uqfot.com Open in urlscan Pro
88.85.93.120 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://uqfot.com/info.php?c=djQub2lTQzVEQmZZaUg0ZElPRHVKYnRZaytOaHRZb1BTWWVFcWxkZG93Y3dCd3JtMERxZGNWOUIwNDJ6aVY5b...
Submission: On August 12 via manual (August 12th 2017, 3:39:24 am UTC) from RO

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 88.85.93.120, located in Netherlands and belongs to WEBZILLA, NL. The main domain is uqfot.com.

This is the only time uqfot.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	88.85.93.120 88.85.93.120	35415 (WEBZILLA) (WEBZILLA)
1	87.250.134.15 87.250.134.15	15879 (ASN-IS) (ASN-IS)
2	87.250.134.11 87.250.134.11	15879 (ASN-IS) (ASN-IS)
6	87.250.134.17 87.250.134.17	15879 (ASN-IS) (ASN-IS)
12	5

1 88.85.93.120 (Netherlands)

ASN35415 (WEBZILLA, NL)

uqfot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.250.134.15 (Netherlands)

ASN15879 (ASN-IS, NL)
PTR: db03.level23.nl

traffic.tc-clicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.250.134.11 (Netherlands)

ASN15879 (ASN-IS, NL)
PTR: srv.moportals.com

www.dealzsecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 87.250.134.17 (Netherlands)

ASN15879 (ASN-IS, NL)
PTR: static.moportals.com

static.dealzsecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	dealzsecure.com www.dealzsecure.com Failed static.dealzsecure.com	457 KB
1	tc-clicks.com traffic.tc-clicks.com Failed	6 KB
1	uqfot.com uqfot.com	268 B
12	3

	Domain	Requested by
6	static.dealzsecure.com	www.dealzsecure.com static.dealzsecure.com
2	www.dealzsecure.com	www.dealzsecure.com
1	traffic.tc-clicks.com
1	uqfot.com
12	4

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 3 frames:

Frame: http://traffic.tc-clicks.com/?oid=15999&oid_hmac=1dd22330b581af50291a394ad810d7d3&p=3545&pi=expdaded&source=gigporno.com
Frame ID: 5315.1
Requests: 2 HTTP requests in this frame

Frame: http://www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/?tid=r0122ewhdxwogos4o0gs48co,8555192,5,3545&ctrack=20353.3592690739
Frame ID: 5327.1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

12
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

1
Countries

463 kB
Transfer

543 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request 0

http://tracking.moportals.com/go.php?c=1329&s=evsvfdebzr&l=2265&source=gigporno.com
http://traffic.tc-clicks.com/?oid=15999&oid_hmac=1dd22330b581af50291a394ad810d7d3&p=3545&pi=expdaded&source=gigporno.com

12 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request info.php Show response uqfot.com/	291 B 268 B	54ms 40ms	Document text/html	88.85.93.120 WEBZILLA
General Check archive.org Show headers Download Go to Full URL http://uqfot.com/info.php?c=djQub2lTQzVEQmZZaUg0ZElPRHVKYnRZaytOaHRZb1BTWWVFcWxkZG93Y3dCd3JtMERxZGNWOUIwNDJ6aVY5bmcyV0ZoYWhhN0l0MHY2cVhVMEZwdThCRUMwemlRaGFSYWpJT3R6MVZLUndZZklNU0VLUit3bmwwbWNzZGNoRzRVKzF2ZFBpbUVweGx4cWIzYjBUOEhsd0xmWmx1a2dFMXZtTlNsUWpwcXhBQ015RDc0bjVld1R5WlhaZE1acHFMc3NIT3luMGwxVlhIRTVzRGw0b3lkZEh1dG55dXh6WjhtMVZjR1c0enR4Uk5DNlcrVHB5amZ1eXV0blhheEYzSDdxYVlwalZ6cWtQRk9NcktJeHd2ZnF3UUVlWm9oQ0RQdmNHdXJ4ZDhZN0JOcHA2MVJUckZBSVh4WlBtRXZGSGJIYi9lM3FLRzlMTG51MlA5aUE0eHo0MDlwT29JQ2xmY2t5OEtJRlFJblN2UHExSTNycWgvMVNl&ts=4415208&=4415208 Protocol HTTP/1.1 Server 88.85.93.120 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash `237b87f888b1cc0c8c85e7efd528cf5365ec95cd62f26954eb62dc4d7cf929dd` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Sat, 12 Aug 2017 03:39:13 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Connection keep-alive Content-Type text/html; charset="utf-8" Keep-Alive timeout=20
GET		/ traffic.tc-clicks.com/ Redirect Chain http://tracking.moportals.com/go.php?c=1329&s=evsvfdebzr&l=2265&source=gigporno.com http://traffic.tc-clicks.com/?oid=15999&oid_hmac=1dd22330b581af50291a394ad810d7d3&p=3545&pi=expdaded&source=gigporno.com	0 0

GET H/1.1	200 OK	/ Show response traffic.tc-clicks.com/ Frame 5327	10 KB 6 KB	177ms 165ms	Document text/html	87.250.134.15 ASN-IS
General Check archive.org Show headers Download Go to Full URL http://traffic.tc-clicks.com/?oid=15999&oid_hmac=1dd22330b581af50291a394ad810d7d3&p=3545&pi=expdaded&source=gigporno.com Protocol HTTP/1.1 Server 87.250.134.15 , Netherlands, ASN15879 (ASN-IS, NL), Reverse DNS db03.level23.nl Software nginx / Resource Hash `7b82d946c0eac7802de631d4c38ccabb8423981ad584a2f5944d621d7c67b29f` Request headers Upgrade-Insecure-Requests 1 Referer http://uqfot.com/info.php?c=djQub2lTQzVEQmZZaUg0ZElPRHVKYnRZaytOaHRZb1BTWWVFcWxkZG93Y3dCd3JtMERxZGNWOUIwNDJ6aVY5bmcyV0ZoYWhhN0l0MHY2cVhVMEZwdThCRUMwemlRaGFSYWpJT3R6MVZLUndZZklNU0VLUit3bmwwbWNzZGNoRzRVKzF2ZFBpbUVweGx4cWIzYjBUOEhsd0xmWmx1a2dFMXZtTlNsUWpwcXhBQ015RDc0bjVld1R5WlhaZE1acHFMc3NIT3luMGwxVlhIRTVzRGw0b3lkZEh1dG55dXh6WjhtMVZjR1c0enR4Uk5DNlcrVHB5amZ1eXV0blhheEYzSDdxYVlwalZ6cWtQRk9NcktJeHd2ZnF3UUVlWm9oQ0RQdmNHdXJ4ZDhZN0JOcHA2MVJUckZBSVh4WlBtRXZGSGJIYi9lM3FLRzlMTG51MlA5aUE0eHo0MDlwT29JQ2xmY2t5OEtJRlFJblN2UHExSTNycWgvMVNl&ts=4415208&=4415208 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Pragma no-cache Date Sat, 12 Aug 2017 03:39:13 GMT Content-Encoding gzip Last-Modified Sat, 12 Aug 2017 03:39:13 GMT Server nginx Vary Accept-Encoding, User-Agent Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Transfer-Encoding chunked Connection close Expires Sat, 12 Aug 2017 03:39:13 GMT
GET DATA	200 OK	truncated / Frame 5327	6 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3f434ea4d225b9ce8ceffff00bcaa7a3b75b123b0d4c05421fa42ef0d9d6b475` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/gif
GET		/ www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/ Frame 5327	0 0

GET H/1.1	200 OK	/ Show response www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/ Frame 5340	8 KB 2 KB	183ms 13ms	Document text/html	87.250.134.11 ASN-IS
General Check archive.org Show headers Download Go to Full URL http://www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/?tid=r0122ewhdxwogos4o0gs48co,8555192,5,3545&ctrack=20353.3592690739 Protocol HTTP/1.1 Server 87.250.134.11 , Netherlands, ASN15879 (ASN-IS, NL), Reverse DNS srv.moportals.com Software nginx / Resource Hash `348c0ad508fcbc68e991ed87756ef5e108090088c8bdcb7eb0a206aa5671e3b2` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Sat, 12 Aug 2017 03:39:14 GMT Content-Encoding gzip Transfer-Encoding chunked Server nginx Connection close Vary Accept-Encoding, User-Agent Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	style.css static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/css/ Frame 5340	6 KB 2 KB	485ms 12ms	Stylesheet text/css	87.250.134.17 ASN-IS
General Check archive.org Show headers Download Go to Full URL http://static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/css/style.css Requested by Host: www.dealzsecure.com URL: http://www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/?tid=r0122ewhdxwogos4o0gs48co,8555192,5,3545&ctrack=20353.3592690739 Protocol HTTP/1.1 Server 87.250.134.17 , Netherlands, ASN15879 (ASN-IS, NL), Reverse DNS static.moportals.com Software nginx / Resource Hash `9a5198a6ae263dcf3951db711d1b8f44ad74cc1b82d04ebba7ac8f37d89217c4` Request headers Referer http://www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/?tid=r0122ewhdxwogos4o0gs48co,8555192,5,3545&ctrack=20353.3592690739 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Sat, 12 Aug 2017 03:39:14 GMT Content-Encoding gzip Last-Modified Mon, 17 Jul 2017 07:16:22 GMT Server nginx Age 1974869 Vary Accept-Encoding Content-Type text/css Via 1.1 varnish Cache-Control max-age=31536000 X-Varnish 1932161835 1861221905 Connection keep-alive Accept-Ranges bytes Content-Length 1895 Expires Fri, 20 Jul 2018 07:04:45 GMT
GET H/1.1	200 OK	jquery-1.11.3.min.js Show response static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/js/ Frame 5340	94 KB 38 KB	485ms 12ms	Script application/javascript	87.250.134.17 ASN-IS
General Check archive.org Show headers Download Go to Full URL http://static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/js/jquery-1.11.3.min.js Requested by Host: www.dealzsecure.com URL: http://www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/?tid=r0122ewhdxwogos4o0gs48co,8555192,5,3545&ctrack=20353.3592690739 Protocol HTTP/1.1 Server 87.250.134.17 , Netherlands, ASN15879 (ASN-IS, NL), Reverse DNS static.moportals.com Software nginx / Resource Hash `ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8` Request headers Referer http://www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/?tid=r0122ewhdxwogos4o0gs48co,8555192,5,3545&ctrack=20353.3592690739 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Sat, 12 Aug 2017 03:39:14 GMT Content-Encoding gzip Last-Modified Mon, 17 Jul 2017 07:16:22 GMT Server nginx Age 1974213 Vary Accept-Encoding Content-Type application/javascript Via 1.1 varnish Cache-Control max-age=31536000 X-Varnish 149293004 78511292 Connection keep-alive Accept-Ranges bytes Content-Length 38889 Expires Fri, 20 Jul 2018 07:15:42 GMT
GET H/1.1	200 OK	script.js Show response static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/js/ Frame 5340	5 KB 2 KB	485ms 12ms	Script application/javascript	87.250.134.17 ASN-IS
General Check archive.org Show headers Download Go to Full URL http://static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/js/script.js Requested by Host: www.dealzsecure.com URL: http://www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/?tid=r0122ewhdxwogos4o0gs48co,8555192,5,3545&ctrack=20353.3592690739 Protocol HTTP/1.1 Server 87.250.134.17 , Netherlands, ASN15879 (ASN-IS, NL), Reverse DNS static.moportals.com Software nginx / Resource Hash `0c34d2cd648bba5404af5cbe33952fa065b78a1d3389bebf458693e2bf6b6d50` Request headers Referer http://www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/?tid=r0122ewhdxwogos4o0gs48co,8555192,5,3545&ctrack=20353.3592690739 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Sat, 12 Aug 2017 03:39:14 GMT Content-Encoding gzip Last-Modified Mon, 17 Jul 2017 07:16:22 GMT Server nginx Age 1974843 Vary Accept-Encoding Content-Type application/javascript Via 1.1 varnish Cache-Control max-age=31536000 X-Varnish 1932161836 1861222604 Connection keep-alive Accept-Ranges bytes Content-Length 1657 Expires Fri, 20 Jul 2018 07:05:11 GMT
GET H/1.1	200 OK	logo.png www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/images/ Frame 5340	4 KB 4 KB	23ms 11ms	Image image/png	87.250.134.11 ASN-IS
General Check archive.org Show headers Download Go to Show image Full URL http://www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/images/logo.png Requested by Host: www.dealzsecure.com URL: http://www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/?tid=r0122ewhdxwogos4o0gs48co,8555192,5,3545&ctrack=20353.3592690739 Protocol HTTP/1.1 Server 87.250.134.11 , Netherlands, ASN15879 (ASN-IS, NL), Reverse DNS srv.moportals.com Software nginx / Resource Hash `5f52bdc1d144e5570bff39e7792f69fe9ce9fa89ba96a7d5623c2913d4b6b358` Request headers Referer http://www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/?tid=r0122ewhdxwogos4o0gs48co,8555192,5,3545&ctrack=20353.3592690739 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Pragma public Date Sat, 12 Aug 2017 03:39:14 GMT Last-Modified Fri, 11 Aug 2017 08:50:01 GMT Server nginx ETag "598d6fb9-1023" Content-Type image/png Cache-Control max-age=31536000, public Connection close Accept-Ranges bytes Content-Length 4131 Expires Sun, 12 Aug 2018 03:39:14 GMT
GET H/1.1	200 OK	background1.jpg static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/images/ Frame 5340	146 KB 146 KB	12ms 12ms	Image image/jpeg	87.250.134.17 ASN-IS
General Check archive.org Show headers Download Go to Show image Full URL http://static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/images/background1.jpg Requested by Host: static.dealzsecure.com URL: http://static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/js/jquery-1.11.3.min.js Protocol HTTP/1.1 Server 87.250.134.17 , Netherlands, ASN15879 (ASN-IS, NL), Reverse DNS static.moportals.com Software nginx / Resource Hash `8f31c428593d808f5dd1697233414338d03fdc0f7f88334ef3be339efc2ebda2` Request headers Referer http://static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/css/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Sat, 12 Aug 2017 03:39:14 GMT Via 1.1 varnish Last-Modified Mon, 17 Jul 2017 07:16:22 GMT Server nginx Age 1974208 ETag "596c6446-24781" Content-Type image/jpeg Cache-Control max-age=31536000 X-Varnish 149293006 78511449 Connection keep-alive Accept-Ranges bytes Content-Length 149377 Expires Fri, 20 Jul 2018 07:15:46 GMT
GET H/1.1	200 OK	background2.jpg static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/images/ Frame 5340	142 KB 142 KB	12ms 12ms	Image image/jpeg	87.250.134.17 ASN-IS
General Check archive.org Show headers Download Go to Show image Full URL http://static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/images/background2.jpg Requested by Host: static.dealzsecure.com URL: http://static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/js/jquery-1.11.3.min.js Protocol HTTP/1.1 Server 87.250.134.17 , Netherlands, ASN15879 (ASN-IS, NL), Reverse DNS static.moportals.com Software nginx / Resource Hash `37a751df9353725b7e06bec81bc5c9f42c77c21701e4717465a13f4df5c0540d` Request headers Referer http://static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/css/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Sat, 12 Aug 2017 03:39:14 GMT Via 1.1 varnish Last-Modified Mon, 17 Jul 2017 07:16:22 GMT Server nginx Age 1974868 ETag "596c6446-23667" Content-Type image/jpeg Cache-Control max-age=31536000 X-Varnish 1932161841 1861221918 Connection keep-alive Accept-Ranges bytes Content-Length 144999 Expires Fri, 20 Jul 2018 07:04:46 GMT
GET H/1.1	200 OK	background3.jpg static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/images/ Frame 5340	121 KB 121 KB	12ms 12ms	Image image/jpeg	87.250.134.17 ASN-IS
General Check archive.org Show headers Download Go to Show image Full URL http://static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/images/background3.jpg Requested by Host: static.dealzsecure.com URL: http://static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/js/jquery-1.11.3.min.js Protocol HTTP/1.1 Server 87.250.134.17 , Netherlands, ASN15879 (ASN-IS, NL), Reverse DNS static.moportals.com Software nginx / Resource Hash `2949d919c1cbfea9a960e5a7a9fe4fe5086c1f9073c278d7e653980917a5a740` Request headers Referer http://static.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/css/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Sat, 12 Aug 2017 03:39:14 GMT Via 1.1 varnish Last-Modified Mon, 17 Jul 2017 07:16:22 GMT Server nginx Age 1974830 ETag "596c6446-1e5f9" Content-Type image/jpeg Cache-Control max-age=31536000 X-Varnish 1932161840 1861223003 Connection keep-alive Accept-Ranges bytes Content-Length 124409 Expires Fri, 20 Jul 2018 07:05:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: traffic.tc-clicks.com
URL: http://traffic.tc-clicks.com/?oid=15999&oid_hmac=1dd22330b581af50291a394ad810d7d3&p=3545&pi=expdaded&source=gigporno.com

Domain: www.dealzsecure.com
URL: http://www.dealzsecure.com/landing/de/all/revhunters/sexbadoo/mobi/?tid=r0122ewhdxwogos4o0gs48co,8555192,5,3545&ctrack=20353.3592690739

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

static.dealzsecure.com
traffic.tc-clicks.com
uqfot.com
www.dealzsecure.com
traffic.tc-clicks.com
www.dealzsecure.com
87.250.134.11
87.250.134.15
87.250.134.17
88.85.93.120
0c34d2cd648bba5404af5cbe33952fa065b78a1d3389bebf458693e2bf6b6d50
237b87f888b1cc0c8c85e7efd528cf5365ec95cd62f26954eb62dc4d7cf929dd
2949d919c1cbfea9a960e5a7a9fe4fe5086c1f9073c278d7e653980917a5a740
348c0ad508fcbc68e991ed87756ef5e108090088c8bdcb7eb0a206aa5671e3b2
37a751df9353725b7e06bec81bc5c9f42c77c21701e4717465a13f4df5c0540d
3f434ea4d225b9ce8ceffff00bcaa7a3b75b123b0d4c05421fa42ef0d9d6b475
5f52bdc1d144e5570bff39e7792f69fe9ce9fa89ba96a7d5623c2913d4b6b358
7b82d946c0eac7802de631d4c38ccabb8423981ad584a2f5944d621d7c67b29f
8f31c428593d808f5dd1697233414338d03fdc0f7f88334ef3be339efc2ebda2
9a5198a6ae263dcf3951db711d1b8f44ad74cc1b82d04ebba7ac8f37d89217c4
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

uqfot.com Open in urlscan Pro 88.85.93.120 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

12 Requests

0 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

5 IPs

1 Countries

463 kBTransfer

543 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

uqfot.com Open in urlscan Pro
88.85.93.120 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

1
Countries

463 kB
Transfer

543 kB
Size

0
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!