refund-ebill-etisalat.innovandoenti.com Open in urlscan Pro
207.210.229.200 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://refund-ebill-etisalat.innovandoenti.com/
Submission: On February 17 via automatic, source phishtank (February 17th 2024, 2:32:44 am UTC) — Scanned from DE

Summary HTTP 41 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 41 HTTP transactions. The main IP is 207.210.229.200, located in United States and belongs to . The main domain is refund-ebill-etisalat.innovandoenti.com.

This is the only time refund-ebill-etisalat.innovandoenti.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Etisalat (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
35	207.210.229.200 207.210.229.200	() ()
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
41	8

35 207.210.229.200 (United States)

ASN- ()
PTR: svw106.serverneubox.com.mx

refund-ebill-etisalat.innovandoenti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

9157623.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	innovandoenti.com refund-ebill-etisalat.innovandoenti.com	4 MB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 9157623.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 149	4 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 122	1020 B
1	bing.com bat.bing.com — Cisco Umbrella Rank: 409	488 B
1	google.de www.google.de — Cisco Umbrella Rank: 5654	455 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 141	610 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	710 B
41	7

	Domain	Requested by
35	refund-ebill-etisalat.innovandoenti.com	refund-ebill-etisalat.innovandoenti.com
2	9157623.fls.doubleclick.net	1 redirects www.googletagmanager.com
1	ad.doubleclick.net	9157623.fls.doubleclick.net
1	adservice.google.com	9157623.fls.doubleclick.net
1	bat.bing.com	www.googletagmanager.com
1	www.google.de	www.googletagmanager.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	www.googletagmanager.com	refund-ebill-etisalat.innovandoenti.com
41	10

This site contains links to these domains. Also see Links.

Domain
www.southernchampionships.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://refund-ebill-etisalat.innovandoenti.com/
Frame ID: 51C6F0842BD090A03D45D84E07D516F6
Requests: 31 HTTP requests in this frame

Frame: http://refund-ebill-etisalat.innovandoenti.com/style/activityi.html
Frame ID: 99CAE68FBBAF4DD36BC9541C24AAAB82
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-TSZ46Z
Frame ID: 4ECA2C1AF68A2B70E0D07D67D02781ED
Requests: 3 HTTP requests in this frame

Frame: https://9157623.fls.doubleclick.net/activityi;dc_pre=CKT8v-SqsYQDFZBNHgIdo5oJ1A;src=9157623;type=remar0;cat=etisa0;u1=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F;ord=285141199;~oref=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F
Frame ID: EFE60EA999BD950B20ABCD266108A273
Requests: 3 HTTP requests in this frame

Frame: http://refund-ebill-etisalat.innovandoenti.com/style/saved_resource.html
Frame ID: 596BF9A0B79492271AD9378BD61BC417
Requests: 1 HTTP requests in this frame

Frame: http://refund-ebill-etisalat.innovandoenti.com/style/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: DADF03FBD851A9BBD659BB69E8DC24AB
Requests: 3 HTTP requests in this frame

Frame: http://refund-ebill-etisalat.innovandoenti.com/style/75460.html
Frame ID: 8C4D9A4372A8AC8A7B663AB15C2240EF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Etisalat - Self Careicon-pinQuickPayPage 1

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

41
Requests

12 %
HTTPS

60 %
IPv6

7
Domains

10
Subdomains

8
IPs

2
Countries

4183 kB
Transfer

4183 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.southernchampionships.com/-/
Title: Apple iPhone 6S

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.googleadservices.com/pagead/conversion/900746231/?label=ofteCKzz4GYQ95fBrQM&url=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F&guid=ON&script=0&data= HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/900746231/?label=ofteCKzz4GYQ95fBrQM&url=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=xhrQZdi1H4vA9u8Pv_uw4Ak&random=1331991816&sscte=1&crd=COy7sQI&pscrd=IhMI2LC-5KqxhAMVC6D9Bx2_PQycMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg HTTP 302
https://www.google.com/pagead/1p-user-list/900746231/?label=ofteCKzz4GYQ95fBrQM&url=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1331991816&crd=COy7sQI&is_vtc=1&cid=CAQSGwAvHhf_46iomrOtmUGm-vG_PtY5YabAmBMcxA&random=4155751807 HTTP 302
https://www.google.de/pagead/1p-user-list/900746231/?label=ofteCKzz4GYQ95fBrQM&url=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1331991816&crd=COy7sQI&is_vtc=1&cid=CAQSGwAvHhf_46iomrOtmUGm-vG_PtY5YabAmBMcxA&random=4155751807&ipr=y

Request Chain 6

https://9157623.fls.doubleclick.net/activityi;src=9157623;type=remar0;cat=etisa0;u1=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F;ord=285141199;~oref=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F HTTP 302
https://9157623.fls.doubleclick.net/activityi;dc_pre=CKT8v-SqsYQDFZBNHgIdo5oJ1A;src=9157623;type=remar0;cat=etisa0;u1=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F;ord=285141199;~oref=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F

41 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
refund-ebill-etisalat.innovandoenti.com/ 275 KB
276 KB 1274ms
157ms Document
text/html 207.210.229.200

General

Domain/Path	Expires	Name / Value
refund-ebill-etisalat.innovandoenti.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: vq393srtrg7u74689rteh7squu
.bing.com/	1970-01-21 03:50:33	Name: MUID Value: 23A8DAE551656C3A0C51CECD50C96DC2
.doubleclick.net/	1970-01-20 22:48:09	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 19:12:09	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 03:50:33	Name: IDE Value: AHWqTUnfudiPa53SUB2rYGLz3paoLFYUySWTl98L3mb8KtCEq9qtEEvmsKpuGjIp

Source	Level	URL Text
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/activityi.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/(Line 449) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/(Line 449) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/saved_resource Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/apple-logo_tcm313-176184.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/samsung-logo_tcm313-176189.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/nokia-logo_tcm313-176188.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/huawei-logo_tcm313-176187.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/belkin-logo_tcm313-176185.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/saved_resource Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/mega-menu-iphone-se-desk_tcm313-176867.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/bose-logo_tcm313-176186.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/mega-menu-iphone-se-mob-tab_tcm313-177420.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/fonts/SuisseIntl-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/fonts/SuisseIntl-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/fonts/SuisseIntl-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/fonts/SuisseIntl-SemiBold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/fonts/ge_ss_two_light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/fonts/SuisseIntl-Black.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/saved_resource.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/75460.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)

refund-ebill-etisalat.innovandoenti.com Open in urlscan Pro 207.210.229.200 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

12 %HTTPS

60 %IPv6

7 Domains

10 Subdomains

8 IPs

2 Countries

4183 kBTransfer

4183 kBSize

5 Cookies

1 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

refund-ebill-etisalat.innovandoenti.com Open in urlscan Pro
207.210.229.200 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

12 %
HTTPS

60 %
IPv6

7
Domains

10
Subdomains

8
IPs

2
Countries

4183 kB
Transfer

4183 kB
Size

5
Cookies

41 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!