ojaexpress.zeepii.com Open in urlscan Pro
209.182.195.116 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ojaexpress.zeepii.com/wp-admin/includes/towerfcuonline.org/towerfcuonline.org/
Submission: On March 24 via manual (March 24th 2022, 3:39:22 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 41 HTTP transactions. The main IP is 209.182.195.116, located in United States and belongs to INMOTION, US. The main domain is ojaexpress.zeepii.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 18th 2022. Valid for: 3 months.

This is the only time ojaexpress.zeepii.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 2 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
35	209.182.195.116 209.182.195.116	22611 (INMOTION) (INMOTION)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
41	5

35 209.182.195.116 (United States)

ASN22611 (INMOTION, US)
PTR: vps33181.inmotionhosting.com

ojaexpress.zeepii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	zeepii.com ojaexpress.zeepii.com	1 MB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	12 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	53 KB
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 590	38 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2181	15 KB
41	5

	Domain	Requested by
35	ojaexpress.zeepii.com	ojaexpress.zeepii.com
2	cdnjs.cloudflare.com	ojaexpress.zeepii.com
2	code.jquery.com	ojaexpress.zeepii.com
1	ajax.aspnetcdn.com	ojaexpress.zeepii.com
1	stackpath.bootstrapcdn.com	ojaexpress.zeepii.com
41	5

This site contains links to these domains. Also see Links.

Domain
www.towerfcuonline.org

Subject Issuer	Validity	Valid
ojaexpress.zeepii.com cPanel, Inc. Certification Authority	`2022-01-18` - `2022-04-18`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ojaexpress.zeepii.com/wp-admin/includes/towerfcuonline.org/towerfcuonline.org/
Frame ID: F629A57CC49C1B9CD129A3B75BAB5A6D
Requests: 40 HTTP requests in this frame

Frame: https://ojaexpress.zeepii.com/wp-admin/includes/towerfcuonline.org/towerfcuonline.org/marketing/cloud/data/pdf/index_1.html
Frame ID: 5E2C2CF1E32B44708C21C5C44D625DEC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tower Federal Credit Union | Loginswitch-checkswitch-x