foodationindia.com
Open in
urlscan Pro
138.201.207.99
Malicious Activity!
Public Scan
Effective URL: https://foodationindia.com/itmebaytop82734092734/
Submission: On March 11 via automatic, source openphish — Scanned from NZ
Summary
TLS certificate: Issued by R3 on January 23rd 2024. Valid for: 3 months.
This is the only time foodationindia.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: eBay (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 65.254.92.135 65.254.92.135 | 394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY) | |
1 9 | 138.201.207.99 138.201.207.99 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 2404:6800:400... 2404:6800:4006:80f::200a | 15169 (GOOGLE) (GOOGLE) | |
10 | 3 |
ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: vs-kwizzytek1.au.syrahost.com
houseplasterers.co.nz |
ASN24940 (HETZNER-AS, DE)
PTR: hg.privatedns.in
foodationindia.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
foodationindia.com
1 redirects
foodationindia.com |
41 KB |
2 |
houseplasterers.co.nz
1 redirects
houseplasterers.co.nz |
612 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 |
|
10 | 3 |
Domain | Requested by | |
---|---|---|
9 | foodationindia.com |
1 redirects
foodationindia.com
|
2 | houseplasterers.co.nz | 1 redirects |
1 | fonts.googleapis.com |
foodationindia.com
|
10 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
houseplasterers.co.nz R3 |
2024-02-11 - 2024-05-11 |
3 months | crt.sh |
foodationindia.com R3 |
2024-01-23 - 2024-04-22 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://foodationindia.com/itmebaytop82734092734/
Frame ID: C3DD2DE13963C6A026A3DF02750B579F
Requests: 6 HTTP requests in this frame
Frame:
https://foodationindia.com/itmebaytop82734092734/counter/counter1.php
Frame ID: 3B4AA1CED8168FBE74137C27ED8BE643
Requests: 4 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://houseplasterers.co.nz/399274056102638107234
HTTP 301
https://houseplasterers.co.nz/399274056102638107234/ Page URL
-
https://foodationindia.com/itmebaytop82734092734
HTTP 301
https://foodationindia.com/itmebaytop82734092734/ Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://houseplasterers.co.nz/399274056102638107234
HTTP 301
https://houseplasterers.co.nz/399274056102638107234/ Page URL
-
https://foodationindia.com/itmebaytop82734092734
HTTP 301
https://foodationindia.com/itmebaytop82734092734/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://houseplasterers.co.nz/399274056102638107234 HTTP 301
- https://houseplasterers.co.nz/399274056102638107234/
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
houseplasterers.co.nz/399274056102638107234/ Redirect Chain
|
93 B 339 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
foodationindia.com/itmebaytop82734092734/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
foodationindia.com/itmebaytop82734092734/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin.png
foodationindia.com/itmebaytop82734092734/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MarketSans.ttf
foodationindia.com/itmebaytop82734092734/ |
54 KB 24 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
counter1.php
foodationindia.com/itmebaytop82734092734/counter/ Frame 3B4A |
231 B 143 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3.GIF
foodationindia.com/itmebaytop82734092734/counter/digits/1/ Frame 3B4A |
141 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2.GIF
foodationindia.com/itmebaytop82734092734/counter/digits/1/ Frame 3B4A |
145 B 165 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6.GIF
foodationindia.com/itmebaytop82734092734/counter/digits/1/ Frame 3B4A |
142 B 184 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: eBay (E-commerce)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 number| currentTab function| showTab function| nextPrev function| validateForm function| fixStepIndicator0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
foodationindia.com
houseplasterers.co.nz
138.201.207.99
2404:6800:4006:80f::200a
65.254.92.135
2912ae226f73e77a7ce9699d260f7f348c548145d64dcce9c67f4216ec9a99ea
3f9491e08d81e7ed47f0c93138189ba42a99a48d6ec86ab47a742c3b9bb2872f
52668877e284856ff8e44449e3a7de6176f5dddb69f5f0ba43bc621a3bf6ba3a
5f23952c228161d2aa6d42ad9c8a40b44a13f6161bc4a14d062eaa0108c30e9f
74768b90cf9aab770795d4864b6cff46d00958858b2938bcaff94c463729dd10
c4bb6d764f00d10e2f3448ce1d9eca1e1ffa8238a30e41aba201655a41e959c0
cccba13b939908d83a7ec394ee263e225d0098574100fa2534877400d8562684
e6c67ad165e02d6512d133cbb26ec4063a8be85a5d727bee3ed4164b35f99e13
f97997c252780639d228d05ccc0430d60c7ae22b0d7f70cd420bca3b245f95a9