findep.eu-finance.shop
Open in
urlscan Pro
2606:4700:3035::ac43:965c
Malicious Activity!
Public Scan
Effective URL: https://findep.eu-finance.shop/
Submission: On December 15 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by E1 on November 28th 2022. Valid for: 3 months.
This is the only time findep.eu-finance.shop was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Shell (Extraction)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3031::6815:3fcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 2606:4700:303... 2606:4700:3035::ac43:965c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:809::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2003 | 15169 (GOOGLE) (GOOGLE) | |
30 | 7 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
eu-finance.shop
1 redirects
findep.eu-finance.shop |
611 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28 |
20 KB |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 7952 |
548 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
548 B |
1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 |
1 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47 |
52 KB |
30 | 6 |
Domain | Requested by | |
---|---|---|
25 | findep.eu-finance.shop |
1 redirects
findep.eu-finance.shop
|
2 | www.google-analytics.com |
findep.eu-finance.shop
www.google-analytics.com |
1 | www.google.de |
findep.eu-finance.shop
|
1 | www.google.com |
findep.eu-finance.shop
|
1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
findep.eu-finance.shop
|
30 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.eu-finance.shop E1 |
2022-11-28 - 2023-02-26 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-11-07 - 2023-01-30 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-11-07 - 2023-01-30 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://findep.eu-finance.shop/
Frame ID: A7225C72F0844DF784F13EE5A39B1D03
Requests: 38 HTTP requests in this frame
Screenshot
Page Title
ShellPage URL History Show full URLs
-
http://findep.eu-finance.shop/
HTTP 301
https://findep.eu-finance.shop/ Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Facebook.com
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://findep.eu-finance.shop/
HTTP 301
https://findep.eu-finance.shop/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
findep.eu-finance.shop/ Redirect Chain
|
163 KB 57 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
findep.eu-finance.shop/css/ |
124 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2.css
findep.eu-finance.shop/css/ |
512 B 457 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
findep.eu-finance.shop/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intlTelInput.css
findep.eu-finance.shop/reg-form/ |
27 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form-style.css
findep.eu-finance.shop/css/ |
1 KB 725 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
findep.eu-finance.shop/js/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.webp
findep.eu-finance.shop/images/ |
39 KB 40 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
punkt-1.png
findep.eu-finance.shop/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
punkt-2.png
findep.eu-finance.shop/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
punkt-3.png
findep.eu-finance.shop/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
director1.webp
findep.eu-finance.shop/images/ |
20 KB 21 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
niz1.webp
findep.eu-finance.shop/images/ |
21 KB 21 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
niz2.webp
findep.eu-finance.shop/images/ |
42 KB 42 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
niz3.webp
findep.eu-finance.shop/images/ |
40 KB 41 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pr.png
findep.eu-finance.shop/images/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
reg.min.v2.js
findep.eu-finance.shop/reg-form/ |
71 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
geo.js
findep.eu-finance.shop/ |
144 B 619 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
psl.min.js
findep.eu-finance.shop/js/ |
125 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel.js
findep.eu-finance.shop/ |
1 KB 969 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
135 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
380 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
489.mp4
findep.eu-finance.shop/video/ |
6 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
547 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
552 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
177 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
515 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
242 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOmCnqEu92Fr1Me5Q.ttf
findep.eu-finance.shop/fonts/ |
127 KB 127 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
flags.png
findep.eu-finance.shop/reg-form/ |
64 KB 65 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10857175340/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
195 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/10857175340/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/10857175340/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
intl-tel-input-utils.js
findep.eu-finance.shop/reg-form/ |
216 KB 52 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Shell (Extraction)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery function| gtag object| dataLayer string| GoogleAnalyticsObject function| ga object| FRModalWindow object| FRSender object| _regDefaultFormParams object| _regFormCountryList object| _geo_info object| psl object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| GooglebQhCsO object| intlTelInputUtils7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.findep.eu-finance.shop/ | Name: tr_uuid Value: cbeef9e804451ba6c3ddf09559d1c972 |
|
.findep.eu-finance.shop/ | Name: tr_params Value: |
|
.eu-finance.shop/ | Name: _ga Value: GA1.2.1086926781.1671083702 |
|
.eu-finance.shop/ | Name: _gid Value: GA1.2.825606001.1671083702 |
|
.eu-finance.shop/ | Name: _gat Value: 1 |
|
.eu-finance.shop/ | Name: _gcl_au Value: 1.1.1520573185.1671083702 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
findep.eu-finance.shop
googleads.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
2606:4700:3031::6815:3fcf
2606:4700:3035::ac43:965c
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2002
04474b3ce99ce23d11be847793c020dffd2334bd43cb4ed54a66b8a4c29a044e
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
26b117bd6c452d886cedd50330cd64c36ca2dbdd2acc359edd5368b29f9cb0ec
38025784bedeb5e4cae496b131c85cabbd95ae0b1c0a3c9d9cb474d7262db04b
3ce20fac5992d62d99bb2e5440a409f6feabd34e029b8f229880da83b2cef561
455833710fec302f0de3a73ed5529932269ace8a11d15edf793e921ffb7d9121
4b6784a0d65f4dfdeeaca1fa5a31ded5975952a7ea3ccd6ebd4770b96c6ab383
4bcf3bc519960f582329f3db8067015bae6dcdb888febddf60b6d3133bcd9898
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b1a7a76692e71c1be4dfe64bef3a2aae39484a189c57c381085809fcd89bbc0
5fd4cc369a074feab95cfe8e11ec109671de168cf3f6e52bede9776ce0af754e
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
77272b6e5b5eb80d5cc734b2cbedbfeda45f54706ec3560f73c8af2b593a1e6e
7cb34a8ede3d116ed625beb515e3cd8133e0dc23b6887554691e708d5d39690d
82081484d0e64ba5e5bd67a258866cc916340a8252569d8d11ea601f2707b6a4
82c026124ab5da8e4196fa245980d45aac08d03acc6f67697677f68be0248c68
8a97524a4ec932f3c8a77634a854662a9adf8c710e5578c004a380a8b12550b2
9047ee80be57e6fda46d70dddabe7e30c51a652de251a91d51ecabba829cbf42
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a8796612f4cc8ea76489e6fcafeff6a48050b5e83ea83039daf0e311a6c6e3ec
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bfd5dbb54c9de6644d6d2e7be7aeb2de560f45d1c787d42598d8e1e477a96e5c
c0efcb40cae313f7595519329bf2cca0ae63fc8cfcdc83fc0f736cb9773db28c
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d69498534d4045a31fab1ec1d9fe9b4abbf15462df2cd25697d16db7b62bebce
d6c4ec516a414a206a1214aca744ca49ce6683af4f0d43d16a4df39062d47fec
dc137185bbc63f8e2a19242d6f336256274e5113a503474a4de435b6625fd80d
e294f7580d272f024161c6e5c744278f90d45ee67846f66d4083f7aef61c979e
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d6dbe937bf9cacc00287346c6658240c4c672be7ef64cda734057e90e9b9e7
f6a06db6051ba42a430855f6e8310f96ff74c3d85251bfa1f4b99c4c4ce8a11e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e