www.signin.username-id-view.718271.shop Open in urlscan Pro
194.33.40.58  Malicious Activity! Public Scan

URL: https://www.signin.username-id-view.718271.shop/
Submission: On November 02 via automatic, source certstream-suspicious

Summary

This website contacted 8 IPs in 3 countries across 3 domains to perform 21 HTTP transactions. The main IP is 194.33.40.58, located in Chisinau, Moldova and belongs to AMPLICA, MD. The main domain is www.signin.username-id-view.718271.shop.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 2nd 2020. Valid for: 3 months.
This is the only time www.signin.username-id-view.718271.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

IP Address AS Autonomous System
2 194.33.40.58 206698 (AMPLICA)
1 54.192.206.32 16509 (AMAZON-02)
7 2.21.38.12 20940 (AKAMAI-ASN1)
1 2 13.226.132.67 16509 (AMAZON-02)
2 34.197.14.79 14618 (AMAZON-AES)
1 54.91.24.155 14618 (AMAZON-AES)
5 18.213.255.128 14618 (AMAZON-AES)
21 8
Domain Requested by
7 ir.ebaystatic.com www.signin.username-id-view.718271.shop
ir.ebaystatic.com
5 cdn0.forter.com adf0901f1861.cdn4.forter.com
2 cdn3.forter.com adf0901f1861.cdn4.forter.com
2 cdn9.forter.com 1 redirects
2 www.signin.username-id-view.718271.shop www.signin.username-id-view.718271.shop
1 fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com adf0901f1861.cdn4.forter.com
1 adf0901f1861.cdn4.forter.com www.signin.username-id-view.718271.shop
21 7

This site contains no links.

Subject Issuer Validity Valid
signin.username-id-view.718271.shop
Let's Encrypt Authority X3
2020-11-02 -
2021-01-31
3 months crt.sh
*.cdn4.forter.com
DigiCert SHA2 Secure Server CA
2020-09-20 -
2020-11-29
2 months crt.sh
www.ebay.com
DigiCert SHA2 Secure Server CA
2020-08-05 -
2021-08-06
a year crt.sh
cdn9.forter.com
Amazon
2020-05-27 -
2021-06-27
a year crt.sh
cdn3.forter.com
DigiCert SHA2 Secure Server CA
2019-03-24 -
2021-06-16
2 years crt.sh
*.cdn.forter.com
DigiCert SHA2 Secure Server CA
2020-09-18 -
2021-07-07
10 months crt.sh
cdn0.forter.com
DigiCert SHA2 Secure Server CA
2020-09-20 -
2021-06-13
9 months crt.sh

This page contains 1 frames:

Primary Page: https://www.signin.username-id-view.718271.shop/
Frame ID: 21B818FCE813F1352EB682164A256C78
Requests: 21 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

7
Subdomains

8
IPs

3
Countries

134 kB
Transfer

302 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://cdn9.forter.com/vchk2 HTTP 301
  • https://cdn9.forter.com/vchk2/v1/28ed58c86d4a2d783926ba1f18fb06bea1b2970a7c8e4f64eae5635ce9c3c746ac7f4bce671454e5dff04ad0a677

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.signin.username-id-view.718271.shop/
7 KB
3 KB
Document
General
Full URL
https://www.signin.username-id-view.718271.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.33.40.58 Chisinau, Moldova, ASN206698 (AMPLICA, MD),
Reverse DNS
web4.amplica.net
Software
nginx /
Resource Hash
6959429601a982f994b92298c1a9dd5009be8d941601163f38935651ee9b8051

Request headers

:method
GET
:authority
www.signin.username-id-view.718271.shop
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Mon, 02 Nov 2020 15:56:42 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=b1a93262b6da97e294734265f88d500a; path=/
content-encoding
gzip
script.js
adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/
147 KB
55 KB
Script
General
Full URL
https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Requested by
Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.206.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-206-32.ham50.r.cloudfront.net
Software
/
Resource Hash
68fbd12d8185c9a5c91c1c45969143006741882d43e40ef0f76e4a292b2c5bea
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Origin
https://www.signin.username-id-view.718271.shop
Referer
https://www.signin.username-id-view.718271.shop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 03:55:32 GMT
content-encoding
gzip
vary
Accept-Encoding
age
5486471
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Mon, 31 Aug 2020 03:55:32 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript; charset=utf-8
via
1.1 dad44092e95c7e3e18abc391b2ada473.cloudfront.net (CloudFront)
cache-control
private, max-age=300
x-amz-cf-pop
HAM50-C3
timing-allow-origin
*
x-amz-cf-id
W0hOyEvEe7YCEo90zKY8XbzDNoxErkQiW-ZaeKQIaZJnt_alzjosxA==
expires
Mon, 31 Aug 2020 04:00:32 GMT
34wtddjp0q1v1dtu2elv5jwg4yf.css
ir.ebaystatic.com/rs/v/
4 KB
2 KB
Stylesheet
General
Full URL
https://ir.ebaystatic.com/rs/v/34wtddjp0q1v1dtu2elv5jwg4yf.css?proc=DU:N
Requested by
Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-12.deploy.static.akamaitechnologies.com
Software
ebay server /
Resource Hash
ddd6e288270268de6b427fb4760e0d1384fff8e72a643faa642d4f51203b0efe

Request headers

Referer
https://www.signin.username-id-view.718271.shop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:56:43 GMT
content-encoding
gzip
x-cache-lookup
HIT from rnoincludecache-970415:80
status
200
x-ebay-c-version
1.0.0
content-length
1724
pragma
no-cache
last-modified
Wed, 08 May 2019 00:47:47 GMT
server
ebay server
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dqkiufvuq%60%28%3F63176-16cc4877c4d-0xc3
x-ebay-request-id
16cc4877-c4d0-ad31-91e5-b1b0ffe79429![
access-control-allow-headers
*
expires
Tue, 02 Nov 2021 15:56:43 GMT
signin-render-ZiemCn4H.css
ir.ebaystatic.com/rs/c/
74 KB
13 KB
Stylesheet
General
Full URL
https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
Requested by
Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-12.deploy.static.akamaitechnologies.com
Software
ebay server /
Resource Hash
eea65d451b778cad24f1eb8ed2c80baaa6fe6b135c33e06bd4f331644e7581f5

Request headers

Referer
https://www.signin.username-id-view.718271.shop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:56:43 GMT
content-encoding
gzip
x-cache-lookup
HIT from include-cache-2:80
status
200
x-ebay-c-version
1.0.0
content-length
12601
last-modified
Tue, 13 Oct 2020 21:27:23 GMT
server
ebay server
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dosuufvuq%60%28em5o3*w%60ut355%3F-1752a3f0a63-0xd8
access-control-allow-headers
*
expires
Tue, 02 Nov 2021 15:56:43 GMT
nkfytkqtoxtljvzb.js
www.signin.username-id-view.718271.shop/
0
0
Script
General
Full URL
https://www.signin.username-id-view.718271.shop/nkfytkqtoxtljvzb.js
Requested by
Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.33.40.58 Chisinau, Moldova, ASN206698 (AMPLICA, MD),
Reverse DNS
web4.amplica.net
Software
nginx /
Resource Hash

Request headers

Referer
https://www.signin.username-id-view.718271.shop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Mon, 02 Nov 2020 15:56:43 GMT
server
nginx
content-length
315
content-type
text/html; charset=iso-8859-1
fxxj3ttftm5ltcqnto1o4baovyl.png
ir.ebaystatic.com/rs/v/
5 KB
5 KB
Image
General
Full URL
https://ir.ebaystatic.com/rs/v/fxxj3ttftm5ltcqnto1o4baovyl.png
Requested by
Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-12.deploy.static.akamaitechnologies.com
Software
ebay server /
Resource Hash
5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0

Request headers

Referer
https://www.signin.username-id-view.718271.shop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:56:43 GMT
x-cache-lookup
HIT from rnoincludecache-970418:80
status
200
x-ebay-c-version
1.0.0
content-length
4820
last-modified
Wed, 29 Oct 2014 18:09:24 GMT
server
ebay server
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dosuufvuq%60%2856364%3E7-16a29803452-0xd6
x-ebay-request-id
16a29803-4520-a866-c486-725fff04e1c7![]
access-control-allow-headers
*
warning
113 rnoincludecache-970418 (squid) This cache hit is still fresh and more than 1 day old
expires
Tue, 02 Nov 2021 15:56:43 GMT
truncated
/
0
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
MarketSans-SemiBold-WebS.woff2
ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/
22 KB
22 KB
Font
General
Full URL
https://ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/MarketSans-SemiBold-WebS.woff2
Requested by
Host: ir.ebaystatic.com
URL: https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-12.deploy.static.akamaitechnologies.com
Software
ebay server /
Resource Hash
d1de97533f8c973f9eb1162098eee749715f058edb650efd69e9d6ac62b056b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.signin.username-id-view.718271.shop
Referer
https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-lookup
MISS from rnoincludecache-970415:80
status
200
content-length
22468
x-xss-protection
1; mode=block
server
ebay server
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60uebwh%3D9iptq%60uebwh*75621%3D4-171a5131512-0xc7
access-control-allow-headers
*
expires
Wed, 27 Oct 2021 07:18:16 GMT
sgninui-src-static-images-FB-f-Logo__white_29-Nm8L0bDZ.png
ir.ebaystatic.com/rs/c/
1 KB
2 KB
Image
General
Full URL
https://ir.ebaystatic.com/rs/c/sgninui-src-static-images-FB-f-Logo__white_29-Nm8L0bDZ.png
Requested by
Host: ir.ebaystatic.com
URL: https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-12.deploy.static.akamaitechnologies.com
Software
ebay server /
Resource Hash
53c410f2864972705c250f8c95f111e583c15f6efce891dae6f902c3490d97bf

Request headers

Referer
https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:56:43 GMT
x-cache-lookup
HIT from lvsincludecache-2522846:80
status
200
x-ebay-c-version
1.0.0
content-length
1201
last-modified
Tue, 24 Jul 2018 23:37:11 GMT
server
ebay server
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dosuufvuq%60%284%3F31516-166c7282978-0xb8
x-ebay-request-id
166c7282-9780-aa66-84e0-84abffc26d44![]
access-control-allow-headers
*
warning
113 lvsincludecache-2522846 (squid) This cache hit is still fresh and more than 1 day old
expires
Tue, 02 Nov 2021 15:56:43 GMT
sgninui-src-static-images-google-logo-icon-PNG-Transparent-Background-Z_TFsqo3.png
ir.ebaystatic.com/rs/c/
7 KB
7 KB
Image
General
Full URL
https://ir.ebaystatic.com/rs/c/sgninui-src-static-images-google-logo-icon-PNG-Transparent-Background-Z_TFsqo3.png
Requested by
Host: ir.ebaystatic.com
URL: https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-12.deploy.static.akamaitechnologies.com
Software
ebay server /
Resource Hash
56fbf97dc6629d06d83590f3c759381dacd1f6dfcd0f8af956ca3ab15b10e699

Request headers

Referer
https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:56:43 GMT
x-cache-lookup
HIT from lvsincludecache-2522846:80
status
200
x-ebay-c-version
1.0.0
content-length
6886
last-modified
Tue, 18 Sep 2018 21:23:43 GMT
server
ebay server
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dosuufvuq%60%284245773-166c727fdf6-0xb9
x-ebay-request-id
166c727f-df60-aa14-2882-0c76ff841291![]
access-control-allow-headers
*
warning
113 lvsincludecache-2522846 (squid) This cache hit is still fresh and more than 1 day old
expires
Tue, 02 Nov 2021 15:56:43 GMT
MarketSans-Regular-WebS.woff2
ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/
22 KB
22 KB
Font
General
Full URL
https://ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/MarketSans-Regular-WebS.woff2
Requested by
Host: ir.ebaystatic.com
URL: https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-12.deploy.static.akamaitechnologies.com
Software
ebay server /
Resource Hash
75dceb1952ced6dab35cf68d3b6bf2f3d2ee9dd7b799ef2b5efb39323d093cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.signin.username-id-view.718271.shop
Referer
https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-lookup
HIT from slcincludecache-3642931:80
status
200
content-length
22156
x-xss-protection
1; mode=block
server
ebay server
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60uebwh%3D9vjdq%60uebwh*0400%3B40%29pqtfwpu%29pie%29fgg%7E-fij-171a7aa80b9-0xbb
access-control-allow-headers
*
expires
Wed, 27 Oct 2021 07:18:16 GMT
70838565-0325-41dc-b723-acff57898fe5
https://www.signin.username-id-view.718271.shop/
3 KB
0
Other
General
Full URL
blob:https://www.signin.username-id-view.718271.shop/70838565-0325-41dc-b723-acff57898fe5
Requested by
Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddc0e53a53a7f1a3717a228192f7b0215b0b1c383331551387c73e81f68de8e6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
2584
Content-Type
application/javascript
413d623e-db13-4501-b5eb-4fbd3cf27f40
https://www.signin.username-id-view.718271.shop/
11 KB
0
Other
General
Full URL
blob:https://www.signin.username-id-view.718271.shop/413d623e-db13-4501-b5eb-4fbd3cf27f40
Requested by
Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
638b922afaf698954d85e00518fec3d3907c8fb405bfe6f4978ea49b24d9ffce

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
11399
Content-Type
application/javascript
28ed58c86d4a2d783926ba1f18fb06bea1b2970a7c8e4f64eae5635ce9c3c746ac7f4bce671454e5dff04ad0a677
cdn9.forter.com/vchk2/v1/
Redirect Chain
  • https://cdn9.forter.com/vchk2
  • https://cdn9.forter.com/vchk2/v1/28ed58c86d4a2d783926ba1f18fb06bea1b2970a7c8e4f64eae5635ce9c3c746ac7f4bce671454e5dff04ad0a677
0
284 B
XHR
General
Full URL
https://cdn9.forter.com/vchk2/v1/28ed58c86d4a2d783926ba1f18fb06bea1b2970a7c8e4f64eae5635ce9c3c746ac7f4bce671454e5dff04ad0a677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.67 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-67.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.signin.username-id-view.718271.shop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:56:43 GMT
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
status
200
timing-allow-origin
*
access-control-allow-origin
*
x-amz-cf-id
ufuhFF1-IJtbgIvAI-eWQlIWLb2vg8CO5mFF0jZ1cT-17wR9gAxfCA==

Redirect headers

date
Mon, 02 Nov 2020 15:56:43 GMT
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
status
301
location
https://cdn9.forter.com/vchk2/v1/28ed58c86d4a2d783926ba1f18fb06bea1b2970a7c8e4f64eae5635ce9c3c746ac7f4bce671454e5dff04ad0a677
x-cache
Miss from cloudfront
access-control-allow-origin
*
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
x-amz-cf-id
z2G02THNy3mdEsEQuKQJOuopcr36ZGszvNGWtdh5tw93KzI_1RrJhw==
events
cdn3.forter.com/
0
258 B
Other
General
Full URL
https://cdn3.forter.com/events
Requested by
Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.14.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-14-79.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.signin.username-id-view.718271.shop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:56:43 GMT
status
200
vary
Origin
access-control-allow-origin
https://www.signin.username-id-view.718271.shop
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
expires
-1
prop.json
fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com/
2 B
647 B
Other
General
Full URL
https://fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com/prop.json
Requested by
Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.91.24.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-24-155.compute-1.amazonaws.com
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.signin.username-id-view.718271.shop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 02 Nov 2020 15:56:43 GMT
Connection
close
Content-Length
2
Pragma
no-cache
Last-Modified
Mon, 02 Nov 2020 12:05:40 GMT
Server
Apache
ETag
"2-5b31e909f44e2"
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.signin.username-id-view.718271.shop
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type, x-csrf-token
Expires
Wed, 11 Jan 1984 05:00:00 GMT
prop.json
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/
20 B
383 B
XHR
General
Full URL
https://cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/prop.json?_=1604332604335
Requested by
Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-255-128.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.signin.username-id-view.718271.shop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:56:44 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.signin.username-id-view.718271.shop
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Expires
-1
prop.json
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/
20 B
383 B
XHR
General
Full URL
https://cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/prop.json?_=1604332604882
Requested by
Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-255-128.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.signin.username-id-view.718271.shop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:56:44 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.signin.username-id-view.718271.shop
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Expires
-1
prop.json
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/
20 B
383 B
XHR
General
Full URL
https://cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/prop.json?_=1604332605161
Requested by
Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-255-128.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.signin.username-id-view.718271.shop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:56:45 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.signin.username-id-view.718271.shop
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Expires
-1
wpt.json
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/
0
0
Other
General
Full URL
https://cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/wpt.json
Protocol
HTTP/1.1
Server
18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-255-128.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.signin.username-id-view.718271.shop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Vary
Access-Control-Request-Headers
Access-Control-Allow-Headers
content-type
Content-Length
0
Date
Mon, 02 Nov 2020 15:56:45 GMT
Connection
keep-alive
wpt.json
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/
20 B
440 B
XHR
General
Full URL
https://cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/wpt.json
Requested by
Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-255-128.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.signin.username-id-view.718271.shop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:56:45 GMT
ETag
W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.signin.username-id-view.718271.shop
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
20
Expires
-1
events
cdn3.forter.com/
0
257 B
Other
General
Full URL
https://cdn3.forter.com/events
Requested by
Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.14.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-14-79.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.signin.username-id-view.718271.shop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:56:51 GMT
status
200
vary
Origin
access-control-allow-origin
https://www.signin.username-id-view.718271.shop
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
strict-transport-security
max-age=86400; includeSubDomains
timing-allow-origin
*
expires
-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes number| $ssgST object| ftr__ext object| ftr__bufferW function| ftr__ object| ftr__scriptLoadOptions object| ftr__JSON3

3 Cookies

Domain/Path Name / Value
.signin.username-id-view.718271.shop/ Name: ftr_ncd
Value: 6
.signin.username-id-view.718271.shop/ Name: forterToken
Value: fb2ca01342854e01a191b691b323f75b___UDF43_
www.signin.username-id-view.718271.shop/ Name: PHPSESSID
Value: b1a93262b6da97e294734265f88d500a