urlscan.io logo urlscan.io
SecurityTrails logo

tools.eurolandir.com Open in urlscan Pro
2001:ad0:1000:1000::148  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://tools.eurolandir.com/tools/ticker/scrolling/?companycode=es-boy&v=v2.1&lang=es-es
Submission: On October 10 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 2001:ad0:1000:1000::148, located in Netherlands and belongs to CITIC CITIC Telecom CPC Netherlands B.V., NL. The main domain is tools.eurolandir.com. The Cisco Umbrella rank of the primary domain is 146290.
This is the only time tools.eurolandir.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BBVA (Financial)

Domain & IP information

IP Address AS Autonomous System
12 2001:ad0:1000... 3327 (CITIC CIT...)
12 1
Apex Domain
Subdomains		 Transfer
12 eurolandir.com
tools.eurolandir.com — Cisco Umbrella Rank: 146290
369 KB
12 1
Domain Requested by
12 tools.eurolandir.com tools.eurolandir.com
12 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://tools.eurolandir.com/tools/ticker/scrolling/?companycode=es-boy&v=v2.1&lang=es-es
Frame ID: 1C6312F9D280A03862435BCCCF97EAA5
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Scrolling Ticker

Page Statistics

12
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

369 kB
Transfer

560 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tools.eurolandir.com/tools/ticker/scrolling/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tools.eurolandir.com/tools/ticker/scrolling/?companycode=es-boy&v=v2.1&lang=es-es
Protocol
HTTP/1.1
Server
2001:ad0:1000:1000::148 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
1a825fb1ea476af027fac3ce53a8ba0dfeda8ef05132c3c65666e230ced97dfc
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=57
content-encoding
gzip
content-length
2908
content-type
text/html; charset=utf-8
date
Mon, 10 Oct 2022 06:32:42 GMT
expires
Mon, 10 Oct 2022 06:33:40 GMT
last-modified
Mon, 10 Oct 2022 06:32:40 GMT
vary
*
x-xss-protection
1; mode=block
EurolandToolAutoSizeObject.js
tools.eurolandir.com/tools/common/EurolandIFrameAutoHeight/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tools.eurolandir.com/tools/common/EurolandIFrameAutoHeight/EurolandToolAutoSizeObject.js
Requested by
Host: tools.eurolandir.com
URL: http://tools.eurolandir.com/tools/ticker/scrolling/?companycode=es-boy&v=v2.1&lang=es-es
Protocol
HTTP/1.1
Server
2001:ad0:1000:1000::148 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
313d654df7b404dab5fece0ef3c3b099026154341fb652c2fd10163197d058ca
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tools.eurolandir.com/tools/ticker/scrolling/?companycode=es-boy&v=v2.1&lang=es-es
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 06:32:42 GMT
content-encoding
gzip
last-modified
Mon, 04 Mar 2019 18:13:08 GMT
etag
"c3a83ebb5d2d41:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1479
x-xss-protection
1; mode=block
fading.js
tools.eurolandir.com/tools/ticker/bundles/ 		321 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tools.eurolandir.com/tools/ticker/bundles/fading.js?v=OkTbaHXW9hgim31S86t5GnTPj39Rk1ButjAN13ug0XY1
Requested by
Host: tools.eurolandir.com
URL: http://tools.eurolandir.com/tools/ticker/scrolling/?companycode=es-boy&v=v2.1&lang=es-es
Protocol
HTTP/1.1
Server
2001:ad0:1000:1000::148 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
db71bb0d153dadf4aaf4494c2825ca54cb3391d3598d21b84b41837411ca8ada
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tools.eurolandir.com/tools/ticker/scrolling/?companycode=es-boy&v=v2.1&lang=es-es
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 06:32:42 GMT
content-encoding
gzip
last-modified
Mon, 10 Oct 2022 06:32:43 GMT
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
149089
x-xss-protection
1; mode=block
expires
Tue, 10 Oct 2023 06:32:43 GMT
style_v2.1.css
tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/style_v2.1.css
Requested by
Host: tools.eurolandir.com
URL: http://tools.eurolandir.com/tools/ticker/scrolling/?companycode=es-boy&v=v2.1&lang=es-es
Protocol
HTTP/1.1
Server
2001:ad0:1000:1000::148 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
4d97c014711e438bfe17fa47d80367d9182aa092863a1fa477766c3a0fc38f1d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tools.eurolandir.com/tools/ticker/scrolling/?companycode=es-boy&v=v2.1&lang=es-es
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 06:32:42 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2019 13:11:18 GMT
etag
"01fde97d851d51:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
792
x-xss-protection
1; mode=block
style_v2.1.css
tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/style_v2.1.css
Requested by
Host: tools.eurolandir.com
URL: http://tools.eurolandir.com/tools/ticker/bundles/fading.js?v=OkTbaHXW9hgim31S86t5GnTPj39Rk1ButjAN13ug0XY1
Protocol
HTTP/1.1
Server
2001:ad0:1000:1000::148 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
e0665a2623192d5081fced4295366f388da089b40d10d7721cfda43edf6d5742
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tools.eurolandir.com/tools/ticker/scrolling/?companycode=es-boy&v=v2.1&lang=es-es
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 06:32:43 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2019 13:11:18 GMT
etag
"01fde97d851d51:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
792
x-xss-protection
1; mode=block
/
tools.eurolandir.com/tools/ticker/Scrolling/GetInstrumentData/ 		210 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://tools.eurolandir.com/tools/ticker/Scrolling/GetInstrumentData/?sid=0.41801862170221593&instrumentID=107821&lang=es-ES&decimalMarket=%2C&thousandGroupMarker=.&timeZone=Romance%20Standard%20Time&defaultNumberFormat=%23%2C%23%230&companycode=es-boy&getCleanData=false&v=v2.1
Requested by
Host: tools.eurolandir.com
URL: http://tools.eurolandir.com/tools/ticker/bundles/fading.js?v=OkTbaHXW9hgim31S86t5GnTPj39Rk1ButjAN13ug0XY1
Protocol
HTTP/1.1
Server
2001:ad0:1000:1000::148 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
e0fbffe6d47bb08ed1f065c04fdc76c20a581c979af9e4a61347afa13c319fb3
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tools.eurolandir.com/tools/ticker/scrolling/?companycode=es-boy&v=v2.1&lang=es-es
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 06:32:42 GMT
content-encoding
gzip
last-modified
Mon, 10 Oct 2022 06:32:39 GMT
vary
*
content-type
text/html; charset=utf-8
cache-control
public, max-age=26
content-length
250
x-xss-protection
1; mode=block
expires
Mon, 10 Oct 2022 06:33:09 GMT
/
tools.eurolandir.com/tools/ticker/Scrolling/GetInstrumentData/ 		212 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://tools.eurolandir.com/tools/ticker/Scrolling/GetInstrumentData/?sid=0.3009475520884297&instrumentID=17684&lang=es-ES&decimalMarket=%2C&thousandGroupMarker=.&timeZone=Romance%20Standard%20Time&defaultNumberFormat=%23%2C%23%230&companycode=es-boy&getCleanData=false&v=v2.1
Requested by
Host: tools.eurolandir.com
URL: http://tools.eurolandir.com/tools/ticker/bundles/fading.js?v=OkTbaHXW9hgim31S86t5GnTPj39Rk1ButjAN13ug0XY1
Protocol
HTTP/1.1
Server
2001:ad0:1000:1000::148 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
685edd6e2ed1fd02199105ee5cb28a2e4be4426a2d570cb31a5a2b4e33c3a0fc
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tools.eurolandir.com/tools/ticker/scrolling/?companycode=es-boy&v=v2.1&lang=es-es
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 06:32:43 GMT
content-encoding
gzip
last-modified
Mon, 10 Oct 2022 06:32:20 GMT
vary
*
content-type
text/html; charset=utf-8
cache-control
public, max-age=7
content-length
255
x-xss-protection
1; mode=block
expires
Mon, 10 Oct 2022 06:32:50 GMT
/
tools.eurolandir.com/tools/ticker/Scrolling/GetInstrumentData/ 		212 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://tools.eurolandir.com/tools/ticker/Scrolling/GetInstrumentData/?sid=0.09882762994213423&instrumentID=60127&lang=es-ES&decimalMarket=%2C&thousandGroupMarker=.&timeZone=Romance%20Standard%20Time&defaultNumberFormat=%23%2C%23%230&companycode=es-boy&getCleanData=false&v=v2.1
Requested by
Host: tools.eurolandir.com
URL: http://tools.eurolandir.com/tools/ticker/bundles/fading.js?v=OkTbaHXW9hgim31S86t5GnTPj39Rk1ButjAN13ug0XY1
Protocol
HTTP/1.1
Server
2001:ad0:1000:1000::148 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
0d681a28b1c3f5fd2a4f6a2ee0dfe666f68f65e6661e261eff92d742706d1420
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tools.eurolandir.com/tools/ticker/scrolling/?companycode=es-boy&v=v2.1&lang=es-es
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 06:32:42 GMT
content-encoding
gzip
last-modified
Mon, 10 Oct 2022 06:32:34 GMT
vary
*
content-type
text/html; charset=utf-8
cache-control
public, max-age=20
content-length
255
x-xss-protection
1; mode=block
expires
Mon, 10 Oct 2022 06:33:04 GMT
BentonSansBBVA-Medium.woff
tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/fonts/ 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/fonts/BentonSansBBVA-Medium.woff
Requested by
Host: tools.eurolandir.com
URL: http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/style_v2.1.css
Protocol
HTTP/1.1
Server
2001:ad0:1000:1000::148 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
7af3360fe39c201b1ccbe7a726a5d3c2f0253add6616b71176f0d9e7c849a732
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/style_v2.1.css
Origin
http://tools.eurolandir.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 06:32:43 GMT
last-modified
Wed, 08 Feb 2017 11:01:01 GMT
etag
"c63ba5a2fa81d21:0"
content-type
font/x-woff
cache-control
max-age=31536000
accept-ranges
bytes
content-length
72684
x-xss-protection
1; mode=block
BentonSansBBVA-Book.woff
tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/fonts/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/fonts/BentonSansBBVA-Book.woff
Requested by
Host: tools.eurolandir.com
URL: http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/style_v2.1.css
Protocol
HTTP/1.1
Server
2001:ad0:1000:1000::148 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
faef4c0bda0c3c95f57f42c990d7623eedb0d7f8174a6640ff4114f1091217ec
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/style_v2.1.css
Origin
http://tools.eurolandir.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 06:32:43 GMT
last-modified
Wed, 08 Feb 2017 11:00:45 GMT
etag
"bff0c998fa81d21:0"
content-type
font/x-woff
cache-control
max-age=31536000
accept-ranges
bytes
content-length
70412
x-xss-protection
1; mode=block
BentonSansBBVA-Bold.woff
tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/fonts/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/fonts/BentonSansBBVA-Bold.woff
Requested by
Host: tools.eurolandir.com
URL: http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/style_v2.1.css
Protocol
HTTP/1.1
Server
2001:ad0:1000:1000::148 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
26132e59577d145981dd192fd7a8822a8cfb6e35cb82eb334a74013f08dfe4b1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/style_v2.1.css
Origin
http://tools.eurolandir.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 06:32:42 GMT
last-modified
Wed, 08 Feb 2017 11:00:40 GMT
etag
"822d2196fa81d21:0"
content-type
font/x-woff
cache-control
max-age=31536000
accept-ranges
bytes
content-length
73720
x-xss-protection
1; mode=block
down.svg
tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/down.svg
Requested by
Host: tools.eurolandir.com
URL: http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/style_v2.1.css
Protocol
HTTP/1.1
Server
2001:ad0:1000:1000::148 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
a0ac03733088fe3058328aec07fd38b28c736919695017592c4629da66f0fb39
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/es-boy/style_v2.1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 06:32:43 GMT
content-encoding
gzip
last-modified
Fri, 24 Mar 2017 15:24:52 GMT
etag
"07a5fc8b2a4d21:0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1619
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BBVA (Financial)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| EurolandToolAutoSizeObject boolean| True boolean| False object| Page function| CurrencyRateObject object| Utility function| GraphObject function| GraphObjectTooltipObject object| Sys object| Graphics object| ScrollingTickerInstrumentsSetArr function| ScrollingTickerInstrumentObject function| ScrollingTickerFaderObject function| $ function| jQuery object| Highcharts object| HighchartsAdapter object| scroller function| load function| getApplicationBase string| strApplicationBase function| sysLoad

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block