language, Cookie
content-language
en-us
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKXgRYXvNAbAWUhvhOF1466optCn5W8K8Wtq6JmW%2FQHR703ZiAIETyD7K4VL7hsAk5FQ8SjB8RCR2Hrt0vxVLTDD%2F0bguEc4bpitNlm4sv9JWX%2F0D1EbShu64MoO5fDKR9Xgc0VpKDRoNchZ6xozmvY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c95b7bb7f9d402b-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server
nginx
date
Thu, 06 Jan 2022 14:43:16 GMT
content-length
0
location
https://grix.tanfanatu.com/rc/a91581ead4?affclick=61d70004a701c000014fd2ca&pubid=503
access-control-allow-origin
*
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: grix.tanfanatu.com
URL: https://grix.tanfanatu.com/rc/a91581ead4?affclick=61d70004a701c000014fd2ca&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 14:43:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
884
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
BXDDQJVSN78V2JXD
x-amz-id-2
U2ZnM+Rl+EUrl5rmTvWiyw6C2/8A7en8VmfnziFQRVQkVvO9OalNpFcmhnOFjcmhlQbLmWWWX+Q=
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rqc44jkTVkFH2CecdnDWl8Ga7xzuBwSybtb8LyDplg5UsWG%2BRsuF8qQZOqRCyo2020%2FPsJ0zRM%2BfVwSPMYuRnipdQ3muIBmJh2JTxslbz%2BoTguP0n5iA2sDdUVTRUWd1zgA8tNBQzTslMykWRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
6c95b7bc7c7eee64-CDG
cf-bgj
minify
invisible.js
grix.tanfanatu.com/cdn-cgi/challenge-platform/h/g/scripts/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grix.tanfanatu.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by
Host: grix.tanfanatu.com
URL: https://grix.tanfanatu.com/rc/a91581ead4?affclick=61d70004a701c000014fd2ca&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:601d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560be35859ece08770525cc0949a5866cc3d2760f0f1ccaf1db6e11fec7ff2fb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 14:43:16 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5qGsvZvzejTYMPgDwjPdeJJGEtRfh81vmJ76wg7ARCAu3F50i3ch5vKsYvp7DDfpGIJC97AY4CV7f01ounBXX9OIlTyCYHJTcm7buzLLfwVnElYsLSw4BtEkDTCpSPoeIbSdrKRBkBKPKNGLIeWCBc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6c95b7bc2932402b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
ztm.famuzo.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ztm.famuzo.com/?utm_medium=fe09ffb655aedcdb64c9448c5aef6d1305e390b7&utm_campaign=mainstream_redirect&1=8fe20426&2=503&cid=pub479ef08ee1414c71a42d2383494dff65
Requested by
Host: grix.tanfanatu.com
URL: https://grix.tanfanatu.com/rc/a91581ead4?affclick=61d70004a701c000014fd2ca&pubid=503
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.35.187 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.0.11
Resource Hash
050d9a981c00393a43cc356bb27b73eb18393f714025e5b7ef010bae8ed6c984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

server
nginx
date
Thu, 06 Jan 2022 14:43:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/8.0.11
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
Primary Request /
ztm.famuzo.com/ 		726 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ztm.famuzo.com/?utm_term=7050103763163414533&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbd81b3c5b1c3b7b484bcbbb889bfbdbcbd82b380b18687b5859a9bf4f8f0fbeffef3e3f5bce6e5fdf88b9991e9dfefab828d848c84c6ae8a86d4fbcacdfecdc8fdf2f384838392f4f5fbcbf9fffeffccfcf0f3f0c1c6c7c406
Requested by
Host: ztm.famuzo.com
URL: https://ztm.famuzo.com/?utm_medium=fe09ffb655aedcdb64c9448c5aef6d1305e390b7&utm_campaign=mainstream_redirect&1=8fe20426&2=503&cid=pub479ef08ee1414c71a42d2383494dff65
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.35.187 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.0.11
Resource Hash
ad83065ec2940a235278d54e6f46c190623e00d7997e7fb2c48415b91c2d543d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://ztm.famuzo.com/?utm_medium=fe09ffb655aedcdb64c9448c5aef6d1305e390b7&utm_campaign=mainstream_redirect&1=8fe20426&2=503&cid=pub479ef08ee1414c71a42d2383494dff65

Response headers

server
nginx
date
Thu, 06 Jan 2022 14:43:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/8.0.11
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange function| next

3 Cookies

Domain/Path Name / Value
admoustache.go2affise.com/ Name: afclick
Value: 61d70004a701c000014fd2ca
grix.tanfanatu.com/ Name: AWSALB
Value: YIBE6jPa0b2ytbNucYyALnTiL1tGQXysyNnEk2Veo8hhXCRCx+61MMlzSezyNtQgXcZe71e1YT0xkAfV9MeR0l0JB1CqqkZIHrGq2Ev0aAlq8W4yisYA/PMa2R4w
ztm.famuzo.com/ Name: u
Value: e914e81b8a51b2a5493c24b0d62282de