refund-ebill-etisalat.innovandoenti.com Open in urlscan Pro
207.210.229.200 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://refund-ebill-etisalat.innovandoenti.com/
Submission Tags: @ecarlesi threat phishing Search All
Submission: On February 16 via api (February 16th 2024, 10:29:43 pm UTC) from IT — Scanned from IT

Summary HTTP 56 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 6 domains to perform 56 HTTP transactions. The main IP is 207.210.229.200, located in United States and belongs to AS17378, US. The main domain is refund-ebill-etisalat.innovandoenti.com.

This is the only time refund-ebill-etisalat.innovandoenti.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Etisalat (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
50	207.210.229.200 207.210.229.200	17378 (AS17378) (AS17378)
1	142.250.185.136 142.250.185.136	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
1	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
56	8

50 207.210.229.200 (United States)

ASN17378 (AS17378, US)
PTR: svw106.serverneubox.com.mx

refund-ebill-etisalat.innovandoenti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

9157623.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	innovandoenti.com refund-ebill-etisalat.innovandoenti.com	4 MB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 9157623.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 149	4 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 122	856 B
1	bing.com bat.bing.com — Cisco Umbrella Rank: 409	487 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 141	611 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	711 B
56	6

	Domain	Requested by
50	refund-ebill-etisalat.innovandoenti.com	refund-ebill-etisalat.innovandoenti.com
2	9157623.fls.doubleclick.net	1 redirects www.googletagmanager.com
1	ad.doubleclick.net	9157623.fls.doubleclick.net
1	adservice.google.com	9157623.fls.doubleclick.net
1	bat.bing.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	www.googletagmanager.com	refund-ebill-etisalat.innovandoenti.com
56	9

This site contains links to these domains. Also see Links.

Domain
www.southernchampionships.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://refund-ebill-etisalat.innovandoenti.com/
Frame ID: 61153C033B6986CC863E8FF2C902F7AD
Requests: 46 HTTP requests in this frame

Frame: http://refund-ebill-etisalat.innovandoenti.com/style/activityi.html
Frame ID: C132B0C3EB1D5D0B9B0C0636BC71CFF0
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-TSZ46Z
Frame ID: B7CFAF2A13DE10FA3DC3BC50CE71DD19
Requests: 3 HTTP requests in this frame

Frame: https://9157623.fls.doubleclick.net/activityi;dc_pre=CMHG8bv0sIQDFVVdHgId4voM8w;src=9157623;type=remar0;cat=etisa0;u1=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F;ord=1809158888;~oref=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F
Frame ID: 94F0A30C659D0112EAA76A9B3D30B55D
Requests: 3 HTTP requests in this frame

Frame: http://refund-ebill-etisalat.innovandoenti.com/style/saved_resource.html
Frame ID: 29C99AEFE7A29EF4FE1D16DCA6970075
Requests: 1 HTTP requests in this frame

Frame: http://refund-ebill-etisalat.innovandoenti.com/style/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 93D97609628EC5EDC98BEC270AB27EF5
Requests: 3 HTTP requests in this frame

Frame: http://refund-ebill-etisalat.innovandoenti.com/style/75460.html
Frame ID: 9AA2170922182AE275B3C2D760B22415
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Etisalat - Self Careicon-pinQuickPayPage 1

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

56
Requests

9 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

8
IPs

1
Countries

4324 kB
Transfer

4322 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.southernchampionships.com/-/
Title: Apple iPhone 6S

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www.googleadservices.com/pagead/conversion/900746231/?label=ofteCKzz4GYQ95fBrQM&url=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F&guid=ON&script=0&data= HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/900746231/?label=ofteCKzz4GYQ95fBrQM&url=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=0eHPZbbMMvfUmLAP0o-CqAU&random=1228375763&sscte=1&crd=COy7sQI&pscrd=IhMI9vjvu_SwhAMVdyoGAB3ShwBVMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg HTTP 302
https://www.google.com/pagead/1p-user-list/900746231/?label=ofteCKzz4GYQ95fBrQM&url=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1228375763&crd=COy7sQI&is_vtc=1&cid=CAQSGwAvHhf_kQgXWvid5SPYPaspk2ewIbr8Y5esig&random=1478201843

Request Chain 20

https://9157623.fls.doubleclick.net/activityi;src=9157623;type=remar0;cat=etisa0;u1=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F;ord=1809158888;~oref=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F HTTP 302
https://9157623.fls.doubleclick.net/activityi;dc_pre=CMHG8bv0sIQDFVVdHgId4voM8w;src=9157623;type=remar0;cat=etisa0;u1=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F;ord=1809158888;~oref=http%3A%2F%2Frefund-ebill-etisalat.innovandoenti.com%2F

56 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
refund-ebill-etisalat.innovandoenti.com/ 275 KB
276 KB 961ms
361ms Document
text/html 207.210.229.200
AS17378

General

Domain/Path	Expires	Name / Value
refund-ebill-etisalat.innovandoenti.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: pptnfcjg6ketabsacpehlqvoh8
.doubleclick.net/	1970-01-20 22:47:54	Name: receive-cookie-deprecation Value: 1
.bing.com/	1970-01-21 03:50:18	Name: MUID Value: 10E971ED3C496EA122CA65CA3D3E6F55
.doubleclick.net/	1970-01-20 19:11:54	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 04:04:42	Name: IDE Value: AHWqTUlOuW10bcp3Xy5sY4Y3GWi-5MRw3uFu0-tncPdx43VV0AMT41CaCnM660d5
.doubleclick.net/	1970-01-20 18:28:43	Name: test_cookie Value: CheckForPermission

Source	Level	URL Text
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/activityi.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/apple-logo_tcm313-176184.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/saved_resource Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/samsung-logo_tcm313-176189.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/saved_resource Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/mega-menu-iphone-se-desk_tcm313-176867.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/huawei-logo_tcm313-176187.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/nokia-logo_tcm313-176188.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/belkin-logo_tcm313-176185.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/bose-logo_tcm313-176186.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/mega-menu-iphone-se-desk_tcm313-176867.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/mega-menu-iphone-se-mob-tab_tcm313-177420.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/apple-logo_tcm313-176184.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/samsung-logo_tcm313-176189.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/huawei-logo_tcm313-176187.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/nokia-logo_tcm313-176188.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/bose-logo_tcm313-176186.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/belkin-logo_tcm313-176185.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: http://refund-ebill-etisalat.innovandoenti.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/mega-menu-iphone-se-mob-tab_tcm313-177420.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/fonts/SuisseIntl-SemiBold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/fonts/SuisseIntl-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/fonts/SuisseIntl-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/fonts/SuisseIntl-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/fonts/ge_ss_two_light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/fonts/SuisseIntl-Black.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/saved_resource.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://refund-ebill-etisalat.innovandoenti.com/style/75460.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)

refund-ebill-etisalat.innovandoenti.com Open in urlscan Pro 207.210.229.200 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

9 %HTTPS

0 %IPv6

6 Domains

9 Subdomains

8 IPs

1 Countries

4324 kBTransfer

4322 kBSize

6 Cookies

1 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

refund-ebill-etisalat.innovandoenti.com Open in urlscan Pro
207.210.229.200 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

9 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

8
IPs

1
Countries

4324 kB
Transfer

4322 kB
Size

6
Cookies

56 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!