www.ilgiuncobb.com Open in urlscan Pro
31.11.33.34 Malicious Activity! Public Scan

URL:
http://www.ilgiuncobb.com/dsgvo/
Submission: On July 05 via api (July 5th 2020, 3:05:27 am UTC) from TW

Summary HTTP 58 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 6 domains to perform 58 HTTP transactions. The main IP is 31.11.33.34, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is www.ilgiuncobb.com.

This is the only time www.ilgiuncobb.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
1 36	31.11.33.34 31.11.33.34	31034 (ARUBA-ASN) (ARUBA-ASN)
5	2.18.234.244 2.18.234.244	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.8.10.104 23.8.10.104	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
1	66.135.201.59 66.135.201.59	11643 (EBAY) (EBAY)
2	91.235.133.71 91.235.133.71	30286 (THM) (THM)
1	13.224.102.43 13.224.102.43	16509 (AMAZON-02) (AMAZON-02)
3	34.197.170.114 34.197.170.114	14618 (AMAZON-AES) (AMAZON-AES)
1 2	13.224.102.46 13.224.102.46	16509 (AMAZON-02) (AMAZON-02)
1	54.91.24.155 54.91.24.155	14618 (AMAZON-AES) (AMAZON-AES)
4	18.213.255.128 18.213.255.128	14618 (AMAZON-AES) (AMAZON-AES)
58	12

36 31.11.33.34 (Arezzo, Italy) 1 redirects

ASN31034 (ARUBA-ASN, IT)

www.ilgiuncobb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.244 (Ascension Island)

ASN16625 (AKAMAI-AS, US)

ir.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.8.10.104 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.135.201.59 (United States)

ASN11643 (EBAY, US)

srv.de.ebayrtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.133.71 (Netherlands)

ASN30286 (THM, US)

src.ebay-us.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)

adf0901f1861.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.197.170.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.102.46 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.24.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

24728cab2425473dbf19e3d5ba24b246-adf0901f1861.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.213.255.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	ilgiuncobb.com 1 redirects www.ilgiuncobb.com	144 KB
11	forter.com 1 redirects adf0901f1861.cdn4.forter.com cdn3.forter.com cdn9.forter.com 24728cab2425473dbf19e3d5ba24b246-adf0901f1861.cdn.forter.com cdn0.forter.com	58 KB
5	ebaystatic.com ir.ebaystatic.com	55 KB
4	paypal.com 1 redirects c.paypal.com b.stats.paypal.com dub.stats.paypal.com	18 KB
2	ebay-us.com src.ebay-us.com
1	ebayrtm.com srv.de.ebayrtm.com	373 B
58	6

	Domain	Requested by
36	www.ilgiuncobb.com	1 redirects www.ilgiuncobb.com
5	ir.ebaystatic.com	www.ilgiuncobb.com
4	cdn0.forter.com
3	cdn3.forter.com
2	cdn9.forter.com	1 redirects
2	src.ebay-us.com	www.ilgiuncobb.com
2	c.paypal.com	www.ilgiuncobb.com c.paypal.com
1	24728cab2425473dbf19e3d5ba24b246-adf0901f1861.cdn.forter.com
1	adf0901f1861.cdn4.forter.com	www.ilgiuncobb.com
1	srv.de.ebayrtm.com	www.ilgiuncobb.com
1	dub.stats.paypal.com	www.ilgiuncobb.com
1	b.stats.paypal.com	1 redirects
58	12

This site contains links to these domains. Also see Links.

Domain
signin.ebay.de
www.ebay.de
reg.ebay.de
pages.ebay.de
trustsealinfo.websecurity.norton.com

Subject Issuer	Validity	Valid
www.ebay.com DigiCert SHA2 Secure Server CA	`2019-07-17` - `2020-08-18`	a year	crt.sh
c.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-13`	2 years	crt.sh
b.stats.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-03-13` - `2022-06-03`	2 years	crt.sh
srv.ebayrtm.com Sectigo RSA Organization Validation Secure Server CA	`2020-03-02` - `2021-03-02`	a year	crt.sh
src.ebay-us.com DigiCert SHA2 Secure Server CA	`2019-08-21` - `2020-09-05`	a year	crt.sh
*.cdn4.forter.com DigiCert SHA2 Secure Server CA	`2018-08-27` - `2020-10-27`	2 years	crt.sh
cdn3.forter.com DigiCert SHA2 Secure Server CA	`2019-03-24` - `2021-06-16`	2 years	crt.sh
cdn9.forter.com Amazon	`2020-05-27` - `2021-06-27`	a year	crt.sh
*.cdn.forter.com DigiCert SHA2 Secure Server CA	`2020-06-10` - `2021-07-07`	a year	crt.sh
cdn0.forter.com DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-05-14`	2 years	crt.sh

This page contains 8 frames:

Primary Page: http://www.ilgiuncobb.com/dsgvo/
Frame ID: 53D67D50360A668AE6ABB8A99C367779
Requests: 38 HTTP requests in this frame

Frame: https://c.paypal.com/da/r/efb.js
Frame ID: 57329ED2C8182942AA3265688C3F710A
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/efb.js
Frame ID: 9E2ABA47BB154E833B9BDE46853BF992
Requests: 1 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0yMWMxMjAyZjE3MTBhOTliZWQyNzg0NWVmZmYyMDQ0YSZpPTE0LjE2Mi4yMDUuMTUxJnQ9MTU4NTQwOTI1NDgzNCZhPTIwAQdU1NK207GjgsqNqbYl_qlOPrI=
Frame ID: 94A7842517579FB0DCC98AB41A068805
Requests: 1 HTTP requests in this frame

Frame: https://srv.de.ebayrtm.com/rtm?RtmGetCapJs&p=18&rqid=21c165bf1710aa664f1aa461ffffffff&cb=parent.window.updateRtmField
Frame ID: FD021B8BFB77BE45D722689C3BD5133F
Requests: 1 HTTP requests in this frame

Frame: http://www.ilgiuncobb.com/dsgvo/Einloggen%20oder%20neu%20anmelden%20_%20eBay_files/t_n.html
Frame ID: 84995E782B68E23B8778776C9361A60F
Requests: 15 HTTP requests in this frame

Frame: http://www.ilgiuncobb.com/dsgvo/Einloggen%20oder%20neu%20anmelden%20_%20eBay_files/sid_fp.html
Frame ID: 5CC4D4ED6EE9D3C9BC7DF8A98ECEAFA0
Requests: 2 HTTP requests in this frame

Frame: http://www.ilgiuncobb.com/dsgvo/Einloggen%20oder%20neu%20anmelden%20_%20eBay_files/top_fp.html
Frame ID: D0202398F918BCF39ED5A42F2FA87352
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.ilgiuncobb.com/dsgvo HTTP 301
http://www.ilgiuncobb.com/dsgvo/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

58
Requests

36 %
HTTPS

0 %
IPv6

6
Domains

12
Subdomains

12
IPs

4
Countries

274 kB
Transfer

739 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://signin.ebay.de/ws/eBayISAPI.dll?SignIn&UsingSSL=1&siteid=77&co_partnerId=2&pageType=2060353&ru=https%3A%2F%2Fwww.ebay.de%2Fmyb%2FSummary#mainContent
Title: Hauptinhalt anzeigen

Search URL Search Domain Scan URL

URL: https://www.ebay.de/

Search URL Search Domain Scan URL

URL: https://reg.ebay.de/reg/PartialReg?siteid=77&co_partnerId=0&UsingSSL=1&rv4=1&pageType=2060353&ru=https%3A%2F%2Fwww.ebay.de%2Fmyb%2FSummary&signInUrl=https%3A%2F%2Fwww.ebay.de%2Fsignin%3Fsgn%3Dreg%26siteid%3D77%26co_partnerId%3D0%26UsingSSL%3D1%26rv4%3D1%26pageType%3D2060353%26ru%3Dhttps%253A%252F%252Fwww.ebay.de%252Fmyb%252FSummary
Title: Konto erstellen

Search URL Search Domain Scan URL

URL: https://signin.ebay.de/ws/eBayISAPI.dll?SignIn&UsingSSL=1&siteid=77&co_partnerId=2&pageType=2060353&ru=https%3A%2F%2Fwww.ebay.de%2Fmyb%2FSummary
Title: Vorl�ufiges Passwort per SMS

Search URL Search Domain Scan URL

URL: https://pages.ebay.de/help/policies/user-agreement.html
Title: eBay-AGB

Search URL Search Domain Scan URL

URL: https://pages.ebay.de/help/policies/privacy-policy.html
Title: Datenschutzerkl�rung

Search URL Search Domain Scan URL

URL: https://pages.ebay.de/help/account/cookies-web-beacons.html
Title: Cookies

Search URL Search Domain Scan URL

URL: https://www.ebay.de/adchoice
Title: AdChoice

Search URL Search Domain Scan URL

URL: https://trustsealinfo.websecurity.norton.com/splash?form_file=fdf/splash.fdf&dn=www.ebay.de&lang=de
Title: Norton Secured - powered by Verisign

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ilgiuncobb.com/dsgvo HTTP 301
http://www.ilgiuncobb.com/dsgvo/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://b.stats.paypal.com/v1/counter.cgi?r=cD0yMWMxMjAyZjE3MTBhOTliZWQyNzg0NWVmZmYyMDQ0YSZpPTE0LjE2Mi4yMDUuMTUxJnQ9MTU4NTQwOTI1NDgzNCZhPTIwAQdU1NK207GjgsqNqbYl_qlOPrI= HTTP 302
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0yMWMxMjAyZjE3MTBhOTliZWQyNzg0NWVmZmYyMDQ0YSZpPTE0LjE2Mi4yMDUuMTUxJnQ9MTU4NTQwOTI1NDgzNCZhPTIwAQdU1NK207GjgsqNqbYl_qlOPrI=

Request Chain 51

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/7cbb5d9934197d293f20b01f18a905eba2e59f027b8b1260eab7635bedc6c612ac7f48c7601e56efdaf149dca677

58 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.ilgiuncobb.com/dsgvo/
Redirect Chain

http://www.ilgiuncobb.com/dsgvo
http://www.ilgiuncobb.com/dsgvo/

203 KB
65 KB

67ms
67ms

Document
text/html

31.11.33.34
ARUBA-ASN

General

www.ilgiuncobb.com Open in urlscan Pro 31.11.33.34 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

36 %HTTPS

0 %IPv6

6 Domains

12 Subdomains

12 IPs

4 Countries

274 kBTransfer

739 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.ilgiuncobb.com Open in urlscan Pro
31.11.33.34 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

36 %
HTTPS

0 %
IPv6

6
Domains

12
Subdomains

12
IPs

4
Countries

274 kB
Transfer

739 kB
Size

0
Cookies

58 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!