try.swipos.com Open in urlscan Pro
139.59.22.81 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://latulipefood.ci/ve.html
Effective URL:
https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyo...
Submission: On August 04 via manual (August 4th 2022, 7:39:32 am UTC) from IN — Scanned from FR

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 22 HTTP transactions. The main IP is 139.59.22.81, located in Bengaluru, India and belongs to DIGITALOCEAN-ASN, US. The main domain is try.swipos.com.
TLS certificate: Issued by R3 on July 1st 2022. Valid for: 3 months.

This is the only time try.swipos.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canadian Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1	185.26.107.139 185.26.107.139	24935 (ATE-AS) (ATE-AS)
14	139.59.22.81 139.59.22.81	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.89.99.21 51.89.99.21	16276 (OVH) (OVH)
1	67.202.114.216 67.202.114.216	32748 (STEADFAST) (STEADFAST)
1	172.64.151.83 172.64.151.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	7

1 185.26.107.139 (France)

ASN24935 (ATE-AS, FR)

latulipefood.ci	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 139.59.22.81 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)

try.swipos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.99.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3163187.ip-51-89-99.eu

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.114.216 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.83 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	swipos.com try.swipos.com	156 KB
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 14311	3 KB
1	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 9616 ic.tynt.com Failed de.tynt.com Failed	7 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 15722	145 B
1	waust.at waust.at — Cisco Umbrella Rank: 41038	7 KB
1	latulipefood.ci latulipefood.ci	340 B
22	6

	Domain	Requested by
14	try.swipos.com	try.swipos.com
2	t.dtscout.com	waust.at t.dtscout.com
1	cdn.tynt.com	waust.at
1	whos.amung.us	waust.at
1	waust.at	try.swipos.com
1	latulipefood.ci
0	de.tynt.com Failed	cdn.tynt.com
0	ic.tynt.com Failed
22	8

This site contains links to these domains. Also see Links.

Domain
whos.amung.us

Subject Issuer	Validity	Valid
latulipefood.ci R3	`2022-06-29` - `2022-09-27`	3 months	crt.sh
try.swipos.com R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-04`	a year	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF
Frame ID: E612FCEEEA64AB80DAC9152D6F3B8020
Requests: 21 HTTP requests in this frame

Frame: https://try.swipos.com/cra_ca_service/door/wmms-blk.svg
Frame ID: D4606FD15F50A246CB6D09C3A87BBB69
Requests: 1 HTTP requests in this frame

Frame: https://try.swipos.com/cra_ca_service/door/sig-blk-en.svg
Frame ID: 82A0A152F24355975860CB9F24E2E544
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Step 1: Start your claim - Canadian Revenue Agency

Page URL History Show full URLs

https://latulipefood.ci/ve.html Page URL
https://try.swipos.com/cra_ca_service/ Page URL
https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

22
Requests

91 %
HTTPS

17 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

173 kB
Transfer

725 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://whos.amung.us/stats/u1yub7c0a9/
Title: 1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://latulipefood.ci/ve.html Page URL
https://try.swipos.com/cra_ca_service/ Page URL
https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ve.html Show response
latulipefood.ci/ 102 B
340 B 297ms
15ms Document
text/html 185.26.107.139
ATE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://latulipefood.ci/ve.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.26.107.139 , France, ASN24935 (ATE-AS, FR),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 75940f130c38a1a4117186f2af7d6a6b18dfdf162a60449c9958576c0f9bb052

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 113
content-type: text/html
date: Thu, 04 Aug 2022 07:39:27 GMT
etag: "66-5e55ca29d29be-gzip"
last-modified: Wed, 03 Aug 2022 21:08:31 GMT
server: nginx
vary: Accept-Encoding
x-accel-version: 0.01
x-cache-status: BYPASS
x-powered-by: PleskLin

GET
H2 200 / Show response
try.swipos.com/cra_ca_service/ 161 B
464 B 778ms
375ms Document
text/html 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7866eb67cdd1b14d09d53b21a0a80327be0f6244ef7ccc058995cf80f7a7abac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://latulipefood.ci/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 07:39:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 Primary Request start.php Show response
try.swipos.com/cra_ca_service/ 28 KB
6 KB 155ms
155ms Document
text/html 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f4191127dc4bfce80cc42325b3e19f9d6cb6993b79a8de55baa9fcf01f4968fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://try.swipos.com/cra_ca_service/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 07:39:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 theme.css
try.swipos.com/cra_ca_service/door/ 290 KB
60 KB 315ms
313ms Stylesheet
text/css 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/door/theme.css

Requested by

Host: try.swipos.com
URL: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b9adc9d233ab5f39618b6fa8ff5b5a99aff51fbbe0cc4558e8f5024b15cc1281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Jul 2018 12:54:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5b59c490-486cb"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 theme_002.css
try.swipos.com/cra_ca_service/door/ 28 KB
5 KB 469ms
467ms Stylesheet
text/css 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/door/theme_002.css

Requested by

Host: try.swipos.com
URL: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

41fbb280ed197740a1c526e9619c00510e2b32dcbba016261890c9052d3243de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Jul 2018 12:54:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5b59c492-6fbd"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 font-awesome.css
try.swipos.com/cra_ca_service/door/ 30 KB
7 KB 470ms
468ms Stylesheet
text/css 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/door/font-awesome.css

Requested by

Host: try.swipos.com
URL: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

409431c6d45382c6f353dc8d2dbeff98b90e88c1c728f263e7299d68a55dda53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Jul 2018 12:53:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5b59c43a-78ff"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 jquery.css
try.swipos.com/cra_ca_service/door/ 2 KB
658 B 470ms
468ms Stylesheet
text/css 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/door/jquery.css

Requested by

Host: try.swipos.com
URL: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2cc052d474ce6ee267dd164a839814615a04865b2706d1bc1cb73160c55c549f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Jul 2018 12:36:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5b59c066-636"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 theme-jb.css
try.swipos.com/cra_ca_service/door/ 96 KB
18 KB 470ms
468ms Stylesheet
text/css 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/door/theme-jb.css

Requested by

Host: try.swipos.com
URL: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

840787fa147628e52a9ee2f640e98efdf524beb19bdf532f2d9fed83e494a00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Jul 2018 14:38:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5b59dce0-17fa5"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 typeahead.css
try.swipos.com/cra_ca_service/door/ 2 KB
744 B 470ms
469ms Stylesheet
text/css 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/door/typeahead.css

Requested by

Host: try.swipos.com
URL: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

087280e8c5432abfa73e746559de4572d34263fefac3484f125d09386cb836a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Jul 2018 12:36:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5b59c066-691"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 project-jb-style.css
try.swipos.com/cra_ca_service/door/ 118 KB
19 KB 470ms
469ms Stylesheet
text/css 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/door/project-jb-style.css

Requested by

Host: try.swipos.com
URL: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ea367de6df1889913977d3895f8144334678dd679f9d641b67fc82585a97336b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Jul 2018 12:53:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5b59c42e-1d8da"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 project-style.css
try.swipos.com/cra_ca_service/door/ 42 KB
10 KB 470ms
469ms Stylesheet
text/css 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/door/project-style.css

Requested by

Host: try.swipos.com
URL: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

59cbf75521f37224126ca5245658398f41f4edb1d1c4abdd08274e9acfefd937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Jul 2018 12:52:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5b59c40c-a811"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 d.js Show response
waust.at/ 14 KB
7 KB 91ms
30ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: try.swipos.com
URL: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95c9628c1b9999a708886345c166c5234c9e0f4e8f540939a0e2fe66168d320c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:39:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1930
last-modified: Sun, 26 Jun 2022 09:57:12 GMT
server: cloudflare
etag: W/"62b82d78-397a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFIwIHj8cWA5RuxIsPIG0PYN3L19HCV2L8LyRcC1v3IulgfP63Kq0cdEVpm%2Fse7G8CeoLURYMQhQjsLYRANblcrrxAMeAXeEtDfnckP5S5aCnGQegqCp2tiwPFlOrmwlOOez2JDU"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7355a3b72b9f406f-CDG
expires: Fri, 05 Aug 2022 07:07:19 GMT

GET
H2 200 css.css
try.swipos.com/cra_ca_service/door/ 15 KB
1 KB 154ms
154ms Stylesheet
text/css 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/door/css.css

Requested by

Host: try.swipos.com
URL: https://try.swipos.com/cra_ca_service/door/theme-jb.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

792c90a99278257ce02b561b401f489f2bd5acf0147ded12115b92cc1fba2154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/cra_ca_service/door/theme-jb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Jul 2018 13:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5b59ca72-3ac8"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 glyphicons-halflings-regular.woff
try.swipos.com/cra_ca_service/door/semi/ 23 KB
23 KB 155ms
154ms Font
application/font-woff 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/door/semi/glyphicons-halflings-regular.woff

Requested by

Host: try.swipos.com
URL: https://try.swipos.com/cra_ca_service/door/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://try.swipos.com/cra_ca_service/door/theme.css
Origin: https://try.swipos.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:39:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Jul 2018 12:10:50 GMT
server: nginx
etag: "5b59ba4a-5b18"
x-frame-options: SAMEORIGIN
content-type: application/font-woff
accept-ranges: bytes
content-length: 23320
x-xss-protection: 1; mode=block

GET
H2 200 wmms-blk.svg Show response
try.swipos.com/cra_ca_service/door/ Frame D460 5 KB
2 KB 154ms
153ms Document
image/svg+xml 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/door/wmms-blk.svg

Requested by

Host: try.swipos.com
URL: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3f871276a81f087b28dcadca177edf7511d7fdd6c8287c51030c4ac454296ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: image/svg+xml
date: Thu, 04 Aug 2022 07:39:30 GMT
etag: W/"5b59c068-128f"
last-modified: Thu, 26 Jul 2018 12:36:56 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 sig-blk-en.svg Show response
try.swipos.com/cra_ca_service/door/ Frame 82A0 10 KB
2 KB 157ms
156ms Document
image/svg+xml 139.59.22.81
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://try.swipos.com/cra_ca_service/door/sig-blk-en.svg

Requested by

Host: try.swipos.com
URL: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.59.22.81 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b493143147246fc0d7a9f377c2526560329e923b8be0bb4c9ac3e408adcfb06f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://try.swipos.com/cra_ca_service/start.php?program=tax&target=details&lang=en&idp=cms;jsessnid=EFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: image/svg+xml
date: Thu, 04 Aug 2022 07:39:30 GMT
etag: W/"5b59c066-29d6"
last-modified: Thu, 26 Jul 2018 12:36:54 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 2 KB
3 KB 79ms
23ms Script
application/javascript 51.89.99.21
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ftry.swipos.com%2Fcra_ca_service%2Fstart.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DEFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF&j=https%3A%2F%2Ftry.swipos.com%2Fcra_ca_service%2F
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163187.ip-51-89-99.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 27f3e97f04587e1c7897b1d0ffeccdec3b91173297342ac575ceabf689f65cf3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 07:39:30 GMT
X-T: 0.515
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: ger1
Expires: Thu, 04 Aug 2022 07:39:29 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 28 B
145 B 354ms
110ms Script
text/javascript 67.202.114.216
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=u1yub7c0a9&t=Step%201%3A%20Start%20your%20claim%20-%20Canadian%20Revenue%20Agency&c=d&x=https%3A%2F%2Ftry.swipos.com%2Fcra_ca_service%2Fstart.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DEFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF&y=https%3A%2F%2Ftry.swipos.com%2Fcra_ca_service%2F&a=0&v=27&r=1079
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.114.216 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 547620b6b2a052bd1fe65624db3a8f831414168f165c283f764259955f072588

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:39:30 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 51 B
319 B 66ms
22ms Script
application/javascript 51.89.99.21
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=try.swipos.com&_ss=2k0jrl55dj&_pv=1&_ls=0&_u1=1&_u3=1&_cc=fr&_pl=d&_cbid=4hqg&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ftry.swipos.com%2Fcra_ca_service%2Fstart.php%3Fprogram%3Dtax%26target%3Ddetails%26lang%3Den%26idp%3Dcms%3Bjsessnid%3DEFNmqAcOFZMfoUYtEyooSXPiKYzXcMWVZqvLGqhrtWZTZPF&j=https%3A%2F%2Ftry.swipos.com%2Fcra_ca_service%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163187.ip-51-89-99.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 39c6de38f7630b2583b417d6a2920a60684569a1f62dadee7ce7790a044d6af6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 07:39:30 GMT
X-T: 0.148
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Thu, 04 Aug 2022 07:39:29 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 104ms
33ms Script
application/javascript 172.64.151.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://try.swipos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 07:39:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
server: cloudflare
age: 95614
etag: W/"62d96959-4599"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7355a3beb9ce40d5-CDG
expires: Sun, 07 Aug 2022 07:39:31 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET p
ic.tynt.com/b/ 0
0

GET v2
de.tynt.com/deb/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ic.tynt.com
URL: https://ic.tynt.com/b/p?id=w!u1yub7c0a9&lm=0&ts=1659598771075&dn=TC&iso=0&r=https%3A%2F%2Ftry.swipos.com%2Fcra_ca_service%2F&t=Step%201%3A%20Start%20your%20claim%20-%20Canadian%20Revenue%20Agency

Domain: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!u1yub7c0a9&dn=TC&cc=1&r=https%3A%2F%2Ftry.swipos.com%2Fcra_ca_service%2F

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canadian Government (Government)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
try.swipos.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: be4qrdfcus6vibfahht35qqsg8
.dtscout.com/	1970-01-20 05:00:03	Name: m Value: 1
.dtscout.com/	1970-01-20 05:00:16	Name: b Value: 1
.dtscout.com/	1970-01-20 05:00:13	Name: oa Value: 1
.dtscout.com/	1970-01-20 07:23:58	Name: df Value: 1659598770

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tynt.com
de.tynt.com
ic.tynt.com
latulipefood.ci
t.dtscout.com
try.swipos.com
waust.at
whos.amung.us
de.tynt.com
ic.tynt.com
139.59.22.81
172.64.151.83
185.26.107.139
2606:4700:20::681a:507
51.89.99.21
67.202.114.216
087280e8c5432abfa73e746559de4572d34263fefac3484f125d09386cb836a7
27f3e97f04587e1c7897b1d0ffeccdec3b91173297342ac575ceabf689f65cf3
2cc052d474ce6ee267dd164a839814615a04865b2706d1bc1cb73160c55c549f
39c6de38f7630b2583b417d6a2920a60684569a1f62dadee7ce7790a044d6af6
409431c6d45382c6f353dc8d2dbeff98b90e88c1c728f263e7299d68a55dda53
41fbb280ed197740a1c526e9619c00510e2b32dcbba016261890c9052d3243de
547620b6b2a052bd1fe65624db3a8f831414168f165c283f764259955f072588
59cbf75521f37224126ca5245658398f41f4edb1d1c4abdd08274e9acfefd937
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
75940f130c38a1a4117186f2af7d6a6b18dfdf162a60449c9958576c0f9bb052
7866eb67cdd1b14d09d53b21a0a80327be0f6244ef7ccc058995cf80f7a7abac
792c90a99278257ce02b561b401f489f2bd5acf0147ded12115b92cc1fba2154
840787fa147628e52a9ee2f640e98efdf524beb19bdf532f2d9fed83e494a00b
937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae
95c9628c1b9999a708886345c166c5234c9e0f4e8f540939a0e2fe66168d320c
b493143147246fc0d7a9f377c2526560329e923b8be0bb4c9ac3e408adcfb06f
b9adc9d233ab5f39618b6fa8ff5b5a99aff51fbbe0cc4558e8f5024b15cc1281
e3f871276a81f087b28dcadca177edf7511d7fdd6c8287c51030c4ac454296ab
ea367de6df1889913977d3895f8144334678dd679f9d641b67fc82585a97336b
f4191127dc4bfce80cc42325b3e19f9d6cb6993b79a8de55baa9fcf01f4968fc
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

try.swipos.com Open in urlscan Pro 139.59.22.81 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

91 %HTTPS

17 %IPv6

6 Domains

8 Subdomains

7 IPs

4 Countries

173 kBTransfer

725 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

31 JavaScript Global Variables

5 Cookies

Indicators

try.swipos.com Open in urlscan Pro
139.59.22.81 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

91 %
HTTPS

17 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

173 kB
Transfer

725 kB
Size

5
Cookies

22 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!