commtu.com Open in urlscan Pro
103.224.182.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://newyear2022-uat.finpoints.tech/
Effective URL:
https://commtu.com/r2.php?e=fFbJHCv%2F9E59z0Gs640CVn49fjZhRTltYVd5U3JRK2k1UC9mOXVIUmN0N0FETGJNMlZWemNzano1T0E3c2NyY...
Submission Tags: phishingrod
Submission: On April 06 via api (April 6th 2024, 3:58:29 pm UTC) from DE — Scanned from CH

Summary HTTP 105 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 15 domains to perform 105 HTTP transactions. The main IP is 103.224.182.206, located in Australia and belongs to TRELLIAN-AS-AP Trellian Pty. Limited, AU. The main domain is commtu.com. The Cisco Umbrella rank of the primary domain is 480279.
TLS certificate: Issued by R3 on February 26th 2024. Valid for: 3 months.

This is the only time commtu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
52	2606:4700:303... 2606:4700:3031::6815:656	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
2	2.16.1.171 2.16.1.171	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2.17.22.155 2.17.22.155	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	47.56.33.41 47.56.33.41	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
5	172.67.178.75 172.67.178.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.17.22.163 2.17.22.163	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1 1	103.224.182.208 103.224.182.208	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
105	21

52 2606:4700:3031::6815:656 (United States)

ASN13335 (CLOUDFLARENET, US)

newyear2022-uat.finpoints.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.1.171 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-1-171.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.livechat-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.17.22.155 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-22-155.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 47.56.33.41 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

doo-prime-static.oss-cn-hongkong.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.178.75 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.dootech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.22.163 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-22-163.deploy.static.akamaitechnologies.com

secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.224.182.208 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-208.above.com

dooprimeio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

commtu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	finpoints.tech newyear2022-uat.finpoints.tech	4 MB
7	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 99	714 B
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3274 www.google.com — Cisco Umbrella Rank: 2	561 B
5	dootech.io cdn.dootech.io	6 KB
5	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5784 api.livechatinc.com — Cisco Umbrella Rank: 5257 secure.livechatinc.com — Cisco Umbrella Rank: 6433	35 KB
4	aliyuncs.com doo-prime-static.oss-cn-hongkong.aliyuncs.com	3 KB
4	google.ch www.google.ch — Cisco Umbrella Rank: 30448	776 B
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96 googleads.g.doubleclick.net — Cisco Umbrella Rank: 39	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	84 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2709	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	418 KB
1	commtu.com commtu.com — Cisco Umbrella Rank: 480279	3 KB
1	dooprimeio.com 1 redirects dooprimeio.com	2 KB
1	livechat-files.com cdn.livechat-files.com — Cisco Umbrella Rank: 16819	3 KB
0	zeusenv.com Failed v5-crm-client-uat.zeusenv.com Failed
105	15

	Domain	Requested by
52	newyear2022-uat.finpoints.tech	newyear2022-uat.finpoints.tech
7	www.facebook.com	1 redirects newyear2022-uat.finpoints.tech
5	cdn.dootech.io	newyear2022-uat.finpoints.tech
5	region1.analytics.google.com	www.googletagmanager.com
4	doo-prime-static.oss-cn-hongkong.aliyuncs.com	newyear2022-uat.finpoints.tech
4	www.google.ch	newyear2022-uat.finpoints.tech
4	connect.facebook.net	newyear2022-uat.finpoints.tech connect.facebook.net
4	www.googletagmanager.com	newyear2022-uat.finpoints.tech www.googletagmanager.com
3	api.livechatinc.com	cdn.livechatinc.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google.com	newyear2022-uat.finpoints.tech
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	commtu.com	newyear2022-uat.finpoints.tech commtu.com
1	dooprimeio.com	1 redirects
1	cdn.livechat-files.com	newyear2022-uat.finpoints.tech
1	secure.livechatinc.com	cdn.livechatinc.com
1	cdn.livechatinc.com	newyear2022-uat.finpoints.tech
1	googleads.g.doubleclick.net	www.googletagmanager.com
0	v5-crm-client-uat.zeusenv.com Failed	newyear2022-uat.finpoints.tech
105	20

This site contains no links.

Subject Issuer	Validity	Valid
newyear2022-uat.finpoints.tech E1	`2024-04-06` - `2024-07-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-14` - `2024-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-31` - `2025-01-31`	a year	crt.sh
oss-cn-hongkong.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-12-06` - `2024-05-24`	6 months	crt.sh
cdn.dootech.io GTS CA 1P5	`2024-03-22` - `2024-06-20`	3 months	crt.sh
katiewstewart.com R3	`2024-02-26` - `2024-05-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://commtu.com/r2.php?e=fFbJHCv%2F9E59z0Gs640CVn49fjZhRTltYVd5U3JRK2k1UC9mOXVIUmN0N0FETGJNMlZWemNzano1T0E3c2NyYTRuaXNzelBKejBsbVhqV0RCMFY2NExjWk01NWg1UFk5bndCMW5Hckp2NTlNaVlHTHhhVnBCVjNVUENPdmlSZXZITlNjRzRPa1F6TEQvQitmZ0x2aWxuTDZNYlVnZG0xemZjZHNDN1RmZ2lpbmNnVEdCaFZBSXh2dmwvZ1JPcC94UzNRMFZDWEFBOWQwbEZsbS9RM3V6RjBIbm9BdEovLzRsdFVpWlNtZU9vWGh2NDFRcExtU0RGZTN3dDlIakNjU3Nic0tRY3ZBanJ1MFdqd1Nxb2dVenFrZExoRjdVTFErTlRmY2tvQXBLM3ZHczNDYXN6WTNQL2pNUWhJSEI4WFBsLzVteW93blpOaUhUTGNNS25TeXRSajJIUGtMeGNhZE1tQmNNdTNVT3lMdWxnOFZxSUtvVjdRRk41djc5UzA3QnlPUTNzTFRFYlhNQXNQZTY5SXJLZXpyWElFVkYveEVVTm5RT3ZzVzJ1ZVdLZitMZWlRZnhsNktoeFQzT2kwMDY0QURka3FuUVRkbkFFUFdMME5Jbm14SU9lMHBhSEZFZzRnOWhMaGdtbzNMSi80RU9oUlNNdE81bXdMQjR3NDV1ekNKVjNLOTBucTM5ZjJTMmREeVZiZTBRVWpKdWY1WkJqRkVISyt6MVB6TnhWMkhVVE54ZUFEdldtdGNsUFdoYy9oYkRrc2VBVGVWZ3k3YkhwcTNZT2RCVFZ4bk9VK2h4ZnIxWDF6MlU2dzIxZUZoOElONEZ3eE03aHZmbW14b2tpRmp3aFptSnBXM2RyUE9JbWNFdWVIWlFoUFBOaTF0cVlWTEdlbXkrYyt6NkJ0V05tM1dSSFJWbzNaVjFqZzdTZkZqb0hBdElpRENXb0JlR0RrU05NdWtNdlJuTlM5aXBCS1JWeDl4Q3VSVUxGbndQMVZQOEJCeWlWUCtXMk94UWtCQ2tlbWg2bHNSRTU4NlF1bjYzaXJRL1h1dHplNXMvdEphOGRRYmowVFNKV3NDL1FSUWdad25ic0g4amdiMmdBd1c0V204NVorVVdyV1Q5aEZEanYwelJCU3FRQUVXTURuQ1dYTzdLQmFDazM5NGxiQjZGZ3l3T0lYNVhja0RVMjZyOVhYL0tPUktLV3h1bENHcWp3NHNGaGVpUlY3UjFoLzFRY3hub0FpY293ZllqQ2FjQSt6OGpZalhyNHlnOXdhMXRYQXY3MTByZkVNa2w0eU1DOCtuQk5PdTYxUjA0ZkJRMnFYSFE9PQ%3D%3D
Frame ID: B09C5F23AF0BC51CF8D49D1BCCEA39E1
Requests: 110 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=10956587&group=1&embedded=1&widget_version=3&unique_groups=0
Frame ID: C259EB14820E13FC63FA1D832DBF7AB1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://newyear2022-uat.finpoints.tech/ Page URL
https://dooprimeio.com/ HTTP 302
http://commtu.com/r2.php?e=fFbJHCv%2F9E59z0Gs640CVn49fjZhRTltYVd5U3JRK2k1UC9mOXVIUmN0N0FETGJNM... HTTP 307
https://commtu.com/r2.php?e=fFbJHCv%2F9E59z0Gs640CVn49fjZhRTltYVd5U3JRK2k1UC9mOXVIUmN0N0FETGJNM... Page URL