www.signin.username-id-view.718271.shop
Open in
urlscan Pro
194.33.40.58
Malicious Activity!
Public Scan
Submission: On November 02 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 2nd 2020. Valid for: 3 months.
This is the only time www.signin.username-id-view.718271.shop was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: eBay (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 194.33.40.58 194.33.40.58 | 206698 (AMPLICA) (AMPLICA) | |
1 | 54.192.206.32 54.192.206.32 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 2.21.38.12 2.21.38.12 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 2 | 13.226.132.67 13.226.132.67 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 34.197.14.79 34.197.14.79 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 54.91.24.155 54.91.24.155 | 14618 (AMAZON-AES) (AMAZON-AES) | |
5 | 18.213.255.128 18.213.255.128 | 14618 (AMAZON-AES) (AMAZON-AES) | |
21 | 8 |
ASN206698 (AMPLICA, MD)
PTR: web4.amplica.net
www.signin.username-id-view.718271.shop |
ASN16509 (AMAZON-02, US)
PTR: server-54-192-206-32.ham50.r.cloudfront.net
adf0901f1861.cdn4.forter.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-38-12.deploy.static.akamaitechnologies.com
ir.ebaystatic.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-67.dus51.r.cloudfront.net
cdn9.forter.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-14-79.compute-1.amazonaws.com
cdn3.forter.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-24-155.compute-1.amazonaws.com
fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-255-128.compute-1.amazonaws.com
cdn0.forter.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
forter.com
1 redirects
adf0901f1861.cdn4.forter.com cdn9.forter.com cdn3.forter.com fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com cdn0.forter.com |
58 KB |
7 |
ebaystatic.com
ir.ebaystatic.com |
73 KB |
2 |
718271.shop
www.signin.username-id-view.718271.shop |
3 KB |
21 | 3 |
Domain | Requested by | |
---|---|---|
7 | ir.ebaystatic.com |
www.signin.username-id-view.718271.shop
ir.ebaystatic.com |
5 | cdn0.forter.com |
adf0901f1861.cdn4.forter.com
|
2 | cdn3.forter.com |
adf0901f1861.cdn4.forter.com
|
2 | cdn9.forter.com | 1 redirects |
2 | www.signin.username-id-view.718271.shop |
www.signin.username-id-view.718271.shop
|
1 | fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com |
adf0901f1861.cdn4.forter.com
|
1 | adf0901f1861.cdn4.forter.com |
www.signin.username-id-view.718271.shop
|
21 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
signin.username-id-view.718271.shop Let's Encrypt Authority X3 |
2020-11-02 - 2021-01-31 |
3 months | crt.sh |
*.cdn4.forter.com DigiCert SHA2 Secure Server CA |
2020-09-20 - 2020-11-29 |
2 months | crt.sh |
www.ebay.com DigiCert SHA2 Secure Server CA |
2020-08-05 - 2021-08-06 |
a year | crt.sh |
cdn9.forter.com Amazon |
2020-05-27 - 2021-06-27 |
a year | crt.sh |
cdn3.forter.com DigiCert SHA2 Secure Server CA |
2019-03-24 - 2021-06-16 |
2 years | crt.sh |
*.cdn.forter.com DigiCert SHA2 Secure Server CA |
2020-09-18 - 2021-07-07 |
10 months | crt.sh |
cdn0.forter.com DigiCert SHA2 Secure Server CA |
2020-09-20 - 2021-06-13 |
9 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.signin.username-id-view.718271.shop/
Frame ID: 21B818FCE813F1352EB682164A256C78
Requests: 21 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://cdn9.forter.com/vchk2 HTTP 301
- https://cdn9.forter.com/vchk2/v1/28ed58c86d4a2d783926ba1f18fb06bea1b2970a7c8e4f64eae5635ce9c3c746ac7f4bce671454e5dff04ad0a677
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.signin.username-id-view.718271.shop/ |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/ |
147 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
34wtddjp0q1v1dtu2elv5jwg4yf.css
ir.ebaystatic.com/rs/v/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-render-ZiemCn4H.css
ir.ebaystatic.com/rs/c/ |
74 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nkfytkqtoxtljvzb.js
www.signin.username-id-view.718271.shop/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fxxj3ttftm5ltcqnto1o4baovyl.png
ir.ebaystatic.com/rs/v/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MarketSans-SemiBold-WebS.woff2
ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/ |
22 KB 22 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sgninui-src-static-images-FB-f-Logo__white_29-Nm8L0bDZ.png
ir.ebaystatic.com/rs/c/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sgninui-src-static-images-google-logo-icon-PNG-Transparent-Background-Z_TFsqo3.png
ir.ebaystatic.com/rs/c/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MarketSans-Regular-WebS.woff2
ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/ |
22 KB 22 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
70838565-0325-41dc-b723-acff57898fe5
https://www.signin.username-id-view.718271.shop/ |
3 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
413d623e-db13-4501-b5eb-4fbd3cf27f40
https://www.signin.username-id-view.718271.shop/ |
11 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
28ed58c86d4a2d783926ba1f18fb06bea1b2970a7c8e4f64eae5635ce9c3c746ac7f4bce671454e5dff04ad0a677
cdn9.forter.com/vchk2/v1/ Redirect Chain
|
0 284 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
cdn3.forter.com/ |
0 258 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
prop.json
fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com/ |
2 B 647 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prop.json
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/ |
20 B 383 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prop.json
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/ |
20 B 383 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prop.json
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/ |
20 B 383 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
wpt.json
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/ |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
wpt.json
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/ |
20 B 440 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
cdn3.forter.com/ |
0 257 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: eBay (E-commerce)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes number| $ssgST object| ftr__ext object| ftr__bufferW function| ftr__ object| ftr__scriptLoadOptions object| ftr__JSON33 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.signin.username-id-view.718271.shop/ | Name: ftr_ncd Value: 6 |
|
.signin.username-id-view.718271.shop/ | Name: forterToken Value: fb2ca01342854e01a191b691b323f75b___UDF43_ |
|
www.signin.username-id-view.718271.shop/ | Name: PHPSESSID Value: b1a93262b6da97e294734265f88d500a |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adf0901f1861.cdn4.forter.com
cdn0.forter.com
cdn3.forter.com
cdn9.forter.com
fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com
ir.ebaystatic.com
www.signin.username-id-view.718271.shop
13.226.132.67
18.213.255.128
194.33.40.58
2.21.38.12
34.197.14.79
54.192.206.32
54.91.24.155
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
53c410f2864972705c250f8c95f111e583c15f6efce891dae6f902c3490d97bf
5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0
56fbf97dc6629d06d83590f3c759381dacd1f6dfcd0f8af956ca3ab15b10e699
638b922afaf698954d85e00518fec3d3907c8fb405bfe6f4978ea49b24d9ffce
68fbd12d8185c9a5c91c1c45969143006741882d43e40ef0f76e4a292b2c5bea
6959429601a982f994b92298c1a9dd5009be8d941601163f38935651ee9b8051
75dceb1952ced6dab35cf68d3b6bf2f3d2ee9dd7b799ef2b5efb39323d093cc4
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
d1de97533f8c973f9eb1162098eee749715f058edb650efd69e9d6ac62b056b6
ddc0e53a53a7f1a3717a228192f7b0215b0b1c383331551387c73e81f68de8e6
ddd6e288270268de6b427fb4760e0d1384fff8e72a643faa642d4f51203b0efe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea65d451b778cad24f1eb8ed2c80baaa6fe6b135c33e06bd4f331644e7581f5